From 56f47cabe21e819a3c93ec7f251a3508a7c2cba2 Mon Sep 17 00:00:00 2001 From: Jens Steube Date: Wed, 21 Apr 2021 09:22:00 +0200 Subject: [PATCH] Fixed race condition in potfile check during removal of empty hashes --- docs/changes.txt | 1 + include/hashes.h | 1 + src/hashcat.c | 6 ++++ src/hashes.c | 73 ++++++++++++++++++++++++++++++++++++++++++++++++ src/main.c | 4 +-- src/potfile.c | 18 ------------ 6 files changed, 83 insertions(+), 20 deletions(-) diff --git a/docs/changes.txt b/docs/changes.txt index ff94f3a02..f0adef031 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -45,6 +45,7 @@ - Fixed internal access on module option attribute OPTS_TYPE_SUGGEST_KG with the result that it was unused - Fixed invalid handling of outfile folder entries for -m 22000 - Fixed password reassembling for cracked hashes on host for slow hashes in optimized mode that are longer than 32 characters +- Fixed race condition in potfile check during removal of empty hashes - Fixed race condition resulting in out of memory error on startup if multiple hashcat instances are started at the same time - Fixed rare case of misalignment of the status prompt when other user warnings are shown within the hashcat output - Fixed too early execution of some module functions which could make use of non-final values opts_type and opti_type diff --git a/include/hashes.h b/include/hashes.h index b222f6b3d..ca88cab13 100644 --- a/include/hashes.h +++ b/include/hashes.h @@ -27,6 +27,7 @@ int hashes_init_stage3 (hashcat_ctx_t *hashcat_ctx); int hashes_init_stage4 (hashcat_ctx_t *hashcat_ctx); int hashes_init_selftest (hashcat_ctx_t *hashcat_ctx); int hashes_init_benchmark (hashcat_ctx_t *hashcat_ctx); +int hashes_init_zerohash (hashcat_ctx_t *hashcat_ctx); void hashes_destroy (hashcat_ctx_t *hashcat_ctx); diff --git a/src/hashcat.c b/src/hashcat.c index 4770734e9..c03141e1b 100644 --- a/src/hashcat.c +++ b/src/hashcat.c @@ -508,6 +508,12 @@ static int outer_loop (hashcat_ctx_t *hashcat_ctx) EVENT (EVENT_POTFILE_REMOVE_PARSE_POST); } + /** + * zero hash removes + */ + + if (hashes_init_zerohash (hashcat_ctx) == -1) return -1; + /** * load hashes, stage 3, update cracked results from potfile */ diff --git a/src/hashes.c b/src/hashes.c index e3935aae4..6e4b832a3 100644 --- a/src/hashes.c +++ b/src/hashes.c @@ -2048,6 +2048,79 @@ int hashes_init_benchmark (hashcat_ctx_t *hashcat_ctx) return 0; } +int hashes_init_zerohash (hashcat_ctx_t *hashcat_ctx) +{ + const hashconfig_t *hashconfig = hashcat_ctx->hashconfig; + const hashes_t *hashes = hashcat_ctx->hashes; + const module_ctx_t *module_ctx = hashcat_ctx->module_ctx; + + // do not use this unless really needed, for example as in LM + + if (module_ctx->module_hash_decode_zero_hash == MODULE_DEFAULT) return 0; + + hash_t *hashes_buf = hashes->hashes_buf; + u32 hashes_cnt = hashes->hashes_cnt; + + // no solution for these special hash types (for instane because they use hashfile in output etc) + + hash_t hash_buf; + + hash_buf.digest = hcmalloc (hashconfig->dgst_size); + hash_buf.salt = NULL; + hash_buf.esalt = NULL; + hash_buf.hook_salt = NULL; + hash_buf.cracked = 0; + hash_buf.hash_info = NULL; + hash_buf.pw_buf = NULL; + hash_buf.pw_len = 0; + + if (hashconfig->is_salted == true) + { + hash_buf.salt = (salt_t *) hcmalloc (sizeof (salt_t)); + } + + if (hashconfig->esalt_size > 0) + { + hash_buf.esalt = hcmalloc (hashconfig->esalt_size); + } + + if (hashconfig->hook_salt_size > 0) + { + hash_buf.hook_salt = hcmalloc (hashconfig->hook_salt_size); + } + + module_ctx->module_hash_decode_zero_hash (hashconfig, hash_buf.digest, hash_buf.salt, hash_buf.esalt, hash_buf.hook_salt, hash_buf.hash_info); + + hash_t *found = (hash_t *) hc_bsearch_r (&hash_buf, hashes_buf, hashes_cnt, sizeof (hash_t), sort_by_hash_no_salt, (void *) hashconfig); + + if (found != NULL) + { + found->pw_buf = (char *) hcmalloc (1); + found->pw_len = 0; + + found->cracked = 1; + } + + if (hashconfig->esalt_size > 0) + { + hcfree (hash_buf.esalt); + } + + if (hashconfig->hook_salt_size > 0) + { + hcfree (hash_buf.hook_salt); + } + + if (hashconfig->is_salted == true) + { + hcfree (hash_buf.salt); + } + + hcfree (hash_buf.digest); + + return 0; +} + void hashes_destroy (hashcat_ctx_t *hashcat_ctx) { hashconfig_t *hashconfig = hashcat_ctx->hashconfig; diff --git a/src/main.c b/src/main.c index 86aa4749c..9bc5eddc1 100644 --- a/src/main.c +++ b/src/main.c @@ -411,12 +411,12 @@ static void main_potfile_num_cracked (MAYBE_UNUSED hashcat_ctx_t *hashcat_ctx, M { if (potfile_remove_cracks == 1) { - event_log_info (hashcat_ctx, "INFO: Removed 1 hash found in potfile."); + event_log_info (hashcat_ctx, "INFO: Removed 1 hash found as as potfile entry or as empty hash."); event_log_info (hashcat_ctx, NULL); } else { - event_log_info (hashcat_ctx, "INFO: Removed %d hashes found in potfile.", potfile_remove_cracks); + event_log_info (hashcat_ctx, "INFO: Removed %d hashes found as potfile entries or as empty hash.", potfile_remove_cracks); event_log_info (hashcat_ctx, NULL); } } diff --git a/src/potfile.c b/src/potfile.c index e8059c0c2..6e86984b1 100644 --- a/src/potfile.c +++ b/src/potfile.c @@ -498,24 +498,6 @@ int potfile_remove_parse (hashcat_ctx_t *hashcat_ctx) } } - // do not use this unless really needed, for example as in LM - - if (module_ctx->module_hash_decode_zero_hash != MODULE_DEFAULT) - { - module_ctx->module_hash_decode_zero_hash (hashconfig, hash_buf.digest, hash_buf.salt, hash_buf.esalt, hash_buf.hook_salt, hash_buf.hash_info); - - if (hashconfig->potfile_keep_all_hashes == true) - { - potfile_update_hashes (hashcat_ctx, &hash_buf, NULL, 0, all_hashes_tree); - } - else - { - hash_t *found = (hash_t *) hc_bsearch_r (&hash_buf, hashes_buf, hashes_cnt, sizeof (hash_t), sort_by_hash_no_salt, (void *) hashconfig); - - potfile_update_hash (hashcat_ctx, found, NULL, 0); - } - } - const int rc = potfile_read_open (hashcat_ctx); if (rc == -1) return -1;