Skip to content

Commit 682009e

Browse files
kholiamagnumripper
kholia
authored and
magnumripper
committed
Fix cracking of empty keystores
1 parent 8388c55 commit 682009e

2 files changed

Lines changed: 34 additions & 19 deletions

File tree

src/keystore_common_plug.c

Lines changed: 12 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ MAYBE_INLINE static int keystore_common_valid(char *ciphertext, struct fmt_main
2828
char *p;
2929
char *ctcopy;
3030
char *keeptr;
31-
int target;
31+
int target, nkeys;
3232
int v, extra;
3333
if (strncmp(ciphertext, FORMAT_TAG, FORMAT_TAG_LEN) != 0)
3434
return 0;
@@ -59,19 +59,25 @@ MAYBE_INLINE static int keystore_common_valid(char *ciphertext, struct fmt_main
5959
goto bail;
6060
if (!isdec(p))
6161
goto bail;
62-
/* currently we support only 1 key */
63-
if (atoi(p) != 1)
62+
nkeys = atoi(p);
63+
/* target 0 supports empty keystores, target 1 requires a key blob */
64+
if ((target == 0 && nkeys != 0 && nkeys != 1) ||
65+
(target == 1 && nkeys != 1))
6466
goto bail;
6567
if ((p = strtokm(NULL, "$")) == NULL) /* key length */
6668
goto bail;
6769
if (!isdec(p))
6870
goto bail;
6971
v = atoi(p);
70-
if (v > MAX_SALT_SIZE)
72+
if (nkeys == 0 && v != 0)
7173
goto bail;
72-
if ((p = strtokm(NULL, "$")) == NULL) /* key data */
74+
if (v > MAX_SALT_SIZE)
7375
goto bail;
74-
if (hexlenl(p, &extra) != v*2 || extra)
76+
p = strtokm(NULL, "$"); /* key data */
77+
if (p == NULL) {
78+
if (nkeys != 0 || v != 0)
79+
goto bail;
80+
} else if (hexlenl(p, &extra) != v*2 || extra)
7581
goto bail;
7682
MEM_FREE(keeptr);
7783
return 1;

src/keystore_fmt_plug.c

Lines changed: 22 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -337,10 +337,12 @@ static void *get_salt(char *ciphertext)
337337
p = strtokm(NULL, "$");
338338
cs.keysize = atoi(p);
339339
p = strtokm(NULL, "$");
340-
cs.keydata = mem_alloc_tiny(cs.keysize, 1);
341-
for (i = 0; i < cs.keysize; i++)
342-
cs.keydata[i] = atoi16[ARCH_INDEX(p[i * 2])] * 16
343-
+ atoi16[ARCH_INDEX(p[i * 2 + 1])];
340+
cs.keydata = mem_alloc_tiny(cs.keysize ? cs.keysize : 1, 1);
341+
if (p) {
342+
for (i = 0; i < cs.keysize; i++)
343+
cs.keydata[i] = atoi16[ARCH_INDEX(p[i * 2])] * 16
344+
+ atoi16[ARCH_INDEX(p[i * 2 + 1])];
345+
}
344346
if (cs.target == 1) {
345347
const unsigned char *extracted;
346348
int extracted_len;
@@ -430,7 +432,8 @@ static int crypt_all(int *pcount, struct db_salt *salt)
430432
tid = omp_get_thread_num();
431433
#endif
432434
len = saved_len[MixOrder[index]];
433-
if (keystore_cur_salt->target == 0 && len >= 4 && len <= 24) {
435+
if (keystore_cur_salt->target == 0 && keystore_cur_salt->count > 0 &&
436+
len >= 4 && len <= 24) {
434437
unsigned char *po;
435438
po = (unsigned char*)cursimd->first_blk[tid][len-4];
436439
for (x = 0; x < MIN_KEYS_PER_CRYPT; ++x) {
@@ -468,14 +471,20 @@ static int crypt_all(int *pcount, struct db_salt *salt)
468471

469472
#endif
470473
if (keystore_cur_salt->target == 0) {
471-
if (dirty)
472-
getPreKeyedHash(MixOrder[index]);
473-
if (saved_len[MixOrder[index]] == 0)
474-
memcpy(crypt_out[MixOrder[index]], keystore_cur_salt->data_hash, 20);
475-
else {
476-
memcpy(&ctx, &saved_ctx[MixOrder[index]], sizeof(ctx));
477-
SHA1_Update(&ctx, keystore_cur_salt->data, keystore_cur_salt->data_length);
478-
SHA1_Final((unsigned char*)crypt_out[MixOrder[index]], &ctx);
474+
int x;
475+
for (x = 0; x < MIN_KEYS_PER_CRYPT; x++) {
476+
int idx = MixOrder[index + x];
477+
if (idx >= count)
478+
continue;
479+
if (dirty)
480+
getPreKeyedHash(idx);
481+
if (saved_len[idx] == 0)
482+
memcpy(crypt_out[idx], keystore_cur_salt->data_hash, 20);
483+
else {
484+
memcpy(&ctx, &saved_ctx[idx], sizeof(ctx));
485+
SHA1_Update(&ctx, keystore_cur_salt->data, keystore_cur_salt->data_length);
486+
SHA1_Final((unsigned char*)crypt_out[idx], &ctx);
487+
}
479488
}
480489
} else {
481490
int x;

0 commit comments

Comments
 (0)