Smipple is shutting down Nov 30, 2017. Some features are currently disabled.
Profile image for Reznick Schenkov Reznick
The existing code of BF_fmt.c uses a function, valid to check the bcrypt hash before it is loaded by JtR for hash cracking. However, there is no descriptive error message when these checks fail and the user is presented the message, "No password hashes loaded" if this function returns 0.

The code was modified to provide descriptive messages so that the user knows why the hash was not loaded by JtR.

c0d3inj3cT
Language
C
Tags
bcrypt

Modified Validation Function for Bcrypt hashes in BF_fmt.c

1 /* BF_fmt.c modified by c0d3inj3cT 2 * to give descriptive messages when a check fails 3 */ 4 5 static int valid(char *ciphertext) 6 { 7 int rounds; 8 char *pos; 9 10 if (strncmp(ciphertext, "$2a$", 4) && 11 strncmp(ciphertext, "$2x$", 4) && 12 strncmp(ciphertext, "$2y$", 4)) 13 { 14 printf("The first 4 characters should be either, $2a$ or $2x$ or $2y$\n"); 15 return 0; 16 } 17 18 if (ciphertext[4] < '0' || ciphertext[4] > '9') 19 { 20 printf("The digits in work factor should be between 0 and 9\n"); 21 return 0; 22 } 23 if (ciphertext[5] < '0' || ciphertext[5] > '9') 24 { 25 printf("The digits in work factor should be between 0 and 9\n"); 26 return 0; 27 } 28 rounds = atoi(ciphertext + 4); 29 if (rounds < 4 || rounds > 31) 30 { 31 printf("work factor should be in the range 4 to 31\n"); 32 return 0; 33 } 34 35 if (ciphertext[6] != '$') 36 { 37 printf("$ should be the separator character between work factor and the salt\n"); 38 for (pos = &ciphertext[7]; atoi64[ARCH_INDEX(*pos)] != 0x7F; pos++); 39 if (*pos || pos - ciphertext != CIPHERTEXT_LENGTH) 40 { 41 printf("character: %c\n",*pos); 42 printf("Length of bcrypt ciphertext should be 70\n"); 43 return 0; 44 } 45 46 if (BF_atoi64[ARCH_INDEX(*(pos - 1))] & 3) 47 { 48 printf("check 7 failed\n"); 49 return 0; 50 } 51 52 if (BF_atoi64[ARCH_INDEX(ciphertext[28])] & 0xF) 53 { 54 printf("Check the last character of the salt\n"); 55 return 0; 56 } 57 58 return 1; 59 }

Comments