[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 10 Sep 2015 13:18:50 -0500
From: JimF <jfoug@....net>
To: john-dev@...ts.openwall.com
Subject: Re: auditing our use of FMT_* flags
I have created a new method of test, within format, and many hashes are
now showing this bug. I have just
tested with one of them and it absolutely is buggy, so I be the rest are
also.
that thread is: https://github.com/magnumripper/JohnTheRipper/pull/1741
That thread lists the formats which are wrong, the pseudo-code I used,
and a patch to the actual format. However, I would recommend that we do
NOT patch this yet, at least not put the patched code into the
bleeding-jumbo git repo, until we update all of these formats to not
have this bug.
This is the list of formats which we either need to fix with a split
that cases, OR with valid that rejects. Many should be fixed by a
rejecting valid, especially if all hashes are generated by a *2john
script, OR if the server they were taken from specifies the hash should
be uppercase (or lowercase), and it always outputs in that 1 case (i.e.
real hashes).
Jim.
Here is the list. I was quite surprised it was this large.
|Testing: OpenBSD-SoftRAID (8192 iterations) [PBKDF2-SHA1 32/32]...
FAILED (split() case, or valid() should fail) Testing: dynamic=md5($p)
32/32 (MD5_body) [dynamic_6000]... FAILED (split() case, or valid()
should fail) Testing: PBKDF2-HMAC-MD5 [PBKDF2-MD5 32/32]... FAILED
(split() case, or valid() should fail) Testing: Oracle12C [PBKDF2-SHA512
32/32]... FAILED (split() case, or valid() should fail) Testing: has-160
[HAS-160 32/32]... FAILED (split() case, or valid() should fail)
Testing: pomelo [POMELO 32/32]... FAILED (split() case, or valid()
should fail) Testing: tc_aes_xts, TrueCrypt AES256_XTS [SHA512 32/32
/RIPEMD160/WHIRLPOOL]... FAILED (split() case, or valid() should fail)
Testing: tc_ripemd160, TrueCrypt AES256_XTS [RIPEMD160 32/32]... FAILED
(split() case, or valid() should fail) Testing: tc_sha512, TrueCrypt
AES256_XTS [SHA512 32/32]... FAILED (split() case, or valid() should
fail) Testing: tc_whirlpool, TrueCrypt AES256_XTS [WHIRLPOOL 32/32]...
FAILED (split() case, or valid() should fail) Testing: PFX, PKCS12
(.pfx, .p12) [32/32]... FAILED (split() case, or valid() should fail)
Testing: SSH (one 2048-bit RSA and one 1024-bit DSA key) [RSA/DSA
32/32]... FAILED (split() case, or valid() should fail) Testing: rsvp,
HMAC-MD5 / HMAC-SHA1, RSVP, IS-IS [MD5 32/32]... FAILED (split() case,
or valid() should fail) Testing: eigrp, EIGRP MD5 / HMAC-SHA-256
authentication [MD5 32/32]... FAILED (split() case, or valid() should
fail) Testing: Mozilla, Mozilla key3.db [SHA1 3DES 32/32]... FAILED
(split() case, or valid() should fail) Testing: vtp, "MD5 based
authentication" VTP [MD5 32/32]... FAILED (split() case, or valid()
should fail) Testing: dmd5, DIGEST-MD5 C/R [MD5 32/32]... FAILED
(split() case, or valid() should fail) Testing: EPI, EPiServer SID [SHA1
32/32]... FAILED (split() case, or valid() should fail) Testing: ipb2,
Invision Power Board 2.x [MD5 32/32]... FAILED (split() case, or valid()
should fail) Testing: krb4, Kerberos v4 TGT [DES 32/32]... FAILED
(split() case, or valid() should fail) Testing: krb5, Kerberos v5 TGT
[3DES 32/32]... FAILED (split() case, or valid() should fail) Testing:
KeePass [SHA256 AES 32/32 OpenSSL]... FAILED (split() case, or valid()
should fail) Testing: skey, S/Key [MD4/MD5/SHA1/RMD160 32/32]... FAILED
(split() case, or valid() should fail) Testing: agilekeychain, 1Password
Agile Keychain [PBKDF2-SHA1 AES 32/32]... FAILED (split() case, or
valid() should fail) Testing: Blockchain, My Wallet (x10) [PBKDF2-SHA1
AES 32/32]... FAILED (split() case, or valid() should fail) Testing:
chap, iSCSI CHAP authentication [MD5 32/32]... FAILED (split() case, or
valid() should fail) Testing: cloudkeychain, 1Password Cloud Keychain
[PBKDF2-SHA512 32/32]... FAILED (split() case, or valid() should fail)
Testing: dmg, Apple DMG [PBKDF2-SHA1 3DES/AES 32/32]... FAILED (split()
case, or valid() should fail) Testing: eCryptfs (65536x) [SHA512 32/32
OpenSSL]... FAILED (split() case, or valid() should fail) Testing: EFS
[PBKDF2-SHA1-efs-variant 3DES 32/32]... FAILED (split() case, or valid()
should fail) Testing: EncFS [PBKDF2-SHA1 AES/Blowfish 32/32]... FAILED
(split() case, or valid() should fail) Testing: fde, Android FDE
[PBKDF2-SHA1 SHA256/AES 32/32]... FAILED (split() case, or valid()
should fail) Testing: gpg, OpenPGP / GnuPG Secret Key [32/32]... FAILED
(split() case, or valid() should fail) Testing: keychain, Mac OS X
Keychain [PBKDF2-SHA1 3DES 32/32]... FAILED (split() case, or valid()
should fail) Testing: keyring, GNOME Keyring [SHA256 AES 32/32
OpenSSL]... FAILED (split() case, or valid() should fail) Testing:
keystore, Java KeyStore [SHA1 32/32]... FAILED (split() case, or valid()
should fail) Testing: kwallet, KDE KWallet [SHA1 32/32]... FAILED
(split() case, or valid() should fail) Testing: lotus5, Lotus
Notes/Domino 5 [8/32 X2]... FAILED (split() case, or valid() should
fail) Testing: lotus85, Lotus Notes/Domino 8.5 [8/32]... FAILED (split()
case, or valid() should fail) Testing: MD2 [MD2 32/32]... FAILED
(split() case, or valid() should fail) Testing: MongoDB, system /
network [MD5 32/32]... FAILED (split() case, or valid() should fail)
Testing: mssql, MS SQL [SHA1 32/32]... FAILED (split() case, or valid()
should fail) Testing: mssql05, MS SQL 2005 [SHA1 32/32]... FAILED
(split() case, or valid() should fail) Testing: mssql12, MS SQL
2012/2014 [SHA512 32/32 OpenSSL]... FAILED (split() case, or valid()
should fail) Testing: nk, Nuked-Klan CMS [SHA1 MD5 32/32]... FAILED
(split() case, or valid() should fail) Testing: o5logon, Oracle O5LOGON
protocol [SHA1 AES 32/32]... FAILED (split() case, or valid() should
fail) Testing: ODF [SHA1/SHA256 BF/AES 32/32 OpenSSL]... FAILED (split()
case, or valid() should fail) Testing: Office, 2007/2010/2013 [SHA1
32/32 / SHA512 32/32 OpenSSL AES]... FAILED (split() case, or valid()
should fail) Testing: oldoffice, MS Office <= 2003 [MD5/SHA1 RC4
32/32]... FAILED (split() case, or valid() should fail) Testing:
openssl-enc, OpenSSL "enc" encryption [32/32]... FAILED (split() case,
or valid() should fail) Testing: oracle11, Oracle 11g [SHA1 32/32]...
FAILED (split() case, or valid() should fail) Testing: Panama [Panama
32/32]... FAILED (split() case, or valid() should fail) Testing: PDF
[MD5 SHA2 RC4/AES 32/32]... FAILED (split() case, or valid() should
fail) Testing: PKZIP [32/32]... FAILED (split() case, or valid() should
fail) Testing: postgres, PostgreSQL C/R [MD5 32/32]... FAILED (split()
case, or valid() should fail) Testing: PST, custom CRC-32 [32/32]...
FAILED (split() case, or valid() should fail) Testing: PuTTY, Private
Key [SHA1/AES 32/32]... FAILED (split() case, or valid() should fail)
Testing: RACF [DES 32/32]... FAILED (split() case, or valid() should
fail) Testing: RAdmin, v2.x [MD5 32/32]... FAILED (split() case, or
valid() should fail) Testing: rar, RAR3 (4 characters) [SHA1 AES
32/32]... FAILED (split() case, or valid() should fail) Testing: RAR5
[PBKDF2-SHA256 32/32 OpenSSL]... FAILED (split() case, or valid() should
fail) Testing: 7z, 7-Zip (512K iterations) [SHA256 32/32 AES]... FAILED
(split() case, or valid() should fail) Testing: Snefru-128 [32/32]...
FAILED (split() case, or valid() should fail) Testing: Snefru-256
[32/32]... FAILED (split() case, or valid() should fail) Testing: SSH-ng
[RSA/DSA 32/32]... FAILED (split() case, or valid() should fail)
Testing: STRIP, Password Manager [PBKDF2-SHA1 32/32]... FAILED (split()
case, or valid() should fail) Testing: sxc, StarOffice .sxc [SHA1
Blowfish 32/32]... FAILED (split() case, or valid() should fail)
Testing: Sybase-PROP [salted FEAL-8 32/32]... FAILED (split() case, or
valid() should fail) Testing: VNC [DES 32/32]... FAILED (split() case,
or valid() should fail) Testing: wbb3, WoltLab BB3 [SHA1 32/32]...
FAILED (split() case, or valid() should fail)|
On 9/10/2015 12:56 PM, Solar Designer wrote:
> On Thu, Sep 10, 2015 at 07:47:49PM +0300, Solar Designer wrote:
>> On Thu, Sep 10, 2015 at 10:57:41AM +0800, Kai Zhao wrote:
>>> If my understand is right, the 'AFS' format maybe has the #3 error.
>> Yes, it appears to have that error, and I think I'll prefer the
>> alternative fix (have it refuse to handle the other case), since those
>> strings are meant to be produced with our own unafs program.
> I've just fixed this in the core tree in CVS. magnum should merge into
> jumbo on GitHub.
>
> Thanks!
>
> Alexander
Content of type "text/html" skipped
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
