mirror of
https://github.com/hashcat/hashcat.git
synced 2024-12-23 07:08:19 +00:00
WPA cracking: Added support for WPA/WPA2 handshake AP nonce automatic error correction
WPA cracking: Added parameter --nonce-error-corrections to configure range of error correction
This commit is contained in:
parent
67159b1936
commit
c04dd5c8b1
@ -805,6 +805,8 @@ typedef struct wpa
|
||||
u8 essid[32];
|
||||
u32 keymic[4];
|
||||
u32 hash[4];
|
||||
int nonce_compare;
|
||||
int nonce_error_corrections;
|
||||
|
||||
} wpa_t;
|
||||
|
||||
|
346
OpenCL/m02500.cl
346
OpenCL/m02500.cl
@ -827,39 +827,39 @@ __kernel void m02500_comp (__global pw_t *pws, __global const kernel_rule_t *rul
|
||||
|
||||
const u32 lid = get_local_id (0);
|
||||
|
||||
u32 w0[4];
|
||||
u32 w1[4];
|
||||
u32 w2[4];
|
||||
u32 w3[4];
|
||||
|
||||
w0[0] = tmps[gid].out[0];
|
||||
w0[1] = tmps[gid].out[1];
|
||||
w0[2] = tmps[gid].out[2];
|
||||
w0[3] = tmps[gid].out[3];
|
||||
w1[0] = tmps[gid].out[4];
|
||||
w1[1] = tmps[gid].out[5];
|
||||
w1[2] = tmps[gid].out[6];
|
||||
w1[3] = tmps[gid].out[7];
|
||||
w2[0] = 0;
|
||||
w2[1] = 0;
|
||||
w2[2] = 0;
|
||||
w2[3] = 0;
|
||||
w3[0] = 0;
|
||||
w3[1] = 0;
|
||||
w3[2] = 0;
|
||||
w3[3] = 0;
|
||||
|
||||
u32 ipad_l0[5];
|
||||
u32 opad_l0[5];
|
||||
|
||||
hmac_sha1_pad_S (w0, w1, w2, w3, ipad_l0, opad_l0);
|
||||
|
||||
for (u32 digest_pos = 0; digest_pos < digests_cnt; digest_pos++)
|
||||
{
|
||||
const u32 digest_cur = digests_offset + digest_pos;
|
||||
|
||||
__global wpa_t *wpa = &wpa_bufs[digest_cur];
|
||||
|
||||
u32 w0[4];
|
||||
u32 w1[4];
|
||||
u32 w2[4];
|
||||
u32 w3[4];
|
||||
|
||||
w0[0] = tmps[gid].out[0];
|
||||
w0[1] = tmps[gid].out[1];
|
||||
w0[2] = tmps[gid].out[2];
|
||||
w0[3] = tmps[gid].out[3];
|
||||
w1[0] = tmps[gid].out[4];
|
||||
w1[1] = tmps[gid].out[5];
|
||||
w1[2] = tmps[gid].out[6];
|
||||
w1[3] = tmps[gid].out[7];
|
||||
w2[0] = 0;
|
||||
w2[1] = 0;
|
||||
w2[2] = 0;
|
||||
w2[3] = 0;
|
||||
w3[0] = 0;
|
||||
w3[1] = 0;
|
||||
w3[2] = 0;
|
||||
w3[3] = 0;
|
||||
|
||||
u32 ipad[5];
|
||||
u32 opad[5];
|
||||
|
||||
hmac_sha1_pad_S (w0, w1, w2, w3, ipad, opad);
|
||||
|
||||
w0[0] = wpa->pke[ 0];
|
||||
w0[1] = wpa->pke[ 1];
|
||||
w0[2] = wpa->pke[ 2];
|
||||
@ -877,59 +877,124 @@ __kernel void m02500_comp (__global pw_t *pws, __global const kernel_rule_t *rul
|
||||
w3[2] = wpa->pke[14];
|
||||
w3[3] = wpa->pke[15];
|
||||
|
||||
sha1_transform_S (w0, w1, w2, w3, ipad);
|
||||
u32 ipad_l1[5];
|
||||
u32 opad_l1[5];
|
||||
|
||||
w0[0] = wpa->pke[16];
|
||||
w0[1] = wpa->pke[17];
|
||||
w0[2] = wpa->pke[18];
|
||||
w0[3] = wpa->pke[19];
|
||||
w1[0] = wpa->pke[20];
|
||||
w1[1] = wpa->pke[21];
|
||||
w1[2] = wpa->pke[22];
|
||||
w1[3] = wpa->pke[23];
|
||||
w2[0] = wpa->pke[24];
|
||||
w2[1] = 0x80000000;
|
||||
w2[2] = 0;
|
||||
w2[3] = 0;
|
||||
w3[0] = 0;
|
||||
w3[1] = 0;
|
||||
w3[2] = 0;
|
||||
w3[3] = (64 + 100) * 8;
|
||||
ipad_l1[0] = ipad_l0[0];
|
||||
ipad_l1[1] = ipad_l0[1];
|
||||
ipad_l1[2] = ipad_l0[2];
|
||||
ipad_l1[3] = ipad_l0[3];
|
||||
ipad_l1[4] = ipad_l0[4];
|
||||
|
||||
u32 digest[5];
|
||||
opad_l1[0] = opad_l0[0];
|
||||
opad_l1[1] = opad_l0[1];
|
||||
opad_l1[2] = opad_l0[2];
|
||||
opad_l1[3] = opad_l0[3];
|
||||
opad_l1[4] = opad_l0[4];
|
||||
|
||||
hmac_sha1_run_S (w0, w1, w2, w3, ipad, opad, digest);
|
||||
sha1_transform_S (w0, w1, w2, w3, ipad_l1);
|
||||
|
||||
u32 digest_final[5];
|
||||
const u32 nonce_error_corrections = wpa->nonce_error_corrections;
|
||||
|
||||
if (wpa->keyver == 1)
|
||||
for (u32 nonce_error_correction = 0; nonce_error_correction <= nonce_error_corrections; nonce_error_correction++)
|
||||
{
|
||||
w0[0] = swap32_S (digest[0]);
|
||||
w0[1] = swap32_S (digest[1]);
|
||||
w0[2] = swap32_S (digest[2]);
|
||||
w0[3] = swap32_S (digest[3]);
|
||||
w1[0] = 0;
|
||||
w1[1] = 0;
|
||||
w1[2] = 0;
|
||||
w1[3] = 0;
|
||||
w2[0] = 0;
|
||||
w2[1] = 0;
|
||||
w0[0] = wpa->pke[16];
|
||||
w0[1] = wpa->pke[17];
|
||||
w0[2] = wpa->pke[18];
|
||||
w0[3] = wpa->pke[19];
|
||||
w1[0] = wpa->pke[20];
|
||||
w1[1] = wpa->pke[21];
|
||||
w1[2] = wpa->pke[22];
|
||||
w1[3] = wpa->pke[23];
|
||||
w2[0] = wpa->pke[24];
|
||||
w2[1] = 0x80000000;
|
||||
w2[2] = 0;
|
||||
w2[3] = 0;
|
||||
w3[0] = 0;
|
||||
w3[1] = 0;
|
||||
w3[2] = 0;
|
||||
w3[3] = 0;
|
||||
w3[3] = (64 + 100) * 8;
|
||||
|
||||
hmac_md5_pad_S (w0, w1, w2, w3, ipad, opad);
|
||||
const u32 incval = (1 << 8) * nonce_error_correction;
|
||||
|
||||
int eapol_len = wpa->eapol_len;
|
||||
|
||||
int eapol_left;
|
||||
int eapol_off;
|
||||
|
||||
for (eapol_left = eapol_len, eapol_off = 0; eapol_left >= 56; eapol_left -= 64, eapol_off += 16)
|
||||
if (wpa->nonce_compare < 0)
|
||||
{
|
||||
w0[0] += incval;
|
||||
}
|
||||
else
|
||||
{
|
||||
w2[0] += incval;
|
||||
}
|
||||
|
||||
u32 ipad[5];
|
||||
u32 opad[5];
|
||||
|
||||
ipad[0] = ipad_l1[0];
|
||||
ipad[1] = ipad_l1[1];
|
||||
ipad[2] = ipad_l1[2];
|
||||
ipad[3] = ipad_l1[3];
|
||||
ipad[4] = ipad_l1[4];
|
||||
|
||||
opad[0] = opad_l1[0];
|
||||
opad[1] = opad_l1[1];
|
||||
opad[2] = opad_l1[2];
|
||||
opad[3] = opad_l1[3];
|
||||
opad[4] = opad_l1[4];
|
||||
|
||||
u32 digest[5];
|
||||
|
||||
hmac_sha1_run_S (w0, w1, w2, w3, ipad, opad, digest);
|
||||
|
||||
u32 digest_final[5];
|
||||
|
||||
if (wpa->keyver == 1)
|
||||
{
|
||||
w0[0] = swap32_S (digest[0]);
|
||||
w0[1] = swap32_S (digest[1]);
|
||||
w0[2] = swap32_S (digest[2]);
|
||||
w0[3] = swap32_S (digest[3]);
|
||||
w1[0] = 0;
|
||||
w1[1] = 0;
|
||||
w1[2] = 0;
|
||||
w1[3] = 0;
|
||||
w2[0] = 0;
|
||||
w2[1] = 0;
|
||||
w2[2] = 0;
|
||||
w2[3] = 0;
|
||||
w3[0] = 0;
|
||||
w3[1] = 0;
|
||||
w3[2] = 0;
|
||||
w3[3] = 0;
|
||||
|
||||
hmac_md5_pad_S (w0, w1, w2, w3, ipad, opad);
|
||||
|
||||
int eapol_len = wpa->eapol_len;
|
||||
|
||||
int eapol_left;
|
||||
int eapol_off;
|
||||
|
||||
for (eapol_left = eapol_len, eapol_off = 0; eapol_left >= 56; eapol_left -= 64, eapol_off += 16)
|
||||
{
|
||||
w0[0] = wpa->eapol[eapol_off + 0];
|
||||
w0[1] = wpa->eapol[eapol_off + 1];
|
||||
w0[2] = wpa->eapol[eapol_off + 2];
|
||||
w0[3] = wpa->eapol[eapol_off + 3];
|
||||
w1[0] = wpa->eapol[eapol_off + 4];
|
||||
w1[1] = wpa->eapol[eapol_off + 5];
|
||||
w1[2] = wpa->eapol[eapol_off + 6];
|
||||
w1[3] = wpa->eapol[eapol_off + 7];
|
||||
w2[0] = wpa->eapol[eapol_off + 8];
|
||||
w2[1] = wpa->eapol[eapol_off + 9];
|
||||
w2[2] = wpa->eapol[eapol_off + 10];
|
||||
w2[3] = wpa->eapol[eapol_off + 11];
|
||||
w3[0] = wpa->eapol[eapol_off + 12];
|
||||
w3[1] = wpa->eapol[eapol_off + 13];
|
||||
w3[2] = wpa->eapol[eapol_off + 14];
|
||||
w3[3] = wpa->eapol[eapol_off + 15];
|
||||
|
||||
md5_transform_S (w0, w1, w2, w3, ipad);
|
||||
}
|
||||
|
||||
w0[0] = wpa->eapol[eapol_off + 0];
|
||||
w0[1] = wpa->eapol[eapol_off + 1];
|
||||
w0[2] = wpa->eapol[eapol_off + 2];
|
||||
@ -944,59 +1009,59 @@ __kernel void m02500_comp (__global pw_t *pws, __global const kernel_rule_t *rul
|
||||
w2[3] = wpa->eapol[eapol_off + 11];
|
||||
w3[0] = wpa->eapol[eapol_off + 12];
|
||||
w3[1] = wpa->eapol[eapol_off + 13];
|
||||
w3[2] = wpa->eapol[eapol_off + 14];
|
||||
w3[3] = wpa->eapol[eapol_off + 15];
|
||||
w3[2] = (64 + eapol_len) * 8;
|
||||
w3[3] = 0;
|
||||
|
||||
md5_transform_S (w0, w1, w2, w3, ipad);
|
||||
hmac_md5_run_S (w0, w1, w2, w3, ipad, opad, digest_final);
|
||||
}
|
||||
|
||||
w0[0] = wpa->eapol[eapol_off + 0];
|
||||
w0[1] = wpa->eapol[eapol_off + 1];
|
||||
w0[2] = wpa->eapol[eapol_off + 2];
|
||||
w0[3] = wpa->eapol[eapol_off + 3];
|
||||
w1[0] = wpa->eapol[eapol_off + 4];
|
||||
w1[1] = wpa->eapol[eapol_off + 5];
|
||||
w1[2] = wpa->eapol[eapol_off + 6];
|
||||
w1[3] = wpa->eapol[eapol_off + 7];
|
||||
w2[0] = wpa->eapol[eapol_off + 8];
|
||||
w2[1] = wpa->eapol[eapol_off + 9];
|
||||
w2[2] = wpa->eapol[eapol_off + 10];
|
||||
w2[3] = wpa->eapol[eapol_off + 11];
|
||||
w3[0] = wpa->eapol[eapol_off + 12];
|
||||
w3[1] = wpa->eapol[eapol_off + 13];
|
||||
w3[2] = (64 + eapol_len) * 8;
|
||||
w3[3] = 0;
|
||||
|
||||
hmac_md5_run_S (w0, w1, w2, w3, ipad, opad, digest_final);
|
||||
}
|
||||
else
|
||||
{
|
||||
w0[0] = digest[0];
|
||||
w0[1] = digest[1];
|
||||
w0[2] = digest[2];
|
||||
w0[3] = digest[3];
|
||||
w1[0] = 0;
|
||||
w1[1] = 0;
|
||||
w1[2] = 0;
|
||||
w1[3] = 0;
|
||||
w2[0] = 0;
|
||||
w2[1] = 0;
|
||||
w2[2] = 0;
|
||||
w2[3] = 0;
|
||||
w3[0] = 0;
|
||||
w3[1] = 0;
|
||||
w3[2] = 0;
|
||||
w3[3] = 0;
|
||||
|
||||
hmac_sha1_pad_S (w0, w1, w2, w3, ipad, opad);
|
||||
|
||||
int eapol_len = wpa->eapol_len;
|
||||
|
||||
int eapol_left;
|
||||
int eapol_off;
|
||||
|
||||
for (eapol_left = eapol_len, eapol_off = 0; eapol_left >= 56; eapol_left -= 64, eapol_off += 16)
|
||||
else
|
||||
{
|
||||
w0[0] = digest[0];
|
||||
w0[1] = digest[1];
|
||||
w0[2] = digest[2];
|
||||
w0[3] = digest[3];
|
||||
w1[0] = 0;
|
||||
w1[1] = 0;
|
||||
w1[2] = 0;
|
||||
w1[3] = 0;
|
||||
w2[0] = 0;
|
||||
w2[1] = 0;
|
||||
w2[2] = 0;
|
||||
w2[3] = 0;
|
||||
w3[0] = 0;
|
||||
w3[1] = 0;
|
||||
w3[2] = 0;
|
||||
w3[3] = 0;
|
||||
|
||||
hmac_sha1_pad_S (w0, w1, w2, w3, ipad, opad);
|
||||
|
||||
int eapol_len = wpa->eapol_len;
|
||||
|
||||
int eapol_left;
|
||||
int eapol_off;
|
||||
|
||||
for (eapol_left = eapol_len, eapol_off = 0; eapol_left >= 56; eapol_left -= 64, eapol_off += 16)
|
||||
{
|
||||
w0[0] = wpa->eapol[eapol_off + 0];
|
||||
w0[1] = wpa->eapol[eapol_off + 1];
|
||||
w0[2] = wpa->eapol[eapol_off + 2];
|
||||
w0[3] = wpa->eapol[eapol_off + 3];
|
||||
w1[0] = wpa->eapol[eapol_off + 4];
|
||||
w1[1] = wpa->eapol[eapol_off + 5];
|
||||
w1[2] = wpa->eapol[eapol_off + 6];
|
||||
w1[3] = wpa->eapol[eapol_off + 7];
|
||||
w2[0] = wpa->eapol[eapol_off + 8];
|
||||
w2[1] = wpa->eapol[eapol_off + 9];
|
||||
w2[2] = wpa->eapol[eapol_off + 10];
|
||||
w2[3] = wpa->eapol[eapol_off + 11];
|
||||
w3[0] = wpa->eapol[eapol_off + 12];
|
||||
w3[1] = wpa->eapol[eapol_off + 13];
|
||||
w3[2] = wpa->eapol[eapol_off + 14];
|
||||
w3[3] = wpa->eapol[eapol_off + 15];
|
||||
|
||||
sha1_transform_S (w0, w1, w2, w3, ipad);
|
||||
}
|
||||
|
||||
w0[0] = wpa->eapol[eapol_off + 0];
|
||||
w0[1] = wpa->eapol[eapol_off + 1];
|
||||
w0[2] = wpa->eapol[eapol_off + 2];
|
||||
@ -1011,44 +1076,25 @@ __kernel void m02500_comp (__global pw_t *pws, __global const kernel_rule_t *rul
|
||||
w2[3] = wpa->eapol[eapol_off + 11];
|
||||
w3[0] = wpa->eapol[eapol_off + 12];
|
||||
w3[1] = wpa->eapol[eapol_off + 13];
|
||||
w3[2] = wpa->eapol[eapol_off + 14];
|
||||
w3[3] = wpa->eapol[eapol_off + 15];
|
||||
w3[2] = 0;
|
||||
w3[3] = (64 + eapol_len) * 8;
|
||||
|
||||
sha1_transform_S (w0, w1, w2, w3, ipad);
|
||||
u32 digest2[5];
|
||||
|
||||
hmac_sha1_run_S (w0, w1, w2, w3, ipad, opad, digest_final);
|
||||
}
|
||||
|
||||
w0[0] = wpa->eapol[eapol_off + 0];
|
||||
w0[1] = wpa->eapol[eapol_off + 1];
|
||||
w0[2] = wpa->eapol[eapol_off + 2];
|
||||
w0[3] = wpa->eapol[eapol_off + 3];
|
||||
w1[0] = wpa->eapol[eapol_off + 4];
|
||||
w1[1] = wpa->eapol[eapol_off + 5];
|
||||
w1[2] = wpa->eapol[eapol_off + 6];
|
||||
w1[3] = wpa->eapol[eapol_off + 7];
|
||||
w2[0] = wpa->eapol[eapol_off + 8];
|
||||
w2[1] = wpa->eapol[eapol_off + 9];
|
||||
w2[2] = wpa->eapol[eapol_off + 10];
|
||||
w2[3] = wpa->eapol[eapol_off + 11];
|
||||
w3[0] = wpa->eapol[eapol_off + 12];
|
||||
w3[1] = wpa->eapol[eapol_off + 13];
|
||||
w3[2] = 0;
|
||||
w3[3] = (64 + eapol_len) * 8;
|
||||
/**
|
||||
* final compare
|
||||
*/
|
||||
|
||||
u32 digest2[5];
|
||||
|
||||
hmac_sha1_run_S (w0, w1, w2, w3, ipad, opad, digest_final);
|
||||
}
|
||||
|
||||
/**
|
||||
* final compare
|
||||
*/
|
||||
|
||||
if ((digest_final[0] == wpa->keymic[0])
|
||||
&& (digest_final[1] == wpa->keymic[1])
|
||||
&& (digest_final[2] == wpa->keymic[2])
|
||||
&& (digest_final[3] == wpa->keymic[3]))
|
||||
{
|
||||
mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, digest_pos, digest_cur, gid, 0);
|
||||
if ((digest_final[0] == wpa->keymic[0])
|
||||
&& (digest_final[1] == wpa->keymic[1])
|
||||
&& (digest_final[2] == wpa->keymic[2])
|
||||
&& (digest_final[3] == wpa->keymic[3]))
|
||||
{
|
||||
mark_hash (plains_buf, d_return_buf, salt_pos, digests_cnt, digest_pos, digest_cur, gid, 0);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -1,5 +1,12 @@
|
||||
* changes v3.40 -> ?:
|
||||
|
||||
##
|
||||
## Features
|
||||
##
|
||||
|
||||
- WPA cracking: Added support for WPA/WPA2 handshake AP nonce automatic error correction
|
||||
- WPA cracking: Added parameter --nonce-error-corrections to configure range of error correction
|
||||
|
||||
##
|
||||
## Improvements
|
||||
##
|
||||
@ -14,6 +21,13 @@
|
||||
- Fixed a typo that resulted in the minimum password length not being correctly initialized
|
||||
- Fixed a problem with parsing and displaying -m 7000 = Fortigate (FortiOS) hashes
|
||||
|
||||
##
|
||||
## Technical
|
||||
##
|
||||
|
||||
- Building: Added missing prototypes for atlassian_parse_hash function
|
||||
- Sessions: Improved string comparison in case user sets --session to "hashcat"
|
||||
|
||||
* changes v3.30 -> v3.40:
|
||||
|
||||
##
|
||||
|
@ -189,8 +189,8 @@ _hashcat ()
|
||||
local BUILD_IN_CHARSETS='?l ?u ?d ?a ?b ?s ?h ?H'
|
||||
|
||||
local SHORT_OPTS="-m -a -V -v -h -b -t -o -p -c -d -w -n -u -j -k -r -g -1 -2 -3 -4 -i -I -s -l"
|
||||
local LONG_OPTS="--hash-type --attack-mode --version --help --quiet --benchmark --hex-salt --hex-wordlist --hex-charset --force --status --status-timer --machine-readable --loopback --weak-hash-threshold --markov-hcstat --markov-disable --markov-classic --markov-threshold --runtime --session --speed-only --progress-only --restore --restore-file-path --restore-disable --outfile --outfile-format --outfile-autohex-disable --outfile-check-timer --outfile-check-dir --separator --show --left --username --remove --remove-timer --potfile-disable --potfile-path --debug-mode --debug-file --induction-dir --segment-size --bitmap-min --bitmap-max --cpu-affinity --opencl-info --opencl-devices --opencl-platforms --opencl-device-types --opencl-vector-width --workload-profile --kernel-accel --kernel-loops --nvidia-spin-damp --gpu-temp-disable --gpu-temp-abort --gpu-temp-retain --powertune-enable --skip --limit --keyspace --rule-left --rule-right --rules-file --generate-rules --generate-rules-func-min --generate-rules-func-max --generate-rules-seed --custom-charset1 --custom-charset2 --custom-charset3 --custom-charset4 --increment --increment-min --increment-max --logfile-disable --scrypt-tmto --truecrypt-keyfiles --stdout --keep-guessing --hccapx-message-pair"
|
||||
local OPTIONS="-m -a -t -o -p -c -d -w -n -u -j -k -r -g -1 -2 -3 -4 -s -l --hash-type --attack-mode --status-timer --weak-hash-threshold --markov-hcstat --markov-threshold --runtime --session --timer --outfile --outfile-format --outfile-check-timer --outfile-check-dir --separator --remove-timer --potfile-path --restore-file-path --debug-mode --debug-file --induction-dir --segment-size --bitmap-min --bitmap-max --cpu-affinity --opencl-devices --opencl-platforms --opencl-device-types --opencl-vector-width --workload-profile --kernel-accel --kernel-loops --nvidia-spin-damp --gpu-temp-abort --gpu-temp-retain -disable --skip --limit --rule-left --rule-right --rules-file --generate-rules --generate-rules-func-min --generate-rules-func-max --generate-rules-seed --custom-charset1 --custom-charset2 --custom-charset3 --custom-charset4 --increment-min --increment-max --scrypt-tmto --truecrypt-keyfiles"
|
||||
local LONG_OPTS="--hash-type --attack-mode --version --help --quiet --benchmark --hex-salt --hex-wordlist --hex-charset --force --status --status-timer --machine-readable --loopback --weak-hash-threshold --markov-hcstat --markov-disable --markov-classic --markov-threshold --runtime --session --speed-only --progress-only --restore --restore-file-path --restore-disable --outfile --outfile-format --outfile-autohex-disable --outfile-check-timer --outfile-check-dir --separator --show --left --username --remove --remove-timer --potfile-disable --potfile-path --debug-mode --debug-file --induction-dir --segment-size --bitmap-min --bitmap-max --cpu-affinity --opencl-info --opencl-devices --opencl-platforms --opencl-device-types --opencl-vector-width --workload-profile --kernel-accel --kernel-loops --nvidia-spin-damp --gpu-temp-disable --gpu-temp-abort --gpu-temp-retain --powertune-enable --skip --limit --keyspace --rule-left --rule-right --rules-file --generate-rules --generate-rules-func-min --generate-rules-func-max --generate-rules-seed --custom-charset1 --custom-charset2 --custom-charset3 --custom-charset4 --increment --increment-min --increment-max --logfile-disable --scrypt-tmto --truecrypt-keyfiles --stdout --keep-guessing --hccapx-message-pair --nonce-error-corrections"
|
||||
local OPTIONS="-m -a -t -o -p -c -d -w -n -u -j -k -r -g -1 -2 -3 -4 -s -l --hash-type --attack-mode --status-timer --weak-hash-threshold --markov-hcstat --markov-threshold --runtime --session --timer --outfile --outfile-format --outfile-check-timer --outfile-check-dir --separator --remove-timer --potfile-path --restore-file-path --debug-mode --debug-file --induction-dir --segment-size --bitmap-min --bitmap-max --cpu-affinity --opencl-devices --opencl-platforms --opencl-device-types --opencl-vector-width --workload-profile --kernel-accel --kernel-loops --nvidia-spin-damp --gpu-temp-abort --gpu-temp-retain -disable --skip --limit --rule-left --rule-right --rules-file --generate-rules --generate-rules-func-min --generate-rules-func-max --generate-rules-seed --custom-charset1 --custom-charset2 --custom-charset3 --custom-charset4 --increment-min --increment-max --scrypt-tmto --truecrypt-keyfiles --hccapx-message-pair --nonce-error-corrections"
|
||||
|
||||
COMPREPLY=()
|
||||
local cur="${COMP_WORDS[COMP_CWORD]}"
|
||||
|
@ -189,6 +189,8 @@ typedef struct wpa
|
||||
u8 essid[32];
|
||||
u32 keymic[4];
|
||||
u32 hash[4];
|
||||
int nonce_compare;
|
||||
int nonce_error_corrections;
|
||||
|
||||
} wpa_t;
|
||||
|
||||
@ -815,6 +817,17 @@ typedef struct struct_psafe2_hdr
|
||||
|
||||
} psafe2_hdr;
|
||||
|
||||
typedef enum
|
||||
{
|
||||
MESSAGE_PAIR_M12E2 = 0,
|
||||
MESSAGE_PAIR_M14E4 = 1,
|
||||
MESSAGE_PAIR_M32E2 = 2,
|
||||
MESSAGE_PAIR_M32E3 = 3,
|
||||
MESSAGE_PAIR_M34E3 = 4,
|
||||
MESSAGE_PAIR_M34E4 = 5,
|
||||
|
||||
} message_pair_t;
|
||||
|
||||
#define HCCAPX_VERSION 4
|
||||
#define HCCAPX_SIGNATURE 0x58504348 // HCPX
|
||||
|
||||
@ -1728,6 +1741,7 @@ int skip32_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_bu
|
||||
int fortigate_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED const hashconfig_t *hashconfig);
|
||||
int sha256b64s_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED const hashconfig_t *hashconfig);
|
||||
int filezilla_server_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED const hashconfig_t *hashconfig);
|
||||
int atlassian_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED const hashconfig_t *hashconfig);
|
||||
|
||||
/**
|
||||
* hook functions
|
||||
|
@ -519,6 +519,7 @@ typedef enum user_options_defaults
|
||||
MARKOV_CLASSIC = false,
|
||||
MARKOV_DISABLE = false,
|
||||
MARKOV_THRESHOLD = 0,
|
||||
NONCE_ERROR_CORRECTIONS = 16,
|
||||
NVIDIA_SPIN_DAMP = 100,
|
||||
OPENCL_VECTOR_WIDTH = 0,
|
||||
OUTFILE_AUTOHEX = true,
|
||||
@ -595,52 +596,53 @@ typedef enum user_options_map
|
||||
IDX_MARKOV_DISABLE = 0xff17,
|
||||
IDX_MARKOV_HCSTAT = 0xff18,
|
||||
IDX_MARKOV_THRESHOLD = 't',
|
||||
IDX_NVIDIA_SPIN_DAMP = 0xff19,
|
||||
IDX_NONCE_ERROR_CORRECTIONS = 0xff19,
|
||||
IDX_NVIDIA_SPIN_DAMP = 0xff1a,
|
||||
IDX_OPENCL_DEVICES = 'd',
|
||||
IDX_OPENCL_DEVICE_TYPES = 'D',
|
||||
IDX_OPENCL_INFO = 'I',
|
||||
IDX_OPENCL_PLATFORMS = 0xff1a,
|
||||
IDX_OPENCL_VECTOR_WIDTH = 0xff1b,
|
||||
IDX_OUTFILE_AUTOHEX_DISABLE = 0xff1c,
|
||||
IDX_OUTFILE_CHECK_DIR = 0xff1d,
|
||||
IDX_OUTFILE_CHECK_TIMER = 0xff1e,
|
||||
IDX_OUTFILE_FORMAT = 0xff1f,
|
||||
IDX_OPENCL_PLATFORMS = 0xff1b,
|
||||
IDX_OPENCL_VECTOR_WIDTH = 0xff1c,
|
||||
IDX_OUTFILE_AUTOHEX_DISABLE = 0xff1d,
|
||||
IDX_OUTFILE_CHECK_DIR = 0xff1e,
|
||||
IDX_OUTFILE_CHECK_TIMER = 0xff1f,
|
||||
IDX_OUTFILE_FORMAT = 0xff20,
|
||||
IDX_OUTFILE = 'o',
|
||||
IDX_POTFILE_DISABLE = 0xff20,
|
||||
IDX_POTFILE_PATH = 0xff21,
|
||||
IDX_POWERTUNE_ENABLE = 0xff22,
|
||||
IDX_QUIET = 0xff23,
|
||||
IDX_REMOVE = 0xff24,
|
||||
IDX_REMOVE_TIMER = 0xff25,
|
||||
IDX_RESTORE = 0xff26,
|
||||
IDX_RESTORE_DISABLE = 0xff27,
|
||||
IDX_RESTORE_FILE_PATH = 0xff28,
|
||||
IDX_POTFILE_DISABLE = 0xff21,
|
||||
IDX_POTFILE_PATH = 0xff22,
|
||||
IDX_POWERTUNE_ENABLE = 0xff23,
|
||||
IDX_QUIET = 0xff24,
|
||||
IDX_REMOVE = 0xff25,
|
||||
IDX_REMOVE_TIMER = 0xff26,
|
||||
IDX_RESTORE = 0xff27,
|
||||
IDX_RESTORE_DISABLE = 0xff28,
|
||||
IDX_RESTORE_FILE_PATH = 0xff29,
|
||||
IDX_RP_FILE = 'r',
|
||||
IDX_RP_GEN_FUNC_MAX = 0xff29,
|
||||
IDX_RP_GEN_FUNC_MIN = 0xff2a,
|
||||
IDX_RP_GEN_FUNC_MAX = 0xff2a,
|
||||
IDX_RP_GEN_FUNC_MIN = 0xff2b,
|
||||
IDX_RP_GEN = 'g',
|
||||
IDX_RP_GEN_SEED = 0xff2b,
|
||||
IDX_RP_GEN_SEED = 0xff2c,
|
||||
IDX_RULE_BUF_L = 'j',
|
||||
IDX_RULE_BUF_R = 'k',
|
||||
IDX_RUNTIME = 0xff2c,
|
||||
IDX_SCRYPT_TMTO = 0xff2d,
|
||||
IDX_RUNTIME = 0xff2d,
|
||||
IDX_SCRYPT_TMTO = 0xff2e,
|
||||
IDX_SEGMENT_SIZE = 'c',
|
||||
IDX_SEPARATOR = 'p',
|
||||
IDX_SESSION = 0xff2e,
|
||||
IDX_SHOW = 0xff2f,
|
||||
IDX_SESSION = 0xff2f,
|
||||
IDX_SHOW = 0xff30,
|
||||
IDX_SKIP = 's',
|
||||
IDX_STATUS = 0xff30,
|
||||
IDX_STATUS_TIMER = 0xff31,
|
||||
IDX_STDOUT_FLAG = 0xff32,
|
||||
IDX_SPEED_ONLY = 0xff33,
|
||||
IDX_PROGRESS_ONLY = 0xff34,
|
||||
IDX_TRUECRYPT_KEYFILES = 0xff35,
|
||||
IDX_USERNAME = 0xff36,
|
||||
IDX_VERACRYPT_KEYFILES = 0xff37,
|
||||
IDX_VERACRYPT_PIM = 0xff38,
|
||||
IDX_STATUS = 0xff31,
|
||||
IDX_STATUS_TIMER = 0xff32,
|
||||
IDX_STDOUT_FLAG = 0xff33,
|
||||
IDX_SPEED_ONLY = 0xff34,
|
||||
IDX_PROGRESS_ONLY = 0xff35,
|
||||
IDX_TRUECRYPT_KEYFILES = 0xff36,
|
||||
IDX_USERNAME = 0xff37,
|
||||
IDX_VERACRYPT_KEYFILES = 0xff38,
|
||||
IDX_VERACRYPT_PIM = 0xff39,
|
||||
IDX_VERSION_LOWER = 'v',
|
||||
IDX_VERSION = 'V',
|
||||
IDX_WEAK_HASH_THRESHOLD = 0xff39,
|
||||
IDX_WEAK_HASH_THRESHOLD = 0xff3a,
|
||||
IDX_WORKLOAD_PROFILE = 'w'
|
||||
|
||||
} user_options_map_t;
|
||||
@ -1474,6 +1476,7 @@ typedef struct user_options
|
||||
u32 kernel_accel;
|
||||
u32 kernel_loops;
|
||||
u32 markov_threshold;
|
||||
u32 nonce_error_corrections;
|
||||
u32 nvidia_spin_damp;
|
||||
u32 opencl_vector_width;
|
||||
u32 outfile_check_timer;
|
||||
|
11
src/hashes.c
11
src/hashes.c
@ -772,12 +772,17 @@ int hashes_init_stage1 (hashcat_ctx_t *hashcat_ctx)
|
||||
{
|
||||
memset (hashes_buf[hashes_cnt].esalt, 0, hashconfig->esalt_size);
|
||||
|
||||
if (user_options->hccapx_message_pair_chgd == true)
|
||||
if (user_options->hash_mode == 2500)
|
||||
{
|
||||
wpa_t *wpa = (wpa_t *) hashes_buf[hashes_cnt].esalt;
|
||||
|
||||
wpa->message_pair_chgd = (int) user_options->hccapx_message_pair_chgd;
|
||||
wpa->message_pair = (u8) user_options->hccapx_message_pair;
|
||||
if (user_options->hccapx_message_pair_chgd == true)
|
||||
{
|
||||
wpa->message_pair_chgd = (int) user_options->hccapx_message_pair_chgd;
|
||||
wpa->message_pair = (u8) user_options->hccapx_message_pair;
|
||||
}
|
||||
|
||||
wpa->nonce_error_corrections = user_options->nonce_error_corrections;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -2762,7 +2762,9 @@ int wpa_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED
|
||||
memcpy (pke_ptr + 29, in.mac_ap, 6);
|
||||
}
|
||||
|
||||
if (memcmp (in.nonce_ap, in.nonce_sta, 32) < 0)
|
||||
wpa->nonce_compare = memcmp (in.nonce_ap, in.nonce_sta, 32);
|
||||
|
||||
if (wpa->nonce_compare < 0)
|
||||
{
|
||||
memcpy (pke_ptr + 35, in.nonce_ap, 32);
|
||||
memcpy (pke_ptr + 67, in.nonce_sta, 32);
|
||||
@ -2790,6 +2792,11 @@ int wpa_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED
|
||||
|
||||
wpa->message_pair = in.message_pair;
|
||||
|
||||
if ((wpa->message_pair == MESSAGE_PAIR_M32E3) || (wpa->message_pair == MESSAGE_PAIR_M34E3))
|
||||
{
|
||||
wpa->nonce_error_corrections = 0;
|
||||
}
|
||||
|
||||
wpa->keyver = in.keyver;
|
||||
|
||||
if (wpa->keyver & ~7) return (PARSER_SALT_VALUE);
|
||||
@ -14933,10 +14940,8 @@ int check_old_hccap (const char *hashfile)
|
||||
|
||||
void to_hccapx_t (hashcat_ctx_t *hashcat_ctx, hccapx_t *hccapx, const u32 salt_pos, const u32 digest_pos)
|
||||
{
|
||||
const hashconfig_t *hashconfig = hashcat_ctx->hashconfig;
|
||||
const hashes_t *hashes = hashcat_ctx->hashes;
|
||||
const hashes_t *hashes = hashcat_ctx->hashes;
|
||||
|
||||
const void *digests_buf = hashes->digests_buf;
|
||||
const salt_t *salts_buf = hashes->salts_buf;
|
||||
const void *esalts_buf = hashes->esalts_buf;
|
||||
|
||||
|
@ -24,7 +24,7 @@ int sort_by_hash_no_salt (const void *v1, const void *v2, void *v3);
|
||||
|
||||
// this function is for potfile comparison where the potfile does not contain all the
|
||||
// information requires to do a true sort_by_hash() bsearch
|
||||
static int sort_by_hash_t_salt (const void *v1, const void *v2, void *v3)
|
||||
static int sort_by_hash_t_salt (const void *v1, const void *v2)
|
||||
{
|
||||
const hash_t *h1 = (const hash_t *) v1;
|
||||
const hash_t *h2 = (const hash_t *) v2;
|
||||
@ -446,7 +446,7 @@ int potfile_remove_parse (hashcat_ctx_t *hashcat_ctx)
|
||||
|
||||
hash_buf.salt->salt_len = line_hash_len;
|
||||
|
||||
found = (hash_t *) hc_bsearch_r (&hash_buf, hashes_buf, hashes_cnt, sizeof (hash_t), sort_by_hash_t_salt, (void *) hashconfig);
|
||||
found = (hash_t *) bsearch (&hash_buf, hashes_buf, hashes_cnt, sizeof (hash_t), sort_by_hash_t_salt);
|
||||
}
|
||||
}
|
||||
else if (hashconfig->hash_mode == 2500)
|
||||
|
@ -67,6 +67,7 @@ static const char *USAGE_BIG[] =
|
||||
" --outfile-check-dir | Dir | Specify the outfile directory to monitor for plains | --outfile-check-dir=x",
|
||||
" --logfile-disable | | Disable the logfile |",
|
||||
" --hccapx-message-pair | Num | Load only message pairs from hccapx matching X | --hccapx-message-pair=2",
|
||||
" --nonce-error-corrections | Num | The BF size range to replace AP's nonce last bytes | --nonce-error-corrections=16",
|
||||
" --truecrypt-keyfiles | File | Keyfiles used, separate with comma | --truecrypt-key=x.png",
|
||||
" --veracrypt-keyfiles | File | Keyfiles used, separate with comma | --veracrypt-key=x.txt",
|
||||
" --veracrypt-pim | Num | VeraCrypt personal iterations multiplier | --veracrypt-pim=1000",
|
||||
|
@ -60,6 +60,7 @@ static const struct option long_options[] =
|
||||
{"markov-disable", no_argument, 0, IDX_MARKOV_DISABLE},
|
||||
{"markov-hcstat", required_argument, 0, IDX_MARKOV_HCSTAT},
|
||||
{"markov-threshold", required_argument, 0, IDX_MARKOV_THRESHOLD},
|
||||
{"nonce-error-corrections", required_argument, 0, IDX_NONCE_ERROR_CORRECTIONS},
|
||||
{"nvidia-spin-damp", required_argument, 0, IDX_NVIDIA_SPIN_DAMP},
|
||||
{"opencl-devices", required_argument, 0, IDX_OPENCL_DEVICES},
|
||||
{"opencl-device-types", required_argument, 0, IDX_OPENCL_DEVICE_TYPES},
|
||||
@ -154,6 +155,7 @@ int user_options_init (hashcat_ctx_t *hashcat_ctx)
|
||||
user_options->markov_disable = MARKOV_DISABLE;
|
||||
user_options->markov_hcstat = NULL;
|
||||
user_options->markov_threshold = MARKOV_THRESHOLD;
|
||||
user_options->nonce_error_corrections = NONCE_ERROR_CORRECTIONS;
|
||||
user_options->nvidia_spin_damp = NVIDIA_SPIN_DAMP;
|
||||
user_options->opencl_devices = NULL;
|
||||
user_options->opencl_device_types = NULL;
|
||||
@ -317,6 +319,7 @@ int user_options_getopt (hashcat_ctx_t *hashcat_ctx, int argc, char **argv)
|
||||
case IDX_LOGFILE_DISABLE: user_options->logfile_disable = true; break;
|
||||
case IDX_HCCAPX_MESSAGE_PAIR: user_options->hccapx_message_pair = atoi (optarg);
|
||||
user_options->hccapx_message_pair_chgd = true; break;
|
||||
case IDX_NONCE_ERROR_CORRECTIONS: user_options->nonce_error_corrections = atoi (optarg); break;
|
||||
case IDX_TRUECRYPT_KEYFILES: user_options->truecrypt_keyfiles = optarg; break;
|
||||
case IDX_VERACRYPT_KEYFILES: user_options->veracrypt_keyfiles = optarg; break;
|
||||
case IDX_VERACRYPT_PIM: user_options->veracrypt_pim = atoi (optarg); break;
|
||||
@ -990,7 +993,7 @@ void user_options_session_auto (hashcat_ctx_t *hashcat_ctx)
|
||||
{
|
||||
user_options_t *user_options = hashcat_ctx->user_options;
|
||||
|
||||
if (user_options->session == PROGNAME)
|
||||
if (strcmp (user_options->session, PROGNAME) == 0)
|
||||
{
|
||||
if (user_options->benchmark == true)
|
||||
{
|
||||
|
Loading…
Reference in New Issue
Block a user