Date: Mon, 4 Feb 2008 22:04:34 +0300 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: NETHALFLM patch On Mon, Feb 04, 2008 at 12:06:47PM +0530, Dhirendra Singh Kholia wrote: > This patch adds support for cracking first 7 characters of LM response. Thank you for the contribution! Unfortunately, something (your webmail service?) has garbled the whitespace within the patch. Can you please re-post it by other means - e.g., using a regular mail client (SMTP) and with the patch as a text/plain attachment? Note that it is important to have MIME type of the attachment as text/plain in order for the patch to be readily visible in web-based archives of the list. > + tmp = (char *) mem_alloc(7 + strlen(challenge) + strlen(nethalflm) + 1); > + memset(tmp, 0, 7 + strlen(challenge) + strlen(nethalflm) + 1); > + sprintf(tmp, "$NETHALFLM$%s$%s", challenge, nethalflm); You don't need the memset() and you have a buffer overflow with the sprintf() - the constant should be 12, not 7. > + static char out[TOTAL_LENGTH + 1]; > + > + memset(out, 0, TOTAL_LENGTH + 1); > + memcpy(&out, ciphertext, TOTAL_LENGTH); You don't need the memset(), you only need: out[TOTAL_LENGTH] = 0; > + memset(password, 0, 7 + 1); memset() not needed since you use strncpy() below, which NUL-pads. > + memset(output, 0, 24); Too large. > + strncpy((char *) password, saved_plain, 14); Should be 7, not 14. > + memset(saved_plain, 0, PLAINTEXT_LENGTH + 1); > + strncpy(saved_plain, key, PLAINTEXT_LENGTH); No need for the memset() and for NUL-padding with strncpy() if you also use strncpy() on saved_plain later (above), but you do need NUL-termination for your get_key() (or you can do it there). > + /* Upper-case password */ > + for(i=0; i<PLAINTEXT_LENGTH; i++) > + if ((saved_plain[i] >= 'a') && (saved_plain[i] <= 'z')) > saved_plain[i] ^= 0x20; Should exit the loop on first NUL seen. > + FMT_8_BIT | FMT_BS | FMT_SPLIT_UNIFIES_CASE, FMT_BS is wrong here, it stands for "bitslice". > + fmt_default_binary_hash, > + fmt_default_binary_hash, > + fmt_default_binary_hash That's the special case of loader slowness that I've just mentioned in my previous posting... These are just some of the bugs and inefficiencies that I was able to spot quickly. Yet I do appreciate contributed patches. :-) Thanks again, -- Alexander Peslyak <solar at openwall.com> GPG key ID: 5B341F15 fp: B3FB 63F4 D7A3 BCCC 6F6E FC55 A2FC 027C 5B34 1F15 http://www.openwall.com - bringing security into open computing environments -- To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply to the automated confirmation request that will be sent to you.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.