mirror of
https://github.com/hashcat/hashcat.git
synced 2025-07-09 16:18:19 +00:00
Merge pull request #4248 from matrix/MSONLINEACCOUNT_v2
Module 33700: limit data len to 32 bytes, based on the extraction tool
This commit is contained in:
commit
5ce7e9ec2a
@ -28,7 +28,7 @@ typedef struct pkcs_sha256_tmp
|
||||
|
||||
typedef struct pkcs
|
||||
{
|
||||
u32 data_buf[60];
|
||||
u32 data_buf[8];
|
||||
int data_len;
|
||||
|
||||
} pkcs_t;
|
||||
@ -360,10 +360,6 @@ KERNEL_FQ void m33700_comp (KERN_ATTR_TMPS_ESALT (pkcs_sha256_tmp_t, pkcs_t))
|
||||
ukey[6] = tmps[gid].out[6];
|
||||
ukey[7] = tmps[gid].out[7];
|
||||
|
||||
//const int data_len = esalt_bufs[DIGESTS_OFFSET_HOST].data_len;
|
||||
|
||||
u32 iv[4] = { 0 };
|
||||
|
||||
// decrypt first block
|
||||
|
||||
u32 enc[4];
|
||||
@ -380,15 +376,13 @@ KERNEL_FQ void m33700_comp (KERN_ATTR_TMPS_ESALT (pkcs_sha256_tmp_t, pkcs_t))
|
||||
|
||||
aes256_decrypt (ks, enc, dec, s_td0, s_td1, s_td2, s_td3, s_td4);
|
||||
|
||||
dec[0] ^= iv[0];
|
||||
dec[0] = hc_swap32_S (dec[0]);
|
||||
dec[0] ^= 0x00000000;
|
||||
|
||||
if (dec[0] != 0x00000000) return;
|
||||
|
||||
dec[1] ^= iv[1];
|
||||
dec[1] = hc_swap32_S (dec[1]);
|
||||
dec[1] ^= 0x00000000;
|
||||
|
||||
if (dec[1] != 0x01000000) return;
|
||||
if (dec[1] != 0x00000001) return;
|
||||
|
||||
if (hc_atomic_inc (&hashes_shown[DIGESTS_OFFSET_HOST]) == 0)
|
||||
{
|
||||
|
@ -26,7 +26,7 @@ static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE
|
||||
| OPTS_TYPE_PT_UTF16LE;
|
||||
static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED;
|
||||
static const char *ST_PASS = "hashcat";
|
||||
static const char *ST_HASH = "$MSONLINEACCOUNT$0$10000$91869d1d5d3a1df25dd3f0e57bbc226aaae0b6e3a61991083f314886b26c7477c4c6bfb99e48cb0eed6d76d9a59c2e8462c308fd681fd5ac591500b7f6b3c9eec87c1c2f8f563cc0cd24f411f44d5cc74e44b6b12d5f31c9f5c6818b6472bb37116d2584f6938f8b797fdd71449d844e10277e8d2f1eb5a57d6abc9ccf0b681ca463a0f18080a464cbfd859f955c67a9f06427638893d6331f5e529e0e59f4b6e1a775a93a9df5573010886265786ce8c6dfa65a0e9de99f9fdbfa5ff9668534fccc419c9f99c9853e04d4455130712486c643b5aca11a9aba85be271deef6bad064936bb86a96303fc430f31ed5b172";
|
||||
static const char *ST_HASH = "$MSONLINEACCOUNT$0$10000$91869d1d5d3a1df25dd3f0e57bbc226a43641bc03086dcb5b6672941fcabce01";
|
||||
|
||||
u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; }
|
||||
u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; }
|
||||
@ -55,7 +55,7 @@ typedef struct pkcs_sha256_tmp
|
||||
|
||||
typedef struct pkcs
|
||||
{
|
||||
u32 data_buf[60];
|
||||
u32 data_buf[8];
|
||||
int data_len;
|
||||
|
||||
} pkcs_t;
|
||||
@ -107,7 +107,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
|
||||
| TOKEN_ATTR_VERIFY_DIGIT;
|
||||
|
||||
token.sep[3] = '$';
|
||||
token.len[3] = 480;
|
||||
token.len[3] = 64;
|
||||
token.attr[3] = TOKEN_ATTR_FIXED_LENGTH
|
||||
| TOKEN_ATTR_VERIFY_HEX;
|
||||
|
||||
@ -136,7 +136,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
|
||||
|
||||
pkcs->data_len = hex_decode (data_pos, data_len, (u8 *) pkcs->data_buf);
|
||||
|
||||
// hash
|
||||
// fake digest
|
||||
|
||||
digest[0] = pkcs->data_buf[0];
|
||||
digest[1] = pkcs->data_buf[1];
|
||||
@ -145,10 +145,12 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
|
||||
|
||||
// set fake salt
|
||||
|
||||
salt->salt_buf[0] = digest[0];
|
||||
salt->salt_buf[1] = digest[1];
|
||||
salt->salt_buf[2] = digest[2];
|
||||
salt->salt_buf[3] = digest[3];
|
||||
salt->salt_buf[0] = pkcs->data_buf[0];
|
||||
salt->salt_buf[1] = pkcs->data_buf[1];
|
||||
salt->salt_buf[2] = pkcs->data_buf[2];
|
||||
salt->salt_buf[3] = pkcs->data_buf[3];
|
||||
|
||||
salt->salt_len = 16;
|
||||
|
||||
return (PARSER_OK);
|
||||
}
|
||||
|
@ -73,7 +73,7 @@ sub module_generate_hash
|
||||
}
|
||||
else
|
||||
{
|
||||
$data_bin = pack ("H*", "0000000001000000000000006000000060000000000000002000000040000000d43b8a0960a5654d8b9b31562f8be8b60efac1c060d2c74ee14db2b9328daac71e21bff7f1888a56e087f0bc861ced541ccf651d0fd7bcddbd9dd360ebfa36e810e461f6e4066171944c20d0cf0971f27b2256657273696f6e223a332c202255736572496e666f223a7b2256657273696f6e223a322c2022556e697175654964223a2238633466343238362d653262342d346264652d393330642d343537346361386230363566222c20225072696d617279536964223a22532d312d31322d31");
|
||||
$data_bin = pack ("H*", "000000000100000000000000600000006000000000000000200000004000");
|
||||
}
|
||||
|
||||
my $aes = Crypt::CBC->new ({
|
||||
|
Loading…
Reference in New Issue
Block a user