Skip to content

Commit

Permalink
recent changes with work around for invalid UTF-8 during valid, chang…
Browse files Browse the repository at this point in the history 
…ed to not error(), but to print a warning and ignore the hashes. error() call in valid is a bad-thing (tm) to do, especially exiting when no format specified, when jtr is searching for proper format to match the hash
  • Loading branch information
@jfoug
jfoug committed Sep 10, 2016
1 parent 215f3a9 commit 9037a83
Show file tree
Hide file tree
Showing 4 changed files with 41 additions and 10 deletions.
11 changes: 9 additions & 2 deletions src/as400_ssha1_fmt_plug.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -153,8 +153,15 @@ static int our_valid(char *ciphertext, struct fmt_main *self)
return pDynamic->methods.valid(ciphertext, pDynamic);

if (options.input_enc == UTF_8 && !valid_utf8((UTF8*)ciphertext)) {
fprintf(stderr, "%s: Input file is not UTF-8. Please use --input-enc to specify a codepage.\n", self->params.label);
error();
static int error_shown = 0;
#ifdef HAVE_FUZZ
if (options.flags & (FLG_FUZZ_CHK || options.flags & FLG_FUZZ_DUMP_CHK))
return 0;
#endif

This comment has been minimized.

Sign in to view

Copy link
@frank-dittrich

frank-dittrich Sep 10, 2016

Collaborator

Are you sure that #ifdef HAVE_FUZZ ... #endif' block is still needed? valid() returning 0 should be OK even when using./john --fuzz`.

This comment has been minimized.

Sign in to view

Copy link
@frank-dittrich

frank-dittrich Sep 10, 2016

Collaborator

And the options.flags & FLG_FUZZ_DUMP_CHK part is definitely wrong.
Valid() behaving differently when ./john --fuzz-dump just generates files with fuzzed data, to be processed later in a "regular" john run, is a bad idea.

This comment has been minimized.

Sign in to view

Copy link
@jfoug

jfoug Sep 10, 2016

Author Collaborator

The expression is wrong (I will fix it).

if (options.flags & (FLG_FUZZ_CHK | FLG_FUZZ_DUMP_CHK))

is the right expression. The reason it is there is we are 100% assured in fuzz mode to be providing bogus data. There is no reason to emit the warning when fuzzing. We KNOW it is happening. fuzzing is debugging, so instead of dirtying the screen, I simply am avoiding the message. However, the same valid will be used for fuzzing, for fuzz dumping AND for normal running.

This comment has been minimized.

Sign in to view

Copy link
@jfoug

jfoug Sep 10, 2016

Author Collaborator

Updated the if boolean logic to what I had originally 'wanted'

2684366
if (!error_shown)
fprintf(stderr, "%s: Input file is not UTF-8. Please use --input-enc to specify a codepage.\n", self->params.label);
error_shown = 1;

This comment has been minimized.

Sign in to view

Copy link
@frank-dittrich

frank-dittrich Sep 10, 2016

Collaborator

the error_shown = 1; only needs to be processed if !error_shown.

This comment has been minimized.

Sign in to view

Copy link
@magnumripper

magnumripper Sep 10, 2016

Member

Sure but that is extremely unimportant.
return 0;
}
if (strncmp(ciphertext, FORMAT_TAG, FORMAT_TAG_LEN) != 0)
return 0;
Expand Down
22 changes: 18 additions & 4 deletions src/mscash_common_plug.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,8 +92,15 @@ int mscash1_common_valid(char *ciphertext, struct fmt_main *self)
// This is tricky: Max supported salt length is 19 characters of Unicode
saltlen = enc_to_utf16(realsalt, MSCASH1_MAX_SALT_LENGTH+1, (UTF8*)strnzcpy(insalt, &ciphertext[FORMAT_TAG_LEN], l - FORMAT_TAG_LEN), l - 3);
if (saltlen < 0) {
fprintf(stderr, "%s: Input file is not UTF-8. Please use --input-enc to specify a codepage.\n", self->params.label);
error();
static int error_shown = 0;
#ifdef HAVE_FUZZ
if (options.flags & (FLG_FUZZ_CHK || options.flags & FLG_FUZZ_DUMP_CHK))
return 0;
#endif
if (!error_shown)
fprintf(stderr, "%s: Input file is not UTF-8. Please use --input-enc to specify a codepage.\n", self->params.label);
error_shown = 1;
return 0;
}
if (saltlen > MSCASH1_MAX_SALT_LENGTH) {
static int warned = 0;
Expand Down Expand Up @@ -294,8 +301,15 @@ int mscash2_common_valid(char *ciphertext, int max_salt_length, struct fmt_main
++i;
saltlen = enc_to_utf16(realsalt, max_salt_length, (UTF8*)strnzcpy(insalt, &ciphertext[i], l-i), l-(i+1));
if (saltlen < 0) {
fprintf(stderr, "%s: Input file is not UTF-8. Please use --input-enc to specify a codepage.\n", self->params.label);
error();
static int error_shown = 0;
#ifdef HAVE_FUZZ
if (options.flags & (FLG_FUZZ_CHK || options.flags & FLG_FUZZ_DUMP_CHK))
return 0;
#endif
if (!error_shown)
fprintf(stderr, "%s: Input file is not UTF-8. Please use --input-enc to specify a codepage.\n", self->params.label);
error_shown = 1;
return 0;
}
if (saltlen > max_salt_length) {
static int warned = 0;
Expand Down
7 changes: 5 additions & 2 deletions src/o3logon_fmt_plug.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -139,12 +139,15 @@ static int valid(char *ciphertext, struct fmt_main *self)
tmp[cp-ciphertext] = 0;
len = enc_to_utf16((UTF16 *)cur_key_mixedcase, MAX_USERNAME_LEN+1, (unsigned char*)tmp, strlen(tmp));
if (len < 0 || (len == 0 && cp-ciphertext)) {
static int error_shown = 0;
#ifdef HAVE_FUZZ
if (options.flags & (FLG_FUZZ_CHK || options.flags & FLG_FUZZ_DUMP_CHK))
return 0;
#endif
fprintf(stderr, "%s: Input file is not UTF-8. Please use --input-enc to specify a codepage.\n", self->params.label);
error();
if (!error_shown)
fprintf(stderr, "%s: Input file is not UTF-8. Please use --input-enc to specify a codepage.\n", self->params.label);
error_shown = 1;
return 0;
}
if (len > MAX_USERNAME_LEN)
return 0;
Expand Down
11 changes: 9 additions & 2 deletions src/oracle_fmt_plug.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -128,8 +128,15 @@ static int valid(char *ciphertext, struct fmt_main *self)
len = enc_to_utf16(name16, MAX_USERNAME_LEN + 1,
(UTF8*)name, strlen(name));
if (len < 0) {
fprintf(stderr, "%s: Input file is not UTF-8. Please use --input-enc to specify a codepage.\n", self->params.label);
error();
static int error_shown = 0;
#ifdef HAVE_FUZZ
if (options.flags & (FLG_FUZZ_CHK || options.flags & FLG_FUZZ_DUMP_CHK))
return 0;
#endif
if (!error_shown)
fprintf(stderr, "%s: Input file is not UTF-8. Please use --input-enc to specify a codepage.\n", self->params.label);
error_shown = 1;
return 0;
}
if (len > MAX_USERNAME_LEN)
return 0;
Expand Down

0 comments on commit 9037a83

Please sign in to comment.