Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <CANWtx00Lqx7oW1cBqYG-Qd7E=Y5BnTaqBwk9ESva2y89ViTFww@mail.gmail.com>
Date: Sun, 9 Dec 2012 22:02:08 -0500
From: Rich Rumble <richrumble@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: enable ASLR or/and DEP for Windows builds of JtR

On Sun, Dec 9, 2012 at 6:32 PM, Solar Designer <solar@...nwall.com> wrote:
> On Sun, Dec 09, 2012 at 11:37:11AM -0500, Rich Rumble wrote:
>> > Summary: we should probably try adding -Wl,--nxcompat to Cygwin targets,
>> > and -Wl,--dynamicbase -Wl,--nxcompat to MinGW targets.
>> Does MinGW build work?
>
> I don't know.  JimF did have them working at some point.
Failed quickly for me: (john-1.7.9-jumbo-7)
In file included from dynamic_fmt.c:69:0:
sha.h:4:25: fatal error: openssl/sha.h: No such file or directory

>> > Anyone ready to try that?  (Then see if the flags are actually set, or
>> > better yet if ASLR or/and DEP actually work when the program is run.)
I thought about trying to add the flags, but I chickened out, figured
I'd put them in around line 1317 (win32-cygwin-x86-sse2i:) of the
makefile, but I don't know what I'm doing :)

> Apparently, the peflags program from Cygwin (package called "rebase"?)
> can do this too.
I tried peflags it seems to have worked on the face of it
peflags --dynamicbase=true --nxcompat=true ../run/john.exe

peflags ../run/john.exe -v
Warning: file has no relocation info but has dynbase set (../run/john.exe).
../run/john.exe:
coff(0x032f[+relocs_stripped,+executable_image,+line_nums_stripped,+local_syms_stripped,+bigaddr,+32bit_machine,+sepdbg])
pe(0x8140[+dynamicbase,+nxcompat,+tsaware])

 peflags ../run/john.exe -v      (fresh make)
../run/john.exe:
coff(0x032f[+relocs_stripped,+executable_image,+line_nums_stripped,+local_syms_stripped,+bigaddr,+32bit_machine,+sepdbg])
pe(0x8000[+tsaware])

PEstudio thinks it uses DEP, however Sysinternals (M$) process
explorer doesn't seem to think DEP is going when it's being run on XP.
It (process explorer) does see both ASLR and DEP in windows 7 when
dynamicbase and nxcompat are both set using peflags. XP must need
opt-in, haven't messed around with it in some time.
-rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.