arno/hashcat
1
0
Fork 0
mirror of https://github.com/hashcat/hashcat.git synced 2025-06-27 10:22:37 +00:00
Code Issues Releases Wiki Activity

Merge pull request #3197 from matrix/13100_format

Browse Source 
Added support to use "John the Ripper" hash format with hash-type 13100
This commit is contained in:
Jens Steube 2022-03-04 22:37:26 +01:00 committed by GitHub
commit 96715f7c09
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 154 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
OpenCL/m13100_a0-optimized.cl
View File

@ -25,6 +25,7 @@ typedef struct krb5tgs
u32 checksum[4]; u32 checksum[4];
u32 edata2[5120]; u32 edata2[5120];
u32 edata2_len; u32 edata2_len;
u32 format;
} krb5tgs_t; } krb5tgs_t;

1
OpenCL/m13100_a0-pure.cl
View File

@ -24,6 +24,7 @@ typedef struct krb5tgs
u32 checksum[4]; u32 checksum[4];
u32 edata2[5120]; u32 edata2[5120];
u32 edata2_len; u32 edata2_len;
u32 format;
} krb5tgs_t; } krb5tgs_t;

1
OpenCL/m13100_a1-optimized.cl
View File

@ -23,6 +23,7 @@ typedef struct krb5tgs
u32 checksum[4]; u32 checksum[4];
u32 edata2[5120]; u32 edata2[5120];
u32 edata2_len; u32 edata2_len;
u32 format;
} krb5tgs_t; } krb5tgs_t;

1
OpenCL/m13100_a1-pure.cl
View File

@ -22,6 +22,7 @@ typedef struct krb5tgs
u32 checksum[4]; u32 checksum[4];
u32 edata2[5120]; u32 edata2[5120];
u32 edata2_len; u32 edata2_len;
u32 format;
} krb5tgs_t; } krb5tgs_t;

1
OpenCL/m13100_a3-optimized.cl
View File

@ -23,6 +23,7 @@ typedef struct krb5tgs
u32 checksum[4]; u32 checksum[4];
u32 edata2[5120]; u32 edata2[5120];
u32 edata2_len; u32 edata2_len;
u32 format;
} krb5tgs_t; } krb5tgs_t;

1
OpenCL/m13100_a3-pure.cl
View File

@ -22,6 +22,7 @@ typedef struct krb5tgs
u32 checksum[4]; u32 checksum[4];
u32 edata2[5120]; u32 edata2[5120];
u32 edata2_len; u32 edata2_len;
u32 format;
} krb5tgs_t; } krb5tgs_t;

3
docs/changes.txt
View File

@ -15,11 +15,12 @@
## ##
- Added new backend support for Metal, the OpenCL replacement API on Apple - Added new backend support for Metal, the OpenCL replacement API on Apple
- Added support to use 'John the Ripper' hash format with hash-type 13100
- Added support to use 'John the Ripper' hash format with hash-type 18200
- Added support to use --debug-mode in attack-mode 9 (Association Attack) - Added support to use --debug-mode in attack-mode 9 (Association Attack)
- Added support to building universal macOS binary on Apple Silicon - Added support to building universal macOS binary on Apple Silicon
- Added hex encoding format for --separator option - Added hex encoding format for --separator option
- Added password candidates range to --status-json output - Added password candidates range to --status-json output
- Added support to use 'John the Ripper' hash format with hash-type 18200
## ##
## Bugs ## Bugs

156
src/modules/module_13100.c
View File

@ -47,10 +47,11 @@ typedef struct krb5tgs
u32 checksum[4]; u32 checksum[4];
u32 edata2[5120]; u32 edata2[5120];
u32 edata2_len; u32 edata2_len;
u32 format;
} krb5tgs_t; } krb5tgs_t;
static const char *SIGNATURE_KRB5TGS = "$krb5tgs$23$"; static const char *SIGNATURE_KRB5TGS = "$krb5tgs$";
char *module_jit_build_options (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra, MAYBE_UNUSED const hashes_t *hashes, MAYBE_UNUSED const hc_device_param_t *device_param) char *module_jit_build_options (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra, MAYBE_UNUSED const hashes_t *hashes, MAYBE_UNUSED const hc_device_param_t *device_param)
{ {
@ -117,18 +118,28 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
token.signatures_cnt = 1; token.signatures_cnt = 1;
token.signatures_buf[0] = SIGNATURE_KRB5TGS; token.signatures_buf[0] = SIGNATURE_KRB5TGS;
token.len[0] = 12; token.len[0] = 9;
token.attr[0] = TOKEN_ATTR_FIXED_LENGTH token.attr[0] = TOKEN_ATTR_FIXED_LENGTH
| TOKEN_ATTR_VERIFY_SIGNATURE; | TOKEN_ATTR_VERIFY_SIGNATURE;
/** /**
* $krb5tgs$23$checksum$edata2 * hc
* $krb5tgs$23$*user*realm*spn*$checksum$edata2 * format 1: $krb5tgs$23$*user$realm$spn*$checksum$edata2
* format 2: $krb5tgs$23$checksum$edata2
*
* jtr
* format 3: $krb5tgs$spn:checksum$edata2
*/ */
if (line_len < 16) return (PARSER_SALT_LENGTH); if (line_len < (int) strlen (SIGNATURE_KRB5TGS)) return (PARSER_SALT_LENGTH);
if (line_buf[12] == '*') memset (krb5tgs, 0, sizeof (krb5tgs_t));
token.token_cnt = 4;
if (line_buf[token.len[0]] == '2' && line_buf[token.len[0] + 1] == '3' && line_buf[token.len[0] + 2] == '$')
{
if (line_buf[token.len[0] + 3] == '*')
{ {
char *account_info_start = (char *) line_buf + 12; // we want the * char included char *account_info_start = (char *) line_buf + 12; // we want the * char included
char *account_info_stop = strchr ((const char *) account_info_start + 1, '*'); char *account_info_stop = strchr ((const char *) account_info_start + 1, '*');
@ -140,10 +151,50 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
const int account_info_len = account_info_stop - account_info_start; const int account_info_len = account_info_stop - account_info_start;
token.token_cnt = 4; token.token_cnt++;
token.len[1] = account_info_len; // etype
token.attr[1] = TOKEN_ATTR_FIXED_LENGTH;
token.sep[1] = '$';
token.len_min[1] = 2;
token.len_max[1] = 2;
token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_DIGIT;
// user$realm$spn
token.len[2] = account_info_len;
token.attr[2] = TOKEN_ATTR_FIXED_LENGTH;
// checksum
token.sep[3] = '$';
token.len_min[3] = 32;
token.len_max[3] = 32;
token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
// edata2
token.sep[4] = '$';
token.len_min[4] = 64;
token.len_max[4] = 40960;
token.attr[4] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
krb5tgs->format = 1;
}
else
{
// etype
token.sep[1] = '$';
token.len_min[1] = 2;
token.len_max[1] = 2;
token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_DIGIT;
// checksum
token.sep[2] = '$'; token.sep[2] = '$';
token.len_min[2] = 32; token.len_min[2] = 32;
@ -151,39 +202,73 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX; | TOKEN_ATTR_VERIFY_HEX;
// edata2
token.sep[3] = '$'; token.sep[3] = '$';
token.len_min[3] = 64; token.len_min[3] = 64;
token.len_max[3] = 40960; token.len_max[3] = 40960;
token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX; | TOKEN_ATTR_VERIFY_HEX;
krb5tgs->format = 2;
}
} }
else else
{ {
token.token_cnt = 3; // spn
token.sep[1] = '$'; token.sep[1] = ':';
token.len_min[1] = 32; token.len_min[1] = 0;
token.len_max[1] = 32; token.len_max[1] = 2048;
token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH;
| TOKEN_ATTR_VERIFY_HEX;
// checksum
token.sep[2] = '$'; token.sep[2] = '$';
token.len_min[2] = 64; token.len_min[2] = 32;
token.len_max[2] = 40960; token.len_max[2] = 32;
token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX; | TOKEN_ATTR_VERIFY_HEX;
// edata2
token.sep[3] = '$';
token.len_min[3] = 64;
token.len_max[3] = 40960;
token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
krb5tgs->format = 3;
} }
const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token);
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
const u8 *checksum_pos; const u8 *checksum_pos = NULL;
const u8 *data_pos; const u8 *data_pos = NULL;
int data_len; int data_len = 0;
if (line_buf[12] == '*') if (krb5tgs->format == 1)
{
checksum_pos = token.buf[3];
data_pos = token.buf[4];
data_len = token.len[4];
memcpy (krb5tgs->account_info, token.buf[2], token.len[2]);
}
else if (krb5tgs->format == 2)
{
checksum_pos = token.buf[2];
data_pos = token.buf[3];
data_len = token.len[3];
krb5tgs->account_info[0] = 0;
}
else if (krb5tgs->format == 3)
{ {
checksum_pos = token.buf[2]; checksum_pos = token.buf[2];
@ -192,15 +277,8 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
memcpy (krb5tgs->account_info, token.buf[1], token.len[1]); memcpy (krb5tgs->account_info, token.buf[1], token.len[1]);
} }
else
{
checksum_pos = token.buf[1];
data_pos = token.buf[2]; if (checksum_pos == NULL || data_pos == NULL) return (PARSER_SALT_VALUE);
data_len = token.len[2];
krb5tgs->account_info[0] = 0;
}
krb5tgs->checksum[0] = hex_to_u32 (checksum_pos + 0); krb5tgs->checksum[0] = hex_to_u32 (checksum_pos + 0);
krb5tgs->checksum[1] = hex_to_u32 (checksum_pos + 8); krb5tgs->checksum[1] = hex_to_u32 (checksum_pos + 8);
@ -251,7 +329,13 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
sprintf (data + j, "%02x", ptr_edata2[i]); sprintf (data + j, "%02x", ptr_edata2[i]);
} }
const int line_len = snprintf (line_buf, line_size, "%s%s%08x%08x%08x%08x$%s", int line_len;
// preserve the input hash format
if (krb5tgs->format != 3) // hc
{
line_len = snprintf (line_buf, line_size, "%s23$%s%08x%08x%08x%08x$%s",
SIGNATURE_KRB5TGS, SIGNATURE_KRB5TGS,
(char *) krb5tgs->account_info, (char *) krb5tgs->account_info,
byte_swap_32 (krb5tgs->checksum[0]), byte_swap_32 (krb5tgs->checksum[0]),
@ -259,6 +343,18 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
byte_swap_32 (krb5tgs->checksum[2]), byte_swap_32 (krb5tgs->checksum[2]),
byte_swap_32 (krb5tgs->checksum[3]), byte_swap_32 (krb5tgs->checksum[3]),
data); data);
}
else // jtr
{
line_len = snprintf (line_buf, line_size, "%s%s:%08x%08x%08x%08x$%s",
SIGNATURE_KRB5TGS,
(char *) krb5tgs->account_info,
byte_swap_32 (krb5tgs->checksum[0]),
byte_swap_32 (krb5tgs->checksum[1]),
byte_swap_32 (krb5tgs->checksum[2]),
byte_swap_32 (krb5tgs->checksum[3]),
data);
}
return line_len; return line_len;
} }