search

openwall / john

John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs
https://www.openwall.com/john/
Other
10.22k stars 2.09k forks source link

Bump RULE_RANGES_MAX and add warning when limit is reached #2684

Open magnumripper opened 7 years ago

magnumripper commented 7 years ago

http://www.openwall.com/lists/john-users/2017/08/18/2

On Fri, Aug 18, 2017 at 03:09:36PM +0200, Virginie trinite wrote:
> I try to retrieve a password of mine, for which  I do not remember where I
> put the uppercase.
> I find this interesting rules, which do what I want but only for the first
> 14 characters, and my password is very long.
>
> [List.Rules:NT]
> l
> lMT[*0]T[*1]T[*2]T[*3]T[*4]T[*5]T[*6]T[*7]T[*8]T[*9]T[*A]T[*B]T[*C]T[*D]Q
>
> I try to extend it, but as soon as I arrive to G, it doesn't work anymore.
> As variable G has nothing specific, I wonder where is the problem
>
> [List.Rules:NT]
> l
> lMT[*0]T[*1]T[*2]T[*3]T[*4]T[*5]T[*6]T[*7]T[*8]T[*9]T[*A]T[*B]T[*C]T[*D]T[*E]T[*F]T[*G]Q
>
> It says Invalid rule in ./john.conf at line 631: Invalid position code

You're bumping into this limit in params.h:

/*
 * Maximum number of character ranges for rules.
 */
#define RULE_RANGES_MAX                 16

You can raise it and recompile.  And given your reasonable use case,
maybe we need to raise the default for this parameter, say, to 30.

Maybe we also need to report an error when this limit is hit, instead of
silently not performing the preprocessor expansion (which results in
confusing error messages from further processing, like you have seen).

Also related: JtR performs preprocessor expansion of the rules at
startup, to count the expanded rules (such as for progress reporting)
and validate their syntax.  With extreme use of the preprocessor like
this, JtR startup may be slow.  Too many expanded rules may also
overflow the integer variables (but your specific use is safe in this
respect, as long as you don't go beyond 30 preprocessor expansions).

Alexander
magnumripper commented 7 years ago

Now bumped. I didn't add an error yet though, not quite sure where to put it? Should be somewhere here:

$ git grep -C3 RULE_RANGES_MAX rpp.c
rpp.c-          if (!(c = *++input)) break;
rpp.c-          c1 = ctx->count ? '0' : '1';
rpp.c-          c2 = (ctx->count <= 9) ? '0' + ctx->count : '9';
rpp.c:          if (c >= c1 && c <= c2 && ctx->refs_count < RULE_RANGES_MAX) {
rpp.c-                  struct rpp_ref *ref = &ctx->refs[ctx->refs_count++];
rpp.c-                  ref->pos = (char *)output;
rpp.c-                  ref->range = (c == '0') ? ctx->count - 1 : c - '1';
rpp.c-          }
rpp.c-          input++;
rpp.c:          if (ctx->count < RULE_RANGES_MAX)
rpp.c-          switch (c) {
rpp.c-          case 'p':
rpp.c-                  if ((c2 = *input) == '[' || c2 == '\\') {
--
rpp.c-          break;
rpp.c-
rpp.c-  case '[':
rpp.c:          if (ctx->count >= RULE_RANGES_MAX) {
rpp.c-                  *output++ = *input++;
rpp.c-                  break;
rpp.c-          }