| ▲ | MaulingMonkey a day ago | |||||||||||||
> perhaps the downvoters can tell me why they are downvoting? Not one of the actual downvoters, but: Lack of proper indenting means your code as posted doesn't even compile. e.g. I presume there was a `char* p;` that had `*` removed as markdown. Untested AI slop code is gross. You've got two snippets doing more or less the same thing in two different styles... First one hand-copies strings character by character, has an incoherent explaination about what `pwbuf` actually is (comment says "root::", code actually has "root:k.:\n", but neither empty nor "k." are likely to be the hash that actually matches a password of 100 spaces plus `pwbuf` itself, which is presumably what `crypt(password)` would try to hash.) Second one is a little less gross, but the hardcoded `known_hash` is again almost certainly incorrect... and if by some miracle it was accurate, the random unicode embedded would cause source file encoding to suddenly become critical to compiling as intended, plus the `\0`s written to `*p` mean su.c would hit the `return;` here before even attempting to check the hash, assuming you're piping the output of these programs to su: | ||||||||||||||
| ▲ | avadodin a day ago | parent [-] | |||||||||||||
crypt is defined in assembly at s3 crypt.s and it would appear to use the same family of "cryptographic machine" as V6's crypt.c but it is even shorter and I can't tell if it has bounds checks or not — V6 limits output size to 512. edit: if hash output length is variable it may be impossible to find a solution and then a side channel timing attack is probably the best option. | ||||||||||||||
| ||||||||||||||