From 10dc0df2649fde09b53d8236d73225a77e315202 Mon Sep 17 00:00:00 2001 From: JoeMcGeever Date: Mon, 3 Jul 2023 10:54:29 +0100 Subject: [PATCH] Updated hash format to be the same as the suggested @philsmd --- OpenCL/m98765-pure.cl | 15 +++++++-- src/modules/module_98765.c | 62 +++++++++++++++++++++++--------------- 2 files changed, 49 insertions(+), 28 deletions(-) diff --git a/OpenCL/m98765-pure.cl b/OpenCL/m98765-pure.cl index 2b03e25ff..8a695f4d7 100644 --- a/OpenCL/m98765-pure.cl +++ b/OpenCL/m98765-pure.cl @@ -94,6 +94,8 @@ CONSTANT_VK u32 base64_table[64] = '4', '5', '6', '7', '8', '9', '+', '/', }; +// Wow it's the right file + u32 base64_encode_three_bytes_better (u32 in){ //in has 3 u8s in, first u8 is not set) u32 out; @@ -121,6 +123,7 @@ void base64_encode_sha256 (u32 *out, const u32 *in) out[8] = base64_encode_three_bytes_better( (in[6] >> 8)); out[9] = base64_encode_three_bytes_better((in[6] << 16) | (in[7] >> 16)); + // 0x7c = ord('A') ^ ord('=') so replaces the A that we'll get at the end with an = out[10] = base64_encode_three_bytes_better(in[7] << 8) ^ 0x7c; } @@ -141,7 +144,7 @@ KERNEL_FQ void m98765_init (KERN_ATTR_TMPS_ESALT (doge_tmp_t, payload_t)) sha256_update_global_swap (&ctx, pws[gid].i, pws[gid].pw_len); sha256_final (&ctx); - u32 w[16] = { 0 }; + u32 w[16] = { 0 }; // only uses 11, but have to be 16 for sha256_hmac_init_global_swap function base64_encode_sha256 (w, ctx.h); @@ -225,6 +228,7 @@ KERNEL_FQ void m98765_init (KERN_ATTR_TMPS_ESALT (doge_tmp_t, payload_t)) KERNEL_FQ void m98765_loop (KERN_ATTR_TMPS_ESALT (doge_tmp_t, payload_t)) { + //pbkdf2hmac here const u64 gid = get_global_id (0); @@ -411,7 +415,9 @@ KERNEL_FQ void m98765_comp (KERN_ATTR_TMPS_ESALT (doge_tmp_t, payload_t)) // iv - u32 prev_ct[4]; + + + u32 prev_ct[4]; //iv is the first 4 u32s -> needs to be prev ct for cbc encryption (each block used prior ct) prev_ct[0] = hc_swap32(esalt_bufs[DIGESTS_OFFSET_HOST].pl_buf[0]); prev_ct[1] = hc_swap32(esalt_bufs[DIGESTS_OFFSET_HOST].pl_buf[1]); @@ -421,9 +427,11 @@ KERNEL_FQ void m98765_comp (KERN_ATTR_TMPS_ESALT (doge_tmp_t, payload_t)) u32 isAscii = 0; // ct - u32 ct_buf[4] = {0}; + u32 ct_buf[4] = {0}; //ct is the payload (- the first 4 u32s) u32 pt_buf[4] = {0}; + + // Padding is Crypto.pad.iso10126 -pads with random bytes until the last byte, and which defines the number of padding bytes // So knocking off last block to not account for any non-ascii padding for (u32 i=4; i < esalt_bufs[DIGESTS_OFFSET_HOST].pl_len-4; i+=4) @@ -444,6 +452,7 @@ KERNEL_FQ void m98765_comp (KERN_ATTR_TMPS_ESALT (doge_tmp_t, payload_t)) } + const u32 r0 = isAscii; const u32 r1 = 0; const u32 r2 = 0; diff --git a/src/modules/module_98765.c b/src/modules/module_98765.c index b86e750fd..2e472be34 100644 --- a/src/modules/module_98765.c +++ b/src/modules/module_98765.c @@ -29,9 +29,9 @@ static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; static const char *ST_PASS = "hashcat"; -static const char *ST_HASH = "dogechain$EEmAkgiMlVrToRhu2suq91R5Frf+VQCvNzv9lj6OwRWIf/3IM31wqhJM7gGQpinXH9kqHkuQ2DMZxspgA7QFAddsUWvZxGdNAkaeKy90EAsTLIuDQnH3plfBQfmL6j5NPaH7Nr7kF1PdvM0pbUw6XHySBYkD/rPHNM6n58NRK4xfO4VVMykeX3+m2LaVyv5s269r/op38svRPT0YFGpRcanY6/U1BeSrvG2IXii1BKXXAcVEN4GFmyEQRWKI0uZE+3M0atf7UEPD4K9tmEKosqdsF4MFLiBtfI4eq0+926ijoezDmUPvHIiyQZ9CH2jZ$6jOgqW/GxL9He1afQiINIg=="; +static const char *ST_HASH = "$dogechain$0*5000*EEmAkgiMlVrToRhu2suq91R5Frf+VQCvNzv9lj6OwRWIf/3IM31wqhJM7gGQpinXH9kqHkuQ2DMZxspgA7QFAddsUWvZxGdNAkaeKy90EAsTLIuDQnH3plfBQfmL6j5NPaH7Nr7kF1PdvM0pbUw6XHySBYkD/rPHNM6n58NRK4xfO4VVMykeX3+m2LaVyv5s269r/op38svRPT0YFGpRcanY6/U1BeSrvG2IXii1BKXXAcVEN4GFmyEQRWKI0uZE+3M0atf7UEPD4K9tmEKosqdsF4MFLiBtfI4eq0+926ijoezDmUPvHIiyQZ9CH2jZ*6jOgqW/GxL9He1afQiINIg=="; -static const char *SIGNATURE_DOGECHAIN = "dogechain"; +static const char *SIGNATURE_DOGECHAIN = "$dogechain$0"; u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } @@ -67,8 +67,6 @@ typedef struct doge_tmp } doge_tmp_t; -const u32 PBKDF2_ITER = 5000; - u64 module_esalt_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { @@ -94,41 +92,50 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE hc_token_t token; - token.token_cnt = 3; + token.token_cnt = 4; token.signatures_cnt = 1; token.signatures_buf[0] = SIGNATURE_DOGECHAIN; // sig - token.sep[0] = '$'; - token.len_min[0] = 9; - token.len_max[0] = 9; - token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH + token.sep[0] = '*'; + token.len_min[0] = 12; + token.len_max[0] = 12; + token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH //VERIFY NOT FIXED | TOKEN_ATTR_VERIFY_SIGNATURE; + + // iter + token.sep[1] = '*'; + token.len_min[1] = 1; + token.len_max[1] = 10; + token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_DIGIT; + // payload - token.sep[1] = '$'; - token.len_min[1] = 320; - token.len_max[1] = 320; - token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH - | TOKEN_ATTR_VERIFY_BASE64A; + token.sep[2] = '*'; + token.len_min[2] = 320; + token.len_max[2] = 320; + token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_BASE64A; //verify is b64 // salt - token.sep[2] = '$'; - token.len_min[2] = 24; - token.len_max[2] = 24; - token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH - | TOKEN_ATTR_VERIFY_BASE64A; + token.sep[3] = '*'; + token.len_min[3] = 24; + token.len_max[3] = 24; + token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_BASE64A; //verify is b64 - const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); + // Our parsing + // esalt for payload - const u8 *data_pos = token.buf[1]; - const int data_len = token.len[1]; + const u8 *data_pos = token.buf[2]; + const int data_len = token.len[2]; u8 tmp_buf[256] = { 0 }; @@ -141,8 +148,8 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE // salt - const u8 *salt_pos = token.buf[2]; - const int salt_length = token.len[2]; + const u8 *salt_pos = token.buf[3]; + const int salt_length = token.len[3]; memset (tmp_buf, 0, sizeof (tmp_buf)); @@ -151,7 +158,11 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE memcpy (salt->salt_buf, tmp_buf, tmp_len); salt->salt_len = tmp_len; - salt->salt_iter = PBKDF2_ITER-1; + + // iter + const u8 *iter_pos = token.buf[1]; + + salt->salt_iter = hc_strtoul ((const char *) iter_pos, NULL, 10) - 1; // digest @@ -160,6 +171,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE digest[2] = 0; digest[3] = 0; + return (PARSER_OK); }