arno/hashcat
1
0
Fork 0
mirror of https://github.com/hashcat/hashcat.git synced 2025-07-09 08:08:15 +00:00
Code Issues Releases Wiki Activity

Merge pull request #4248 from matrix/MSONLINEACCOUNT_v2

Browse Source 
Module 33700: limit data len to 32 bytes, based on the extraction tool
This commit is contained in:
Jens Steube 2025-06-10 09:23:07 +02:00 committed by GitHub
commit 5ce7e9ec2a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 15 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
OpenCL/m33700-pure.cl
View File

@ -28,7 +28,7 @@ typedef struct pkcs_sha256_tmp
typedef struct pkcs
{
u32 data_buf[60];
u32 data_buf[8];
int data_len;
} pkcs_t;
@ -360,10 +360,6 @@ KERNEL_FQ void m33700_comp (KERN_ATTR_TMPS_ESALT (pkcs_sha256_tmp_t, pkcs_t))
ukey[6] = tmps[gid].out[6];
ukey[7] = tmps[gid].out[7];
//const int data_len = esalt_bufs[DIGESTS_OFFSET_HOST].data_len;
u32 iv[4] = { 0 };
// decrypt first block
u32 enc[4];
@ -380,15 +376,13 @@ KERNEL_FQ void m33700_comp (KERN_ATTR_TMPS_ESALT (pkcs_sha256_tmp_t, pkcs_t))
aes256_decrypt (ks, enc, dec, s_td0, s_td1, s_td2, s_td3, s_td4);
dec[0] ^= iv[0];
dec[0] = hc_swap32_S (dec[0]);
dec[0] ^= 0x00000000;
if (dec[0] != 0x00000000) return;
dec[1] ^= iv[1];
dec[1] = hc_swap32_S (dec[1]);
dec[1] ^= 0x00000000;
if (dec[1] != 0x01000000) return;
if (dec[1] != 0x00000001) return;
if (hc_atomic_inc (&hashes_shown[DIGESTS_OFFSET_HOST]) == 0)
{

18
src/modules/module_33700.c
View File

@ -26,7 +26,7 @@ static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE
| OPTS_TYPE_PT_UTF16LE;
static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED;
static const char *ST_PASS = "hashcat";
static const char *ST_HASH = "$MSONLINEACCOUNT$0$10000$91869d1d5d3a1df25dd3f0e57bbc226aaae0b6e3a61991083f314886b26c7477c4c6bfb99e48cb0eed6d76d9a59c2e8462c308fd681fd5ac591500b7f6b3c9eec87c1c2f8f563cc0cd24f411f44d5cc74e44b6b12d5f31c9f5c6818b6472bb37116d2584f6938f8b797fdd71449d844e10277e8d2f1eb5a57d6abc9ccf0b681ca463a0f18080a464cbfd859f955c67a9f06427638893d6331f5e529e0e59f4b6e1a775a93a9df5573010886265786ce8c6dfa65a0e9de99f9fdbfa5ff9668534fccc419c9f99c9853e04d4455130712486c643b5aca11a9aba85be271deef6bad064936bb86a96303fc430f31ed5b172";
static const char *ST_HASH = "$MSONLINEACCOUNT$0$10000$91869d1d5d3a1df25dd3f0e57bbc226a43641bc03086dcb5b6672941fcabce01";
u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; }
u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; }
@ -55,7 +55,7 @@ typedef struct pkcs_sha256_tmp
typedef struct pkcs
{
u32 data_buf[60];
u32 data_buf[8];
int data_len;
} pkcs_t;
@ -107,7 +107,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
| TOKEN_ATTR_VERIFY_DIGIT;
token.sep[3] = '$';
token.len[3] = 480;
token.len[3] = 64;
token.attr[3] = TOKEN_ATTR_FIXED_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
@ -136,7 +136,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
pkcs->data_len = hex_decode (data_pos, data_len, (u8 *) pkcs->data_buf);
// hash
// fake digest
digest[0] = pkcs->data_buf[0];
digest[1] = pkcs->data_buf[1];
@ -145,10 +145,12 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
// set fake salt
salt->salt_buf[0] = digest[0];
salt->salt_buf[1] = digest[1];
salt->salt_buf[2] = digest[2];
salt->salt_buf[3] = digest[3];
salt->salt_buf[0] = pkcs->data_buf[0];
salt->salt_buf[1] = pkcs->data_buf[1];
salt->salt_buf[2] = pkcs->data_buf[2];
salt->salt_buf[3] = pkcs->data_buf[3];
salt->salt_len = 16;
return (PARSER_OK);
}

2
tools/test_modules/m33700.pm
View File

@ -73,7 +73,7 @@ sub module_generate_hash
}
else
{
$data_bin = pack ("H*", "0000000001000000000000006000000060000000000000002000000040000000d43b8a0960a5654d8b9b31562f8be8b60efac1c060d2c74ee14db2b9328daac71e21bff7f1888a56e087f0bc861ced541ccf651d0fd7bcddbd9dd360ebfa36e810e461f6e4066171944c20d0cf0971f27b2256657273696f6e223a332c202255736572496e666f223a7b2256657273696f6e223a322c2022556e697175654964223a2238633466343238362d653262342d346264652d393330642d343537346361386230363566222c20225072696d617279536964223a22532d312d31322d31");
$data_bin = pack ("H*", "000000000100000000000000600000006000000000000000200000004000");
}
my $aes = Crypt::CBC->new ({