From 9ad36f9167ce40a5c75b756ee7c1186432a4dbda Mon Sep 17 00:00:00 2001 From: justpretending Date: Thu, 9 Feb 2023 18:47:45 +0700 Subject: [PATCH 1/4] Support $HEX[] in module 99999 (fixes #3613) --- src/modules/module_99999.c | 46 ++++++++++++++++++++++++++++++++++---- 1 file changed, 42 insertions(+), 4 deletions(-) diff --git a/src/modules/module_99999.c b/src/modules/module_99999.c index c86abe8e7..f09d550d7 100644 --- a/src/modules/module_99999.c +++ b/src/modules/module_99999.c @@ -68,17 +68,29 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE token.token_cnt = 1; token.len_min[0] = 1; - token.len_max[0] = 55; + token.len_max[0] = 55 * 2 + 6; /* 55 without $HEX[...] */ token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH; const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); + const u8 *unhex_buf = token.buf[0]; + int unhex_len = token.len[0]; + + if (is_hexify (unhex_buf, unhex_len)) + { + unhex_len = exec_unhexify (unhex_buf, unhex_len, (u8 *) unhex_buf, unhex_len); + } + else if (unhex_len > 55) + { + return (PARSER_HASH_LENGTH); + } + memset (digest, 0, hashconfig->dgst_size); - const u8 *pw_buf = token.buf[0]; - const int pw_len = token.len[0]; + const u8 *pw_buf = unhex_buf; + const int pw_len = unhex_len; memcpy ((char *) digest + 64, pw_buf, pw_len); @@ -116,7 +128,33 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE { char *ptr = (char *) digest_buf; - return snprintf (line_buf, line_size, "%s", ptr + 64); + const char *line_ptr = ptr + 64; + size_t line_len = strnlen (line_ptr, 55); + + if (need_hexify ((const u8 *) line_ptr, line_len, ':', 0)) + { + char tmp_buf[55 * 2 + 6 + 1] = { 0 }; + + int tmp_len = 0; + + tmp_buf[tmp_len++] = '$'; + tmp_buf[tmp_len++] = 'H'; + tmp_buf[tmp_len++] = 'E'; + tmp_buf[tmp_len++] = 'X'; + tmp_buf[tmp_len++] = '['; + + exec_hexify ((const u8 *) line_ptr, line_len, (u8 *) tmp_buf + tmp_len); + + tmp_len += line_len * 2; + + tmp_buf[tmp_len++] = ']'; + + tmp_buf[tmp_len++] = 0; + + return snprintf (line_buf, tmp_len, "%s", tmp_buf); + } + + return snprintf (line_buf, line_size, "%s", line_ptr); } void module_init (module_ctx_t *module_ctx) From 730b1cd5ccb4ff81014f03bdcd3539727ad6d8e1 Mon Sep 17 00:00:00 2001 From: Jens Steube Date: Fri, 10 Feb 2023 23:28:23 +0100 Subject: [PATCH 2/4] Update UTF8 to UTF16 conversion to match RFC 3629 --- OpenCL/inc_common.cl | 108 ++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 102 insertions(+), 6 deletions(-) diff --git a/OpenCL/inc_common.cl b/OpenCL/inc_common.cl index 9e16a36e6..1d893c1fa 100644 --- a/OpenCL/inc_common.cl +++ b/OpenCL/inc_common.cl @@ -2240,6 +2240,7 @@ DECLSPEC int hc_enc_next (PRIVATE_AS hc_enc_t *hc_enc, PRIVATE_AS const u32 *src int extraBytesToRead = 0; + /* old version, doesnt work with https://github.com/hashcat/hashcat/issues/3592 if (c >= 0xfc) { extraBytesToRead = 5; @@ -2260,6 +2261,50 @@ DECLSPEC int hc_enc_next (PRIVATE_AS hc_enc_t *hc_enc, PRIVATE_AS const u32 *src { extraBytesToRead = 1; } + */ + + if (c <= 0x7f) + { + extraBytesToRead = 0; + } + else if ((c >= 0xc2) && (c <= 0xdf)) + { + extraBytesToRead = 1; + } + else if (c == 0xe0) + { + extraBytesToRead = 2; + } + else if (c == 0xec) + { + extraBytesToRead = 2; + } + else if (c == 0xed) + { + extraBytesToRead = 2; + } + else if (c == 0xef) + { + extraBytesToRead = 2; + } + else if (c == 0xf0) + { + extraBytesToRead = 3; + } + else if (c == 0xf3) + { + extraBytesToRead = 3; + } + else if (c == 0xf4) + { + extraBytesToRead = 3; + } + else + { + hc_enc->pos = src_len; + + return -1; + } if ((src_pos + extraBytesToRead) >= src_sz) { @@ -2283,9 +2328,11 @@ DECLSPEC int hc_enc_next (PRIVATE_AS hc_enc_t *hc_enc, PRIVATE_AS const u32 *src switch (extraBytesToRead) { + /* old version, doesnt work with https://github.com/hashcat/hashcat/issues/3592 + /* case 5: - ch += src_ptr[src_pos++]; ch <<= 6; /* remember, illegal UTF-8 */ - ch += src_ptr[src_pos++]; ch <<= 6; /* remember, illegal UTF-8 */ + ch += src_ptr[src_pos++]; ch <<= 6; // remember, illegal UTF-8 + ch += src_ptr[src_pos++]; ch <<= 6; // remember, illegal UTF-8 ch += src_ptr[src_pos++]; ch <<= 6; ch += src_ptr[src_pos++]; ch <<= 6; ch += src_ptr[src_pos++]; ch <<= 6; @@ -2293,13 +2340,14 @@ DECLSPEC int hc_enc_next (PRIVATE_AS hc_enc_t *hc_enc, PRIVATE_AS const u32 *src ch -= offsetsFromUTF8_5; break; case 4: - ch += src_ptr[src_pos++]; ch <<= 6; /* remember, illegal UTF-8 */ + ch += src_ptr[src_pos++]; ch <<= 6; // remember, illegal UTF-8 ch += src_ptr[src_pos++]; ch <<= 6; ch += src_ptr[src_pos++]; ch <<= 6; ch += src_ptr[src_pos++]; ch <<= 6; ch += src_ptr[src_pos++]; ch -= offsetsFromUTF8_4; break; + */ case 3: ch += src_ptr[src_pos++]; ch <<= 6; ch += src_ptr[src_pos++]; ch <<= 6; @@ -2386,6 +2434,7 @@ DECLSPEC int hc_enc_next_global (PRIVATE_AS hc_enc_t *hc_enc, GLOBAL_AS const u3 int extraBytesToRead = 0; + /* old version, doesnt work with https://github.com/hashcat/hashcat/issues/3592 if (c >= 0xfc) { extraBytesToRead = 5; @@ -2406,6 +2455,50 @@ DECLSPEC int hc_enc_next_global (PRIVATE_AS hc_enc_t *hc_enc, GLOBAL_AS const u3 { extraBytesToRead = 1; } + */ + + if (c <= 0x7f) + { + extraBytesToRead = 0; + } + else if ((c >= 0xc2) && (c <= 0xdf)) + { + extraBytesToRead = 1; + } + else if (c == 0xe0) + { + extraBytesToRead = 2; + } + else if (c == 0xec) + { + extraBytesToRead = 2; + } + else if (c == 0xed) + { + extraBytesToRead = 2; + } + else if (c == 0xef) + { + extraBytesToRead = 2; + } + else if (c == 0xf0) + { + extraBytesToRead = 3; + } + else if (c == 0xf3) + { + extraBytesToRead = 3; + } + else if (c == 0xf4) + { + extraBytesToRead = 3; + } + else + { + hc_enc->pos = src_len; + + return -1; + } if ((src_pos + extraBytesToRead) >= src_sz) { @@ -2429,9 +2522,11 @@ DECLSPEC int hc_enc_next_global (PRIVATE_AS hc_enc_t *hc_enc, GLOBAL_AS const u3 switch (extraBytesToRead) { + /* old version, doesnt work with https://github.com/hashcat/hashcat/issues/3592 + /* case 5: - ch += src_ptr[src_pos++]; ch <<= 6; /* remember, illegal UTF-8 */ - ch += src_ptr[src_pos++]; ch <<= 6; /* remember, illegal UTF-8 */ + ch += src_ptr[src_pos++]; ch <<= 6; // remember, illegal UTF-8 + ch += src_ptr[src_pos++]; ch <<= 6; // remember, illegal UTF-8 ch += src_ptr[src_pos++]; ch <<= 6; ch += src_ptr[src_pos++]; ch <<= 6; ch += src_ptr[src_pos++]; ch <<= 6; @@ -2439,13 +2534,14 @@ DECLSPEC int hc_enc_next_global (PRIVATE_AS hc_enc_t *hc_enc, GLOBAL_AS const u3 ch -= offsetsFromUTF8_5; break; case 4: - ch += src_ptr[src_pos++]; ch <<= 6; /* remember, illegal UTF-8 */ + ch += src_ptr[src_pos++]; ch <<= 6; // remember, illegal UTF-8 ch += src_ptr[src_pos++]; ch <<= 6; ch += src_ptr[src_pos++]; ch <<= 6; ch += src_ptr[src_pos++]; ch <<= 6; ch += src_ptr[src_pos++]; ch -= offsetsFromUTF8_4; break; + */ case 3: ch += src_ptr[src_pos++]; ch <<= 6; ch += src_ptr[src_pos++]; ch <<= 6; From 57953bec7ca75f806ce27e8fcc78b700491507d4 Mon Sep 17 00:00:00 2001 From: Jens Steube Date: Sat, 11 Feb 2023 15:59:45 +0100 Subject: [PATCH 3/4] Backport changes to md4_update_vector_utf16le() in -m 1000 to -m 30, -m 40 and -m 70 --- OpenCL/m00030_a3-pure.cl | 32 ++++++++++++++++++++++++++++++++ OpenCL/m00040_a3-pure.cl | 24 ++++++++++++++++++++++++ OpenCL/m00070_a3-pure.cl | 28 ++++++++++++++++++++++++++++ 3 files changed, 84 insertions(+) diff --git a/OpenCL/m00030_a3-pure.cl b/OpenCL/m00030_a3-pure.cl index 8648f1a0b..6fd205531 100644 --- a/OpenCL/m00030_a3-pure.cl +++ b/OpenCL/m00030_a3-pure.cl @@ -61,6 +61,20 @@ KERNEL_FQ void m00030_mxx (KERN_ATTR_VECTOR ()) w[0] = w0; + #if VECT_SIZE == 1 + + md5_ctx_t ctx; + + md5_init (&ctx); + + md5_update_utf16le (&ctx, w, pw_len); + + md5_update (&ctx, s, salt_len); + + md5_final (&ctx); + + #else + md5_ctx_vector_t ctx; md5_init_vector (&ctx); @@ -71,6 +85,8 @@ KERNEL_FQ void m00030_mxx (KERN_ATTR_VECTOR ()) md5_final_vector (&ctx); + #endif + const u32x r0 = ctx.h[DGST_R0]; const u32x r1 = ctx.h[DGST_R1]; const u32x r2 = ctx.h[DGST_R2]; @@ -139,6 +155,20 @@ KERNEL_FQ void m00030_sxx (KERN_ATTR_VECTOR ()) w[0] = w0; + #if VECT_SIZE == 1 + + md5_ctx_t ctx; + + md5_init (&ctx); + + md5_update_utf16le (&ctx, w, pw_len); + + md5_update (&ctx, s, salt_len); + + md5_final (&ctx); + + #else + md5_ctx_vector_t ctx; md5_init_vector (&ctx); @@ -149,6 +179,8 @@ KERNEL_FQ void m00030_sxx (KERN_ATTR_VECTOR ()) md5_final_vector (&ctx); + #endif + const u32x r0 = ctx.h[DGST_R0]; const u32x r1 = ctx.h[DGST_R1]; const u32x r2 = ctx.h[DGST_R2]; diff --git a/OpenCL/m00040_a3-pure.cl b/OpenCL/m00040_a3-pure.cl index f3734deaf..6dd3f5cd2 100644 --- a/OpenCL/m00040_a3-pure.cl +++ b/OpenCL/m00040_a3-pure.cl @@ -58,6 +58,16 @@ KERNEL_FQ void m00040_mxx (KERN_ATTR_VECTOR ()) w[0] = w0; + #if VECT_SIZE == 1 + + md5_ctx_t ctx = ctx0; + + md5_update_utf16le (&ctx, w, pw_len); + + md5_final (&ctx); + + #else + md5_ctx_vector_t ctx; md5_init_vector_from_scalar (&ctx, &ctx0); @@ -66,6 +76,8 @@ KERNEL_FQ void m00040_mxx (KERN_ATTR_VECTOR ()) md5_final_vector (&ctx); + #endif + const u32x r0 = ctx.h[DGST_R0]; const u32x r1 = ctx.h[DGST_R1]; const u32x r2 = ctx.h[DGST_R2]; @@ -131,6 +143,16 @@ KERNEL_FQ void m00040_sxx (KERN_ATTR_VECTOR ()) w[0] = w0; + #if VECT_SIZE == 1 + + md5_ctx_t ctx = ctx0; + + md5_update_utf16le (&ctx, w, pw_len); + + md5_final (&ctx); + + #else + md5_ctx_vector_t ctx; md5_init_vector_from_scalar (&ctx, &ctx0); @@ -139,6 +161,8 @@ KERNEL_FQ void m00040_sxx (KERN_ATTR_VECTOR ()) md5_final_vector (&ctx); + #endif + const u32x r0 = ctx.h[DGST_R0]; const u32x r1 = ctx.h[DGST_R1]; const u32x r2 = ctx.h[DGST_R2]; diff --git a/OpenCL/m00070_a3-pure.cl b/OpenCL/m00070_a3-pure.cl index 43e685419..84a22e63d 100644 --- a/OpenCL/m00070_a3-pure.cl +++ b/OpenCL/m00070_a3-pure.cl @@ -52,6 +52,18 @@ KERNEL_FQ void m00070_mxx (KERN_ATTR_VECTOR ()) w[0] = w0; + #if VECT_SIZE == 1 + + md5_ctx_t ctx; + + md5_init (&ctx); + + md5_update_utf16le (&ctx, w, pw_len); + + md5_final (&ctx); + + #else + md5_ctx_vector_t ctx; md5_init_vector (&ctx); @@ -60,6 +72,8 @@ KERNEL_FQ void m00070_mxx (KERN_ATTR_VECTOR ()) md5_final_vector (&ctx); + #endif + const u32x r0 = ctx.h[DGST_R0]; const u32x r1 = ctx.h[DGST_R1]; const u32x r2 = ctx.h[DGST_R2]; @@ -119,6 +133,18 @@ KERNEL_FQ void m00070_sxx (KERN_ATTR_VECTOR ()) w[0] = w0; + #if VECT_SIZE == 1 + + md5_ctx_t ctx; + + md5_init (&ctx); + + md5_update_utf16le (&ctx, w, pw_len); + + md5_final (&ctx); + + #else + md5_ctx_vector_t ctx; md5_init_vector (&ctx); @@ -127,6 +153,8 @@ KERNEL_FQ void m00070_sxx (KERN_ATTR_VECTOR ()) md5_final_vector (&ctx); + #endif + const u32x r0 = ctx.h[DGST_R0]; const u32x r1 = ctx.h[DGST_R1]; const u32x r2 = ctx.h[DGST_R2]; From 6bd94c3740a291543643f1c171fd075e6a729863 Mon Sep 17 00:00:00 2001 From: jsteube Date: Mon, 13 Feb 2023 15:13:26 +0000 Subject: [PATCH 4/4] Update docs/changes.txt to reflect changes related to RFC 3629 --- docs/changes.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/changes.txt b/docs/changes.txt index e88502478..8fd8bffd8 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -22,7 +22,6 @@ - Added hash-mode: bcrypt(sha256($pass)) - Added hash-mode: md5(md5($salt).md5(md5($pass))) - ## ## Performance ## @@ -49,6 +48,7 @@ - Modules: Added support for non-zero IVs for -m 6800 (Lastpass). Also added `tools/lastpass2hashcat.py` - Status Code: Add specific return code for self-test fail (-11) - SCRYPT: Increase buffer sizes in module for hash mode 8900 to allow longer SCRYPT digests +- Unicode: Update UTF8 to UTF16 conversion to match RFC 3629 * changes v6.2.5 -> v6.2.6