diff --git a/include/interface_migrate.h b/include/interface_migrate.h index 87d9c39b0..a56a1badb 100644 --- a/include/interface_migrate.h +++ b/include/interface_migrate.h @@ -440,19 +440,6 @@ typedef struct dcc2_tmp } dcc2_tmp_t; -typedef struct bcrypt_tmp -{ - u32 E[18]; - - u32 P[18]; - - u32 S0[256]; - u32 S1[256]; - u32 S2[256]; - u32 S3[256]; - -} bcrypt_tmp_t; - typedef struct pwsafe2_tmp { u32 digest[2]; @@ -829,7 +816,6 @@ typedef enum hash_type HASH_TYPE_DCC2 = 9, HASH_TYPE_ORACLEH = 13, HASH_TYPE_DESRACF = 14, - HASH_TYPE_BCRYPT = 15, HASH_TYPE_RIPEMD160 = 18, HASH_TYPE_WHIRLPOOL = 19, HASH_TYPE_AES = 20, @@ -918,7 +904,6 @@ typedef enum kern_type KERN_TYPE_MD55_PWSLT2 = 2710, KERN_TYPE_MD55_SLTPW = 2810, KERN_TYPE_ORACLEH = 3100, - KERN_TYPE_BCRYPT = 3200, KERN_TYPE_MD5_SLT_MD5_PW = 3710, KERN_TYPE_MD5_SLT_PW_SLT = 3800, KERN_TYPE_MD55_PWSLT = 3910, @@ -1076,7 +1061,6 @@ typedef enum kern_type typedef enum rounds_count { ROUNDS_DCC2 = 10240, - ROUNDS_BCRYPT = (1 << 5), ROUNDS_PSAFE3 = 2048, ROUNDS_ANDROIDPIN = 1024, ROUNDS_TRUECRYPT_1K = 1000, @@ -1148,7 +1132,6 @@ typedef enum rounds_count * input functions */ -int bcrypt_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); int cisco4_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); int dcc2_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); int episerver_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); diff --git a/src/interface_migrate.c b/src/interface_migrate.c index 1c8cf7305..702606205 100644 --- a/src/interface_migrate.c +++ b/src/interface_migrate.c @@ -117,7 +117,6 @@ " 15900 | DPAPI masterkey file v2 | Operating Systems", " 12800 | MS-AzureSync PBKDF2-HMAC-SHA256 | Operating Systems", " 12400 | BSDi Crypt, Extended DES | Operating Systems", - " 3200 | bcrypt $2*$, Blowfish (Unix) | Operating Systems", " 7400 | sha256crypt $5$, SHA256 (Unix) | Operating Systems", " 1800 | sha512crypt $6$, SHA512 (Unix) | Operating Systems", " 122 | macOS v10.4, MacOS v10.5, MacOS v10.6 | Operating Systems", @@ -316,7 +315,6 @@ static const char *ST_HASH_02612 = "$PHPS$30353031383437363132$f02b0b2f25e5754ed static const char *ST_HASH_02711 = "0844fbb2fdeda31884a7a45ec2010bb6:324410183853308365427804872426"; static const char *ST_HASH_02811 = "022f7e02b3314f7d0968f73c00ba759f:67588"; static const char *ST_HASH_03100 = "792FCB0AE31D8489:7284616727"; -static const char *ST_HASH_03200 = "$2a$05$MBCzKhG1KhezLh.0LRa0Kuw12nLJtpHy6DIaU.JAnqJUDYspHC.Ou"; static const char *ST_HASH_03710 = "a3aa0ae2b4a102a9974cdf40edeabee0:242812778074"; static const char *ST_HASH_03711 = "$B$2152187716$8c8b39c3602b194eeeb6cac78eea2742"; static const char *ST_HASH_03800 = "78274b1105fb8a7c415b43ffe35ec4a9:6"; @@ -518,7 +516,6 @@ static const char *HT_02100 = "Domain Cached Credentials 2 (DCC2), MS Cache 2"; static const char *HT_02410 = "Cisco-ASA MD5"; static const char *HT_02600 = "md5(md5($pass))"; static const char *HT_03100 = "Oracle H: Type (Oracle 7+)"; -static const char *HT_03200 = "bcrypt $2*$, Blowfish (Unix)"; static const char *HT_03710 = "md5($salt.md5($pass))"; static const char *HT_03711 = "MediaWiki B type"; static const char *HT_03800 = "md5($salt.$pass.$salt)"; @@ -725,14 +722,9 @@ static const char *HT_13772 = "VeraCrypt PBKDF2-HMAC-Streebog-512 + XTS 1024 bit static const char *HT_13773 = "VeraCrypt PBKDF2-HMAC-Streebog-512 + XTS 1536 bit"; static const char *HT_12001 = "Atlassian (PBKDF2-HMAC-SHA1)"; - static const char *SIGNATURE_ANDROIDFDE = "$fde$"; static const char *SIGNATURE_AXCRYPT = "$axcrypt$"; static const char *SIGNATURE_AXCRYPT_SHA1 = "$axcrypt_sha1$"; -static const char *SIGNATURE_BCRYPT1 = "$2a$"; -static const char *SIGNATURE_BCRYPT2 = "$2b$"; -static const char *SIGNATURE_BCRYPT3 = "$2x$"; -static const char *SIGNATURE_BCRYPT4 = "$2y$"; static const char *SIGNATURE_BITCOIN_WALLET = "$bitcoin$"; static const char *SIGNATURE_BSDICRYPT = "_"; static const char *SIGNATURE_CISCO8 = "$8$"; @@ -2743,91 +2735,6 @@ int luks_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSE return (PARSER_OK); } - - -int bcrypt_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig) -{ - u32 *digest = (u32 *) hash_buf->digest; - - salt_t *salt = hash_buf->salt; - - token_t token; - - token.token_cnt = 4; - - token.signatures_cnt = 4; - token.signatures_buf[0] = SIGNATURE_BCRYPT1; - token.signatures_buf[1] = SIGNATURE_BCRYPT2; - token.signatures_buf[2] = SIGNATURE_BCRYPT3; - token.signatures_buf[3] = SIGNATURE_BCRYPT4; - - token.len[0] = 4; - token.attr[0] = TOKEN_ATTR_FIXED_LENGTH - | TOKEN_ATTR_VERIFY_SIGNATURE; - - token.len_min[1] = 2; - token.len_max[1] = 2; - token.sep[1] = '$'; - token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH - | TOKEN_ATTR_VERIFY_DIGIT; - - token.len[2] = 22; - token.attr[2] = TOKEN_ATTR_FIXED_LENGTH - | TOKEN_ATTR_VERIFY_BASE64B; - - token.len[3] = 31; - token.attr[3] = TOKEN_ATTR_FIXED_LENGTH - | TOKEN_ATTR_VERIFY_BASE64B; - - const int rc_tokenizer = input_tokenizer (input_buf, input_len, &token); - - if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); - - const u8 *iter_pos = token.buf[1]; - const u8 *salt_pos = token.buf[2]; - const u8 *hash_pos = token.buf[3]; - - const int salt_len = token.len[2]; - const int hash_len = token.len[3]; - - salt->salt_len = 16; - salt->salt_iter = 1u << hc_strtoul ((const char *) iter_pos, NULL, 10); - - memcpy ((char *) salt->salt_sign, input_buf, 6); - - u8 *salt_buf_ptr = (u8 *) salt->salt_buf; - - u8 tmp_buf[100]; - - memset (tmp_buf, 0, sizeof (tmp_buf)); - - base64_decode (bf64_to_int, (const u8 *) salt_pos, salt_len, tmp_buf); - - memcpy (salt_buf_ptr, tmp_buf, 16); - - salt->salt_buf[0] = byte_swap_32 (salt->salt_buf[0]); - salt->salt_buf[1] = byte_swap_32 (salt->salt_buf[1]); - salt->salt_buf[2] = byte_swap_32 (salt->salt_buf[2]); - salt->salt_buf[3] = byte_swap_32 (salt->salt_buf[3]); - - memset (tmp_buf, 0, sizeof (tmp_buf)); - - base64_decode (bf64_to_int, (const u8 *) hash_pos, hash_len, tmp_buf); - - memcpy (digest, tmp_buf, 24); - - digest[0] = byte_swap_32 (digest[0]); - digest[1] = byte_swap_32 (digest[1]); - digest[2] = byte_swap_32 (digest[2]); - digest[3] = byte_swap_32 (digest[3]); - digest[4] = byte_swap_32 (digest[4]); - digest[5] = byte_swap_32 (digest[5]); - - digest[5] &= ~0xffu; // its just 23 not 24 ! - - return (PARSER_OK); -} - int cisco4_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig) { u32 *digest = (u32 *) hash_buf->digest; @@ -16665,7 +16572,6 @@ u32 kernel_threads_mxx (hashcat_ctx_t *hashcat_ctx) { - if (hashconfig->hash_mode == 3200) kernel_threads = 8; // Blowfish if (hashconfig->hash_mode == 7500) kernel_threads = 64; // RC4 if (hashconfig->hash_mode == 8900) kernel_threads = 16; // SCRYPT if (hashconfig->hash_mode == 9000) kernel_threads = 8; // Blowfish @@ -16933,8 +16839,6 @@ void hashconfig_benchmark_defaults (hashcat_ctx_t *hashcat_ctx, salt_t *salt, vo break; case 2100: salt->salt_iter = ROUNDS_DCC2; break; - case 3200: salt->salt_iter = ROUNDS_BCRYPT; - break; case 5200: salt->salt_iter = ROUNDS_PSAFE3; break; case 5800: salt->salt_iter = ROUNDS_ANDROIDPIN - 1; @@ -20300,15 +20204,6 @@ int ascii_digest (hashcat_ctx_t *hashcat_ctx, char *out_buf, const int out_size, digest_buf[0], digest_buf[1]); } - else if (hash_type == HASH_TYPE_BCRYPT) - { - base64_encode (int_to_bf64, (const u8 *) salt.salt_buf, 16, (u8 *) tmp_buf + 0); - base64_encode (int_to_bf64, (const u8 *) digest_buf, 23, (u8 *) tmp_buf + 22); - - tmp_buf[22 + 31] = 0; // base64_encode wants to pad - - snprintf (out_buf, out_size, "%s$%s", (char *) salt.salt_sign, tmp_buf); - } else if (hash_type == HASH_TYPE_CHACHA20) { u32 *ptr = digest_buf; @@ -21669,23 +21564,6 @@ int hashconfig_init (hashcat_ctx_t *hashcat_ctx) hashconfig->st_pass = ST_PASS_HASHCAT_PLAIN; break; - case 3200: hashconfig->hash_type = HASH_TYPE_BCRYPT; - hashconfig->salt_type = SALT_TYPE_EMBEDDED; - hashconfig->attack_exec = ATTACK_EXEC_OUTSIDE_KERNEL; - hashconfig->opts_type = OPTS_TYPE_PT_GENERATE_LE - | OPTS_TYPE_ST_GENERATE_LE; - hashconfig->kern_type = KERN_TYPE_BCRYPT; - hashconfig->dgst_size = DGST_SIZE_4_6; - hashconfig->parse_func = bcrypt_parse_hash; - hashconfig->opti_type = OPTI_TYPE_ZERO_BYTE; - hashconfig->dgst_pos0 = 0; - hashconfig->dgst_pos1 = 1; - hashconfig->dgst_pos2 = 2; - hashconfig->dgst_pos3 = 3; - hashconfig->st_hash = ST_HASH_03200; - hashconfig->st_pass = ST_PASS_HASHCAT_PLAIN; - break; - case 3710: hashconfig->hash_type = HASH_TYPE_MD5; hashconfig->salt_type = SALT_TYPE_GENERIC; hashconfig->attack_exec = ATTACK_EXEC_INSIDE_KERNEL; @@ -25102,7 +24980,6 @@ int hashconfig_init (hashcat_ctx_t *hashcat_ctx) { case 1800: hashconfig->tmp_size = sizeof (sha512crypt_tmp_t); break; case 2100: hashconfig->tmp_size = sizeof (dcc2_tmp_t); break; - case 3200: hashconfig->tmp_size = sizeof (bcrypt_tmp_t); break; case 5200: hashconfig->tmp_size = sizeof (pwsafe3_tmp_t); break; case 5800: hashconfig->tmp_size = sizeof (androidpin_tmp_t); break; case 6211: hashconfig->tmp_size = sizeof (tc_tmp_t); break; @@ -25276,7 +25153,6 @@ u32 default_pw_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED co case 112: pw_max = 30; break; // https://www.toadworld.com/platforms/oracle/b/weblog/archive/2013/11/12/oracle-12c-passwords case 2100: pw_max = PW_MAX; break; case 3100: pw_max = 30; break; // http://www.red-database-security.de/whitepaper/oracle_passwords.html - case 3200: pw_max = 72; break; // Underlaying Blowfish max case 5200: pw_max = PW_MAX; break; case 6211: pw_max = 64; break; // TC limits itself to 64 case 6212: pw_max = 64; break; // TC limits itself to 64 @@ -26086,7 +25962,6 @@ bool module_unstable_warning (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE */ if ( - || (hashconfig->hash_mode == 3200) || (hashconfig->hash_mode == 8900) || (hashconfig->hash_mode == 9300) || (hashconfig->hash_mode == 9800) diff --git a/src/modules/module_03200.c b/src/modules/module_03200.c new file mode 100644 index 000000000..8c33feb2a --- /dev/null +++ b/src/modules/module_03200.c @@ -0,0 +1,279 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#include "common.h" +#include "types.h" +#include "modules.h" +#include "bitops.h" +#include "convert.h" +#include "shared.h" + +static const u32 ATTACK_EXEC = ATTACK_EXEC_OUTSIDE_KERNEL; +static const u32 DGST_POS0 = 0; +static const u32 DGST_POS1 = 1; +static const u32 DGST_POS2 = 2; +static const u32 DGST_POS3 = 3; +static const u32 DGST_SIZE = DGST_SIZE_4_6; +static const u32 HASH_CATEGORY = HASH_CATEGORY_OS; +static const char *HASH_NAME = "bcrypt $2*$, Blowfish (Unix)"; +static const u32 HASH_TYPE = HASH_TYPE_GENERIC; +static const u64 KERN_TYPE = 3200; +static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE; +static const u64 OPTS_TYPE = OPTS_TYPE_STATE_BUFFER_LE + | OPTS_TYPE_PT_GENERATE_LE + | OPTS_TYPE_ST_GENERATE_LE; +static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; +static const char *ST_PASS = "hashcat"; +static const char *ST_HASH = "$2a$05$MBCzKhG1KhezLh.0LRa0Kuw12nLJtpHy6DIaU.JAnqJUDYspHC.Ou"; + +u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } +u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } +u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } +u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; } +u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; } +u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; } +u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; } +const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; } +u32 module_hash_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_TYPE; } +u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; } +u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; } +u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; } +u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; } +const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } +const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } + +static const char *SIGNATURE_BCRYPT1 = "$2a$"; +static const char *SIGNATURE_BCRYPT2 = "$2b$"; +static const char *SIGNATURE_BCRYPT3 = "$2x$"; +static const char *SIGNATURE_BCRYPT4 = "$2y$"; + +typedef struct bcrypt_tmp +{ + u32 E[18]; + + u32 P[18]; + + u32 S0[256]; + u32 S1[256]; + u32 S2[256]; + u32 S3[256]; + +} bcrypt_tmp_t; + +bool module_unstable_warning (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + #if defined (__APPLE__) + return true; + #endif // __APPLE__ + + return false; +} + +u32 module_pw_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u32 pw_max = 72; // Underlaying Blowfish max + + return pw_max; +} + +u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 tmp_size = (const u64) sizeof (bcrypt_tmp_t); + + return tmp_size; +} + +u32 module_kernel_threads_min (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u32 kernel_threads_min = 8; + + return kernel_threads_min; +} + +u32 module_kernel_threads_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u32 kernel_threads_max = 8; + + return kernel_threads_max; +} + +int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) +{ + u32 *digest = (u32 *) digest_buf; + + token_t token; + + token.token_cnt = 4; + + token.signatures_cnt = 4; + token.signatures_buf[0] = SIGNATURE_BCRYPT1; + token.signatures_buf[1] = SIGNATURE_BCRYPT2; + token.signatures_buf[2] = SIGNATURE_BCRYPT3; + token.signatures_buf[3] = SIGNATURE_BCRYPT4; + + token.len[0] = 4; + token.attr[0] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_SIGNATURE; + + token.len_min[1] = 2; + token.len_max[1] = 2; + token.sep[1] = '$'; + token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_DIGIT; + + token.len[2] = 22; + token.attr[2] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_BASE64B; + + token.len[3] = 31; + token.attr[3] = TOKEN_ATTR_FIXED_LENGTH + | TOKEN_ATTR_VERIFY_BASE64B; + + const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); + + if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); + + const u8 *iter_pos = token.buf[1]; + const u8 *salt_pos = token.buf[2]; + const u8 *hash_pos = token.buf[3]; + + const int salt_len = token.len[2]; + const int hash_len = token.len[3]; + + salt->salt_len = 16; + salt->salt_iter = 1u << hc_strtoul ((const char *) iter_pos, NULL, 10); + + memcpy ((char *) salt->salt_sign, line_buf, 6); + + u8 *salt_buf_ptr = (u8 *) salt->salt_buf; + + u8 tmp_buf[100]; + + memset (tmp_buf, 0, sizeof (tmp_buf)); + + base64_decode (bf64_to_int, (const u8 *) salt_pos, salt_len, tmp_buf); + + memcpy (salt_buf_ptr, tmp_buf, 16); + + salt->salt_buf[0] = byte_swap_32 (salt->salt_buf[0]); + salt->salt_buf[1] = byte_swap_32 (salt->salt_buf[1]); + salt->salt_buf[2] = byte_swap_32 (salt->salt_buf[2]); + salt->salt_buf[3] = byte_swap_32 (salt->salt_buf[3]); + + memset (tmp_buf, 0, sizeof (tmp_buf)); + + base64_decode (bf64_to_int, (const u8 *) hash_pos, hash_len, tmp_buf); + + memcpy (digest, tmp_buf, 24); + + digest[0] = byte_swap_32 (digest[0]); + digest[1] = byte_swap_32 (digest[1]); + digest[2] = byte_swap_32 (digest[2]); + digest[3] = byte_swap_32 (digest[3]); + digest[4] = byte_swap_32 (digest[4]); + digest[5] = byte_swap_32 (digest[5]); + + digest[5] &= ~0xffu; // its just 23 not 24 ! + + return (PARSER_OK); +} + +int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) +{ + const u32 *digest = (const u32 *) digest_buf; + + u32 tmp_digest[6]; + + tmp_digest[0] = byte_swap_32 (digest[0]); + tmp_digest[1] = byte_swap_32 (digest[1]); + tmp_digest[2] = byte_swap_32 (digest[2]); + tmp_digest[3] = byte_swap_32 (digest[3]); + tmp_digest[4] = byte_swap_32 (digest[4]); + tmp_digest[5] = byte_swap_32 (digest[5]); + + u32 tmp_salt[4]; + + tmp_salt[0] = byte_swap_32 (salt->salt_buf[0]); + tmp_salt[1] = byte_swap_32 (salt->salt_buf[1]); + tmp_salt[2] = byte_swap_32 (salt->salt_buf[2]); + tmp_salt[3] = byte_swap_32 (salt->salt_buf[3]); + + char tmp_buf[64]; + + base64_encode (int_to_bf64, (const u8 *) tmp_salt, 16, (u8 *) tmp_buf + 0); + base64_encode (int_to_bf64, (const u8 *) tmp_digest, 23, (u8 *) tmp_buf + 22); + + tmp_buf[22 + 31] = 0; // base64_encode wants to pad + + return snprintf (line_buf, line_size, "%s$%s", (char *) salt->salt_sign, tmp_buf); +} + +void module_init (module_ctx_t *module_ctx) +{ + module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; + module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT; + + module_ctx->module_attack_exec = module_attack_exec; + module_ctx->module_benchmark_esalt = MODULE_DEFAULT; + module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT; + module_ctx->module_benchmark_mask = MODULE_DEFAULT; + module_ctx->module_benchmark_salt = MODULE_DEFAULT; + module_ctx->module_build_plain_postprocess = MODULE_DEFAULT; + module_ctx->module_deep_comp_kernel = MODULE_DEFAULT; + module_ctx->module_dgst_pos0 = module_dgst_pos0; + module_ctx->module_dgst_pos1 = module_dgst_pos1; + module_ctx->module_dgst_pos2 = module_dgst_pos2; + module_ctx->module_dgst_pos3 = module_dgst_pos3; + module_ctx->module_dgst_size = module_dgst_size; + module_ctx->module_dictstat_disable = MODULE_DEFAULT; + module_ctx->module_esalt_size = MODULE_DEFAULT; + module_ctx->module_extra_buffer_size = MODULE_DEFAULT; + module_ctx->module_forced_outfile_format = MODULE_DEFAULT; + module_ctx->module_hash_binary_count = MODULE_DEFAULT; + module_ctx->module_hash_binary_parse = MODULE_DEFAULT; + module_ctx->module_hash_binary_save = MODULE_DEFAULT; + module_ctx->module_hash_binary_verify = MODULE_DEFAULT; + module_ctx->module_hash_decode_outfile = MODULE_DEFAULT; + module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; + module_ctx->module_hash_decode = module_hash_decode; + module_ctx->module_hash_encode_status = MODULE_DEFAULT; + module_ctx->module_hash_encode = module_hash_encode; + module_ctx->module_hash_init_selftest = MODULE_DEFAULT; + module_ctx->module_hash_mode = MODULE_DEFAULT; + module_ctx->module_hash_category = module_hash_category; + module_ctx->module_hash_name = module_hash_name; + module_ctx->module_hash_type = module_hash_type; + module_ctx->module_hlfmt_disable = MODULE_DEFAULT; + module_ctx->module_hook12 = MODULE_DEFAULT; + module_ctx->module_hook23 = MODULE_DEFAULT; + module_ctx->module_hook_salt_size = MODULE_DEFAULT; + module_ctx->module_hook_size = MODULE_DEFAULT; + module_ctx->module_jit_build_options = MODULE_DEFAULT; + module_ctx->module_kernel_accel_max = MODULE_DEFAULT; + module_ctx->module_kernel_accel_min = MODULE_DEFAULT; + module_ctx->module_kernel_loops_max = MODULE_DEFAULT; + module_ctx->module_kernel_loops_min = MODULE_DEFAULT; + module_ctx->module_kernel_threads_max = module_kernel_threads_max; + module_ctx->module_kernel_threads_min = module_kernel_threads_min; + module_ctx->module_kern_type = module_kern_type; + module_ctx->module_opti_type = module_opti_type; + module_ctx->module_opts_type = module_opts_type; + module_ctx->module_outfile_check_disable = MODULE_DEFAULT; + module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT; + module_ctx->module_potfile_disable = MODULE_DEFAULT; + module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; + module_ctx->module_pwdump_column = MODULE_DEFAULT; + module_ctx->module_pw_max = module_pw_max; + module_ctx->module_pw_min = MODULE_DEFAULT; + module_ctx->module_salt_max = MODULE_DEFAULT; + module_ctx->module_salt_min = MODULE_DEFAULT; + module_ctx->module_salt_type = module_salt_type; + module_ctx->module_separator = MODULE_DEFAULT; + module_ctx->module_st_hash = module_st_hash; + module_ctx->module_st_pass = module_st_pass; + module_ctx->module_tmp_size = module_tmp_size; + module_ctx->module_unstable_warning = module_unstable_warning; + module_ctx->module_warmup_disable = MODULE_DEFAULT; +} diff --git a/tools/test_modules/m03200.pm b/tools/test_modules/m03200.pm new file mode 100644 index 000000000..05c8df3af --- /dev/null +++ b/tools/test_modules/m03200.pm @@ -0,0 +1,74 @@ +#!/usr/bin/env perl + +## +## Author......: See docs/credits.txt +## License.....: MIT +## + +use strict; +use warnings; + +use Crypt::Eksblowfish::Bcrypt qw (bcrypt en_base64); +use MIME::Base64 qw (decode_base64); + +sub module_constraints { [[0, 72], [16, 16], [0, 72], [16, 16], [-1, -1]] } + +sub module_generate_hash +{ + my $word = shift; + my $salt = shift; + my $iter = shift; + + my $cost = "05"; + + if (length ($iter)) + { + $cost = $iter; + } + + my $hash = bcrypt ($word, sprintf ('$2a$%s$%s$', $cost, en_base64 ($salt))); + + return $hash; +} + +sub module_verify_hash +{ + my $line = shift; + + my $index1 = index ($line, ":", 33); + + return if $index1 < 1; + + my $hash = substr ($line, 0, $index1); + my $word = substr ($line, $index1 + 1); + + my $index2 = index ($hash, "\$", 4); + + my $iter = substr ($hash, 4, $index2 - 4); + + my $plain_base64 = substr ($hash, $index2 + 1, 22); + + # base64 mapping + + my $base64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; + my $itoa64_2 = "./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; + + my $encoded = ""; + + for (my $i = 0; $i < length ($plain_base64); $i++) + { + my $char = substr ($plain_base64, $i, 1); + + $encoded .= substr ($base64, index ($itoa64_2, $char), 1); + } + + my $salt = decode_base64 ($encoded); + + my $word_packed = pack_if_HEX_notation ($word); + + my $new_hash = module_generate_hash ($word_packed, $salt, $iter); + + return ($new_hash, $word); +} + +1;