Permalink
Browse files

Dynamic fixes, from Jim.

Here is the patch which should 'fix' both issues. It contains the changes to
dyna.conf  (with x86 lengths at 80-32).  There was bugs in the loader. It
chopped any pw length over 55 down to 55 (for non mmx builds).  It 'should'
have been 80 chars. Actually it 'could' have been 128-9, but I put the length
at 80, and there are quite a few things that were banking on that.
  • Loading branch information...
1 parent acb3c16 commit 89efdd122165206ad593b3ef2416792c7be6c6c3 @jfoug jfoug committed with Dec 31, 2012
Showing with 8 additions and 18 deletions.
  1. +3 −13 run/dynamic.conf
  2. +4 −4 src/dynamic_fmt.c
  3. +1 −1 src/formats.c
View
16 run/dynamic.conf
@@ -8,7 +8,6 @@
# expression shown will be the string: dynamic_1001 md5(md5(md5(md5($p))))
Expression=md5(md5(md5(md5($p))))
Flag=MGF_KEYS_INPUT
-MaxInputLenX86=55
# here is the optimized 'script' to perform the md5 4 times on itself.
Func=DynamicFunc__crypt_md5
Func=DynamicFunc__clean_input2
@@ -31,7 +30,6 @@ Test=$dynamic_1001$0ae9549604e539a249c1fa9f5e5fb73b:test3
# expression shown will be the string: dynamic_1002 md5(md5(md5(md5(md5($p)))))
Expression=md5(md5(md5(md5(md5($p)))))
Flag=MGF_KEYS_INPUT
-MaxInputLenX86=55
# here is the optimized 'script' to perform the md5 5 times on itself.
Func=DynamicFunc__crypt_md5
Func=DynamicFunc__clean_input2
@@ -63,7 +61,6 @@ Expression=md5(md5($p).md5($p))
Flag=MGF_NOTSSE2Safe
Flag=MGF_KEYS_INPUT
Flag=MGF_FULL_CLEAN_REQUIRED
-MaxInputLenX86=55
# here is the optimized 'script' to perform hash 'like' IPB but salt replaced with password.
Func=DynamicFunc__crypt_md5
Func=DynamicFunc__clean_input2_kwik
@@ -82,7 +79,6 @@ Test=$dynamic_1003$630b01b68b6db6fd43a751f8147d1faf:test3
# expression shown will be the string: dynamic_1004 md5(md5(md5(md5(md5(md5($p))))))
Expression=md5(md5(md5(md5(md5(md5($p))))))
Flag=MGF_KEYS_INPUT
-MaxInputLenX86=55
# here is the optimized 'script' to perform the md5 6 times on itself.
Func=DynamicFunc__crypt_md5
Func=DynamicFunc__clean_input2
@@ -113,7 +109,6 @@ Test=$dynamic_1004$a977990e521c5d1d17c6d65fdf2681b4:test3
# expression shown will be the string: dynamic_1005 md5(md5(md5(md5(md5(md5(md5($p)))))))
Expression=md5(md5(md5(md5(md5(md5(md5($p)))))))
Flag=MGF_KEYS_INPUT
-MaxInputLenX86=55
# here is the optimized 'script' to perform the md5 7 times on itself.
Func=DynamicFunc__crypt_md5
Func=DynamicFunc__clean_input2
@@ -146,7 +141,6 @@ Test=$dynamic_1005$abb8bdd2c6ac2dfea2b2af6f5aed5446:test3
# expression shown will be the string: dynamic_1006 md5(md5(md5(md5(md5(md5(md5(md5($p))))))))
Expression=md5(md5(md5(md5(md5(md5(md5(md5($p))))))))
Flag=MGF_KEYS_INPUT
-MaxInputLenX86=55
# here is the optimized 'script' to perform the md5 8 times on itself.
Func=DynamicFunc__crypt_md5
Func=DynamicFunc__clean_input2
@@ -184,7 +178,6 @@ Expression=md5(md5($p).$s) (vBulletin)
# Flag needed here, is Salt. There is no 'fixed' saltlen.
Flag=MGF_SALTED
Flag=MGF_KEYS_BASE16_IN1
-MaxInputLenX86=55
# vBulletin has a 'fixed' 3 byte salt, so list the fixed size
SaltLen=3
# here is the optimized 'script' to perform vBulletin hash
@@ -203,7 +196,6 @@ Test=$dynamic_1007$fb685c6f469f6e549c85e4c1fb5a65a6$HEX$5C483A:test3
Expression=md5($p.$s) (RADIUS User-Password)
# Flag needed here, is Salt
Flag=MGF_SALTED
-MaxInputLenX86=55
# The salt has a fixed length of 16 bytes
Saltlen=16
Func=DynamicFunc__clean_input
@@ -228,7 +220,6 @@ Test=$dynamic_1008$bf239357f3aa95508a53fe41b7e5f2e3$inthem$HEXiddle6:secret
[List.Generic:dynamic_1009]
Expression=md5($s.$p) (RADIUS Responses)
Flag=MGF_SALTED
-MaxInputLenX86=55
Saltlen=-16
Func=DynamicFunc__clean_input
Func=DynamicFunc__append_salt
@@ -245,7 +236,6 @@ Test=$dynamic_1009$05ed3fc5e044d559290c400254e568c9$1:hackme
Expression=md5($p null_padded_to_len_100) RAdmin v2.x MD5
Flag=MGF_NOTSSE2Safe
Flag=MGF_KEYS_INPUT
-MaxInputLenX86=55
Func=DynamicFunc__set_input_len_100
Func=DynamicFunc__crypt_md5
Test=$dynamic_1010$B137F09CF92F465CABCA06AB1B283C1F:lastwolf
@@ -263,7 +253,7 @@ Test=$dynamic_1010$60cb8e411b02c10ecc3c98e29e830de8:xplicit
[List.Generic:dynamic_1011]
Expression=md5($p.md5($s)) (WebEdition CMS)
Flag=MGF_SALTED
-MaxInputLenX86=55
+MaxInputLenX86=48
MaxInputLen=23
Func=DynamicFunc__clean_input
Func=DynamicFunc__append_salt
@@ -286,7 +276,7 @@ Test=$dynamic_1011$14f8b3781f19a3b7ea520311482ce207$openwall:openwall
Expression=md5($p.md5($s)) (WebEdition CMS)
Flag=MGF_SALTED
Flag=MGF_SALT_AS_HEX
-MaxInputLenX86=55
+MaxInputLenX86=48
MaxInputLen=23
Func=DynamicFunc__clean_input
Func=DynamicFunc__append_keys
@@ -304,7 +294,7 @@ Test=$dynamic_1012$14f8b3781f19a3b7ea520311482ce207$openwall:openwall
[List.Generic:dynamic_1013]
Expression=md5($p.PMD5(username)) (WebEdition CMS)
Flag=MGF_SALTED
-MaxInputLenX86=55
+MaxInputLenX86=48
MaxInputLen=23
Func=DynamicFunc__clean_input
Func=DynamicFunc__append_keys
View
8 src/dynamic_fmt.c
@@ -1193,8 +1193,8 @@ static void set_key(char *key, int index)
}
#endif
len = strlen(key);
- if (len > 55) // we never do UTF-8 -> UTF-16 in this mode
- len = 55;
+ if (len > 80) // we never do UTF-8 -> UTF-16 in this mode
+ len = 80;
// if(index==0) {
// we 'have' to use full clean here. NOTE 100% sure why, but 10 formats fail if we do not.
@@ -1211,8 +1211,8 @@ static void set_key(char *key, int index)
else
{
len = strlen(key);
- if (len > 55 && !(fmt_Dynamic.params.flags & FMT_UNICODE))
- len = 55;
+ if (len > 80 && !(fmt_Dynamic.params.flags & FMT_UNICODE))
+ len = 80;
// if(index==0) {
// DynamicFunc__clean_input();
// }
View
2 src/formats.c
@@ -165,7 +165,7 @@ char *fmt_self_test(struct fmt_main *format)
ml + 1) > ml)
sprintf(s_size, "max. length in index %d: wrote %d, got longer back", i, ml);
else
- sprintf(s_size, "max. length in index %d: wrote %d, got %zu back", i, ml, strlen(format->methods.get_key(i)));
+ sprintf(s_size, "max. length in index %d: wrote %d, got %d back", i, ml, (int)strlen(format->methods.get_key(i)));
return s_size;
}
}

0 comments on commit 89efdd1

Please sign in to comment.