uint salt_len = strlen (in.essid);
+ if (salt_len > 36)
+ {
+ log_info ("WARNING: the length of the ESSID is too long. The hccap file may be invalid or corrupted");
+
+ return (PARSER_SALT_LENGTH);
+ }
+
memcpy (salt->salt_buf, in.essid, salt_len);
salt->salt_len = salt_len;
int md5crypt_parse_hash (char *input_buf, uint input_len, hash_t *hash_buf)
{
+ if (input_len < DISPLAY_LEN_MIN_500) return (PARSER_GLOBAL_LENGTH);
+
if (memcmp (SIGNATURE_MD5CRYPT, input_buf, 3)) return (PARSER_SIGNATURE_UNMATCHED);
u32 *digest = (u32 *) hash_buf->digest;
salt->salt_iter = ROUNDS_MD5CRYPT;
}
- if ((input_len < DISPLAY_LEN_MIN_500) || (input_len > (DISPLAY_LEN_MAX_500 + iterations_len))) return (PARSER_GLOBAL_LENGTH);
+ if (input_len > (DISPLAY_LEN_MAX_500 + iterations_len)) return (PARSER_GLOBAL_LENGTH);
char *hash_pos = strchr (salt_pos, '$');
char *hash_pos = strchr (srvchall_pos, ':');
- if (srvchall_pos == NULL) return (PARSER_SEPARATOR_UNMATCHED);
+ if (hash_pos == NULL) return (PARSER_SEPARATOR_UNMATCHED);
uint srvchall_len = hash_pos - srvchall_pos;
char *hash_pos = strchr (srvchall_pos, ':');
- if (srvchall_pos == NULL) return (PARSER_SEPARATOR_UNMATCHED);
+ if (hash_pos == NULL) return (PARSER_SEPARATOR_UNMATCHED);
uint srvchall_len = hash_pos - srvchall_pos;
int tmp_len = base64_decode (base64_to_int, (const u8 *) input_buf + 6, input_len - 6, tmp_buf);
+ if (tmp_len < 20) return (PARSER_HASH_LENGTH);
+
memcpy (digest, tmp_buf, 20);
- salt->salt_len = tmp_len - 20;
+ int salt_len = tmp_len - 20;
+
+ if (salt_len < 0) return (PARSER_SALT_LENGTH);
+
+ salt->salt_len = salt_len;
memcpy (salt->salt_buf, tmp_buf + 20, salt->salt_len);
in_off[0] = strtok (input_buf, ":");
+ if (in_off[0] == NULL) return (PARSER_SEPARATOR_UNMATCHED);
+
in_len[0] = strlen (in_off[0]);
size_t i;
in_off[0] = strtok (input_buf, ":");
+ if (in_off[0] == NULL) return (PARSER_SEPARATOR_UNMATCHED);
+
in_len[0] = strlen (in_off[0]);
size_t i;
int tmp_len = base64_decode (base64_to_int, (const u8 *) input_buf + 9, input_len - 9, tmp_buf);
+ if (tmp_len < 64) return (PARSER_HASH_LENGTH);
+
memcpy (digest, tmp_buf, 64);
digest[0] = byte_swap_64 (digest[0]);
digest[6] -= SHA512M_G;
digest[7] -= SHA512M_H;
- salt->salt_len = tmp_len - 64;
+ int salt_len = tmp_len - 64;
+
+ if (salt_len < 0) return (PARSER_SALT_LENGTH);
+
+ salt->salt_len = salt_len;
memcpy (salt->salt_buf, tmp_buf + 64, salt->salt_len);
u32 *digest = (u32 *) hash_buf->digest;
+ salt_t *salt = hash_buf->salt;
+
u8 tmp_buf[100] = { 0 };
base64_decode (base64_to_int, (const u8 *) input_buf, input_len, tmp_buf);
digest[3] -= SHA1M_D;
digest[4] -= SHA1M_E;
+ salt->salt_buf[0] = 0x80;
+
+ salt->salt_len = 0;
+
return (PARSER_OK);
}