john-dev - Re: Fuzzing Report on external mode

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [day] [month] [year] [list]

Message-ID: <20150601095636.GA29213@openwall.com>
Date: Mon, 1 Jun 2015 12:56:36 +0300
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: Fuzzing Report on external mode

On Mon, Jun 01, 2015 at 05:17:00PM +0800, Kai Zhao wrote:
> https://github.com/magnumripper/JohnTheRipper/issues/1363
> 
> The diff of config is: (first is original, second is fuzzed)
> 
> 2,3c2,3
> < # A variation of KnownForce configured to try all the 385641000 possible
> < # auto-generated passwords of DokuWiki versions up to at least 2013-05-10.
> ---
> > # Ae
> > # -10.
> 59c59
> < charset[ofs + i++] = c++;
> ---
> > charset[ofs + i++] = C++;

Oh, it's this loop:

		while (c <= '9')
			charset[ofs + i++] = C++;

Obviously, it won't terminate until i gets sufficiently out of range to
cause misbehavior of the VM (usually a segfault).

I think we're done with external mode fuzzing for now.  I am planning to
document these shortcomings in doc/EXTERNAL.  The only unexpected issue
is already patched.

Thanks!

Alexander

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.