Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 10 Sep 2012 19:36:29 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Cracking Office 2013 files with JtR

On 2012-09-10 18:55, Dhiru Kholia wrote:
> On Mon, Sep 10, 2012 at 10:13 PM, magnum <john.magnum@...hmail.com> wrote:
>> On 2012-09-10 18:34, Dhiru Kholia wrote:
>>> DeriveKey function can be changed so that it writes to a given static
>>> buffer (Office 2010 and 2013 code path do it this way). No possibility
>>> of memory leak then.
>>>
>>> (3) Same applied for "static unsigned char*
>>> GeneratePasswordHashUsingSHA1" function.

All alloc's are gone now.

>> BTW, I just now committed some assertions (well, just warning output) in
>> case DeriveKey() ends up not returning X1. Could that happen at all? If
>> not, no harm done. If it *can* happen, we will now rather warn than
>> segfault :)
> 
> I agree. At the end of DeriveKey following comment is present,
> 
> /* TODO: finish up this function */
> return NULL;
> 
> So far, I have not hit this part of the code ;)

On second thought I think I'll change it to bail out with error(). This
way, if we ever hit that, we'll have a .rec file that can reproduce the
fault.

>> I'll also verify all test hashes Rich supplied, or did you do that already?
> 
> IIRC I have tested "most" of Rich's test hashes but it would be great
> if you could add them to format's self-test (along with file name for
> tracking purposes). Thanks!.

I tested my fixes against all those hashes with and without OMP. All
seems fine. I'll include them in self-tests too soon.

magnum

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.