From 6d3cf3689fbfabcdd7c666b3af8f68c3079d9f13 Mon Sep 17 00:00:00 2001 From: Will Crozier Date: Sun, 18 Dec 2022 07:47:57 +0000 Subject: [PATCH] stdout mode: zero output buffer between rules (fixes #3537) --- src/stdout.c | 54 ++++++++++++++++++++++++++-------------------------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/src/stdout.c b/src/stdout.c index 12994f0ad..414e6729c 100644 --- a/src/stdout.c +++ b/src/stdout.c @@ -96,9 +96,11 @@ int process_stdout (hashcat_ctx_t *hashcat_ctx, hc_device_param_t *device_param, out.len = 0; - u32 plain_buf[64] = { 0 }; + #define BUF_SZ (PW_MAX / sizeof(u32)) - u8 *plain_ptr = (u8 *) plain_buf; + u32 plain_buf[BUF_SZ] = { 0 }; + + u8 *const plain_ptr = (u8 *) plain_buf; u32 plain_len = 0; @@ -197,10 +199,7 @@ int process_stdout (hashcat_ctx_t *hashcat_ctx, hc_device_param_t *device_param, { while (pw_idx <= pw_idx_last) { - u32 *pw = pws_comp_blk + (pw_idx->off - off_blk); - u32 pw_len = pw_idx->len; - - pw_idx++; + u32 *pw = pws_comp_blk + (pw_idx->off - off_blk); for (u32 il_pos = 0; il_pos < il_cnt; il_pos++) { @@ -213,41 +212,42 @@ int process_stdout (hashcat_ctx_t *hashcat_ctx, hc_device_param_t *device_param, plain_buf[i] = pw[i]; } - plain_len = apply_rules_optimized (straight_ctx->kernel_rules_buf[off].cmds, &plain_buf[0], &plain_buf[4], pw_len); + plain_len = apply_rules_optimized (straight_ctx->kernel_rules_buf[off].cmds, &plain_buf[0], &plain_buf[4], pw_idx->len); } else { - for (int i = 0; i < 64; i++) + for (u32 i = 0; i < pw_idx->cnt; i++) { plain_buf[i] = pw[i]; } - plain_len = apply_rules (straight_ctx->kernel_rules_buf[off].cmds, plain_buf, pw_len); + plain_len = apply_rules (straight_ctx->kernel_rules_buf[off].cmds, plain_buf, pw_idx->len); } if (plain_len > hashconfig->pw_max) plain_len = hashconfig->pw_max; out_push (&out, plain_ptr, plain_len); + + memset (plain_ptr, 0, BUF_SZ); } + + pw_idx++; } } else if (user_options->attack_mode == ATTACK_MODE_COMBI) { while (pw_idx <= pw_idx_last) { - u32 *pw = pws_comp_blk + (pw_idx->off - off_blk); - u32 pw_len = pw_idx->len; - - pw_idx++; + u32 *pw = pws_comp_blk + (pw_idx->off - off_blk); for (u32 il_pos = 0; il_pos < il_cnt; il_pos++) { - for (int i = 0; i < 64; i++) + for (u32 i = 0; i < pw_idx->cnt; i++) { plain_buf[i] = pw[i]; } - plain_len = pw_len; + plain_len = pw_idx->len; char *comb_buf = (char *) device_param->combs_buf[il_pos].i; u32 comb_len = device_param->combs_buf[il_pos].pw_len; @@ -269,25 +269,24 @@ int process_stdout (hashcat_ctx_t *hashcat_ctx, hc_device_param_t *device_param, out_push (&out, plain_ptr, plain_len); } + + pw_idx++; } } else if (user_options->attack_mode == ATTACK_MODE_HYBRID1) { while (pw_idx <= pw_idx_last) { - u32 *pw = pws_comp_blk + (pw_idx->off - off_blk); - u32 pw_len = pw_idx->len; - - pw_idx++; + u32 *pw = pws_comp_blk + (pw_idx->off - off_blk); for (u32 il_pos = 0; il_pos < il_cnt; il_pos++) { - for (int i = 0; i < 64; i++) + for (u32 i = 0; i < pw_idx->cnt; i++) { plain_buf[i] = pw[i]; } - plain_len = pw_len; + plain_len = pw_idx->len; u64 off = device_param->kernel_params_mp_buf64[3] + il_pos; @@ -300,16 +299,15 @@ int process_stdout (hashcat_ctx_t *hashcat_ctx, hc_device_param_t *device_param, out_push (&out, plain_ptr, plain_len); } + + pw_idx++; } } else if ((user_options->attack_mode == ATTACK_MODE_HYBRID2) && (hashconfig->opti_type & OPTI_TYPE_OPTIMIZED_KERNEL)) { while (pw_idx <= pw_idx_last) { - char *pw = (char *) (pws_comp_blk + (pw_idx->off - off_blk)); - u32 pw_len = (pw_idx->len); - - pw_idx++; + char *pw = (char *) (pws_comp_blk + (pw_idx->off - off_blk)); for (u32 il_pos = 0; il_pos < il_cnt; il_pos++) { @@ -322,14 +320,16 @@ int process_stdout (hashcat_ctx_t *hashcat_ctx, hc_device_param_t *device_param, plain_len = stop; - memcpy (plain_ptr + plain_len, pw, pw_len); + memcpy (plain_ptr + plain_len, pw, pw_idx->len); - plain_len += pw_len; + plain_len += pw_idx->len; if (plain_len > hashconfig->pw_max) plain_len = hashconfig->pw_max; out_push (&out, plain_ptr, plain_len); } + + pw_idx++; } }