diff --git a/docs/changes.txt b/docs/changes.txt index 81e3f8e7a..e2e6c5217 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -8,25 +8,29 @@ - Added hash-mode: Adobe AEM (SSPR, SHA-256 with Salt) - Added hash-mode: Adobe AEM (SSPR, SHA-512 with Salt) - Added hash-mode: Anope IRC Services (enc_sha256) +- Added hash-mode: BLAKE2s-256 - Added hash-mode: BestCrypt v4 Volume Encryption - Added hash-mode: Bisq .wallet (scrypt) - Added hash-mode: Bitcoin raw private key (P2PKH) - Added hash-mode: Bitcoin raw private key (P2SH(P2WPKH)) - Added hash-mode: Bitcoin raw private key (P2WPKH, Bech32) -- Added hash-mode: BLAKE2s-256 - Added hash-mode: CubeCart (Whirlpool($salt.$pass.$salt) -- Added hash-mode: Dahua NVR/DVR/HVR (md5($salt1.strtoupper(md5($salt2.$pass)))) - Added hash-mode: DANE RFC7929/RFC8162 SHA2-256 +- Added hash-mode: Dahua NVR/DVR/HVR (md5($salt1.strtoupper(md5($salt2.$pass)))) - Added hash-mode: Dogechain.info Wallet -- Added hash-mode: Empire CMS (Admin password) +- Added hash-mode: Domain Cached Credentials (DCC), MS Cache (NT) +- Added hash-mode: Domain Cached Credentials 2 (DCC2), MS Cache 2, (NT) - Added hash-mode: ENCsecurity Datavault (MD5/keychain) - Added hash-mode: ENCsecurity Datavault (MD5/no keychain) - Added hash-mode: ENCsecurity Datavault (PBKDF2/keychain) - Added hash-mode: ENCsecurity Datavault (PBKDF2/no keychain) +- Added hash-mode: Empire CMS (Admin password) - Added hash-mode: GPG (AES-128/AES-256 (SHA-1($pass))) - Added hash-mode: GPG (AES-128/AES-256 (SHA-256($pass))) - Added hash-mode: GPG (AES-128/AES-256 (SHA-512($pass))) - Added hash-mode: GPG (CAST5 (SHA-1($pass))) +- Added hash-mode: HMAC-RIPEMD160 (key = $pass) +- Added hash-mode: HMAC-RIPEMD160 (key = $salt) - Added hash-mode: HMAC-RIPEMD320 (key = $pass) - Added hash-mode: HMAC-RIPEMD320 (key = $salt) - Added hash-mode: Kerberos 5, etype 17, AS-REP @@ -38,46 +42,42 @@ - Added hash-mode: NetIQ SSPR (PBKDF2WithHmacSHA1) - Added hash-mode: NetIQ SSPR (PBKDF2WithHmacSHA256) - Added hash-mode: NetIQ SSPR (PBKDF2WithHmacSHA512) -- Added hash-mode: NetIQ SSPR (SHA1) - Added hash-mode: NetIQ SSPR (SHA-1 with Salt) - Added hash-mode: NetIQ SSPR (SHA-256 with Salt) - Added hash-mode: NetIQ SSPR (SHA-512 with Salt) -- Added hash-mode: RIPEMD-320 +- Added hash-mode: NetIQ SSPR (SHA1) - Added hash-mode: RC4 104-bit DropN - Added hash-mode: RC4 40-bit DropN - Added hash-mode: RC4 72-bit DropN +- Added hash-mode: RIPEMD-320 - Added hash-mode: RSA Security Analytics / NetWitness (sha256) - Added hash-mode: SecureCRT MasterPassphrase v2 - Added hash-mode: Veeam VB - Added hash-mode: bcrypt(sha256($pass)) -- Added hash-mode: HMAC-RIPEMD160 (key = $pass) -- Added hash-mode: HMAC-RIPEMD160 (key = $salt) +- Added hash-mode: md5($salt.md5($pass).$salt) - Added hash-mode: md5($salt1.$pass.$salt2) - Added hash-mode: md5($salt1.sha1($salt2.$pass)) -- Added hash-mode: md5(sha1(md5($pass))) - Added hash-mode: md5(md5($pass.$salt)) - Added hash-mode: md5(md5($salt).md5(md5($pass))) -- Added hash-mode: Domain Cached Credentials 2 (DCC2), MS Cache 2, (NT) -- Added hash-mode: Domain Cached Credentials (DCC), MS Cache (NT) -- Added hash-mode: md5(md5(md5($pass.$salt1)).$salt2) -- Added hash-mode: md5(md5(md5($pass).$salt1).$salt2) - Added hash-mode: md5(md5(md5($pass)).$salt) +- Added hash-mode: md5(md5(md5($pass).$salt1).$salt2) +- Added hash-mode: md5(md5(md5($pass.$salt1)).$salt2) - Added hash-mode: md5(sha1($pass.$salt)) - Added hash-mode: md5(sha1($salt.$pass)) +- Added hash-mode: md5(sha1(md5($pass))) +- Added hash-mode: mega.nz password-protected link (PBKDF2-HMAC-SHA512) - Added hash-mode: sha512(sha512($pass).$salt) - Added hash-mode: sha512(sha512_bin($pass).$salt) -- Addad hash-mode: mega.nz password-protected link (PBKDF2-HMAC-SHA512) -- Added hash-mode: md5($salt.md5($pass).$salt) ## ## Features ## -- Added new feature (-Y) that creates N virtual instances for each device in your system at the cost of N times the device memory consumption -- Added options --benchmark-min and --benchmark-max to set a hash-mode range to be used during the benchmark -- Added option --total-candidates to provide the total candidate count for an attack instead of the internal "--keyspace" value -- Added option --backend-devices-keepfree to configure X percentage of device memory available to keep free - Added display of password length mininum and maximum in the Kernel.Feature status line +- Added new feature (-Y) that creates N virtual instances for each device in your system at the cost of N times the device memory consumption +- Added option --backend-devices-keepfree to configure X percentage of device memory available to keep free +- Added option --total-candidates to provide the total candidate count for an attack instead of the internal "--keyspace" value +- Added options --benchmark-min and --benchmark-max to set a hash-mode range to be used during the benchmark - Added the 'edge' test type to test.pl and the corresponding tool test_edge.sh ## @@ -91,32 +91,31 @@ ## - Added verification of token buffer length when using TOKEN_ATTR_FIXED_LENGTH +- Fix missing check for -j and -k before writing hashcat.dictstat2 which can lead to false negatives - Fixed a bug in all SCRYPT-based hash modes with Apple Metal - Fixed buffer overflow on module_26600.c / module_hash_encode() -- Fixed bug in inc_rp_optimized.cl on Apple Intel with Metal -- Fixed bug in module_constraints and kernel for hash-mode 7801 -- Fixed bug in module_constraints and kernel for hash-mode 7800 +- Fixed bug in --stdout that caused certain rules to malfunction +- Fixed bug in --stdout when multiple computing devices are active - Fixed bug in 18400 module_hash_encode - Fixed bug in 23800/unrar with Apple Silicon - Fixed bug in 26900 module_hash_encode - Fixed bug in 29600 module OPTS_TYPE setting - Fixed bug in 32600 by adding missing module_jit_build_options -- Fixed bug in grep out-of-memory workaround on Unit Test -- Fixed bug in input_tokenizer when TOKEN_ATTR_FIXED_LENGTH is used and refactor modules -- Fixed bug in --stdout that caused certain rules to malfunction -- Fixed bug in --stdout when multiple computing devices are active - Fixed bug in Hardware Monitor: prevent disable if ADL fail -- Fixed race condition in selftest_init on OpenCL with non-blocking write +- Fixed bug in grep out-of-memory workaround on Unit Test +- Fixed bug in inc_rp_optimized.cl on Apple Intel with Metal +- Fixed bug in input_tokenizer when TOKEN_ATTR_FIXED_LENGTH is used and refactor modules +- Fixed bug in module_constraints and kernel for hash-mode 7800 +- Fixed bug in module_constraints and kernel for hash-mode 7801 - Fixed build failed for 10700 optimized with Apple Metal - Fixed build failed for 13772 and 13773 with Apple Metal - Fixed build failed for 18400 with Apple Metal - Fixed build failed for 18600 with Apple Metal - Fixed build failed for 4410 with vector width > 1 - Fixed build failed for aarch64 (es: rpi) -- Fixed clang identification in src/Makefile - Fixed build failure for almost all hash modes that make use of hc_swap64 and/or hc_swap64_S with Apple Metal / Apple Silicon +- Fixed clang identification in src/Makefile - Fixed debug mode 5 by adding the missing colon between original-word and finding-rule -- Fixed perl deprecation warnings on test module for 30906 - Fixed display problem of the "Optimizers applied" list for algorithms using OPTI_TYPE_SLOW_HASH_SIMD_INIT2 and/or OPTI_TYPE_SLOW_HASH_SIMD_LOOP2 - Fixed incompatible pointer types (salt1 and salt2 buf) in 3730 a3 kernel - Fixed incorrect plaintext check for 25400 and 26610. Increased plaintext check to 32 bytes to prevent false positives. @@ -127,9 +126,10 @@ - Fixed minimum password length in module of hash-mode 28200 - Fixed minimum password length in module of hash-mode 29800 - Fixed out-of-boundary read when a fast hash defines a kernel_loops_min value higher than the amplifiers provided by the user +- Fixed perl deprecation warnings on test module for 30906 +- Fixed race condition in selftest_init on OpenCL with non-blocking write - Fixed stack buffer overflow in PKZIP modules (17200, 17210, 17220, 17225, 17230) - Fixed vector datatypes usage for HIP -- Fix missing check for -j and -k before writing hashcat.dictstat2 which can lead to false negatives - Handle signed/unsigned PDF permission P value for all PDF hash-modes - Improve ASN.1 check for RSA/DSA/EC/OpenSSH Private Keys modules (22911, 22921, 22931, 22941, 22951) - Prevent Hashcat from hanging by checking during startup whether the output file is a named pipe @@ -142,67 +142,67 @@ - AMD Driver: Updated requirements for AMD Windows drivers to "AMD Adrenalin Edition" (23.7.2 or later) and "AMD HIP SDK" (23.Q3 or later) - Alias Devices: Prevents hashcat, when started with x86_64 emulation on Apple Silicon, from showing the Apple M1 OpenCL CPU as an alias for the Apple M1 Metal GPU - Apple Driver: Automatically enable GPU support on Apple OpenCL instead of CPU support -- Apple Driver: Updated requirements to use Apple OpenCL API to macOS 13.0 - use -- Backend: Added workaround to get rid of internal runtimes memory leaks -- Backend: Updated filename chksum format to prevent invalid cache on Apple Silicon when switching arch -- Backend: Updated OpenCL/CUDA/HIP/Metal API's -- Backend: Splitting backend_ctx_devices_init into smaller runtime-specific functions +- Apple Driver: Updated requirements to use Apple OpenCL API to macOS 13.0 - Backend Checks: Describe workaround in error message when detecting more than 64 backend devices - Backend Info: Added --machine-readable format +- Backend: Added workaround to get rid of internal runtimes memory leaks +- Backend: Splitting backend_ctx_devices_init into smaller runtime-specific functions +- Backend: Updated OpenCL/CUDA/HIP/Metal API's +- Backend: Updated filename chksum format to prevent invalid cache on Apple Silicon when switching arch - Brain: Added sanity check and corresponding error message for invalid --brain-port values +- Building: Support building windows binaries on macOS using MinGW - Debug: Added -g to build_options if DEBUG >= 1 (only with HIP and OpenCL) - Dependencies: Added sse2neon v1.8.0 (commit 658eeac) - Dependencies: Updated LZMA SDK to 24.09 +- Dependencies: Updated OpenCL-Headers to v2024.10.24 (commit 265df85) - Dependencies: Updated unrar source to 6.2.7 - Dependencies: Updated xxHash to 0.8.3 (commit 50f4226) -- Building: Support building windows binaries on macOS using MinGW -- Dependencies: Updated OpenCL-Headers to v2024.10.24 (commit 265df85) - Documents: Renamed status_code.txt in exit_status_code.txt and added device_status_code.txt - Documents: Updated BUILD.md and added BUILD_macOS.md (containing instructions for building windows binaries on macOS) -- Modules: Added module_unstable_warning for 22500, update module_unstable_warning for 10700 - HIP Backend: Avoid deprecated functions -- Modules: Added support for non-zero IVs for -m 6800 (Lastpass). Also added `tools/lastpass2hashcat.py` -- Modules: Updated module_unstable_warning -- Open Document Format: Added support for small documents with content length < 1024 -- OpenCL Backend: added workaround to set device_available_memory from CUDA/HIP alias device -- Selftest: rename selftest function to process_selftest and splitting into 3 smaller functions -- Status Code: Add specific return code for self-test fail (-11) -- Scrypt: Increase buffer sizes in module for hash mode 8900 to allow longer scrypt digests -- Unicode: Update UTF-8 to UTF-16 conversion to match RFC 3629 -- Unit tests: Updated install_modules.sh, test.pl and some test modules (1000, 16000, 31300, 31500, 31600) by removing Text:Iconv and using Encode instead -- Unit tests: Updated install_modules.sh with Crypt::Argon2 -- Unit tests: Updated install_modules.sh with Crypt::Passwd::XS, to test suite works also on Apple (ex: 1800) -- Unit tests: Updated install_modules.sh to use an external module for Digest::BLAKE2, due to maintenance being discontinued -- Unit tests: Updated install_modules.sh to use an external module for Digest::GOST, due to maintenance being discontinued -- Unit tests: Updated install_modules.sh to use an external package for pygost, due to not available anymore -- Unit tests: Updated install_modules.sh to use cpanm instead of cpan -- Unit tests: Updated install_modules.sh to remove php and Crypt::GCrypt (updated relative test modules) -- User Options: Added error message when mixing --username and --show to warn users of exponential delay +- Hardware Monitor: Splitting hwmon_ctx_init function into smaller library-specific functions +- Hardware Monitor: avoid sprintf in src/ext_iokit.c +- Hash-Info: show more details using -HH +- Help: show supported hash-modes only with -hh +- Kernel: Renamed multiple defines in CAST cipher to fit expected naming convention of the C++ language standard +- Makefile: prevent make failure with Apple Silicon in case of partial rebuild +- Makefile: updated MACOSX_DEPLOYMENT_TARGET to 15.0 - MetaMask: update extraction tool to support MetaMask Mobile wallets -- SecureCRT MasterPassphrase v2: update module, pure kernels and test unit. Add optimized kernels. +- Metal Backend: added support to 2D/3D Compute - Metal Backend: added workaround to prevent 'Infinite Loop' bug when build kernels - Metal Backend: added workaround to set the true Processor value in Metal devices on Apple Intel -- Metal Backend: added support to 2D/3D Compute - Metal Backend: allow use of devices with Metal if runtime version is >= 200 - Metal Backend: define USE_BITSELECT and USE_SWIZZLE for Apple Intel - Metal Backend: disable Metal devices only if at least one OpenCL device is active - Metal Backend: improved compute workloads calculation - Metal Backend: parallelize pipeline state object (PSO) compilation internally - Modules: Added OPTS_TYPE_PT_BASE58 in 28501 28502 28503 28504 28505 28506 30901 30902 30903 30904 30905 30906 +- Modules: Added module_unstable_warning for 22500, update module_unstable_warning for 10700 +- Modules: Added support for non-zero IVs for -m 6800 (Lastpass). Also added `tools/lastpass2hashcat.py` - Modules: Check UnpackSize to raise false positive with hc_decompress_rar -- Types: Added OPTS_TYPE_PT_BASE58 and removed OPTS_TYPE_MAXIMUM_ACCEL in opts_type -- User Options: added --metal-compiler-runtime option -- User Options: limit --bitmap-max value to 31 -- User Options: assigned -H to --hash-info -- Hash-Info: show more details using -HH -- Hardware Monitor: avoid sprintf in src/ext_iokit.c -- Hardware Monitor: Splitting hwmon_ctx_init function into smaller library-specific functions -- Help: show supported hash-modes only with -hh -- Makefile: prevent make failure with Apple Silicon in case of partial rebuild -- Makefile: updated MACOSX_DEPLOYMENT_TARGET to 15.0 +- Modules: Updated module_unstable_warning +- Open Document Format: Added support for small documents with content length < 1024 +- OpenCL Backend: added workaround to set device_available_memory from CUDA/HIP alias device - Rules: Add support to character class rules - Rules: Rename best64.rule to best66.rule and remove the unknown section from it -- Kernel: Renamed multiple defines in CAST cipher to fit expected naming convention of the C++ language standard +- Scrypt: Increase buffer sizes in module for hash mode 8900 to allow longer scrypt digests +- SecureCRT MasterPassphrase v2: update module, pure kernels and test unit. Add optimized kernels. +- Selftest: rename selftest function to process_selftest and splitting into 3 smaller functions +- Status Code: Add specific return code for self-test fail (-11) +- Types: Added OPTS_TYPE_PT_BASE58 and removed OPTS_TYPE_MAXIMUM_ACCEL in opts_type +- Unicode: Update UTF-8 to UTF-16 conversion to match RFC 3629 +- Unit tests: Updated install_modules.sh to remove php and Crypt::GCrypt (updated relative test modules) +- Unit tests: Updated install_modules.sh to use an external module for Digest::BLAKE2, due to maintenance being discontinued +- Unit tests: Updated install_modules.sh to use an external module for Digest::GOST, due to maintenance being discontinued +- Unit tests: Updated install_modules.sh to use an external package for pygost, due to not available anymore +- Unit tests: Updated install_modules.sh to use cpanm instead of cpan +- Unit tests: Updated install_modules.sh with Crypt::Argon2 +- Unit tests: Updated install_modules.sh with Crypt::Passwd::XS, to test suite works also on Apple (ex: 1800) +- Unit tests: Updated install_modules.sh, test.pl and some test modules (1000, 16000, 31300, 31500, 31600) by removing Text:Iconv and using Encode instead +- User Options: Added error message when mixing --username and --show to warn users of exponential delay +- User Options: added --metal-compiler-runtime option +- User Options: assigned -H to --hash-info +- User Options: limit --bitmap-max value to 31 * changes v6.2.5 -> v6.2.6