From ac0560fd4aba6d2546210c1ff524162ba6df216c Mon Sep 17 00:00:00 2001 From: jsteube Date: Sat, 29 Dec 2018 16:23:29 +0100 Subject: [PATCH] Make use of module_constraints more easy and fix some modes --- tools/test.pl | 131 ++++++++++++++++++++++++----------- tools/test_modules/README.md | 7 +- tools/test_modules/m00000.pm | 2 +- tools/test_modules/m00100.pm | 2 +- tools/test_modules/m00200.pm | 2 +- tools/test_modules/m00300.pm | 2 +- tools/test_modules/m01000.pm | 2 +- tools/test_modules/m05600.pm | 4 +- tools/test_modules/m18500.pm | 2 +- tools/test_modules/m18600.pm | 9 +-- 10 files changed, 108 insertions(+), 55 deletions(-) diff --git a/tools/test.pl b/tools/test.pl index e1a32fbfe..e56996dc7 100755 --- a/tools/test.pl +++ b/tools/test.pl @@ -37,7 +37,7 @@ exists &{module_verify_hash} or die "Module function 'module_verify_hash' not my $giveup_at = 1000000; my $single_outputs = 8; -my $constraints = module_constraints (); +my $constraints = get_module_constraints (); if ($TYPE eq 'single') { @@ -67,11 +67,13 @@ sub single my $format = "echo %-31s | ./hashcat \${OPTS} -a 0 -m %d '%s'\n"; - my $db_word_len = init_db_word_rand (($IS_OPTIMIZED == 1) ? $constraints->[2]->[0] : $constraints->[0]->[0], - ($IS_OPTIMIZED == 1) ? $constraints->[2]->[1] : $constraints->[0]->[1]); + my $word_min = ($IS_OPTIMIZED == 1) ? $constraints->[2]->[0] : $constraints->[0]->[0]; + my $word_max = ($IS_OPTIMIZED == 1) ? $constraints->[2]->[1] : $constraints->[0]->[1]; + my $salt_min = ($IS_OPTIMIZED == 1) ? $constraints->[3]->[0] : $constraints->[1]->[0]; + my $salt_max = ($IS_OPTIMIZED == 1) ? $constraints->[3]->[1] : $constraints->[1]->[1]; - my $db_salt_len = init_db_salt_rand (($IS_OPTIMIZED == 1) ? $constraints->[3]->[0] : $constraints->[1]->[0], - ($IS_OPTIMIZED == 1) ? $constraints->[3]->[1] : $constraints->[1]->[1]); + my $db_word_len = init_db_word_rand ($word_min, $word_max); + my $db_salt_len = init_db_salt_rand ($salt_min, $salt_max); my $db_prev; @@ -87,16 +89,8 @@ sub single if (defined $len) { - if ($IS_OPTIMIZED == 1) - { - next if $len < $constraints->[2]->[0]; - next if $len > $constraints->[2]->[1]; - } - else - { - next if $len < $constraints->[0]->[0]; - next if $len > $constraints->[0]->[1]; - } + next if $len < $word_min; + next if $len > $word_max; $word_len = $len; } @@ -107,13 +101,16 @@ sub single my $salt_len = 0; - if ($constraints->[3]->[0] == $constraints->[3]->[1]) + if ($salt_min != -1) { - $salt_len = $constraints->[3]->[0]; - } - else - { - $salt_len = $db_salt_len->[$giveup % $single_outputs]; + if ($salt_min == $salt_max) + { + $salt_len = $salt_min; + } + else + { + $salt_len = $db_salt_len->[$giveup % $single_outputs]; + } } # mostly important for raw hashes in optimized mode @@ -125,7 +122,7 @@ sub single my $comb_min = $constraints->[4]->[0]; my $comb_max = $constraints->[4]->[1]; - if (($comb_min != -1) && ($comb_max != -1)) + if ($comb_min != -1) { next if $comb_len < $comb_min; next if $comb_len > $comb_max; @@ -174,14 +171,19 @@ sub passthrough my $salt_len = 0; - if ($constraints->[3]->[0] == $constraints->[3]->[1]) - { - $salt_len = $constraints->[3]->[0]; - } - else + my $salt_min = ($IS_OPTIMIZED == 1) ? $constraints->[3]->[0] : $constraints->[1]->[0]; + my $salt_max = ($IS_OPTIMIZED == 1) ? $constraints->[3]->[1] : $constraints->[1]->[1]; + + if ($salt_min != -1) { - $salt_len = random_number (($IS_OPTIMIZED == 1) ? $constraints->[3]->[0] : $constraints->[1]->[0], - ($IS_OPTIMIZED == 1) ? $constraints->[3]->[1] : $constraints->[1]->[1]); + if ($salt_min == $salt_max) + { + $salt_len = $salt_min; + } + else + { + $salt_len = random_number ($salt_min, $salt_max); + } } my $comb_len = $word_len + $salt_len; @@ -191,7 +193,7 @@ sub passthrough my $comb_min = $constraints->[4]->[0]; my $comb_max = $constraints->[4]->[1]; - if (($comb_min != -1) && ($comb_max != -1)) + if ($comb_min != -1) { next if $comb_len < $comb_min; next if $comb_len > $comb_max; @@ -268,21 +270,63 @@ sub is_in_array return grep { $_ eq $value } @{$array}; } +sub get_module_constraints +{ + my $constraints = module_constraints (); + + if (($constraints->[0]->[0] == -1) && ($constraints->[0]->[1] == -1)) + { + # hash-mode doesn't have a pure kernel, use optimized password settings + + $constraints->[0]->[0] = $constraints->[2]->[0]; + $constraints->[0]->[1] = $constraints->[2]->[1]; + } + + if (($constraints->[1]->[0] == -1) && ($constraints->[1]->[1] == -1)) + { + # hash-mode doesn't have a pure kernel, use optimized salt settings + + $constraints->[1]->[0] = $constraints->[3]->[0]; + $constraints->[1]->[1] = $constraints->[3]->[1]; + } + + if (($constraints->[2]->[0] == -1) && ($constraints->[2]->[1] == -1)) + { + # hash-mode doesn't have a optimized kernel, use pure password settings + + $constraints->[2]->[0] = $constraints->[0]->[0]; + $constraints->[2]->[1] = $constraints->[0]->[1]; + } + + if (($constraints->[3]->[0] == -1) && ($constraints->[3]->[1] == -1)) + { + # hash-mode doesn't have a optimized kernel, use pure salt settings + + $constraints->[3]->[0] = $constraints->[1]->[0]; + $constraints->[3]->[1] = $constraints->[1]->[1]; + } + + return $constraints; +} + sub init_db_word_rand { - my $min_len = shift; - my $max_len = shift; + my $len_min = shift; + my $len_max = shift; + + return if ($len_min == -1); + return if ($len_max == -1); if ($IS_OPTIMIZED == 1) { - my $comb_min = $constraints->[4]->[0]; - my $comb_max = $constraints->[4]->[1]; - - if (($comb_min != -1) && ($comb_max != -1)) + if ($constraints->[4]->[0] != -1) { - if ($constraints->[3]->[0] == $constraints->[3]->[1]) + my $salt_min = $constraints->[3]->[0]; + my $salt_max = $constraints->[3]->[1]; + + if ($salt_min == $salt_max) { - $max_len -= $constraints->[3]->[0]; + $len_max -= $salt_min; } } } @@ -298,7 +342,7 @@ sub init_db_word_rand { last if ($giveup++ == $giveup_at); - my $len = random_number ($min_len, $max_len); + my $len = random_number ($len_min, $len_max); if ($IS_OPTIMIZED == 1) { @@ -325,8 +369,11 @@ sub init_db_word_rand sub init_db_salt_rand { - my $min_len = shift; - my $max_len = shift; + my $len_min = shift; + my $len_max = shift; + + return if ($len_min == -1); + return if ($len_max == -1); my $db_len = {}; my $db_out = []; @@ -339,7 +386,7 @@ sub init_db_salt_rand { last if ($giveup++ == $giveup_at); - my $len = random_number ($min_len, $max_len); + my $len = random_number ($len_min, $len_max); if ($IS_OPTIMIZED == 1) { diff --git a/tools/test_modules/README.md b/tools/test_modules/README.md index b4c9ac814..621917e5d 100644 --- a/tools/test_modules/README.md +++ b/tools/test_modules/README.md @@ -1,6 +1,11 @@ ### Hashcat test modules ### -Each module provides the functions `module_constraints`, `module_generate_hash` and `module_verify_hash`. The `module_constraints` function should return the minimum and maximum length of the password, salt and the combination of password and salt in following order: password (pure), salt (pure), password (optimized), salt (optimized) and combination (optimized). The combination pair should be set to -1 if the hash mode is not concatinating the password and the salt in the same buffer in the kernel (typically raw hashes only). The first parameter to `module_generate_hash` is the password, which can be either in ASCII or binary (packed) form. The second parameter is the salt *which can be undefined for unsalted hash modes). The `module_verify_hash` function accepts a line from the cracks file, without the newline characters. +Each module provides the functions `module_constraints`, `module_generate_hash` and `module_verify_hash`. + +* The `module_constraints` function should return the minimum and maximum length of the password, salt and the combination of password and salt in following order: password (pure), salt (pure), password (optimized), salt (optimized) and combination (optimized). +Each pair should be set to -1 if the hash mode is not supporting the appropriate field. For example, if a hash-mode does not support a salt, it should be set to -1. The last field (combination) is important if the the password and the salt is stored in the same buffer in the kernel (typically raw hashes only). +* The first parameter to `module_generate_hash` is the password, which can be either in ASCII or binary (packed) form. The second parameter is the salt *which can be undefined for unsalted hash modes). +* The `module_verify_hash` function accepts a line from the cracks file, without the newline characters. During `single` and `passthrough` tests the `module_generate_hash` function must provide random values (e.g. salt) for hash generation if necessary. The test.pl script offers a few handy functions like `random_hex_string`, `random_numeric_string` and `random_bytes`. You can implement your own salt generation functions, if your mode has specific requirements. diff --git a/tools/test_modules/m00000.pm b/tools/test_modules/m00000.pm index 7eac4485a..682c608d8 100644 --- a/tools/test_modules/m00000.pm +++ b/tools/test_modules/m00000.pm @@ -10,7 +10,7 @@ use warnings; use Digest::MD5 qw (md5_hex); -sub module_constraints { [[0, 255], [0, 0], [0, 55], [0, 0], [-1, -1]] } +sub module_constraints { [[0, 255], [-1, -1], [0, 55], [-1, -1], [-1, -1]] } sub module_generate_hash { diff --git a/tools/test_modules/m00100.pm b/tools/test_modules/m00100.pm index 69e355e8d..adaae957d 100644 --- a/tools/test_modules/m00100.pm +++ b/tools/test_modules/m00100.pm @@ -10,7 +10,7 @@ use warnings; use Digest::SHA qw (sha1_hex); -sub module_constraints { [[0, 255], [0, 0], [0, 55], [0, 0], [-1, -1]] } +sub module_constraints { [[0, 255], [-1, -1], [0, 55], [-1, -1], [-1, -1]] } sub module_generate_hash { diff --git a/tools/test_modules/m00200.pm b/tools/test_modules/m00200.pm index 222dc4f83..57e103c33 100644 --- a/tools/test_modules/m00200.pm +++ b/tools/test_modules/m00200.pm @@ -10,7 +10,7 @@ use warnings; use Authen::Passphrase::MySQL323; -sub module_constraints { [[0, 255], [0, 0], [0, 55], [0, 0], [-1, -1]] } +sub module_constraints { [[-1, -1], [-1, -1], [0, 31], [-1, -1], [-1, -1]] } sub module_generate_hash { diff --git a/tools/test_modules/m00300.pm b/tools/test_modules/m00300.pm index fb4252cd5..25688dc3e 100644 --- a/tools/test_modules/m00300.pm +++ b/tools/test_modules/m00300.pm @@ -10,7 +10,7 @@ use warnings; use Crypt::MySQL qw (password41); -sub module_constraints { [[0, 255], [0, 0], [0, 55], [0, 0], [-1, -1]] } +sub module_constraints { [[0, 255], [-1, -1], [0, 55], [-1, -1], [-1, -1]] } sub module_generate_hash { diff --git a/tools/test_modules/m01000.pm b/tools/test_modules/m01000.pm index adc2435d7..973143593 100644 --- a/tools/test_modules/m01000.pm +++ b/tools/test_modules/m01000.pm @@ -11,7 +11,7 @@ use warnings; use Digest::MD4 qw (md4_hex); use Encode; -sub module_constraints { [[0, 255], [0, 0], [0, 27], [0, 0], [-1, -1]] } +sub module_constraints { [[0, 255], [-1, -1], [0, 27], [-1, -1], [-1, -1]] } sub module_generate_hash { diff --git a/tools/test_modules/m05600.pm b/tools/test_modules/m05600.pm index 543ab8389..7675b7116 100644 --- a/tools/test_modules/m05600.pm +++ b/tools/test_modules/m05600.pm @@ -12,7 +12,7 @@ use Digest::HMAC qw (hmac hmac_hex); use Digest::MD5 qw (md5); use Encode qw (encode); -sub module_constraints { [[0, 255], [0, 255], [0, 27], [0, 27], [-1, -1]] } +sub module_constraints { [[0, 127], [0, 55], [0, 27], [0, 27], [-1, -1]] } # room for improvement in pure kernel mode sub module_generate_hash { @@ -23,7 +23,7 @@ sub module_generate_hash my $domain_len = 27 - $user_len; my $domain = shift // random_string ($domain_len); - my $srv_ch = shift // random_hex_string (2*8); + my $srv_ch = shift // random_hex_string (2 * 8); my $cli_ch = shift // random_client_challenge (); my $b_srv_ch = pack ('H*', $srv_ch); diff --git a/tools/test_modules/m18500.pm b/tools/test_modules/m18500.pm index 9a652481f..1665d9c30 100644 --- a/tools/test_modules/m18500.pm +++ b/tools/test_modules/m18500.pm @@ -11,7 +11,7 @@ use warnings; use Digest::MD5 qw (md5_hex); use Digest::SHA1 qw (sha1_hex); -sub module_constraints { [[0, 255], [0, 0], [0, 55], [0, 0], [-1, -1]] } +sub module_constraints { [[0, 255], [-1, -1], [0, 55], [-1, -1], [-1, -1]] } sub module_generate_hash { diff --git a/tools/test_modules/m18600.pm b/tools/test_modules/m18600.pm index ce684dae4..64936c505 100644 --- a/tools/test_modules/m18600.pm +++ b/tools/test_modules/m18600.pm @@ -12,15 +12,15 @@ use Crypt::GCrypt; use Crypt::PBKDF2; use Digest::SHA qw (sha1 sha1_hex); -sub module_constraints { [[0, 255], [32, 32], [0, 55], [32, 32], [-1, -1]] } +sub module_constraints { [[0, 51], [32, 32], [0, 51], [32, 32], [-1, -1]] } sub module_generate_hash { my $word = shift; my $salt = shift; my $iter = shift // 100000; - my $iv = shift // random_hex_string (2*8); - my $plain = shift // random_hex_string (2*1024); + my $iv = shift // random_hex_string (2 * 8); + my $plain = shift // random_hex_string (2 * 1024); my $b_iv = pack ('H*', $iv); my $b_salt = pack ('H*', $salt); @@ -36,7 +36,8 @@ sub module_generate_hash my $pass_hash = sha1 ($word); my $key = $kdf->PBKDF2 ($b_salt, $pass_hash); - my $cfb = Crypt::GCrypt->new( + my $cfb = Crypt::GCrypt->new + ( type => 'cipher', algorithm => 'blowfish', mode => 'cfb'