mirror of
https://github.com/hashcat/hashcat.git
synced 2024-12-22 22:58:30 +00:00
Make use of module_constraints more easy and fix some modes
This commit is contained in:
parent
eeff037365
commit
ac0560fd4a
131
tools/test.pl
131
tools/test.pl
@ -37,7 +37,7 @@ exists &{module_verify_hash} or die "Module function 'module_verify_hash' not
|
||||
my $giveup_at = 1000000;
|
||||
my $single_outputs = 8;
|
||||
|
||||
my $constraints = module_constraints ();
|
||||
my $constraints = get_module_constraints ();
|
||||
|
||||
if ($TYPE eq 'single')
|
||||
{
|
||||
@ -67,11 +67,13 @@ sub single
|
||||
|
||||
my $format = "echo %-31s | ./hashcat \${OPTS} -a 0 -m %d '%s'\n";
|
||||
|
||||
my $db_word_len = init_db_word_rand (($IS_OPTIMIZED == 1) ? $constraints->[2]->[0] : $constraints->[0]->[0],
|
||||
($IS_OPTIMIZED == 1) ? $constraints->[2]->[1] : $constraints->[0]->[1]);
|
||||
my $word_min = ($IS_OPTIMIZED == 1) ? $constraints->[2]->[0] : $constraints->[0]->[0];
|
||||
my $word_max = ($IS_OPTIMIZED == 1) ? $constraints->[2]->[1] : $constraints->[0]->[1];
|
||||
my $salt_min = ($IS_OPTIMIZED == 1) ? $constraints->[3]->[0] : $constraints->[1]->[0];
|
||||
my $salt_max = ($IS_OPTIMIZED == 1) ? $constraints->[3]->[1] : $constraints->[1]->[1];
|
||||
|
||||
my $db_salt_len = init_db_salt_rand (($IS_OPTIMIZED == 1) ? $constraints->[3]->[0] : $constraints->[1]->[0],
|
||||
($IS_OPTIMIZED == 1) ? $constraints->[3]->[1] : $constraints->[1]->[1]);
|
||||
my $db_word_len = init_db_word_rand ($word_min, $word_max);
|
||||
my $db_salt_len = init_db_salt_rand ($salt_min, $salt_max);
|
||||
|
||||
my $db_prev;
|
||||
|
||||
@ -87,16 +89,8 @@ sub single
|
||||
|
||||
if (defined $len)
|
||||
{
|
||||
if ($IS_OPTIMIZED == 1)
|
||||
{
|
||||
next if $len < $constraints->[2]->[0];
|
||||
next if $len > $constraints->[2]->[1];
|
||||
}
|
||||
else
|
||||
{
|
||||
next if $len < $constraints->[0]->[0];
|
||||
next if $len > $constraints->[0]->[1];
|
||||
}
|
||||
next if $len < $word_min;
|
||||
next if $len > $word_max;
|
||||
|
||||
$word_len = $len;
|
||||
}
|
||||
@ -107,13 +101,16 @@ sub single
|
||||
|
||||
my $salt_len = 0;
|
||||
|
||||
if ($constraints->[3]->[0] == $constraints->[3]->[1])
|
||||
if ($salt_min != -1)
|
||||
{
|
||||
$salt_len = $constraints->[3]->[0];
|
||||
}
|
||||
else
|
||||
{
|
||||
$salt_len = $db_salt_len->[$giveup % $single_outputs];
|
||||
if ($salt_min == $salt_max)
|
||||
{
|
||||
$salt_len = $salt_min;
|
||||
}
|
||||
else
|
||||
{
|
||||
$salt_len = $db_salt_len->[$giveup % $single_outputs];
|
||||
}
|
||||
}
|
||||
|
||||
# mostly important for raw hashes in optimized mode
|
||||
@ -125,7 +122,7 @@ sub single
|
||||
my $comb_min = $constraints->[4]->[0];
|
||||
my $comb_max = $constraints->[4]->[1];
|
||||
|
||||
if (($comb_min != -1) && ($comb_max != -1))
|
||||
if ($comb_min != -1)
|
||||
{
|
||||
next if $comb_len < $comb_min;
|
||||
next if $comb_len > $comb_max;
|
||||
@ -174,14 +171,19 @@ sub passthrough
|
||||
|
||||
my $salt_len = 0;
|
||||
|
||||
if ($constraints->[3]->[0] == $constraints->[3]->[1])
|
||||
my $salt_min = ($IS_OPTIMIZED == 1) ? $constraints->[3]->[0] : $constraints->[1]->[0];
|
||||
my $salt_max = ($IS_OPTIMIZED == 1) ? $constraints->[3]->[1] : $constraints->[1]->[1];
|
||||
|
||||
if ($salt_min != -1)
|
||||
{
|
||||
$salt_len = $constraints->[3]->[0];
|
||||
}
|
||||
else
|
||||
{
|
||||
$salt_len = random_number (($IS_OPTIMIZED == 1) ? $constraints->[3]->[0] : $constraints->[1]->[0],
|
||||
($IS_OPTIMIZED == 1) ? $constraints->[3]->[1] : $constraints->[1]->[1]);
|
||||
if ($salt_min == $salt_max)
|
||||
{
|
||||
$salt_len = $salt_min;
|
||||
}
|
||||
else
|
||||
{
|
||||
$salt_len = random_number ($salt_min, $salt_max);
|
||||
}
|
||||
}
|
||||
|
||||
my $comb_len = $word_len + $salt_len;
|
||||
@ -191,7 +193,7 @@ sub passthrough
|
||||
my $comb_min = $constraints->[4]->[0];
|
||||
my $comb_max = $constraints->[4]->[1];
|
||||
|
||||
if (($comb_min != -1) && ($comb_max != -1))
|
||||
if ($comb_min != -1)
|
||||
{
|
||||
next if $comb_len < $comb_min;
|
||||
next if $comb_len > $comb_max;
|
||||
@ -268,21 +270,63 @@ sub is_in_array
|
||||
return grep { $_ eq $value } @{$array};
|
||||
}
|
||||
|
||||
sub get_module_constraints
|
||||
{
|
||||
my $constraints = module_constraints ();
|
||||
|
||||
if (($constraints->[0]->[0] == -1) && ($constraints->[0]->[1] == -1))
|
||||
{
|
||||
# hash-mode doesn't have a pure kernel, use optimized password settings
|
||||
|
||||
$constraints->[0]->[0] = $constraints->[2]->[0];
|
||||
$constraints->[0]->[1] = $constraints->[2]->[1];
|
||||
}
|
||||
|
||||
if (($constraints->[1]->[0] == -1) && ($constraints->[1]->[1] == -1))
|
||||
{
|
||||
# hash-mode doesn't have a pure kernel, use optimized salt settings
|
||||
|
||||
$constraints->[1]->[0] = $constraints->[3]->[0];
|
||||
$constraints->[1]->[1] = $constraints->[3]->[1];
|
||||
}
|
||||
|
||||
if (($constraints->[2]->[0] == -1) && ($constraints->[2]->[1] == -1))
|
||||
{
|
||||
# hash-mode doesn't have a optimized kernel, use pure password settings
|
||||
|
||||
$constraints->[2]->[0] = $constraints->[0]->[0];
|
||||
$constraints->[2]->[1] = $constraints->[0]->[1];
|
||||
}
|
||||
|
||||
if (($constraints->[3]->[0] == -1) && ($constraints->[3]->[1] == -1))
|
||||
{
|
||||
# hash-mode doesn't have a optimized kernel, use pure salt settings
|
||||
|
||||
$constraints->[3]->[0] = $constraints->[1]->[0];
|
||||
$constraints->[3]->[1] = $constraints->[1]->[1];
|
||||
}
|
||||
|
||||
return $constraints;
|
||||
}
|
||||
|
||||
sub init_db_word_rand
|
||||
{
|
||||
my $min_len = shift;
|
||||
my $max_len = shift;
|
||||
my $len_min = shift;
|
||||
my $len_max = shift;
|
||||
|
||||
return if ($len_min == -1);
|
||||
return if ($len_max == -1);
|
||||
|
||||
if ($IS_OPTIMIZED == 1)
|
||||
{
|
||||
my $comb_min = $constraints->[4]->[0];
|
||||
my $comb_max = $constraints->[4]->[1];
|
||||
|
||||
if (($comb_min != -1) && ($comb_max != -1))
|
||||
if ($constraints->[4]->[0] != -1)
|
||||
{
|
||||
if ($constraints->[3]->[0] == $constraints->[3]->[1])
|
||||
my $salt_min = $constraints->[3]->[0];
|
||||
my $salt_max = $constraints->[3]->[1];
|
||||
|
||||
if ($salt_min == $salt_max)
|
||||
{
|
||||
$max_len -= $constraints->[3]->[0];
|
||||
$len_max -= $salt_min;
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -298,7 +342,7 @@ sub init_db_word_rand
|
||||
{
|
||||
last if ($giveup++ == $giveup_at);
|
||||
|
||||
my $len = random_number ($min_len, $max_len);
|
||||
my $len = random_number ($len_min, $len_max);
|
||||
|
||||
if ($IS_OPTIMIZED == 1)
|
||||
{
|
||||
@ -325,8 +369,11 @@ sub init_db_word_rand
|
||||
|
||||
sub init_db_salt_rand
|
||||
{
|
||||
my $min_len = shift;
|
||||
my $max_len = shift;
|
||||
my $len_min = shift;
|
||||
my $len_max = shift;
|
||||
|
||||
return if ($len_min == -1);
|
||||
return if ($len_max == -1);
|
||||
|
||||
my $db_len = {};
|
||||
my $db_out = [];
|
||||
@ -339,7 +386,7 @@ sub init_db_salt_rand
|
||||
{
|
||||
last if ($giveup++ == $giveup_at);
|
||||
|
||||
my $len = random_number ($min_len, $max_len);
|
||||
my $len = random_number ($len_min, $len_max);
|
||||
|
||||
if ($IS_OPTIMIZED == 1)
|
||||
{
|
||||
|
@ -1,6 +1,11 @@
|
||||
### Hashcat test modules ###
|
||||
|
||||
Each module provides the functions `module_constraints`, `module_generate_hash` and `module_verify_hash`. The `module_constraints` function should return the minimum and maximum length of the password, salt and the combination of password and salt in following order: password (pure), salt (pure), password (optimized), salt (optimized) and combination (optimized). The combination pair should be set to -1 if the hash mode is not concatinating the password and the salt in the same buffer in the kernel (typically raw hashes only). The first parameter to `module_generate_hash` is the password, which can be either in ASCII or binary (packed) form. The second parameter is the salt *which can be undefined for unsalted hash modes). The `module_verify_hash` function accepts a line from the cracks file, without the newline characters.
|
||||
Each module provides the functions `module_constraints`, `module_generate_hash` and `module_verify_hash`.
|
||||
|
||||
* The `module_constraints` function should return the minimum and maximum length of the password, salt and the combination of password and salt in following order: password (pure), salt (pure), password (optimized), salt (optimized) and combination (optimized).
|
||||
Each pair should be set to -1 if the hash mode is not supporting the appropriate field. For example, if a hash-mode does not support a salt, it should be set to -1. The last field (combination) is important if the the password and the salt is stored in the same buffer in the kernel (typically raw hashes only).
|
||||
* The first parameter to `module_generate_hash` is the password, which can be either in ASCII or binary (packed) form. The second parameter is the salt *which can be undefined for unsalted hash modes).
|
||||
* The `module_verify_hash` function accepts a line from the cracks file, without the newline characters.
|
||||
|
||||
During `single` and `passthrough` tests the `module_generate_hash` function must provide random values (e.g. salt) for hash generation if necessary. The test.pl script offers a few handy functions like `random_hex_string`, `random_numeric_string` and `random_bytes`. You can implement your own salt generation functions, if your mode has specific requirements.
|
||||
|
||||
|
@ -10,7 +10,7 @@ use warnings;
|
||||
|
||||
use Digest::MD5 qw (md5_hex);
|
||||
|
||||
sub module_constraints { [[0, 255], [0, 0], [0, 55], [0, 0], [-1, -1]] }
|
||||
sub module_constraints { [[0, 255], [-1, -1], [0, 55], [-1, -1], [-1, -1]] }
|
||||
|
||||
sub module_generate_hash
|
||||
{
|
||||
|
@ -10,7 +10,7 @@ use warnings;
|
||||
|
||||
use Digest::SHA qw (sha1_hex);
|
||||
|
||||
sub module_constraints { [[0, 255], [0, 0], [0, 55], [0, 0], [-1, -1]] }
|
||||
sub module_constraints { [[0, 255], [-1, -1], [0, 55], [-1, -1], [-1, -1]] }
|
||||
|
||||
sub module_generate_hash
|
||||
{
|
||||
|
@ -10,7 +10,7 @@ use warnings;
|
||||
|
||||
use Authen::Passphrase::MySQL323;
|
||||
|
||||
sub module_constraints { [[0, 255], [0, 0], [0, 55], [0, 0], [-1, -1]] }
|
||||
sub module_constraints { [[-1, -1], [-1, -1], [0, 31], [-1, -1], [-1, -1]] }
|
||||
|
||||
sub module_generate_hash
|
||||
{
|
||||
|
@ -10,7 +10,7 @@ use warnings;
|
||||
|
||||
use Crypt::MySQL qw (password41);
|
||||
|
||||
sub module_constraints { [[0, 255], [0, 0], [0, 55], [0, 0], [-1, -1]] }
|
||||
sub module_constraints { [[0, 255], [-1, -1], [0, 55], [-1, -1], [-1, -1]] }
|
||||
|
||||
sub module_generate_hash
|
||||
{
|
||||
|
@ -11,7 +11,7 @@ use warnings;
|
||||
use Digest::MD4 qw (md4_hex);
|
||||
use Encode;
|
||||
|
||||
sub module_constraints { [[0, 255], [0, 0], [0, 27], [0, 0], [-1, -1]] }
|
||||
sub module_constraints { [[0, 255], [-1, -1], [0, 27], [-1, -1], [-1, -1]] }
|
||||
|
||||
sub module_generate_hash
|
||||
{
|
||||
|
@ -12,7 +12,7 @@ use Digest::HMAC qw (hmac hmac_hex);
|
||||
use Digest::MD5 qw (md5);
|
||||
use Encode qw (encode);
|
||||
|
||||
sub module_constraints { [[0, 255], [0, 255], [0, 27], [0, 27], [-1, -1]] }
|
||||
sub module_constraints { [[0, 127], [0, 55], [0, 27], [0, 27], [-1, -1]] } # room for improvement in pure kernel mode
|
||||
|
||||
sub module_generate_hash
|
||||
{
|
||||
@ -23,7 +23,7 @@ sub module_generate_hash
|
||||
my $domain_len = 27 - $user_len;
|
||||
|
||||
my $domain = shift // random_string ($domain_len);
|
||||
my $srv_ch = shift // random_hex_string (2*8);
|
||||
my $srv_ch = shift // random_hex_string (2 * 8);
|
||||
my $cli_ch = shift // random_client_challenge ();
|
||||
|
||||
my $b_srv_ch = pack ('H*', $srv_ch);
|
||||
|
@ -11,7 +11,7 @@ use warnings;
|
||||
use Digest::MD5 qw (md5_hex);
|
||||
use Digest::SHA1 qw (sha1_hex);
|
||||
|
||||
sub module_constraints { [[0, 255], [0, 0], [0, 55], [0, 0], [-1, -1]] }
|
||||
sub module_constraints { [[0, 255], [-1, -1], [0, 55], [-1, -1], [-1, -1]] }
|
||||
|
||||
sub module_generate_hash
|
||||
{
|
||||
|
@ -12,15 +12,15 @@ use Crypt::GCrypt;
|
||||
use Crypt::PBKDF2;
|
||||
use Digest::SHA qw (sha1 sha1_hex);
|
||||
|
||||
sub module_constraints { [[0, 255], [32, 32], [0, 55], [32, 32], [-1, -1]] }
|
||||
sub module_constraints { [[0, 51], [32, 32], [0, 51], [32, 32], [-1, -1]] }
|
||||
|
||||
sub module_generate_hash
|
||||
{
|
||||
my $word = shift;
|
||||
my $salt = shift;
|
||||
my $iter = shift // 100000;
|
||||
my $iv = shift // random_hex_string (2*8);
|
||||
my $plain = shift // random_hex_string (2*1024);
|
||||
my $iv = shift // random_hex_string (2 * 8);
|
||||
my $plain = shift // random_hex_string (2 * 1024);
|
||||
|
||||
my $b_iv = pack ('H*', $iv);
|
||||
my $b_salt = pack ('H*', $salt);
|
||||
@ -36,7 +36,8 @@ sub module_generate_hash
|
||||
my $pass_hash = sha1 ($word);
|
||||
my $key = $kdf->PBKDF2 ($b_salt, $pass_hash);
|
||||
|
||||
my $cfb = Crypt::GCrypt->new(
|
||||
my $cfb = Crypt::GCrypt->new
|
||||
(
|
||||
type => 'cipher',
|
||||
algorithm => 'blowfish',
|
||||
mode => 'cfb'
|
||||
|
Loading…
Reference in New Issue
Block a user