1
mirror of https://github.com/hashcat/hashcat synced 2024-11-28 05:21:38 +01:00

Fixed out-of-boundary write to decrypted[] in DPAPI masterkey file v1 kernel

This commit is contained in:
Jens Steube 2020-02-22 08:42:36 +01:00
parent f96e35649d
commit 669619c1a7
3 changed files with 5 additions and 19 deletions

View File

@ -507,6 +507,8 @@ KERNEL_FQ void m15300_comp (KERN_ATTR_TMPS_ESALT (dpapimk_tmp_v1_t, dpapimk_t))
iv[0] = data[0]; iv[0] = data[0];
iv[1] = data[1]; iv[1] = data[1];
if (wx_off == 24) break;
} }
u32 hmacSalt[4]; u32 hmacSalt[4];
@ -523,7 +525,7 @@ KERNEL_FQ void m15300_comp (KERN_ATTR_TMPS_ESALT (dpapimk_tmp_v1_t, dpapimk_t))
expectedHmac[2] = hc_swap32_S (decrypted[4 + 2]); expectedHmac[2] = hc_swap32_S (decrypted[4 + 2]);
expectedHmac[3] = hc_swap32_S (decrypted[4 + 3]); expectedHmac[3] = hc_swap32_S (decrypted[4 + 3]);
for(int i = 0; i < 16; i++) for (int i = 0; i < 16; i++)
{ {
lastKey[i] = decrypted[i + 26 - 16]; lastKey[i] = decrypted[i + 26 - 16];
} }

View File

@ -88,6 +88,7 @@
- Fixed invalid use of --hex-wordlist if encoded wordlist string is larger than length 256 - Fixed invalid use of --hex-wordlist if encoded wordlist string is larger than length 256
- Fixed maximum password length limit which was announced as 256 but actually was 255 - Fixed maximum password length limit which was announced as 256 but actually was 255
- Fixed out-of-boundary read in pure kernel rule engine rule 'p' if parameter is set to 2 or higher - Fixed out-of-boundary read in pure kernel rule engine rule 'p' if parameter is set to 2 or higher
- Fixed out-of-boundary write to decrypted[] in DPAPI masterkey file v1 kernel
- Fixed output of IKE PSK (mode 5300 and 5400) hashes to have separators at right position - Fixed output of IKE PSK (mode 5300 and 5400) hashes to have separators at right position
- Fixed output password of "e" rule in pure and cpu rule engine if separator character is also the first letter - Fixed output password of "e" rule in pure and cpu rule engine if separator character is also the first letter
- Fixed problem with the usage of the hexadecimal notations (\x00-\xff) within rules - Fixed problem with the usage of the hexadecimal notations (\x00-\xff) within rules

View File

@ -96,23 +96,6 @@ u32 module_pw_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED con
return pw_max; return pw_max;
} }
bool module_unstable_warning (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra, MAYBE_UNUSED const hc_device_param_t *device_param)
{
// amdgpu-pro-19.30-934563-ubuntu-18.04: self-test failed
if ((device_param->opencl_device_vendor_id == VENDOR_ID_AMD) && (device_param->has_vperm == false))
{
return true;
}
// l_opencl_p_18.1.0.013.tgz: self-test failed
if ((device_param->opencl_device_vendor_id == VENDOR_ID_INTEL_SDK) && (device_param->opencl_device_type & CL_DEVICE_TYPE_CPU))
{
return true;
}
return false;
}
int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len)
{ {
u32 *digest = (u32 *) digest_buf; u32 *digest = (u32 *) digest_buf;
@ -456,6 +439,6 @@ void module_init (module_ctx_t *module_ctx)
module_ctx->module_st_hash = module_st_hash; module_ctx->module_st_hash = module_st_hash;
module_ctx->module_st_pass = module_st_pass; module_ctx->module_st_pass = module_st_pass;
module_ctx->module_tmp_size = module_tmp_size; module_ctx->module_tmp_size = module_tmp_size;
module_ctx->module_unstable_warning = module_unstable_warning; module_ctx->module_unstable_warning = MODULE_DEFAULT;
module_ctx->module_warmup_disable = MODULE_DEFAULT; module_ctx->module_warmup_disable = MODULE_DEFAULT;
} }