Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 10 Sep 2015 13:18:50 -0500
From: JimF <jfoug@....net>
To: john-dev@...ts.openwall.com
Subject: Re: auditing our use of FMT_* flags

I have created a new method of test, within format, and many hashes are 
now showing this bug.  I have just
tested with one of them and it absolutely is buggy, so I be the rest are 
also.

that thread is: https://github.com/magnumripper/JohnTheRipper/pull/1741

That thread lists the formats which are wrong, the pseudo-code I used, 
and a patch to the actual format. However, I would recommend that we do 
NOT patch this yet, at least not put the patched code into the 
bleeding-jumbo git repo, until we update all of these formats to not 
have this bug.

This is the list of formats which we either need to fix with a split 
that cases, OR with valid that rejects.  Many should be fixed by a 
rejecting valid, especially if all hashes are generated by a *2john 
script, OR if the server they were taken from specifies the hash should 
be uppercase (or lowercase), and it always outputs in that 1 case (i.e. 
real hashes).

Jim.

Here is the list. I was quite surprised it was this large.

|Testing: OpenBSD-SoftRAID (8192 iterations) [PBKDF2-SHA1 32/32]... 
FAILED (split() case, or valid() should fail) Testing: dynamic=md5($p) 
32/32 (MD5_body) [dynamic_6000]... FAILED (split() case, or valid() 
should fail) Testing: PBKDF2-HMAC-MD5 [PBKDF2-MD5 32/32]... FAILED 
(split() case, or valid() should fail) Testing: Oracle12C [PBKDF2-SHA512 
32/32]... FAILED (split() case, or valid() should fail) Testing: has-160 
[HAS-160 32/32]... FAILED (split() case, or valid() should fail) 
Testing: pomelo [POMELO 32/32]... FAILED (split() case, or valid() 
should fail) Testing: tc_aes_xts, TrueCrypt AES256_XTS [SHA512 32/32 
/RIPEMD160/WHIRLPOOL]... FAILED (split() case, or valid() should fail) 
Testing: tc_ripemd160, TrueCrypt AES256_XTS [RIPEMD160 32/32]... FAILED 
(split() case, or valid() should fail) Testing: tc_sha512, TrueCrypt 
AES256_XTS [SHA512 32/32]... FAILED (split() case, or valid() should 
fail) Testing: tc_whirlpool, TrueCrypt AES256_XTS [WHIRLPOOL 32/32]... 
FAILED (split() case, or valid() should fail) Testing: PFX, PKCS12 
(.pfx, .p12) [32/32]... FAILED (split() case, or valid() should fail) 
Testing: SSH (one 2048-bit RSA and one 1024-bit DSA key) [RSA/DSA 
32/32]... FAILED (split() case, or valid() should fail) Testing: rsvp, 
HMAC-MD5 / HMAC-SHA1, RSVP, IS-IS [MD5 32/32]... FAILED (split() case, 
or valid() should fail) Testing: eigrp, EIGRP MD5 / HMAC-SHA-256 
authentication [MD5 32/32]... FAILED (split() case, or valid() should 
fail) Testing: Mozilla, Mozilla key3.db [SHA1 3DES 32/32]... FAILED 
(split() case, or valid() should fail) Testing: vtp, "MD5 based 
authentication" VTP [MD5 32/32]... FAILED (split() case, or valid() 
should fail) Testing: dmd5, DIGEST-MD5 C/R [MD5 32/32]... FAILED 
(split() case, or valid() should fail) Testing: EPI, EPiServer SID [SHA1 
32/32]... FAILED (split() case, or valid() should fail) Testing: ipb2, 
Invision Power Board 2.x [MD5 32/32]... FAILED (split() case, or valid() 
should fail) Testing: krb4, Kerberos v4 TGT [DES 32/32]... FAILED 
(split() case, or valid() should fail) Testing: krb5, Kerberos v5 TGT 
[3DES 32/32]... FAILED (split() case, or valid() should fail) Testing: 
KeePass [SHA256 AES 32/32 OpenSSL]... FAILED (split() case, or valid() 
should fail) Testing: skey, S/Key [MD4/MD5/SHA1/RMD160 32/32]... FAILED 
(split() case, or valid() should fail) Testing: agilekeychain, 1Password 
Agile Keychain [PBKDF2-SHA1 AES 32/32]... FAILED (split() case, or 
valid() should fail) Testing: Blockchain, My Wallet (x10) [PBKDF2-SHA1 
AES 32/32]... FAILED (split() case, or valid() should fail) Testing: 
chap, iSCSI CHAP authentication [MD5 32/32]... FAILED (split() case, or 
valid() should fail) Testing: cloudkeychain, 1Password Cloud Keychain 
[PBKDF2-SHA512 32/32]... FAILED (split() case, or valid() should fail) 
Testing: dmg, Apple DMG [PBKDF2-SHA1 3DES/AES 32/32]... FAILED (split() 
case, or valid() should fail) Testing: eCryptfs (65536x) [SHA512 32/32 
OpenSSL]... FAILED (split() case, or valid() should fail) Testing: EFS 
[PBKDF2-SHA1-efs-variant 3DES 32/32]... FAILED (split() case, or valid() 
should fail) Testing: EncFS [PBKDF2-SHA1 AES/Blowfish 32/32]... FAILED 
(split() case, or valid() should fail) Testing: fde, Android FDE 
[PBKDF2-SHA1 SHA256/AES 32/32]... FAILED (split() case, or valid() 
should fail) Testing: gpg, OpenPGP / GnuPG Secret Key [32/32]... FAILED 
(split() case, or valid() should fail) Testing: keychain, Mac OS X 
Keychain [PBKDF2-SHA1 3DES 32/32]... FAILED (split() case, or valid() 
should fail) Testing: keyring, GNOME Keyring [SHA256 AES 32/32 
OpenSSL]... FAILED (split() case, or valid() should fail) Testing: 
keystore, Java KeyStore [SHA1 32/32]... FAILED (split() case, or valid() 
should fail) Testing: kwallet, KDE KWallet [SHA1 32/32]... FAILED 
(split() case, or valid() should fail) Testing: lotus5, Lotus 
Notes/Domino 5 [8/32 X2]... FAILED (split() case, or valid() should 
fail) Testing: lotus85, Lotus Notes/Domino 8.5 [8/32]... FAILED (split() 
case, or valid() should fail) Testing: MD2 [MD2 32/32]... FAILED 
(split() case, or valid() should fail) Testing: MongoDB, system / 
network [MD5 32/32]... FAILED (split() case, or valid() should fail) 
Testing: mssql, MS SQL [SHA1 32/32]... FAILED (split() case, or valid() 
should fail) Testing: mssql05, MS SQL 2005 [SHA1 32/32]... FAILED 
(split() case, or valid() should fail) Testing: mssql12, MS SQL 
2012/2014 [SHA512 32/32 OpenSSL]... FAILED (split() case, or valid() 
should fail) Testing: nk, Nuked-Klan CMS [SHA1 MD5 32/32]... FAILED 
(split() case, or valid() should fail) Testing: o5logon, Oracle O5LOGON 
protocol [SHA1 AES 32/32]... FAILED (split() case, or valid() should 
fail) Testing: ODF [SHA1/SHA256 BF/AES 32/32 OpenSSL]... FAILED (split() 
case, or valid() should fail) Testing: Office, 2007/2010/2013 [SHA1 
32/32 / SHA512 32/32 OpenSSL AES]... FAILED (split() case, or valid() 
should fail) Testing: oldoffice, MS Office <= 2003 [MD5/SHA1 RC4 
32/32]... FAILED (split() case, or valid() should fail) Testing: 
openssl-enc, OpenSSL "enc" encryption [32/32]... FAILED (split() case, 
or valid() should fail) Testing: oracle11, Oracle 11g [SHA1 32/32]... 
FAILED (split() case, or valid() should fail) Testing: Panama [Panama 
32/32]... FAILED (split() case, or valid() should fail) Testing: PDF 
[MD5 SHA2 RC4/AES 32/32]... FAILED (split() case, or valid() should 
fail) Testing: PKZIP [32/32]... FAILED (split() case, or valid() should 
fail) Testing: postgres, PostgreSQL C/R [MD5 32/32]... FAILED (split() 
case, or valid() should fail) Testing: PST, custom CRC-32 [32/32]... 
FAILED (split() case, or valid() should fail) Testing: PuTTY, Private 
Key [SHA1/AES 32/32]... FAILED (split() case, or valid() should fail) 
Testing: RACF [DES 32/32]... FAILED (split() case, or valid() should 
fail) Testing: RAdmin, v2.x [MD5 32/32]... FAILED (split() case, or 
valid() should fail) Testing: rar, RAR3 (4 characters) [SHA1 AES 
32/32]... FAILED (split() case, or valid() should fail) Testing: RAR5 
[PBKDF2-SHA256 32/32 OpenSSL]... FAILED (split() case, or valid() should 
fail) Testing: 7z, 7-Zip (512K iterations) [SHA256 32/32 AES]... FAILED 
(split() case, or valid() should fail) Testing: Snefru-128 [32/32]... 
FAILED (split() case, or valid() should fail) Testing: Snefru-256 
[32/32]... FAILED (split() case, or valid() should fail) Testing: SSH-ng 
[RSA/DSA 32/32]... FAILED (split() case, or valid() should fail) 
Testing: STRIP, Password Manager [PBKDF2-SHA1 32/32]... FAILED (split() 
case, or valid() should fail) Testing: sxc, StarOffice .sxc [SHA1 
Blowfish 32/32]... FAILED (split() case, or valid() should fail) 
Testing: Sybase-PROP [salted FEAL-8 32/32]... FAILED (split() case, or 
valid() should fail) Testing: VNC [DES 32/32]... FAILED (split() case, 
or valid() should fail) Testing: wbb3, WoltLab BB3 [SHA1 32/32]... 
FAILED (split() case, or valid() should fail)|



On 9/10/2015 12:56 PM, Solar Designer wrote:
> On Thu, Sep 10, 2015 at 07:47:49PM +0300, Solar Designer wrote:
>> On Thu, Sep 10, 2015 at 10:57:41AM +0800, Kai Zhao wrote:
>>> If my understand is right, the 'AFS' format maybe has the #3 error.
>> Yes, it appears to have that error, and I think I'll prefer the
>> alternative fix (have it refuse to handle the other case), since those
>> strings are meant to be produced with our own unafs program.
> I've just fixed this in the core tree in CVS.  magnum should merge into
> jumbo on GitHub.
>
> Thanks!
>
> Alexander


Content of type "text/html" skipped

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.