Merge pull request #446 from usernamestaken/master

CRAM_MD5 throws salt length exception when the issue is in the hash

docs/changes.txt

@@ -4,6 +4,7 @@
 ## Improvements
 ##
 
+- Added mask display to modes 3, 6, and 7.  Allows the user to see the custom character set used during the run
 - Make Linux build POSIX compatible; Also allow it to actually compile on musl-libc systems
 - Add support to compile on FreeBSD
 - Make use of cl_context_properties[] to clCreateContext(), even if OpenCL specification allow the use of NULL, some runtimes fail without
@@ -26,6 +27,7 @@
 ## Bugs
 ##
 
+- Fixed a bug where CRAM MD5 checked salt length instead of hash length
 - Fixed a bug where hashcat is suppressing --machine-readable output in the final status update
 - Fixed a bug where hashcat did not check the return of realpath() and crashes uncontrolled if the path does not exist
 - Fixed a bug where hashcat crashes for accessing deallocated buffer if user spams "s" shortly before hashcat shuts down

include/types.h

@@ -1281,6 +1281,10 @@ typedef struct
   char   *veracrypt_keyfiles;
   uint    veracrypt_pim;
   uint    workload_profile;
+  char   *custom_charset_1;
+  char   *custom_charset_2;
+  char   *custom_charset_3;
+  char   *custom_charset_4;
 
   uint    hash_mode;
   uint    hash_type;

src/hashcat.c

@@ -1038,6 +1038,33 @@ void status_display ()
       }
 
       log_info ("Input.Mode.....: %s", tmp_buf);
+
+      if (data.custom_charset_1 || data.custom_charset_2 || data.custom_charset_3 || data.custom_charset_4)
+      {
+        char *custom_charset_1 = data.custom_charset_1;
+        char *custom_charset_2 = data.custom_charset_2;
+        char *custom_charset_3 = data.custom_charset_3;
+        char *custom_charset_4 = data.custom_charset_4;
+
+        if (custom_charset_1 == NULL)
+        {
+          custom_charset_1 = "Undefined";
+        }
+        if (custom_charset_2 == NULL)
+        {
+          custom_charset_2 = "Undefined";
+        }
+        if (custom_charset_3 == NULL)
+        {
+          custom_charset_3 = "Undefined";
+        }
+        if (custom_charset_4 == NULL)
+        {
+          custom_charset_4 = "Undefined";
+        }
+
+        log_info ("Custom.Chars...: -1 %s, -2 %s, -3 %s, -4 %s", custom_charset_1, custom_charset_2, custom_charset_3, custom_charset_4);
+      }
     }
 
     tmp_len = 0;
@@ -1046,11 +1073,63 @@ void status_display ()
   {
     if (data.dictfile != NULL) log_info ("Input.Left.....: File (%s)", data.dictfile);
     if (data.mask     != NULL) log_info ("Input.Right....: Mask (%s) [%i]", data.mask, data.css_cnt);
+    if (data.custom_charset_1 || data.custom_charset_2 || data.custom_charset_3 || data.custom_charset_4)
+    {
+      char *custom_charset_1 = data.custom_charset_1;
+      char *custom_charset_2 = data.custom_charset_2;
+      char *custom_charset_3 = data.custom_charset_3;
+      char *custom_charset_4 = data.custom_charset_4;
+
+      if (custom_charset_1 == NULL)
+      {
+        custom_charset_1 = "Undefined";
+      }
+      if (custom_charset_2 == NULL)
+      {
+        custom_charset_2 = "Undefined";
+      }
+      if (custom_charset_3 == NULL)
+      {
+        custom_charset_3 = "Undefined";
+      }
+      if (custom_charset_4 == NULL)
+      {
+        custom_charset_4 = "Undefined";
+      }
+
+      log_info ("Custom.Chars...: -1 %s, -2 %s, -3 %s, -4 %s", custom_charset_1, custom_charset_2, custom_charset_3, custom_charset_4);
+    }
   }
   else if (data.attack_mode == ATTACK_MODE_HYBRID2)
   {
     if (data.mask     != NULL) log_info ("Input.Left.....: Mask (%s) [%i]", data.mask, data.css_cnt);
     if (data.dictfile != NULL) log_info ("Input.Right....: File (%s)", data.dictfile);
+    if (data.custom_charset_1 || data.custom_charset_2 || data.custom_charset_3 || data.custom_charset_4)
+    {
+      char *custom_charset_1 = data.custom_charset_1;
+      char *custom_charset_2 = data.custom_charset_2;
+      char *custom_charset_3 = data.custom_charset_3;
+      char *custom_charset_4 = data.custom_charset_4;
+
+      if (custom_charset_1 == NULL)
+      {
+        custom_charset_1 = "Undefined";
+      }
+      if (custom_charset_2 == NULL)
+      {
+        custom_charset_2 = "Undefined";
+      }
+      if (custom_charset_3 == NULL)
+      {
+        custom_charset_3 = "Undefined";
+      }
+      if (custom_charset_4 == NULL)
+      {
+        custom_charset_4 = "Undefined";
+      }
+      
+      log_info ("Custom.Chars...: -1 %s, -2 %s, -3 %s, -4 %s", custom_charset_1, custom_charset_2, custom_charset_3, custom_charset_4);
+    }
   }
 
   if (data.digests_cnt == 1)
@@ -7551,6 +7630,10 @@ int main (int argc, char **argv)
   data.benchmark               = benchmark;
   data.skip                    = skip;
   data.limit                   = limit;
+  data.custom_charset_1        = custom_charset_1;
+  data.custom_charset_2        = custom_charset_2;
+  data.custom_charset_3        = custom_charset_3;
+  data.custom_charset_4        = custom_charset_4;
   #ifdef HAVE_HWMON
   data.powertune_enable        = powertune_enable;
   #endif

src/shared.c

@@ -16981,7 +16981,7 @@ int crammd5_parse_hash (char *input_buf, uint input_len, hash_t *hash_buf)
 
   hash_len = base64_decode (base64_to_int, (const u8 *) hash_pos, hash_len, tmp_buf);
 
-  if (hash_len < 32 + 1) return (PARSER_SALT_LENGTH);
+  if (hash_len < 32 + 1) return (PARSER_HASH_LENGTH);
 
   uint user_len = hash_len - 32;