xref: /titanic_41/usr/src/lib/pam_modules/authtok_check/fascist.c (revision ea394cb00fd96864e34d2841b4a22357b621c78f) 
1 /*
2  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
3  * Use is subject to license terms.
4  */
5 
6 /*
7  * This program is copyright Alec Muffett 1993. The author disclaims all
8  * responsibility or liability with respect to it's usage or its effect
9  * upon hardware or computer systems, and maintains copyright as set out
10  * in the "LICENCE" document which accompanies distributions of Crack v4.0
11  * and upwards.
12  */
13 
14 #include "packer.h"
15 
16 
17 static char *r_destructors[] = {
18 	":",			/* noop - must do this to test raw word. */
19 	"[",			/* trimming leading/trailing junk */
20 	"]",
21 	"[[",
22 	"]]",
23 	"[[[",
24 	"]]]",
25 
26 	"/?p@?p",		/* purging out punctuation/symbols/junk */
27 	"/?s@?s",
28 	"/?X@?X",
29 	/* attempt reverse engineering of password strings */
30 	"/$s$s",
31 	"/$s$s/0s0o",
32 	"/$s$s/0s0o/2s2a",
33 	"/$s$s/0s0o/2s2a/3s3e",
34 	"/$s$s/0s0o/2s2a/3s3e/5s5s",
35 	"/$s$s/0s0o/2s2a/3s3e/5s5s/1s1i",
36 	"/$s$s/0s0o/2s2a/3s3e/5s5s/1s1l",
37 	"/$s$s/0s0o/2s2a/3s3e/5s5s/1s1i/4s4a",
38 	"/$s$s/0s0o/2s2a/3s3e/5s5s/1s1i/4s4h",
39 	"/$s$s/0s0o/2s2a/3s3e/5s5s/1s1l/4s4a",
40 	"/$s$s/0s0o/2s2a/3s3e/5s5s/1s1l/4s4h",
41 	"/$s$s/0s0o/2s2a/3s3e/5s5s/4s4a",
42 	"/$s$s/0s0o/2s2a/3s3e/5s5s/4s4h",
43 	"/$s$s/0s0o/2s2a/3s3e/5s5s/4s4a",
44 	"/$s$s/0s0o/2s2a/3s3e/5s5s/4s4h",
45 	"/$s$s/0s0o/2s2a/3s3e/1s1i",
46 	"/$s$s/0s0o/2s2a/3s3e/1s1l",
47 	"/$s$s/0s0o/2s2a/3s3e/1s1i/4s4a",
48 	"/$s$s/0s0o/2s2a/3s3e/1s1i/4s4h",
49 	"/$s$s/0s0o/2s2a/3s3e/1s1l/4s4a",
50 	"/$s$s/0s0o/2s2a/3s3e/1s1l/4s4h",
51 	"/$s$s/0s0o/2s2a/3s3e/4s4a",
52 	"/$s$s/0s0o/2s2a/3s3e/4s4h",
53 	"/$s$s/0s0o/2s2a/3s3e/4s4a",
54 	"/$s$s/0s0o/2s2a/3s3e/4s4h",
55 	"/$s$s/0s0o/2s2a/5s5s",
56 	"/$s$s/0s0o/2s2a/5s5s/1s1i",
57 	"/$s$s/0s0o/2s2a/5s5s/1s1l",
58 	"/$s$s/0s0o/2s2a/5s5s/1s1i/4s4a",
59 	"/$s$s/0s0o/2s2a/5s5s/1s1i/4s4h",
60 	"/$s$s/0s0o/2s2a/5s5s/1s1l/4s4a",
61 	"/$s$s/0s0o/2s2a/5s5s/1s1l/4s4h",
62 	"/$s$s/0s0o/2s2a/5s5s/4s4a",
63 	"/$s$s/0s0o/2s2a/5s5s/4s4h",
64 	"/$s$s/0s0o/2s2a/5s5s/4s4a",
65 	"/$s$s/0s0o/2s2a/5s5s/4s4h",
66 	"/$s$s/0s0o/2s2a/1s1i",
67 	"/$s$s/0s0o/2s2a/1s1l",
68 	"/$s$s/0s0o/2s2a/1s1i/4s4a",
69 	"/$s$s/0s0o/2s2a/1s1i/4s4h",
70 	"/$s$s/0s0o/2s2a/1s1l/4s4a",
71 	"/$s$s/0s0o/2s2a/1s1l/4s4h",
72 	"/$s$s/0s0o/2s2a/4s4a",
73 	"/$s$s/0s0o/2s2a/4s4h",
74 	"/$s$s/0s0o/2s2a/4s4a",
75 	"/$s$s/0s0o/2s2a/4s4h",
76 	"/$s$s/0s0o/3s3e",
77 	"/$s$s/0s0o/3s3e/5s5s",
78 	"/$s$s/0s0o/3s3e/5s5s/1s1i",
79 	"/$s$s/0s0o/3s3e/5s5s/1s1l",
80 	"/$s$s/0s0o/3s3e/5s5s/1s1i/4s4a",
81 	"/$s$s/0s0o/3s3e/5s5s/1s1i/4s4h",
82 	"/$s$s/0s0o/3s3e/5s5s/1s1l/4s4a",
83 	"/$s$s/0s0o/3s3e/5s5s/1s1l/4s4h",
84 	"/$s$s/0s0o/3s3e/5s5s/4s4a",
85 	"/$s$s/0s0o/3s3e/5s5s/4s4h",
86 	"/$s$s/0s0o/3s3e/5s5s/4s4a",
87 	"/$s$s/0s0o/3s3e/5s5s/4s4h",
88 	"/$s$s/0s0o/3s3e/1s1i",
89 	"/$s$s/0s0o/3s3e/1s1l",
90 	"/$s$s/0s0o/3s3e/1s1i/4s4a",
91 	"/$s$s/0s0o/3s3e/1s1i/4s4h",
92 	"/$s$s/0s0o/3s3e/1s1l/4s4a",
93 	"/$s$s/0s0o/3s3e/1s1l/4s4h",
94 	"/$s$s/0s0o/3s3e/4s4a",
95 	"/$s$s/0s0o/3s3e/4s4h",
96 	"/$s$s/0s0o/3s3e/4s4a",
97 	"/$s$s/0s0o/3s3e/4s4h",
98 	"/$s$s/0s0o/5s5s",
99 	"/$s$s/0s0o/5s5s/1s1i",
100 	"/$s$s/0s0o/5s5s/1s1l",
101 	"/$s$s/0s0o/5s5s/1s1i/4s4a",
102 	"/$s$s/0s0o/5s5s/1s1i/4s4h",
103 	"/$s$s/0s0o/5s5s/1s1l/4s4a",
104 	"/$s$s/0s0o/5s5s/1s1l/4s4h",
105 	"/$s$s/0s0o/5s5s/4s4a",
106 	"/$s$s/0s0o/5s5s/4s4h",
107 	"/$s$s/0s0o/5s5s/4s4a",
108 	"/$s$s/0s0o/5s5s/4s4h",
109 	"/$s$s/0s0o/1s1i",
110 	"/$s$s/0s0o/1s1l",
111 	"/$s$s/0s0o/1s1i/4s4a",
112 	"/$s$s/0s0o/1s1i/4s4h",
113 	"/$s$s/0s0o/1s1l/4s4a",
114 	"/$s$s/0s0o/1s1l/4s4h",
115 	"/$s$s/0s0o/4s4a",
116 	"/$s$s/0s0o/4s4h",
117 	"/$s$s/0s0o/4s4a",
118 	"/$s$s/0s0o/4s4h",
119 	"/$s$s/2s2a",
120 	"/$s$s/2s2a/3s3e",
121 	"/$s$s/2s2a/3s3e/5s5s",
122 	"/$s$s/2s2a/3s3e/5s5s/1s1i",
123 	"/$s$s/2s2a/3s3e/5s5s/1s1l",
124 	"/$s$s/2s2a/3s3e/5s5s/1s1i/4s4a",
125 	"/$s$s/2s2a/3s3e/5s5s/1s1i/4s4h",
126 	"/$s$s/2s2a/3s3e/5s5s/1s1l/4s4a",
127 	"/$s$s/2s2a/3s3e/5s5s/1s1l/4s4h",
128 	"/$s$s/2s2a/3s3e/5s5s/4s4a",
129 	"/$s$s/2s2a/3s3e/5s5s/4s4h",
130 	"/$s$s/2s2a/3s3e/5s5s/4s4a",
131 	"/$s$s/2s2a/3s3e/5s5s/4s4h",
132 	"/$s$s/2s2a/3s3e/1s1i",
133 	"/$s$s/2s2a/3s3e/1s1l",
134 	"/$s$s/2s2a/3s3e/1s1i/4s4a",
135 	"/$s$s/2s2a/3s3e/1s1i/4s4h",
136 	"/$s$s/2s2a/3s3e/1s1l/4s4a",
137 	"/$s$s/2s2a/3s3e/1s1l/4s4h",
138 	"/$s$s/2s2a/3s3e/4s4a",
139 	"/$s$s/2s2a/3s3e/4s4h",
140 	"/$s$s/2s2a/3s3e/4s4a",
141 	"/$s$s/2s2a/3s3e/4s4h",
142 	"/$s$s/2s2a/5s5s",
143 	"/$s$s/2s2a/5s5s/1s1i",
144 	"/$s$s/2s2a/5s5s/1s1l",
145 	"/$s$s/2s2a/5s5s/1s1i/4s4a",
146 	"/$s$s/2s2a/5s5s/1s1i/4s4h",
147 	"/$s$s/2s2a/5s5s/1s1l/4s4a",
148 	"/$s$s/2s2a/5s5s/1s1l/4s4h",
149 	"/$s$s/2s2a/5s5s/4s4a",
150 	"/$s$s/2s2a/5s5s/4s4h",
151 	"/$s$s/2s2a/5s5s/4s4a",
152 	"/$s$s/2s2a/5s5s/4s4h",
153 	"/$s$s/2s2a/1s1i",
154 	"/$s$s/2s2a/1s1l",
155 	"/$s$s/2s2a/1s1i/4s4a",
156 	"/$s$s/2s2a/1s1i/4s4h",
157 	"/$s$s/2s2a/1s1l/4s4a",
158 	"/$s$s/2s2a/1s1l/4s4h",
159 	"/$s$s/2s2a/4s4a",
160 	"/$s$s/2s2a/4s4h",
161 	"/$s$s/2s2a/4s4a",
162 	"/$s$s/2s2a/4s4h",
163 	"/$s$s/3s3e",
164 	"/$s$s/3s3e/5s5s",
165 	"/$s$s/3s3e/5s5s/1s1i",
166 	"/$s$s/3s3e/5s5s/1s1l",
167 	"/$s$s/3s3e/5s5s/1s1i/4s4a",
168 	"/$s$s/3s3e/5s5s/1s1i/4s4h",
169 	"/$s$s/3s3e/5s5s/1s1l/4s4a",
170 	"/$s$s/3s3e/5s5s/1s1l/4s4h",
171 	"/$s$s/3s3e/5s5s/4s4a",
172 	"/$s$s/3s3e/5s5s/4s4h",
173 	"/$s$s/3s3e/5s5s/4s4a",
174 	"/$s$s/3s3e/5s5s/4s4h",
175 	"/$s$s/3s3e/1s1i",
176 	"/$s$s/3s3e/1s1l",
177 	"/$s$s/3s3e/1s1i/4s4a",
178 	"/$s$s/3s3e/1s1i/4s4h",
179 	"/$s$s/3s3e/1s1l/4s4a",
180 	"/$s$s/3s3e/1s1l/4s4h",
181 	"/$s$s/3s3e/4s4a",
182 	"/$s$s/3s3e/4s4h",
183 	"/$s$s/3s3e/4s4a",
184 	"/$s$s/3s3e/4s4h",
185 	"/$s$s/5s5s",
186 	"/$s$s/5s5s/1s1i",
187 	"/$s$s/5s5s/1s1l",
188 	"/$s$s/5s5s/1s1i/4s4a",
189 	"/$s$s/5s5s/1s1i/4s4h",
190 	"/$s$s/5s5s/1s1l/4s4a",
191 	"/$s$s/5s5s/1s1l/4s4h",
192 	"/$s$s/5s5s/4s4a",
193 	"/$s$s/5s5s/4s4h",
194 	"/$s$s/5s5s/4s4a",
195 	"/$s$s/5s5s/4s4h",
196 	"/$s$s/1s1i",
197 	"/$s$s/1s1l",
198 	"/$s$s/1s1i/4s4a",
199 	"/$s$s/1s1i/4s4h",
200 	"/$s$s/1s1l/4s4a",
201 	"/$s$s/1s1l/4s4h",
202 	"/$s$s/4s4a",
203 	"/$s$s/4s4h",
204 	"/$s$s/4s4a",
205 	"/$s$s/4s4h",
206 	"/0s0o",
207 	"/0s0o/2s2a",
208 	"/0s0o/2s2a/3s3e",
209 	"/0s0o/2s2a/3s3e/5s5s",
210 	"/0s0o/2s2a/3s3e/5s5s/1s1i",
211 	"/0s0o/2s2a/3s3e/5s5s/1s1l",
212 	"/0s0o/2s2a/3s3e/5s5s/1s1i/4s4a",
213 	"/0s0o/2s2a/3s3e/5s5s/1s1i/4s4h",
214 	"/0s0o/2s2a/3s3e/5s5s/1s1l/4s4a",
215 	"/0s0o/2s2a/3s3e/5s5s/1s1l/4s4h",
216 	"/0s0o/2s2a/3s3e/5s5s/4s4a",
217 	"/0s0o/2s2a/3s3e/5s5s/4s4h",
218 	"/0s0o/2s2a/3s3e/5s5s/4s4a",
219 	"/0s0o/2s2a/3s3e/5s5s/4s4h",
220 	"/0s0o/2s2a/3s3e/1s1i",
221 	"/0s0o/2s2a/3s3e/1s1l",
222 	"/0s0o/2s2a/3s3e/1s1i/4s4a",
223 	"/0s0o/2s2a/3s3e/1s1i/4s4h",
224 	"/0s0o/2s2a/3s3e/1s1l/4s4a",
225 	"/0s0o/2s2a/3s3e/1s1l/4s4h",
226 	"/0s0o/2s2a/3s3e/4s4a",
227 	"/0s0o/2s2a/3s3e/4s4h",
228 	"/0s0o/2s2a/3s3e/4s4a",
229 	"/0s0o/2s2a/3s3e/4s4h",
230 	"/0s0o/2s2a/5s5s",
231 	"/0s0o/2s2a/5s5s/1s1i",
232 	"/0s0o/2s2a/5s5s/1s1l",
233 	"/0s0o/2s2a/5s5s/1s1i/4s4a",
234 	"/0s0o/2s2a/5s5s/1s1i/4s4h",
235 	"/0s0o/2s2a/5s5s/1s1l/4s4a",
236 	"/0s0o/2s2a/5s5s/1s1l/4s4h",
237 	"/0s0o/2s2a/5s5s/4s4a",
238 	"/0s0o/2s2a/5s5s/4s4h",
239 	"/0s0o/2s2a/5s5s/4s4a",
240 	"/0s0o/2s2a/5s5s/4s4h",
241 	"/0s0o/2s2a/1s1i",
242 	"/0s0o/2s2a/1s1l",
243 	"/0s0o/2s2a/1s1i/4s4a",
244 	"/0s0o/2s2a/1s1i/4s4h",
245 	"/0s0o/2s2a/1s1l/4s4a",
246 	"/0s0o/2s2a/1s1l/4s4h",
247 	"/0s0o/2s2a/4s4a",
248 	"/0s0o/2s2a/4s4h",
249 	"/0s0o/2s2a/4s4a",
250 	"/0s0o/2s2a/4s4h",
251 	"/0s0o/3s3e",
252 	"/0s0o/3s3e/5s5s",
253 	"/0s0o/3s3e/5s5s/1s1i",
254 	"/0s0o/3s3e/5s5s/1s1l",
255 	"/0s0o/3s3e/5s5s/1s1i/4s4a",
256 	"/0s0o/3s3e/5s5s/1s1i/4s4h",
257 	"/0s0o/3s3e/5s5s/1s1l/4s4a",
258 	"/0s0o/3s3e/5s5s/1s1l/4s4h",
259 	"/0s0o/3s3e/5s5s/4s4a",
260 	"/0s0o/3s3e/5s5s/4s4h",
261 	"/0s0o/3s3e/5s5s/4s4a",
262 	"/0s0o/3s3e/5s5s/4s4h",
263 	"/0s0o/3s3e/1s1i",
264 	"/0s0o/3s3e/1s1l",
265 	"/0s0o/3s3e/1s1i/4s4a",
266 	"/0s0o/3s3e/1s1i/4s4h",
267 	"/0s0o/3s3e/1s1l/4s4a",
268 	"/0s0o/3s3e/1s1l/4s4h",
269 	"/0s0o/3s3e/4s4a",
270 	"/0s0o/3s3e/4s4h",
271 	"/0s0o/3s3e/4s4a",
272 	"/0s0o/3s3e/4s4h",
273 	"/0s0o/5s5s",
274 	"/0s0o/5s5s/1s1i",
275 	"/0s0o/5s5s/1s1l",
276 	"/0s0o/5s5s/1s1i/4s4a",
277 	"/0s0o/5s5s/1s1i/4s4h",
278 	"/0s0o/5s5s/1s1l/4s4a",
279 	"/0s0o/5s5s/1s1l/4s4h",
280 	"/0s0o/5s5s/4s4a",
281 	"/0s0o/5s5s/4s4h",
282 	"/0s0o/5s5s/4s4a",
283 	"/0s0o/5s5s/4s4h",
284 	"/0s0o/1s1i",
285 	"/0s0o/1s1l",
286 	"/0s0o/1s1i/4s4a",
287 	"/0s0o/1s1i/4s4h",
288 	"/0s0o/1s1l/4s4a",
289 	"/0s0o/1s1l/4s4h",
290 	"/0s0o/4s4a",
291 	"/0s0o/4s4h",
292 	"/0s0o/4s4a",
293 	"/0s0o/4s4h",
294 	"/2s2a",
295 	"/2s2a/3s3e",
296 	"/2s2a/3s3e/5s5s",
297 	"/2s2a/3s3e/5s5s/1s1i",
298 	"/2s2a/3s3e/5s5s/1s1l",
299 	"/2s2a/3s3e/5s5s/1s1i/4s4a",
300 	"/2s2a/3s3e/5s5s/1s1i/4s4h",
301 	"/2s2a/3s3e/5s5s/1s1l/4s4a",
302 	"/2s2a/3s3e/5s5s/1s1l/4s4h",
303 	"/2s2a/3s3e/5s5s/4s4a",
304 	"/2s2a/3s3e/5s5s/4s4h",
305 	"/2s2a/3s3e/5s5s/4s4a",
306 	"/2s2a/3s3e/5s5s/4s4h",
307 	"/2s2a/3s3e/1s1i",
308 	"/2s2a/3s3e/1s1l",
309 	"/2s2a/3s3e/1s1i/4s4a",
310 	"/2s2a/3s3e/1s1i/4s4h",
311 	"/2s2a/3s3e/1s1l/4s4a",
312 	"/2s2a/3s3e/1s1l/4s4h",
313 	"/2s2a/3s3e/4s4a",
314 	"/2s2a/3s3e/4s4h",
315 	"/2s2a/3s3e/4s4a",
316 	"/2s2a/3s3e/4s4h",
317 	"/2s2a/5s5s",
318 	"/2s2a/5s5s/1s1i",
319 	"/2s2a/5s5s/1s1l",
320 	"/2s2a/5s5s/1s1i/4s4a",
321 	"/2s2a/5s5s/1s1i/4s4h",
322 	"/2s2a/5s5s/1s1l/4s4a",
323 	"/2s2a/5s5s/1s1l/4s4h",
324 	"/2s2a/5s5s/4s4a",
325 	"/2s2a/5s5s/4s4h",
326 	"/2s2a/5s5s/4s4a",
327 	"/2s2a/5s5s/4s4h",
328 	"/2s2a/1s1i",
329 	"/2s2a/1s1l",
330 	"/2s2a/1s1i/4s4a",
331 	"/2s2a/1s1i/4s4h",
332 	"/2s2a/1s1l/4s4a",
333 	"/2s2a/1s1l/4s4h",
334 	"/2s2a/4s4a",
335 	"/2s2a/4s4h",
336 	"/2s2a/4s4a",
337 	"/2s2a/4s4h",
338 	"/3s3e",
339 	"/3s3e/5s5s",
340 	"/3s3e/5s5s/1s1i",
341 	"/3s3e/5s5s/1s1l",
342 	"/3s3e/5s5s/1s1i/4s4a",
343 	"/3s3e/5s5s/1s1i/4s4h",
344 	"/3s3e/5s5s/1s1l/4s4a",
345 	"/3s3e/5s5s/1s1l/4s4h",
346 	"/3s3e/5s5s/4s4a",
347 	"/3s3e/5s5s/4s4h",
348 	"/3s3e/5s5s/4s4a",
349 	"/3s3e/5s5s/4s4h",
350 	"/3s3e/1s1i",
351 	"/3s3e/1s1l",
352 	"/3s3e/1s1i/4s4a",
353 	"/3s3e/1s1i/4s4h",
354 	"/3s3e/1s1l/4s4a",
355 	"/3s3e/1s1l/4s4h",
356 	"/3s3e/4s4a",
357 	"/3s3e/4s4h",
358 	"/3s3e/4s4a",
359 	"/3s3e/4s4h",
360 	"/5s5s",
361 	"/5s5s/1s1i",
362 	"/5s5s/1s1l",
363 	"/5s5s/1s1i/4s4a",
364 	"/5s5s/1s1i/4s4h",
365 	"/5s5s/1s1l/4s4a",
366 	"/5s5s/1s1l/4s4h",
367 	"/5s5s/4s4a",
368 	"/5s5s/4s4h",
369 	"/5s5s/4s4a",
370 	"/5s5s/4s4h",
371 	"/1s1i",
372 	"/1s1l",
373 	"/1s1i/4s4a",
374 	"/1s1i/4s4h",
375 	"/1s1l/4s4a",
376 	"/1s1l/4s4h",
377 	"/4s4a",
378 	"/4s4h",
379 	"/4s4a",
380 	"/4s4h",
381 	/* done */
382 	(char *)0
383 };
384 
385 
386 int
387 FascistLook(PWDICT *pwp, char *instring)
388 {
389 	int i;
390 	char *password;
391 	uint32_t notfound;
392 	char rpassword[PATH_MAX];
393 
394 	notfound = PW_WORDS(pwp);
395 
396 	(void) strlcpy(rpassword, instring, TRUNCSTRINGSIZE);
397 	password = rpassword;
398 
399 	(void) strcpy(password, Lowercase(password));
400 	(void) Trim(password);
401 
402 	/*
403 	 * it should be safe to use Mangle with its reliance on PATH_SIZE
404 	 * since password cannot be longer than TRUNCSTRINGSIZE;
405 	 * nonetheless this is not an elegant solution
406 	 */
407 
408 	for (i = 0; r_destructors[i]; i++) {
409 		char *a;
410 
411 		if (!(a = Mangle(password, r_destructors[i]))) {
412 			continue;
413 		}
414 
415 		if (FindPW(pwp, a) != notfound) {
416 			return (DICTIONARY_WORD);
417 		}
418 	}
419 
420 	(void) strlcpy(password, Reverse(password), PATH_MAX);
421 
422 	for (i = 0; r_destructors[i]; i++) {
423 		char *a;
424 
425 		if (!(a = Mangle(password, r_destructors[i]))) {
426 			continue;
427 		}
428 		if (FindPW(pwp, a) != notfound) {
429 			return (REVERSE_DICTIONARY_WORD);
430 		}
431 	}
432 
433 	return (0);
434 }
435 
436 int
437 DictCheck(char *password, char *path)
438 {
439 	PWDICT *pwp;
440 	int r;
441 
442 	if ((pwp = PWOpen(path, "rF")) == NULL)
443 		return (DATABASE_OPEN_FAIL);
444 
445 	r = FascistLook(pwp, password);
446 	(void) PWClose(pwp);
447 	return (r);
448 }
449