fedora 24
crypto weakness #291

4

Weakness Breakdown


Definition:

This weakness involves creating non-standard or non-tested algorithms, using weak algorithms or applying cryptographic algorithms incorrectly. Algorithms that were once considered safe are commonly later found to be unsafe, as the algorithms were broken.

Warning code(s):

The crypt functions use a poor one-way hashing algorithm; since they only accept passwords of 8 characters or fewer and only a two-byte salt, they are excessively vulnerable to dictionary attacks given today's faster computing equipment.

File Name:

dx-4.4.4/src/exec/dpexec/command.c

Context:

The highlighted line of code below is the trigger point of this particular Fedora 24 crypto weakness.

     else
	license_tried = TRUE;
    
    for(i=0;i<13;i++)
	keybuf[i] = c[i];
    keybuf[13] = '\0';
    
    for(i=0;i<4;i++)
	typebuf[i] = c[i+13];
    typebuf[4] = '\0';
    
    for(i=0;i<4;i++)
	key[i*2] = _dxd_LicenseKey[i];
    
    key[1] = 'g';
    key[3] = '3';
    key[5] = '$ ';
    key[7] = 'Q';
    key[8] = '\0';
    
    salt[0] = '4';
    salt[1] = '.';
    salt[2] = '\0';
    
    if(strcmp(keybuf,(const char *)crypt(key,salt))){
	DXMessage("License Error: Invalid license Message\n");
	DXUIMessage("LICENSE","UNAUTHORIZED");
	return (OK);
    }
    
    sscanf(typebuf,"%04x",&i);
   
    /* This junk below is to preserve byte order, beware ! */
 
    switch(i^(*((ubyte *)&keybuf[4])<<8)+(*((ubyte *)&keybuf[5]))) {
	
      case GOT_NODELOCKED:
	if (!ExGetPrimaryLicense())
	    DXMessage("Exec could not get a license (UI has nodelocked)\n");
	else 
	    DXUIMessage("LICENSE", "AUTHORIZED");
	break;
	
      case GOT_CONCURRENT:
	_dxd_ExHasLicense = TRUE;
	DXUIMessage("LICENSE", "AUTHORIZED");
	DXMessage("Running under UI's concurrent license\n");
	break;
	
      default: 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.