arno/hashcat
1
0
Fork 0
mirror of https://github.com/hashcat/hashcat.git synced 2024-11-22 08:08:10 +00:00
Code Issues Releases Wiki Activity

Merge pull request #2395 from s3inlc/patch-2

Browse Source 
Adding escaping for --status-json
This commit is contained in:
Jens Steube 2020-05-14 09:44:10 +02:00 committed by GitHub
commit 109fa01a54
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 35 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
docs/changes.txt
View File

@ -102,6 +102,7 @@
- Fixed some memory leaks in case mask-files are used in optimized mode
- Fixed the 7-Zip parser to allow the entire supported range of encrypted and decrypted data lengths
- Fixed the validation of the --brain-client-features command line argument (only values 1, 2 or 3 are allowed)
- Fixed --status-json to correctly escape certain characters in hashes
##
## Improvements

35
src/terminal.c
View File

@ -1027,9 +1027,40 @@ void status_display_status_json (hashcat_ctx_t *hashcat_ctx)
end = time_now + sec_etc;
}
/*
* As the hash target can contain the hash (in case of a single attacked hash), especially
* some salts can contain chars which need to be escaped to not break the JSON encoding.
* Based on https://www.freeformatter.com/json-escape.html, below these 7 different chars
* are getting escaped before being printed.
*/
char *target_json_encoded = (char *) hcmalloc (strlen (hashcat_status->hash_target) * 2);
unsigned long i, j;
for (i = 0, j = 0; i < strlen (hashcat_status->hash_target); i++, j++)
{
char c = hashcat_status->hash_target[i];
switch (c)
{
case '\b': c = 'b'; target_json_encoded[j] = '\\'; j++; break;
case '\t': c = 't'; target_json_encoded[j] = '\\'; j++; break;
case '\n': c = 'n'; target_json_encoded[j] = '\\'; j++; break;
case '\f': c = 'f'; target_json_encoded[j] = '\\'; j++; break;
case '\r': c = 'r'; target_json_encoded[j] = '\\'; j++; break;
case '\\': c = '\\'; target_json_encoded[j] = '\\'; j++; break;
case '"': c = '"'; target_json_encoded[j] = '\\'; j++; break;
}
target_json_encoded[j] = c;
}
target_json_encoded[j] = 0;
printf ("{ \"session\": \"%s\",", hashcat_status->session);
printf (" \"status\": %d,", hashcat_status->status_number);
printf (" \"target\": \"%s\",", hashcat_status->hash_target);
printf (" \"target\": \"%s\",", target_json_encoded);
printf (" \"progress\": [%" PRIu64 ", %" PRIu64 "],", hashcat_status->progress_cur_relative_skip, hashcat_status->progress_end_relative_skip);
printf (" \"restore_point\": %" PRIu64 ",", hashcat_status->restore_point);
printf (" \"recovered_hashes\": [%d, %d],", hashcat_status->digests_done, hashcat_status->digests_cnt);
@ -1037,6 +1068,8 @@ void status_display_status_json (hashcat_ctx_t *hashcat_ctx)
printf (" \"rejected\": %" PRIu64 ",", hashcat_status->progress_rejected);
printf (" \"devices\": [");
free (target_json_encoded);
int device_num = 0;
for (int device_id = 0; device_id < hashcat_status->device_info_cnt; device_id++)