arno/hashcat
1
0
Fork 0
mirror of https://github.com/hashcat/hashcat.git synced 2025-02-22 20:42:07 +00:00
Code Issues Releases Wiki Activity

27100 Slow hash, have doubts on how to correctly set iterations

Browse Source
This commit is contained in:
Cablethief 2021-07-14 14:58:26 +02:00
parent 5249e2152d
commit a38b5b3e25
5 changed files with 179 additions and 1086 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

161
OpenCL/m27100-pure.cl Normal file
View File

@ -0,0 +1,161 @@
/**
* Author......: See docs/credits.txt
* License.....: MIT
*/
// #define NEW_SIMD_CODE
#ifdef KERNEL_STATIC
#include "inc_vendor.h"
#include "inc_types.h"
#include "inc_platform.cl"
#include "inc_common.cl"
#include "inc_rp.h"
#include "inc_rp.cl"
#include "inc_scalar.cl"
#include "inc_hash_md4.cl"
#include "inc_hash_md5.cl"
#endif
#define COMPARE_S "inc_comp_single.cl"
#define COMPARE_M "inc_comp_multi.cl"
typedef struct netntlm
{
u32 user_len;
u32 domain_len;
u32 srvchall_len;
u32 clichall_len;
u32 userdomain_buf[64];
u32 chall_buf[256];
} netntlm_t;
typedef struct netntlmv2_tmp
{
u32 digest_buf[4];
} netntlm_tmp_t;
KERNEL_FQ void m27100_init (KERN_ATTR_TMPS_ESALT (netntlm_tmp_t, netntlm_t))
{
/**
* modifier
*/
const u64 lid = get_local_id (0);
const u64 gid = get_global_id (0);
if (gid >= gid_max) return;
/**
* base
*/
tmps[gid].digest_buf[0] = pws[gid].i[ 0];
tmps[gid].digest_buf[1] = pws[gid].i[ 1];
tmps[gid].digest_buf[2] = pws[gid].i[ 2];
tmps[gid].digest_buf[3] = pws[gid].i[ 3];
}
KERNEL_FQ void m27100_loop (KERN_ATTR_TMPS_ESALT (netntlm_tmp_t, netntlm_t))
{
const u64 lid = get_local_id (0);
const u64 gid = get_global_id (0);
u32 w0[4];
u32 w1[4];
u32 w2[4];
u32 w3[4];
w0[0] = tmps[gid].digest_buf[0];
w0[1] = tmps[gid].digest_buf[1];
w0[2] = tmps[gid].digest_buf[2];
w0[3] = tmps[gid].digest_buf[3];
w1[0] = 0;
w1[1] = 0;
w1[2] = 0;
w1[3] = 0;
w2[0] = 0;
w2[1] = 0;
w2[2] = 0;
w2[3] = 0;
w3[0] = 0;
w3[1] = 0;
w3[2] = 0;
w3[3] = 0;
for (u32 i = 0; i < loop_cnt; i++)
{
md5_hmac_ctx_t ctx0;
md5_hmac_init_64 (&ctx0, w0, w1, w2, w3);
md5_hmac_update_global (&ctx0, esalt_bufs[DIGESTS_OFFSET].userdomain_buf, esalt_bufs[DIGESTS_OFFSET].user_len + esalt_bufs[DIGESTS_OFFSET].domain_len);
md5_hmac_final (&ctx0);
w0[0] = ctx0.opad.h[0];
w0[1] = ctx0.opad.h[1];
w0[2] = ctx0.opad.h[2];
w0[3] = ctx0.opad.h[3];
w1[0] = 0;
w1[1] = 0;
w1[2] = 0;
w1[3] = 0;
w2[0] = 0;
w2[1] = 0;
w2[2] = 0;
w2[3] = 0;
w3[0] = 0;
w3[1] = 0;
w3[2] = 0;
w3[3] = 0;
md5_hmac_ctx_t ctx;
md5_hmac_init_64 (&ctx, w0, w1, w2, w3);
md5_hmac_update_global (&ctx, esalt_bufs[DIGESTS_OFFSET].chall_buf, esalt_bufs[DIGESTS_OFFSET].srvchall_len + esalt_bufs[DIGESTS_OFFSET].clichall_len);
md5_hmac_final (&ctx);
tmps[gid].digest_buf[0] = ctx.opad.h[0];
tmps[gid].digest_buf[1] = ctx.opad.h[1];
tmps[gid].digest_buf[2] = ctx.opad.h[2];
tmps[gid].digest_buf[3] = ctx.opad.h[3];
}
}
KERNEL_FQ void m27100_comp (KERN_ATTR_TMPS_ESALT (netntlm_tmp_t, netntlm_t))
{
/**
* modifier
*/
const u64 gid = get_global_id (0);
if (gid >= gid_max) return;
const u64 lid = get_local_id (0);
/**
* digest
*/
const u32 r0 = tmps[gid].digest_buf[DGST_R0];
const u32 r1 = tmps[gid].digest_buf[DGST_R1];
const u32 r2 = tmps[gid].digest_buf[DGST_R2];
const u32 r3 = tmps[gid].digest_buf[DGST_R3];
#define il_pos 0
#ifdef KERNEL_STATIC
#include COMPARE_M
#endif
}

610
OpenCL/m27100_a0-optimized.cl
View File

@ -1,610 +0,0 @@
/**
* Author......: See docs/credits.txt
* License.....: MIT
*/
#define NEW_SIMD_CODE
#ifdef KERNEL_STATIC
#include "inc_vendor.h"
#include "inc_types.h"
#include "inc_platform.cl"
#include "inc_common.cl"
#include "inc_rp_optimized.h"
#include "inc_rp_optimized.cl"
#include "inc_simd.cl"
#include "inc_hash_md4.cl"
#include "inc_hash_md5.cl"
#endif
typedef struct netntlm
{
u32 user_len;
u32 domain_len;
u32 srvchall_len;
u32 clichall_len;
u32 userdomain_buf[64];
u32 chall_buf[256];
} netntlm_t;
DECLSPEC void hmac_md5_pad (u32x *w0, u32x *w1, u32x *w2, u32x *w3, u32x *ipad, u32x *opad)
{
w0[0] = w0[0] ^ 0x36363636;
w0[1] = w0[1] ^ 0x36363636;
w0[2] = w0[2] ^ 0x36363636;
w0[3] = w0[3] ^ 0x36363636;
w1[0] = w1[0] ^ 0x36363636;
w1[1] = w1[1] ^ 0x36363636;
w1[2] = w1[2] ^ 0x36363636;
w1[3] = w1[3] ^ 0x36363636;
w2[0] = w2[0] ^ 0x36363636;
w2[1] = w2[1] ^ 0x36363636;
w2[2] = w2[2] ^ 0x36363636;
w2[3] = w2[3] ^ 0x36363636;
w3[0] = w3[0] ^ 0x36363636;
w3[1] = w3[1] ^ 0x36363636;
w3[2] = w3[2] ^ 0x36363636;
w3[3] = w3[3] ^ 0x36363636;
ipad[0] = MD5M_A;
ipad[1] = MD5M_B;
ipad[2] = MD5M_C;
ipad[3] = MD5M_D;
md5_transform_vector (w0, w1, w2, w3, ipad);
w0[0] = w0[0] ^ 0x6a6a6a6a;
w0[1] = w0[1] ^ 0x6a6a6a6a;
w0[2] = w0[2] ^ 0x6a6a6a6a;
w0[3] = w0[3] ^ 0x6a6a6a6a;
w1[0] = w1[0] ^ 0x6a6a6a6a;
w1[1] = w1[1] ^ 0x6a6a6a6a;
w1[2] = w1[2] ^ 0x6a6a6a6a;
w1[3] = w1[3] ^ 0x6a6a6a6a;
w2[0] = w2[0] ^ 0x6a6a6a6a;
w2[1] = w2[1] ^ 0x6a6a6a6a;
w2[2] = w2[2] ^ 0x6a6a6a6a;
w2[3] = w2[3] ^ 0x6a6a6a6a;
w3[0] = w3[0] ^ 0x6a6a6a6a;
w3[1] = w3[1] ^ 0x6a6a6a6a;
w3[2] = w3[2] ^ 0x6a6a6a6a;
w3[3] = w3[3] ^ 0x6a6a6a6a;
opad[0] = MD5M_A;
opad[1] = MD5M_B;
opad[2] = MD5M_C;
opad[3] = MD5M_D;
md5_transform_vector (w0, w1, w2, w3, opad);
}
DECLSPEC void hmac_md5_run (u32x *w0, u32x *w1, u32x *w2, u32x *w3, u32x *ipad, u32x *opad, u32x *digest)
{
digest[0] = ipad[0];
digest[1] = ipad[1];
digest[2] = ipad[2];
digest[3] = ipad[3];
md5_transform_vector (w0, w1, w2, w3, digest);
w0[0] = digest[0];
w0[1] = digest[1];
w0[2] = digest[2];
w0[3] = digest[3];
w1[0] = 0x80;
w1[1] = 0;
w1[2] = 0;
w1[3] = 0;
w2[0] = 0;
w2[1] = 0;
w2[2] = 0;
w2[3] = 0;
w3[0] = 0;
w3[1] = 0;
w3[2] = (64 + 16) * 8;
w3[3] = 0;
digest[0] = opad[0];
digest[1] = opad[1];
digest[2] = opad[2];
digest[3] = opad[3];
md5_transform_vector (w0, w1, w2, w3, digest);
}
KERNEL_FQ void m27100_m04 (KERN_ATTR_RULES_ESALT (netntlm_t))
{
/**
* modifier
*/
const u64 gid = get_global_id (0);
const u64 lid = get_local_id (0);
const u64 lsz = get_local_size (0);
/**
* salt
*/
LOCAL_VK u32 s_userdomain_buf[64];
for (u32 i = lid; i < 64; i += lsz)
{
s_userdomain_buf[i] = esalt_bufs[DIGESTS_OFFSET].userdomain_buf[i];
}
LOCAL_VK u32 s_chall_buf[256];
for (u32 i = lid; i < 256; i += lsz)
{
s_chall_buf[i] = esalt_bufs[DIGESTS_OFFSET].chall_buf[i];
}
SYNC_THREADS ();
if (gid >= gid_max) return;
const u32 userdomain_len = esalt_bufs[DIGESTS_OFFSET].user_len
+ esalt_bufs[DIGESTS_OFFSET].domain_len;
const u32 chall_len = esalt_bufs[DIGESTS_OFFSET].srvchall_len
+ esalt_bufs[DIGESTS_OFFSET].clichall_len;
/**
* base
*/
// u32 pw_buf0[4];
// u32 pw_buf1[4];
// pw_buf0[0] = pws[gid].i[0];
// pw_buf0[1] = pws[gid].i[1];
// pw_buf0[2] = pws[gid].i[2];
// pw_buf0[3] = pws[gid].i[3];
// pw_buf1[0] = pws[gid].i[4];
// pw_buf1[1] = pws[gid].i[5];
// pw_buf1[2] = pws[gid].i[6];
// pw_buf1[3] = pws[gid].i[7];
// const u32 pw_len = pws[gid].pw_len & 63;
/**
* loop
*/
for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE)
{
// u32x w0[4] = { 0 };
// u32x w1[4] = { 0 };
// u32x w2[4] = { 0 };
// u32x w3[4] = { 0 };
// const u32x out_len = apply_rules_vect_optimized (pw_buf0, pw_buf1, pw_len, rules_buf, il_pos, w0, w1);
// append_0x80_2x4_VV (w0, w1, out_len);
u32x w0_t[4];
u32x w1_t[4];
u32x w2_t[4];
u32x w3_t[4];
// make_utf16le (w0, w0_t, w1_t);
// make_utf16le (w1, w2_t, w3_t);
// w3_t[2] = out_len * 8 * 2;
// w3_t[3] = 0;
// digest[0] = pws[gid].i[ 0];
// digest[1] = pws[gid].i[ 1];;
// digest[2] = pws[gid].i[ 2];;
// digest[3] = pws[gid].i[ 3];;
// md4_transform_vector (w0_t, w1_t, w2_t, w3_t, digest);
w0_t[0] = pws[gid].i[ 0];
w0_t[1] = pws[gid].i[ 1];
w0_t[2] = pws[gid].i[ 2];
w0_t[3] = pws[gid].i[ 3];
w1_t[0] = 0;
w1_t[1] = 0;
w1_t[2] = 0;
w1_t[3] = 0;
w2_t[0] = 0;
w2_t[1] = 0;
w2_t[2] = 0;
w2_t[3] = 0;
w3_t[0] = 0;
w3_t[1] = 0;
w3_t[2] = 0;
w3_t[3] = 0;
u32x digest[4];
digest[0] = MD5M_A;
digest[1] = MD5M_B;
digest[2] = MD5M_C;
digest[3] = MD5M_D;
u32x ipad[4];
u32x opad[4];
hmac_md5_pad (w0_t, w1_t, w2_t, w3_t, ipad, opad);
int left;
int off;
for (left = userdomain_len, off = 0; left >= 56; left -= 64, off += 16)
{
w0_t[0] = s_userdomain_buf[off + 0];
w0_t[1] = s_userdomain_buf[off + 1];
w0_t[2] = s_userdomain_buf[off + 2];
w0_t[3] = s_userdomain_buf[off + 3];
w1_t[0] = s_userdomain_buf[off + 4];
w1_t[1] = s_userdomain_buf[off + 5];
w1_t[2] = s_userdomain_buf[off + 6];
w1_t[3] = s_userdomain_buf[off + 7];
w2_t[0] = s_userdomain_buf[off + 8];
w2_t[1] = s_userdomain_buf[off + 9];
w2_t[2] = s_userdomain_buf[off + 10];
w2_t[3] = s_userdomain_buf[off + 11];
w3_t[0] = s_userdomain_buf[off + 12];
w3_t[1] = s_userdomain_buf[off + 13];
w3_t[2] = s_userdomain_buf[off + 14];
w3_t[3] = s_userdomain_buf[off + 15];
md5_transform_vector (w0_t, w1_t, w2_t, w3_t, ipad);
}
w0_t[0] = s_userdomain_buf[off + 0];
w0_t[1] = s_userdomain_buf[off + 1];
w0_t[2] = s_userdomain_buf[off + 2];
w0_t[3] = s_userdomain_buf[off + 3];
w1_t[0] = s_userdomain_buf[off + 4];
w1_t[1] = s_userdomain_buf[off + 5];
w1_t[2] = s_userdomain_buf[off + 6];
w1_t[3] = s_userdomain_buf[off + 7];
w2_t[0] = s_userdomain_buf[off + 8];
w2_t[1] = s_userdomain_buf[off + 9];
w2_t[2] = s_userdomain_buf[off + 10];
w2_t[3] = s_userdomain_buf[off + 11];
w3_t[0] = s_userdomain_buf[off + 12];
w3_t[1] = s_userdomain_buf[off + 13];
w3_t[2] = (64 + userdomain_len) * 8;
w3_t[3] = 0;
hmac_md5_run (w0_t, w1_t, w2_t, w3_t, ipad, opad, digest);
w0_t[0] = digest[0];
w0_t[1] = digest[1];
w0_t[2] = digest[2];
w0_t[3] = digest[3];
w1_t[0] = 0;
w1_t[1] = 0;
w1_t[2] = 0;
w1_t[3] = 0;
w2_t[0] = 0;
w2_t[1] = 0;
w2_t[2] = 0;
w2_t[3] = 0;
w3_t[0] = 0;
w3_t[1] = 0;
w3_t[2] = 0;
w3_t[3] = 0;
digest[0] = MD5M_A;
digest[1] = MD5M_B;
digest[2] = MD5M_C;
digest[3] = MD5M_D;
hmac_md5_pad (w0_t, w1_t, w2_t, w3_t, ipad, opad);
for (left = chall_len, off = 0; left >= 56; left -= 64, off += 16)
{
w0_t[0] = s_chall_buf[off + 0];
w0_t[1] = s_chall_buf[off + 1];
w0_t[2] = s_chall_buf[off + 2];
w0_t[3] = s_chall_buf[off + 3];
w1_t[0] = s_chall_buf[off + 4];
w1_t[1] = s_chall_buf[off + 5];
w1_t[2] = s_chall_buf[off + 6];
w1_t[3] = s_chall_buf[off + 7];
w2_t[0] = s_chall_buf[off + 8];
w2_t[1] = s_chall_buf[off + 9];
w2_t[2] = s_chall_buf[off + 10];
w2_t[3] = s_chall_buf[off + 11];
w3_t[0] = s_chall_buf[off + 12];
w3_t[1] = s_chall_buf[off + 13];
w3_t[2] = s_chall_buf[off + 14];
w3_t[3] = s_chall_buf[off + 15];
md5_transform_vector (w0_t, w1_t, w2_t, w3_t, ipad);
}
w0_t[0] = s_chall_buf[off + 0];
w0_t[1] = s_chall_buf[off + 1];
w0_t[2] = s_chall_buf[off + 2];
w0_t[3] = s_chall_buf[off + 3];
w1_t[0] = s_chall_buf[off + 4];
w1_t[1] = s_chall_buf[off + 5];
w1_t[2] = s_chall_buf[off + 6];
w1_t[3] = s_chall_buf[off + 7];
w2_t[0] = s_chall_buf[off + 8];
w2_t[1] = s_chall_buf[off + 9];
w2_t[2] = s_chall_buf[off + 10];
w2_t[3] = s_chall_buf[off + 11];
w3_t[0] = s_chall_buf[off + 12];
w3_t[1] = s_chall_buf[off + 13];
w3_t[2] = (64 + chall_len) * 8;
w3_t[3] = 0;
hmac_md5_run (w0_t, w1_t, w2_t, w3_t, ipad, opad, digest);
COMPARE_M_SIMD (digest[0], digest[3], digest[2], digest[1]);
}
}
KERNEL_FQ void m27100_m08 (KERN_ATTR_RULES_ESALT (netntlm_t))
{
}
KERNEL_FQ void m27100_m16 (KERN_ATTR_RULES_ESALT (netntlm_t))
{
}
KERNEL_FQ void m27100_s04 (KERN_ATTR_RULES_ESALT (netntlm_t))
{
/**
* modifier
*/
const u64 gid = get_global_id (0);
const u64 lid = get_local_id (0);
const u64 lsz = get_local_size (0);
/**
* salt
*/
LOCAL_VK u32 s_userdomain_buf[64];
for (u32 i = lid; i < 64; i += lsz)
{
s_userdomain_buf[i] = esalt_bufs[DIGESTS_OFFSET].userdomain_buf[i];
}
LOCAL_VK u32 s_chall_buf[256];
for (u32 i = lid; i < 256; i += lsz)
{
s_chall_buf[i] = esalt_bufs[DIGESTS_OFFSET].chall_buf[i];
}
SYNC_THREADS ();
if (gid >= gid_max) return;
const u32 userdomain_len = esalt_bufs[DIGESTS_OFFSET].user_len
+ esalt_bufs[DIGESTS_OFFSET].domain_len;
const u32 chall_len = esalt_bufs[DIGESTS_OFFSET].srvchall_len
+ esalt_bufs[DIGESTS_OFFSET].clichall_len;
/**
* base
*/
// u32 pw_buf0[4];
// u32 pw_buf1[4];
// pw_buf0[0] = pws[gid].i[0];
// pw_buf0[1] = pws[gid].i[1];
// pw_buf0[2] = pws[gid].i[2];
// pw_buf0[3] = pws[gid].i[3];
// pw_buf1[0] = pws[gid].i[4];
// pw_buf1[1] = pws[gid].i[5];
// pw_buf1[2] = pws[gid].i[6];
// pw_buf1[3] = pws[gid].i[7];
// const u32 pw_len = pws[gid].pw_len & 63;
/**
* digest
*/
const u32 search[4] =
{
digests_buf[DIGESTS_OFFSET].digest_buf[DGST_R0],
digests_buf[DIGESTS_OFFSET].digest_buf[DGST_R1],
digests_buf[DIGESTS_OFFSET].digest_buf[DGST_R2],
digests_buf[DIGESTS_OFFSET].digest_buf[DGST_R3]
};
/**
* loop
*/
for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE)
{
// u32x w0[4] = { 0 };
// u32x w1[4] = { 0 };
// u32x w2[4] = { 0 };
// u32x w3[4] = { 0 };
// const u32x out_len = apply_rules_vect_optimized (pw_buf0, pw_buf1, pw_len, rules_buf, il_pos, w0, w1);
// append_0x80_2x4_VV (w0, w1, out_len);
u32x w0_t[4];
u32x w1_t[4];
u32x w2_t[4];
u32x w3_t[4];
// make_utf16le (w0, w0_t, w1_t);
// make_utf16le (w1, w2_t, w3_t);
// w3_t[2] = out_len * 8 * 2;
// w3_t[3] = 0;
// u32x digest[4];
// digest[0] = pws[gid].i[ 0];
// digest[1] = pws[gid].i[ 1];
// digest[2] = pws[gid].i[ 2];
// digest[3] = pws[gid].i[ 3];
// md4_transform_vector (w0_t, w1_t, w2_t, w3_t, digest);
w0_t[0] = pws[gid].i[ 0];
w0_t[1] = pws[gid].i[ 1];
w0_t[2] = pws[gid].i[ 2];
w0_t[3] = pws[gid].i[ 3];
w1_t[0] = 0;
w1_t[1] = 0;
w1_t[2] = 0;
w1_t[3] = 0;
w2_t[0] = 0;
w2_t[1] = 0;
w2_t[2] = 0;
w2_t[3] = 0;
w3_t[0] = 0;
w3_t[1] = 0;
w3_t[2] = 0;
w3_t[3] = 0;
u32x digest[4];
digest[0] = MD5M_A;
digest[1] = MD5M_B;
digest[2] = MD5M_C;
digest[3] = MD5M_D;
u32x ipad[4];
u32x opad[4];
hmac_md5_pad (w0_t, w1_t, w2_t, w3_t, ipad, opad);
int left;
int off;
for (left = userdomain_len, off = 0; left >= 56; left -= 64, off += 16)
{
w0_t[0] = s_userdomain_buf[off + 0];
w0_t[1] = s_userdomain_buf[off + 1];
w0_t[2] = s_userdomain_buf[off + 2];
w0_t[3] = s_userdomain_buf[off + 3];
w1_t[0] = s_userdomain_buf[off + 4];
w1_t[1] = s_userdomain_buf[off + 5];
w1_t[2] = s_userdomain_buf[off + 6];
w1_t[3] = s_userdomain_buf[off + 7];
w2_t[0] = s_userdomain_buf[off + 8];
w2_t[1] = s_userdomain_buf[off + 9];
w2_t[2] = s_userdomain_buf[off + 10];
w2_t[3] = s_userdomain_buf[off + 11];
w3_t[0] = s_userdomain_buf[off + 12];
w3_t[1] = s_userdomain_buf[off + 13];
w3_t[2] = s_userdomain_buf[off + 14];
w3_t[3] = s_userdomain_buf[off + 15];
md5_transform_vector (w0_t, w1_t, w2_t, w3_t, ipad);
}
w0_t[0] = s_userdomain_buf[off + 0];
w0_t[1] = s_userdomain_buf[off + 1];
w0_t[2] = s_userdomain_buf[off + 2];
w0_t[3] = s_userdomain_buf[off + 3];
w1_t[0] = s_userdomain_buf[off + 4];
w1_t[1] = s_userdomain_buf[off + 5];
w1_t[2] = s_userdomain_buf[off + 6];
w1_t[3] = s_userdomain_buf[off + 7];
w2_t[0] = s_userdomain_buf[off + 8];
w2_t[1] = s_userdomain_buf[off + 9];
w2_t[2] = s_userdomain_buf[off + 10];
w2_t[3] = s_userdomain_buf[off + 11];
w3_t[0] = s_userdomain_buf[off + 12];
w3_t[1] = s_userdomain_buf[off + 13];
w3_t[2] = (64 + userdomain_len) * 8;
w3_t[3] = 0;
hmac_md5_run (w0_t, w1_t, w2_t, w3_t, ipad, opad, digest);
w0_t[0] = digest[0];
w0_t[1] = digest[1];
w0_t[2] = digest[2];
w0_t[3] = digest[3];
w1_t[0] = 0;
w1_t[1] = 0;
w1_t[2] = 0;
w1_t[3] = 0;
w2_t[0] = 0;
w2_t[1] = 0;
w2_t[2] = 0;
w2_t[3] = 0;
w3_t[0] = 0;
w3_t[1] = 0;
w3_t[2] = 0;
w3_t[3] = 0;
digest[0] = MD5M_A;
digest[1] = MD5M_B;
digest[2] = MD5M_C;
digest[3] = MD5M_D;
hmac_md5_pad (w0_t, w1_t, w2_t, w3_t, ipad, opad);
for (left = chall_len, off = 0; left >= 56; left -= 64, off += 16)
{
w0_t[0] = s_chall_buf[off + 0];
w0_t[1] = s_chall_buf[off + 1];
w0_t[2] = s_chall_buf[off + 2];
w0_t[3] = s_chall_buf[off + 3];
w1_t[0] = s_chall_buf[off + 4];
w1_t[1] = s_chall_buf[off + 5];
w1_t[2] = s_chall_buf[off + 6];
w1_t[3] = s_chall_buf[off + 7];
w2_t[0] = s_chall_buf[off + 8];
w2_t[1] = s_chall_buf[off + 9];
w2_t[2] = s_chall_buf[off + 10];
w2_t[3] = s_chall_buf[off + 11];
w3_t[0] = s_chall_buf[off + 12];
w3_t[1] = s_chall_buf[off + 13];
w3_t[2] = s_chall_buf[off + 14];
w3_t[3] = s_chall_buf[off + 15];
md5_transform_vector (w0_t, w1_t, w2_t, w3_t, ipad);
}
w0_t[0] = s_chall_buf[off + 0];
w0_t[1] = s_chall_buf[off + 1];
w0_t[2] = s_chall_buf[off + 2];
w0_t[3] = s_chall_buf[off + 3];
w1_t[0] = s_chall_buf[off + 4];
w1_t[1] = s_chall_buf[off + 5];
w1_t[2] = s_chall_buf[off + 6];
w1_t[3] = s_chall_buf[off + 7];
w2_t[0] = s_chall_buf[off + 8];
w2_t[1] = s_chall_buf[off + 9];
w2_t[2] = s_chall_buf[off + 10];
w2_t[3] = s_chall_buf[off + 11];
w3_t[0] = s_chall_buf[off + 12];
w3_t[1] = s_chall_buf[off + 13];
w3_t[2] = (64 + chall_len) * 8;
w3_t[3] = 0;
hmac_md5_run (w0_t, w1_t, w2_t, w3_t, ipad, opad, digest);
COMPARE_S_SIMD (digest[0], digest[3], digest[2], digest[1]);
}
}
KERNEL_FQ void m27100_s08 (KERN_ATTR_RULES_ESALT (netntlm_t))
{
}
KERNEL_FQ void m27100_s16 (KERN_ATTR_RULES_ESALT (netntlm_t))
{
}

214
OpenCL/m27100_a0-pure.cl
View File

@ -1,214 +0,0 @@
/**
* Author......: See docs/credits.txt
* License.....: MIT
*/
//#define NEW_SIMD_CODE
#ifdef KERNEL_STATIC
#include "inc_vendor.h"
#include "inc_types.h"
#include "inc_platform.cl"
#include "inc_common.cl"
#include "inc_rp.h"
#include "inc_rp.cl"
#include "inc_scalar.cl"
#include "inc_hash_md4.cl"
#include "inc_hash_md5.cl"
#endif
typedef struct netntlm
{
u32 user_len;
u32 domain_len;
u32 srvchall_len;
u32 clichall_len;
u32 userdomain_buf[64];
u32 chall_buf[256];
} netntlm_t;
KERNEL_FQ void m27100_mxx (KERN_ATTR_RULES_ESALT (netntlm_t))
{
/**
* modifier
*/
const u64 lid = get_local_id (0);
const u64 gid = get_global_id (0);
if (gid >= gid_max) return;
/**
* base
*/
u32 w0[4];
u32 w1[4];
u32 w2[4];
u32 w3[4];
w0[0] = pws[gid].i[ 0];
w0[1] = pws[gid].i[ 1];
w0[2] = pws[gid].i[ 2];
w0[3] = pws[gid].i[ 3];
w1[0] = 0;
w1[1] = 0;
w1[2] = 0;
w1[3] = 0;
w2[0] = 0;
w2[1] = 0;
w2[2] = 0;
w2[3] = 0;
w3[0] = 0;
w3[1] = 0;
w3[2] = 0;
w3[3] = 0;
/**
* loop
*/
for (u32 il_pos = 0; il_pos < il_cnt; il_pos++)
{
md5_hmac_ctx_t ctx0;
md5_hmac_init_64 (&ctx0, w0, w1, w2, w3);
md5_hmac_update_global (&ctx0, esalt_bufs[DIGESTS_OFFSET].userdomain_buf, esalt_bufs[DIGESTS_OFFSET].user_len + esalt_bufs[DIGESTS_OFFSET].domain_len);
md5_hmac_final (&ctx0);
w0[0] = ctx0.opad.h[0];
w0[1] = ctx0.opad.h[1];
w0[2] = ctx0.opad.h[2];
w0[3] = ctx0.opad.h[3];
w1[0] = 0;
w1[1] = 0;
w1[2] = 0;
w1[3] = 0;
w2[0] = 0;
w2[1] = 0;
w2[2] = 0;
w2[3] = 0;
w3[0] = 0;
w3[1] = 0;
w3[2] = 0;
w3[3] = 0;
md5_hmac_ctx_t ctx;
md5_hmac_init_64 (&ctx, w0, w1, w2, w3);
md5_hmac_update_global (&ctx, esalt_bufs[DIGESTS_OFFSET].chall_buf, esalt_bufs[DIGESTS_OFFSET].srvchall_len + esalt_bufs[DIGESTS_OFFSET].clichall_len);
md5_hmac_final (&ctx);
const u32 r0 = ctx.opad.h[DGST_R0];
const u32 r1 = ctx.opad.h[DGST_R1];
const u32 r2 = ctx.opad.h[DGST_R2];
const u32 r3 = ctx.opad.h[DGST_R3];
COMPARE_M_SCALAR (r0, r1, r2, r3);
}
}
KERNEL_FQ void m27100_sxx (KERN_ATTR_RULES_ESALT (netntlm_t))
{
/**
* modifier
*/
const u64 lid = get_local_id (0);
const u64 gid = get_global_id (0);
if (gid >= gid_max) return;
/**
* digest
*/
const u32 search[4] =
{
digests_buf[DIGESTS_OFFSET].digest_buf[DGST_R0],
digests_buf[DIGESTS_OFFSET].digest_buf[DGST_R1],
digests_buf[DIGESTS_OFFSET].digest_buf[DGST_R2],
digests_buf[DIGESTS_OFFSET].digest_buf[DGST_R3]
};
/**
* base
*/
u32 w0[4];
u32 w1[4];
u32 w2[4];
u32 w3[4];
w0[0] = pws[gid].i[ 0];
w0[1] = pws[gid].i[ 1];
w0[2] = pws[gid].i[ 2];
w0[3] = pws[gid].i[ 3];
w1[0] = 0;
w1[1] = 0;
w1[2] = 0;
w1[3] = 0;
w2[0] = 0;
w2[1] = 0;
w2[2] = 0;
w2[3] = 0;
w3[0] = 0;
w3[1] = 0;
w3[2] = 0;
w3[3] = 0;
/**
* loop
*/
for (u32 il_pos = 0; il_pos < il_cnt; il_pos++)
{
md5_hmac_ctx_t ctx0;
md5_hmac_init_64 (&ctx0, w0, w1, w2, w3);
md5_hmac_update_global (&ctx0, esalt_bufs[DIGESTS_OFFSET].userdomain_buf, esalt_bufs[DIGESTS_OFFSET].user_len + esalt_bufs[DIGESTS_OFFSET].domain_len);
md5_hmac_final (&ctx0);
w0[0] = ctx0.opad.h[0];
w0[1] = ctx0.opad.h[1];
w0[2] = ctx0.opad.h[2];
w0[3] = ctx0.opad.h[3];
w1[0] = 0;
w1[1] = 0;
w1[2] = 0;
w1[3] = 0;
w2[0] = 0;
w2[1] = 0;
w2[2] = 0;
w2[3] = 0;
w3[0] = 0;
w3[1] = 0;
w3[2] = 0;
w3[3] = 0;
md5_hmac_ctx_t ctx;
md5_hmac_init_64 (&ctx, w0, w1, w2, w3);
md5_hmac_update_global (&ctx, esalt_bufs[DIGESTS_OFFSET].chall_buf, esalt_bufs[DIGESTS_OFFSET].srvchall_len + esalt_bufs[DIGESTS_OFFSET].clichall_len);
md5_hmac_final (&ctx);
const u32 r0 = ctx.opad.h[DGST_R0];
const u32 r1 = ctx.opad.h[DGST_R1];
const u32 r2 = ctx.opad.h[DGST_R2];
const u32 r3 = ctx.opad.h[DGST_R3];
COMPARE_S_SCALAR (r0, r1, r2, r3);
}
}

260
OpenCL/m27100_a3-pure.cl
View File

@ -1,260 +0,0 @@
/**
* Author......: See docs/credits.txt
* License.....: MIT
*/
//#define NEW_SIMD_CODE
#ifdef KERNEL_STATIC
#include "inc_vendor.h"
#include "inc_types.h"
#include "inc_platform.cl"
#include "inc_common.cl"
#include "inc_scalar.cl"
#include "inc_hash_md4.cl"
#include "inc_hash_md5.cl"
#endif
typedef struct netntlm
{
u32 user_len;
u32 domain_len;
u32 srvchall_len;
u32 clichall_len;
u32 userdomain_buf[64];
u32 chall_buf[256];
} netntlm_t;
KERNEL_FQ void m27100_mxx (KERN_ATTR_VECTOR_ESALT (netntlm_t))
{
/**
* modifier
*/
const u64 lid = get_local_id (0);
const u64 gid = get_global_id (0);
if (gid >= gid_max) return;
/**
* base
*/
const u32 pw_len = pws[gid].pw_len;
u32 w[64] = { 0 };
for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1)
{
w[idx] = pws[gid].i[idx];
}
/**
* loop
*/
u32 w0l = w[0];
for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE)
{
const u32 w0r = words_buf_r[il_pos / VECT_SIZE];
const u32 w0lr = w0l | w0r;
w[0] = w0lr;
// md4_ctx_t ctx1;
// md4_init (&ctx1);
// md4_update_utf16le (&ctx1, w, pw_len);
// md4_final (&ctx1);
u32 w0[4];
u32 w1[4];
u32 w2[4];
u32 w3[4];
w0[0] = w[0];
w0[1] = w[1];
w0[2] = w[2];
w0[3] = w[3];
w1[0] = 0;
w1[1] = 0;
w1[2] = 0;
w1[3] = 0;
w2[0] = 0;
w2[1] = 0;
w2[2] = 0;
w2[3] = 0;
w3[0] = 0;
w3[1] = 0;
w3[2] = 0;
w3[3] = 0;
md5_hmac_ctx_t ctx0;
md5_hmac_init_64 (&ctx0, w0, w1, w2, w3);
md5_hmac_update_global (&ctx0, esalt_bufs[DIGESTS_OFFSET].userdomain_buf, esalt_bufs[DIGESTS_OFFSET].user_len + esalt_bufs[DIGESTS_OFFSET].domain_len);
md5_hmac_final (&ctx0);
w0[0] = ctx0.opad.h[0];
w0[1] = ctx0.opad.h[1];
w0[2] = ctx0.opad.h[2];
w0[3] = ctx0.opad.h[3];
w1[0] = 0;
w1[1] = 0;
w1[2] = 0;
w1[3] = 0;
w2[0] = 0;
w2[1] = 0;
w2[2] = 0;
w2[3] = 0;
w3[0] = 0;
w3[1] = 0;
w3[2] = 0;
w3[3] = 0;
md5_hmac_ctx_t ctx;
md5_hmac_init_64 (&ctx, w0, w1, w2, w3);
md5_hmac_update_global (&ctx, esalt_bufs[DIGESTS_OFFSET].chall_buf, esalt_bufs[DIGESTS_OFFSET].srvchall_len + esalt_bufs[DIGESTS_OFFSET].clichall_len);
md5_hmac_final (&ctx);
const u32 r0 = ctx.opad.h[DGST_R0];
const u32 r1 = ctx.opad.h[DGST_R1];
const u32 r2 = ctx.opad.h[DGST_R2];
const u32 r3 = ctx.opad.h[DGST_R3];
COMPARE_M_SCALAR (r0, r1, r2, r3);
}
}
KERNEL_FQ void m27100_sxx (KERN_ATTR_VECTOR_ESALT (netntlm_t))
{
/**
* modifier
*/
const u64 lid = get_local_id (0);
const u64 gid = get_global_id (0);
if (gid >= gid_max) return;
/**
* digest
*/
const u32 search[4] =
{
digests_buf[DIGESTS_OFFSET].digest_buf[DGST_R0],
digests_buf[DIGESTS_OFFSET].digest_buf[DGST_R1],
digests_buf[DIGESTS_OFFSET].digest_buf[DGST_R2],
digests_buf[DIGESTS_OFFSET].digest_buf[DGST_R3]
};
/**
* base
*/
const u32 pw_len = pws[gid].pw_len;
u32 w[64] = { 0 };
for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1)
{
w[idx] = pws[gid].i[idx];
}
/**
* loop
*/
u32 w0l = w[0];
for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE)
{
const u32 w0r = words_buf_r[il_pos / VECT_SIZE];
const u32 w0lr = w0l | w0r;
w[0] = w0lr;
// md4_ctx_t ctx1;
// md4_init (&ctx1);
// md4_update_utf16le (&ctx1, w, pw_len);
// md4_final (&ctx1);
u32 w0[4];
u32 w1[4];
u32 w2[4];
u32 w3[4];
w0[0] = w[0];
w0[1] = w[1];
w0[2] = w[2];
w0[3] = w[3];
w1[0] = 0;
w1[1] = 0;
w1[2] = 0;
w1[3] = 0;
w2[0] = 0;
w2[1] = 0;
w2[2] = 0;
w2[3] = 0;
w3[0] = 0;
w3[1] = 0;
w3[2] = 0;
w3[3] = 0;
md5_hmac_ctx_t ctx0;
md5_hmac_init_64 (&ctx0, w0, w1, w2, w3);
md5_hmac_update_global (&ctx0, esalt_bufs[DIGESTS_OFFSET].userdomain_buf, esalt_bufs[DIGESTS_OFFSET].user_len + esalt_bufs[DIGESTS_OFFSET].domain_len);
md5_hmac_final (&ctx0);
w0[0] = ctx0.opad.h[0];
w0[1] = ctx0.opad.h[1];
w0[2] = ctx0.opad.h[2];
w0[3] = ctx0.opad.h[3];
w1[0] = 0;
w1[1] = 0;
w1[2] = 0;
w1[3] = 0;
w2[0] = 0;
w2[1] = 0;
w2[2] = 0;
w2[3] = 0;
w3[0] = 0;
w3[1] = 0;
w3[2] = 0;
w3[3] = 0;
md5_hmac_ctx_t ctx;
md5_hmac_init_64 (&ctx, w0, w1, w2, w3);
md5_hmac_update_global (&ctx, esalt_bufs[DIGESTS_OFFSET].chall_buf, esalt_bufs[DIGESTS_OFFSET].srvchall_len + esalt_bufs[DIGESTS_OFFSET].clichall_len);
md5_hmac_final (&ctx);
const u32 r0 = ctx.opad.h[DGST_R0];
const u32 r1 = ctx.opad.h[DGST_R1];
const u32 r2 = ctx.opad.h[DGST_R2];
const u32 r3 = ctx.opad.h[DGST_R3];
COMPARE_S_SCALAR (r0, r1, r2, r3);
}
}

20
src/modules/module_27100.c
View File

@ -12,7 +12,7 @@
#include "emu_inc_cipher_des.h"
#include "emu_inc_hash_md5.h"
static const u32 ATTACK_EXEC = ATTACK_EXEC_INSIDE_KERNEL;
static const u32 ATTACK_EXEC = ATTACK_EXEC_OUTSIDE_KERNEL;
static const u32 DGST_POS0 = 0;
static const u32 DGST_POS1 = 3;
static const u32 DGST_POS2 = 2;
@ -44,6 +44,12 @@ typedef struct netntlm
} netntlm_t;
typedef struct netntlmv2_tmp
{
u32 digest_buf[4];
} netntlm_tmp_t;
u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; }
u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; }
u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; }
@ -59,6 +65,13 @@ u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig,
const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; }
const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; }
u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra)
{
const u64 tmp_size = (const u64) sizeof (netntlm_tmp_t);
return tmp_size;
}
u64 module_esalt_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra)
{
const u64 esalt_size = (const u64) sizeof (netntlm_t);
@ -228,6 +241,9 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
salt->salt_len = 16;
// Why my _loop wasnt being called and what was causing me such confusion :D
salt->salt_iter = 1;
return (PARSER_OK);
}
@ -383,7 +399,7 @@ void module_init (module_ctx_t *module_ctx)
module_ctx->module_separator = MODULE_DEFAULT;
module_ctx->module_st_hash = module_st_hash;
module_ctx->module_st_pass = module_st_pass;
module_ctx->module_tmp_size = MODULE_DEFAULT;
module_ctx->module_tmp_size = module_tmp_size;
module_ctx->module_unstable_warning = MODULE_DEFAULT;
module_ctx->module_warmup_disable = MODULE_DEFAULT;
}