1
0
mirror of https://github.com/hashcat/hashcat.git synced 2024-12-22 22:58:30 +00:00

Make use of module_constraints more easy and fix some modes

This commit is contained in:
jsteube 2018-12-29 16:23:29 +01:00
parent eeff037365
commit ac0560fd4a
10 changed files with 108 additions and 55 deletions

View File

@ -37,7 +37,7 @@ exists &{module_verify_hash} or die "Module function 'module_verify_hash' not
my $giveup_at = 1000000;
my $single_outputs = 8;
my $constraints = module_constraints ();
my $constraints = get_module_constraints ();
if ($TYPE eq 'single')
{
@ -67,11 +67,13 @@ sub single
my $format = "echo %-31s | ./hashcat \${OPTS} -a 0 -m %d '%s'\n";
my $db_word_len = init_db_word_rand (($IS_OPTIMIZED == 1) ? $constraints->[2]->[0] : $constraints->[0]->[0],
($IS_OPTIMIZED == 1) ? $constraints->[2]->[1] : $constraints->[0]->[1]);
my $word_min = ($IS_OPTIMIZED == 1) ? $constraints->[2]->[0] : $constraints->[0]->[0];
my $word_max = ($IS_OPTIMIZED == 1) ? $constraints->[2]->[1] : $constraints->[0]->[1];
my $salt_min = ($IS_OPTIMIZED == 1) ? $constraints->[3]->[0] : $constraints->[1]->[0];
my $salt_max = ($IS_OPTIMIZED == 1) ? $constraints->[3]->[1] : $constraints->[1]->[1];
my $db_salt_len = init_db_salt_rand (($IS_OPTIMIZED == 1) ? $constraints->[3]->[0] : $constraints->[1]->[0],
($IS_OPTIMIZED == 1) ? $constraints->[3]->[1] : $constraints->[1]->[1]);
my $db_word_len = init_db_word_rand ($word_min, $word_max);
my $db_salt_len = init_db_salt_rand ($salt_min, $salt_max);
my $db_prev;
@ -87,16 +89,8 @@ sub single
if (defined $len)
{
if ($IS_OPTIMIZED == 1)
{
next if $len < $constraints->[2]->[0];
next if $len > $constraints->[2]->[1];
}
else
{
next if $len < $constraints->[0]->[0];
next if $len > $constraints->[0]->[1];
}
next if $len < $word_min;
next if $len > $word_max;
$word_len = $len;
}
@ -107,13 +101,16 @@ sub single
my $salt_len = 0;
if ($constraints->[3]->[0] == $constraints->[3]->[1])
if ($salt_min != -1)
{
$salt_len = $constraints->[3]->[0];
}
else
{
$salt_len = $db_salt_len->[$giveup % $single_outputs];
if ($salt_min == $salt_max)
{
$salt_len = $salt_min;
}
else
{
$salt_len = $db_salt_len->[$giveup % $single_outputs];
}
}
# mostly important for raw hashes in optimized mode
@ -125,7 +122,7 @@ sub single
my $comb_min = $constraints->[4]->[0];
my $comb_max = $constraints->[4]->[1];
if (($comb_min != -1) && ($comb_max != -1))
if ($comb_min != -1)
{
next if $comb_len < $comb_min;
next if $comb_len > $comb_max;
@ -174,14 +171,19 @@ sub passthrough
my $salt_len = 0;
if ($constraints->[3]->[0] == $constraints->[3]->[1])
my $salt_min = ($IS_OPTIMIZED == 1) ? $constraints->[3]->[0] : $constraints->[1]->[0];
my $salt_max = ($IS_OPTIMIZED == 1) ? $constraints->[3]->[1] : $constraints->[1]->[1];
if ($salt_min != -1)
{
$salt_len = $constraints->[3]->[0];
}
else
{
$salt_len = random_number (($IS_OPTIMIZED == 1) ? $constraints->[3]->[0] : $constraints->[1]->[0],
($IS_OPTIMIZED == 1) ? $constraints->[3]->[1] : $constraints->[1]->[1]);
if ($salt_min == $salt_max)
{
$salt_len = $salt_min;
}
else
{
$salt_len = random_number ($salt_min, $salt_max);
}
}
my $comb_len = $word_len + $salt_len;
@ -191,7 +193,7 @@ sub passthrough
my $comb_min = $constraints->[4]->[0];
my $comb_max = $constraints->[4]->[1];
if (($comb_min != -1) && ($comb_max != -1))
if ($comb_min != -1)
{
next if $comb_len < $comb_min;
next if $comb_len > $comb_max;
@ -268,21 +270,63 @@ sub is_in_array
return grep { $_ eq $value } @{$array};
}
sub get_module_constraints
{
my $constraints = module_constraints ();
if (($constraints->[0]->[0] == -1) && ($constraints->[0]->[1] == -1))
{
# hash-mode doesn't have a pure kernel, use optimized password settings
$constraints->[0]->[0] = $constraints->[2]->[0];
$constraints->[0]->[1] = $constraints->[2]->[1];
}
if (($constraints->[1]->[0] == -1) && ($constraints->[1]->[1] == -1))
{
# hash-mode doesn't have a pure kernel, use optimized salt settings
$constraints->[1]->[0] = $constraints->[3]->[0];
$constraints->[1]->[1] = $constraints->[3]->[1];
}
if (($constraints->[2]->[0] == -1) && ($constraints->[2]->[1] == -1))
{
# hash-mode doesn't have a optimized kernel, use pure password settings
$constraints->[2]->[0] = $constraints->[0]->[0];
$constraints->[2]->[1] = $constraints->[0]->[1];
}
if (($constraints->[3]->[0] == -1) && ($constraints->[3]->[1] == -1))
{
# hash-mode doesn't have a optimized kernel, use pure salt settings
$constraints->[3]->[0] = $constraints->[1]->[0];
$constraints->[3]->[1] = $constraints->[1]->[1];
}
return $constraints;
}
sub init_db_word_rand
{
my $min_len = shift;
my $max_len = shift;
my $len_min = shift;
my $len_max = shift;
return if ($len_min == -1);
return if ($len_max == -1);
if ($IS_OPTIMIZED == 1)
{
my $comb_min = $constraints->[4]->[0];
my $comb_max = $constraints->[4]->[1];
if (($comb_min != -1) && ($comb_max != -1))
if ($constraints->[4]->[0] != -1)
{
if ($constraints->[3]->[0] == $constraints->[3]->[1])
my $salt_min = $constraints->[3]->[0];
my $salt_max = $constraints->[3]->[1];
if ($salt_min == $salt_max)
{
$max_len -= $constraints->[3]->[0];
$len_max -= $salt_min;
}
}
}
@ -298,7 +342,7 @@ sub init_db_word_rand
{
last if ($giveup++ == $giveup_at);
my $len = random_number ($min_len, $max_len);
my $len = random_number ($len_min, $len_max);
if ($IS_OPTIMIZED == 1)
{
@ -325,8 +369,11 @@ sub init_db_word_rand
sub init_db_salt_rand
{
my $min_len = shift;
my $max_len = shift;
my $len_min = shift;
my $len_max = shift;
return if ($len_min == -1);
return if ($len_max == -1);
my $db_len = {};
my $db_out = [];
@ -339,7 +386,7 @@ sub init_db_salt_rand
{
last if ($giveup++ == $giveup_at);
my $len = random_number ($min_len, $max_len);
my $len = random_number ($len_min, $len_max);
if ($IS_OPTIMIZED == 1)
{

View File

@ -1,6 +1,11 @@
### Hashcat test modules ###
Each module provides the functions `module_constraints`, `module_generate_hash` and `module_verify_hash`. The `module_constraints` function should return the minimum and maximum length of the password, salt and the combination of password and salt in following order: password (pure), salt (pure), password (optimized), salt (optimized) and combination (optimized). The combination pair should be set to -1 if the hash mode is not concatinating the password and the salt in the same buffer in the kernel (typically raw hashes only). The first parameter to `module_generate_hash` is the password, which can be either in ASCII or binary (packed) form. The second parameter is the salt *which can be undefined for unsalted hash modes). The `module_verify_hash` function accepts a line from the cracks file, without the newline characters.
Each module provides the functions `module_constraints`, `module_generate_hash` and `module_verify_hash`.
* The `module_constraints` function should return the minimum and maximum length of the password, salt and the combination of password and salt in following order: password (pure), salt (pure), password (optimized), salt (optimized) and combination (optimized).
Each pair should be set to -1 if the hash mode is not supporting the appropriate field. For example, if a hash-mode does not support a salt, it should be set to -1. The last field (combination) is important if the the password and the salt is stored in the same buffer in the kernel (typically raw hashes only).
* The first parameter to `module_generate_hash` is the password, which can be either in ASCII or binary (packed) form. The second parameter is the salt *which can be undefined for unsalted hash modes).
* The `module_verify_hash` function accepts a line from the cracks file, without the newline characters.
During `single` and `passthrough` tests the `module_generate_hash` function must provide random values (e.g. salt) for hash generation if necessary. The test.pl script offers a few handy functions like `random_hex_string`, `random_numeric_string` and `random_bytes`. You can implement your own salt generation functions, if your mode has specific requirements.

View File

@ -10,7 +10,7 @@ use warnings;
use Digest::MD5 qw (md5_hex);
sub module_constraints { [[0, 255], [0, 0], [0, 55], [0, 0], [-1, -1]] }
sub module_constraints { [[0, 255], [-1, -1], [0, 55], [-1, -1], [-1, -1]] }
sub module_generate_hash
{

View File

@ -10,7 +10,7 @@ use warnings;
use Digest::SHA qw (sha1_hex);
sub module_constraints { [[0, 255], [0, 0], [0, 55], [0, 0], [-1, -1]] }
sub module_constraints { [[0, 255], [-1, -1], [0, 55], [-1, -1], [-1, -1]] }
sub module_generate_hash
{

View File

@ -10,7 +10,7 @@ use warnings;
use Authen::Passphrase::MySQL323;
sub module_constraints { [[0, 255], [0, 0], [0, 55], [0, 0], [-1, -1]] }
sub module_constraints { [[-1, -1], [-1, -1], [0, 31], [-1, -1], [-1, -1]] }
sub module_generate_hash
{

View File

@ -10,7 +10,7 @@ use warnings;
use Crypt::MySQL qw (password41);
sub module_constraints { [[0, 255], [0, 0], [0, 55], [0, 0], [-1, -1]] }
sub module_constraints { [[0, 255], [-1, -1], [0, 55], [-1, -1], [-1, -1]] }
sub module_generate_hash
{

View File

@ -11,7 +11,7 @@ use warnings;
use Digest::MD4 qw (md4_hex);
use Encode;
sub module_constraints { [[0, 255], [0, 0], [0, 27], [0, 0], [-1, -1]] }
sub module_constraints { [[0, 255], [-1, -1], [0, 27], [-1, -1], [-1, -1]] }
sub module_generate_hash
{

View File

@ -12,7 +12,7 @@ use Digest::HMAC qw (hmac hmac_hex);
use Digest::MD5 qw (md5);
use Encode qw (encode);
sub module_constraints { [[0, 255], [0, 255], [0, 27], [0, 27], [-1, -1]] }
sub module_constraints { [[0, 127], [0, 55], [0, 27], [0, 27], [-1, -1]] } # room for improvement in pure kernel mode
sub module_generate_hash
{
@ -23,7 +23,7 @@ sub module_generate_hash
my $domain_len = 27 - $user_len;
my $domain = shift // random_string ($domain_len);
my $srv_ch = shift // random_hex_string (2*8);
my $srv_ch = shift // random_hex_string (2 * 8);
my $cli_ch = shift // random_client_challenge ();
my $b_srv_ch = pack ('H*', $srv_ch);

View File

@ -11,7 +11,7 @@ use warnings;
use Digest::MD5 qw (md5_hex);
use Digest::SHA1 qw (sha1_hex);
sub module_constraints { [[0, 255], [0, 0], [0, 55], [0, 0], [-1, -1]] }
sub module_constraints { [[0, 255], [-1, -1], [0, 55], [-1, -1], [-1, -1]] }
sub module_generate_hash
{

View File

@ -12,15 +12,15 @@ use Crypt::GCrypt;
use Crypt::PBKDF2;
use Digest::SHA qw (sha1 sha1_hex);
sub module_constraints { [[0, 255], [32, 32], [0, 55], [32, 32], [-1, -1]] }
sub module_constraints { [[0, 51], [32, 32], [0, 51], [32, 32], [-1, -1]] }
sub module_generate_hash
{
my $word = shift;
my $salt = shift;
my $iter = shift // 100000;
my $iv = shift // random_hex_string (2*8);
my $plain = shift // random_hex_string (2*1024);
my $iv = shift // random_hex_string (2 * 8);
my $plain = shift // random_hex_string (2 * 1024);
my $b_iv = pack ('H*', $iv);
my $b_salt = pack ('H*', $salt);
@ -36,7 +36,8 @@ sub module_generate_hash
my $pass_hash = sha1 ($word);
my $key = $kdf->PBKDF2 ($b_salt, $pass_hash);
my $cfb = Crypt::GCrypt->new(
my $cfb = Crypt::GCrypt->new
(
type => 'cipher',
algorithm => 'blowfish',
mode => 'cfb'