Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <010301ce0744$a28a0d50$e79e27f0$@net>
Date: Sat, 9 Feb 2013 22:11:00 -0600
From: "jfoug" <jfoug@....net>
To: <john-dev@...ts.openwall.com>
Subject: RE: formats failing test on big-endian

Here is the fix.  For BE (at least sparc builds), we use the older MD5_Body code (at least for phpass).  That format is limited to 1 block, just like SSE.  Thus for phpass, there is a 38 byte limit.   The format test triggered it, probably with a buffer overwrite.

We also need to use the TS to make sure there are not other lurking overwrite problems.

Jim.

-----Original Message-----
From: jfoug@....net [mailto:jfoug@....net] 
Sent: Saturday, February 09, 2013 21:34
To: john-dev@...ts.openwall.com
Cc: magnum
Subject: Re: [john-dev] formats failing test on big-endian

If this part of the self test is not done:

format.c
+		lengthcheck = 2;
		if (lengthcheck == 0 && max == 1) {
			lengthcheck = 2;

then dyna_17 works on BE system.  I am not sure the reason why, but something is certainly not right.  I will keep looking.  I know the above 'fix' is not right.  But it does show the format is working.  It must be something like clear_keys not being properly used for phpass, or something like that.  phpass within dyna IS a 'special' format, so there may be newer features that are not properly set.

Kinda hard right now for me to code much. I cut about 3mm of the tip of my middle finger last night.  Kinda hard to type right now, lol.

Jim.

---- jfoug@....net wrote: 
> 
> ---- magnum <john.magnum@...hmail.com> wrote: 
> > Benchmarking: dynamic_17: phpass ($P$ or $H$) [32/32 X2  (MD5_body)]... FAILED (get_hash[0](1))
> > 
> > The dynamic_17 is strange. Hopefully Jim could have a look at that. I believe all others may be failing due to one same bug, they are all pbkdf2-hmac-sha1. But I haven't nailed it. At first I assumed the iteration count would be wrong for BE but that is not the case, it's done right.
> 
> I thought dyna-17 worked at one time.  looking at code, it appears that the binary_64 may be leaving the bin in BE format, but bottom of the crypt_phpass puts things in LE.  but like I said, if it worked before, it worked with the code this way, so this may not be the problem.  i may not have access to a BE sys right now

Download attachment "dyna_17_BE.patch" of type "application/octet-stream" (3145 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.