From 51e47daa1dbffd1b34d1d05f3b4cf7368f1853fd Mon Sep 17 00:00:00 2001 From: Jens Steube Date: Mon, 14 Jul 2025 11:30:21 +0200 Subject: [PATCH] =?UTF-8?q?Fix=20detection=20of=20argon2=20kernel=5Faccel?= =?UTF-8?q?=5Fnew.=20Ensure=20user-defined=20-n=20value=20does=20not=20exc?= =?UTF-8?q?eed=20available=20memory;=20reduce=20it=20if=20necessary.=20On?= =?UTF-8?q?=20devices=20with=20unified=20memory=20(iGPU),=20only=20half=20?= =?UTF-8?q?of=20the=20memory=20is=20made=20available.=20Improve=20unit=20t?= =?UTF-8?q?est=20for=20-m=208300.=20In=20optimized=20mode,=20allow=20longe?= =?UTF-8?q?r=20passwords,=20domain=20names,=20and=20salts.=20In=20both=20o?= =?UTF-8?q?ptimized=20and=20pure=20modes,=20ensure=20the=20domain=20name?= =?UTF-8?q?=20does=20not=20exceed=2063=20characters.=20Fix=20SNMPv3=20unit?= =?UTF-8?q?=20test=20to=20produce=20passwords=20of=20at=20least=208=20char?= =?UTF-8?q?acters,=20as=20required=20by=20RFC=E2=80=AF3414.=20Fix=20file?= =?UTF-8?q?=20permissions=20in=20tools/=20folder.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/modules/argon2_common.c | 11 ++++------- tools/apfs2hashcat.py | 0 tools/bitlocker2hashcat.py | 0 tools/keybag2hashcat.py | 0 tools/metamask2hashcat.py | 0 tools/shiro1-to-hashcat.py | 0 tools/test_modules/m08300.pm | 23 +++++++---------------- tools/test_modules/m25000.pm | 2 +- tools/test_modules/m25100.pm | 2 +- tools/test_modules/m25200.pm | 2 +- 10 files changed, 14 insertions(+), 26 deletions(-) mode change 100644 => 100755 tools/apfs2hashcat.py mode change 100644 => 100755 tools/bitlocker2hashcat.py mode change 100644 => 100755 tools/keybag2hashcat.py mode change 100644 => 100755 tools/metamask2hashcat.py mode change 100644 => 100755 tools/shiro1-to-hashcat.py diff --git a/src/modules/argon2_common.c b/src/modules/argon2_common.c index 6885bc177..a7bcdc96a 100644 --- a/src/modules/argon2_common.c +++ b/src/modules/argon2_common.c @@ -61,20 +61,17 @@ const char *argon2_module_extra_tuningdb_block (MAYBE_UNUSED const hashconfig_t const u64 available_mem = MIN (device_param->device_available_mem, (device_param->device_maxmem_alloc * 4)) - (fixed_mem + spill_mem); + const u32 kernel_accel_max = (device_param->device_host_unified_memory == true) ? (available_mem / 2) / size_per_accel : available_mem / size_per_accel; + u32 kernel_accel_new = device_processors; if (kernel_accel_user) { - kernel_accel_new = kernel_accel_user; + kernel_accel_new = MIN (kernel_accel_max, kernel_accel_user); } else { - if ((device_param->opencl_device_type & CL_DEVICE_TYPE_GPU) && (device_param->device_host_unified_memory == false)) - { - kernel_accel_new = available_mem / size_per_accel; - - kernel_accel_new = MIN (kernel_accel_new, 1024); // 1024 = max supported - } + kernel_accel_new = kernel_accel_max; } char *new_device_name = hcstrdup (device_param->device_name); diff --git a/tools/apfs2hashcat.py b/tools/apfs2hashcat.py old mode 100644 new mode 100755 diff --git a/tools/bitlocker2hashcat.py b/tools/bitlocker2hashcat.py old mode 100644 new mode 100755 diff --git a/tools/keybag2hashcat.py b/tools/keybag2hashcat.py old mode 100644 new mode 100755 diff --git a/tools/metamask2hashcat.py b/tools/metamask2hashcat.py old mode 100644 new mode 100755 diff --git a/tools/shiro1-to-hashcat.py b/tools/shiro1-to-hashcat.py old mode 100644 new mode 100755 diff --git a/tools/test_modules/m08300.pm b/tools/test_modules/m08300.pm index 879949fde..573efa407 100644 --- a/tools/test_modules/m08300.pm +++ b/tools/test_modules/m08300.pm @@ -14,18 +14,19 @@ use Net::DNS::SEC; # we need to restrict the pure password length for the test module to 63 bytes, # because we can't have any string (including the pass) of over 63 bytes without "." -# sub module_constraints { [[1, 256], [-1, -1], [1, 55], [-1, -1], [-1, -1]] } -sub module_constraints { [[1, 63], [-1, -1], [1, 55], [-1, -1], [-1, -1]] } +sub module_constraints { [[1, 63], [1, 63], [1, 32], [1, 24], [1, 44]] } sub get_random_dnssec_salt { + my $domain = shift; + my $salt_buf = ""; $salt_buf .= "."; - $salt_buf .= random_lowercase_string (8); + $salt_buf .= $domain; - $salt_buf .= ".net"; + #$salt_buf .= ".net"; $salt_buf .= ":"; @@ -40,19 +41,9 @@ sub module_generate_hash my $salt = shift; my $iter = shift // 1; - if (length $salt == 0) - { - if (int (rand (10)) == 0) - { - $salt = ":"; - } - else - { - $salt = get_random_dnssec_salt (); - } - } + my $combined_salt = get_random_dnssec_salt ($salt); - my ($domain, $salt_hex) = split (":", $salt); + my ($domain, $salt_hex) = split (":", $combined_salt); my $hashalg = Net::DNS::SEC->digtype ("SHA1"); diff --git a/tools/test_modules/m25000.pm b/tools/test_modules/m25000.pm index c62110472..002a29a22 100644 --- a/tools/test_modules/m25000.pm +++ b/tools/test_modules/m25000.pm @@ -12,7 +12,7 @@ use Digest::MD5 qw (md5 md5_hex); use Digest::SHA qw (sha1 sha1_hex); use Digest::HMAC qw (hmac_hex); -sub module_constraints { [[0, 256], [24, 3000], [-1, -1], [-1, -1], [-1, -1]] } +sub module_constraints { [[8, 256], [24, 3000], [-1, -1], [-1, -1], [-1, -1]] } sub module_generate_hash { diff --git a/tools/test_modules/m25100.pm b/tools/test_modules/m25100.pm index 8256ac277..895134cf0 100644 --- a/tools/test_modules/m25100.pm +++ b/tools/test_modules/m25100.pm @@ -11,7 +11,7 @@ use warnings; use Digest::MD5 qw (md5 md5_hex); use Digest::HMAC qw (hmac_hex); -sub module_constraints { [[0, 256], [24, 3000], [-1, -1], [-1, -1], [-1, -1]] } +sub module_constraints { [[8, 256], [24, 3000], [-1, -1], [-1, -1], [-1, -1]] } sub module_generate_hash { diff --git a/tools/test_modules/m25200.pm b/tools/test_modules/m25200.pm index 9d14fbf36..c649aa72e 100644 --- a/tools/test_modules/m25200.pm +++ b/tools/test_modules/m25200.pm @@ -11,7 +11,7 @@ use warnings; use Digest::SHA qw (sha1 sha1_hex); use Digest::HMAC qw (hmac_hex); -sub module_constraints { [[0, 256], [24, 3000], [-1, -1], [-1, -1], [-1, -1]] } +sub module_constraints { [[8, 256], [24, 3000], [-1, -1], [-1, -1], [-1, -1]] } sub module_generate_hash {