arno/hashcat
1
0
Fork 0
mirror of https://github.com/hashcat/hashcat.git synced 2025-01-03 12:21:07 +00:00
Code Issues Releases Wiki Activity

Merge pull request #146 from gm4tr1x/master

Browse Source 
Fixed some memory allocations and other small things
This commit is contained in:
Jens Steube 2016-01-23 15:43:47 +01:00
commit 20b0c23af1
3 changed files with 212 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
include/types.h
View File

@ -578,6 +578,15 @@ typedef struct
} seven_zip_t; } seven_zip_t;
typedef struct
{
u32 random[2];
u32 hash[5];
u32 salt[5]; // unused, but makes better valid check
u32 iv[2]; // unused, but makes better valid check
} psafe2_hdr;
typedef struct typedef struct
{ {
char *user_name; char *user_name;
@ -618,27 +627,27 @@ typedef struct
typedef struct typedef struct
{ {
char essid[36]; char essid[36];
unsigned char mac1[6]; u8 mac1[6];
unsigned char mac2[6]; u8 mac2[6];
unsigned char nonce1[32]; u8 nonce1[32];
unsigned char nonce2[32]; u8 nonce2[32];
unsigned char eapol[256]; u8 eapol[256];
int eapol_size; int eapol_size;
int keyver; int keyver;
unsigned char keymic[16]; u8 keymic[16];
} hccap_t; } hccap_t;
typedef struct typedef struct
{ {
char signature[4]; char signature[4];
u32 salt_buf[8]; u32 salt_buf[8];
u32 iterations; u32 iterations;
u32 hash_buf[8]; u32 hash_buf[8];
} psafe3_t; } psafe3_t;

6
src/oclHashcat.c
View File

@ -10763,11 +10763,11 @@ int main (int argc, char **argv)
uint hccap_size = sizeof (hccap_t); uint hccap_size = sizeof (hccap_t);
char in[hccap_size]; char *in = (char *) mymalloc (hccap_size);
while (!feof (fp)) while (!feof (fp))
{ {
int n = fread (&in, hccap_size, 1, fp); int n = fread (in, hccap_size, 1, fp);
if (n != 1) if (n != 1)
{ {
@ -10826,6 +10826,8 @@ int main (int argc, char **argv)
} }
fclose (fp); fclose (fp);
myfree (in);
} }
else if (hash_mode == 3000) else if (hash_mode == 3000)
{ {

235
src/shared.c
View File

@ -5108,9 +5108,7 @@ void handle_left_request_lm (pot_t *pot, uint pot_cnt, char *input_buf, int inpu
uint user_len = input_len - 32; uint user_len = input_len - 32;
char hash_output[user_len + 33]; char *hash_output = (char *) mymalloc (33);
memset (hash_output, 0, sizeof (hash_output));
memcpy (hash_output, input_buf, input_len); memcpy (hash_output, input_buf, input_len);
@ -5134,6 +5132,8 @@ void handle_left_request_lm (pot_t *pot, uint pot_cnt, char *input_buf, int inpu
format_output (out_fp, hash_output, NULL, 0, 0, NULL, 0); format_output (out_fp, hash_output, NULL, 0, 0, NULL, 0);
myfree (hash_output);
if (weak_hash_found == 1) myfree (pot_right_ptr); if (weak_hash_found == 1) myfree (pot_right_ptr);
} }
@ -10096,17 +10096,10 @@ int psafe2_parse_hash (char *input_buf, uint input_len, hash_t *hash_buf)
exit (-1); exit (-1);
} }
typedef struct
{
u32 random[2];
u32 hash[5];
u32 salt[5]; // unused, but makes better valid check
u32 iv[2]; // unused, but makes better valid check
} psafe2_hdr;
psafe2_hdr buf; psafe2_hdr buf;
memset (&buf, 0, sizeof (psafe2_hdr));
int n = fread (&buf, sizeof (psafe2_hdr), 1, fp); int n = fread (&buf, sizeof (psafe2_hdr), 1, fp);
fclose (fp); fclose (fp);
@ -17491,9 +17484,8 @@ int sip_auth_parse_hash (char *input_buf, uint input_len, hash_t *hash_buf)
// work with a temporary copy of input_buf (s.t. we can manipulate it directly) // work with a temporary copy of input_buf (s.t. we can manipulate it directly)
char temp_input_buf[input_len + 1]; char *temp_input_buf = (char *) mymalloc (input_len + 1);
memset (temp_input_buf, 0, sizeof (temp_input_buf));
memcpy (temp_input_buf, input_buf, input_len); memcpy (temp_input_buf, input_buf, input_len);
// URI_server: // URI_server:
@ -17502,177 +17494,307 @@ int sip_auth_parse_hash (char *input_buf, uint input_len, hash_t *hash_buf)
char *URI_client_pos = strchr (URI_server_pos, '*'); char *URI_client_pos = strchr (URI_server_pos, '*');
if (URI_client_pos == NULL) return (PARSER_SEPARATOR_UNMATCHED); if (URI_client_pos == NULL)
{
myfree (temp_input_buf);
return (PARSER_SEPARATOR_UNMATCHED);
}
URI_client_pos[0] = 0; URI_client_pos[0] = 0;
URI_client_pos++; URI_client_pos++;
uint URI_server_len = strlen (URI_server_pos); uint URI_server_len = strlen (URI_server_pos);
if (URI_server_len > 512) return (PARSER_SALT_LENGTH); if (URI_server_len > 512)
{
myfree (temp_input_buf);
return (PARSER_SALT_LENGTH);
}
// URI_client: // URI_client:
char *user_pos = strchr (URI_client_pos, '*'); char *user_pos = strchr (URI_client_pos, '*');
if (user_pos == NULL) return (PARSER_SEPARATOR_UNMATCHED); if (user_pos == NULL)
{
myfree (temp_input_buf);
return (PARSER_SEPARATOR_UNMATCHED);
}
user_pos[0] = 0; user_pos[0] = 0;
user_pos++; user_pos++;
uint URI_client_len = strlen (URI_client_pos); uint URI_client_len = strlen (URI_client_pos);
if (URI_client_len > 512) return (PARSER_SALT_LENGTH); if (URI_client_len > 512)
{
myfree (temp_input_buf);
return (PARSER_SALT_LENGTH);
}
// user: // user:
char *realm_pos = strchr (user_pos, '*'); char *realm_pos = strchr (user_pos, '*');
if (realm_pos == NULL) return (PARSER_SEPARATOR_UNMATCHED); if (realm_pos == NULL)
{
myfree (temp_input_buf);
return (PARSER_SEPARATOR_UNMATCHED);
}
realm_pos[0] = 0; realm_pos[0] = 0;
realm_pos++; realm_pos++;
uint user_len = strlen (user_pos); uint user_len = strlen (user_pos);
if (user_len > 116) return (PARSER_SALT_LENGTH); if (user_len > 116)
{
myfree (temp_input_buf);
return (PARSER_SALT_LENGTH);
}
// realm: // realm:
char *method_pos = strchr (realm_pos, '*'); char *method_pos = strchr (realm_pos, '*');
if (method_pos == NULL) return (PARSER_SEPARATOR_UNMATCHED); if (method_pos == NULL)
{
myfree (temp_input_buf);
return (PARSER_SEPARATOR_UNMATCHED);
}
method_pos[0] = 0; method_pos[0] = 0;
method_pos++; method_pos++;
uint realm_len = strlen (realm_pos); uint realm_len = strlen (realm_pos);
if (realm_len > 116) return (PARSER_SALT_LENGTH); if (realm_len > 116)
{
myfree (temp_input_buf);
return (PARSER_SALT_LENGTH);
}
// method: // method:
char *URI_prefix_pos = strchr (method_pos, '*'); char *URI_prefix_pos = strchr (method_pos, '*');
if (URI_prefix_pos == NULL) return (PARSER_SEPARATOR_UNMATCHED); if (URI_prefix_pos == NULL)
{
myfree (temp_input_buf);
return (PARSER_SEPARATOR_UNMATCHED);
}
URI_prefix_pos[0] = 0; URI_prefix_pos[0] = 0;
URI_prefix_pos++; URI_prefix_pos++;
uint method_len = strlen (method_pos); uint method_len = strlen (method_pos);
if (method_len > 246) return (PARSER_SALT_LENGTH); if (method_len > 246)
{
myfree (temp_input_buf);
return (PARSER_SALT_LENGTH);
}
// URI_prefix: // URI_prefix:
char *URI_resource_pos = strchr (URI_prefix_pos, '*'); char *URI_resource_pos = strchr (URI_prefix_pos, '*');
if (URI_resource_pos == NULL) return (PARSER_SEPARATOR_UNMATCHED); if (URI_resource_pos == NULL)
{
myfree (temp_input_buf);
return (PARSER_SEPARATOR_UNMATCHED);
}
URI_resource_pos[0] = 0; URI_resource_pos[0] = 0;
URI_resource_pos++; URI_resource_pos++;
uint URI_prefix_len = strlen (URI_prefix_pos); uint URI_prefix_len = strlen (URI_prefix_pos);
if (URI_prefix_len > 245) return (PARSER_SALT_LENGTH); if (URI_prefix_len > 245)
{
myfree (temp_input_buf);
return (PARSER_SALT_LENGTH);
}
// URI_resource: // URI_resource:
char *URI_suffix_pos = strchr (URI_resource_pos, '*'); char *URI_suffix_pos = strchr (URI_resource_pos, '*');
if (URI_suffix_pos == NULL) return (PARSER_SEPARATOR_UNMATCHED); if (URI_suffix_pos == NULL)
{
myfree (temp_input_buf);
return (PARSER_SEPARATOR_UNMATCHED);
}
URI_suffix_pos[0] = 0; URI_suffix_pos[0] = 0;
URI_suffix_pos++; URI_suffix_pos++;
uint URI_resource_len = strlen (URI_resource_pos); uint URI_resource_len = strlen (URI_resource_pos);
if (URI_resource_len < 1) return (PARSER_SALT_LENGTH); if (URI_resource_len < 1 || URI_resource_len > 246)
if (URI_resource_len > 246) return (PARSER_SALT_LENGTH); {
myfree (temp_input_buf);
return (PARSER_SALT_LENGTH);
}
// URI_suffix: // URI_suffix:
char *nonce_pos = strchr (URI_suffix_pos, '*'); char *nonce_pos = strchr (URI_suffix_pos, '*');
if (nonce_pos == NULL) return (PARSER_SEPARATOR_UNMATCHED); if (nonce_pos == NULL)
{
myfree (temp_input_buf);
return (PARSER_SEPARATOR_UNMATCHED);
}
nonce_pos[0] = 0; nonce_pos[0] = 0;
nonce_pos++; nonce_pos++;
uint URI_suffix_len = strlen (URI_suffix_pos); uint URI_suffix_len = strlen (URI_suffix_pos);
if (URI_suffix_len > 245) return (PARSER_SALT_LENGTH); if (URI_suffix_len > 245)
{
myfree (temp_input_buf);
return (PARSER_SALT_LENGTH);
}
// nonce: // nonce:
char *nonce_client_pos = strchr (nonce_pos, '*'); char *nonce_client_pos = strchr (nonce_pos, '*');
if (nonce_client_pos == NULL) return (PARSER_SEPARATOR_UNMATCHED); if (nonce_client_pos == NULL)
{
myfree (temp_input_buf);
return (PARSER_SEPARATOR_UNMATCHED);
}
nonce_client_pos[0] = 0; nonce_client_pos[0] = 0;
nonce_client_pos++; nonce_client_pos++;
uint nonce_len = strlen (nonce_pos); uint nonce_len = strlen (nonce_pos);
if (nonce_len < 1) return (PARSER_SALT_LENGTH); if (nonce_len < 1 || nonce_len > 50)
if (nonce_len > 50) return (PARSER_SALT_LENGTH); {
myfree (temp_input_buf);
return (PARSER_SALT_LENGTH);
}
// nonce_client: // nonce_client:
char *nonce_count_pos = strchr (nonce_client_pos, '*'); char *nonce_count_pos = strchr (nonce_client_pos, '*');
if (nonce_count_pos == NULL) return (PARSER_SEPARATOR_UNMATCHED); if (nonce_count_pos == NULL)
{
myfree (temp_input_buf);
return (PARSER_SEPARATOR_UNMATCHED);
}
nonce_count_pos[0] = 0; nonce_count_pos[0] = 0;
nonce_count_pos++; nonce_count_pos++;
uint nonce_client_len = strlen (nonce_client_pos); uint nonce_client_len = strlen (nonce_client_pos);
if (nonce_client_len > 50) return (PARSER_SALT_LENGTH); if (nonce_client_len > 50)
{
myfree (temp_input_buf);
return (PARSER_SALT_LENGTH);
}
// nonce_count: // nonce_count:
char *qop_pos = strchr (nonce_count_pos, '*'); char *qop_pos = strchr (nonce_count_pos, '*');
if (qop_pos == NULL) return (PARSER_SEPARATOR_UNMATCHED); if (qop_pos == NULL)
{
myfree (temp_input_buf);
return (PARSER_SEPARATOR_UNMATCHED);
}
qop_pos[0] = 0; qop_pos[0] = 0;
qop_pos++; qop_pos++;
uint nonce_count_len = strlen (nonce_count_pos); uint nonce_count_len = strlen (nonce_count_pos);
if (nonce_count_len > 50) return (PARSER_SALT_LENGTH); if (nonce_count_len > 50)
{
myfree (temp_input_buf);
return (PARSER_SALT_LENGTH);
}
// qop: // qop:
char *directive_pos = strchr (qop_pos, '*'); char *directive_pos = strchr (qop_pos, '*');
if (directive_pos == NULL) return (PARSER_SEPARATOR_UNMATCHED); if (directive_pos == NULL)
{
myfree (temp_input_buf);
return (PARSER_SEPARATOR_UNMATCHED);
}
directive_pos[0] = 0; directive_pos[0] = 0;
directive_pos++; directive_pos++;
uint qop_len = strlen (qop_pos); uint qop_len = strlen (qop_pos);
if (qop_len > 50) return (PARSER_SALT_LENGTH); if (qop_len > 50)
{
myfree (temp_input_buf);
return (PARSER_SALT_LENGTH);
}
// directive // directive
char *digest_pos = strchr (directive_pos, '*'); char *digest_pos = strchr (directive_pos, '*');
if (digest_pos == NULL) return (PARSER_SEPARATOR_UNMATCHED); if (digest_pos == NULL)
{
myfree (temp_input_buf);
return (PARSER_SEPARATOR_UNMATCHED);
}
digest_pos[0] = 0; digest_pos[0] = 0;
digest_pos++; digest_pos++;
uint directive_len = strlen (directive_pos); uint directive_len = strlen (directive_pos);
if (directive_len != 3) return (PARSER_SALT_LENGTH); if (directive_len != 3)
{
myfree (temp_input_buf);
return (PARSER_SALT_LENGTH);
}
if (memcmp (directive_pos, "MD5", 3)) if (memcmp (directive_pos, "MD5", 3))
{ {
log_info ("ERROR: only the MD5 directive is currently supported\n"); log_info ("ERROR: only the MD5 directive is currently supported\n");
myfree (temp_input_buf);
return (PARSER_SIP_AUTH_DIRECTIVE); return (PARSER_SIP_AUTH_DIRECTIVE);
} }
@ -17686,9 +17808,7 @@ int sip_auth_parse_hash (char *input_buf, uint input_len, hash_t *hash_buf)
uint md5_remaining_len = md5_max_len; uint md5_remaining_len = md5_max_len;
uint tmp_md5_buf[md5_max_len / 4]; uint tmp_md5_buf[64] = { 0 };
memset (tmp_md5_buf, 0, sizeof (tmp_md5_buf));
char *tmp_md5_ptr = (char *) tmp_md5_buf; char *tmp_md5_ptr = (char *) tmp_md5_buf;
@ -17723,7 +17843,7 @@ int sip_auth_parse_hash (char *input_buf, uint input_len, hash_t *hash_buf)
md5_len += 1 + URI_suffix_len; md5_len += 1 + URI_suffix_len;
} }
uint tmp_digest[4]; uint tmp_digest[4] = { 0 };
md5_complete_no_limit (tmp_digest, tmp_md5_buf, md5_len); md5_complete_no_limit (tmp_digest, tmp_md5_buf, md5_len);
@ -17748,7 +17868,12 @@ int sip_auth_parse_hash (char *input_buf, uint input_len, hash_t *hash_buf)
{ {
esalt_len = 1 + nonce_len + 1 + nonce_count_len + 1 + nonce_client_len + 1 + qop_len + 1 + 32; esalt_len = 1 + nonce_len + 1 + nonce_count_len + 1 + nonce_client_len + 1 + qop_len + 1 + 32;
if (esalt_len > max_esalt_len) return (PARSER_SALT_LENGTH); if (esalt_len > max_esalt_len)
{
myfree (temp_input_buf);
return (PARSER_SALT_LENGTH);
}
snprintf (esalt_buf_ptr, max_esalt_len, ":%s:%s:%s:%s:%08x%08x%08x%08x", snprintf (esalt_buf_ptr, max_esalt_len, ":%s:%s:%s:%s:%08x%08x%08x%08x",
nonce_pos, nonce_pos,
@ -17764,7 +17889,12 @@ int sip_auth_parse_hash (char *input_buf, uint input_len, hash_t *hash_buf)
{ {
esalt_len = 1 + nonce_len + 1 + 32; esalt_len = 1 + nonce_len + 1 + 32;
if (esalt_len > max_esalt_len) return (PARSER_SALT_LENGTH); if (esalt_len > max_esalt_len)
{
myfree (temp_input_buf);
return (PARSER_SALT_LENGTH);
}
snprintf (esalt_buf_ptr, max_esalt_len, ":%s:%08x%08x%08x%08x", snprintf (esalt_buf_ptr, max_esalt_len, ":%s:%08x%08x%08x%08x",
nonce_pos, nonce_pos,
@ -17790,7 +17920,12 @@ int sip_auth_parse_hash (char *input_buf, uint input_len, hash_t *hash_buf)
uint max_salt_len = 119; uint max_salt_len = 119;
if (salt_len > max_salt_len) return (PARSER_SALT_LENGTH); if (salt_len > max_salt_len)
{
myfree (temp_input_buf);
return (PARSER_SALT_LENGTH);
}
snprintf (sip_salt_ptr, max_salt_len + 1, "%s:%s:", user_pos, realm_pos); snprintf (sip_salt_ptr, max_salt_len + 1, "%s:%s:", user_pos, realm_pos);
@ -17829,6 +17964,8 @@ int sip_auth_parse_hash (char *input_buf, uint input_len, hash_t *hash_buf)
digest[2] = byte_swap_32 (digest[2]); digest[2] = byte_swap_32 (digest[2]);
digest[3] = byte_swap_32 (digest[3]); digest[3] = byte_swap_32 (digest[3]);
myfree (temp_input_buf);
return (PARSER_OK); return (PARSER_OK);
} }