Recently, I discovered that for almost all of our characters (any with a
name longer than 6 characters) that you could enter any password and the
game would let you in. Now this confused the ever living hell out of me
for almost 2 days. I debugged my way through db.c, comm.c, and
interpreter.c, but everthing seemed to be working as it should.
I finally wrote a program (further down) to test if it wasn't perhaps the
crypt function itself that was sporked.
gcc -lcrypt test.c under FreeBSD v.2.2.2 (I think, not my box)
#include <stdio.h>
#include <unistd.h>
#define CRYPT(a,b) ((char *) crypt((a),(b)))
main () {
const char *passwd, *salt;
char s[11];
passwd = "sekret";
salt = "Foobar";
strcpy(s, CRYPT(passwd, salt));
printf("%s\n", s);
}
This is the output I kept getting (same from withing gdb when examining
d.character.player.passwd):
Foobar $1$Foobar$ (the 11th byte being \0 I'm assuming)
Foo $1$Foo$hfW (this one would NOT take any password)
Foobarbaz $1$Foobarb (this one WOULD take any password)
It appears that the encrypted password tacks a $1$<salt>$ before the
actual encrypted part.
I guess my question is, has anyone else run across this? If so, what did
you do to remidy it?
--
Jason Fischer | Any smoothly functioning technology is
jasonf@compumedia.com | indistinguishable from a rigged demo.
"In the shadow of the light from a black sun" Type O-
+------------------------------------------------------------+
| Ensure that you have read the CircleMUD Mailing List FAQ: |
| http://democracy.queensu.ca/~fletcher/Circle/list-faq.html |
+------------------------------------------------------------+
This archive was generated by hypermail 2b30 : 12/08/00 PST