arno/hashcat
1
0
Fork 0
mirror of https://github.com/hashcat/hashcat.git synced 2025-05-08 09:58:49 +00:00
Code Issues Releases Wiki Activity

Fixed verify mechanism + cosmetic changes in global test.pl

Browse Source
This commit is contained in:
Fist0urs 2017-05-10 22:25:35 +02:00
parent 7ff09c6710
commit 80927f6f66
1 changed files with 87 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

150
tools/test.pl
View File

@ -49,9 +49,9 @@ my $MAX_LEN = 55;
my @modes = (0, 10, 11, 12, 20, 21, 22, 23, 30, 40, 50, 60, 100, 101, 110, 111, 112, 120, 121, 122, 125, 130, 131, 132, 133, 140, 141, 150, 160, 200, 300, 400, 500, 600, 900, 1000, 1100, 1300, 1400, 1410, 1411, 1420, 1430, 1440, 1441, 1450, 1460, 1500, 1600, 1700, 1710, 1711, 1720, 1730, 1740, 1722, 1731, 1750, 1760, 1800, 2100, 2400, 2410, 2500, 2600, 2611, 2612, 2711, 2811, 3000, 3100, 3200, 3710, 3711, 3300, 3500, 3610, 3720, 3800, 3910, 4010, 4110, 4210, 4300, 4400, 4500, 4520, 4521, 4522, 4600, 4700, 4800, 4900, 5000, 5100, 5300, 5400, 5500, 5600, 5700, 5800, 6000, 6100, 6300, 6400, 6500, 6600, 6700, 6800, 6900, 7000, 7100, 7200, 7300, 7400, 7500, 7700, 7800, 7900, 8000, 8100, 8200, 8300, 8400, 8500, 8600, 8700, 8900, 9100, 9200, 9300, 9400, 9500, 9600, 9700, 9800, 9900, 10000, 10100, 10200, 10300, 10400, 10500, 10600, 10700, 10800, 10900, 11000, 11100, 11200, 11300, 11400, 11500, 11600, 11900, 12000, 12001, 12100, 12200, 12300, 12400, 12600, 12700, 12800, 12900, 13000, 13100, 13200, 13300, 13400, 13500, 13600, 13800, 13900, 14000, 14100, 14400, 14700, 14800, 14900, 15000, 15100, 15200, 15300, 99999); my @modes = (0, 10, 11, 12, 20, 21, 22, 23, 30, 40, 50, 60, 100, 101, 110, 111, 112, 120, 121, 122, 125, 130, 131, 132, 133, 140, 141, 150, 160, 200, 300, 400, 500, 600, 900, 1000, 1100, 1300, 1400, 1410, 1411, 1420, 1430, 1440, 1441, 1450, 1460, 1500, 1600, 1700, 1710, 1711, 1720, 1730, 1740, 1722, 1731, 1750, 1760, 1800, 2100, 2400, 2410, 2500, 2600, 2611, 2612, 2711, 2811, 3000, 3100, 3200, 3710, 3711, 3300, 3500, 3610, 3720, 3800, 3910, 4010, 4110, 4210, 4300, 4400, 4500, 4520, 4521, 4522, 4600, 4700, 4800, 4900, 5000, 5100, 5300, 5400, 5500, 5600, 5700, 5800, 6000, 6100, 6300, 6400, 6500, 6600, 6700, 6800, 6900, 7000, 7100, 7200, 7300, 7400, 7500, 7700, 7800, 7900, 8000, 8100, 8200, 8300, 8400, 8500, 8600, 8700, 8900, 9100, 9200, 9300, 9400, 9500, 9600, 9700, 9800, 9900, 10000, 10100, 10200, 10300, 10400, 10500, 10600, 10700, 10800, 10900, 11000, 11100, 11200, 11300, 11400, 11500, 11600, 11900, 12000, 12001, 12100, 12200, 12300, 12400, 12600, 12700, 12800, 12900, 13000, 13100, 13200, 13300, 13400, 13500, 13600, 13800, 13900, 14000, 14100, 14400, 14700, 14800, 14900, 15000, 15100, 15200, 15300, 99999);
my %is_unicode = map { $_ => 1 } qw(30 40 130 131 132 133 140 141 1000 1100 1430 1440 1441 1730 1740 1731 5500 5600 8000 9400 9500 9600 9700 9800 11600 13500 13800); my %is_unicode = map { $_ => 1 } qw (30 40 130 131 132 133 140 141 1000 1100 1430 1440 1441 1730 1740 1731 5500 5600 8000 9400 9500 9600 9700 9800 11600 13500 13800);
my %less_fifteen = map { $_ => 1 } qw(500 1600 1800 2400 2410 3200 6300 7400 10500 10700); my %less_fifteen = map { $_ => 1 } qw (500 1600 1800 2400 2410 3200 6300 7400 10500 10700);
my %allow_long_salt = map { $_ => 1 } qw(2500 4520 4521 5500 5600 7100 7200 7300 9400 9500 9600 9700 9800 10400 10500 10600 10700 1100 11000 11200 11300 11400 11600 12600 13500 13800 15000); my %allow_long_salt = map { $_ => 1 } qw (2500 4520 4521 5500 5600 7100 7200 7300 9400 9500 9600 9700 9800 10400 10500 10600 10700 1100 11000 11200 11300 11400 11600 12600 13500 13800 15000);
my @lotus_magic_table = my @lotus_magic_table =
( (
@ -2671,8 +2671,7 @@ sub verify
$salt = substr ($hash_in, length ('$DPAPImk$')); $salt = substr ($hash_in, length ('$DPAPImk$'));
$param = $iv; $param = $cipher;
$param2 = $cipher;
next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in}))); next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
} }
@ -3053,7 +3052,7 @@ sub verify
} }
elsif ($mode == 15300) elsif ($mode == 15300)
{ {
$hash_out = gen_hash ($mode, $word, $salt, $iter, $param, $param2); $hash_out = gen_hash ($mode, $word, $salt, $iter, $param);
$len = length $hash_out; $len = length $hash_out;
@ -4863,7 +4862,7 @@ sub gen_hash
} }
elsif ($mode == 600) elsif ($mode == 600)
{ {
$hash_buf = lc blake2b_hex($word_buf); $hash_buf = lc blake2b_hex ($word_buf);
$tmp_hash = sprintf ("\$BLAKE2\$" . $hash_buf); $tmp_hash = sprintf ("\$BLAKE2\$" . $hash_buf);
} }
elsif ($mode == 900) elsif ($mode == 900)
@ -8246,32 +8245,15 @@ END_CODE
my $SID = $salt_arr[2]; my $SID = $salt_arr[2];
my $cipher_algorithm; my $cipher_algorithm = $salt_arr[3];
my $hash_algorithm; my $hash_algorithm = $salt_arr[4];
my $iterations = $salt_arr[3]; my $iterations = $salt_arr[5];
my $salt = pack ("H*", $salt_arr[4]); my $salt = pack ("H*", $salt_arr[6]);
my $cipher_len; my $cipher_len = $salt_arr[7];
if ($version == 1)
{
$cipher_algorithm = "des3";
$hash_algorithm = "sha1";
$cipher_len = 208;
}
else
{
$cipher_algorithm = "aes256";
$hash_algorithm = "sha512";
$cipher_len = 288;
}
my $cipher; my $cipher;
@ -8303,7 +8285,7 @@ END_CODE
$expected_hmac = hmac_sha1 ($last_key, $encKey); $expected_hmac = hmac_sha1 ($last_key, $encKey);
# need padding because keyLen is 24 and hashLen 20 # need padding because keyLen is 24 and hashLen 20
$expected_hmac = $expected_hmac . randbytes(4); $expected_hmac = $expected_hmac . randbytes (4);
} }
elsif ($version == 2) elsif ($version == 2)
{ {
@ -8330,12 +8312,8 @@ END_CODE
if (defined $additional_param) if (defined $additional_param)
{ {
$salt = pack ("H*", $additional_param); $cipher = pack ("H*", $additional_param);
} my $computed_hmac = "";
if (defined $additional_param2)
{
$cipher = $additional_param2;
if ($version == 1) if ($version == 1)
{ {
@ -8370,7 +8348,6 @@ END_CODE
}); });
# let's compute a 3DES-EDE-CBC decryption # let's compute a 3DES-EDE-CBC decryption
$iv = substr ($cipher, 0, 8);
my $out1; my $out1;
my $out2; my $out2;
@ -8389,7 +8366,16 @@ END_CODE
$iv = substr ($cipher, $k * 8, 8); $iv = substr ($cipher, $k * 8, 8);
} }
if ($expected_cleartext != $cleartext) $last_key = substr ($expected_cleartext, length ($expected_cleartext) - 64, 64);
$hmacSalt = substr ($expected_cleartext, 0, 16);
$expected_hmac = substr ($expected_cleartext, 16, 20);
$encKey = hmac_sha1 ($hmacSalt, $user_derivationKey);
$computed_hmac = hmac_sha1 ($last_key, $encKey);
$cleartext = $expected_cleartext;
if (unpack ("H*", $expected_hmac) ne unpack ("H*", $computed_hmac))
{ {
$cleartext = "0" x 104; $cleartext = "0" x 104;
} }
@ -8409,9 +8395,18 @@ END_CODE
padding => "null", padding => "null",
}); });
my $expected_cleartext = $aes->decrypt(pack ("H*", $cipher)); my $expected_cleartext = $aes->decrypt ($cipher);
if ($expected_cleartext != $cleartext) $last_key = substr ($expected_cleartext, length ($expected_cleartext) - 64, 64);
$hmacSalt = substr ($expected_cleartext, 0, 16);
$expected_hmac = substr ($expected_cleartext, 16, 64);
$encKey = hmac_sha512 ($hmacSalt, $user_derivationKey);
$computed_hmac = hmac_sha512 ($last_key, $encKey);
$cleartext = $expected_cleartext;
if (unpack ("H*", $expected_hmac) ne unpack ("H*", $computed_hmac))
{ {
$cleartext = "0" x 144; $cleartext = "0" x 144;
} }
@ -8516,19 +8511,19 @@ sub dpapi_pbkdf2
my ($password, $salt, $iter, $keylen, $prf) = @_; my ($password, $salt, $iter, $keylen, $prf) = @_;
my ($k, $t, $u, $ui, $i); my ($k, $t, $u, $ui, $i);
$t = ""; $t = "";
for ($k = 1; length($t) < $keylen; $k++) for ($k = 1; length ($t) < $keylen; $k++)
{ {
$u = $ui = &$prf($salt.pack('N', $k), $password); $u = $ui = &$prf ($salt.pack ('N', $k), $password);
for ($i = 1; $i < $iter; $i++) for ($i = 1; $i < $iter; $i++)
{ {
# modification to fit Microsoft # modification to fit Microsoft
# weird pbkdf2 implementation... # weird pbkdf2 implementation...
$ui = &$prf($u, $password); $ui = &$prf ($u, $password);
$u ^= $ui; $u ^= $ui;
} }
$t .= $u; $t .= $u;
} }
return substr($t, 0, $keylen); return substr ($t, 0, $keylen);
} }
@ -8937,9 +8932,9 @@ sub pseudo_base64
my $md5 = shift; my $md5 = shift;
my $s64 = ""; my $s64 = "";
for my $i (0..3) { for my $i (0..3) {
my $v = unpack "V", substr($md5, $i*4, 4); my $v = unpack "V", substr ($md5, $i*4, 4);
for (1..4) { for (1..4) {
$s64 .= substr($itoa64, $v & 0x3f, 1); $s64 .= substr ($itoa64, $v & 0x3f, 1);
$v >>= 6; $v >>= 6;
} }
} }
@ -8981,31 +8976,31 @@ sub oracle_hash
{ {
my ($username, $password) = @_; my ($username, $password) = @_;
my $userpass = pack('n*', unpack('C*', uc($username.$password))); my $userpass = pack ('n*', unpack ('C*', uc ($username.$password)));
$userpass .= pack('C', 0) while (length($userpass) % 8); $userpass .= pack ('C', 0) while (length ($userpass) % 8);
my $key = pack('H*', "0123456789ABCDEF"); my $key = pack ('H*', "0123456789ABCDEF");
my $iv = pack('H*', "0000000000000000"); my $iv = pack ('H*', "0000000000000000");
my $c = new Crypt::CBC( my $c = new Crypt::CBC (
-literal_key => 1, -literal_key => 1,
-cipher => "DES", -cipher => "DES",
-key => $key, -key => $key,
-iv => $iv, -iv => $iv,
-header => "none" -header => "none"
); );
my $key2 = substr($c->encrypt($userpass), length($userpass)-8, 8); my $key2 = substr ($c->encrypt ($userpass), length ($userpass)-8, 8);
my $c2 = new Crypt::CBC( my $c2 = new Crypt::CBC (
-literal_key => 1, -literal_key => 1,
-cipher => "DES", -cipher => "DES",
-key => $key2, -key => $key2,
-iv => $iv, -iv => $iv,
-header => "none" -header => "none"
); );
my $hash = substr($c2->encrypt($userpass), length($userpass)-8, 8); my $hash = substr ($c2->encrypt ($userpass), length ($userpass)-8, 8);
return uc(unpack('H*', $hash)); return uc (unpack ('H*', $hash));
} }
sub androidpin_hash sub androidpin_hash
@ -9666,13 +9661,13 @@ sub setup_des_key
$key = $key_56[0]; $key = $key_56[0];
$key .= chr(((ord($key_56[0]) << 7) | (ord($key_56[1]) >> 1)) & 255); $key .= chr (((ord ($key_56[0]) << 7) | (ord ($key_56[1]) >> 1)) & 255);
$key .= chr(((ord($key_56[1]) << 6) | (ord($key_56[2]) >> 2)) & 255); $key .= chr (((ord ($key_56[1]) << 6) | (ord ($key_56[2]) >> 2)) & 255);
$key .= chr(((ord($key_56[2]) << 5) | (ord($key_56[3]) >> 3)) & 255); $key .= chr (((ord ($key_56[2]) << 5) | (ord ($key_56[3]) >> 3)) & 255);
$key .= chr(((ord($key_56[3]) << 4) | (ord($key_56[4]) >> 4)) & 255); $key .= chr (((ord ($key_56[3]) << 4) | (ord ($key_56[4]) >> 4)) & 255);
$key .= chr(((ord($key_56[4]) << 3) | (ord($key_56[5]) >> 5)) & 255); $key .= chr (((ord ($key_56[4]) << 3) | (ord ($key_56[5]) >> 5)) & 255);
$key .= chr(((ord($key_56[5]) << 2) | (ord($key_56[6]) >> 6)) & 255); $key .= chr (((ord ($key_56[5]) << 2) | (ord ($key_56[6]) >> 6)) & 255);
$key .= chr(( ord($key_56[6]) << 1) & 255); $key .= chr (( ord ($key_56[6]) << 1) & 255);
return $key; return $key;
} }
@ -10090,21 +10085,39 @@ sub get_random_dpapimk_salt
my $context = get_random_num (1, 3); my $context = get_random_num (1, 3);
my $cipher_algo = "";
my $hash_algo = "";
my $iterations; my $iterations;
my $SID = sprintf ('S-15-21-%d-%d-%d-%d', my $SID = sprintf ('S-15-21-%d-%d-%d-%d',
get_random_num(400000000,490000000), get_random_num (400000000,490000000),
get_random_num(400000000,490000000), get_random_num (400000000,490000000),
get_random_num(400000000,490000000), get_random_num (400000000,490000000),
get_random_num(1000,1999)); get_random_num (1000,1999));
my $cipher_len = 0;
if ($version == 1) if ($version == 1)
{ {
$iterations = get_random_num (4000, 24000); $iterations = get_random_num (4000, 24000);
$cipher_algo = "des3";
$hash_algo = "sha1";
$cipher_len = 208;
} }
elsif ($version == 2) elsif ($version == 2)
{ {
$iterations = get_random_num (8000, 17000); $iterations = get_random_num (8000, 17000);
$cipher_algo = "aes256";
$hash_algo = "sha512";
$cipher_len = 288;
} }
my $iv = randbytes (16); my $iv = randbytes (16);
@ -10113,8 +10126,11 @@ sub get_random_dpapimk_salt
$salt_buf = $version . '*' . $salt_buf = $version . '*' .
$context . '*' . $context . '*' .
$SID . '*' . $SID . '*' .
$cipher_algo . '*' .
$hash_algo . '*' .
$iterations . '*' . $iterations . '*' .
$iv . '*'; $iv . '*' .
$cipher_len . '*';
return $salt_buf; return $salt_buf;
} }