Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Thu, 18 Jun 2015 13:33:54 +0200
From: Frank Dittrich <frank.dittrich@...lbox.org>
To: john-users@...ts.openwall.com
Subject: Re: Using loopback with regex could cause crash

On 05/25/2015 06:38 PM, Marek Wrzosek wrote:
> If john.pot contains e.g. "." and john is started with --loopback
> --rules=none --regex=case=alpha:case="\0" (--regex="\0" doesn't crash
> with the same john.pot) then this could happen:
> 
> buf=[sS][eE][xX][iI][sS]
> buf=0
> buf=[jJ]
> buf=[mM]
> buf=[pP]
> buf=2
> buf=9
> buf=[bB]
> buf=[cC]
> buf=[dD]
> buf=[lL]
> buf=[gG]
> buf=[wW]
> buf=.
> error: syntax error, unexpected $end
> Error, invalid regex expression.  John exiting now  base_word=.  Regex= .

Words containing '?' caused the same problem as words containing '.'.
Turns out regex mode did already handle other special characters, so I
just added handling '.' and '?' in a similar way.
Commit
https://github.com/magnumripper/JohnTheRipper/commit/b9ae4161c19576a99f9b1f79ed551170a042a894
fixes the issue.

Frank

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.