[PATCH] Update hashcat to 6.2.5

  • Done
  • quality assurance status badge
Details
5 participants
  • Hendursaga
  • Ludovic Courtès
  • Maxime Devos
  • Tobias Geerinckx-Rice
  • (
Owner
unassigned
Submitted by
Hendursaga
Severity
normal

Debbugs page

Hendursaga wrote 3 years ago
(address . guix-patches@gnu.org)
87r11jswlt.fsf@aol.com
Hello Guixers!

Attached you will find my first patch submitted here in awhile! I'm hoping I've followed the guidelines, they haven't really changed much that I can see. Also, if I incorrectly attached the file, do tell, as I'm on a new (Emacs + notmuch) email workflow!

Unfortunately, I wasn't able to get hashcat to build reproducibly, and I'm not sure why, but 1) the 6.1.1 version wasn't reproducible, and 2) it's literally just a few bytes.

$ guix challenge hashcat
/gnu/store/d3piidwdm4l6i2hsppyzydslcdd1idkl-hashcat-6.1.1 contents differ:
no local build for '/gnu/store/d3piidwdm4l6i2hsppyzydslcdd1idkl-hashcat-6.1.1'
differing file:
/bin/hashcat

$ diffoscope /gnu/store/c5a5p5yisam7wjxclvpa6agrsyarzjv8-hashcat-6.2.5 /gnu/store/c5a5p5yisam7wjxclvpa6agrsyarzjv8-hashcat-6.2.5-check
--- /gnu/store/c5a5p5yisam7wjxclvpa6agrsyarzjv8-hashcat-6.2.5
+++ /gnu/store/c5a5p5yisam7wjxclvpa6agrsyarzjv8-hashcat-6.2.5-check
│ --- /gnu/store/c5a5p5yisam7wjxclvpa6agrsyarzjv8-hashcat-6.2.5/bin
├── +++ /gnu/store/c5a5p5yisam7wjxclvpa6agrsyarzjv8-hashcat-6.2.5-check/bin
│ │ --- /gnu/store/c5a5p5yisam7wjxclvpa6agrsyarzjv8-hashcat-6.2.5/bin/hashcat
│ ├── +++ /gnu/store/c5a5p5yisam7wjxclvpa6agrsyarzjv8-hashcat-6.2.5-check/bin/hashcat
│ │ ├── objdump --line-numbers --disassemble --demangle --reloc --no-show-raw-insn --section=.text {}
│ │ │ @@ -66,15 +66,15 @@
│ │ │ jne 403acd <getpwuid_r@plt+0x18d>
│ │ │ mov $0x4f5071,%esi
│ │ │ mov %r14,%rdi
│ │ │ call 423400 <getpwuid_r@plt+0x1fac0>
│ │ │ mov %rbx,%r8
│ │ │ mov %r13d,%ecx
│ │ │ mov $0x4f4e40,%edx
│ │ │ + mov $0x62f800f1,%r9d
│ │ │ - mov $0x62f6b8f8,%r9d
│ │ │ mov $0x4f4e88,%esi
│ │ │ mov %r14,%rdi
│ │ │ call 405f90 <getpwuid_r@plt+0x2650>
│ │ │ mov %eax,%r12d
│ │ │ test %eax,%eax
│ │ │ je 403aaa <getpwuid_r@plt+0x16a>
│ │ │ or $0xffffffff,%r12d

Hope this helps!

--
Hendursaga
From b005778b47f6e2a6e10435ee2fc9b648c5bde622 Mon Sep 17 00:00:00 2001
From: Hendursaga <hendursaga@aol.com>
Date: Sat, 13 Aug 2022 16:12:12 -0400
Subject: [PATCH] gnu: hashcat: Update to 6.2.5.

* gnu/packages/password-utils.scm (hashcat): Update to 6.2.5.
---
gnu/packages/password-utils.scm | 30 ++++++++++++++----------------
1 file changed, 14 insertions(+), 16 deletions(-)

Toggle diff (48 lines)
diff --git a/gnu/packages/password-utils.scm b/gnu/packages/password-utils.scm
index 0069fdd74c..e8c3feaeba 100644
--- a/gnu/packages/password-utils.scm
+++ b/gnu/packages/password-utils.scm
@@ -1112,27 +1112,25 @@ (define-public pass-rotate
(define-public hashcat
(package
(name "hashcat")
- (version "6.1.1")
- (source
- (origin
- (method url-fetch)
- (uri (string-append "https://hashcat.net/files/hashcat-"
- version ".tar.gz"))
- (sha256
- (base32
- "104z63m7lqbb0sdrxhf9yi15l4a9zwf9m6zs9dbb3gf0nfxl1h9r"))))
- (native-inputs
- (list opencl-headers))
+ (version "6.2.5")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "https://hashcat.net/files/hashcat-" version
+ ".tar.gz"))
+ (sha256
+ (base32
+ "0sc96xcsc20xd4fyby3i45nm9as3hl4nhk9snkvmk5l9mpbrjs3g"))))
+ (native-inputs (list opencl-headers))
(build-system gnu-build-system)
(arguments
- '(#:tests? #f ;no tests
+ '(#:tests? #f ;no tests
#:make-flags (list (string-append "PREFIX=" %output))
- #:phases
- (modify-phases %standard-phases
- (delete 'configure))))
+ #:phases (modify-phases %standard-phases
+ (delete 'configure))))
(home-page "https://hashcat.net/hashcat/")
(synopsis "Advanced password recovery utility")
- (description "Hashcat is an password recovery utility, supporting five
+ (description
+ "Hashcat is an password recovery utility, supporting five
unique modes of attack for over 200 highly-optimized hashing algorithms.
Hashcat currently supports CPUs, GPUs, and other hardware accelerators on
Linux, Windows, and macOS, and has facilities to help enable distributed
--
2.37.1
( wrote 3 years ago
CM58T7OQGJP3.1AJRIZ9PKQ84F@guix-aspire
On Sat Aug 13, 2022 at 9:43 PM BST, Hendursaga via Guix-patches via wrote:
Toggle quote (2 lines)
> Also, if I incorrectly attached the file, do tell, as I'm on a new (Emacs + notmuch) email workflow!

Although I'm not sure whether it's explicitly better practise, I usually
use `git send-email` to embed patches directly in a set of emails, instead
of using attachments.

Re reproducibility: The fact that it's the same large number but slightly
larger seems to suggest that they might be embedding timestamps, so I tried
grepping around in the hashcat source, but couldn't find anything like
__DATE__ or __TIME__.

-- (
Tobias Geerinckx-Rice wrote 3 years ago
(name . Hendursaga)(address . hendursaga@aol.com)
87v8qvn2w5.fsf@nckx
Hendursaga via Guix-patches via 写道:
Toggle quote (3 lines)
> │ │ │ + mov $0x62f800f1,%r9d
> │ │ │ - mov $0x62f6b8f8,%r9d

Definitely a timestamp:

λ date -d @1660420337
Sat 13 Aug 2022 21:52:17 CEST

Kind regards,

T G-R
-----BEGIN PGP SIGNATURE-----

iIMEARYKACsWIQT12iAyS4c9C3o4dnINsP+IT1VteQUCYvgymg0cbWVAdG9iaWFz
LmdyAAoJEA2w/4hPVW15TdYA/jww0KGpjDdve8MDOgAma1F82nPuY3zX5dV5Xkq0
5AZpAQD2PFZmC/ErCaggJJb3lUnX6SoJnIlT95f3VF8ldrRZAg==
=UmZw
-----END PGP SIGNATURE-----

Hendursaga wrote 3 years ago
(name . Tobias Geerinckx-Rice)(address . me@tobias.gr)
87zgg71sil.fsf@aol.com
Toggle quote (5 lines)
> Definitely a timestamp:
>
> λ date -d @1660420337
> Sat 13 Aug 2022 21:52:17 CEST

Figured as much!

Given the above disassembly, there is only one direct reference to getpwuid_r in the codebase[1] and I'm not sure how that would affect reproducibility. Anyone else have any ideas? Should I report this upstream, perhaps?

Hendursaga

Ludovic Courtès wrote 3 years ago
Re: bug#57187: [PATCH] Update hashcat to 6.2.5
(name . Hendursaga)(address . hendursaga@aol.com)(address . 57187-done@debbugs.gnu.org)
87a67hvmf6.fsf_-_@gnu.org
Hi,

Hendursaga <hendursaga@aol.com> skribis:

Toggle quote (2 lines)
> Unfortunately, I wasn't able to get hashcat to build reproducibly, and I'm not sure why, but 1) the 6.1.1 version wasn't reproducible, and 2) it's literally just a few bytes.

Since this is not a regression, I went ahead and applied it.

However, it’d be nice to address it of course. But first, I think we
should remove the bundled OpenCL headers as well as zlib. Could you
give it a try?

Thanks,
Ludo’.
Closed
Maxime Devos wrote 3 years ago
Re: [bug#57187] [PATCH] Update hashcat to 6.2.5
9171b7cf-0dba-89fe-5d98-502ea1475c35@telenet.be
I think I might have found the reproducibility problem:
src/Makefile has a line
Toggle quote (1 lines)
> ./src/Makefile:COMPTIME                := $(shell date +%s)
and
./src/Makefile:    $(CC)    $(CFLAGS_NATIVE) $^ -o $@ $(HASHCAT_LIBRARY)
$(LFLAGS_NATIVE) -DCOMPTIME=$(COMPTIME) -DVERSION_TAG=\"$(VERSION_TAG)\"
-DINSTALL_FOLDER=\"$(INSTALL_FOLDER)\"
-DSHARED_FOLDER=\"$(SHARED_FOLDER)\"
-DDOCUMENT_FOLDER=\"$(DOCUMENT_FOLDER)\"
comptime seems to be only ever set, never actually used, so it should be
safe to replace it with 0. I'll try a patch.
Attachment: OpenPGP_0x49E3EE22191725EE.asc
Attachment: OpenPGP_signature
Maxime Devos wrote 3 years ago
3e8a0fa9-c111-2b83-831f-12cc1bae72cd@telenet.be
On 03-09-2022 13:26, Maxime Devos wrote:
Toggle quote (16 lines)
> I think I might have found the reproducibility problem:
>
> src/Makefile has a line
>
>> ./src/Makefile:COMPTIME                := $(shell date +%s)
> and
>
> ./src/Makefile:    $(CC)    $(CFLAGS_NATIVE) $^ -o $@
> $(HASHCAT_LIBRARY) $(LFLAGS_NATIVE) -DCOMPTIME=$(COMPTIME)
> -DVERSION_TAG=\"$(VERSION_TAG)\"
> -DINSTALL_FOLDER=\"$(INSTALL_FOLDER)\"
> -DSHARED_FOLDER=\"$(SHARED_FOLDER)\"
> -DDOCUMENT_FOLDER=\"$(DOCUMENT_FOLDER)\"
>
> comptime seems to be only ever set, never actually used, so it should
> be safe to replace it with 0. I'll try a patch.
See #57560
Attachment: OpenPGP_0x49E3EE22191725EE.asc
Attachment: OpenPGP_signature
Ludovic Courtès wrote 3 years ago
Re: bug#57560: [PATCH 0/4] Fix multiple hashcat issue.
(name . Maxime Devos)(address . maximedevos@telenet.be)
87o7vusv9f.fsf@gnu.org
Hi,

Maxime Devos <maximedevos@telenet.be> skribis:

Toggle quote (5 lines)
> X-Debbugs-CC: Hendursaga <hendursaga@aol.com>
> X-Debbugs-CC: ( <paren@disroot.org>
> X-Debbugs-CC: Tobias Geerinckx-Rice <me@tobias.gr>
> X-Debbugs-CC: Ludovic Courtès <ludo@gnu.org>

That didn’t work. :-)

Toggle quote (9 lines)
> This patch series:
>
> * Removed bundled libraries, except for LZMA-SDK for which I didn't
> find a corresponding Guix package
> * Makes hashcat cross-compilable, at least from an x86_64-linux-gnu to
> an aarch64-linux-gnu
> * Removes the embedded build time timestamp reported in
> <https://guix.gnu.org/57187>.

Perfect! I’ve applied it all.

Toggle quote (4 lines)
> My current working tree is a bit dirty, so there will be a small
> rebase conflict because of the 6.2.4->6.2.5 and a few imports will
> need to be moved to the top of the file.

Right, I had to fiddle quite a bit with the patches to get them to
apply.

Thanks!

Ludo’.
Closed
?
Your comment

This issue is archived.

To comment on this conversation send an email to 57187@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 57187
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch
You may also tag this issue. See list of standard tags. For example, to set the confirmed and easy tags
mumi command -t +confirmed -t +easy
Or, remove the moreinfo tag and set the help tag
mumi command -t -moreinfo -t +help