arno/hashcat
1
0
Fork 0
mirror of https://github.com/hashcat/hashcat.git synced 2024-11-26 01:50:10 +00:00
Code Issues Releases Wiki Activity

Fixed invalid use of --hex-wordlist if encoded wordlist string is larger than length 256

Browse Source
This commit is contained in:
Jens Steube 2019-10-08 12:33:11 +02:00
parent b197610811
commit a0284b8378
4 changed files with 23 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
docs/changes.txt
View File

@ -67,6 +67,7 @@
- Fixed incorrect progress-only result in a special race condition
- Fixed invalid call of mp_css_utf16le_expand()/mp_css_utf16be_expand() in a slow-candidate session
- Fixed invalid password truncation in attack-mode 1 if final password is longer than 32 character
- Fixed invalid use of --hex-wordlist if encoded wordlist string is larger than length 256
- Fixed maximum password length limit which was announced as 256 but actually was 255
- Fixed output of IKE PSK (mode 5300 and 5400) hashes to have separators at right position
- Fixed output password of "e" rule in pure and cpu rule engine if separator character is also the first letter

2
src/dispatch.c
View File

@ -1390,8 +1390,6 @@ static int calc (hashcat_ctx_t *hashcat_ctx, hc_device_param_t *device_param)
{
get_next_word (hashcat_ctx_tmp, &fp, &line_buf, &line_len);
line_len = (u32) convert_from_hex (hashcat_ctx, line_buf, line_len);
// post-process rule engine
if (run_rule_engine ((int) user_options_extra->rule_len_l, user_options->rule_buf_l))

15
src/slow_candidates.c
View File

@ -125,6 +125,8 @@ void slow_candidates_seek (hashcat_ctx_t *hashcat_ctx, void *extra_info, const u
{
line_len = (u32) fgetl (combs_fp, line_buf, HCBUFSIZ_LARGE);
line_len = convert_from_hex (hashcat_ctx, line_buf, line_len);
// post-process rule engine
if (run_rule_engine ((int) user_options_extra->rule_len_l, user_options->rule_buf_l))
@ -180,8 +182,6 @@ void slow_candidates_next (hashcat_ctx_t *hashcat_ctx, void *extra_info)
get_next_word (hashcat_ctx, fp, &line_buf, &line_len);
line_len = (u32) convert_from_hex (hashcat_ctx, line_buf, line_len);
// post-process rule engine
char rule_buf_out[RP_PASSWORD_SIZE];
@ -250,21 +250,22 @@ void slow_candidates_next (hashcat_ctx_t *hashcat_ctx, void *extra_info)
{
get_next_word (hashcat_ctx, base_fp, &line_buf, &line_len);
line_len = (u32) convert_from_hex (hashcat_ctx, line_buf, line_len);
// post-process rule engine
char rule_buf_out[RP_PASSWORD_SIZE];
if (run_rule_engine ((int) user_options_extra->rule_len_l, user_options->rule_buf_l))
{
if (line_len >= RP_PASSWORD_SIZE) continue;
char rule_buf_out[RP_PASSWORD_SIZE];
memset (rule_buf_out, 0, sizeof (rule_buf_out));
const int rule_len_out = _old_apply_rule (user_options->rule_buf_l, (int) user_options_extra->rule_len_l, line_buf, (int) line_len, rule_buf_out);
if (rule_len_out < 0) continue;
line_buf = rule_buf_out;
line_len = (u32) rule_len_out;
}
break;
@ -288,6 +289,8 @@ void slow_candidates_next (hashcat_ctx_t *hashcat_ctx, void *extra_info)
{
line_len = (u32) fgetl (combs_fp, line_buf, HCBUFSIZ_LARGE);
line_len = convert_from_hex (hashcat_ctx, line_buf, line_len);
// post-process rule engine
if (run_rule_engine ((int) user_options_extra->rule_len_r, user_options->rule_buf_r))

13
src/wordlist.c
View File

@ -187,7 +187,13 @@ void get_next_word (hashcat_ctx_t *hashcat_ctx, HCFILE *fp, char **out_buf, u32
wl_data->pos += off;
// do the on-the-fly hex decode using original buffer
// this is safe as length only decreases in size
len = (u32) convert_from_hex (hashcat_ctx, ptr, len);
// do the on-the-fly encoding
// needs to write into new buffer because size case both decrease and increase
if (wl_data->iconv_enabled == true)
{
@ -204,6 +210,8 @@ void get_next_word (hashcat_ctx_t *hashcat_ctx, HCFILE *fp, char **out_buf, u32
len = HCBUFSIZ_TINY - iconv_sz;
}
// this is only a test for length, not writing into output buffer
if (run_rule_engine (user_options_extra->rule_len_l, user_options->rule_buf_l))
{
if (len >= RP_PASSWORD_SIZE) continue;
@ -444,6 +452,11 @@ int count_words (hashcat_ctx_t *hashcat_ctx, HCFILE *fp, const char *dictfile, u
i += off;
// do the on-the-fly hex decode using original buffer
// this is safe as length only decreases in size
len = (u32) convert_from_hex (hashcat_ctx, ptr, len);
// do the on-the-fly encoding
if (wl_data->iconv_enabled == true)