Wordlist mode check against last is wrong when external filter modifies word

openwall / john

John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs

https://www.openwall.com/john/

Other

10.37k stars 2.11k forks source link

Wordlist mode check against last is wrong when external filter modifies word #4999

Open solardiz opened 2 years ago

solardiz commented 2 years ago

A long-standing core bug: the wordlist/rules check against last word (poor man's de-duplication) isn't doing the right thing when an external mode filter modifies the word (the check compares post-filter vs. pre-filter). This appears non-trivial to fix while keeping the current last logic with two buffers coming from rules.c. Maybe something to avoid in a rewrite of that logic.

solardiz commented 2 years ago

Now that we have #4728, we might want to simply drop the hard-coded check(s) against last (and copying to last or swapping of two buffer pointers). On very fast hashes, these checks were possibly unjustified overhead, and on slower hashes they're redundant with the new suppressor.