Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 31697 Details for
Bug 51442
app-crypt/johntheripper mega patch ebuild. skey is broken
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for mysql support, corrected to apply after skey and ntlm
john-1.6-mysql.diff (text/plain), 8.71 KB, created by
Ghislain Bourgeois
on 2004-05-18 19:21:56 UTC
(
hide
)
Description:
Patch for mysql support, corrected to apply after skey and ntlm
Filename:
MIME Type:
Creator:
Ghislain Bourgeois
Created:
2004-05-18 19:21:56 UTC
Size:
8.71 KB
patch
obsolete
>diff -Naur john-1.6/src/MYSQL_fmt.c john-1.6-mysql/src/MYSQL_fmt.c >--- john-1.6/src/MYSQL_fmt.c 1969-12-31 19:00:00.000000000 -0500 >+++ john-1.6-mysql/src/MYSQL_fmt.c 2004-05-18 22:17:12.439919320 -0400 >@@ -0,0 +1,241 @@ >+//////////////////////////////////////////////////////////////// >+// MySQL password cracker - v1.0 - 16.1.2003 >+// >+// by Andrew Hintz <http://guh.nu> drew@overt.org >+// >+// This production has been brought to you by >+// 4tphi <http://4tphi.net> and violating <http://violating.us> >+// >+// This file is an add-on to John the Ripper <http://www.openwall.com/john/> >+// >+// Part of this code is based on the MySQL brute password cracker >+// mysqlpassword.c by Chris Given >+// This program executes about 75% faster than mysqlpassword.c >+// John the ripper also performs sophisticated password guessing. >+// >+// John the Ripper will expect the MySQL password file to be >+// in the following format (without the leading // ): >+// dumb_user:5d2e19393cc5ef67 >+// another_luser:28ff8d49159ffbaf >+ >+#include <string.h> >+#include <stdio.h> >+#include <stdlib.h> >+#include <math.h> >+ >+// johntr includes >+#include "arch.h" >+#include "misc.h" >+#include "formats.h" >+#include "common.h" >+ >+//johntr defines >+#define FORMAT_LABEL "mysql" >+#define FORMAT_NAME "mysql" >+#define ALGORITHM_NAME "mysql" >+ >+#define BENCHMARK_COMMENT "" >+#define BENCHMARK_LENGTH -1 >+ >+// Increase the PLAINTEXT_LENGTH value for longer passwords. >+// You can also set it to 8 when using MySQL systems that truncate >+// the password to only 8 characters. >+#define PLAINTEXT_LENGTH 32 >+ >+#define CIPHERTEXT_LENGTH 16 >+ >+#define BINARY_SIZE 16 >+#define SALT_SIZE 0 >+ >+#define MIN_KEYS_PER_CRYPT 1 >+#define MAX_KEYS_PER_CRYPT 1 >+ >+ >+//used for mysql scramble function >+struct rand_struct { >+ unsigned long seed1,seed2,max_value; >+ double max_value_dbl; >+}; >+ >+ >+void make_scrambled_password(char *,const char *); >+char *scramble(char *,const char *,const char *, int); >+ >+//test cases >+static struct fmt_tests mysql_tests[] = { >+ {"30f098972cc8924d", "http://guh.nu"}, >+ {"3fc56f6037218993", "Andrew Hintz"}, >+ {"697a7de87c5390b2", "drew"}, >+ {"1eb71cf460712b3e", "http://4tphi.net"}, >+ {"28ff8d49159ffbaf", "http://violating.us"}, >+ {"5d2e19393cc5ef67", "password"}, >+ {NULL} >+}; >+ >+ >+//stores the ciphertext for value currently being tested >+static char crypt_key[BINARY_SIZE+1]; >+ >+//used by set_key >+static char saved_key[PLAINTEXT_LENGTH + 1]; >+ >+static int mysql_valid(char *ciphertext) { //returns 0 for invalid ciphertexts >+ >+ int i; //used as counter in loop >+ >+ //ciphertext is 16 characters >+ if (strlen(ciphertext) != 16) return 0; >+ >+ //ciphertext is ASCII representation of hex digits >+ for (i = 0; i < 16; i++){ >+ if (!( ((48 <= ciphertext[i])&&(ciphertext[i] <= 57)) || >+ ((97 <= ciphertext[i])&&(ciphertext[i] <= 102)) )) >+ return 0; >+ } >+ >+ return 1; >+} >+ >+static void mysql_set_salt(void *salt) { } >+ >+static void mysql_set_key(char *key, int index) { >+ strnzcpy(saved_key, key, PLAINTEXT_LENGTH+1); >+} >+ >+static char *mysql_get_key(int index) { >+ return saved_key; >+} >+ >+static int mysql_cmp_all(void *binary, int index) { //also is mysql_cmp_one >+ return !memcmp(binary, crypt_key, BINARY_SIZE); >+} >+ >+static int mysql_cmp_exact(char *source, int count){ >+ return (1); // mysql_cmp_all fallthrough? >+} >+ >+static void mysql_crypt_all(int count) { >+ // get plaintext input in saved_key put it into ciphertext crypt_key >+ make_scrambled_password(crypt_key,saved_key); >+} >+ >+//////////////////////////////////////////////////////////////// >+//begin mysql code >+// This code was copied from mysqlpassword.c by Chris Given >+// He probably copied it from password.c in the MySQL source >+// The code is GPLed >+ >+void randominit(struct rand_struct *rand_st,ulong seed1, ulong seed2) { >+ rand_st->max_value= 0x3FFFFFFFL; >+ rand_st->max_value_dbl=(double) rand_st->max_value; >+ rand_st->seed1=seed1%rand_st->max_value ; >+ rand_st->seed2=seed2%rand_st->max_value; >+} >+static void old_randominit(struct rand_struct *rand_st,ulong seed1) { >+ rand_st->max_value= 0x01FFFFFFL; >+ rand_st->max_value_dbl=(double) rand_st->max_value; >+ seed1%=rand_st->max_value; >+ rand_st->seed1=seed1 ; rand_st->seed2=seed1/2; >+} >+double rnd(struct rand_struct *rand_st) { >+ rand_st->seed1=(rand_st->seed1*3+rand_st->seed2) % >+ rand_st->max_value; >+ rand_st->seed2=(rand_st->seed1+rand_st->seed2+33) % >+ rand_st->max_value; >+ return(((double) rand_st->seed1)/rand_st->max_value_dbl); >+} >+void hash_password(ulong *result, const char *password) { >+ register ulong nr=1345345333L, add=7, nr2=0x12345671L; >+ ulong tmp; >+ for (; *password ; password++) { >+ if (*password == ' ' || *password == '\t') >+ continue; >+ tmp= (ulong) (unsigned char) *password; >+ nr^= (((nr & 63)+add)*tmp)+ (nr << 8); >+ nr2+=(nr2 << 8) ^ nr; >+ add+=tmp; >+ } >+ result[0]=nr & (((ulong) 1L << 31) -1L); /* Don't use sign bit >+ (str2int) */; >+ result[1]=nr2 & (((ulong) 1L << 31) -1L); >+ return; >+} >+void make_scrambled_password(char *to,const char *password) { >+ ulong hash_res[2]; >+ hash_password(hash_res,password); >+ sprintf(to,"%08lx%08lx",hash_res[0],hash_res[1]); >+} >+static inline uint char_val(char X) { >+ return (uint) (X >= '0' && X <= '9' ? X-'0' : X >= 'A' && X <= 'Z' ? >+ X-'A'+10 : X-'a'+10); >+} >+char *scramble(char *to,const char *message,const char *password, int >+ old_ver) { >+ struct rand_struct rand_st; >+ ulong hash_pass[2],hash_message[2]; >+ if(password && password[0]) { >+ char *to_start=to; >+ hash_password(hash_pass,password); >+ hash_password(hash_message,message); >+ if (old_ver) >+ old_randominit(&rand_st,hash_pass[0] ^ >+ hash_message[0]); >+ else >+ randominit(&rand_st,hash_pass[0] ^ hash_message[0], >+ hash_pass[1] ^ hash_message[1]); >+ while (*message++) >+ *to++= (char) (floor(rnd(&rand_st)*31)+64); >+ if (!old_ver) { >+ char extra=(char) (floor(rnd(&rand_st)*31)); >+ while(to_start != to) >+ *(to_start++)^=extra; >+ } >+ } >+ *to=0; >+ return to; >+} >+ >+//end mysql code >+//////////////////////////////////////////////////////////////// >+ >+struct fmt_main fmt_MYSQL = { >+ { >+ FORMAT_LABEL, >+ FORMAT_NAME, >+ ALGORITHM_NAME, >+ BENCHMARK_COMMENT, >+ BENCHMARK_LENGTH, >+ PLAINTEXT_LENGTH, >+ BINARY_SIZE, >+ SALT_SIZE, >+ MIN_KEYS_PER_CRYPT, >+ MAX_KEYS_PER_CRYPT, >+ FMT_CASE | FMT_8_BIT, >+ mysql_tests >+ }, { >+ fmt_default_init, >+ mysql_valid, >+ fmt_default_split, >+ fmt_default_binary, >+ fmt_default_salt, >+ { >+ fmt_default_binary_hash, >+ fmt_default_binary_hash, >+ fmt_default_binary_hash >+ }, >+ fmt_default_salt_hash, >+ mysql_set_salt, >+ mysql_set_key, >+ mysql_get_key, >+ //fmt_default_clear_keys, >+ mysql_crypt_all, >+ { >+ fmt_default_get_hash, >+ fmt_default_get_hash, >+ fmt_default_get_hash >+ }, >+ mysql_cmp_all, >+ mysql_cmp_all, //should it be the same as cmp_all or same as cmp_exact? >+ mysql_cmp_exact //fallthrough >+ } >+}; >diff -Naur john-1.6/src/Makefile john-1.6-mysql/src/Makefile >--- john-1.6/src/Makefile 2004-05-18 22:11:00.896402520 -0400 >+++ john-1.6-mysql/src/Makefile 2004-05-18 22:12:15.337085816 -0400 >@@ -39,6 +39,7 @@ > SKEY_fmt.o \ > NT_fmt.o \ > md4.o smbencrypt.o \ >+ MYSQL_fmt.o \ > batch.o bench.o charset.o common.o compiler.o config.o cracker.o \ > external.o formats.o getopt.o idle.o inc.o john.o list.o loader.o \ > logger.o math.o memory.o misc.o options.o params.o path.o recovery.o \ >diff -Naur john-1.6/src/john.c john-1.6-mysql/src/john.c >--- john-1.6/src/john.c 2004-05-18 22:11:00.899402064 -0400 >+++ john-1.6-mysql/src/john.c 2004-05-18 22:13:15.189986792 -0400 >@@ -39,6 +39,7 @@ > extern struct fmt_main fmt_DES, fmt_BSDI, fmt_MD5, fmt_BF; > extern struct fmt_main fmt_AFS, fmt_LM, fmt_NT; > extern struct fmt_main fmt_SKEY; >+extern struct fmt_main fmt_MYSQL; > > extern int unshadow(int argc, char **argv); > extern int unafs(int argc, char **argv); >@@ -67,6 +68,7 @@ > john_register_one(&fmt_LM); > john_register_one(&fmt_SKEY); > john_register_one(&fmt_NT); >+ john_register_one(&fmt_MYSQL); > > if (!fmt_list) { > fprintf(stderr, "Unknown ciphertext format name requested\n"); >diff -Naur john-1.6/src/options.c john-1.6-mysql/src/options.c >--- john-1.6/src/options.c 2004-05-18 22:11:00.924398264 -0400 >+++ john-1.6-mysql/src/options.c 2004-05-18 22:13:43.950614512 -0400 >@@ -88,7 +88,7 @@ > "-shells:[-]SHELL[,..] load users with this (these) shell(s) only\n" \ > "-salts:[-]COUNT load salts with at least COUNT passwords only\n" \ > "-format:NAME force ciphertext format NAME " \ >- "(DES/BSDI/MD5/BF/AFS/LM/NT)\n" \ >+ "(DES/BSDI/MD5/BF/AFS/LM/NT/MYSQL)\n" \ > "-savemem:LEVEL enable memory saving, at LEVEL 1..3\n" > > void opt_init(int argc, char **argv)
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 51442
:
31694
|
31695
| 31697 |
31698
|
31726