New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fixes #1338: hexify also all password of format $HEX[] #1340

Merged
merged 1 commit into from Aug 21, 2017

Conversation

Projects
None yet
2 participants
@philsmd
Member

philsmd commented Aug 21, 2017

The problem as described in #1338 could be that in very rare situation whenever the raw password was indeed starting with $HEX[ and ending with ] (and in between has only hex chars 0-9a-fA-F, the length is a multiple of 2), hashcat didn't convert it to $HEX[244845585b 5d] (i.e. hexify ($pass) where $pass is "$HEX[...]").

This could lead to a misinterpretation of the string because hashcat (if the plain was loaded again) would decode it as $HEX[] even if it was a raw password (and contain the literal sequence of bytes "$HEX[" and "]" at the end).

I suggest that in such a situation (very rare) we need to hexify the password again to avoid any confusion.

The user can always turn this behaviour of by using --outfile-autohex-disable.

Thx

@jsteube jsteube merged commit 2601c69 into hashcat:master Aug 21, 2017

1 of 2 checks passed

continuous-integration/appveyor/pr Waiting for AppVeyor build to complete
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment