diff --git a/include/interface_migrate.h b/include/interface_migrate.h index e69720365..c929f9866 100644 --- a/include/interface_migrate.h +++ b/include/interface_migrate.h @@ -69,16 +69,6 @@ typedef struct itunes_backup } itunes_backup_t; -typedef struct blake2 -{ - u64 h[8]; - u64 t[2]; - u64 f[2]; - u32 buflen; - u32 outlen; - -} blake2_t; - typedef struct chacha20 { u32 iv[2]; @@ -166,18 +156,6 @@ typedef struct ikepsk } ikepsk_t; -typedef struct netntlm -{ - u32 user_len; - u32 domain_len; - u32 srvchall_len; - u32 clichall_len; - - u32 userdomain_buf[64]; - u32 chall_buf[256]; - -} netntlm_t; - typedef struct krb5pa { u32 user[16]; @@ -978,7 +956,6 @@ typedef enum hash_type HASH_TYPE_ITUNES_BACKUP_9 = 56, HASH_TYPE_ITUNES_BACKUP_10 = 57, HASH_TYPE_SKIP32 = 58, - HASH_TYPE_BLAKE2B = 59, HASH_TYPE_CHACHA20 = 60, HASH_TYPE_DPAPIMK = 61, HASH_TYPE_JKS_SHA1 = 62, @@ -1006,7 +983,6 @@ typedef enum kern_type KERN_TYPE_SHA1_SLTPWU = 140, KERN_TYPE_HMACSHA1_PW = 150, KERN_TYPE_HMACSHA1_SLT = 160, - KERN_TYPE_BLAKE2B = 600, KERN_TYPE_MD44_PWUSLT = 1100, KERN_TYPE_SHA256_PWSLT = 1410, KERN_TYPE_SHA256_SLTPW = 1420, @@ -1284,7 +1260,6 @@ int keccak_224_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_bu int keccak_256_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); int keccak_384_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); int keccak_512_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); -int blake2b_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); int chacha20_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); int lm_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); int md4_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); diff --git a/src/interface_migrate.c b/src/interface_migrate.c index 9395694d5..3350b58b1 100644 --- a/src/interface_migrate.c +++ b/src/interface_migrate.c @@ -8,7 +8,6 @@ " 17800 | Keccak-256 | Raw Hash", " 17900 | Keccak-384 | Raw Hash", " 18000 | Keccak-512 | Raw Hash", - " 600 | BLAKE2b-512 | Raw Hash", " 10100 | SipHash | Raw Hash", " 6000 | RIPEMD-160 | Raw Hash", " 6100 | Whirlpool | Raw Hash", @@ -303,7 +302,6 @@ static const char *ST_HASH_00140 = "03b83421e2aa6d872d1f8dee001dc226ef01722b:818 static const char *ST_HASH_00141 = "$episerver$*0*MjEwNA==*ZUgAmuaYTqAvisD0A427FA3oaWU"; static const char *ST_HASH_00150 = "02b256705348a28b1d6c0f063907979f7e0c82f8:10323"; static const char *ST_HASH_00160 = "8d7cb4d4a27a438059bb83a34d1e6cc439669168:2134817"; -static const char *ST_HASH_00600 = "$BLAKE2$296c269e70ac5f0095e6fb47693480f0f7b97ccd0307f5c3bfa4df8f5ca5c9308a0e7108e80a0a9c0ebb715e8b7109b072046c6cd5e155b4cfd2f27216283b1e"; static const char *ST_HASH_01100 = "c896b3c6963e03c86ade3a38370bbb09:54161084332"; static const char *ST_HASH_01410 = "5bb7456f43e3610363f68ad6de82b8b96f3fc9ad24e9d1f1f8d8bd89638db7c0:12480864321"; static const char *ST_HASH_01411 = "{SSHA256}L5Wk0zPY2lmoR5pH20zngq37KkxFwgTquEhx95rxfVk3Ng=="; @@ -527,7 +525,6 @@ static const char *HT_00130 = "sha1(utf16le($pass).$salt)"; static const char *HT_00140 = "sha1($salt.utf16le($pass))"; static const char *HT_00150 = "HMAC-SHA1 (key = $pass)"; static const char *HT_00160 = "HMAC-SHA1 (key = $salt)"; -static const char *HT_00600 = "BLAKE2b"; static const char *HT_01100 = "Domain Cached Credentials (DCC), MS Cache"; static const char *HT_01410 = "sha256($pass.$salt)"; static const char *HT_01420 = "sha256($salt.$pass)"; @@ -841,7 +838,6 @@ static const char *SIGNATURE_ITUNES_BACKUP = "$itunes_backup$"; static const char *SIGNATURE_FORTIGATE = "AK1"; static const char *SIGNATURE_ATLASSIAN = "{PKCS5S2}"; static const char *SIGNATURE_NETBSD_SHA1CRYPT = "$sha1$"; -static const char *SIGNATURE_BLAKE2B = "$BLAKE2$"; static const char *SIGNATURE_CHACHA20 = "$chacha20$"; static const char *SIGNATURE_JKS_SHA1 = "$jksprivk$"; static const char *SIGNATURE_ETHEREUM_PBKDF2 = "$ethereum$p"; @@ -3887,58 +3883,6 @@ int psafe3_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNU return (PARSER_OK); } -int md5apr1_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig) -{ - u32 *digest = (u32 *) hash_buf->digest; - - salt_t *salt = hash_buf->salt; - - token_t token; - - token.token_cnt = 3; - - token.signatures_cnt = 1; - token.signatures_buf[0] = SIGNATURE_MD5APR1; - - token.len[0] = 6; - token.attr[0] = TOKEN_ATTR_FIXED_LENGTH - | TOKEN_ATTR_VERIFY_SIGNATURE; - - token.len_min[1] = 0; - token.len_max[1] = 8; - token.sep[1] = '$'; - token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH - | TOKEN_ATTR_OPTIONAL_ROUNDS; - - token.len[2] = 22; - token.attr[2] = TOKEN_ATTR_FIXED_LENGTH - | TOKEN_ATTR_VERIFY_BASE64B; - - const int rc_tokenizer = input_tokenizer (input_buf, input_len, &token); - - if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); - - salt->salt_iter = ROUNDS_MD5CRYPT; - - if (token.opt_len != -1) - { - salt->salt_iter = hc_strtoul ((const char *) token.opt_buf + 7, NULL, 10); // 7 = "rounds=" - } - - const u8 *salt_pos = token.buf[1]; - const int salt_len = token.len[1]; - - const bool parse_rc = parse_and_store_generic_salt ((u8 *) salt->salt_buf, (int *) &salt->salt_len, salt_pos, salt_len, hashconfig); - - if (parse_rc == false) return (PARSER_SALT_LENGTH); - - const u8 *hash_pos = token.buf[2]; - - md5crypt_decode ((u8 *) digest, hash_pos); - - return (PARSER_OK); -} - int episerver_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig) { u32 *digest = (u32 *) hash_buf->digest; @@ -4591,173 +4535,6 @@ int netntlmv1_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_ return (PARSER_OK); } -int netntlmv2_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig) -{ - u32 *digest = (u32 *) hash_buf->digest; - - salt_t *salt = hash_buf->salt; - - netntlm_t *netntlm = (netntlm_t *) hash_buf->esalt; - - token_t token; - - token.token_cnt = 6; - - // username - token.len_min[0] = 0; - token.len_max[0] = 60; - token.sep[0] = ':'; - token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH; - - // unused - token.len_min[1] = 0; - token.len_max[1] = 0; - token.sep[1] = ':'; - token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH; - - // domain - token.len_min[2] = 0; - token.len_max[2] = 45; - token.sep[2] = ':'; - token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH; - - // lm response - token.len_min[3] = 16; - token.len_max[3] = 16; - token.sep[3] = ':'; - token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH - | TOKEN_ATTR_VERIFY_HEX; - - // ntlm response - token.len_min[4] = 32; - token.len_max[4] = 32; - token.sep[4] = ':'; - token.attr[4] = TOKEN_ATTR_VERIFY_LENGTH - | TOKEN_ATTR_VERIFY_HEX; - - // challenge - token.len_min[5] = 2; - token.len_max[5] = 1024; - token.sep[5] = ':'; - token.attr[5] = TOKEN_ATTR_VERIFY_LENGTH - | TOKEN_ATTR_VERIFY_HEX; - - const int rc_tokenizer = input_tokenizer (input_buf, input_len, &token); - - if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); - - const u8 *user_pos = token.buf[0]; - const u8 *domain_pos = token.buf[2]; - const u8 *srvchall_pos = token.buf[3]; - const u8 *hash_pos = token.buf[4]; - const u8 *clichall_pos = token.buf[5]; - - const int user_len = token.len[0]; - const int domain_len = token.len[2]; - const int srvchall_len = token.len[3]; - const int clichall_len = token.len[5]; - - /** - * store some data for later use - */ - - netntlm->user_len = user_len * 2; - netntlm->domain_len = domain_len * 2; - netntlm->srvchall_len = srvchall_len / 2; - netntlm->clichall_len = clichall_len / 2; - - u8 *userdomain_ptr = (u8 *) netntlm->userdomain_buf; - u8 *chall_ptr = (u8 *) netntlm->chall_buf; - - /** - * handle username and domainname - */ - - for (int i = 0; i < user_len; i++) - { - *userdomain_ptr++ = toupper (user_pos[i]); - *userdomain_ptr++ = 0; - } - - for (int i = 0; i < domain_len; i++) - { - *userdomain_ptr++ = domain_pos[i]; - *userdomain_ptr++ = 0; - } - - *userdomain_ptr++ = 0x80; - - /** - * handle server challenge encoding - */ - - for (int i = 0; i < srvchall_len; i += 2) - { - const u8 p0 = srvchall_pos[i + 0]; - const u8 p1 = srvchall_pos[i + 1]; - - *chall_ptr++ = hex_convert (p1) << 0 - | hex_convert (p0) << 4; - } - - /** - * handle client challenge encoding - */ - - for (int i = 0; i < clichall_len; i += 2) - { - const u8 p0 = clichall_pos[i + 0]; - const u8 p1 = clichall_pos[i + 1]; - - *chall_ptr++ = hex_convert (p1) << 0 - | hex_convert (p0) << 4; - } - - *chall_ptr++ = 0x80; - - /** - * handle hash itself - */ - - digest[0] = hex_to_u32 (hash_pos + 0); - digest[1] = hex_to_u32 (hash_pos + 8); - digest[2] = hex_to_u32 (hash_pos + 16); - digest[3] = hex_to_u32 (hash_pos + 24); - - /** - * reuse challange data as salt_buf, its the buffer that is most likely unique - */ - - salt->salt_buf[0] = 0; - salt->salt_buf[1] = 0; - salt->salt_buf[2] = 0; - salt->salt_buf[3] = 0; - salt->salt_buf[4] = 0; - salt->salt_buf[5] = 0; - salt->salt_buf[6] = 0; - salt->salt_buf[7] = 0; - - u32 *uptr; - - uptr = (u32 *) netntlm->userdomain_buf; - - for (u32 i = 0; i < 64; i += 16, uptr += 16) - { - md5_64 (uptr, salt->salt_buf); - } - - uptr = (u32 *) netntlm->chall_buf; - - for (u32 i = 0; i < 256; i += 16, uptr += 16) - { - md5_64 (uptr, salt->salt_buf); - } - - salt->salt_len = 16; - - return (PARSER_OK); -} - int postgresql_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig) { u32 *digest = (u32 *) hash_buf->digest; @@ -6241,63 +6018,6 @@ int keccak_512_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE return (PARSER_OK); } -int blake2b_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig) -{ - u64 *digest = (u64 *) hash_buf->digest; - - token_t token; - - token.token_cnt = 2; - - token.signatures_cnt = 1; - token.signatures_buf[0] = SIGNATURE_BLAKE2B; - - token.len[0] = 8; - token.attr[0] = TOKEN_ATTR_FIXED_LENGTH - | TOKEN_ATTR_VERIFY_SIGNATURE; - - token.len[1] = 128; - token.attr[1] = TOKEN_ATTR_FIXED_LENGTH - | TOKEN_ATTR_VERIFY_HEX; - - const int rc_tokenizer = input_tokenizer (input_buf, input_len, &token); - - if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); - - const u8 *hash_pos = token.buf[1]; - - digest[0] = hex_to_u64 (hash_pos + 0); - digest[1] = hex_to_u64 (hash_pos + 16); - digest[2] = hex_to_u64 (hash_pos + 32); - digest[3] = hex_to_u64 (hash_pos + 48); - digest[4] = hex_to_u64 (hash_pos + 64); - digest[5] = hex_to_u64 (hash_pos + 80); - digest[6] = hex_to_u64 (hash_pos + 96); - digest[7] = hex_to_u64 (hash_pos + 112); - - // Initialize BLAKE2 Params and State - - blake2_t *S = (blake2_t *) hash_buf->esalt; - - memset (S, 0, sizeof (blake2_t)); - - S->h[0] = BLAKE2B_IV_00; - S->h[1] = BLAKE2B_IV_01; - S->h[2] = BLAKE2B_IV_02; - S->h[3] = BLAKE2B_IV_03; - S->h[4] = BLAKE2B_IV_04; - S->h[5] = BLAKE2B_IV_05; - S->h[6] = BLAKE2B_IV_06; - S->h[7] = BLAKE2B_IV_07; - - // S->h[0] ^= 0x0000000001010040; // digest_lenght = 0x40, depth = 0x01, fanout = 0x01 - S->h[0] ^= 0x40 << 0; - S->h[0] ^= 0x01 << 16; - S->h[0] ^= 0x01 << 24; - - return (PARSER_OK); -} - int chacha20_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig) { u32 *digest = (u32 *) hash_buf->digest; @@ -7046,58 +6766,6 @@ int veracrypt_parse_hash_655331 (u8 *input_buf, u32 input_len, hash_t *hash_buf, return (PARSER_OK); } -int md5aix_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig) -{ - u32 *digest = (u32 *) hash_buf->digest; - - salt_t *salt = hash_buf->salt; - - token_t token; - - token.token_cnt = 3; - - token.signatures_cnt = 1; - token.signatures_buf[0] = SIGNATURE_MD5AIX; - - token.len[0] = 6; - token.attr[0] = TOKEN_ATTR_FIXED_LENGTH - | TOKEN_ATTR_VERIFY_SIGNATURE; - - token.len_min[1] = 0; - token.len_max[1] = 8; - token.sep[1] = '$'; - token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH - | TOKEN_ATTR_OPTIONAL_ROUNDS; - - token.len[2] = 22; - token.attr[2] = TOKEN_ATTR_FIXED_LENGTH - | TOKEN_ATTR_VERIFY_BASE64B; - - const int rc_tokenizer = input_tokenizer (input_buf, input_len, &token); - - if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); - - salt->salt_iter = ROUNDS_MD5CRYPT; - - if (token.opt_len != -1) - { - salt->salt_iter = hc_strtoul ((const char *) token.opt_buf + 7, NULL, 10); // 7 = "rounds=" - } - - const u8 *salt_pos = token.buf[1]; - const int salt_len = token.len[1]; - - const bool parse_rc = parse_and_store_generic_salt ((u8 *) salt->salt_buf, (int *) &salt->salt_len, salt_pos, salt_len, hashconfig); - - if (parse_rc == false) return (PARSER_SALT_LENGTH); - - const u8 *hash_pos = token.buf[2]; - - md5crypt_decode ((u8 *) digest, hash_pos); - - return (PARSER_OK); -} - int sha1aix_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig) { u32 *digest = (u32 *) hash_buf->digest; @@ -18160,11 +17828,6 @@ void hashconfig_benchmark_defaults (hashcat_ctx_t *hashcat_ctx, salt_t *salt, vo ((netntlm_t *) esalt)->srvchall_len = 1; ((netntlm_t *) esalt)->clichall_len = 1; break; - case 5600: ((netntlm_t *) esalt)->user_len = 1; - ((netntlm_t *) esalt)->domain_len = 1; - ((netntlm_t *) esalt)->srvchall_len = 1; - ((netntlm_t *) esalt)->clichall_len = 1; - break; case 7300: ((rakp_t *) esalt)->salt_len = 32; break; case 10400: ((pdf_t *) esalt)->id_len = 16; @@ -18229,8 +17892,6 @@ void hashconfig_benchmark_defaults (hashcat_ctx_t *hashcat_ctx, salt_t *salt, vo switch (hashconfig->hash_mode) { - case 1600: salt->salt_iter = ROUNDS_MD5CRYPT; - break; case 1800: salt->salt_iter = ROUNDS_SHA512CRYPT; break; case 2100: salt->salt_iter = ROUNDS_DCC2; @@ -18269,8 +17930,6 @@ void hashconfig_benchmark_defaults (hashcat_ctx_t *hashcat_ctx, salt_t *salt, vo break; case 6243: salt->salt_iter = ROUNDS_TRUECRYPT_1K; break; - case 6300: salt->salt_iter = ROUNDS_MD5CRYPT; - break; case 6400: salt->salt_iter = ROUNDS_SHA256AIX; break; case 6500: salt->salt_iter = ROUNDS_SHA512AIX; @@ -18687,26 +18346,6 @@ int ascii_digest (hashcat_ctx_t *hashcat_ctx, char *out_buf, const int out_size, snprintf (out_buf, out_size, "%s*1*%s*%s", SIGNATURE_EPISERVER, ptr_salt, ptr_plain); } - else if (hash_mode == 1600) - { - // the encoder is a bit too intelligent, it expects the input data in the wrong BOM - - digest_buf[0] = byte_swap_32 (digest_buf[0]); - digest_buf[1] = byte_swap_32 (digest_buf[1]); - digest_buf[2] = byte_swap_32 (digest_buf[2]); - digest_buf[3] = byte_swap_32 (digest_buf[3]); - - md5crypt_encode ((unsigned char *) digest_buf, (unsigned char *) ptr_plain); - - if (salt.salt_iter == ROUNDS_MD5CRYPT) - { - snprintf (out_buf, out_size, "$apr1$%s$%s", (char *) salt.salt_buf, ptr_plain); - } - else - { - snprintf (out_buf, out_size, "$apr1$rounds=%u$%s$%s", salt.salt_iter, (char *) salt.salt_buf, ptr_plain); - } - } else if (hash_mode == 1711) { // the encoder is a bit too intelligent, it expects the input data in the wrong BOM @@ -19116,55 +18755,6 @@ int ascii_digest (hashcat_ctx_t *hashcat_ctx, char *out_buf, const int out_size, byte_swap_32 (salt.salt_buf_pc[1]), clichall_buf); } - else if (hash_mode == 5600) - { - netntlm_t *netntlms = (netntlm_t *) esalts_buf; - - netntlm_t *netntlm = &netntlms[digest_cur]; - - char user_buf[64] = { 0 }; - char domain_buf[64] = { 0 }; - char srvchall_buf[1024] = { 0 }; - char clichall_buf[1024] = { 0 }; - - for (u32 i = 0, j = 0; j < netntlm->user_len; i += 1, j += 2) - { - char *ptr = (char *) netntlm->userdomain_buf; - - user_buf[i] = ptr[j]; - } - - for (u32 i = 0, j = 0; j < netntlm->domain_len; i += 1, j += 2) - { - char *ptr = (char *) netntlm->userdomain_buf; - - domain_buf[i] = ptr[netntlm->user_len + j]; - } - - for (u32 i = 0, j = 0; i < netntlm->srvchall_len; i += 1, j += 2) - { - u8 *ptr = (u8 *) netntlm->chall_buf; - - sprintf (srvchall_buf + j, "%02x", ptr[i]); - } - - for (u32 i = 0, j = 0; i < netntlm->clichall_len; i += 1, j += 2) - { - u8 *ptr = (u8 *) netntlm->chall_buf; - - sprintf (clichall_buf + j, "%02x", ptr[netntlm->srvchall_len + i]); - } - - snprintf (out_buf, out_size, "%s::%s:%s:%08x%08x%08x%08x:%s", - user_buf, - domain_buf, - srvchall_buf, - digest_buf[0], - digest_buf[1], - digest_buf[2], - digest_buf[3], - clichall_buf); - } else if (hash_mode == 5700) { // the encoder is a bit too intelligent, it expects the input data in the wrong BOM @@ -19205,19 +18795,6 @@ int ascii_digest (hashcat_ctx_t *hashcat_ctx, char *out_buf, const int out_size, { snprintf (out_buf, out_size, "%s", hashfile); } - else if (hash_mode == 6300) - { - // the encoder is a bit too intelligent, it expects the input data in the wrong BOM - - digest_buf[0] = byte_swap_32 (digest_buf[0]); - digest_buf[1] = byte_swap_32 (digest_buf[1]); - digest_buf[2] = byte_swap_32 (digest_buf[2]); - digest_buf[3] = byte_swap_32 (digest_buf[3]); - - md5crypt_encode ((unsigned char *) digest_buf, (unsigned char *) ptr_plain); - - snprintf (out_buf, out_size, "{smd5}%s$%s", (char *) salt.salt_buf, ptr_plain); - } else if (hash_mode == 6400) { sha256aix_encode ((unsigned char *) digest_buf, (unsigned char *) ptr_plain); @@ -21905,29 +21482,6 @@ int ascii_digest (hashcat_ctx_t *hashcat_ctx, char *out_buf, const int out_size, snprintf (out_buf, out_size, "%s$%s", (char *) salt.salt_sign, tmp_buf); } - else if (hash_type == HASH_TYPE_BLAKE2B) - { - u32 *ptr = digest_buf; - - snprintf (out_buf, out_size, "%s%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x", - SIGNATURE_BLAKE2B, - byte_swap_32 (ptr[ 0]), - byte_swap_32 (ptr[ 1]), - byte_swap_32 (ptr[ 2]), - byte_swap_32 (ptr[ 3]), - byte_swap_32 (ptr[ 4]), - byte_swap_32 (ptr[ 5]), - byte_swap_32 (ptr[ 6]), - byte_swap_32 (ptr[ 7]), - byte_swap_32 (ptr[ 8]), - byte_swap_32 (ptr[ 9]), - byte_swap_32 (ptr[10]), - byte_swap_32 (ptr[11]), - byte_swap_32 (ptr[12]), - byte_swap_32 (ptr[13]), - byte_swap_32 (ptr[14]), - byte_swap_32 (ptr[15])); - } else if (hash_type == HASH_TYPE_CHACHA20) { u32 *ptr = digest_buf; @@ -22642,24 +22196,6 @@ int hashconfig_init (hashcat_ctx_t *hashcat_ctx) hashconfig->st_pass = ST_PASS_HASHCAT_PLAIN; break; - case 600: hashconfig->hash_type = HASH_TYPE_BLAKE2B; - hashconfig->salt_type = SALT_TYPE_EMBEDDED; - hashconfig->attack_exec = ATTACK_EXEC_INSIDE_KERNEL; - hashconfig->opts_type = OPTS_TYPE_PT_GENERATE_LE; - hashconfig->kern_type = KERN_TYPE_BLAKE2B; - hashconfig->dgst_size = DGST_SIZE_8_8; - hashconfig->parse_func = blake2b_parse_hash; - hashconfig->opti_type = OPTI_TYPE_ZERO_BYTE - | OPTI_TYPE_USES_BITS_64 - | OPTI_TYPE_RAW_HASH; - hashconfig->dgst_pos0 = 1; - hashconfig->dgst_pos1 = 0; - hashconfig->dgst_pos2 = 3; - hashconfig->dgst_pos3 = 2; - hashconfig->st_hash = ST_HASH_00600; - hashconfig->st_pass = ST_PASS_HASHCAT_PLAIN; - break; - case 1100: hashconfig->hash_type = HASH_TYPE_MD4; hashconfig->salt_type = SALT_TYPE_GENERIC; hashconfig->attack_exec = ATTACK_EXEC_INSIDE_KERNEL; @@ -23829,25 +23365,6 @@ int hashconfig_init (hashcat_ctx_t *hashcat_ctx) hashconfig->st_pass = ST_PASS_HASHCAT_PLAIN; break; - case 5600: hashconfig->hash_type = HASH_TYPE_MD5; - hashconfig->salt_type = SALT_TYPE_EMBEDDED; - hashconfig->attack_exec = ATTACK_EXEC_INSIDE_KERNEL; - hashconfig->opts_type = OPTS_TYPE_PT_GENERATE_LE - | OPTS_TYPE_PT_ADD80 - | OPTS_TYPE_PT_ADDBITS14 - | OPTS_TYPE_PT_UTF16LE; - hashconfig->kern_type = KERN_TYPE_NETNTLMv2; - hashconfig->dgst_size = DGST_SIZE_4_4; - hashconfig->parse_func = netntlmv2_parse_hash; - hashconfig->opti_type = OPTI_TYPE_ZERO_BYTE; - hashconfig->dgst_pos0 = 0; - hashconfig->dgst_pos1 = 3; - hashconfig->dgst_pos2 = 2; - hashconfig->dgst_pos3 = 1; - hashconfig->st_hash = ST_HASH_05600; - hashconfig->st_pass = ST_PASS_HASHCAT_PLAIN; - break; - case 5700: hashconfig->hash_type = HASH_TYPE_SHA256; hashconfig->salt_type = SALT_TYPE_NONE; hashconfig->attack_exec = ATTACK_EXEC_INSIDE_KERNEL; @@ -26859,13 +26376,11 @@ int hashconfig_init (hashcat_ctx_t *hashcat_ctx) switch (hashconfig->hash_mode) { - case 600: hashconfig->esalt_size = sizeof (blake2_t); break; case 2500: hashconfig->esalt_size = sizeof (wpa_eapol_t); break; case 2501: hashconfig->esalt_size = sizeof (wpa_eapol_t); break; case 5300: hashconfig->esalt_size = sizeof (ikepsk_t); break; case 5400: hashconfig->esalt_size = sizeof (ikepsk_t); break; case 5500: hashconfig->esalt_size = sizeof (netntlm_t); break; - case 5600: hashconfig->esalt_size = sizeof (netntlm_t); break; case 6211: hashconfig->esalt_size = sizeof (tc_t); break; case 6212: hashconfig->esalt_size = sizeof (tc_t); break; case 6213: hashconfig->esalt_size = sizeof (tc_t); break; @@ -26970,7 +26485,6 @@ int hashconfig_init (hashcat_ctx_t *hashcat_ctx) switch (hashconfig->hash_mode) { - case 1600: hashconfig->tmp_size = sizeof (md5crypt_tmp_t); break; case 1800: hashconfig->tmp_size = sizeof (sha512crypt_tmp_t); break; case 2100: hashconfig->tmp_size = sizeof (dcc2_tmp_t); break; case 2500: hashconfig->tmp_size = sizeof (wpa_pbkdf2_tmp_t); break; @@ -26990,7 +26504,6 @@ int hashconfig_init (hashcat_ctx_t *hashcat_ctx) case 6241: hashconfig->tmp_size = sizeof (tc_tmp_t); break; case 6242: hashconfig->tmp_size = sizeof (tc_tmp_t); break; case 6243: hashconfig->tmp_size = sizeof (tc_tmp_t); break; - case 6300: hashconfig->tmp_size = sizeof (md5crypt_tmp_t); break; case 6400: hashconfig->tmp_size = sizeof (sha256aix_tmp_t); break; case 6500: hashconfig->tmp_size = sizeof (sha512aix_tmp_t); break; case 6600: hashconfig->tmp_size = sizeof (agilekey_tmp_t); break; diff --git a/src/modules/module_00600.c b/src/modules/module_00600.c new file mode 100644 index 000000000..11797bce5 --- /dev/null +++ b/src/modules/module_00600.c @@ -0,0 +1,217 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#include "common.h" +#include "types.h" +#include "modules.h" +#include "bitops.h" +#include "convert.h" +#include "shared.h" +#include "inc_hash_constants.h" + +static const u32 ATTACK_EXEC = ATTACK_EXEC_INSIDE_KERNEL; +static const u32 DGST_POS0 = 1; +static const u32 DGST_POS1 = 0; +static const u32 DGST_POS2 = 3; +static const u32 DGST_POS3 = 2; +static const u32 DGST_SIZE = DGST_SIZE_8_8; +static const u32 HASH_CATEGORY = HASH_CATEGORY_RAW_HASH; +static const char *HASH_NAME = "BLAKE2b-512"; +static const u32 HASH_TYPE = HASH_TYPE_GENERIC; +static const u64 KERN_TYPE = 600; +static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE + | OPTI_TYPE_USES_BITS_64 + | OPTI_TYPE_RAW_HASH; +static const u64 OPTS_TYPE = OPTS_TYPE_STATE_BUFFER_LE + | OPTS_TYPE_PT_GENERATE_LE; +static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; +static const char *ST_PASS = "hashcat"; +static const char *ST_HASH = "$BLAKE2$296c269e70ac5f0095e6fb47693480f0f7b97ccd0307f5c3bfa4df8f5ca5c9308a0e7108e80a0a9c0ebb715e8b7109b072046c6cd5e155b4cfd2f27216283b1e"; + +u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } +u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } +u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } +u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; } +u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; } +u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; } +u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; } +const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; } +u32 module_hash_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_TYPE; } +u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; } +u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; } +u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; } +u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; } +const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } +const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } + +typedef struct blake2 +{ + u64 h[8]; + u64 t[2]; + u64 f[2]; + u32 buflen; + u32 outlen; + +} blake2_t; + +static const char *SIGNATURE_BLAKE2B = "$BLAKE2$"; + +u64 module_esalt_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 esalt_size = (const u64) sizeof (blake2_t); + + return esalt_size; +} + +int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) +{ + u64 *digest = (u64 *) digest_buf; + + blake2_t *blake2 = (blake2_t *) esalt_buf; + + token_t token; + + token.token_cnt = 2; + + token.signatures_cnt = 1; + token.signatures_buf[0] = SIGNATURE_BLAKE2B; + + token.len[0] = 8; + token.attr[0] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_SIGNATURE; + + token.len[1] = 128; + token.attr[1] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + + const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); + + if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); + + const u8 *hash_pos = token.buf[1]; + + digest[0] = hex_to_u64 (hash_pos + 0); + digest[1] = hex_to_u64 (hash_pos + 16); + digest[2] = hex_to_u64 (hash_pos + 32); + digest[3] = hex_to_u64 (hash_pos + 48); + digest[4] = hex_to_u64 (hash_pos + 64); + digest[5] = hex_to_u64 (hash_pos + 80); + digest[6] = hex_to_u64 (hash_pos + 96); + digest[7] = hex_to_u64 (hash_pos + 112); + + // Initialize BLAKE2 Params and State + + memset (blake2, 0, sizeof (blake2_t)); + + blake2->h[0] = BLAKE2B_IV_00; + blake2->h[1] = BLAKE2B_IV_01; + blake2->h[2] = BLAKE2B_IV_02; + blake2->h[3] = BLAKE2B_IV_03; + blake2->h[4] = BLAKE2B_IV_04; + blake2->h[5] = BLAKE2B_IV_05; + blake2->h[6] = BLAKE2B_IV_06; + blake2->h[7] = BLAKE2B_IV_07; + + // blake2->h[0] ^= 0x0000000001010040; // digest_lenght = 0x40, depth = 0x01, fanout = 0x01 + blake2->h[0] ^= 0x40 << 0; + blake2->h[0] ^= 0x01 << 16; + blake2->h[0] ^= 0x01 << 24; + + return (PARSER_OK); +} + + +int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) +{ + const u64 *digest = (const u64 *) digest_buf; + + // we can not change anything in the original buffer, otherwise destroying sorting + // therefore create some local buffer + + u8 *out_buf = (u8 *) line_buf; + + int out_len = strlen (SIGNATURE_BLAKE2B); + + memcpy (out_buf, SIGNATURE_BLAKE2B, out_len); + + u64_to_hex (digest[0], out_buf + out_len); out_len += 16; + u64_to_hex (digest[1], out_buf + out_len); out_len += 16; + u64_to_hex (digest[2], out_buf + out_len); out_len += 16; + u64_to_hex (digest[3], out_buf + out_len); out_len += 16; + u64_to_hex (digest[4], out_buf + out_len); out_len += 16; + u64_to_hex (digest[5], out_buf + out_len); out_len += 16; + u64_to_hex (digest[6], out_buf + out_len); out_len += 16; + u64_to_hex (digest[7], out_buf + out_len); out_len += 16; + + return out_len; +} + +void module_init (module_ctx_t *module_ctx) +{ + module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; + module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT; + + module_ctx->module_attack_exec = module_attack_exec; + module_ctx->module_benchmark_esalt = MODULE_DEFAULT; + module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT; + module_ctx->module_benchmark_mask = MODULE_DEFAULT; + module_ctx->module_benchmark_salt = MODULE_DEFAULT; + module_ctx->module_build_plain_postprocess = MODULE_DEFAULT; + module_ctx->module_deep_comp_kernel = MODULE_DEFAULT; + module_ctx->module_dgst_pos0 = module_dgst_pos0; + module_ctx->module_dgst_pos1 = module_dgst_pos1; + module_ctx->module_dgst_pos2 = module_dgst_pos2; + module_ctx->module_dgst_pos3 = module_dgst_pos3; + module_ctx->module_dgst_size = module_dgst_size; + module_ctx->module_dictstat_disable = MODULE_DEFAULT; + module_ctx->module_esalt_size = module_esalt_size; + module_ctx->module_extra_buffer_size = MODULE_DEFAULT; + module_ctx->module_forced_outfile_format = MODULE_DEFAULT; + module_ctx->module_hash_binary_count = MODULE_DEFAULT; + module_ctx->module_hash_binary_parse = MODULE_DEFAULT; + module_ctx->module_hash_binary_save = MODULE_DEFAULT; + module_ctx->module_hash_binary_verify = MODULE_DEFAULT; + module_ctx->module_hash_decode_outfile = MODULE_DEFAULT; + module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; + module_ctx->module_hash_decode = module_hash_decode; + module_ctx->module_hash_encode_status = MODULE_DEFAULT; + module_ctx->module_hash_encode = module_hash_encode; + module_ctx->module_hash_init_selftest = MODULE_DEFAULT; + module_ctx->module_hash_mode = MODULE_DEFAULT; + module_ctx->module_hash_category = module_hash_category; + module_ctx->module_hash_name = module_hash_name; + module_ctx->module_hash_type = module_hash_type; + module_ctx->module_hlfmt_disable = MODULE_DEFAULT; + module_ctx->module_hook12 = MODULE_DEFAULT; + module_ctx->module_hook23 = MODULE_DEFAULT; + module_ctx->module_hook_salt_size = MODULE_DEFAULT; + module_ctx->module_hook_size = MODULE_DEFAULT; + module_ctx->module_jit_build_options = MODULE_DEFAULT; + module_ctx->module_kernel_accel_max = MODULE_DEFAULT; + module_ctx->module_kernel_accel_min = MODULE_DEFAULT; + module_ctx->module_kernel_loops_max = MODULE_DEFAULT; + module_ctx->module_kernel_loops_min = MODULE_DEFAULT; + module_ctx->module_kernel_threads_max = MODULE_DEFAULT; + module_ctx->module_kernel_threads_min = MODULE_DEFAULT; + module_ctx->module_kern_type = module_kern_type; + module_ctx->module_opti_type = module_opti_type; + module_ctx->module_opts_type = module_opts_type; + module_ctx->module_outfile_check_disable = MODULE_DEFAULT; + module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT; + module_ctx->module_potfile_disable = MODULE_DEFAULT; + module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; + module_ctx->module_pwdump_column = MODULE_DEFAULT; + module_ctx->module_pw_max = MODULE_DEFAULT; + module_ctx->module_pw_min = MODULE_DEFAULT; + module_ctx->module_salt_max = MODULE_DEFAULT; + module_ctx->module_salt_min = MODULE_DEFAULT; + module_ctx->module_salt_type = module_salt_type; + module_ctx->module_separator = MODULE_DEFAULT; + module_ctx->module_st_hash = module_st_hash; + module_ctx->module_st_pass = module_st_pass; + module_ctx->module_tmp_size = MODULE_DEFAULT; + module_ctx->module_unstable_warning = MODULE_DEFAULT; + module_ctx->module_warmup_disable = MODULE_DEFAULT; +}