diff --git a/docs/changes.txt b/docs/changes.txt index f987750df..67d1dcc71 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -1,5 +1,11 @@ * changes v4.1.0 -> v4.1.1 +## +## Algorithms +## + +- Added hash-mode 16700 = FileVault 2 + ## ## Improvements ## diff --git a/docs/readme.txt b/docs/readme.txt index fb7f441ac..9887d5f2a 100644 --- a/docs/readme.txt +++ b/docs/readme.txt @@ -223,6 +223,7 @@ NVIDIA GPUs require "NVIDIA Driver" (367.x or later) - eCryptfs - VeraCrypt - LUKS +- FileVault 2 - MS Office <= 2003 - MS Office 2007 - MS Office 2010 diff --git a/extra/tab_completion/hashcat.sh b/extra/tab_completion/hashcat.sh index 59c81a8bf..228509d8b 100644 --- a/extra/tab_completion/hashcat.sh +++ b/extra/tab_completion/hashcat.sh @@ -176,7 +176,7 @@ _hashcat () { local VERSION=4.1.0 - local HASH_MODES="0 10 11 12 20 21 22 23 30 40 50 60 100 101 110 111 112 120 121 122 124 130 131 132 133 140 141 150 160 200 300 400 500 501 600 900 1000 1100 1400 1410 1411 1420 1421 1430 1440 1441 1450 1460 1500 1600 1700 1710 1711 1720 1722 1730 1731 1740 1750 1760 1800 2100 2400 2410 2500 2501 2600 2611 2612 2711 2811 3000 3100 3200 3710 3711 3800 3910 4010 4110 4300 4400 4500 4520 4521 4522 4700 4800 4900 5000 5100 5200 5300 5400 5500 5600 5700 5800 6000 6100 6211 6212 6213 6221 6222 6223 6231 6232 6233 6241 6242 6243 6300 6400 6500 6600 6700 6800 6900 7000 7100 7200 7300 7400 7500 7700 7800 7900 8000 8100 8200 8300 8400 8500 8600 8700 8800 8900 9000 9100 9200 9300 9400 9500 9600 9700 9710 9720 9800 9810 9820 9900 10000 10100 10200 10300 10400 10410 10420 10500 10600 10700 10800 10900 11000 11100 11200 11300 11400 11500 11600 11700 11800 11900 12000 12001 12100 12200 12300 12400 12500 12600 12700 12800 12900 13000 13100 13200 13300 13400 13500 13600 13800 13900 14000 14100 14700 14800 14900 15000 15100 15200 15300 15400 15500 15600 15700 15900 16000 16100 16200 16300 16400 16500 16600" + local HASH_MODES="0 10 11 12 20 21 22 23 30 40 50 60 100 101 110 111 112 120 121 122 124 130 131 132 133 140 141 150 160 200 300 400 500 501 600 900 1000 1100 1400 1410 1411 1420 1421 1430 1440 1441 1450 1460 1500 1600 1700 1710 1711 1720 1722 1730 1731 1740 1750 1760 1800 2100 2400 2410 2500 2501 2600 2611 2612 2711 2811 3000 3100 3200 3710 3711 3800 3910 4010 4110 4300 4400 4500 4520 4521 4522 4700 4800 4900 5000 5100 5200 5300 5400 5500 5600 5700 5800 6000 6100 6211 6212 6213 6221 6222 6223 6231 6232 6233 6241 6242 6243 6300 6400 6500 6600 6700 6800 6900 7000 7100 7200 7300 7400 7500 7700 7800 7900 8000 8100 8200 8300 8400 8500 8600 8700 8800 8900 9000 9100 9200 9300 9400 9500 9600 9700 9710 9720 9800 9810 9820 9900 10000 10100 10200 10300 10400 10410 10420 10500 10600 10700 10800 10900 11000 11100 11200 11300 11400 11500 11600 11700 11800 11900 12000 12001 12100 12200 12300 12400 12500 12600 12700 12800 12900 13000 13100 13200 13300 13400 13500 13600 13800 13900 14000 14100 14700 14800 14900 15000 15100 15200 15300 15400 15500 15600 15700 15900 16000 16100 16200 16300 16400 16500 16600 16700" local ATTACK_MODES="0 1 3 6 7" local HCCAPX_MESSAGE_PAIR="0 1 2 3 4 5" local OUTFILE_FORMATS="1 2 3 4 5 6 7 8 9 10 11 12 13 14 15" diff --git a/include/interface.h b/include/interface.h index 5c0e115bf..958363a7b 100644 --- a/include/interface.h +++ b/include/interface.h @@ -1350,6 +1350,8 @@ typedef enum display_len DISPLAY_LEN_MAX_16500 = 2047 + 1 + 2047 + 1 + 86, DISPLAY_LEN_MIN_16600 = 10 + 1 + 1 + 32 + 1 + 32, DISPLAY_LEN_MAX_16600 = 10 + 1 + 1 + 32 + 1 + 32, + DISPLAY_LEN_MIN_16700 = 1 + 4 + 1 + 1 + 1 + 2 + 1 + 32 + 1 + 1 + 1 + 48, + DISPLAY_LEN_MAX_16700 = 1 + 4 + 1 + 1 + 1 + 2 + 1 + 32 + 1 + 6 + 1 + 48, DISPLAY_LEN_MIN_99999 = 1, DISPLAY_LEN_MAX_99999 = 55, @@ -1956,6 +1958,7 @@ int apple_secure_notes_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_bu int ethereum_presale_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); int jwt_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); int electrum_wallet13_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); +int filevault2_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); /** * hook functions diff --git a/src/interface.c b/src/interface.c index da3119e1e..ffd3aba6b 100644 --- a/src/interface.c +++ b/src/interface.c @@ -276,6 +276,7 @@ static const char *ST_HASH_16200 = "$ASN$*1*20000*807711711052334810048500040850 static const char *ST_HASH_16300 = "$ethereum$w*e94a8e49deac2d62206bf9bfb7d2aaea7eb06c1a378cfc1ac056cc599a569793c0ecc40e6a0c242dee2812f06b644d70f43331b1fa2ce4bd6cbb9f62dd25b443235bdb4c1ffb222084c9ded8c719624b338f17e0fd827b34d79801298ac75f74ed97ae16f72fccecf862d09a03498b1b8bd1d984fc43dd507ede5d4b6223a582352386407266b66c671077eefc1e07b5f42508bf926ab5616658c984968d8eec25c9d5197a4a30eed54c161595c3b4d558b17ab8a75ccca72b3d949919d197158ea5cfbc43ac7dd73cf77807dc2c8fe4ef1e942ccd11ec24fe8a410d48ef4b8a35c93ecf1a21c51a51a08f3225fbdcc338b1e7fdafd7d94b82a81d88c2e9a429acc3f8a5974eafb7af8c912597eb6fdcd80578bd12efddd99de47b44e7c8f6c38f2af3116b08796172eda89422e9ea9b99c7f98a7e331aeb4bb1b06f611e95082b629332c31dbcfd878aed77d300c9ed5c74af9cd6f5a8c4a261dd124317fb790a04481d93aec160af4ad8ec84c04d943a869f65f07f5ccf8295dc1c876f30408eac77f62192cbb25842470b4a5bdb4c8096f56da7e9ed05c21f61b94c54ef1c2e9e417cce627521a40a99e357dd9b7a7149041d589cbacbe0302db57ddc983b9a6d79ce3f2e9ae8ad45fa40b934ed6b36379b780549ae7553dbb1cab238138c05743d0103335325bd90e27d8ae1ea219eb8905503c5ad54fa12d22e9a7d296eee07c8a7b5041b8d56b8af290274d01eb0e4ad174eb26b23b5e9fb46ff7f88398e6266052292acb36554ccb9c2c03139fe72d3f5d30bd5d10bd79d7cb48d2ab24187d8efc3750d5a24980fb12122591455d14e75421a2074599f1cc9fdfc8f498c92ad8b904d3c4307f80c46921d8128*f3abede76ac15228f1b161dd9660bb9094e81b1b*d201ccd492c284484c7824c4d37b1593"; static const char *ST_HASH_16400 = "{CRAM-MD5}5389b33b9725e5657cb631dc50017ff100000000000000000000000000000000"; static const char *ST_HASH_16600 = "$electrum$1*44358283104603165383613672586868*c43a6632d9f59364f74c395a03d8c2ea"; +static const char *ST_HASH_16700 = "$fvde$1$16$84286044060108438487434858307513$20000$f1620ab93192112f0a23eea89b5d4df065661f974b704191"; static const char *ST_HASH_99999 = "hashcat"; static const char *OPTI_STR_OPTIMIZED_KERNEL = "Optimized-Kernel"; @@ -517,6 +518,7 @@ static const char *HT_16300 = "Ethereum Pre-Sale Wallet, PBKDF2-HMAC-SHA256"; static const char *HT_16400 = "CRAM-MD5 Dovecot"; static const char *HT_16500 = "JWT (JSON Web Token)"; static const char *HT_16600 = "Electrum Wallet (Salt-Type 1-3)"; +static const char *HT_16700 = "FileVault 2"; static const char *HT_99999 = "Plaintext"; static const char *HT_00011 = "Joomla < 2.5.18"; @@ -666,6 +668,7 @@ static const char *SIGNATURE_TACACS_PLUS = "$tacacs-plus$0$"; static const char *SIGNATURE_APPLE_SECURE_NOTES = "$ASN$"; static const char *SIGNATURE_ETHEREUM_PRESALE = "$ethereum$w"; static const char *SIGNATURE_ELECTRUM_WALLET = "$electrum$"; +static const char *SIGNATURE_FILEVAULT2 = "$fvde$"; /** * decoder / encoder @@ -16471,6 +16474,136 @@ int electrum_wallet13_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf return (PARSER_OK); } +int filevault2_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig) +{ + if ((input_len < DISPLAY_LEN_MIN_16700) || (input_len > DISPLAY_LEN_MAX_16700)) return (PARSER_GLOBAL_LENGTH); + + if (memcmp (SIGNATURE_FILEVAULT2, input_buf, 6) != 0) return (PARSER_SIGNATURE_UNMATCHED); + + u32 *digest = (u32 *) hash_buf->digest; + + salt_t *salt = hash_buf->salt; + + apple_secure_notes_t *apple_secure_notes = (apple_secure_notes_t *) hash_buf->esalt; + + /** + * parse line + */ + + // Z_PK + + u8 *Z_PK_pos = input_buf + 6; + + // salt_length + + u8 *salt_length_pos = (u8 *) strchr ((const char *) Z_PK_pos, '$'); + + if (salt_length_pos == NULL) return (PARSER_SEPARATOR_UNMATCHED); + + u32 Z_PK_len = salt_length_pos - Z_PK_pos; + + salt_length_pos++; + + // ZCRYPTOSALT + + u8 *ZCRYPTOSALT_pos = (u8 *) strchr ((const char *) salt_length_pos, '$'); + + if (ZCRYPTOSALT_pos == NULL) return (PARSER_SEPARATOR_UNMATCHED); + + u32 salt_length_len = ZCRYPTOSALT_pos - salt_length_pos; + + ZCRYPTOSALT_pos++; + + // ZCRYPTOITERATIONCOUNT + + u8 *ZCRYPTOITERATIONCOUNT_pos = (u8 *) strchr ((const char *) ZCRYPTOSALT_pos, '$'); + + if (ZCRYPTOITERATIONCOUNT_pos == NULL) return (PARSER_SEPARATOR_UNMATCHED); + + u32 ZCRYPTOSALT_len = ZCRYPTOITERATIONCOUNT_pos - ZCRYPTOSALT_pos; + + ZCRYPTOITERATIONCOUNT_pos++; + + // ZCRYPTOWRAPPEDKEY + + u8 *ZCRYPTOWRAPPEDKEY_pos = (u8 *) strchr ((const char *) ZCRYPTOITERATIONCOUNT_pos, '$'); + + if (ZCRYPTOWRAPPEDKEY_pos == NULL) return (PARSER_SEPARATOR_UNMATCHED); + + u32 ZCRYPTOITERATIONCOUNT_len = ZCRYPTOWRAPPEDKEY_pos - ZCRYPTOITERATIONCOUNT_pos; + + ZCRYPTOWRAPPEDKEY_pos++; + + u32 ZCRYPTOWRAPPEDKEY_len = input_len - 6 - Z_PK_len - 1 - salt_length_len - 1 - ZCRYPTOSALT_len - 1 - ZCRYPTOITERATIONCOUNT_len - 1; + + /** + * verify some data + */ + + const u32 Z_PK = hc_strtoul ((const char *) Z_PK_pos, NULL, 10); + const u32 ZCRYPTOITERATIONCOUNT = hc_strtoul ((const char *) ZCRYPTOITERATIONCOUNT_pos, NULL, 10); + + if (ZCRYPTOSALT_len != 32) return (PARSER_SALT_ENCODING); + if (ZCRYPTOWRAPPEDKEY_len != 48) return (PARSER_SALT_ENCODING); + + if (is_valid_hex_string (ZCRYPTOSALT_pos, ZCRYPTOSALT_len) == false) return (PARSER_SALT_ENCODING); + if (is_valid_hex_string (ZCRYPTOWRAPPEDKEY_pos, ZCRYPTOWRAPPEDKEY_len) == false) return (PARSER_SALT_ENCODING); + + //if (ZCRYPTOITERATIONCOUNT != 20000) return (PARSER_SALT_ENCODING); + + /** + * store data + */ + + apple_secure_notes->Z_PK = Z_PK; + + apple_secure_notes->ZCRYPTOITERATIONCOUNT = ZCRYPTOITERATIONCOUNT; + + apple_secure_notes->ZCRYPTOSALT[ 0] = hex_to_u32 ((const u8 *) &ZCRYPTOSALT_pos[ 0]); + apple_secure_notes->ZCRYPTOSALT[ 1] = hex_to_u32 ((const u8 *) &ZCRYPTOSALT_pos[ 8]); + apple_secure_notes->ZCRYPTOSALT[ 2] = hex_to_u32 ((const u8 *) &ZCRYPTOSALT_pos[16]); + apple_secure_notes->ZCRYPTOSALT[ 3] = hex_to_u32 ((const u8 *) &ZCRYPTOSALT_pos[24]); + apple_secure_notes->ZCRYPTOSALT[ 4] = 0; + apple_secure_notes->ZCRYPTOSALT[ 5] = 0; + apple_secure_notes->ZCRYPTOSALT[ 6] = 0; + apple_secure_notes->ZCRYPTOSALT[ 7] = 0; + apple_secure_notes->ZCRYPTOSALT[ 8] = 0; + apple_secure_notes->ZCRYPTOSALT[ 9] = 0; + apple_secure_notes->ZCRYPTOSALT[10] = 0; + apple_secure_notes->ZCRYPTOSALT[11] = 0; + apple_secure_notes->ZCRYPTOSALT[12] = 0; + apple_secure_notes->ZCRYPTOSALT[13] = 0; + apple_secure_notes->ZCRYPTOSALT[14] = 0; + apple_secure_notes->ZCRYPTOSALT[15] = 0; + + apple_secure_notes->ZCRYPTOWRAPPEDKEY[0] = hex_to_u32 ((const u8 *) &ZCRYPTOWRAPPEDKEY_pos[ 0]); + apple_secure_notes->ZCRYPTOWRAPPEDKEY[1] = hex_to_u32 ((const u8 *) &ZCRYPTOWRAPPEDKEY_pos[ 8]); + apple_secure_notes->ZCRYPTOWRAPPEDKEY[2] = hex_to_u32 ((const u8 *) &ZCRYPTOWRAPPEDKEY_pos[16]); + apple_secure_notes->ZCRYPTOWRAPPEDKEY[3] = hex_to_u32 ((const u8 *) &ZCRYPTOWRAPPEDKEY_pos[24]); + apple_secure_notes->ZCRYPTOWRAPPEDKEY[4] = hex_to_u32 ((const u8 *) &ZCRYPTOWRAPPEDKEY_pos[32]); + apple_secure_notes->ZCRYPTOWRAPPEDKEY[5] = hex_to_u32 ((const u8 *) &ZCRYPTOWRAPPEDKEY_pos[40]); + + // fake salt + + salt->salt_buf[0] = apple_secure_notes->ZCRYPTOSALT[0]; + salt->salt_buf[1] = apple_secure_notes->ZCRYPTOSALT[1]; + salt->salt_buf[2] = apple_secure_notes->ZCRYPTOSALT[2]; + salt->salt_buf[3] = apple_secure_notes->ZCRYPTOSALT[3]; + salt->salt_buf[4] = apple_secure_notes->Z_PK; + + salt->salt_iter = apple_secure_notes->ZCRYPTOITERATIONCOUNT - 1; + salt->salt_len = 20; + + // fake hash + + digest[0] = apple_secure_notes->ZCRYPTOWRAPPEDKEY[0]; + digest[1] = apple_secure_notes->ZCRYPTOWRAPPEDKEY[1]; + digest[2] = apple_secure_notes->ZCRYPTOWRAPPEDKEY[2]; + digest[3] = apple_secure_notes->ZCRYPTOWRAPPEDKEY[3]; + + return (PARSER_OK); +} + /** * hook functions */ @@ -16910,6 +17043,7 @@ const char *strhashtype (const u32 hash_mode) case 16400: return HT_16400; case 16500: return HT_16500; case 16600: return HT_16600; + case 16700: return HT_16700; case 99999: return HT_99999; } @@ -20507,6 +20641,27 @@ int ascii_digest (hashcat_ctx_t *hashcat_ctx, char *out_buf, const size_t out_le byte_swap_32 (electrum_wallet->encrypted[2]), byte_swap_32 (electrum_wallet->encrypted[3])); } + else if (hash_mode == 16700) + { + apple_secure_notes_t *apple_secure_notess = (apple_secure_notes_t *) esalts_buf; + + apple_secure_notes_t *apple_secure_notes = &apple_secure_notess[digest_cur]; + + snprintf (out_buf, out_len - 1, "%s%u$16$%08x%08x%08x%08x$%u$%08x%08x%08x%08x%08x%08x", + SIGNATURE_FILEVAULT2, + apple_secure_notes->Z_PK, + byte_swap_32 (apple_secure_notes->ZCRYPTOSALT[0]), + byte_swap_32 (apple_secure_notes->ZCRYPTOSALT[1]), + byte_swap_32 (apple_secure_notes->ZCRYPTOSALT[2]), + byte_swap_32 (apple_secure_notes->ZCRYPTOSALT[3]), + apple_secure_notes->ZCRYPTOITERATIONCOUNT, + byte_swap_32 (apple_secure_notes->ZCRYPTOWRAPPEDKEY[0]), + byte_swap_32 (apple_secure_notes->ZCRYPTOWRAPPEDKEY[1]), + byte_swap_32 (apple_secure_notes->ZCRYPTOWRAPPEDKEY[2]), + byte_swap_32 (apple_secure_notes->ZCRYPTOWRAPPEDKEY[3]), + byte_swap_32 (apple_secure_notes->ZCRYPTOWRAPPEDKEY[4]), + byte_swap_32 (apple_secure_notes->ZCRYPTOWRAPPEDKEY[5])); + } else if (hash_mode == 99999) { char *ptr = (char *) digest_buf; @@ -25634,6 +25789,23 @@ int hashconfig_init (hashcat_ctx_t *hashcat_ctx) hashconfig->st_pass = ST_PASS_HASHCAT_PLAIN; break; + case 16700: hashconfig->hash_type = HASH_TYPE_APPLE_SECURE_NOTES; + hashconfig->salt_type = SALT_TYPE_EMBEDDED; + hashconfig->attack_exec = ATTACK_EXEC_OUTSIDE_KERNEL; + hashconfig->opts_type = OPTS_TYPE_PT_GENERATE_LE; + hashconfig->kern_type = KERN_TYPE_APPLE_SECURE_NOTES; + hashconfig->dgst_size = DGST_SIZE_4_4; // originally DGST_SIZE_4_2 + hashconfig->parse_func = filevault2_parse_hash; + hashconfig->opti_type = OPTI_TYPE_ZERO_BYTE + | OPTI_TYPE_SLOW_HASH_SIMD_LOOP; + hashconfig->dgst_pos0 = 0; + hashconfig->dgst_pos1 = 1; + hashconfig->dgst_pos2 = 2; + hashconfig->dgst_pos3 = 3; + hashconfig->st_hash = ST_HASH_16700; + hashconfig->st_pass = ST_PASS_HASHCAT_PLAIN; + break; + case 99999: hashconfig->hash_type = HASH_TYPE_PLAINTEXT; hashconfig->salt_type = SALT_TYPE_NONE; hashconfig->attack_exec = ATTACK_EXEC_INSIDE_KERNEL; @@ -25854,6 +26026,7 @@ int hashconfig_init (hashcat_ctx_t *hashcat_ctx) case 16300: hashconfig->esalt_size = sizeof (ethereum_presale_t); break; case 16500: hashconfig->esalt_size = sizeof (jwt_t); break; case 16600: hashconfig->esalt_size = sizeof (electrum_wallet_t); break; + case 16700: hashconfig->esalt_size = sizeof (apple_secure_notes_t); break; } // hook_salt_size @@ -25963,6 +26136,7 @@ int hashconfig_init (hashcat_ctx_t *hashcat_ctx) case 15900: hashconfig->tmp_size = sizeof (dpapimk_tmp_v2_t); break; case 16200: hashconfig->tmp_size = sizeof (apple_secure_notes_tmp_t); break; case 16300: hashconfig->tmp_size = sizeof (pbkdf2_sha256_tmp_t); break; + case 16700: hashconfig->tmp_size = sizeof (apple_secure_notes_tmp_t); break; }; // hook_size @@ -26663,6 +26837,8 @@ void hashconfig_benchmark_defaults (hashcat_ctx_t *hashcat_ctx, salt_t *salt, vo break; case 16300: salt->salt_len = 20; break; + case 16700: salt->salt_len = 16; + break; } // special esalt handling @@ -26944,6 +27120,8 @@ void hashconfig_benchmark_defaults (hashcat_ctx_t *hashcat_ctx, salt_t *salt, vo break; case 16300: salt->salt_iter = ROUNDS_ETHEREUM_PRESALE; break; + case 16700: salt->salt_iter = ROUNDS_APPLE_SECURE_NOTES - 1; + break; } } diff --git a/src/usage.c b/src/usage.c index b0b61cadc..ac42f6ad5 100644 --- a/src/usage.c +++ b/src/usage.c @@ -338,6 +338,7 @@ static const char *const USAGE_BIG[] = " Y | 2 = XTS 1024 bit cascaded Twofish-Serpent | Full-Disk Encryption (FDE)", " Y | 3 = XTS 1536 bit all | Full-Disk Encryption (FDE)", " 14600 | LUKS | Full-Disk Encryption (FDE)", + " 16700 | FileVault 2 | Full-Disk Encryption (FDE)", " 9700 | MS Office <= 2003 $0/$1, MD5 + RC4 | Documents", " 9710 | MS Office <= 2003 $0/$1, MD5 + RC4, collider #1 | Documents", " 9720 | MS Office <= 2003 $0/$1, MD5 + RC4, collider #2 | Documents", diff --git a/tools/test.pl b/tools/test.pl index 43ebd42e4..76df928e6 100755 --- a/tools/test.pl +++ b/tools/test.pl @@ -57,7 +57,7 @@ my $hashcat = "./hashcat"; my $MAX_LEN = 55; -my @modes = (0, 10, 11, 12, 20, 21, 22, 23, 30, 40, 50, 60, 100, 101, 110, 111, 112, 120, 121, 122, 125, 130, 131, 132, 133, 140, 141, 150, 160, 200, 300, 400, 500, 600, 900, 1000, 1100, 1300, 1400, 1410, 1411, 1420, 1430, 1440, 1441, 1450, 1460, 1500, 1600, 1700, 1710, 1711, 1720, 1730, 1740, 1722, 1731, 1750, 1760, 1800, 2100, 2400, 2410, 2500, 2600, 2611, 2612, 2711, 2811, 3000, 3100, 3200, 3710, 3711, 3300, 3500, 3610, 3720, 3800, 3910, 4010, 4110, 4210, 4300, 4400, 4500, 4520, 4521, 4522, 4600, 4700, 4800, 4900, 5000, 5100, 5300, 5400, 5500, 5600, 5700, 5800, 6000, 6100, 6300, 6400, 6500, 6600, 6700, 6800, 6900, 7000, 7100, 7200, 7300, 7400, 7500, 7700, 7701, 7800, 7801, 7900, 8000, 8100, 8200, 8300, 8400, 8500, 8600, 8700, 8900, 9100, 9200, 9300, 9400, 9500, 9600, 9700, 9800, 9900, 10000, 10100, 10200, 10300, 10400, 10500, 10600, 10700, 10800, 10900, 11000, 11100, 11200, 11300, 11400, 11500, 11600, 11900, 12000, 12001, 12100, 12200, 12300, 12400, 12600, 12700, 12800, 12900, 13000, 13100, 13200, 13300, 13400, 13500, 13600, 13800, 13900, 14000, 14100, 14400, 14700, 14800, 14900, 15000, 15100, 15200, 15300, 15400, 15500, 15600, 15700, 15900, 16000, 16100, 16200, 16300, 16400, 16500, 16600, 99999); +my @modes = (0, 10, 11, 12, 20, 21, 22, 23, 30, 40, 50, 60, 100, 101, 110, 111, 112, 120, 121, 122, 125, 130, 131, 132, 133, 140, 141, 150, 160, 200, 300, 400, 500, 600, 900, 1000, 1100, 1300, 1400, 1410, 1411, 1420, 1430, 1440, 1441, 1450, 1460, 1500, 1600, 1700, 1710, 1711, 1720, 1730, 1740, 1722, 1731, 1750, 1760, 1800, 2100, 2400, 2410, 2500, 2600, 2611, 2612, 2711, 2811, 3000, 3100, 3200, 3710, 3711, 3300, 3500, 3610, 3720, 3800, 3910, 4010, 4110, 4210, 4300, 4400, 4500, 4520, 4521, 4522, 4600, 4700, 4800, 4900, 5000, 5100, 5300, 5400, 5500, 5600, 5700, 5800, 6000, 6100, 6300, 6400, 6500, 6600, 6700, 6800, 6900, 7000, 7100, 7200, 7300, 7400, 7500, 7700, 7701, 7800, 7801, 7900, 8000, 8100, 8200, 8300, 8400, 8500, 8600, 8700, 8900, 9100, 9200, 9300, 9400, 9500, 9600, 9700, 9800, 9900, 10000, 10100, 10200, 10300, 10400, 10500, 10600, 10700, 10800, 10900, 11000, 11100, 11200, 11300, 11400, 11500, 11600, 11900, 12000, 12001, 12100, 12200, 12300, 12400, 12600, 12700, 12800, 12900, 13000, 13100, 13200, 13300, 13400, 13500, 13600, 13800, 13900, 14000, 14100, 14400, 14700, 14800, 14900, 15000, 15100, 15200, 15300, 15400, 15500, 15600, 15700, 15900, 16000, 16100, 16200, 16300, 16400, 16500, 16600, 16700, 99999); my %is_utf16le = map { $_ => 1 } qw (30 40 130 131 132 133 140 141 1000 1100 1430 1440 1441 1730 1740 1731 5500 5600 8000 9400 9500 9600 9700 9800 11600 13500 13800); my %less_fifteen = map { $_ => 1 } qw (500 1600 1800 3200 6300 7400 10500 10700); @@ -2918,6 +2918,42 @@ sub verify next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in}))); } + # FileVault 2 + elsif ($mode == 16700) + { + ($hash_in, $word) = split ":", $line; + + next unless defined $hash_in; + next unless defined $word; + + my @data = split ('\$', $hash_in); + + next unless scalar @data == 7; + + shift @data; + + my $signature = shift @data; + + next unless ($signature eq 'fvde'); + + my $Z_PK = shift @data; + + next unless ($Z_PK eq '1'); + + my $salt_length = shift @data; + + next unless ($salt_length eq '16'); + + my ($ZCRYPTOSALT, $ZCRYPTOITERATIONCOUNT, $ZCRYPTOWRAPPEDKEY) = @data; + + $salt = $ZCRYPTOSALT; + $iter = $ZCRYPTOITERATIONCOUNT; + + $param = $Z_PK; + $param2 = $ZCRYPTOWRAPPEDKEY; + + next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in}))); + } else { print "ERROR: hash mode is not supported\n"; @@ -3365,6 +3401,14 @@ sub verify return unless (substr ($line, 0, $len) eq $hash_out); } + elsif ($mode == 16700) + { + $hash_out = gen_hash ($mode, $word, $salt, $iter, $param, $param2); + + $len = length $hash_out; + + return unless (substr ($line, 0, $len) eq $hash_out); + } else { $hash_out = gen_hash ($mode, $word, $salt, $iter); @@ -3936,6 +3980,10 @@ sub passthrough { $tmp_hash = gen_hash ($mode, $word_buf, substr ($salt_buf, 0, 32)); } + elsif ($mode == 16700) + { + $tmp_hash = gen_hash ($mode, $word_buf, substr ($salt_buf, 0, 32)); + } else { print "ERROR: Unsupported hash type\n"; @@ -5019,6 +5067,20 @@ sub single } } } + elsif ($mode == 16700) + { + for (my $i = 1; $i < 32; $i++) + { + if ($len != 0) + { + rnd ($mode, $len, 32); + } + else + { + rnd ($mode, $i, 32); + } + } + } } } @@ -9550,6 +9612,133 @@ END_CODE $tmp_hash = sprintf ("\$electrum\$%d*%s*%s", $salt_type, $iv, $encrypted); } + elsif ($mode == 16700) + { + my $salt_bin = pack ("H*", $salt_buf); + + my $iterations = 20000; + + if (defined ($iter)) + { + $iterations = $iter; + } + + my $Z_PK = 1; + + if (defined $additional_param) + { + $Z_PK = $additional_param; + } + + my $pbkdf2 = Crypt::PBKDF2->new + ( + hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256), + iterations => $iterations, + output_len => 16, + ); + + my $KEK = $pbkdf2->PBKDF2 ($salt_bin, $word_buf); + + my $aes = Crypt::Mode::ECB->new ('AES', 0); + + my $blob_bin; + + my $A; + my $B; + my $P1; + my $P2; + + if (defined $additional_param2) + { + $blob_bin = pack ("H*", $additional_param2); + + $A = substr ($blob_bin, 0, 8); + $P1 = substr ($blob_bin, 8, 8); + $P2 = substr ($blob_bin, 16, 8); + + for (my $j = 5; $j >= 0; $j--) + { + # N = 2 + + $B = $A; + $B ^= pack ("Q>", (2 * $j + 2)); + $B .= $P2; + $B = $aes->decrypt ($B, $KEK); + $A = substr ($B, 0, 8); + $P2 = substr ($B, 8, 8); + + # N = 1 + + $B = $A; + $B ^= pack ("Q>", (2 * $j + 1)); + $B .= $P1; + $B = $aes->decrypt ($B, $KEK); + $A = substr ($B, 0, 8); + $P1 = substr ($B, 8, 8); + } + + if ($A eq "\xa6" x 8) + { + for (my $j = 0; $j <= 5; $j++) + { + # N = 1 + + $B = $A; + $B .= $P1; + $B = $aes->encrypt ($B, $KEK); + $A = substr ($B, 0, 8); + $A ^= pack ("Q>", (2 * $j + 1)); + $P1 = substr ($B, 8, 8); + + # N = 2 + + $B = $A; + $B .= $P2; + $B = $aes->encrypt ($B, $KEK); + $A = substr ($B, 0, 8); + $A ^= pack ("Q>", (2 * $j + 2)); + $P2 = substr ($B, 8, 8); + } + + $blob_bin = $A . $P1 . $P2; + } + else + { + $blob_bin = "\xff" x 24; + } + } + else + { + $A = "\xa6" x 8; + $P1 = "\xff" x 8; + $P2 = "\xff" x 8; + + for (my $j = 0; $j <= 5; $j++) + { + # N = 1 + + $B = $A; + $B .= $P1; + $B = $aes->encrypt ($B, $KEK); + $A = substr ($B, 0, 8); + $A ^= pack ("Q>", (2 * $j + 1)); + $P1 = substr ($B, 8, 8); + + # N = 2 + + $B = $A; + $B .= $P2; + $B = $aes->encrypt ($B, $KEK); + $A = substr ($B, 0, 8); + $A ^= pack ("Q>", (2 * $j + 2)); + $P2 = substr ($B, 8, 8); + } + + $blob_bin = $A . $P1 . $P2; + } + + $tmp_hash = sprintf ('$fvde$%d$%d$%s$%d$%s', $Z_PK, length ($salt_bin), unpack ("H*", $salt_bin), $iterations, unpack ("H*", $blob_bin)); + } elsif ($mode == 99999) { $tmp_hash = sprintf ("%s", $word_buf); diff --git a/tools/test.sh b/tools/test.sh index 09fc8b8f3..6c86ffa3d 100755 --- a/tools/test.sh +++ b/tools/test.sh @@ -9,7 +9,7 @@ TDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" # missing hash types: 5200,6251,6261,6271,6281 -HASH_TYPES="0 10 11 12 20 21 22 23 30 40 50 60 100 101 110 111 112 120 121 122 125 130 131 132 133 140 141 150 160 200 300 400 500 600 900 1000 1100 1300 1400 1410 1411 1420 1430 1440 1441 1450 1460 1500 1600 1700 1710 1711 1720 1722 1730 1731 1740 1750 1760 1800 2100 2400 2410 2500 2600 2611 2612 2711 2811 3000 3100 3200 3710 3711 3800 3910 4010 4110 4300 4400 4500 4520 4521 4522 4700 4800 4900 5000 5100 5300 5400 5500 5600 5700 5800 6000 6100 6211 6212 6213 6221 6222 6223 6231 6232 6233 6241 6242 6243 6300 6400 6500 6600 6700 6800 6900 7000 7100 7200 7300 7400 7500 7700 7701 7800 7801 7900 8000 8100 8200 8300 8400 8500 8600 8700 8900 9100 9200 9300 9400 9500 9600 9700 9800 9900 10000 10100 10200 10300 10400 10500 10600 10700 10800 10900 11000 11100 11200 11300 11400 11500 11600 11900 12000 12001 12100 12200 12300 12400 12600 12700 12800 12900 13000 13100 13200 13300 13400 13500 13600 13800 13900 14000 14100 14400 14600 14700 14800 14900 15000 15100 15200 15300 15400 15500 15600 15700 15900 16000 16100 16200 16300 16400 16500 16600 99999" +HASH_TYPES="0 10 11 12 20 21 22 23 30 40 50 60 100 101 110 111 112 120 121 122 125 130 131 132 133 140 141 150 160 200 300 400 500 600 900 1000 1100 1300 1400 1410 1411 1420 1430 1440 1441 1450 1460 1500 1600 1700 1710 1711 1720 1722 1730 1731 1740 1750 1760 1800 2100 2400 2410 2500 2600 2611 2612 2711 2811 3000 3100 3200 3710 3711 3800 3910 4010 4110 4300 4400 4500 4520 4521 4522 4700 4800 4900 5000 5100 5300 5400 5500 5600 5700 5800 6000 6100 6211 6212 6213 6221 6222 6223 6231 6232 6233 6241 6242 6243 6300 6400 6500 6600 6700 6800 6900 7000 7100 7200 7300 7400 7500 7700 7701 7800 7801 7900 8000 8100 8200 8300 8400 8500 8600 8700 8900 9100 9200 9300 9400 9500 9600 9700 9800 9900 10000 10100 10200 10300 10400 10500 10600 10700 10800 10900 11000 11100 11200 11300 11400 11500 11600 11900 12000 12001 12100 12200 12300 12400 12600 12700 12800 12900 13000 13100 13200 13300 13400 13500 13600 13800 13900 14000 14100 14400 14600 14700 14800 14900 15000 15100 15200 15300 15400 15500 15600 15700 15900 16000 16100 16200 16300 16400 16500 16600 16700 99999" #ATTACK_MODES="0 1 3 6 7" ATTACK_MODES="0 1 3 7"