1 /* 2 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 3 * Use is subject to license terms. 4 * Copyright 2024 OmniOS Community Edition (OmniOSce) Association. 5 */ 6 7 /* 8 * This program is copyright Alec Muffett 1993. The author disclaims all 9 * responsibility or liability with respect to it's usage or its effect 10 * upon hardware or computer systems, and maintains copyright as set out 11 * in the "LICENCE" document which accompanies distributions of Crack v4.0 12 * and upwards. 13 */ 14 15 #include "packer.h" 16 17 18 static char *r_destructors[] = { 19 ":", /* noop - must do this to test raw word. */ 20 "[", /* trimming leading/trailing junk */ 21 "]", 22 "[[", 23 "]]", 24 "[[[", 25 "]]]", 26 27 "/?p@?p", /* purging out punctuation/symbols/junk */ 28 "/?s@?s", 29 "/?X@?X", 30 /* attempt reverse engineering of password strings */ 31 "/$s$s", 32 "/$s$s/0s0o", 33 "/$s$s/0s0o/2s2a", 34 "/$s$s/0s0o/2s2a/3s3e", 35 "/$s$s/0s0o/2s2a/3s3e/5s5s", 36 "/$s$s/0s0o/2s2a/3s3e/5s5s/1s1i", 37 "/$s$s/0s0o/2s2a/3s3e/5s5s/1s1l", 38 "/$s$s/0s0o/2s2a/3s3e/5s5s/1s1i/4s4a", 39 "/$s$s/0s0o/2s2a/3s3e/5s5s/1s1i/4s4h", 40 "/$s$s/0s0o/2s2a/3s3e/5s5s/1s1l/4s4a", 41 "/$s$s/0s0o/2s2a/3s3e/5s5s/1s1l/4s4h", 42 "/$s$s/0s0o/2s2a/3s3e/5s5s/4s4a", 43 "/$s$s/0s0o/2s2a/3s3e/5s5s/4s4h", 44 "/$s$s/0s0o/2s2a/3s3e/5s5s/4s4a", 45 "/$s$s/0s0o/2s2a/3s3e/5s5s/4s4h", 46 "/$s$s/0s0o/2s2a/3s3e/1s1i", 47 "/$s$s/0s0o/2s2a/3s3e/1s1l", 48 "/$s$s/0s0o/2s2a/3s3e/1s1i/4s4a", 49 "/$s$s/0s0o/2s2a/3s3e/1s1i/4s4h", 50 "/$s$s/0s0o/2s2a/3s3e/1s1l/4s4a", 51 "/$s$s/0s0o/2s2a/3s3e/1s1l/4s4h", 52 "/$s$s/0s0o/2s2a/3s3e/4s4a", 53 "/$s$s/0s0o/2s2a/3s3e/4s4h", 54 "/$s$s/0s0o/2s2a/3s3e/4s4a", 55 "/$s$s/0s0o/2s2a/3s3e/4s4h", 56 "/$s$s/0s0o/2s2a/5s5s", 57 "/$s$s/0s0o/2s2a/5s5s/1s1i", 58 "/$s$s/0s0o/2s2a/5s5s/1s1l", 59 "/$s$s/0s0o/2s2a/5s5s/1s1i/4s4a", 60 "/$s$s/0s0o/2s2a/5s5s/1s1i/4s4h", 61 "/$s$s/0s0o/2s2a/5s5s/1s1l/4s4a", 62 "/$s$s/0s0o/2s2a/5s5s/1s1l/4s4h", 63 "/$s$s/0s0o/2s2a/5s5s/4s4a", 64 "/$s$s/0s0o/2s2a/5s5s/4s4h", 65 "/$s$s/0s0o/2s2a/5s5s/4s4a", 66 "/$s$s/0s0o/2s2a/5s5s/4s4h", 67 "/$s$s/0s0o/2s2a/1s1i", 68 "/$s$s/0s0o/2s2a/1s1l", 69 "/$s$s/0s0o/2s2a/1s1i/4s4a", 70 "/$s$s/0s0o/2s2a/1s1i/4s4h", 71 "/$s$s/0s0o/2s2a/1s1l/4s4a", 72 "/$s$s/0s0o/2s2a/1s1l/4s4h", 73 "/$s$s/0s0o/2s2a/4s4a", 74 "/$s$s/0s0o/2s2a/4s4h", 75 "/$s$s/0s0o/2s2a/4s4a", 76 "/$s$s/0s0o/2s2a/4s4h", 77 "/$s$s/0s0o/3s3e", 78 "/$s$s/0s0o/3s3e/5s5s", 79 "/$s$s/0s0o/3s3e/5s5s/1s1i", 80 "/$s$s/0s0o/3s3e/5s5s/1s1l", 81 "/$s$s/0s0o/3s3e/5s5s/1s1i/4s4a", 82 "/$s$s/0s0o/3s3e/5s5s/1s1i/4s4h", 83 "/$s$s/0s0o/3s3e/5s5s/1s1l/4s4a", 84 "/$s$s/0s0o/3s3e/5s5s/1s1l/4s4h", 85 "/$s$s/0s0o/3s3e/5s5s/4s4a", 86 "/$s$s/0s0o/3s3e/5s5s/4s4h", 87 "/$s$s/0s0o/3s3e/5s5s/4s4a", 88 "/$s$s/0s0o/3s3e/5s5s/4s4h", 89 "/$s$s/0s0o/3s3e/1s1i", 90 "/$s$s/0s0o/3s3e/1s1l", 91 "/$s$s/0s0o/3s3e/1s1i/4s4a", 92 "/$s$s/0s0o/3s3e/1s1i/4s4h", 93 "/$s$s/0s0o/3s3e/1s1l/4s4a", 94 "/$s$s/0s0o/3s3e/1s1l/4s4h", 95 "/$s$s/0s0o/3s3e/4s4a", 96 "/$s$s/0s0o/3s3e/4s4h", 97 "/$s$s/0s0o/3s3e/4s4a", 98 "/$s$s/0s0o/3s3e/4s4h", 99 "/$s$s/0s0o/5s5s", 100 "/$s$s/0s0o/5s5s/1s1i", 101 "/$s$s/0s0o/5s5s/1s1l", 102 "/$s$s/0s0o/5s5s/1s1i/4s4a", 103 "/$s$s/0s0o/5s5s/1s1i/4s4h", 104 "/$s$s/0s0o/5s5s/1s1l/4s4a", 105 "/$s$s/0s0o/5s5s/1s1l/4s4h", 106 "/$s$s/0s0o/5s5s/4s4a", 107 "/$s$s/0s0o/5s5s/4s4h", 108 "/$s$s/0s0o/5s5s/4s4a", 109 "/$s$s/0s0o/5s5s/4s4h", 110 "/$s$s/0s0o/1s1i", 111 "/$s$s/0s0o/1s1l", 112 "/$s$s/0s0o/1s1i/4s4a", 113 "/$s$s/0s0o/1s1i/4s4h", 114 "/$s$s/0s0o/1s1l/4s4a", 115 "/$s$s/0s0o/1s1l/4s4h", 116 "/$s$s/0s0o/4s4a", 117 "/$s$s/0s0o/4s4h", 118 "/$s$s/0s0o/4s4a", 119 "/$s$s/0s0o/4s4h", 120 "/$s$s/2s2a", 121 "/$s$s/2s2a/3s3e", 122 "/$s$s/2s2a/3s3e/5s5s", 123 "/$s$s/2s2a/3s3e/5s5s/1s1i", 124 "/$s$s/2s2a/3s3e/5s5s/1s1l", 125 "/$s$s/2s2a/3s3e/5s5s/1s1i/4s4a", 126 "/$s$s/2s2a/3s3e/5s5s/1s1i/4s4h", 127 "/$s$s/2s2a/3s3e/5s5s/1s1l/4s4a", 128 "/$s$s/2s2a/3s3e/5s5s/1s1l/4s4h", 129 "/$s$s/2s2a/3s3e/5s5s/4s4a", 130 "/$s$s/2s2a/3s3e/5s5s/4s4h", 131 "/$s$s/2s2a/3s3e/5s5s/4s4a", 132 "/$s$s/2s2a/3s3e/5s5s/4s4h", 133 "/$s$s/2s2a/3s3e/1s1i", 134 "/$s$s/2s2a/3s3e/1s1l", 135 "/$s$s/2s2a/3s3e/1s1i/4s4a", 136 "/$s$s/2s2a/3s3e/1s1i/4s4h", 137 "/$s$s/2s2a/3s3e/1s1l/4s4a", 138 "/$s$s/2s2a/3s3e/1s1l/4s4h", 139 "/$s$s/2s2a/3s3e/4s4a", 140 "/$s$s/2s2a/3s3e/4s4h", 141 "/$s$s/2s2a/3s3e/4s4a", 142 "/$s$s/2s2a/3s3e/4s4h", 143 "/$s$s/2s2a/5s5s", 144 "/$s$s/2s2a/5s5s/1s1i", 145 "/$s$s/2s2a/5s5s/1s1l", 146 "/$s$s/2s2a/5s5s/1s1i/4s4a", 147 "/$s$s/2s2a/5s5s/1s1i/4s4h", 148 "/$s$s/2s2a/5s5s/1s1l/4s4a", 149 "/$s$s/2s2a/5s5s/1s1l/4s4h", 150 "/$s$s/2s2a/5s5s/4s4a", 151 "/$s$s/2s2a/5s5s/4s4h", 152 "/$s$s/2s2a/5s5s/4s4a", 153 "/$s$s/2s2a/5s5s/4s4h", 154 "/$s$s/2s2a/1s1i", 155 "/$s$s/2s2a/1s1l", 156 "/$s$s/2s2a/1s1i/4s4a", 157 "/$s$s/2s2a/1s1i/4s4h", 158 "/$s$s/2s2a/1s1l/4s4a", 159 "/$s$s/2s2a/1s1l/4s4h", 160 "/$s$s/2s2a/4s4a", 161 "/$s$s/2s2a/4s4h", 162 "/$s$s/2s2a/4s4a", 163 "/$s$s/2s2a/4s4h", 164 "/$s$s/3s3e", 165 "/$s$s/3s3e/5s5s", 166 "/$s$s/3s3e/5s5s/1s1i", 167 "/$s$s/3s3e/5s5s/1s1l", 168 "/$s$s/3s3e/5s5s/1s1i/4s4a", 169 "/$s$s/3s3e/5s5s/1s1i/4s4h", 170 "/$s$s/3s3e/5s5s/1s1l/4s4a", 171 "/$s$s/3s3e/5s5s/1s1l/4s4h", 172 "/$s$s/3s3e/5s5s/4s4a", 173 "/$s$s/3s3e/5s5s/4s4h", 174 "/$s$s/3s3e/5s5s/4s4a", 175 "/$s$s/3s3e/5s5s/4s4h", 176 "/$s$s/3s3e/1s1i", 177 "/$s$s/3s3e/1s1l", 178 "/$s$s/3s3e/1s1i/4s4a", 179 "/$s$s/3s3e/1s1i/4s4h", 180 "/$s$s/3s3e/1s1l/4s4a", 181 "/$s$s/3s3e/1s1l/4s4h", 182 "/$s$s/3s3e/4s4a", 183 "/$s$s/3s3e/4s4h", 184 "/$s$s/3s3e/4s4a", 185 "/$s$s/3s3e/4s4h", 186 "/$s$s/5s5s", 187 "/$s$s/5s5s/1s1i", 188 "/$s$s/5s5s/1s1l", 189 "/$s$s/5s5s/1s1i/4s4a", 190 "/$s$s/5s5s/1s1i/4s4h", 191 "/$s$s/5s5s/1s1l/4s4a", 192 "/$s$s/5s5s/1s1l/4s4h", 193 "/$s$s/5s5s/4s4a", 194 "/$s$s/5s5s/4s4h", 195 "/$s$s/5s5s/4s4a", 196 "/$s$s/5s5s/4s4h", 197 "/$s$s/1s1i", 198 "/$s$s/1s1l", 199 "/$s$s/1s1i/4s4a", 200 "/$s$s/1s1i/4s4h", 201 "/$s$s/1s1l/4s4a", 202 "/$s$s/1s1l/4s4h", 203 "/$s$s/4s4a", 204 "/$s$s/4s4h", 205 "/$s$s/4s4a", 206 "/$s$s/4s4h", 207 "/0s0o", 208 "/0s0o/2s2a", 209 "/0s0o/2s2a/3s3e", 210 "/0s0o/2s2a/3s3e/5s5s", 211 "/0s0o/2s2a/3s3e/5s5s/1s1i", 212 "/0s0o/2s2a/3s3e/5s5s/1s1l", 213 "/0s0o/2s2a/3s3e/5s5s/1s1i/4s4a", 214 "/0s0o/2s2a/3s3e/5s5s/1s1i/4s4h", 215 "/0s0o/2s2a/3s3e/5s5s/1s1l/4s4a", 216 "/0s0o/2s2a/3s3e/5s5s/1s1l/4s4h", 217 "/0s0o/2s2a/3s3e/5s5s/4s4a", 218 "/0s0o/2s2a/3s3e/5s5s/4s4h", 219 "/0s0o/2s2a/3s3e/5s5s/4s4a", 220 "/0s0o/2s2a/3s3e/5s5s/4s4h", 221 "/0s0o/2s2a/3s3e/1s1i", 222 "/0s0o/2s2a/3s3e/1s1l", 223 "/0s0o/2s2a/3s3e/1s1i/4s4a", 224 "/0s0o/2s2a/3s3e/1s1i/4s4h", 225 "/0s0o/2s2a/3s3e/1s1l/4s4a", 226 "/0s0o/2s2a/3s3e/1s1l/4s4h", 227 "/0s0o/2s2a/3s3e/4s4a", 228 "/0s0o/2s2a/3s3e/4s4h", 229 "/0s0o/2s2a/3s3e/4s4a", 230 "/0s0o/2s2a/3s3e/4s4h", 231 "/0s0o/2s2a/5s5s", 232 "/0s0o/2s2a/5s5s/1s1i", 233 "/0s0o/2s2a/5s5s/1s1l", 234 "/0s0o/2s2a/5s5s/1s1i/4s4a", 235 "/0s0o/2s2a/5s5s/1s1i/4s4h", 236 "/0s0o/2s2a/5s5s/1s1l/4s4a", 237 "/0s0o/2s2a/5s5s/1s1l/4s4h", 238 "/0s0o/2s2a/5s5s/4s4a", 239 "/0s0o/2s2a/5s5s/4s4h", 240 "/0s0o/2s2a/5s5s/4s4a", 241 "/0s0o/2s2a/5s5s/4s4h", 242 "/0s0o/2s2a/1s1i", 243 "/0s0o/2s2a/1s1l", 244 "/0s0o/2s2a/1s1i/4s4a", 245 "/0s0o/2s2a/1s1i/4s4h", 246 "/0s0o/2s2a/1s1l/4s4a", 247 "/0s0o/2s2a/1s1l/4s4h", 248 "/0s0o/2s2a/4s4a", 249 "/0s0o/2s2a/4s4h", 250 "/0s0o/2s2a/4s4a", 251 "/0s0o/2s2a/4s4h", 252 "/0s0o/3s3e", 253 "/0s0o/3s3e/5s5s", 254 "/0s0o/3s3e/5s5s/1s1i", 255 "/0s0o/3s3e/5s5s/1s1l", 256 "/0s0o/3s3e/5s5s/1s1i/4s4a", 257 "/0s0o/3s3e/5s5s/1s1i/4s4h", 258 "/0s0o/3s3e/5s5s/1s1l/4s4a", 259 "/0s0o/3s3e/5s5s/1s1l/4s4h", 260 "/0s0o/3s3e/5s5s/4s4a", 261 "/0s0o/3s3e/5s5s/4s4h", 262 "/0s0o/3s3e/5s5s/4s4a", 263 "/0s0o/3s3e/5s5s/4s4h", 264 "/0s0o/3s3e/1s1i", 265 "/0s0o/3s3e/1s1l", 266 "/0s0o/3s3e/1s1i/4s4a", 267 "/0s0o/3s3e/1s1i/4s4h", 268 "/0s0o/3s3e/1s1l/4s4a", 269 "/0s0o/3s3e/1s1l/4s4h", 270 "/0s0o/3s3e/4s4a", 271 "/0s0o/3s3e/4s4h", 272 "/0s0o/3s3e/4s4a", 273 "/0s0o/3s3e/4s4h", 274 "/0s0o/5s5s", 275 "/0s0o/5s5s/1s1i", 276 "/0s0o/5s5s/1s1l", 277 "/0s0o/5s5s/1s1i/4s4a", 278 "/0s0o/5s5s/1s1i/4s4h", 279 "/0s0o/5s5s/1s1l/4s4a", 280 "/0s0o/5s5s/1s1l/4s4h", 281 "/0s0o/5s5s/4s4a", 282 "/0s0o/5s5s/4s4h", 283 "/0s0o/5s5s/4s4a", 284 "/0s0o/5s5s/4s4h", 285 "/0s0o/1s1i", 286 "/0s0o/1s1l", 287 "/0s0o/1s1i/4s4a", 288 "/0s0o/1s1i/4s4h", 289 "/0s0o/1s1l/4s4a", 290 "/0s0o/1s1l/4s4h", 291 "/0s0o/4s4a", 292 "/0s0o/4s4h", 293 "/0s0o/4s4a", 294 "/0s0o/4s4h", 295 "/2s2a", 296 "/2s2a/3s3e", 297 "/2s2a/3s3e/5s5s", 298 "/2s2a/3s3e/5s5s/1s1i", 299 "/2s2a/3s3e/5s5s/1s1l", 300 "/2s2a/3s3e/5s5s/1s1i/4s4a", 301 "/2s2a/3s3e/5s5s/1s1i/4s4h", 302 "/2s2a/3s3e/5s5s/1s1l/4s4a", 303 "/2s2a/3s3e/5s5s/1s1l/4s4h", 304 "/2s2a/3s3e/5s5s/4s4a", 305 "/2s2a/3s3e/5s5s/4s4h", 306 "/2s2a/3s3e/5s5s/4s4a", 307 "/2s2a/3s3e/5s5s/4s4h", 308 "/2s2a/3s3e/1s1i", 309 "/2s2a/3s3e/1s1l", 310 "/2s2a/3s3e/1s1i/4s4a", 311 "/2s2a/3s3e/1s1i/4s4h", 312 "/2s2a/3s3e/1s1l/4s4a", 313 "/2s2a/3s3e/1s1l/4s4h", 314 "/2s2a/3s3e/4s4a", 315 "/2s2a/3s3e/4s4h", 316 "/2s2a/3s3e/4s4a", 317 "/2s2a/3s3e/4s4h", 318 "/2s2a/5s5s", 319 "/2s2a/5s5s/1s1i", 320 "/2s2a/5s5s/1s1l", 321 "/2s2a/5s5s/1s1i/4s4a", 322 "/2s2a/5s5s/1s1i/4s4h", 323 "/2s2a/5s5s/1s1l/4s4a", 324 "/2s2a/5s5s/1s1l/4s4h", 325 "/2s2a/5s5s/4s4a", 326 "/2s2a/5s5s/4s4h", 327 "/2s2a/5s5s/4s4a", 328 "/2s2a/5s5s/4s4h", 329 "/2s2a/1s1i", 330 "/2s2a/1s1l", 331 "/2s2a/1s1i/4s4a", 332 "/2s2a/1s1i/4s4h", 333 "/2s2a/1s1l/4s4a", 334 "/2s2a/1s1l/4s4h", 335 "/2s2a/4s4a", 336 "/2s2a/4s4h", 337 "/2s2a/4s4a", 338 "/2s2a/4s4h", 339 "/3s3e", 340 "/3s3e/5s5s", 341 "/3s3e/5s5s/1s1i", 342 "/3s3e/5s5s/1s1l", 343 "/3s3e/5s5s/1s1i/4s4a", 344 "/3s3e/5s5s/1s1i/4s4h", 345 "/3s3e/5s5s/1s1l/4s4a", 346 "/3s3e/5s5s/1s1l/4s4h", 347 "/3s3e/5s5s/4s4a", 348 "/3s3e/5s5s/4s4h", 349 "/3s3e/5s5s/4s4a", 350 "/3s3e/5s5s/4s4h", 351 "/3s3e/1s1i", 352 "/3s3e/1s1l", 353 "/3s3e/1s1i/4s4a", 354 "/3s3e/1s1i/4s4h", 355 "/3s3e/1s1l/4s4a", 356 "/3s3e/1s1l/4s4h", 357 "/3s3e/4s4a", 358 "/3s3e/4s4h", 359 "/3s3e/4s4a", 360 "/3s3e/4s4h", 361 "/5s5s", 362 "/5s5s/1s1i", 363 "/5s5s/1s1l", 364 "/5s5s/1s1i/4s4a", 365 "/5s5s/1s1i/4s4h", 366 "/5s5s/1s1l/4s4a", 367 "/5s5s/1s1l/4s4h", 368 "/5s5s/4s4a", 369 "/5s5s/4s4h", 370 "/5s5s/4s4a", 371 "/5s5s/4s4h", 372 "/1s1i", 373 "/1s1l", 374 "/1s1i/4s4a", 375 "/1s1i/4s4h", 376 "/1s1l/4s4a", 377 "/1s1l/4s4h", 378 "/4s4a", 379 "/4s4h", 380 "/4s4a", 381 "/4s4h", 382 /* done */ 383 (char *)0 384 }; 385 386 387 int 388 FascistLook(PWDICT *pwp, const char *instring) 389 { 390 int i; 391 char *password; 392 uint32_t notfound; 393 char rpassword[PATH_MAX]; 394 395 notfound = PW_WORDS(pwp); 396 397 (void) strlcpy(rpassword, instring, TRUNCSTRINGSIZE); 398 password = rpassword; 399 400 (void) strcpy(password, Lowercase(password)); 401 (void) Trim(password); 402 403 /* 404 * it should be safe to use Mangle with its reliance on PATH_SIZE 405 * since password cannot be longer than TRUNCSTRINGSIZE; 406 * nonetheless this is not an elegant solution 407 */ 408 409 for (i = 0; r_destructors[i]; i++) { 410 char *a; 411 412 if (!(a = Mangle(password, r_destructors[i]))) { 413 continue; 414 } 415 416 if (FindPW(pwp, a) != notfound) { 417 return (DICTIONARY_WORD); 418 } 419 } 420 421 (void) strlcpy(password, Reverse(password), PATH_MAX); 422 423 for (i = 0; r_destructors[i]; i++) { 424 char *a; 425 426 if (!(a = Mangle(password, r_destructors[i]))) { 427 continue; 428 } 429 if (FindPW(pwp, a) != notfound) { 430 return (REVERSE_DICTIONARY_WORD); 431 } 432 } 433 434 return (0); 435 } 436 437 int 438 DictCheck(const char *password, char *path) 439 { 440 PWDICT *pwp; 441 int r; 442 443 if ((pwp = PWOpen(path, "rF")) == NULL) 444 return (DATABASE_OPEN_FAIL); 445 446 r = FascistLook(pwp, password); 447 (void) PWClose(pwp); 448 return (r); 449 } 450