Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <556B74A4.4000403@gmail.com>
Date: Sun, 31 May 2015 22:52:52 +0200
From: Nicolas RUFF <nicolas.ruff@...il.com>
To: john-users@...ts.openwall.com
CC: dhiru@...nwall.com
Subject: Bugs in sshng2john.py

Hello,

There is a bug in sshng2john.py around here:
https://github.com/magnumripper/JohnTheRipper/blob/bleeding-jumbo/run/sshng2john.py#L684

There is no 'salt' variable in scope, so the next call to
generate_key_bytes(MD5, salt, password, keysize) will fail.

This bug will manifest itself only if 'limited' == False, which can
occur if DES3 and AES are properly imported from Crypto.Cipher:

https://github.com/magnumripper/JohnTheRipper/blob/bleeding-jumbo/run/sshng2john.py#L45
try:
    from Crypto.Cipher import DES3, AES
except ImportError:
    AES = Object()
    AES.MODE_CBC = ""
    DES3 = Object()
    DES3.MODE_CBC = ""
    limited = True

'salt' was originally defined as such:
https://github.com/magnumripper/JohnTheRipper/commit/4b28fd74311a652ffed67e04b47711dfee65d022#diff-df731070c411340e7a6346a93ad8c5b6R658

It disappeared with the following commit, that added support for ed25519
keys:
https://github.com/magnumripper/JohnTheRipper/commit/da8f1dfcc35e41c52ff28428e9ffd6f65e34eafd

Forcing 'limited' to True is a (tested) workaround.

However restoring the original 'salt = unhexlify(saltstr)' statement
does not work either, as the following error would be triggered in
cipher.new() afterwards:
(...)
  File "./sshng2john.py", line 689, in _read_private_key
    data = cipher.new(key, mode, salt).decrypt(data)
  File "/usr/lib/python2.7/dist-packages/Crypto/Cipher/blockalgo.py",
line 295, in decrypt
    return self._cipher.decrypt(ciphertext)
ValueError: Input strings must be a multiple of 16 in length

Sorry for not being more specific ; I am not quite sure to understand
what this code is supposed to do, since it works perfectly well with
'limited' == True :)

Regards,
- Nicolas RUFF

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.