1
0
mirror of https://github.com/hashcat/hashcat.git synced 2025-01-24 22:50:58 +00:00

WPA cracking: Reuse PBKDF2 intermediate keys if duplicate essid is detected

This commit is contained in:
jsteube 2016-12-22 02:17:49 +01:00
parent 1b4edc92ee
commit 72af615e8b
6 changed files with 125 additions and 68 deletions

View File

@ -720,6 +720,7 @@ typedef struct
u8 orig_mac2[6];
u8 orig_nonce1[32];
u8 orig_nonce2[32];
int essid_reuse;
} wpa_t;

View File

@ -6,6 +6,7 @@
- New option --progress-only: Quickly provides ideal progress step size and time to process on the user hashes and selected options, then quit
- Files: Use $HEX[...] in case the password includes the separater character, increases potfile reading performance
- WPA cracking: Reuse PBKDF2 intermediate keys if duplicate essid is detected
##
## Algorithms

View File

@ -60,6 +60,7 @@ typedef struct wpa
u8 orig_mac2[6];
u8 orig_nonce1[32];
u8 orig_nonce2[32];
int essid_reuse;
} wpa_t;
@ -1520,6 +1521,8 @@ char *strparser (const u32 parser_status);
void to_hccap_t (hashcat_ctx_t *hashcat_ctx, hccap_t *hccap, const u32 salt_pos, const u32 digest_pos);
void wpa_essid_reuse (hashcat_ctx_t *hashcat_ctx);
int ascii_digest (hashcat_ctx_t *hashcat_ctx, char *out_buf, const size_t out_len, const u32 salt_pos, const u32 digest_pos);
int hashconfig_init (hashcat_ctx_t *hashcat_ctx);

View File

@ -1342,6 +1342,13 @@ int hashes_init_stage4 (hashcat_ctx_t *hashcat_ctx)
hashes->tmp_buf = tmp_buf;
// special wpa booster case
if (hashconfig->hash_mode == 2500)
{
wpa_essid_reuse (hashcat_ctx);
}
return 0;
}

View File

@ -12948,6 +12948,27 @@ void to_hccap_t (hashcat_ctx_t *hashcat_ctx, hccap_t *hccap, const u32 salt_pos,
}
}
void wpa_essid_reuse (hashcat_ctx_t *hashcat_ctx)
{
// find duplicate essid to speed up cracking
hashes_t *hashes = hashcat_ctx->hashes;
u32 salts_cnt = hashes->salts_cnt;
salt_t *salts_buf = hashes->salts_buf;
wpa_t *esalts_buf = hashes->esalts_buf;
for (u32 salt_idx = 1; salt_idx < salts_cnt; salt_idx++)
{
if (memcmp ((char *) salts_buf[salt_idx].salt_buf, (char *) salts_buf[salt_idx - 1].salt_buf, salts_buf[salt_idx].salt_len) == 0)
{
esalts_buf[salt_idx].essid_reuse = 1;
}
}
}
int ascii_digest (hashcat_ctx_t *hashcat_ctx, char *out_buf, const size_t out_len, const u32 salt_pos, const u32 digest_pos)
{
const hashconfig_t *hashconfig = hashcat_ctx->hashconfig;

View File

@ -1116,92 +1116,116 @@ int choose_kernel (hashcat_ctx_t *hashcat_ctx, hc_device_param_t *device_param,
}
else
{
CL_rc = run_kernel_amp (hashcat_ctx, device_param, pws_cnt);
bool run_init = true;
bool run_loop = true;
bool run_comp = true;
if (CL_rc == -1) return -1;
CL_rc = run_kernel (hashcat_ctx, device_param, KERN_RUN_1, pws_cnt, false, 0);
if (CL_rc == -1) return -1;
if (hashconfig->opts_type & OPTS_TYPE_HOOK12)
if (hashconfig->hash_mode == 2500)
{
CL_rc = run_kernel (hashcat_ctx, device_param, KERN_RUN_12, pws_cnt, false, 0);
wpa_t *esalts_buf = hashes->esalts_buf;
if (CL_rc == -1) return -1;
CL_rc = hc_clEnqueueReadBuffer (hashcat_ctx, device_param->command_queue, device_param->d_hooks, CL_TRUE, 0, device_param->size_hooks, device_param->hooks_buf, 0, NULL, NULL);
if (CL_rc == -1) return -1;
// do something with data
CL_rc = hc_clEnqueueWriteBuffer (hashcat_ctx, device_param->command_queue, device_param->d_hooks, CL_TRUE, 0, device_param->size_hooks, device_param->hooks_buf, 0, NULL, NULL);
if (CL_rc == -1) return -1;
}
u32 iter = hashes->salts_buf[salt_pos].salt_iter;
u32 loop_step = device_param->kernel_loops;
for (u32 loop_pos = 0, slow_iteration = 0; loop_pos < iter; loop_pos += loop_step, slow_iteration++)
{
u32 loop_left = iter - loop_pos;
loop_left = MIN (loop_left, loop_step);
device_param->kernel_params_buf32[28] = loop_pos;
device_param->kernel_params_buf32[29] = loop_left;
CL_rc = run_kernel (hashcat_ctx, device_param, KERN_RUN_2, pws_cnt, true, slow_iteration);
if (CL_rc == -1) return -1;
while (status_ctx->run_thread_level2 == false) break;
/**
* speed
*/
const float iter_part = (float) (loop_pos + loop_left) / iter;
const u64 perf_sum_all = (u64) (pws_cnt * iter_part);
double speed_msec = hc_timer_get (device_param->timer_speed);
const u32 speed_pos = device_param->speed_pos;
device_param->speed_cnt[speed_pos] = perf_sum_all;
device_param->speed_msec[speed_pos] = speed_msec;
if (user_options->speed_only == true)
if (esalts_buf[salt_pos].essid_reuse == 1)
{
if (speed_msec > 4096) return -2; // special RC
run_init = false;
run_loop = false;
}
}
if (hashconfig->opts_type & OPTS_TYPE_HOOK23)
if (run_init == true)
{
CL_rc = run_kernel (hashcat_ctx, device_param, KERN_RUN_23, pws_cnt, false, 0);
CL_rc = run_kernel_amp (hashcat_ctx, device_param, pws_cnt);
if (CL_rc == -1) return -1;
CL_rc = hc_clEnqueueReadBuffer (hashcat_ctx, device_param->command_queue, device_param->d_hooks, CL_TRUE, 0, device_param->size_hooks, device_param->hooks_buf, 0, NULL, NULL);
CL_rc = run_kernel (hashcat_ctx, device_param, KERN_RUN_1, pws_cnt, false, 0);
if (CL_rc == -1) return -1;
// do something with data
if (hashconfig->opts_type & OPTS_TYPE_HOOK12)
{
CL_rc = run_kernel (hashcat_ctx, device_param, KERN_RUN_12, pws_cnt, false, 0);
CL_rc = hc_clEnqueueWriteBuffer (hashcat_ctx, device_param->command_queue, device_param->d_hooks, CL_TRUE, 0, device_param->size_hooks, device_param->hooks_buf, 0, NULL, NULL);
if (CL_rc == -1) return -1;
CL_rc = hc_clEnqueueReadBuffer (hashcat_ctx, device_param->command_queue, device_param->d_hooks, CL_TRUE, 0, device_param->size_hooks, device_param->hooks_buf, 0, NULL, NULL);
if (CL_rc == -1) return -1;
// do something with data
CL_rc = hc_clEnqueueWriteBuffer (hashcat_ctx, device_param->command_queue, device_param->d_hooks, CL_TRUE, 0, device_param->size_hooks, device_param->hooks_buf, 0, NULL, NULL);
if (CL_rc == -1) return -1;
}
}
if (run_loop == true)
{
u32 iter = hashes->salts_buf[salt_pos].salt_iter;
u32 loop_step = device_param->kernel_loops;
for (u32 loop_pos = 0, slow_iteration = 0; loop_pos < iter; loop_pos += loop_step, slow_iteration++)
{
u32 loop_left = iter - loop_pos;
loop_left = MIN (loop_left, loop_step);
device_param->kernel_params_buf32[28] = loop_pos;
device_param->kernel_params_buf32[29] = loop_left;
CL_rc = run_kernel (hashcat_ctx, device_param, KERN_RUN_2, pws_cnt, true, slow_iteration);
if (CL_rc == -1) return -1;
while (status_ctx->run_thread_level2 == false) break;
/**
* speed
*/
const float iter_part = (float) (loop_pos + loop_left) / iter;
const u64 perf_sum_all = (u64) (pws_cnt * iter_part);
double speed_msec = hc_timer_get (device_param->timer_speed);
const u32 speed_pos = device_param->speed_pos;
device_param->speed_cnt[speed_pos] = perf_sum_all;
device_param->speed_msec[speed_pos] = speed_msec;
if (user_options->speed_only == true)
{
if (speed_msec > 4096) return -2; // special RC
}
}
if (hashconfig->opts_type & OPTS_TYPE_HOOK23)
{
CL_rc = run_kernel (hashcat_ctx, device_param, KERN_RUN_23, pws_cnt, false, 0);
if (CL_rc == -1) return -1;
CL_rc = hc_clEnqueueReadBuffer (hashcat_ctx, device_param->command_queue, device_param->d_hooks, CL_TRUE, 0, device_param->size_hooks, device_param->hooks_buf, 0, NULL, NULL);
if (CL_rc == -1) return -1;
// do something with data
CL_rc = hc_clEnqueueWriteBuffer (hashcat_ctx, device_param->command_queue, device_param->d_hooks, CL_TRUE, 0, device_param->size_hooks, device_param->hooks_buf, 0, NULL, NULL);
if (CL_rc == -1) return -1;
}
}
if (run_comp == true)
{
CL_rc = run_kernel (hashcat_ctx, device_param, KERN_RUN_3, pws_cnt, false, 0);
if (CL_rc == -1) return -1;
}
CL_rc = run_kernel (hashcat_ctx, device_param, KERN_RUN_3, pws_cnt, false, 0);
if (CL_rc == -1) return -1;
}
return 0;