diff --git a/OpenCL/m21600-pure.cl b/OpenCL/m21600-pure.cl index ad4fe7f9c..72da070f6 100644 --- a/OpenCL/m21600-pure.cl +++ b/OpenCL/m21600-pure.cl @@ -17,7 +17,7 @@ #define COMPARE_S "inc_comp_single.cl" #define COMPARE_M "inc_comp_multi.cl" -typedef struct pbkdf2_sha512_tmp +typedef struct web2py_sha512_tmp { u64 ipad[8]; u64 opad[8]; @@ -25,17 +25,7 @@ typedef struct pbkdf2_sha512_tmp u64 dgst[16]; u64 out[16]; -} pbkdf2_sha512_tmp_t; - -typedef struct pbkdf2_sha512 -{ - u32 salt_buf[64]; - u32 hash_buf[64]; - u32 salt_iter; - u32 salt_len; - u32 hash_len; - -} pbkdf2_sha512_t; +} web2py_sha512_tmp_t; DECLSPEC void hmac_sha512_run_V (u32x *w0, u32x *w1, u32x *w2, u32x *w3, u32x *w4, u32x *w5, u32x *w6, u32x *w7, u64x *ipad, u64x *opad, u64x *digest) { @@ -95,7 +85,7 @@ DECLSPEC void hmac_sha512_run_V (u32x *w0, u32x *w1, u32x *w2, u32x *w3, u32x *w sha512_transform_vector (w0, w1, w2, w3, w4, w5, w6, w7, digest); } -KERNEL_FQ void m21600_init (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, pbkdf2_sha512_t)) +KERNEL_FQ void m21600_init (KERN_ATTR_TMPS (web2py_sha512_tmp_t)) { /** * base @@ -127,7 +117,7 @@ KERNEL_FQ void m21600_init (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, pbkdf2_sh tmps[gid].opad[6] = sha512_hmac_ctx.opad.h[6]; tmps[gid].opad[7] = sha512_hmac_ctx.opad.h[7]; - sha512_hmac_update_global_swap (&sha512_hmac_ctx, esalt_bufs[digests_offset].salt_buf, salt_bufs[salt_pos].salt_len); + sha512_hmac_update_global_swap (&sha512_hmac_ctx, salt_bufs[salt_pos].salt_buf, salt_bufs[salt_pos].salt_len); for (u32 i = 0, j = 1; i < 8; i += 8, j += 1) { @@ -199,7 +189,7 @@ KERNEL_FQ void m21600_init (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, pbkdf2_sh } } -KERNEL_FQ void m21600_loop (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, pbkdf2_sha512_t)) +KERNEL_FQ void m21600_loop (KERN_ATTR_TMPS (web2py_sha512_tmp_t)) { const u64 gid = get_global_id (0); @@ -325,7 +315,7 @@ KERNEL_FQ void m21600_loop (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, pbkdf2_sh } } -KERNEL_FQ void m21600_comp (KERN_ATTR_TMPS_ESALT (pbkdf2_sha512_tmp_t, pbkdf2_sha512_t)) +KERNEL_FQ void m21600_comp (KERN_ATTR_TMPS (web2py_sha512_tmp_t)) { /** * base diff --git a/docs/changes.txt b/docs/changes.txt index a0b48234d..66596c268 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -54,7 +54,7 @@ - Added hash-mode: sha256(md5($pass)) - Added hash-mode: sha256(sha256_bin(pass)) - Added hash-mode: sha256(sha256($pass).$salt) -- Added hash-mode: pbkdf2(iter,20,sha512) (web2py variant) +- Added hash-mode: Web2py pbkdf2-sha512 ## ## Bugs diff --git a/docs/credits.txt b/docs/credits.txt index 4802d4024..71ad760fa 100644 --- a/docs/credits.txt +++ b/docs/credits.txt @@ -79,6 +79,6 @@ Brandon Chalk (@brandoncasaba) * Kerberos Pre-Auth 17/18 kernel module, ported from @Fist0urs TGS kernel modules Jamie Riden -* module_21600.c - web2py pbkdf2 variant +* Web2py pbkdf2-sha512 plugin !!! All the package maintainer of hashcat !!! diff --git a/docs/readme.txt b/docs/readme.txt index a9027bea1..f1fdeb7e2 100644 --- a/docs/readme.txt +++ b/docs/readme.txt @@ -133,7 +133,6 @@ NVIDIA GPUs require "NVIDIA Driver" (418.56 or later) and "CUDA Toolkit" (10.1 o - PBKDF2-HMAC-SHA1 - PBKDF2-HMAC-SHA256 - PBKDF2-HMAC-SHA512 -- web2py variant of PBKDF2-HMAC-SHA512 - scrypt - phpass - Ansible Vault @@ -305,8 +304,6 @@ NVIDIA GPUs require "NVIDIA Driver" (418.56 or later) and "CUDA Toolkit" (10.1 o - SMF (Simple Machines Forum) > v1.1 - MediaWiki B type - Redmine -- Django (PBKDF2-SHA256) -- Django (SHA-1) - Joomla < 2.5.18 - OpenCart - PrestaShop @@ -315,6 +312,9 @@ NVIDIA GPUs require "NVIDIA Driver" (418.56 or later) and "CUDA Toolkit" (10.1 o - osCommerce, xt:Commerce - PunBB - MyBB 1.2+, IPB2+ (Invision Power Board) +- Django (PBKDF2-SHA256) +- Django (SHA-1) +- Web2py pbkdf2-sha512 - TOTP (HMAC-SHA1) ## diff --git a/include/types.h b/include/types.h index 66071088a..8b4901b64 100644 --- a/include/types.h +++ b/include/types.h @@ -431,7 +431,7 @@ typedef enum opts_type typedef enum dgst_size { DGST_SIZE_4_2 = (2 * sizeof (u32)), // 8 - DGST_SIZE_4_4 = (4 * sizeof (u32)), // 16 + DGST_SIZE_4_4 = (4 * sizeof (u32)), // 16 !!! DGST_SIZE_4_5 = (5 * sizeof (u32)), // 20 DGST_SIZE_4_6 = (6 * sizeof (u32)), // 24 DGST_SIZE_4_7 = (7 * sizeof (u32)), // 28 @@ -439,6 +439,7 @@ typedef enum dgst_size DGST_SIZE_4_16 = (16 * sizeof (u32)), // 64 !!! DGST_SIZE_4_32 = (32 * sizeof (u32)), // 128 !!! DGST_SIZE_4_64 = (64 * sizeof (u32)), // 256 + DGST_SIZE_8_2 = (2 * sizeof (u64)), // 16 !!! DGST_SIZE_8_8 = (8 * sizeof (u64)), // 64 !!! DGST_SIZE_8_16 = (16 * sizeof (u64)), // 128 !!! DGST_SIZE_8_25 = (25 * sizeof (u64)) // 200 diff --git a/src/modules/module_00124.c b/src/modules/module_00124.c index aadcd4d27..8587d8ca8 100644 --- a/src/modules/module_00124.c +++ b/src/modules/module_00124.c @@ -16,7 +16,7 @@ static const u32 DGST_POS1 = 4; static const u32 DGST_POS2 = 2; static const u32 DGST_POS3 = 1; static const u32 DGST_SIZE = DGST_SIZE_4_5; -static const u32 HASH_CATEGORY = HASH_CATEGORY_FORUM_SOFTWARE; +static const u32 HASH_CATEGORY = HASH_CATEGORY_FRAMEWORK; static const char *HASH_NAME = "Django (SHA-1)"; static const u64 KERN_TYPE = 120; static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE diff --git a/src/modules/module_10000.c b/src/modules/module_10000.c index 8878b3ffe..dff0015e2 100644 --- a/src/modules/module_10000.c +++ b/src/modules/module_10000.c @@ -16,7 +16,7 @@ static const u32 DGST_POS1 = 1; static const u32 DGST_POS2 = 2; static const u32 DGST_POS3 = 3; static const u32 DGST_SIZE = DGST_SIZE_4_32; -static const u32 HASH_CATEGORY = HASH_CATEGORY_FORUM_SOFTWARE; +static const u32 HASH_CATEGORY = HASH_CATEGORY_FRAMEWORK; static const char *HASH_NAME = "Django (PBKDF2-SHA256)"; static const u64 KERN_TYPE = 10900; static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE diff --git a/src/modules/module_21600.c b/src/modules/module_21600.c index e42f5f186..27d0a11aa 100644 --- a/src/modules/module_21600.c +++ b/src/modules/module_21600.c @@ -15,17 +15,17 @@ static const u32 DGST_POS0 = 0; static const u32 DGST_POS1 = 1; static const u32 DGST_POS2 = 2; static const u32 DGST_POS3 = 3; -static const u32 DGST_SIZE = DGST_SIZE_8_16; +static const u32 DGST_SIZE = DGST_SIZE_8_2; static const u32 HASH_CATEGORY = HASH_CATEGORY_FRAMEWORK; -static const char *HASH_NAME = "web2py PBKDF2-HMAC-SHA512"; +static const char *HASH_NAME = "Web2py pbkdf2-sha512"; static const u64 KERN_TYPE = 21600; static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE | OPTI_TYPE_USES_BITS_64 - | OPTI_TYPE_SLOW_HASH_SIMD_LOOP ; -static const u64 OPTS_TYPE = OPTS_TYPE_PT_GENERATE_LE ; + | OPTI_TYPE_SLOW_HASH_SIMD_LOOP; +static const u64 OPTS_TYPE = OPTS_TYPE_PT_GENERATE_LE; static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; -static const char *ST_PASS = "mysecret"; -static const char *ST_HASH = "pbkdf2(1000,20,sha512)$a2a2ca127df6bc19$77bb5a3d129e2ce710daaefeefef8356c4c827ff"; +static const char *ST_PASS = "hashcat"; +static const char *ST_HASH = "pbkdf2(1000,20,sha512)$29$6899d434e831b6332b415019ba9b893f"; u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } @@ -42,20 +42,10 @@ u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } -static const char *SIGNATURE_WEB2PY = "pbkdf2"; -static const char *SIGNATURE_WEB2PY_PARAMS = "20,sha512)"; +static const char *SIGNATURE_WEB2PY_START = "pbkdf2"; +static const char *SIGNATURE_WEB2PY_STOP = "20,sha512)"; -typedef struct pbkdf2_sha512 -{ - u32 salt_buf[64]; - u32 hash_buf[64]; - u32 salt_iter; - u32 salt_len; - u32 hash_len; - -} pbkdf2_sha512_t; - -typedef struct pbkdf2_sha512_tmp +typedef struct web2py_sha512_tmp { u64 ipad[8]; u64 opad[8]; @@ -63,18 +53,11 @@ typedef struct pbkdf2_sha512_tmp u64 dgst[16]; u64 out[16]; -} pbkdf2_sha512_tmp_t; - -u64 module_esalt_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) -{ - const u64 esalt_size = (const u64) sizeof (pbkdf2_sha512_t); - - return esalt_size; -} +} web2py_sha512_tmp_t; u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { - const u64 tmp_size = (const u64) sizeof (pbkdf2_sha512_tmp_t); + const u64 tmp_size = (const u64) sizeof (web2py_sha512_tmp_t); return tmp_size; } @@ -105,133 +88,96 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE { u64 *digest = (u64 *) digest_buf; - pbkdf2_sha512_t *pbkdf2_sha512 = (pbkdf2_sha512_t *) esalt_buf; - token_t token; - token.token_cnt = 4; + token.token_cnt = 5; - token.signatures_cnt = 1; - token.signatures_buf[0] = SIGNATURE_WEB2PY; + token.signatures_cnt = 2; + token.signatures_buf[0] = SIGNATURE_WEB2PY_START; + token.signatures_buf[1] = SIGNATURE_WEB2PY_STOP; + token.sep[0] = '('; token.len_min[0] = 6; token.len_max[0] = 6; - token.sep[0] = '('; token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH | TOKEN_ATTR_VERIFY_SIGNATURE; - // skip the rest - token.sep[1] = '$'; - token.len_min[1] = 2; - token.len_max[1] = 280; - token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH ; + token.sep[1] = ','; + token.len_min[1] = 1; + token.len_max[1] = 8; + token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_DIGIT; token.sep[2] = '$'; - token.len_min[2] = SALT_MIN; - token.len_max[2] = SALT_MAX; - token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH ; + token.len_min[2] = 10; + token.len_max[2] = 10; + token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_SIGNATURE; + + token.sep[3] = '$'; + token.len_min[3] = SALT_MIN; + token.len_max[3] = SALT_MAX; + token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH; - token.len_min[3] = 16; - token.len_max[3] = 256; - token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH - | TOKEN_ATTR_VERIFY_HEX; + token.len_min[4] = 32; + token.len_max[4] = 32; + token.attr[4] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_HEX; const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); - // iteration count - - const u8 *iter_pos = token.buf[0] + 7; - - u8* trail; - - const u32 iter = hc_strtoul ((const char *) iter_pos, (char**) &trail, 10); - - salt->salt_iter = iter - 1; - - pbkdf2_sha512->salt_iter = salt->salt_iter; - - // match "20,sha512" for next bit after the iterator - if (strncmp((const char*) trail+1,SIGNATURE_WEB2PY_PARAMS,10)!=0) - { - return (PARSER_SIGNATURE_UNMATCHED); - } - // salt - const u8 *salt_pos = token.buf[2]; - const int salt_len = token.len[2]; - - memcpy (pbkdf2_sha512->salt_buf, salt_pos, salt_len); + const u8 *salt_pos = token.buf[3]; + const int salt_len = token.len[3]; - pbkdf2_sha512->salt_len=salt_len; + const bool parse_rc = generic_salt_decode (hashconfig, salt_pos, salt_len, (u8 *) salt->salt_buf, (int *) &salt->salt_len); - salt->salt_len = salt_len; + if (parse_rc == false) return (PARSER_SALT_LENGTH); - salt->salt_buf[0] = pbkdf2_sha512->salt_buf[0]; - salt->salt_buf[1] = pbkdf2_sha512->salt_buf[1]; - salt->salt_buf[2] = pbkdf2_sha512->salt_buf[2]; - salt->salt_buf[3] = pbkdf2_sha512->salt_buf[3]; - salt->salt_buf[4] = pbkdf2_sha512->salt_buf[4]; - salt->salt_buf[5] = pbkdf2_sha512->salt_buf[5]; - salt->salt_buf[6] = pbkdf2_sha512->salt_buf[6]; - salt->salt_buf[7] = pbkdf2_sha512->salt_buf[7]; + salt->salt_iter = hc_strtoul ((const char *) token.buf[1], NULL, 10) - 1; // hash - const u8 *hash_pos = token.buf[3]; - const int hash_len = token.len[3]; + const u8 *hash_pos = token.buf[4]; - digest[0] = hex_to_u64 (hash_pos + 0); - digest[1] = hex_to_u64 (hash_pos + 16); - digest[2] = hex_to_u64 (hash_pos + 32); - digest[3] = hex_to_u64 (hash_pos + 48); - digest[4] = hex_to_u64 (hash_pos + 64); - digest[5] = hex_to_u64 (hash_pos + 80); - digest[6] = hex_to_u64 (hash_pos + 96); - digest[7] = hex_to_u64 (hash_pos + 112); + digest[0] = hex_to_u64 (hash_pos + 0); + digest[1] = hex_to_u64 (hash_pos + 16); digest[0] = byte_swap_64 (digest[0]); digest[1] = byte_swap_64 (digest[1]); - digest[2] = byte_swap_64 (digest[2]); - digest[3] = byte_swap_64 (digest[3]); - digest[4] = byte_swap_64 (digest[4]); - digest[5] = byte_swap_64 (digest[5]); - digest[6] = byte_swap_64 (digest[6]); - digest[7] = byte_swap_64 (digest[7]); - - memcpy (pbkdf2_sha512->hash_buf, hash_pos, hash_len); - - pbkdf2_sha512->hash_len=hash_len; return (PARSER_OK); } int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) { + const u64 *digest = (const u64 *) digest_buf; - pbkdf2_sha512_t *pbkdf2_sha512 = (pbkdf2_sha512_t *) esalt_buf; + u8 *out_buf = (u8 *) line_buf; - int line_len = snprintf(line_buf, line_size, "pbkdf2(%d,20,sha512)$", pbkdf2_sha512->salt_iter+1); + int out_len = snprintf ((char *) out_buf, line_size, "%s(%d,%s$", SIGNATURE_WEB2PY_START, salt->salt_iter + 1, SIGNATURE_WEB2PY_STOP); - u8 *salt_pos = (u8*) pbkdf2_sha512->salt_buf; + out_len += generic_salt_encode (hashconfig, (const u8 *) salt->salt_buf, (const int) salt->salt_len, out_buf + out_len); - for (u32 i = 0; i < pbkdf2_sha512->salt_len; i++) - { - line_len += snprintf (line_buf + line_len, line_size, "%c", *salt_pos++); - } + out_buf[out_len] = '$'; - line_len += snprintf (line_buf + line_len, line_size, "$"); + out_len += 1; - u8 *hash_pos = (u8*) pbkdf2_sha512->hash_buf; - - for (u32 i = 0; i < pbkdf2_sha512->hash_len; i++) - { - line_len += snprintf (line_buf + line_len, line_size - line_len, "%c", *hash_pos++); - } + u64 tmp[2]; + + tmp[0] = digest[0]; + tmp[1] = digest[1]; + + tmp[0] = byte_swap_64 (tmp[0]); + tmp[1] = byte_swap_64 (tmp[1]); + + u64_to_hex (tmp[0], out_buf + out_len); out_len += 16; + u64_to_hex (tmp[1], out_buf + out_len); out_len += 16; - return line_len; + return out_len; } void module_init (module_ctx_t *module_ctx) @@ -252,7 +198,7 @@ void module_init (module_ctx_t *module_ctx) module_ctx->module_dgst_pos3 = module_dgst_pos3; module_ctx->module_dgst_size = module_dgst_size; module_ctx->module_dictstat_disable = MODULE_DEFAULT; - module_ctx->module_esalt_size = module_esalt_size; + module_ctx->module_esalt_size = MODULE_DEFAULT; module_ctx->module_extra_buffer_size = MODULE_DEFAULT; module_ctx->module_extra_tmp_size = MODULE_DEFAULT; module_ctx->module_forced_outfile_format = MODULE_DEFAULT; diff --git a/src/shared.c b/src/shared.c index 504cbd3dd..0cb1323d3 100644 --- a/src/shared.c +++ b/src/shared.c @@ -83,7 +83,7 @@ static const char *HASH_CATEGORY_RAW_HASH_AUTHENTICATED_STR = "Raw Hash, Authent static const char *HASH_CATEGORY_RAW_CIPHER_KPA_STR = "Raw Cipher, Known-Plaintext attack"; static const char *HASH_CATEGORY_GENERIC_KDF_STR = "Generic KDF"; static const char *HASH_CATEGORY_NETWORK_PROTOCOL_STR = "Network Protocols"; -static const char *HASH_CATEGORY_FORUM_SOFTWARE_STR = "Forums, CMS, E-Commerce, Frameworks"; +static const char *HASH_CATEGORY_FORUM_SOFTWARE_STR = "Forums, CMS, E-Commerce"; static const char *HASH_CATEGORY_DATABASE_SERVER_STR = "Database Server"; static const char *HASH_CATEGORY_NETWORK_SERVER_STR = "FTP, HTTP, SMTP, LDAP Server"; static const char *HASH_CATEGORY_RAW_CHECKSUM_STR = "Raw Checksum";