mirror of
https://github.com/hashcat/hashcat
synced 2025-01-17 23:17:27 +01:00
Fixed a parser error in multiple modes not checking for return code, resulting in negative memory index writes
This commit is contained in:
parent
8b0e7087c7
commit
0dfe015301
@ -30,6 +30,7 @@
|
||||
- Fixed an integer overflow in masks not skipped when loaded from file
|
||||
- Fixed an integer overflow in hash buffer size calculation
|
||||
- Fixed a parser error for mode -m 9820 = MS Office <= 2003 $3, SHA1 + RC4, collider #2
|
||||
- Fixed a parser error in multiple modes not checking for return code, resulting in negative memory index writes
|
||||
- Fixed a problem with changed current working directory, for instance by using --restore together with --remove
|
||||
- Fixed a problem with the conversion to the $HEX[] format: convert/hexify also all passwords of the format $HEX[]
|
||||
- Fixed the calculation of device_name_chksum; should be done for each iteration
|
||||
|
@ -2975,6 +2975,8 @@ int netscreen_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_
|
||||
|
||||
salt_len = parse_and_store_salt (salt_buf_ptr, salt_buf, salt_len, hashconfig);
|
||||
|
||||
if (salt_len == UINT_MAX) return (PARSER_SALT_LENGTH);
|
||||
|
||||
// max. salt length: 55 (max for MD5) - 22 (":Administration Tools:") - 1 (0x80) = 32
|
||||
// 32 - 4 bytes (to fit w0lr for all attack modes) = 28
|
||||
|
||||
@ -3913,6 +3915,8 @@ int md5s_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSE
|
||||
|
||||
salt_len = parse_and_store_salt (salt_buf_ptr, salt_buf, salt_len, hashconfig);
|
||||
|
||||
if (salt_len == UINT_MAX) return (PARSER_SALT_LENGTH);
|
||||
|
||||
if (salt_len > 64) return (PARSER_SALT_LENGTH);
|
||||
|
||||
salt->salt_len = salt_len;
|
||||
@ -4704,6 +4708,8 @@ int ipb2_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSE
|
||||
|
||||
salt_len = parse_and_store_salt (salt_buf_ptr, salt_buf, salt_len, hashconfig);
|
||||
|
||||
if (salt_len == UINT_MAX) return (PARSER_SALT_LENGTH);
|
||||
|
||||
if (salt_len > 64) return (PARSER_SALT_LENGTH);
|
||||
|
||||
salt->salt_len = salt_len;
|
||||
@ -4868,6 +4874,8 @@ int sha1sha1_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_U
|
||||
|
||||
salt_len = parse_and_store_salt (salt_buf_ptr, salt_buf, salt_len, hashconfig);
|
||||
|
||||
if (salt_len == UINT_MAX) return (PARSER_SALT_LENGTH);
|
||||
|
||||
salt->salt_len = salt_len;
|
||||
|
||||
return (PARSER_OK);
|
||||
@ -8101,7 +8109,9 @@ int opencart_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_U
|
||||
|
||||
salt_len = parse_and_store_salt (salt_buf_ptr, salt_buf, salt_len, hashconfig);
|
||||
|
||||
if ((salt_len != 9) || (salt_len == UINT_MAX)) return (PARSER_SALT_LENGTH);
|
||||
if (salt_len == UINT_MAX) return (PARSER_SALT_LENGTH);
|
||||
|
||||
if (salt_len != 9) return (PARSER_SALT_LENGTH);
|
||||
|
||||
salt->salt_len = salt_len;
|
||||
|
||||
@ -10296,6 +10306,8 @@ int redmine_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UN
|
||||
|
||||
salt_len = parse_and_store_salt (salt_buf_ptr, salt_buf, salt_len, hashconfig);
|
||||
|
||||
if (salt_len == UINT_MAX) return (PARSER_SALT_LENGTH);
|
||||
|
||||
if (salt_len != 32) return (PARSER_SALT_LENGTH);
|
||||
|
||||
salt->salt_len = salt_len;
|
||||
@ -10335,6 +10347,8 @@ int punbb_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUS
|
||||
|
||||
salt_len = parse_and_store_salt (salt_buf_ptr, salt_buf, salt_len, hashconfig);
|
||||
|
||||
if (salt_len == UINT_MAX) return (PARSER_SALT_LENGTH);
|
||||
|
||||
if (salt_len != 12) return (PARSER_SALT_LENGTH);
|
||||
|
||||
salt->salt_len = salt_len;
|
||||
@ -11247,6 +11261,8 @@ int pbkdf2_sha256_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MA
|
||||
|
||||
salt_len = parse_and_store_salt (salt_buf_ptr, salt_pos, salt_len, hashconfig);
|
||||
|
||||
if (salt_len == UINT_MAX) return (PARSER_SALT_LENGTH);
|
||||
|
||||
if (salt_len > (64 - 8)) return (PARSER_SALT_LENGTH);
|
||||
|
||||
salt_buf_ptr[salt_len + 3] = 0x01;
|
||||
@ -11385,6 +11401,8 @@ int postgresql_auth_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf,
|
||||
|
||||
user_len = parse_and_store_salt (salt_buf_ptr + 4, user_pos, user_len, hashconfig);
|
||||
|
||||
if (salt_len == UINT_MAX) return (PARSER_SALT_LENGTH);
|
||||
|
||||
salt->salt_len = 4 + user_len;
|
||||
|
||||
return (PARSER_OK);
|
||||
@ -11442,6 +11460,8 @@ int mysql_auth_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE
|
||||
|
||||
salt_len = parse_and_store_salt (salt_buf_ptr, salt_pos, salt_len, hashconfig);
|
||||
|
||||
if (salt_len == UINT_MAX) return (PARSER_SALT_LENGTH);
|
||||
|
||||
salt->salt_len = salt_len;
|
||||
|
||||
return (PARSER_OK);
|
||||
@ -11589,6 +11609,8 @@ int bitcoin_wallet_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, M
|
||||
|
||||
const u32 salt_len = parse_and_store_salt (salt_buf_ptr, cry_salt_buf_pos, cry_salt_buf_len, hashconfig);
|
||||
|
||||
if (salt_len == UINT_MAX) return (PARSER_SALT_LENGTH);
|
||||
|
||||
salt->salt_len = salt_len;
|
||||
|
||||
return (PARSER_OK);
|
||||
@ -12386,6 +12408,8 @@ int pbkdf2_md5_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE
|
||||
|
||||
salt_len = parse_and_store_salt (salt_buf_ptr, salt_pos, salt_len, hashconfig);
|
||||
|
||||
if (salt_len == UINT_MAX) return (PARSER_SALT_LENGTH);
|
||||
|
||||
if (salt_len > (64 - 8)) return (PARSER_SALT_LENGTH);
|
||||
|
||||
salt_buf_ptr[salt_len + 3] = 0x01;
|
||||
@ -12468,6 +12492,8 @@ int pbkdf2_sha1_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYB
|
||||
|
||||
salt_len = parse_and_store_salt (salt_buf_ptr, salt_pos, salt_len, hashconfig);
|
||||
|
||||
if (salt_len == UINT_MAX) return (PARSER_SALT_LENGTH);
|
||||
|
||||
if (salt_len > (64 - 8)) return (PARSER_SALT_LENGTH);
|
||||
|
||||
salt_buf_ptr[salt_len + 3] = 0x01;
|
||||
@ -12555,6 +12581,8 @@ int pbkdf2_sha512_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MA
|
||||
|
||||
salt_len = parse_and_store_salt (salt_buf_ptr, salt_pos, salt_len, hashconfig);
|
||||
|
||||
if (salt_len == UINT_MAX) return (PARSER_SALT_LENGTH);
|
||||
|
||||
if (salt_len > (128 - 16)) return (PARSER_SALT_LENGTH);
|
||||
|
||||
salt_buf_ptr[salt_len + 3] = 0x01;
|
||||
@ -14796,6 +14824,8 @@ int itunes_backup_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MA
|
||||
|
||||
salt_len = parse_and_store_salt (salt_buf_ptr, salt_pos, salt_len, hashconfig);
|
||||
|
||||
if (salt_len == UINT_MAX) return (PARSER_SALT_LENGTH);
|
||||
|
||||
salt->salt_len = salt_len;
|
||||
|
||||
// dpsl
|
||||
@ -15161,6 +15191,8 @@ int atlassian_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_
|
||||
|
||||
u32 salt_len = parse_and_store_salt (salt_buf_ptr, tmp_buf, 16, hashconfig);
|
||||
|
||||
if (salt_len == UINT_MAX) return (PARSER_SALT_LENGTH);
|
||||
|
||||
if (salt_len != 16) return (PARSER_SALT_LENGTH);
|
||||
|
||||
salt_buf_ptr[salt_len + 3] = 0x01;
|
||||
@ -15428,6 +15460,8 @@ int ethereum_pbkdf2_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf,
|
||||
|
||||
salt_len = parse_and_store_salt (salt_buf_ptr, salt_pos, salt_len, hashconfig);
|
||||
|
||||
if (salt_len == UINT_MAX) return (PARSER_SALT_LENGTH);
|
||||
|
||||
salt_buf_ptr[salt_len + 3] = 0x01;
|
||||
salt_buf_ptr[salt_len + 4] = 0x80;
|
||||
|
||||
@ -15566,6 +15600,8 @@ int ethereum_scrypt_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf,
|
||||
|
||||
salt_len = parse_and_store_salt (salt_buf_ptr, salt_pos, salt_len, hashconfig);
|
||||
|
||||
if (salt_len == UINT_MAX) return (PARSER_SALT_LENGTH);
|
||||
|
||||
// salt
|
||||
|
||||
salt->salt_buf[0] = ethereum_scrypt->salt_buf[0];
|
||||
@ -16438,7 +16474,7 @@ int ascii_digest (hashcat_ctx_t *hashcat_ctx, char *out_buf, const size_t out_le
|
||||
memcpy (ptr, tmp, salt_len);
|
||||
}
|
||||
|
||||
u32 memset_size = ((48 - (int) salt_len) > 0) ? (48 - salt_len) : 0;
|
||||
u32 memset_size = ((SALT_MAX - (int) salt_len) > 0) ? (SALT_MAX - salt_len) : 0;
|
||||
|
||||
memset (ptr + salt_len, 0, memset_size);
|
||||
|
||||
@ -16459,7 +16495,7 @@ int ascii_digest (hashcat_ctx_t *hashcat_ctx, char *out_buf, const size_t out_le
|
||||
char tmp_buf[1024] = { 0 };
|
||||
|
||||
char *ptr_plain = (char *) out_buf_plain;
|
||||
u8 *ptr_salt = (u8 *) out_buf_salt;
|
||||
u8 *ptr_salt = (u8 *) out_buf_salt;
|
||||
|
||||
if (hash_mode == 22)
|
||||
{
|
||||
|
Loading…
Reference in New Issue
Block a user