mirror of
https://github.com/hashcat/hashcat.git
synced 2024-11-21 23:58:07 +00:00
Rewrite -m 32700 to use salt_iter and loop kernel as expected in slow hash modes
This commit is contained in:
Jens Steube
parent
992fb9047c
commit
573423af97
@ -16,10 +16,13 @@
|
||||
|
||||
typedef struct sha1_tmp
|
||||
{
|
||||
u32 digest[5];
|
||||
u32 salt[2];
|
||||
u32 newdes_key[15];
|
||||
|
||||
} sha1_tmp_t;
|
||||
|
||||
CONSTANT_VK uchar newdes_rotor[256] = {
|
||||
CONSTANT_VK uchar newdes_rotor[256] =
|
||||
{
|
||||
32, 137, 239, 188, 102, 125, 221, 72, 212, 68, 81, 37, 86, 237, 147, 149,
|
||||
70, 229, 17, 124, 115, 207, 33, 20, 122, 143, 25, 215, 51, 183, 138, 142,
|
||||
146, 211, 110, 173, 1, 228, 189, 14, 103, 78, 162, 36, 253, 167, 116, 255,
|
||||
@ -40,16 +43,14 @@ CONSTANT_VK uchar newdes_rotor[256] = {
|
||||
|
||||
DECLSPEC void new_des (uchar * block, uchar * newdes_key)
|
||||
{
|
||||
#define B0 (*block)
|
||||
#define B1 (*(block+1))
|
||||
#define B2 (*(block+2))
|
||||
#define B3 (*(block+3))
|
||||
#define B4 (*(block+4))
|
||||
#define B5 (*(block+5))
|
||||
#define B6 (*(block+6))
|
||||
#define B7 (*(block+7))
|
||||
|
||||
|
||||
#define B0 (*(block+0))
|
||||
#define B1 (*(block+1))
|
||||
#define B2 (*(block+2))
|
||||
#define B3 (*(block+3))
|
||||
#define B4 (*(block+4))
|
||||
#define B5 (*(block+5))
|
||||
#define B6 (*(block+6))
|
||||
#define B7 (*(block+7))
|
||||
|
||||
for (int count = 0; count < 8; count++)
|
||||
{
|
||||
@ -89,8 +90,7 @@ KERNEL_FQ void m32700_init (KERN_ATTR_TMPS (sha1_tmp_t))
|
||||
{
|
||||
const u64 gid = get_global_id (0);
|
||||
|
||||
if (gid >= GID_CNT)
|
||||
return;
|
||||
if (gid >= GID_CNT) return;
|
||||
|
||||
// Initial "SHA-1" (with endianness bug)
|
||||
sha1_ctx_t ctx;
|
||||
@ -99,44 +99,72 @@ KERNEL_FQ void m32700_init (KERN_ATTR_TMPS (sha1_tmp_t))
|
||||
sha1_update_global_swap (&ctx, pws[gid].i, pws[gid].pw_len);
|
||||
sha1_final (&ctx);
|
||||
|
||||
tmps[gid].digest[0] = hc_swap32 (ctx.h[0]);
|
||||
tmps[gid].digest[1] = hc_swap32 (ctx.h[1]);
|
||||
tmps[gid].digest[2] = hc_swap32 (ctx.h[2]);
|
||||
tmps[gid].digest[3] = hc_swap32 (ctx.h[3]);
|
||||
tmps[gid].digest[4] = hc_swap32 (ctx.h[4]);
|
||||
ctx.h[0] = hc_swap32_S (ctx.h[0]);
|
||||
ctx.h[1] = hc_swap32_S (ctx.h[1]);
|
||||
ctx.h[2] = hc_swap32_S (ctx.h[2]);
|
||||
ctx.h[3] = hc_swap32_S (ctx.h[3]);
|
||||
ctx.h[4] = hc_swap32_S (ctx.h[4]);
|
||||
|
||||
// Crate a NewDES key
|
||||
u32 newdes_key[15];
|
||||
|
||||
key_expansion ((uchar *) ctx.h, (uchar *) newdes_key);
|
||||
|
||||
for (int i = 0; i < 15; i++)
|
||||
{
|
||||
tmps[gid].newdes_key[i] = newdes_key[i];
|
||||
}
|
||||
|
||||
// Run NewDES on salt using the expanded key
|
||||
tmps[gid].salt[0] = salt_bufs[SALT_POS_HOST].salt_buf[0];
|
||||
tmps[gid].salt[1] = salt_bufs[SALT_POS_HOST].salt_buf[1];
|
||||
}
|
||||
|
||||
KERNEL_FQ void m32700_loop (KERN_ATTR_TMPS (sha1_tmp_t))
|
||||
{
|
||||
const u64 gid = get_global_id (0);
|
||||
|
||||
if (gid >= GID_CNT)
|
||||
return;
|
||||
if (gid >= GID_CNT) return;
|
||||
|
||||
u32 digest[5];
|
||||
u32 newdes_key[15];
|
||||
|
||||
digest[0] = tmps[gid].digest[0];
|
||||
digest[1] = tmps[gid].digest[1];
|
||||
digest[2] = tmps[gid].digest[2];
|
||||
digest[3] = tmps[gid].digest[3];
|
||||
digest[4] = tmps[gid].digest[4];
|
||||
for (int i = 0; i < 15; i++)
|
||||
{
|
||||
newdes_key[i] = tmps[gid].newdes_key[i];
|
||||
}
|
||||
|
||||
// Crate a NewDES key
|
||||
uchar newdes_key[60];
|
||||
u32 salt[2];
|
||||
|
||||
key_expansion ((uchar *) digest, newdes_key);
|
||||
|
||||
// Run NewDES on salt using the expanded key
|
||||
u32 salt[16] = { 0 }; // sha1_update_swap needs more space then our 8 byte salt; This seem to work!
|
||||
salt[0] = salt_bufs[SALT_POS_HOST].salt_buf[0];
|
||||
salt[1] = salt_bufs[SALT_POS_HOST].salt_buf[1];
|
||||
salt[0] = tmps[gid].salt[0];
|
||||
salt[1] = tmps[gid].salt[1];
|
||||
|
||||
// Run 1000 iterations of NewDES on the derived salt
|
||||
for (int i = 0; i < 1000; i++)
|
||||
for (int i = 0; i < LOOP_CNT; i++)
|
||||
{
|
||||
new_des ((uchar *) salt, newdes_key);
|
||||
new_des ((uchar *) salt, (uchar *) newdes_key);
|
||||
}
|
||||
|
||||
for (int i = 0; i < 15; i++)
|
||||
{
|
||||
tmps[gid].newdes_key[i] = newdes_key[i];
|
||||
}
|
||||
|
||||
// Run NewDES on salt using the expanded key
|
||||
tmps[gid].salt[0] = salt[0];
|
||||
tmps[gid].salt[1] = salt[1];
|
||||
}
|
||||
|
||||
KERNEL_FQ void m32700_comp (KERN_ATTR_TMPS (sha1_tmp_t))
|
||||
{
|
||||
const u64 gid = get_global_id (0);
|
||||
|
||||
if (gid >= GID_CNT) return;
|
||||
|
||||
u32 salt[16] = { 0 };
|
||||
|
||||
salt[0] = tmps[gid].salt[0];
|
||||
salt[1] = tmps[gid].salt[1];
|
||||
|
||||
// Final "SHA-1" (with endianness bug)
|
||||
sha1_ctx_t ctx;
|
||||
|
||||
@ -145,28 +173,14 @@ KERNEL_FQ void m32700_loop (KERN_ATTR_TMPS (sha1_tmp_t))
|
||||
sha1_update_global_swap (&ctx, pws[gid].i, pws[gid].pw_len);
|
||||
sha1_final (&ctx);
|
||||
|
||||
tmps[gid].digest[0] = ctx.h[0];
|
||||
tmps[gid].digest[1] = ctx.h[1];
|
||||
tmps[gid].digest[2] = ctx.h[2];
|
||||
tmps[gid].digest[3] = ctx.h[3];
|
||||
tmps[gid].digest[4] = ctx.h[4];
|
||||
}
|
||||
|
||||
KERNEL_FQ void m32700_comp (KERN_ATTR_TMPS (sha1_tmp_t))
|
||||
{
|
||||
const u64 gid = get_global_id (0);
|
||||
|
||||
if (gid >= GID_CNT)
|
||||
return;
|
||||
|
||||
const u32 r0 = tmps[gid].digest[DGST_R0];
|
||||
const u32 r1 = tmps[gid].digest[DGST_R1];
|
||||
const u32 r2 = tmps[gid].digest[DGST_R2];
|
||||
const u32 r3 = tmps[gid].digest[DGST_R3];
|
||||
|
||||
#define il_pos 0
|
||||
|
||||
#ifdef KERNEL_STATIC
|
||||
#include COMPARE_M
|
||||
#endif
|
||||
const u32 r0 = ctx.h[0];
|
||||
const u32 r1 = ctx.h[1];
|
||||
const u32 r2 = ctx.h[2];
|
||||
const u32 r3 = ctx.h[3];
|
||||
|
||||
#define il_pos 0
|
||||
|
||||
#ifdef KERNEL_STATIC
|
||||
#include COMPARE_M
|
||||
#endif
|
||||
}
|
||||
|
||||
@ -11,10 +11,10 @@
|
||||
#include "shared.h"
|
||||
|
||||
static const u32 ATTACK_EXEC = ATTACK_EXEC_OUTSIDE_KERNEL;
|
||||
static const u32 DGST_POS0 = 3;
|
||||
static const u32 DGST_POS1 = 4;
|
||||
static const u32 DGST_POS0 = 0;
|
||||
static const u32 DGST_POS1 = 1;
|
||||
static const u32 DGST_POS2 = 2;
|
||||
static const u32 DGST_POS3 = 1;
|
||||
static const u32 DGST_POS3 = 3;
|
||||
static const u32 DGST_SIZE = DGST_SIZE_4_5;
|
||||
static const u32 HASH_CATEGORY = HASH_CATEGORY_ARCHIVE;
|
||||
static const char *HASH_NAME = "Kremlin Encrypt 3.0 w/NewDES";
|
||||
@ -25,6 +25,13 @@ static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED;
|
||||
static const char *ST_PASS = "hashcat";
|
||||
static const char *ST_HASH = "$kgb$0ab30cf7a52dad93$82a7c454246fc7570224e9f24279791aa2a63bf4";
|
||||
|
||||
typedef struct sha1_tmp
|
||||
{
|
||||
u32 salt[2];
|
||||
u32 newdes_key[15];
|
||||
|
||||
} sha1_tmp_t;
|
||||
|
||||
u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t * hashconfig, MAYBE_UNUSED const user_options_t * user_options, MAYBE_UNUSED const user_options_extra_t * user_options_extra)
|
||||
{
|
||||
return ATTACK_EXEC;
|
||||
@ -145,7 +152,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t * hashconfig, MAYBE_UNUS
|
||||
salt->salt_buf[i] = hex_to_u32 (salt_pos + j);
|
||||
}
|
||||
salt->salt_len = 8;
|
||||
salt->salt_iter = 1;
|
||||
salt->salt_iter = 1000;
|
||||
|
||||
// final "sha-1"-ish hash
|
||||
const u8 *hash_pos = token.buf[2];
|
||||
@ -180,7 +187,7 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t * hashconfig, MAYBE_UNUS
|
||||
|
||||
u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t * hashconfig, MAYBE_UNUSED const user_options_t * user_options, MAYBE_UNUSED const user_options_extra_t * user_options_extra)
|
||||
{
|
||||
const u64 tmp_size = (const u64) sizeof (u32) * 5;
|
||||
const u64 tmp_size = (const u64) sizeof (sha1_tmp_t);
|
||||
|
||||
return tmp_size;
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user