From 3c1e05aaf3a6bae2f148e77a4b22dafabdd1d272 Mon Sep 17 00:00:00 2001 From: philsmd Date: Mon, 7 Mar 2016 15:52:50 +0100 Subject: [PATCH] #234: increase max. salt length to 28 for -m 22 = Juniper Netscreen/SSG (ScreenOS) --- include/shared.h | 4 ++-- src/shared.c | 6 ++++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/include/shared.h b/include/shared.h index 00f5c9105..634e07fc1 100644 --- a/include/shared.h +++ b/include/shared.h @@ -718,9 +718,9 @@ extern hc_thread_mutex_t mux_display; #define DISPLAY_LEN_MIN_21H 32 + 1 + 2 #define DISPLAY_LEN_MAX_21H 32 + 1 + 30 #define DISPLAY_LEN_MIN_22 30 + 1 + 1 -#define DISPLAY_LEN_MAX_22 30 + 1 + 15 +#define DISPLAY_LEN_MAX_22 30 + 1 + 28 #define DISPLAY_LEN_MIN_22H 30 + 1 + 2 -#define DISPLAY_LEN_MAX_22H 30 + 1 + 30 +#define DISPLAY_LEN_MAX_22H 30 + 1 + 56 #define DISPLAY_LEN_MIN_23 32 + 1 + 0 #define DISPLAY_LEN_MAX_23 32 + 1 + 23 #define DISPLAY_LEN_MIN_101 5 + 28 diff --git a/src/shared.c b/src/shared.c index 22817de51..608dcf68e 100644 --- a/src/shared.c +++ b/src/shared.c @@ -9880,8 +9880,10 @@ int netscreen_parse_hash (char *input_buf, uint input_len, hash_t *hash_buf) salt_len = parse_and_store_salt (salt_buf_ptr, salt_buf, salt_len); - // max. salt length: salt_buf[32] => 32 - 22 (":Administration Tools:") = 10 - if (salt_len > 10) return (PARSER_SALT_LENGTH); + // max. salt length: 55 (max for MD5) - 22 (":Administration Tools:") - 1 (0x80) = 32 + // 32 - 4 bytes (to fit w0lr for all attack modes) = 28 + + if (salt_len > 28) return (PARSER_SALT_LENGTH); salt->salt_len = salt_len;