1/* 2 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 3 * Use is subject to license terms. 4 */ 5 6/* 7 * This program is copyright Alec Muffett 1993. The author disclaims all 8 * responsibility or liability with respect to it's usage or its effect 9 * upon hardware or computer systems, and maintains copyright as set out 10 * in the "LICENCE" document which accompanies distributions of Crack v4.0 11 * and upwards. 12 */ 13 14#include "packer.h" 15 16 17static char *r_destructors[] = { 18 ":", /* noop - must do this to test raw word. */ 19 "[", /* trimming leading/trailing junk */ 20 "]", 21 "[[", 22 "]]", 23 "[[[", 24 "]]]", 25 26 "/?p@?p", /* purging out punctuation/symbols/junk */ 27 "/?s@?s", 28 "/?X@?X", 29 /* attempt reverse engineering of password strings */ 30 "/$s$s", 31 "/$s$s/0s0o", 32 "/$s$s/0s0o/2s2a", 33 "/$s$s/0s0o/2s2a/3s3e", 34 "/$s$s/0s0o/2s2a/3s3e/5s5s", 35 "/$s$s/0s0o/2s2a/3s3e/5s5s/1s1i", 36 "/$s$s/0s0o/2s2a/3s3e/5s5s/1s1l", 37 "/$s$s/0s0o/2s2a/3s3e/5s5s/1s1i/4s4a", 38 "/$s$s/0s0o/2s2a/3s3e/5s5s/1s1i/4s4h", 39 "/$s$s/0s0o/2s2a/3s3e/5s5s/1s1l/4s4a", 40 "/$s$s/0s0o/2s2a/3s3e/5s5s/1s1l/4s4h", 41 "/$s$s/0s0o/2s2a/3s3e/5s5s/4s4a", 42 "/$s$s/0s0o/2s2a/3s3e/5s5s/4s4h", 43 "/$s$s/0s0o/2s2a/3s3e/5s5s/4s4a", 44 "/$s$s/0s0o/2s2a/3s3e/5s5s/4s4h", 45 "/$s$s/0s0o/2s2a/3s3e/1s1i", 46 "/$s$s/0s0o/2s2a/3s3e/1s1l", 47 "/$s$s/0s0o/2s2a/3s3e/1s1i/4s4a", 48 "/$s$s/0s0o/2s2a/3s3e/1s1i/4s4h", 49 "/$s$s/0s0o/2s2a/3s3e/1s1l/4s4a", 50 "/$s$s/0s0o/2s2a/3s3e/1s1l/4s4h", 51 "/$s$s/0s0o/2s2a/3s3e/4s4a", 52 "/$s$s/0s0o/2s2a/3s3e/4s4h", 53 "/$s$s/0s0o/2s2a/3s3e/4s4a", 54 "/$s$s/0s0o/2s2a/3s3e/4s4h", 55 "/$s$s/0s0o/2s2a/5s5s", 56 "/$s$s/0s0o/2s2a/5s5s/1s1i", 57 "/$s$s/0s0o/2s2a/5s5s/1s1l", 58 "/$s$s/0s0o/2s2a/5s5s/1s1i/4s4a", 59 "/$s$s/0s0o/2s2a/5s5s/1s1i/4s4h", 60 "/$s$s/0s0o/2s2a/5s5s/1s1l/4s4a", 61 "/$s$s/0s0o/2s2a/5s5s/1s1l/4s4h", 62 "/$s$s/0s0o/2s2a/5s5s/4s4a", 63 "/$s$s/0s0o/2s2a/5s5s/4s4h", 64 "/$s$s/0s0o/2s2a/5s5s/4s4a", 65 "/$s$s/0s0o/2s2a/5s5s/4s4h", 66 "/$s$s/0s0o/2s2a/1s1i", 67 "/$s$s/0s0o/2s2a/1s1l", 68 "/$s$s/0s0o/2s2a/1s1i/4s4a", 69 "/$s$s/0s0o/2s2a/1s1i/4s4h", 70 "/$s$s/0s0o/2s2a/1s1l/4s4a", 71 "/$s$s/0s0o/2s2a/1s1l/4s4h", 72 "/$s$s/0s0o/2s2a/4s4a", 73 "/$s$s/0s0o/2s2a/4s4h", 74 "/$s$s/0s0o/2s2a/4s4a", 75 "/$s$s/0s0o/2s2a/4s4h", 76 "/$s$s/0s0o/3s3e", 77 "/$s$s/0s0o/3s3e/5s5s", 78 "/$s$s/0s0o/3s3e/5s5s/1s1i", 79 "/$s$s/0s0o/3s3e/5s5s/1s1l", 80 "/$s$s/0s0o/3s3e/5s5s/1s1i/4s4a", 81 "/$s$s/0s0o/3s3e/5s5s/1s1i/4s4h", 82 "/$s$s/0s0o/3s3e/5s5s/1s1l/4s4a", 83 "/$s$s/0s0o/3s3e/5s5s/1s1l/4s4h", 84 "/$s$s/0s0o/3s3e/5s5s/4s4a", 85 "/$s$s/0s0o/3s3e/5s5s/4s4h", 86 "/$s$s/0s0o/3s3e/5s5s/4s4a", 87 "/$s$s/0s0o/3s3e/5s5s/4s4h", 88 "/$s$s/0s0o/3s3e/1s1i", 89 "/$s$s/0s0o/3s3e/1s1l", 90 "/$s$s/0s0o/3s3e/1s1i/4s4a", 91 "/$s$s/0s0o/3s3e/1s1i/4s4h", 92 "/$s$s/0s0o/3s3e/1s1l/4s4a", 93 "/$s$s/0s0o/3s3e/1s1l/4s4h", 94 "/$s$s/0s0o/3s3e/4s4a", 95 "/$s$s/0s0o/3s3e/4s4h", 96 "/$s$s/0s0o/3s3e/4s4a", 97 "/$s$s/0s0o/3s3e/4s4h", 98 "/$s$s/0s0o/5s5s", 99 "/$s$s/0s0o/5s5s/1s1i", 100 "/$s$s/0s0o/5s5s/1s1l", 101 "/$s$s/0s0o/5s5s/1s1i/4s4a", 102 "/$s$s/0s0o/5s5s/1s1i/4s4h", 103 "/$s$s/0s0o/5s5s/1s1l/4s4a", 104 "/$s$s/0s0o/5s5s/1s1l/4s4h", 105 "/$s$s/0s0o/5s5s/4s4a", 106 "/$s$s/0s0o/5s5s/4s4h", 107 "/$s$s/0s0o/5s5s/4s4a", 108 "/$s$s/0s0o/5s5s/4s4h", 109 "/$s$s/0s0o/1s1i", 110 "/$s$s/0s0o/1s1l", 111 "/$s$s/0s0o/1s1i/4s4a", 112 "/$s$s/0s0o/1s1i/4s4h", 113 "/$s$s/0s0o/1s1l/4s4a", 114 "/$s$s/0s0o/1s1l/4s4h", 115 "/$s$s/0s0o/4s4a", 116 "/$s$s/0s0o/4s4h", 117 "/$s$s/0s0o/4s4a", 118 "/$s$s/0s0o/4s4h", 119 "/$s$s/2s2a", 120 "/$s$s/2s2a/3s3e", 121 "/$s$s/2s2a/3s3e/5s5s", 122 "/$s$s/2s2a/3s3e/5s5s/1s1i", 123 "/$s$s/2s2a/3s3e/5s5s/1s1l", 124 "/$s$s/2s2a/3s3e/5s5s/1s1i/4s4a", 125 "/$s$s/2s2a/3s3e/5s5s/1s1i/4s4h", 126 "/$s$s/2s2a/3s3e/5s5s/1s1l/4s4a", 127 "/$s$s/2s2a/3s3e/5s5s/1s1l/4s4h", 128 "/$s$s/2s2a/3s3e/5s5s/4s4a", 129 "/$s$s/2s2a/3s3e/5s5s/4s4h", 130 "/$s$s/2s2a/3s3e/5s5s/4s4a", 131 "/$s$s/2s2a/3s3e/5s5s/4s4h", 132 "/$s$s/2s2a/3s3e/1s1i", 133 "/$s$s/2s2a/3s3e/1s1l", 134 "/$s$s/2s2a/3s3e/1s1i/4s4a", 135 "/$s$s/2s2a/3s3e/1s1i/4s4h", 136 "/$s$s/2s2a/3s3e/1s1l/4s4a", 137 "/$s$s/2s2a/3s3e/1s1l/4s4h", 138 "/$s$s/2s2a/3s3e/4s4a", 139 "/$s$s/2s2a/3s3e/4s4h", 140 "/$s$s/2s2a/3s3e/4s4a", 141 "/$s$s/2s2a/3s3e/4s4h", 142 "/$s$s/2s2a/5s5s", 143 "/$s$s/2s2a/5s5s/1s1i", 144 "/$s$s/2s2a/5s5s/1s1l", 145 "/$s$s/2s2a/5s5s/1s1i/4s4a", 146 "/$s$s/2s2a/5s5s/1s1i/4s4h", 147 "/$s$s/2s2a/5s5s/1s1l/4s4a", 148 "/$s$s/2s2a/5s5s/1s1l/4s4h", 149 "/$s$s/2s2a/5s5s/4s4a", 150 "/$s$s/2s2a/5s5s/4s4h", 151 "/$s$s/2s2a/5s5s/4s4a", 152 "/$s$s/2s2a/5s5s/4s4h", 153 "/$s$s/2s2a/1s1i", 154 "/$s$s/2s2a/1s1l", 155 "/$s$s/2s2a/1s1i/4s4a", 156 "/$s$s/2s2a/1s1i/4s4h", 157 "/$s$s/2s2a/1s1l/4s4a", 158 "/$s$s/2s2a/1s1l/4s4h", 159 "/$s$s/2s2a/4s4a", 160 "/$s$s/2s2a/4s4h", 161 "/$s$s/2s2a/4s4a", 162 "/$s$s/2s2a/4s4h", 163 "/$s$s/3s3e", 164 "/$s$s/3s3e/5s5s", 165 "/$s$s/3s3e/5s5s/1s1i", 166 "/$s$s/3s3e/5s5s/1s1l", 167 "/$s$s/3s3e/5s5s/1s1i/4s4a", 168 "/$s$s/3s3e/5s5s/1s1i/4s4h", 169 "/$s$s/3s3e/5s5s/1s1l/4s4a", 170 "/$s$s/3s3e/5s5s/1s1l/4s4h", 171 "/$s$s/3s3e/5s5s/4s4a", 172 "/$s$s/3s3e/5s5s/4s4h", 173 "/$s$s/3s3e/5s5s/4s4a", 174 "/$s$s/3s3e/5s5s/4s4h", 175 "/$s$s/3s3e/1s1i", 176 "/$s$s/3s3e/1s1l", 177 "/$s$s/3s3e/1s1i/4s4a", 178 "/$s$s/3s3e/1s1i/4s4h", 179 "/$s$s/3s3e/1s1l/4s4a", 180 "/$s$s/3s3e/1s1l/4s4h", 181 "/$s$s/3s3e/4s4a", 182 "/$s$s/3s3e/4s4h", 183 "/$s$s/3s3e/4s4a", 184 "/$s$s/3s3e/4s4h", 185 "/$s$s/5s5s", 186 "/$s$s/5s5s/1s1i", 187 "/$s$s/5s5s/1s1l", 188 "/$s$s/5s5s/1s1i/4s4a", 189 "/$s$s/5s5s/1s1i/4s4h", 190 "/$s$s/5s5s/1s1l/4s4a", 191 "/$s$s/5s5s/1s1l/4s4h", 192 "/$s$s/5s5s/4s4a", 193 "/$s$s/5s5s/4s4h", 194 "/$s$s/5s5s/4s4a", 195 "/$s$s/5s5s/4s4h", 196 "/$s$s/1s1i", 197 "/$s$s/1s1l", 198 "/$s$s/1s1i/4s4a", 199 "/$s$s/1s1i/4s4h", 200 "/$s$s/1s1l/4s4a", 201 "/$s$s/1s1l/4s4h", 202 "/$s$s/4s4a", 203 "/$s$s/4s4h", 204 "/$s$s/4s4a", 205 "/$s$s/4s4h", 206 "/0s0o", 207 "/0s0o/2s2a", 208 "/0s0o/2s2a/3s3e", 209 "/0s0o/2s2a/3s3e/5s5s", 210 "/0s0o/2s2a/3s3e/5s5s/1s1i", 211 "/0s0o/2s2a/3s3e/5s5s/1s1l", 212 "/0s0o/2s2a/3s3e/5s5s/1s1i/4s4a", 213 "/0s0o/2s2a/3s3e/5s5s/1s1i/4s4h", 214 "/0s0o/2s2a/3s3e/5s5s/1s1l/4s4a", 215 "/0s0o/2s2a/3s3e/5s5s/1s1l/4s4h", 216 "/0s0o/2s2a/3s3e/5s5s/4s4a", 217 "/0s0o/2s2a/3s3e/5s5s/4s4h", 218 "/0s0o/2s2a/3s3e/5s5s/4s4a", 219 "/0s0o/2s2a/3s3e/5s5s/4s4h", 220 "/0s0o/2s2a/3s3e/1s1i", 221 "/0s0o/2s2a/3s3e/1s1l", 222 "/0s0o/2s2a/3s3e/1s1i/4s4a", 223 "/0s0o/2s2a/3s3e/1s1i/4s4h", 224 "/0s0o/2s2a/3s3e/1s1l/4s4a", 225 "/0s0o/2s2a/3s3e/1s1l/4s4h", 226 "/0s0o/2s2a/3s3e/4s4a", 227 "/0s0o/2s2a/3s3e/4s4h", 228 "/0s0o/2s2a/3s3e/4s4a", 229 "/0s0o/2s2a/3s3e/4s4h", 230 "/0s0o/2s2a/5s5s", 231 "/0s0o/2s2a/5s5s/1s1i", 232 "/0s0o/2s2a/5s5s/1s1l", 233 "/0s0o/2s2a/5s5s/1s1i/4s4a", 234 "/0s0o/2s2a/5s5s/1s1i/4s4h", 235 "/0s0o/2s2a/5s5s/1s1l/4s4a", 236 "/0s0o/2s2a/5s5s/1s1l/4s4h", 237 "/0s0o/2s2a/5s5s/4s4a", 238 "/0s0o/2s2a/5s5s/4s4h", 239 "/0s0o/2s2a/5s5s/4s4a", 240 "/0s0o/2s2a/5s5s/4s4h", 241 "/0s0o/2s2a/1s1i", 242 "/0s0o/2s2a/1s1l", 243 "/0s0o/2s2a/1s1i/4s4a", 244 "/0s0o/2s2a/1s1i/4s4h", 245 "/0s0o/2s2a/1s1l/4s4a", 246 "/0s0o/2s2a/1s1l/4s4h", 247 "/0s0o/2s2a/4s4a", 248 "/0s0o/2s2a/4s4h", 249 "/0s0o/2s2a/4s4a", 250 "/0s0o/2s2a/4s4h", 251 "/0s0o/3s3e", 252 "/0s0o/3s3e/5s5s", 253 "/0s0o/3s3e/5s5s/1s1i", 254 "/0s0o/3s3e/5s5s/1s1l", 255 "/0s0o/3s3e/5s5s/1s1i/4s4a", 256 "/0s0o/3s3e/5s5s/1s1i/4s4h", 257 "/0s0o/3s3e/5s5s/1s1l/4s4a", 258 "/0s0o/3s3e/5s5s/1s1l/4s4h", 259 "/0s0o/3s3e/5s5s/4s4a", 260 "/0s0o/3s3e/5s5s/4s4h", 261 "/0s0o/3s3e/5s5s/4s4a", 262 "/0s0o/3s3e/5s5s/4s4h", 263 "/0s0o/3s3e/1s1i", 264 "/0s0o/3s3e/1s1l", 265 "/0s0o/3s3e/1s1i/4s4a", 266 "/0s0o/3s3e/1s1i/4s4h", 267 "/0s0o/3s3e/1s1l/4s4a", 268 "/0s0o/3s3e/1s1l/4s4h", 269 "/0s0o/3s3e/4s4a", 270 "/0s0o/3s3e/4s4h", 271 "/0s0o/3s3e/4s4a", 272 "/0s0o/3s3e/4s4h", 273 "/0s0o/5s5s", 274 "/0s0o/5s5s/1s1i", 275 "/0s0o/5s5s/1s1l", 276 "/0s0o/5s5s/1s1i/4s4a", 277 "/0s0o/5s5s/1s1i/4s4h", 278 "/0s0o/5s5s/1s1l/4s4a", 279 "/0s0o/5s5s/1s1l/4s4h", 280 "/0s0o/5s5s/4s4a", 281 "/0s0o/5s5s/4s4h", 282 "/0s0o/5s5s/4s4a", 283 "/0s0o/5s5s/4s4h", 284 "/0s0o/1s1i", 285 "/0s0o/1s1l", 286 "/0s0o/1s1i/4s4a", 287 "/0s0o/1s1i/4s4h", 288 "/0s0o/1s1l/4s4a", 289 "/0s0o/1s1l/4s4h", 290 "/0s0o/4s4a", 291 "/0s0o/4s4h", 292 "/0s0o/4s4a", 293 "/0s0o/4s4h", 294 "/2s2a", 295 "/2s2a/3s3e", 296 "/2s2a/3s3e/5s5s", 297 "/2s2a/3s3e/5s5s/1s1i", 298 "/2s2a/3s3e/5s5s/1s1l", 299 "/2s2a/3s3e/5s5s/1s1i/4s4a", 300 "/2s2a/3s3e/5s5s/1s1i/4s4h", 301 "/2s2a/3s3e/5s5s/1s1l/4s4a", 302 "/2s2a/3s3e/5s5s/1s1l/4s4h", 303 "/2s2a/3s3e/5s5s/4s4a", 304 "/2s2a/3s3e/5s5s/4s4h", 305 "/2s2a/3s3e/5s5s/4s4a", 306 "/2s2a/3s3e/5s5s/4s4h", 307 "/2s2a/3s3e/1s1i", 308 "/2s2a/3s3e/1s1l", 309 "/2s2a/3s3e/1s1i/4s4a", 310 "/2s2a/3s3e/1s1i/4s4h", 311 "/2s2a/3s3e/1s1l/4s4a", 312 "/2s2a/3s3e/1s1l/4s4h", 313 "/2s2a/3s3e/4s4a", 314 "/2s2a/3s3e/4s4h", 315 "/2s2a/3s3e/4s4a", 316 "/2s2a/3s3e/4s4h", 317 "/2s2a/5s5s", 318 "/2s2a/5s5s/1s1i", 319 "/2s2a/5s5s/1s1l", 320 "/2s2a/5s5s/1s1i/4s4a", 321 "/2s2a/5s5s/1s1i/4s4h", 322 "/2s2a/5s5s/1s1l/4s4a", 323 "/2s2a/5s5s/1s1l/4s4h", 324 "/2s2a/5s5s/4s4a", 325 "/2s2a/5s5s/4s4h", 326 "/2s2a/5s5s/4s4a", 327 "/2s2a/5s5s/4s4h", 328 "/2s2a/1s1i", 329 "/2s2a/1s1l", 330 "/2s2a/1s1i/4s4a", 331 "/2s2a/1s1i/4s4h", 332 "/2s2a/1s1l/4s4a", 333 "/2s2a/1s1l/4s4h", 334 "/2s2a/4s4a", 335 "/2s2a/4s4h", 336 "/2s2a/4s4a", 337 "/2s2a/4s4h", 338 "/3s3e", 339 "/3s3e/5s5s", 340 "/3s3e/5s5s/1s1i", 341 "/3s3e/5s5s/1s1l", 342 "/3s3e/5s5s/1s1i/4s4a", 343 "/3s3e/5s5s/1s1i/4s4h", 344 "/3s3e/5s5s/1s1l/4s4a", 345 "/3s3e/5s5s/1s1l/4s4h", 346 "/3s3e/5s5s/4s4a", 347 "/3s3e/5s5s/4s4h", 348 "/3s3e/5s5s/4s4a", 349 "/3s3e/5s5s/4s4h", 350 "/3s3e/1s1i", 351 "/3s3e/1s1l", 352 "/3s3e/1s1i/4s4a", 353 "/3s3e/1s1i/4s4h", 354 "/3s3e/1s1l/4s4a", 355 "/3s3e/1s1l/4s4h", 356 "/3s3e/4s4a", 357 "/3s3e/4s4h", 358 "/3s3e/4s4a", 359 "/3s3e/4s4h", 360 "/5s5s", 361 "/5s5s/1s1i", 362 "/5s5s/1s1l", 363 "/5s5s/1s1i/4s4a", 364 "/5s5s/1s1i/4s4h", 365 "/5s5s/1s1l/4s4a", 366 "/5s5s/1s1l/4s4h", 367 "/5s5s/4s4a", 368 "/5s5s/4s4h", 369 "/5s5s/4s4a", 370 "/5s5s/4s4h", 371 "/1s1i", 372 "/1s1l", 373 "/1s1i/4s4a", 374 "/1s1i/4s4h", 375 "/1s1l/4s4a", 376 "/1s1l/4s4h", 377 "/4s4a", 378 "/4s4h", 379 "/4s4a", 380 "/4s4h", 381 /* done */ 382 (char *)0 383}; 384 385 386int 387FascistLook(PWDICT *pwp, char *instring) 388{ 389 int i; 390 char *password; 391 uint32_t notfound; 392 char rpassword[PATH_MAX]; 393 394 notfound = PW_WORDS(pwp); 395 396 (void) strlcpy(rpassword, instring, TRUNCSTRINGSIZE); 397 password = rpassword; 398 399 (void) strcpy(password, Lowercase(password)); 400 (void) Trim(password); 401 402 /* 403 * it should be safe to use Mangle with its reliance on PATH_SIZE 404 * since password cannot be longer than TRUNCSTRINGSIZE; 405 * nonetheless this is not an elegant solution 406 */ 407 408 for (i = 0; r_destructors[i]; i++) { 409 char *a; 410 411 if (!(a = Mangle(password, r_destructors[i]))) { 412 continue; 413 } 414 415 if (FindPW(pwp, a) != notfound) { 416 return (DICTIONARY_WORD); 417 } 418 } 419 420 (void) strlcpy(password, Reverse(password), PATH_MAX); 421 422 for (i = 0; r_destructors[i]; i++) { 423 char *a; 424 425 if (!(a = Mangle(password, r_destructors[i]))) { 426 continue; 427 } 428 if (FindPW(pwp, a) != notfound) { 429 return (REVERSE_DICTIONARY_WORD); 430 } 431 } 432 433 return (0); 434} 435 436int 437DictCheck(char *password, char *path) 438{ 439 PWDICT *pwp; 440 int r; 441 442 if ((pwp = PWOpen(path, "rF")) == NULL) 443 return (DATABASE_OPEN_FAIL); 444 445 r = FascistLook(pwp, password); 446 (void) PWClose(pwp); 447 return (r); 448} 449