|
Message-ID: <CABtNtWF_vEHFNQKpQJbGFrZq68WM4UhsNY-gqsU9GJ6qwDy93A@mail.gmail.com>
Date: Wed, 27 May 2015 15:43:55 +0800
From: Kai Zhao <loverszhao@...il.com>
To: john-dev@...ts.openwall.com
Subject: Fuzzing Report on external mode
1. How to fuzz
--------------------
There are several conf file in JOHN/run. Split each external mode to one
single file.
$ ls external_conf
awepasswordgenerator.conf
datetime.conf
dokuwiki.conf
double_all.conf
double_alnum.conf
double.conf
dumbdumb.conf
dumbforce.conf
kdepaste.conf
keyboard.conf
knownforce.conf
lanman.conf
others.conf
repeat_digits.conf
repeats.conf
repeats_lowercase.conf
repeats_printable_ASCII.conf
sequence_0-9.conf
sequence_a-z.conf
sequence.conf
sequence_printable_ascii.conf
sequence_reversed_ascii.conf
sequence_z-a.conf
strip.conf
subset.conf
Change the external mode of each file to "List.External:lanman"
$ cat test_pw
$apr1$a2Jqm...$grFrwEgiQleDr0zR4Jx1b.
fuzzer status
start_time : 1432366185
last_update : 1432598766
fuzzer_pid : 19017
cycles_done : 0
execs_done : 8232393
execs_per_sec : 71.89
paths_total : 886
paths_found : 861
paths_imported : 0
max_depth : 3
cur_path : 132
pending_favs : 239
pending_total : 873
variable_paths : 0
bitmap_cvg : 3.47%
unique_crashes : 87
unique_hangs : 94
last_path : 1432561540
last_crash : 1432504837
last_hang : 1432581563
exec_timeout : 120
afl_banner : john
afl_version : 1.79b
command_line : afl-fuzz -m none -i external_conf/ -o out ../john test_pw
--format=md5crypt --external=lanman --config=@@
2. Bug analysis
--------------------
I created 5 issues on github, but there maybe only two bugs.
The bugs are **core john bugs**.
Segment Fault, Heap buffer overflow and Global buffer overflow:
(The 4 issues maybe by the same bug)
https://github.com/magnumripper/JohnTheRipper/issues/1358
https://github.com/magnumripper/JohnTheRipper/issues/1360
https://github.com/magnumripper/JohnTheRipper/issues/1363
https://github.com/magnumripper/JohnTheRipper/issues/1364
Floating point exception:
https://github.com/magnumripper/JohnTheRipper/issues/1362
Thanks,
Kai
Content of type "text/html" skipped
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.