mirror of
https://github.com/hashcat/hashcat.git
synced 2024-11-22 08:08:10 +00:00
add min/max data length limits to MetaMask Wallet
This commit is contained in:
parent
1a34eba9f4
commit
7371cbebe7
@ -219,7 +219,7 @@ DECLSPEC void AES_GCM_gctr (const u32 *key, const u32 *iv, const u32 *in, int in
|
||||
iv_buf[2] = iv[2];
|
||||
iv_buf[3] = iv[3];
|
||||
|
||||
const int n = in_len / 16;
|
||||
const u32 n = in_len / 16;
|
||||
|
||||
for (u32 i = 0; i < n; i++)
|
||||
{
|
||||
|
@ -34,7 +34,7 @@ typedef struct pbkdf2_sha256_aes_gcm
|
||||
u32 salt_buf[64];
|
||||
u32 iv_buf[4];
|
||||
u32 iv_len;
|
||||
u32 ct_buf[192];
|
||||
u32 ct_buf[196];
|
||||
u32 ct_len;
|
||||
|
||||
} pbkdf2_sha256_aes_gcm_t;
|
||||
@ -349,34 +349,6 @@ KERNEL_FQ void m26600_comp (KERN_ATTR_TMPS_ESALT (pbkdf2_sha256_tmp_t, pbkdf2_sh
|
||||
|
||||
// ct
|
||||
|
||||
/*
|
||||
u32 enc[14] = { 0 };
|
||||
|
||||
enc[ 0] = esalt_bufs[DIGESTS_OFFSET].ct_buf[ 0];
|
||||
enc[ 1] = esalt_bufs[DIGESTS_OFFSET].ct_buf[ 1];
|
||||
enc[ 2] = esalt_bufs[DIGESTS_OFFSET].ct_buf[ 2];
|
||||
enc[ 3] = esalt_bufs[DIGESTS_OFFSET].ct_buf[ 3];
|
||||
enc[ 4] = esalt_bufs[DIGESTS_OFFSET].ct_buf[ 4];
|
||||
enc[ 5] = esalt_bufs[DIGESTS_OFFSET].ct_buf[ 5];
|
||||
enc[ 6] = esalt_bufs[DIGESTS_OFFSET].ct_buf[ 6];
|
||||
enc[ 7] = esalt_bufs[DIGESTS_OFFSET].ct_buf[ 7];
|
||||
enc[ 8] = esalt_bufs[DIGESTS_OFFSET].ct_buf[ 8];
|
||||
enc[ 9] = esalt_bufs[DIGESTS_OFFSET].ct_buf[ 9];
|
||||
enc[10] = esalt_bufs[DIGESTS_OFFSET].ct_buf[10];
|
||||
enc[11] = esalt_bufs[DIGESTS_OFFSET].ct_buf[11];
|
||||
enc[12] = esalt_bufs[DIGESTS_OFFSET].ct_buf[12];
|
||||
enc[13] = esalt_bufs[DIGESTS_OFFSET].ct_buf[13];
|
||||
|
||||
u32 enc_len = esalt_bufs[DIGESTS_OFFSET].ct_len;
|
||||
*/
|
||||
|
||||
/*
|
||||
// decrypt buffer is not usefull here, skip
|
||||
u32 dec[14] = { 0 };
|
||||
|
||||
AES_GCM_GCTR (key, J0, enc, enc_len, dec, s_te0, s_te1, s_te2, s_te3, s_te4);
|
||||
*/
|
||||
|
||||
u32 T[4] = { 0 };
|
||||
u32 S[4] = { 0 };
|
||||
|
||||
@ -384,8 +356,6 @@ KERNEL_FQ void m26600_comp (KERN_ATTR_TMPS_ESALT (pbkdf2_sha256_tmp_t, pbkdf2_sh
|
||||
u32 aad_buf[4] = { 0 };
|
||||
u32 aad_len = 0;
|
||||
|
||||
//AES_GCM_GHASH (subKey, aad_buf, aad_len, enc, enc_len, S);
|
||||
|
||||
AES_GCM_GHASH_GLOBAL (subKey, aad_buf, aad_len, esalt_bufs[DIGESTS_OFFSET].ct_buf, esalt_bufs[DIGESTS_OFFSET].ct_len, S);
|
||||
|
||||
AES_GCM_GCTR (key, J0, S, S_len, T, s_te0, s_te1, s_te2, s_te3, s_te4);
|
||||
@ -403,185 +373,3 @@ KERNEL_FQ void m26600_comp (KERN_ATTR_TMPS_ESALT (pbkdf2_sha256_tmp_t, pbkdf2_sh
|
||||
#include COMPARE_M
|
||||
#endif
|
||||
}
|
||||
|
||||
/*
|
||||
Optimized GCM: No real speed benefit. For documentation purpose
|
||||
|
||||
KERNEL_FQ void m26600_comp (KERN_ATTR_TMPS_ESALT (pbkdf2_sha256_tmp_t, pbkdf2_sha256_aes_gcm_t))
|
||||
{
|
||||
const u64 gid = get_global_id (0);
|
||||
const u64 lid = get_local_id (0);
|
||||
const u64 lsz = get_local_size (0);
|
||||
|
||||
#ifdef REAL_SHM
|
||||
|
||||
LOCAL_VK u32 s_te0[256];
|
||||
LOCAL_VK u32 s_te1[256];
|
||||
LOCAL_VK u32 s_te2[256];
|
||||
LOCAL_VK u32 s_te3[256];
|
||||
LOCAL_VK u32 s_te4[256];
|
||||
|
||||
for (u32 i = lid; i < 256; i += lsz)
|
||||
{
|
||||
s_te0[i] = te0[i];
|
||||
s_te1[i] = te1[i];
|
||||
s_te2[i] = te2[i];
|
||||
s_te3[i] = te3[i];
|
||||
s_te4[i] = te4[i];
|
||||
}
|
||||
|
||||
SYNC_THREADS ();
|
||||
|
||||
#else
|
||||
|
||||
CONSTANT_AS u32a *s_te0 = te0;
|
||||
CONSTANT_AS u32a *s_te1 = te1;
|
||||
CONSTANT_AS u32a *s_te2 = te2;
|
||||
CONSTANT_AS u32a *s_te3 = te3;
|
||||
CONSTANT_AS u32a *s_te4 = te4;
|
||||
|
||||
#endif
|
||||
|
||||
if (gid >= gid_max) return;
|
||||
|
||||
// keys
|
||||
|
||||
u32 ukey[8];
|
||||
|
||||
ukey[0] = tmps[gid].out[0];
|
||||
ukey[1] = tmps[gid].out[1];
|
||||
ukey[2] = tmps[gid].out[2];
|
||||
ukey[3] = tmps[gid].out[3];
|
||||
ukey[4] = tmps[gid].out[4];
|
||||
ukey[5] = tmps[gid].out[5];
|
||||
ukey[6] = tmps[gid].out[6];
|
||||
ukey[7] = tmps[gid].out[7];
|
||||
|
||||
u32 key[60] = { 0 };
|
||||
|
||||
u32 subKey[4] = { 0 };
|
||||
|
||||
AES256_set_encrypt_key (key, ukey, s_te0, s_te1, s_te2, s_te3);
|
||||
|
||||
AES256_encrypt (key, subKey, subKey, s_te0, s_te1, s_te2, s_te3, s_te4);
|
||||
|
||||
// iv
|
||||
|
||||
const u32 iv[4] = {
|
||||
esalt_bufs[DIGESTS_OFFSET].iv_buf[0],
|
||||
esalt_bufs[DIGESTS_OFFSET].iv_buf[1],
|
||||
esalt_bufs[DIGESTS_OFFSET].iv_buf[2],
|
||||
esalt_bufs[DIGESTS_OFFSET].iv_buf[3]
|
||||
};
|
||||
|
||||
u32 J0[4] = {
|
||||
iv[0],
|
||||
iv[1],
|
||||
iv[2],
|
||||
0x00000001
|
||||
};
|
||||
|
||||
// ct
|
||||
|
||||
u32 enc[14] = { 0 };
|
||||
|
||||
enc[ 0] = esalt_bufs[DIGESTS_OFFSET].ct_buf[ 0];
|
||||
enc[ 1] = esalt_bufs[DIGESTS_OFFSET].ct_buf[ 1];
|
||||
enc[ 2] = esalt_bufs[DIGESTS_OFFSET].ct_buf[ 2];
|
||||
enc[ 3] = esalt_bufs[DIGESTS_OFFSET].ct_buf[ 3];
|
||||
enc[ 4] = esalt_bufs[DIGESTS_OFFSET].ct_buf[ 4];
|
||||
enc[ 5] = esalt_bufs[DIGESTS_OFFSET].ct_buf[ 5];
|
||||
enc[ 6] = esalt_bufs[DIGESTS_OFFSET].ct_buf[ 6];
|
||||
enc[ 7] = esalt_bufs[DIGESTS_OFFSET].ct_buf[ 7];
|
||||
enc[ 8] = esalt_bufs[DIGESTS_OFFSET].ct_buf[ 8];
|
||||
enc[ 9] = esalt_bufs[DIGESTS_OFFSET].ct_buf[ 9];
|
||||
enc[10] = esalt_bufs[DIGESTS_OFFSET].ct_buf[10];
|
||||
enc[11] = esalt_bufs[DIGESTS_OFFSET].ct_buf[11];
|
||||
enc[12] = esalt_bufs[DIGESTS_OFFSET].ct_buf[12];
|
||||
enc[13] = esalt_bufs[DIGESTS_OFFSET].ct_buf[13];
|
||||
|
||||
u32 enc_len = esalt_bufs[DIGESTS_OFFSET].ct_len;
|
||||
|
||||
u32 S[4] = { 0 };
|
||||
|
||||
u32 t[4] = { 0 };
|
||||
|
||||
S[0] ^= enc[0];
|
||||
S[1] ^= enc[1];
|
||||
S[2] ^= enc[2];
|
||||
S[3] ^= enc[3];
|
||||
|
||||
AES_GCM_gf_mult (S, subKey, t);
|
||||
|
||||
S[0] = t[0] ^ enc[4];
|
||||
S[1] = t[1] ^ enc[5];
|
||||
S[2] = t[2] ^ enc[6];
|
||||
S[3] = t[3] ^ enc[7];
|
||||
|
||||
AES_GCM_gf_mult (S, subKey, t);
|
||||
|
||||
S[0] = t[0] ^ enc[8];
|
||||
S[1] = t[1] ^ enc[9];
|
||||
S[2] = t[2] ^ enc[10];
|
||||
S[3] = t[3] ^ enc[11];
|
||||
|
||||
AES_GCM_gf_mult (S, subKey, t);
|
||||
|
||||
S[0] = t[0];
|
||||
S[1] = t[1];
|
||||
S[2] = t[2];
|
||||
S[3] = t[3];
|
||||
|
||||
t[0] = enc[12];
|
||||
t[1] = enc[13];
|
||||
t[2] = 0;
|
||||
t[3] = 0;
|
||||
|
||||
S[0] ^= t[0];
|
||||
S[1] ^= t[1];
|
||||
S[2] ^= t[2];
|
||||
S[3] ^= t[3];
|
||||
|
||||
AES_GCM_gf_mult (S, subKey, t);
|
||||
|
||||
S[0] = t[0];
|
||||
S[1] = t[1];
|
||||
S[2] = t[2];
|
||||
S[3] = t[3];
|
||||
|
||||
u32 len_buf[4] = { 0 };
|
||||
|
||||
len_buf[0] = 0;
|
||||
len_buf[3] = enc_len * 8;
|
||||
|
||||
S[0] ^= len_buf[0];
|
||||
S[1] ^= len_buf[1];
|
||||
S[2] ^= len_buf[2];
|
||||
S[3] ^= len_buf[3];
|
||||
|
||||
AES_GCM_gf_mult (S, subKey, t);
|
||||
|
||||
S[0] = t[0];
|
||||
S[1] = t[1];
|
||||
S[2] = t[2];
|
||||
S[3] = t[3];
|
||||
|
||||
J0[3] = 0x00000001;
|
||||
|
||||
u32 T[4] = { 0 };
|
||||
|
||||
AES256_encrypt (key, J0, T, s_te0, s_te1, s_te2, s_te3, s_te4);
|
||||
|
||||
const u32 r0 = T[0] ^ S[0];
|
||||
const u32 r1 = T[1] ^ S[1];
|
||||
const u32 r2 = T[2] ^ S[2];
|
||||
const u32 r3 = T[3] ^ S[3];
|
||||
|
||||
#define il_pos 0
|
||||
|
||||
#ifdef KERNEL_STATIC
|
||||
#include COMPARE_M
|
||||
#endif
|
||||
}
|
||||
|
||||
*/
|
||||
|
@ -57,7 +57,7 @@ typedef struct pbkdf2_sha256_aes_gcm
|
||||
u32 salt_buf[64];
|
||||
u32 iv_buf[4];
|
||||
u32 iv_len;
|
||||
u32 ct_buf[192];
|
||||
u32 ct_buf[196];
|
||||
u32 ct_len;
|
||||
|
||||
} pbkdf2_sha256_aes_gcm_t;
|
||||
@ -113,6 +113,8 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
|
||||
|
||||
pbkdf2_sha256_aes_gcm_t *metamask = (pbkdf2_sha256_aes_gcm_t *) esalt_buf;
|
||||
|
||||
#define CT_MAX_LEN_BASE64 ((768 * 8) / 6) + 3
|
||||
|
||||
token_t token;
|
||||
|
||||
token.token_cnt = 4;
|
||||
@ -137,8 +139,8 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
|
||||
| TOKEN_ATTR_VERIFY_BASE64A;
|
||||
|
||||
token.sep[3] = '$';
|
||||
token.len_min[3] = 248;
|
||||
token.len_max[3] = 248;
|
||||
token.len_min[3] = 64;
|
||||
token.len_max[3] = CT_MAX_LEN_BASE64;
|
||||
token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH
|
||||
| TOKEN_ATTR_VERIFY_BASE64A;
|
||||
|
||||
@ -146,7 +148,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
|
||||
|
||||
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
|
||||
|
||||
u8 tmp_buf[512] = { 0 };
|
||||
u8 tmp_buf[CT_MAX_LEN_BASE64] = { 0 };
|
||||
|
||||
size_t tmp_len = 0;
|
||||
|
||||
@ -189,7 +191,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
|
||||
|
||||
if (tmp_len != 16) return (PARSER_IV_LENGTH);
|
||||
|
||||
memcpy ((u8 *)metamask->iv_buf, tmp_buf, tmp_len);
|
||||
memcpy ((u8 *) metamask->iv_buf, tmp_buf, tmp_len);
|
||||
|
||||
metamask->iv_buf[0] = byte_swap_32 (metamask->iv_buf[0]);
|
||||
metamask->iv_buf[1] = byte_swap_32 (metamask->iv_buf[1]);
|
||||
@ -207,24 +209,27 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
|
||||
|
||||
tmp_len = base64_decode (base64_to_int, ct_pos, ct_len, tmp_buf);
|
||||
|
||||
if (tmp_len != 185) return (PARSER_CT_LENGTH);
|
||||
if (tmp_len <= 16) return (PARSER_CT_LENGTH);
|
||||
|
||||
memcpy ((u8 *)metamask->ct_buf, tmp_buf, tmp_len - 16);
|
||||
tmp_len -= 16;
|
||||
|
||||
for (u32 i = 0; i < 43; i++)
|
||||
{
|
||||
metamask->ct_buf[i] = byte_swap_32 (metamask->ct_buf[i]);
|
||||
}
|
||||
if (tmp_len < 30 || tmp_len > 768) return (PARSER_CT_LENGTH);
|
||||
|
||||
metamask->ct_len = tmp_len - 16;
|
||||
memcpy ((u8 *) metamask->ct_buf, tmp_buf, tmp_len);
|
||||
|
||||
u32 j = tmp_len / 4;
|
||||
|
||||
if ((tmp_len % 4) > 0) j++;
|
||||
|
||||
for (u32 i = 0; i < j; i++) metamask->ct_buf[i] = byte_swap_32 (metamask->ct_buf[i]);
|
||||
|
||||
metamask->ct_len = tmp_len;
|
||||
|
||||
// tag
|
||||
|
||||
u32 tag_buf[4];
|
||||
u32 tag_buf[4] = { 0 };
|
||||
|
||||
memset (tag_buf, 0, sizeof (tag_buf));
|
||||
|
||||
memcpy ((u8 *)tag_buf, tmp_buf+metamask->ct_len, 16);
|
||||
memcpy ((u8 *) tag_buf, tmp_buf+metamask->ct_len, 16);
|
||||
|
||||
digest[0] = byte_swap_32 (tag_buf[0]);
|
||||
digest[1] = byte_swap_32 (tag_buf[1]);
|
||||
@ -242,9 +247,9 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
|
||||
|
||||
// salt
|
||||
|
||||
#define SALT_LEN_BASE64 ((32 * 8) / 6) + 3
|
||||
#define IV_LEN_BASE64 ((16 * 8) / 6) + 3
|
||||
#define CT_LEN_BASE64 ((185 * 8) / 6) + 3
|
||||
#define SALT_LEN_BASE64 ((32 * 8) / 6) + 3
|
||||
#define IV_LEN_BASE64 ((16 * 8) / 6) + 3
|
||||
#define CT_MAX_LEN_BASE64 ((768 * 8) / 6) + 3
|
||||
|
||||
u8 salt_buf[SALT_LEN_BASE64] = { 0 };
|
||||
|
||||
@ -259,15 +264,21 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
|
||||
tmp_iv_buf[2] = byte_swap_32 (metamask->iv_buf[2]);
|
||||
tmp_iv_buf[3] = byte_swap_32 (metamask->iv_buf[3]);
|
||||
|
||||
u8 iv_buf[IV_LEN_BASE64] = { 0 };
|
||||
u8 iv_buf[IV_LEN_BASE64+1] = { 0 };
|
||||
|
||||
base64_encode (int_to_base64, (const u8 *) tmp_iv_buf, (const int) metamask->iv_len, iv_buf);
|
||||
|
||||
// ct
|
||||
|
||||
u32 tmp_buf[47] = { 0 };
|
||||
u32 ct_len = metamask->ct_len;
|
||||
|
||||
for (int i = 0; i < 43; i++) tmp_buf[i] = byte_swap_32 (metamask->ct_buf[i]);
|
||||
u32 j = ct_len / 4;
|
||||
|
||||
if ((ct_len % 4) > 0) j++;
|
||||
|
||||
u32 tmp_buf[196] = { 0 };
|
||||
|
||||
for (u32 i = 0; i < j; i++) tmp_buf[i] = byte_swap_32 (metamask->ct_buf[i]);
|
||||
|
||||
u32 tmp_tag[4] = { 0 };
|
||||
|
||||
@ -281,7 +292,7 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
|
||||
|
||||
memcpy (tmp_buf_str+metamask->ct_len, tmp_tag_str, 16);
|
||||
|
||||
u8 ct_buf[CT_LEN_BASE64] = { 0 };
|
||||
u8 ct_buf[CT_MAX_LEN_BASE64] = { 0 };
|
||||
|
||||
base64_encode (int_to_base64, (const u8 *) tmp_buf, (const int) metamask->ct_len+16, ct_buf);
|
||||
|
||||
|
@ -21,6 +21,9 @@ sub module_generate_hash
|
||||
my $iv = shift // random_hex_string (32);
|
||||
my $ct = shift;
|
||||
|
||||
my $ct_min_len = 30;
|
||||
my $ct_max_len = 768;
|
||||
|
||||
my $kdf = Crypt::PBKDF2->new
|
||||
(
|
||||
hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
|
||||
@ -55,12 +58,12 @@ sub module_generate_hash
|
||||
}
|
||||
else
|
||||
{
|
||||
$pt = "\xff" x 169;
|
||||
$pt = "\xff" x ($ct_min_len + int(rand($ct_max_len - $ct_min_len)) + 1);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
$pt = "\xff" x 169;
|
||||
$pt = "\xff" x ($ct_min_len + int(rand($ct_max_len - $ct_min_len)) + 1);
|
||||
}
|
||||
|
||||
my $aes = Crypt::AuthEnc::GCM->new ("AES", $key, $iv_bin);
|
||||
@ -100,7 +103,12 @@ sub module_verify_hash
|
||||
|
||||
return unless length $salt_bin == 32;
|
||||
return unless length $iv_bin == 16;
|
||||
return unless length $ct_bin == 185;
|
||||
|
||||
my $ct_len = length ($ct_bin);
|
||||
my $ct_min_len = 30;
|
||||
my $ct_max_len = 768;
|
||||
|
||||
return unless ($ct_len >= $ct_min_len && $ct_len <= $ct_max_len);
|
||||
|
||||
my $word_packed = pack_if_HEX_notation ($word);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user