diff --git a/include/interface_migrate.h b/include/interface_migrate.h index 4881f34c2..343f92312 100644 --- a/include/interface_migrate.h +++ b/include/interface_migrate.h @@ -525,12 +525,6 @@ typedef struct pdf17l8_tmp } pdf17l8_tmp_t; -typedef struct md5crypt_tmp -{ - u32 digest_buf[4]; - -} md5crypt_tmp_t; - typedef struct sha256crypt_tmp { // pure version @@ -1053,7 +1047,6 @@ typedef enum kern_type KERN_TYPE_SHA1_SLTPWU = 140, KERN_TYPE_HMACSHA1_PW = 150, KERN_TYPE_HMACSHA1_SLT = 160, - KERN_TYPE_MD5CRYPT = 500, KERN_TYPE_BLAKE2B = 600, KERN_TYPE_MD44_PWUSLT = 1100, KERN_TYPE_SHA256_PWSLT = 1410, @@ -1265,7 +1258,6 @@ typedef enum rounds_count ROUNDS_SHA1AIX = (1 << 6), ROUNDS_SHA256AIX = (1 << 6), ROUNDS_SHA512AIX = (1 << 6), - ROUNDS_MD5CRYPT = 1000, ROUNDS_SHA256CRYPT = 5000, ROUNDS_SHA512CRYPT = 5000, ROUNDS_GRUB = 10000, @@ -1350,7 +1342,6 @@ int md5md5_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_bu int md5pix_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); int md5asa_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); int md5apr1_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); -int md5crypt_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); int mssql2000_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); int mssql2005_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); int netntlmv1_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); diff --git a/modules/module_00400.c b/modules/module_00400.c index ab716859d..811d5f75b 100644 --- a/modules/module_00400.c +++ b/modules/module_00400.c @@ -27,6 +27,15 @@ static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; static const char *ST_PASS = "hashcat"; static const char *ST_HASH = "$P$946647711V1klyitUYhtB8Yw5DMA/w."; +typedef struct phpass_tmp +{ + u32 digest_buf[4]; + +} phpass_tmp_t; + +static const char *SIGNATURE_PHPASS1 = "$P$"; +static const char *SIGNATURE_PHPASS2 = "$H$"; + u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } @@ -43,18 +52,11 @@ u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } -typedef struct phpass_tmp -{ - u32 digest_buf[4]; - -} phpass_tmp_t; - -static const char *SIGNATURE_PHPASS1 = "$P$"; -static const char *SIGNATURE_PHPASS2 = "$H$"; - u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { - return (u64) sizeof (phpass_tmp_t); + const u64 tmp_size = (const u64) sizeof (phpass_tmp_t); + + return tmp_size; } static void phpass_decode (u8 digest[16], const u8 buf[22]) diff --git a/modules/module_00500.c b/modules/module_00500.c new file mode 100644 index 000000000..58ecfedc0 --- /dev/null +++ b/modules/module_00500.c @@ -0,0 +1,299 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#include "common.h" +#include "types.h" +#include "modules.h" +#include "bitops.h" +#include "convert.h" +#include "shared.h" + +static const u32 ATTACK_EXEC = ATTACK_EXEC_OUTSIDE_KERNEL; +static const u32 DGST_POS0 = 0; +static const u32 DGST_POS1 = 1; +static const u32 DGST_POS2 = 2; +static const u32 DGST_POS3 = 3; +static const u32 DGST_SIZE = DGST_SIZE_4_4; +static const u32 HASH_CATEGORY = HASH_CATEGORY_OS; +static const char *HASH_NAME = "md5crypt, MD5 (Unix), Cisco-IOS $1$ (MD5)"; +static const u32 HASH_TYPE = HASH_TYPE_GENERIC; +static const u64 KERN_TYPE = 500; +static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE; +static const u64 OPTS_TYPE = OPTS_TYPE_STATE_BUFFER_LE + | OPTS_TYPE_PT_GENERATE_LE + | OPTS_TYPE_PREFERED_THREAD; +static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; +static const char *ST_PASS = "hashcat"; +static const char *ST_HASH = "$1$38652870$DUjsu4TTlTsOe/xxZ05uf/"; + +typedef struct md5crypt_tmp +{ + u32 digest_buf[4]; + +} md5crypt_tmp_t; + +static const u32 ROUNDS_MD5CRYPT = 1000; +static const char *SIGNATURE_MD5CRYPT = "$1$"; + +u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } +u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } +u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } +u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; } +u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; } +u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; } +u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; } +const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; } +u32 module_hash_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_TYPE; } +u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; } +u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; } +u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; } +u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; } +const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } +const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } + +u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 tmp_size = (const u64) sizeof (md5crypt_tmp_t); + + return tmp_size; +} + +static void md5crypt_decode (u8 digest[16], const u8 buf[22]) +{ + int l; + + l = itoa64_to_int (buf[ 0]) << 0; + l |= itoa64_to_int (buf[ 1]) << 6; + l |= itoa64_to_int (buf[ 2]) << 12; + l |= itoa64_to_int (buf[ 3]) << 18; + + digest[ 0] = (l >> 16) & 0xff; + digest[ 6] = (l >> 8) & 0xff; + digest[12] = (l >> 0) & 0xff; + + l = itoa64_to_int (buf[ 4]) << 0; + l |= itoa64_to_int (buf[ 5]) << 6; + l |= itoa64_to_int (buf[ 6]) << 12; + l |= itoa64_to_int (buf[ 7]) << 18; + + digest[ 1] = (l >> 16) & 0xff; + digest[ 7] = (l >> 8) & 0xff; + digest[13] = (l >> 0) & 0xff; + + l = itoa64_to_int (buf[ 8]) << 0; + l |= itoa64_to_int (buf[ 9]) << 6; + l |= itoa64_to_int (buf[10]) << 12; + l |= itoa64_to_int (buf[11]) << 18; + + digest[ 2] = (l >> 16) & 0xff; + digest[ 8] = (l >> 8) & 0xff; + digest[14] = (l >> 0) & 0xff; + + l = itoa64_to_int (buf[12]) << 0; + l |= itoa64_to_int (buf[13]) << 6; + l |= itoa64_to_int (buf[14]) << 12; + l |= itoa64_to_int (buf[15]) << 18; + + digest[ 3] = (l >> 16) & 0xff; + digest[ 9] = (l >> 8) & 0xff; + digest[15] = (l >> 0) & 0xff; + + l = itoa64_to_int (buf[16]) << 0; + l |= itoa64_to_int (buf[17]) << 6; + l |= itoa64_to_int (buf[18]) << 12; + l |= itoa64_to_int (buf[19]) << 18; + + digest[ 4] = (l >> 16) & 0xff; + digest[10] = (l >> 8) & 0xff; + digest[ 5] = (l >> 0) & 0xff; + + l = itoa64_to_int (buf[20]) << 0; + l |= itoa64_to_int (buf[21]) << 6; + + digest[11] = (l >> 0) & 0xff; +} + +static void md5crypt_encode (const u8 digest[16], u8 buf[22]) +{ + int l; + + l = (digest[ 0] << 16) | (digest[ 6] << 8) | (digest[12] << 0); + + buf[ 0] = int_to_itoa64 (l & 0x3f); l >>= 6; + buf[ 1] = int_to_itoa64 (l & 0x3f); l >>= 6; + buf[ 2] = int_to_itoa64 (l & 0x3f); l >>= 6; + buf[ 3] = int_to_itoa64 (l & 0x3f); //l >>= 6; + + l = (digest[ 1] << 16) | (digest[ 7] << 8) | (digest[13] << 0); + + buf[ 4] = int_to_itoa64 (l & 0x3f); l >>= 6; + buf[ 5] = int_to_itoa64 (l & 0x3f); l >>= 6; + buf[ 6] = int_to_itoa64 (l & 0x3f); l >>= 6; + buf[ 7] = int_to_itoa64 (l & 0x3f); //l >>= 6; + + l = (digest[ 2] << 16) | (digest[ 8] << 8) | (digest[14] << 0); + + buf[ 8] = int_to_itoa64 (l & 0x3f); l >>= 6; + buf[ 9] = int_to_itoa64 (l & 0x3f); l >>= 6; + buf[10] = int_to_itoa64 (l & 0x3f); l >>= 6; + buf[11] = int_to_itoa64 (l & 0x3f); //l >>= 6; + + l = (digest[ 3] << 16) | (digest[ 9] << 8) | (digest[15] << 0); + + buf[12] = int_to_itoa64 (l & 0x3f); l >>= 6; + buf[13] = int_to_itoa64 (l & 0x3f); l >>= 6; + buf[14] = int_to_itoa64 (l & 0x3f); l >>= 6; + buf[15] = int_to_itoa64 (l & 0x3f); //l >>= 6; + + l = (digest[ 4] << 16) | (digest[10] << 8) | (digest[ 5] << 0); + + buf[16] = int_to_itoa64 (l & 0x3f); l >>= 6; + buf[17] = int_to_itoa64 (l & 0x3f); l >>= 6; + buf[18] = int_to_itoa64 (l & 0x3f); l >>= 6; + buf[19] = int_to_itoa64 (l & 0x3f); //l >>= 6; + + l = (digest[11] << 0); + + buf[20] = int_to_itoa64 (l & 0x3f); l >>= 6; + buf[21] = int_to_itoa64 (l & 0x3f); //l >>= 6; +} + +int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, const char *line_buf, MAYBE_UNUSED const int line_len) +{ + u32 *digest = (u32 *) digest_buf; + + token_t token; + + token.token_cnt = 3; + + token.signatures_cnt = 1; + token.signatures_buf[0] = SIGNATURE_MD5CRYPT; + + token.len[0] = 3; + token.attr[0] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_SIGNATURE; + + token.len_min[1] = 0; + token.len_max[1] = 8; + token.sep[1] = '$'; + token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_OPTIONAL_ROUNDS; + + token.len[2] = 22; + token.attr[2] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_BASE64B; + + const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); + + if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); + + salt->salt_iter = ROUNDS_MD5CRYPT; + + if (token.opt_len != -1) + { + salt->salt_iter = hc_strtoul ((const char *) token.opt_buf + 7, NULL, 10); // 7 = "rounds=" + } + + const u8 *salt_pos = token.buf[1]; + const int salt_len = token.len[1]; + + const bool parse_rc = parse_and_store_generic_salt ((u8 *) salt->salt_buf, (int *) &salt->salt_len, salt_pos, salt_len, hashconfig); + + if (parse_rc == false) return (PARSER_SALT_LENGTH); + + const u8 *hash_pos = token.buf[2]; + + md5crypt_decode ((u8 *) digest, hash_pos); + + return (PARSER_OK); +} + +int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, char *line_buf, MAYBE_UNUSED const int line_size) +{ + u8 tmp[100] = { 0 }; + + md5crypt_encode (digest_buf, tmp); + + int line_len = 0; + + if (salt->salt_iter == ROUNDS_MD5CRYPT) + { + line_len = snprintf (line_buf, line_len, "$1$%s$%s", (char *) salt->salt_buf, tmp); + } + else + { + line_len = snprintf (line_buf, line_len, "$1$rounds=%u$%s$%s", salt->salt_iter, (char *) salt->salt_buf, tmp); + } + + return line_len; +} + +void module_init (module_ctx_t *module_ctx) +{ + module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; + module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT; + + module_ctx->module_attack_exec = module_attack_exec; + module_ctx->module_benchmark_esalt = MODULE_DEFAULT; + module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT; + module_ctx->module_benchmark_mask = MODULE_DEFAULT; + module_ctx->module_benchmark_salt = MODULE_DEFAULT; + module_ctx->module_build_plain_postprocess = MODULE_DEFAULT; + module_ctx->module_deep_comp_kernel = MODULE_DEFAULT; + module_ctx->module_dgst_pos0 = module_dgst_pos0; + module_ctx->module_dgst_pos1 = module_dgst_pos1; + module_ctx->module_dgst_pos2 = module_dgst_pos2; + module_ctx->module_dgst_pos3 = module_dgst_pos3; + module_ctx->module_dgst_size = module_dgst_size; + module_ctx->module_dictstat_disable = MODULE_DEFAULT; + module_ctx->module_esalt_size = MODULE_DEFAULT; + module_ctx->module_extra_buffer_size = MODULE_DEFAULT; + module_ctx->module_forced_outfile_format = MODULE_DEFAULT; + module_ctx->module_hash_binary_count = MODULE_DEFAULT; + module_ctx->module_hash_binary_parse = MODULE_DEFAULT; + module_ctx->module_hash_binary_save = MODULE_DEFAULT; + module_ctx->module_hash_binary_verify = MODULE_DEFAULT; + module_ctx->module_hash_decode_outfile = MODULE_DEFAULT; + module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; + module_ctx->module_hash_decode = module_hash_decode; + module_ctx->module_hash_encode_status = MODULE_DEFAULT; + module_ctx->module_hash_encode = module_hash_encode; + module_ctx->module_hash_init_selftest = MODULE_DEFAULT; + module_ctx->module_hash_mode = MODULE_DEFAULT; + module_ctx->module_hash_category = module_hash_category; + module_ctx->module_hash_name = module_hash_name; + module_ctx->module_hash_type = module_hash_type; + module_ctx->module_hlfmt_disable = MODULE_DEFAULT; + module_ctx->module_hook12 = MODULE_DEFAULT; + module_ctx->module_hook23 = MODULE_DEFAULT; + module_ctx->module_hook_salt_size = MODULE_DEFAULT; + module_ctx->module_hook_size = MODULE_DEFAULT; + module_ctx->module_jit_build_options = MODULE_DEFAULT; + module_ctx->module_kernel_accel_max = MODULE_DEFAULT; + module_ctx->module_kernel_accel_min = MODULE_DEFAULT; + module_ctx->module_kernel_loops_max = MODULE_DEFAULT; + module_ctx->module_kernel_loops_min = MODULE_DEFAULT; + module_ctx->module_kernel_threads_max = MODULE_DEFAULT; + module_ctx->module_kernel_threads_min = MODULE_DEFAULT; + module_ctx->module_kern_type = module_kern_type; + module_ctx->module_opti_type = module_opti_type; + module_ctx->module_opts_type = module_opts_type; + module_ctx->module_outfile_check_disable = MODULE_DEFAULT; + module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT; + module_ctx->module_potfile_disable = MODULE_DEFAULT; + module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; + module_ctx->module_pwdump_column = MODULE_DEFAULT; + module_ctx->module_pw_max = MODULE_DEFAULT; + module_ctx->module_pw_min = MODULE_DEFAULT; + module_ctx->module_salt_max = MODULE_DEFAULT; + module_ctx->module_salt_min = MODULE_DEFAULT; + module_ctx->module_salt_type = module_salt_type; + module_ctx->module_separator = MODULE_DEFAULT; + module_ctx->module_st_hash = module_st_hash; + module_ctx->module_st_pass = module_st_pass; + module_ctx->module_tmp_size = module_tmp_size; + module_ctx->module_unstable_warning = MODULE_DEFAULT; + module_ctx->module_warmup_disable = MODULE_DEFAULT; +} diff --git a/src/interface_migrate.c b/src/interface_migrate.c index 5e83f1037..e425bd6e6 100644 --- a/src/interface_migrate.c +++ b/src/interface_migrate.c @@ -132,7 +132,6 @@ " 12800 | MS-AzureSync PBKDF2-HMAC-SHA256 | Operating Systems", " 1500 | descrypt, DES (Unix), Traditional DES | Operating Systems", " 12400 | BSDi Crypt, Extended DES | Operating Systems", - " 500 | md5crypt, MD5 (Unix), Cisco-IOS $1$ (MD5) | Operating Systems", " 3200 | bcrypt $2*$, Blowfish (Unix) | Operating Systems", " 7400 | sha256crypt $5$, SHA256 (Unix) | Operating Systems", " 1800 | sha512crypt $6$, SHA512 (Unix) | Operating Systems", @@ -310,7 +309,6 @@ static const char *ST_HASH_00140 = "03b83421e2aa6d872d1f8dee001dc226ef01722b:818 static const char *ST_HASH_00141 = "$episerver$*0*MjEwNA==*ZUgAmuaYTqAvisD0A427FA3oaWU"; static const char *ST_HASH_00150 = "02b256705348a28b1d6c0f063907979f7e0c82f8:10323"; static const char *ST_HASH_00160 = "8d7cb4d4a27a438059bb83a34d1e6cc439669168:2134817"; -static const char *ST_HASH_00500 = "$1$38652870$DUjsu4TTlTsOe/xxZ05uf/"; static const char *ST_HASH_00501 = "3u+UR6n8AgABAAAAHxxdXKmiOmUoqKnZlf8lTOhlPYy93EAkbPfs5+49YLFd/B1+omSKbW7DoqNM40/EeVnwJ8kYoXv9zy9D5C5m5A=="; static const char *ST_HASH_00600 = "$BLAKE2$296c269e70ac5f0095e6fb47693480f0f7b97ccd0307f5c3bfa4df8f5ca5c9308a0e7108e80a0a9c0ebb715e8b7109b072046c6cd5e155b4cfd2f27216283b1e"; static const char *ST_HASH_01100 = "c896b3c6963e03c86ade3a38370bbb09:54161084332"; @@ -540,7 +538,6 @@ static const char *HT_00130 = "sha1(utf16le($pass).$salt)"; static const char *HT_00140 = "sha1($salt.utf16le($pass))"; static const char *HT_00150 = "HMAC-SHA1 (key = $pass)"; static const char *HT_00160 = "HMAC-SHA1 (key = $salt)"; -static const char *HT_00500 = "md5crypt, MD5 (Unix), Cisco-IOS $1$ (MD5)"; static const char *HT_00501 = "Juniper IVE"; static const char *HT_00600 = "BLAKE2b"; static const char *HT_01100 = "Domain Cached Credentials (DCC), MS Cache"; @@ -810,7 +807,6 @@ static const char *SIGNATURE_KRB5TGS = "$krb5tgs$23$"; static const char *SIGNATURE_KRB5ASREP = "$krb5asrep$23$"; static const char *SIGNATURE_MD5AIX = "{smd5}"; static const char *SIGNATURE_MD5APR1 = "$apr1$"; -static const char *SIGNATURE_MD5CRYPT = "$1$"; static const char *SIGNATURE_MEDIAWIKI_B = "$B$"; static const char *SIGNATURE_MS_DRSR = "v1;PPH1_MD4"; static const char *SIGNATURE_MSSQL = "0x0100"; @@ -912,106 +908,6 @@ static void juniper_decrypt_hash (const u8 *in, const int in_len, u8 *out) AES128_decrypt_cbc (juniper_key, juniper_iv, in_ptr, out_ptr); } -static void md5crypt_decode (u8 digest[16], const u8 buf[22]) -{ - int l; - - l = itoa64_to_int (buf[ 0]) << 0; - l |= itoa64_to_int (buf[ 1]) << 6; - l |= itoa64_to_int (buf[ 2]) << 12; - l |= itoa64_to_int (buf[ 3]) << 18; - - digest[ 0] = (l >> 16) & 0xff; - digest[ 6] = (l >> 8) & 0xff; - digest[12] = (l >> 0) & 0xff; - - l = itoa64_to_int (buf[ 4]) << 0; - l |= itoa64_to_int (buf[ 5]) << 6; - l |= itoa64_to_int (buf[ 6]) << 12; - l |= itoa64_to_int (buf[ 7]) << 18; - - digest[ 1] = (l >> 16) & 0xff; - digest[ 7] = (l >> 8) & 0xff; - digest[13] = (l >> 0) & 0xff; - - l = itoa64_to_int (buf[ 8]) << 0; - l |= itoa64_to_int (buf[ 9]) << 6; - l |= itoa64_to_int (buf[10]) << 12; - l |= itoa64_to_int (buf[11]) << 18; - - digest[ 2] = (l >> 16) & 0xff; - digest[ 8] = (l >> 8) & 0xff; - digest[14] = (l >> 0) & 0xff; - - l = itoa64_to_int (buf[12]) << 0; - l |= itoa64_to_int (buf[13]) << 6; - l |= itoa64_to_int (buf[14]) << 12; - l |= itoa64_to_int (buf[15]) << 18; - - digest[ 3] = (l >> 16) & 0xff; - digest[ 9] = (l >> 8) & 0xff; - digest[15] = (l >> 0) & 0xff; - - l = itoa64_to_int (buf[16]) << 0; - l |= itoa64_to_int (buf[17]) << 6; - l |= itoa64_to_int (buf[18]) << 12; - l |= itoa64_to_int (buf[19]) << 18; - - digest[ 4] = (l >> 16) & 0xff; - digest[10] = (l >> 8) & 0xff; - digest[ 5] = (l >> 0) & 0xff; - - l = itoa64_to_int (buf[20]) << 0; - l |= itoa64_to_int (buf[21]) << 6; - - digest[11] = (l >> 0) & 0xff; -} - -static void md5crypt_encode (const u8 digest[16], u8 buf[22]) -{ - int l; - - l = (digest[ 0] << 16) | (digest[ 6] << 8) | (digest[12] << 0); - - buf[ 0] = int_to_itoa64 (l & 0x3f); l >>= 6; - buf[ 1] = int_to_itoa64 (l & 0x3f); l >>= 6; - buf[ 2] = int_to_itoa64 (l & 0x3f); l >>= 6; - buf[ 3] = int_to_itoa64 (l & 0x3f); //l >>= 6; - - l = (digest[ 1] << 16) | (digest[ 7] << 8) | (digest[13] << 0); - - buf[ 4] = int_to_itoa64 (l & 0x3f); l >>= 6; - buf[ 5] = int_to_itoa64 (l & 0x3f); l >>= 6; - buf[ 6] = int_to_itoa64 (l & 0x3f); l >>= 6; - buf[ 7] = int_to_itoa64 (l & 0x3f); //l >>= 6; - - l = (digest[ 2] << 16) | (digest[ 8] << 8) | (digest[14] << 0); - - buf[ 8] = int_to_itoa64 (l & 0x3f); l >>= 6; - buf[ 9] = int_to_itoa64 (l & 0x3f); l >>= 6; - buf[10] = int_to_itoa64 (l & 0x3f); l >>= 6; - buf[11] = int_to_itoa64 (l & 0x3f); //l >>= 6; - - l = (digest[ 3] << 16) | (digest[ 9] << 8) | (digest[15] << 0); - - buf[12] = int_to_itoa64 (l & 0x3f); l >>= 6; - buf[13] = int_to_itoa64 (l & 0x3f); l >>= 6; - buf[14] = int_to_itoa64 (l & 0x3f); l >>= 6; - buf[15] = int_to_itoa64 (l & 0x3f); //l >>= 6; - - l = (digest[ 4] << 16) | (digest[10] << 8) | (digest[ 5] << 0); - - buf[16] = int_to_itoa64 (l & 0x3f); l >>= 6; - buf[17] = int_to_itoa64 (l & 0x3f); l >>= 6; - buf[18] = int_to_itoa64 (l & 0x3f); l >>= 6; - buf[19] = int_to_itoa64 (l & 0x3f); //l >>= 6; - - l = (digest[11] << 0); - - buf[20] = int_to_itoa64 (l & 0x3f); l >>= 6; - buf[21] = int_to_itoa64 (l & 0x3f); //l >>= 6; -} - static void sha512crypt_decode (u8 digest[64], const u8 buf[86]) { int l; @@ -4041,58 +3937,6 @@ int psafe3_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNU return (PARSER_OK); } -int md5crypt_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig) -{ - u32 *digest = (u32 *) hash_buf->digest; - - salt_t *salt = hash_buf->salt; - - token_t token; - - token.token_cnt = 3; - - token.signatures_cnt = 1; - token.signatures_buf[0] = SIGNATURE_MD5CRYPT; - - token.len[0] = 3; - token.attr[0] = TOKEN_ATTR_FIXED_LENGTH - | TOKEN_ATTR_VERIFY_SIGNATURE; - - token.len_min[1] = 0; - token.len_max[1] = 8; - token.sep[1] = '$'; - token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH - | TOKEN_ATTR_OPTIONAL_ROUNDS; - - token.len[2] = 22; - token.attr[2] = TOKEN_ATTR_FIXED_LENGTH - | TOKEN_ATTR_VERIFY_BASE64B; - - const int rc_tokenizer = input_tokenizer (input_buf, input_len, &token); - - if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); - - salt->salt_iter = ROUNDS_MD5CRYPT; - - if (token.opt_len != -1) - { - salt->salt_iter = hc_strtoul ((const char *) token.opt_buf + 7, NULL, 10); // 7 = "rounds=" - } - - const u8 *salt_pos = token.buf[1]; - const int salt_len = token.len[1]; - - const bool parse_rc = parse_and_store_generic_salt ((u8 *) salt->salt_buf, (int *) &salt->salt_len, salt_pos, salt_len, hashconfig); - - if (parse_rc == false) return (PARSER_SALT_LENGTH); - - const u8 *hash_pos = token.buf[2]; - - md5crypt_decode ((u8 *) digest, hash_pos); - - return (PARSER_OK); -} - int md5apr1_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig) { u32 *digest = (u32 *) hash_buf->digest; @@ -18889,8 +18733,6 @@ void hashconfig_benchmark_defaults (hashcat_ctx_t *hashcat_ctx, salt_t *salt, vo switch (hashconfig->hash_mode) { - case 500: salt->salt_iter = ROUNDS_MD5CRYPT; - break; case 501: salt->salt_iter = ROUNDS_MD5CRYPT; break; case 1600: salt->salt_iter = ROUNDS_MD5CRYPT; @@ -19288,26 +19130,6 @@ int ascii_digest (hashcat_ctx_t *hashcat_ctx, char *out_buf, const int out_size, snprintf (out_buf, out_size, "%s*0*%s*%s", SIGNATURE_EPISERVER, ptr_salt, ptr_plain); } - else if (hash_mode == 500) - { - // the encoder is a bit too intelligent, it expects the input data in the wrong BOM - - digest_buf[0] = byte_swap_32 (digest_buf[0]); - digest_buf[1] = byte_swap_32 (digest_buf[1]); - digest_buf[2] = byte_swap_32 (digest_buf[2]); - digest_buf[3] = byte_swap_32 (digest_buf[3]); - - md5crypt_encode ((unsigned char *) digest_buf, (unsigned char *) ptr_plain); - - if (salt.salt_iter == ROUNDS_MD5CRYPT) - { - snprintf (out_buf, out_size, "$1$%s$%s", (char *) salt.salt_buf, ptr_plain); - } - else - { - snprintf (out_buf, out_size, "$1$rounds=%u$%s$%s", salt.salt_iter, (char *) salt.salt_buf, ptr_plain); - } - } else if (hash_mode == 501) { hashinfo_t **hashinfo_ptr = hash_info; @@ -23441,23 +23263,6 @@ int hashconfig_init (hashcat_ctx_t *hashcat_ctx) hashconfig->st_pass = ST_PASS_HASHCAT_PLAIN; break; - case 500: hashconfig->hash_type = HASH_TYPE_MD5; - hashconfig->salt_type = SALT_TYPE_EMBEDDED; - hashconfig->attack_exec = ATTACK_EXEC_OUTSIDE_KERNEL; - hashconfig->opts_type = OPTS_TYPE_PT_GENERATE_LE - | OPTS_TYPE_PREFERED_THREAD; - hashconfig->kern_type = KERN_TYPE_MD5CRYPT; - hashconfig->dgst_size = DGST_SIZE_4_4; - hashconfig->parse_func = md5crypt_parse_hash; - hashconfig->opti_type = OPTI_TYPE_ZERO_BYTE; - hashconfig->dgst_pos0 = 0; - hashconfig->dgst_pos1 = 1; - hashconfig->dgst_pos2 = 2; - hashconfig->dgst_pos3 = 3; - hashconfig->st_hash = ST_HASH_00500; - hashconfig->st_pass = ST_PASS_HASHCAT_PLAIN; - break; - case 501: hashconfig->hash_type = HASH_TYPE_MD5; hashconfig->salt_type = SALT_TYPE_EMBEDDED; hashconfig->attack_exec = ATTACK_EXEC_OUTSIDE_KERNEL; @@ -27874,7 +27679,6 @@ int hashconfig_init (hashcat_ctx_t *hashcat_ctx) switch (hashconfig->hash_mode) { - case 500: hashconfig->tmp_size = sizeof (md5crypt_tmp_t); break; case 501: hashconfig->tmp_size = sizeof (md5crypt_tmp_t); break; case 1600: hashconfig->tmp_size = sizeof (md5crypt_tmp_t); break; case 1800: hashconfig->tmp_size = sizeof (sha512crypt_tmp_t); break;