diff --git a/include/cpu_crc32.h b/include/cpu_crc32.h index a35be2511..700762250 100644 --- a/include/cpu_crc32.h +++ b/include/cpu_crc32.h @@ -9,7 +9,7 @@ #include #include -int cpu_crc32 (hashcat_ctx_t *hashcat_ctx, const char *filename, u8 keytab[64]); +int cpu_crc32 (const char *filename, u8 keytab[64]); u32 cpu_crc32_buffer (const u8 *buf, const size_t length); #endif // _CPU_CRC32_H diff --git a/include/interface_migrate.h b/include/interface_migrate.h index ae37dd4aa..91800ddd8 100644 --- a/include/interface_migrate.h +++ b/include/interface_migrate.h @@ -604,12 +604,6 @@ typedef struct bsdicrypt_tmp } bsdicrypt_tmp_t; -typedef struct rar3_tmp -{ - u32 dgst[17][5]; - -} rar3_tmp_t; - typedef struct cram_md5 { u32 user[16]; @@ -730,7 +724,6 @@ typedef enum hash_type HASH_TYPE_ECRYPTFS = 47, HASH_TYPE_ORACLET = 48, HASH_TYPE_BSDICRYPT = 49, - HASH_TYPE_RAR3HP = 50, HASH_TYPE_STDOUT = 52, HASH_TYPE_PLAINTEXT = 54, HASH_TYPE_LUKS = 55, @@ -877,7 +870,6 @@ typedef enum kern_type KERN_TYPE_ECRYPTFS = 12200, KERN_TYPE_ORACLET = 12300, KERN_TYPE_BSDICRYPT = 12400, - KERN_TYPE_RAR3 = 12500, KERN_TYPE_CF10 = 12600, KERN_TYPE_MYWALLET = 12700, KERN_TYPE_MS_DRSR = 12800, @@ -961,7 +953,6 @@ typedef enum rounds_count ROUNDS_ECRYPTFS = 65536, ROUNDS_ORACLET = 4096, ROUNDS_BSDICRYPT = 2900, - ROUNDS_RAR3 = 262144, ROUNDS_MYWALLET = 10, ROUNDS_MYWALLETV2 = 5000, ROUNDS_MS_DRSR = 100, @@ -1104,7 +1095,6 @@ int pbkdf2_sha1_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_bu int pbkdf2_sha512_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); int ecryptfs_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); int bsdicrypt_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); -int rar3hp_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); int rar5_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); int cf10_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); int mywallet_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); diff --git a/src/cpu_crc32.c b/src/cpu_crc32.c index 2f0d328e0..d059cd2f7 100644 --- a/src/cpu_crc32.c +++ b/src/cpu_crc32.c @@ -90,7 +90,7 @@ u32 cpu_crc32_buffer (const u8 *buf, const size_t length) return crc ^ 0xffffffff;; } -int cpu_crc32 (hashcat_ctx_t *hashcat_ctx, const char *filename, u8 keytab[64]) +int cpu_crc32 (const char *filename, u8 keytab[64]) { u32 crc = ~0u; diff --git a/src/interface_migrate.c b/src/interface_migrate.c index 2eb731893..af72c1a0c 100644 --- a/src/interface_migrate.c +++ b/src/interface_migrate.c @@ -134,7 +134,6 @@ " 9100 | Lotus Notes/Domino 8 | Enterprise Application Software (EAS)", " 133 | PeopleSoft | Enterprise Application Software (EAS)", " 13500 | PeopleSoft PS_TOKEN | Enterprise Application Software (EAS)", - " 12500 | RAR3-hp | Archives", " 13000 | RAR5 | Archives", " 13200 | AxCrypt | Archives", " 13300 | AxCrypt in-memory SHA1 | Archives", @@ -398,7 +397,6 @@ static const char *ST_HASH_12100 = "sha512:1000:NzY2:DNWohLbdIWIt4Npk9gpTvA=="; static const char *ST_HASH_12200 = "$ecryptfs$0$1$4207883745556753$567daa975114206c"; static const char *ST_HASH_12300 = "8F75FBD166AFDB6D7587DAB89C2F15672AAC031C5B0B5E65C0835FB130555F6FF4E0E5764976755558112246FFF306450C22F6B7746B9E9831ED97B373992F9157436180438417080374881414745255"; static const char *ST_HASH_12400 = "_GW..8841inaTltazRsQ"; -static const char *ST_HASH_12500 = "$RAR3$*0*45109af8ab5f297a*adbf6c5385d7a40373e8f77d7b89d317"; static const char *ST_HASH_12600 = "3f3473a071b1fb955544e80c81853ca0f1e4f9ee4ca3bf4d2a8a10b5ef5be1f6:6058321484538505215534207835727413038041028036676832416353152201"; static const char *ST_HASH_12700 = "$blockchain$288$713253722114000682636604801283547365b7a53a802a7388d08eb7e6c32c1efb4a157fe19bca940a753d7f16e8bdaf491aa9cf6cda4035ac48d56bb025aced81455424272f3e0459ec7674df3e82abd7323bc09af4fd0869fd790b3f17f8fe424b8ec81a013e1476a5c5a6a53c4b85a055eecfbc13eccf855f905d3ddc3f0c54015b8cb177401d5942af833f655947bfc12fc00656302f31339187de2a69ab06bc61073933b3a48c9f144177ae4b330968eb919f8a22cec312f734475b28cdfe5c25b43c035bf132887f3241d86b71eb7e1cf517f99305b19c47997a1a1f89df6248749ac7f38ca7c88719cf16d6af2394307dce55600b8858f4789cf1ae8fd362ef565cd9332f32068b3c04c9282553e658b759c2e76ed092d67bd55961ae"; static const char *ST_HASH_12800 = "v1;PPH1_MD4,54188415275183448824,100,55b530f052a9af79a7ba9c466dddcb8b116f8babf6c3873a51a3898fb008e123"; @@ -567,7 +565,6 @@ static const char *HT_12100 = "PBKDF2-HMAC-SHA512"; static const char *HT_12200 = "eCryptfs"; static const char *HT_12300 = "Oracle T: Type (Oracle 12+)"; static const char *HT_12400 = "BSDi Crypt, Extended DES"; -static const char *HT_12500 = "RAR3-hp"; static const char *HT_12600 = "ColdFusion 10+"; static const char *HT_12700 = "Blockchain, My Wallet"; static const char *HT_12800 = "MS-AzureSync PBKDF2-HMAC-SHA256"; @@ -711,7 +708,6 @@ static const char *SIGNATURE_PHPS = "$PHPS$"; static const char *SIGNATURE_POSTGRESQL_AUTH = "$postgres$"; static const char *SIGNATURE_PSAFE3 = "PWS3"; static const char *SIGNATURE_RACF = "$racf$"; -static const char *SIGNATURE_RAR3 = "$RAR3$"; static const char *SIGNATURE_RAR5 = "$rar5$"; static const char *SIGNATURE_SAPH_SHA1 = "{x-issha, "; static const char *SIGNATURE_SCRYPT = "SCRYPT"; @@ -11350,83 +11346,6 @@ int bsdicrypt_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_ return (PARSER_OK); } -int rar3hp_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig) -{ - u32 *digest = (u32 *) hash_buf->digest; - - salt_t *salt = hash_buf->salt; - - token_t token; - - token.token_cnt = 4; - - token.signatures_cnt = 1; - token.signatures_buf[0] = SIGNATURE_RAR3; - - token.sep[0] = '*'; - token.len_min[0] = 6; - token.len_max[0] = 6; - token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH - | TOKEN_ATTR_VERIFY_SIGNATURE; - - token.sep[1] = '*'; - token.len_min[1] = 1; - token.len_max[1] = 1; - token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH - | TOKEN_ATTR_VERIFY_DIGIT; - - token.sep[2] = '*'; - token.len_min[2] = 16; - token.len_max[2] = 16; - token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH - | TOKEN_ATTR_VERIFY_HEX; - - token.sep[3] = '*'; - token.len_min[3] = 32; - token.len_max[3] = 32; - token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH - | TOKEN_ATTR_VERIFY_HEX; - - const int rc_tokenizer = input_tokenizer (input_buf, input_len, &token); - - if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); - - const u8 *type_pos = token.buf[1]; - const u8 *salt_pos = token.buf[2]; - const u8 *crypted_pos = token.buf[3]; - - if (type_pos[0] != '0') return (PARSER_SIGNATURE_UNMATCHED); - - /** - * copy data - */ - - salt->salt_buf[0] = hex_to_u32 (salt_pos + 0); - salt->salt_buf[1] = hex_to_u32 (salt_pos + 8); - salt->salt_buf[2] = hex_to_u32 (crypted_pos + 0); - salt->salt_buf[3] = hex_to_u32 (crypted_pos + 8); - salt->salt_buf[4] = hex_to_u32 (crypted_pos + 16); - salt->salt_buf[5] = hex_to_u32 (crypted_pos + 24); - - salt->salt_buf[2] = byte_swap_32 (salt->salt_buf[2]); - salt->salt_buf[3] = byte_swap_32 (salt->salt_buf[3]); - salt->salt_buf[4] = byte_swap_32 (salt->salt_buf[4]); - salt->salt_buf[5] = byte_swap_32 (salt->salt_buf[5]); - - salt->salt_len = 24; - salt->salt_iter = ROUNDS_RAR3; - - // there's no hash for rar3. the data which is in crypted_pos is some encrypted data and - // if it matches the value \xc4\x3d\x7b\x00\x40\x07\x00 after decrypt we know that we successfully cracked it. - - digest[0] = 0xc43d7b00; - digest[1] = 0x40070000; - digest[2] = 0; - digest[3] = 0; - - return (PARSER_OK); -} - int rar5_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig) { u32 *digest = (u32 *) hash_buf->digest; @@ -14968,11 +14887,6 @@ u32 kernel_loops_mxx (hashcat_ctx_t *hashcat_ctx) kernel_loops_fixed = 1; } - if (hashconfig->hash_mode == 12500) - { - kernel_loops_fixed = ROUNDS_RAR3 / 16; - } - if (hashconfig->hash_mode == 15700) { kernel_loops_fixed = 1; @@ -15081,8 +14995,6 @@ void hashconfig_benchmark_defaults (hashcat_ctx_t *hashcat_ctx, salt_t *salt, vo break; case 12400: salt->salt_len = 4; break; - case 12500: salt->salt_len = 8; - break; case 12600: salt->salt_len = 64; break; case 14600: salt->salt_len = LUKS_SALTSIZE; @@ -15270,8 +15182,6 @@ void hashconfig_benchmark_defaults (hashcat_ctx_t *hashcat_ctx, salt_t *salt, vo break; case 12400: salt->salt_iter = ROUNDS_BSDICRYPT - 1; break; - case 12500: salt->salt_iter = ROUNDS_RAR3; - break; case 12700: salt->salt_iter = ROUNDS_MYWALLET; break; case 12800: salt->salt_iter = ROUNDS_MS_DRSR - 1; @@ -17096,17 +17006,6 @@ int ascii_digest (hashcat_ctx_t *hashcat_ctx, char *out_buf, const int out_size, snprintf (out_buf, out_size, "_%s%s%s", salt_iter, ptr_salt, ptr_plain); } - else if (hash_mode == 12500) - { - snprintf (out_buf, out_size, "%s*0*%08x%08x*%08x%08x%08x%08x", - SIGNATURE_RAR3, - byte_swap_32 (salt.salt_buf[0]), - byte_swap_32 (salt.salt_buf[1]), - salt.salt_buf[2], - salt.salt_buf[3], - salt.salt_buf[4], - salt.salt_buf[5]); - } else if (hash_mode == 12600) { snprintf (out_buf, out_size, "%08x%08x%08x%08x%08x%08x%08x%08x", @@ -21349,22 +21248,6 @@ int hashconfig_init (hashcat_ctx_t *hashcat_ctx) hashconfig->st_pass = ST_PASS_HASHCAT_PLAIN; break; - case 12500: hashconfig->hash_type = HASH_TYPE_RAR3HP; - hashconfig->salt_type = SALT_TYPE_EMBEDDED; - hashconfig->attack_exec = ATTACK_EXEC_OUTSIDE_KERNEL; - hashconfig->opts_type = OPTS_TYPE_PT_GENERATE_LE; - hashconfig->kern_type = KERN_TYPE_RAR3; - hashconfig->dgst_size = DGST_SIZE_4_4; - hashconfig->parse_func = rar3hp_parse_hash; - hashconfig->opti_type = OPTI_TYPE_ZERO_BYTE; - hashconfig->dgst_pos0 = 0; - hashconfig->dgst_pos1 = 1; - hashconfig->dgst_pos2 = 2; - hashconfig->dgst_pos3 = 3; - hashconfig->st_hash = ST_HASH_12500; - hashconfig->st_pass = ST_PASS_HASHCAT_PLAIN; - break; - case 12600: hashconfig->hash_type = HASH_TYPE_SHA256; hashconfig->salt_type = SALT_TYPE_GENERIC; hashconfig->attack_exec = ATTACK_EXEC_INSIDE_KERNEL; @@ -22571,7 +22454,6 @@ int hashconfig_init (hashcat_ctx_t *hashcat_ctx) case 12200: hashconfig->tmp_size = sizeof (ecryptfs_tmp_t); break; case 12300: hashconfig->tmp_size = sizeof (oraclet_tmp_t); break; case 12400: hashconfig->tmp_size = sizeof (bsdicrypt_tmp_t); break; - case 12500: hashconfig->tmp_size = sizeof (rar3_tmp_t); break; case 12700: hashconfig->tmp_size = sizeof (mywallet_tmp_t); break; case 12800: hashconfig->tmp_size = sizeof (pbkdf2_sha256_tmp_t); break; case 12900: hashconfig->tmp_size = sizeof (pbkdf2_sha256_tmp_t); break; @@ -22656,8 +22538,6 @@ u32 default_pw_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED co break; case 10700: pw_max = MIN (pw_max, 16); // pure kernel available break; - case 12500: pw_max = MIN (pw_max, 20); // todo - break; case 14400: pw_max = MIN (pw_max, 24); // todo break; case 15500: pw_max = MIN (pw_max, 16); // todo @@ -22846,8 +22726,6 @@ const char *default_benchmark_mask (MAYBE_UNUSED const hashconfig_t *hashconfig, break; case 10410: mask = "?b?b?b?b?b"; break; - case 12500: mask = "?b?b?b?b?b"; - break; case 14900: mask = "?b?b?b?b?bxxxxx"; break; default: mask = "?b?b?b?b?b?b?b"; @@ -23338,7 +23216,6 @@ bool module_unstable_warning (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE || (hashconfig->hash_mode == 8900) || (hashconfig->hash_mode == 9300) || (hashconfig->hash_mode == 9800) - || (hashconfig->hash_mode == 12500) || (hashconfig->hash_mode == 15700)) { return true; @@ -23443,7 +23320,7 @@ static int hashconfig_general_defaults (hashcat_ctx_t *hashcat_ctx) do { - const int rc_crc32 = cpu_crc32 (hashcat_ctx, keyfile, (u8 *) tc->keyfile_buf); + const int rc_crc32 = cpu_crc32 (keyfile, (u8 *) tc->keyfile_buf); if (rc_crc32 == -1) { diff --git a/src/modules/module_12500.c b/src/modules/module_12500.c new file mode 100644 index 000000000..4e5eccff3 --- /dev/null +++ b/src/modules/module_12500.c @@ -0,0 +1,259 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#include "common.h" +#include "types.h" +#include "modules.h" +#include "bitops.h" +#include "convert.h" +#include "shared.h" + +static const u32 ATTACK_EXEC = ATTACK_EXEC_OUTSIDE_KERNEL; +static const u32 DGST_POS0 = 0; +static const u32 DGST_POS1 = 1; +static const u32 DGST_POS2 = 2; +static const u32 DGST_POS3 = 3; +static const u32 DGST_SIZE = DGST_SIZE_4_4; +static const u32 HASH_CATEGORY = HASH_CATEGORY_ARCHIVE; +static const char *HASH_NAME = "RAR3-hp"; +static const u32 HASH_TYPE = HASH_TYPE_GENERIC; +static const u64 KERN_TYPE = 12500; +static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE; +static const u64 OPTS_TYPE = OPTS_TYPE_STATE_BUFFER_LE + | OPTS_TYPE_PT_GENERATE_LE; +static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; +static const char *ST_PASS = "hashcat"; +static const char *ST_HASH = "$RAR3$*0*45109af8ab5f297a*adbf6c5385d7a40373e8f77d7b89d317"; + +u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } +u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } +u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } +u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; } +u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; } +u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; } +u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; } +const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; } +u32 module_hash_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_TYPE; } +u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; } +u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; } +u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; } +u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; } +const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } +const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } + +typedef struct rar3_tmp +{ + u32 dgst[17][5]; + +} rar3_tmp_t; + +static const int ROUNDS_RAR3 = 262144; +static const char *SIGNATURE_RAR3 = "$RAR3$"; + +u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 tmp_size = (const u64) sizeof (rar3_tmp_t); + + return tmp_size; +} + +u32 module_kernel_loops_min (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u32 kernel_loops_min = ROUNDS_RAR3 / 16; + + return kernel_loops_min; +} + +u32 module_kernel_loops_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u32 kernel_loops_max = ROUNDS_RAR3 / 16; + + return kernel_loops_max; +} + +u32 module_pw_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const bool optimized_kernel = (hashconfig->opti_type & OPTI_TYPE_OPTIMIZED_KERNEL); + + u32 pw_max = PW_MAX; + + if (optimized_kernel == true) + { + pw_max = 20; + } + + return pw_max; +} + +bool module_unstable_warning (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + #if defined (__APPLE__) + return true; + #endif // __APPLE__ + + return false; +} + +const char *module_benchmark_mask (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const char *mask = "?b?b?b?b?b"; + + return mask; +} + +int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) +{ + u32 *digest = (u32 *) digest_buf; + + token_t token; + + token.token_cnt = 4; + + token.signatures_cnt = 1; + token.signatures_buf[0] = SIGNATURE_RAR3; + + token.sep[0] = '*'; + token.len_min[0] = 6; + token.len_max[0] = 6; + token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_SIGNATURE; + + token.sep[1] = '*'; + token.len_min[1] = 1; + token.len_max[1] = 1; + token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_DIGIT; + + token.sep[2] = '*'; + token.len_min[2] = 16; + token.len_max[2] = 16; + token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + + token.sep[3] = '*'; + token.len_min[3] = 32; + token.len_max[3] = 32; + token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_HEX; + + const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); + + if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); + + const u8 *type_pos = token.buf[1]; + const u8 *salt_pos = token.buf[2]; + const u8 *crypted_pos = token.buf[3]; + + if (type_pos[0] != '0') return (PARSER_SIGNATURE_UNMATCHED); + + /** + * copy data + */ + + salt->salt_buf[0] = hex_to_u32 (salt_pos + 0); + salt->salt_buf[1] = hex_to_u32 (salt_pos + 8); + salt->salt_buf[2] = hex_to_u32 (crypted_pos + 0); + salt->salt_buf[3] = hex_to_u32 (crypted_pos + 8); + salt->salt_buf[4] = hex_to_u32 (crypted_pos + 16); + salt->salt_buf[5] = hex_to_u32 (crypted_pos + 24); + + salt->salt_buf[2] = byte_swap_32 (salt->salt_buf[2]); + salt->salt_buf[3] = byte_swap_32 (salt->salt_buf[3]); + salt->salt_buf[4] = byte_swap_32 (salt->salt_buf[4]); + salt->salt_buf[5] = byte_swap_32 (salt->salt_buf[5]); + + salt->salt_len = 24; + salt->salt_iter = ROUNDS_RAR3; + + // there's no hash for rar3. the data which is in crypted_pos is some encrypted data and + // if it matches the value \xc4\x3d\x7b\x00\x40\x07\x00 after decrypt we know that we successfully cracked it. + + digest[0] = 0xc43d7b00; + digest[1] = 0x40070000; + digest[2] = 0; + digest[3] = 0; + + return (PARSER_OK); +} + +int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) +{ + return snprintf (line_buf, line_size, "%s*0*%08x%08x*%08x%08x%08x%08x", + SIGNATURE_RAR3, + byte_swap_32 (salt->salt_buf[0]), + byte_swap_32 (salt->salt_buf[1]), + salt->salt_buf[2], + salt->salt_buf[3], + salt->salt_buf[4], + salt->salt_buf[5]); +} + +void module_init (module_ctx_t *module_ctx) +{ + module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; + module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT; + + module_ctx->module_attack_exec = module_attack_exec; + module_ctx->module_benchmark_esalt = MODULE_DEFAULT; + module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT; + module_ctx->module_benchmark_mask = module_benchmark_mask; + module_ctx->module_benchmark_salt = MODULE_DEFAULT; + module_ctx->module_build_plain_postprocess = MODULE_DEFAULT; + module_ctx->module_deep_comp_kernel = MODULE_DEFAULT; + module_ctx->module_dgst_pos0 = module_dgst_pos0; + module_ctx->module_dgst_pos1 = module_dgst_pos1; + module_ctx->module_dgst_pos2 = module_dgst_pos2; + module_ctx->module_dgst_pos3 = module_dgst_pos3; + module_ctx->module_dgst_size = module_dgst_size; + module_ctx->module_dictstat_disable = MODULE_DEFAULT; + module_ctx->module_esalt_size = MODULE_DEFAULT; + module_ctx->module_extra_buffer_size = MODULE_DEFAULT; + module_ctx->module_forced_outfile_format = MODULE_DEFAULT; + module_ctx->module_hash_binary_count = MODULE_DEFAULT; + module_ctx->module_hash_binary_parse = MODULE_DEFAULT; + module_ctx->module_hash_binary_save = MODULE_DEFAULT; + module_ctx->module_hash_binary_verify = MODULE_DEFAULT; + module_ctx->module_hash_decode_outfile = MODULE_DEFAULT; + module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; + module_ctx->module_hash_decode = module_hash_decode; + module_ctx->module_hash_encode_status = MODULE_DEFAULT; + module_ctx->module_hash_encode = module_hash_encode; + module_ctx->module_hash_init_selftest = MODULE_DEFAULT; + module_ctx->module_hash_mode = MODULE_DEFAULT; + module_ctx->module_hash_category = module_hash_category; + module_ctx->module_hash_name = module_hash_name; + module_ctx->module_hash_type = module_hash_type; + module_ctx->module_hlfmt_disable = MODULE_DEFAULT; + module_ctx->module_hook12 = MODULE_DEFAULT; + module_ctx->module_hook23 = MODULE_DEFAULT; + module_ctx->module_hook_salt_size = MODULE_DEFAULT; + module_ctx->module_hook_size = MODULE_DEFAULT; + module_ctx->module_jit_build_options = MODULE_DEFAULT; + module_ctx->module_kernel_accel_max = MODULE_DEFAULT; + module_ctx->module_kernel_accel_min = MODULE_DEFAULT; + module_ctx->module_kernel_loops_max = module_kernel_loops_max; + module_ctx->module_kernel_loops_min = module_kernel_loops_min; + module_ctx->module_kernel_threads_max = MODULE_DEFAULT; + module_ctx->module_kernel_threads_min = MODULE_DEFAULT; + module_ctx->module_kern_type = module_kern_type; + module_ctx->module_opti_type = module_opti_type; + module_ctx->module_opts_type = module_opts_type; + module_ctx->module_outfile_check_disable = MODULE_DEFAULT; + module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT; + module_ctx->module_potfile_disable = MODULE_DEFAULT; + module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; + module_ctx->module_pwdump_column = MODULE_DEFAULT; + module_ctx->module_pw_max = module_pw_max; + module_ctx->module_pw_min = MODULE_DEFAULT; + module_ctx->module_salt_max = MODULE_DEFAULT; + module_ctx->module_salt_min = MODULE_DEFAULT; + module_ctx->module_salt_type = module_salt_type; + module_ctx->module_separator = MODULE_DEFAULT; + module_ctx->module_st_hash = module_st_hash; + module_ctx->module_st_pass = module_st_pass; + module_ctx->module_tmp_size = module_tmp_size; + module_ctx->module_unstable_warning = module_unstable_warning; + module_ctx->module_warmup_disable = MODULE_DEFAULT; +}