Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 25 Jan 2010 18:39:25 -0600
From: "JFoug" <jfoug@....net>
To: <john-users@...ts.openwall.com>
Subject: Patch to John-1.7.4.2 after jumbo2

There is a bug in john (crash).  If you use a -w and do not provide a hash 
file (or no hashes of the proper type are loaded), john will crash.

So:

cat gen_1.in
2394894928f1efc505d46b9c5f49311c_1:md5_gen(1)2394894928f1efc505d46b9c5f49311c$jkA915IS
eea8fc6dbd862bb93d8f14e71f477a2a_password:md5_gen(1)eea8fc6dbd862bb93d8f14e71f477a2a$m1VjKm3w

john-1.7.4.2 -w=pw.dic gen_1.in
Loaded 2 password hashes with 2 different salts ( md5_gen(1): md5($p.$s) 
(joomla)  [md5-gen SSE2 16x4])
1                (2394894928f1efc505d46b9c5f49311c_1)
password         (eea8fc6dbd862bb93d8f14e71f477a2a_password)
guesses: 2  time: 0:00:00:00 100.00% (ETA: 01/25/10 18:33:59)  c/s: 8533 
trying: Skipping and* - enterNow

rm john.pot
john-1.7.4.2 -w=pw.dic -format=md5 gen_1.in

crash here.

What happened was the loading code was totally changed (for the better). 
When it returns, and there were no hashes loaded, the DB structure still has 
the list of them as a null value, and it is dereferenced PRIOR to the check 
for no hashes loaded.

I simply changed that, so if I know I am in pw mode, that I will first check 
to see if ANY hashes were loaded.  If not, then bail with 'no hashes loaded' 
message.  Again, we have to keep the other code, because we trim out hashes 
that were found in the john.pot file, so we may have loaded some, but then 
later removed them all, so the 2nd check (after the pot cleanup) is still 
needed to again state 'no hashes loaded'.

Jim.

Download attachment "john-1.7.4.2-jumbo2-jf-fix.patch" of type "application/octet-stream" (1241 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.