arno/hashcat
1
0
Fork 0
mirror of https://github.com/hashcat/hashcat.git synced 2025-07-15 19:18:23 +00:00
Code Issues Releases Wiki Activity

Fixed both a false positive and a false negative in -m 21800. Previously,

Browse Source 
only the first hash in a multihash list was marked as cracked, regardless
of which hash was actually cracked. For example, if the second hash was
cracked, it incorrectly marked the first as cracked and left the second
uncracked. This issue only affected beta versions and only in multihash
cracking mode.

Added deep-comp kernel support for Kerberos modes 28800 and 28900,
enabling multihash cracking for the same user in the same domain, even if
the password was changed or the recording was bad.

Added a rule ensuring that device buffer sizes for password candidates,
hooks, and transport (tmps) must be smaller than 1/4 of the maximum
allocatable memory. If not, hashcat now automatically reduces kernel-accel
down to 1, then halves the number of threads and restores kernel-accel up
to its maximum, repeating until the size requirement is met.

Fixed salt length limit verification for -m 20712.

Fixed password length limit for -m 14400.

Fixed unit test salt generator for -m 21100, which could produce duplicate
hashes under certain conditions.

Added the OPTS_TYPE_NATIVE_THREADS flag to the following hash modes
(after benchmarking): 7700, 7701, 9000, 1375x, 1376x, 14800, 19500, 23900.
This commit is contained in:
Jens Steube 2025-07-11 15:02:58 +02:00
parent f5fe1ad191
commit d7fb2ffa06
20 changed files with 46 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
OpenCL/m21800-pure.cl
View File

@ -655,12 +655,12 @@ KERNEL_FQ KERNEL_FA void m21800_comp (KERN_ATTR_TMPS_ESALT (electrum_tmp_t, elec
if ((entropy >= MIN_ENTROPY) && (entropy <= MAX_ENTROPY))
{
if (hc_atomic_inc (&hashes_shown[DIGESTS_OFFSET_HOST]) == 0)
if (hc_atomic_inc (&hashes_shown[digest_cur]) == 0)
{
mark_hash (plains_buf, d_return_buf, SALT_POS_HOST, DIGESTS_CNT, 0, DIGESTS_OFFSET_HOST + 0, gid, 0, 0, 0);
mark_hash (plains_buf, d_return_buf, SALT_POS_HOST, DIGESTS_CNT, 0, digest_cur, gid, 0, 0, 0);
}
return;
//return;
}
}
}
@ -676,11 +676,11 @@ KERNEL_FQ KERNEL_FA void m21800_comp (KERN_ATTR_TMPS_ESALT (electrum_tmp_t, elec
((tmp[0] == 0x7b) && (tmp[1] == 0x0d) && (tmp[2] == 0x0a) && (tmp[3] == 0x20) &&
(tmp[4] == 0x20) && (tmp[5] == 0x20) && (tmp[6] == 0x20) && (tmp[7] == 0x22)))
{
if (hc_atomic_inc (&hashes_shown[DIGESTS_OFFSET_HOST]) == 0)
if (hc_atomic_inc (&hashes_shown[digest_cur]) == 0)
{
mark_hash (plains_buf, d_return_buf, SALT_POS_HOST, DIGESTS_CNT, 0, DIGESTS_OFFSET_HOST + 0, gid, 0, 0, 0);
mark_hash (plains_buf, d_return_buf, SALT_POS_HOST, DIGESTS_CNT, 0, digest_cur, gid, 0, 0, 0);
}
return;
//return;
}
}

7
src/backend.c
View File

@ -16329,10 +16329,11 @@ int backend_session_begin (hashcat_ctx_t *hashcat_ctx)
// let's add some extra space just to be sure.
// now depends on the kernel-accel value (where scrypt and similar benefits), but also hard minimum 64mb and maximum 1024mb limit
// let's see if we still need this now that we have low-level API to report free memory
// we don't want these get too big. if a plugin requires really a lot of memory, the extra buffer should be used instead.
if (size_pws > device_param->device_maxmem_alloc) memory_limit_hit = 1;
if (size_tmps > device_param->device_maxmem_alloc) memory_limit_hit = 1;
if (size_hooks > device_param->device_maxmem_alloc) memory_limit_hit = 1;
if (size_pws > device_param->device_maxmem_alloc / 4) memory_limit_hit = 1;
if (size_tmps > device_param->device_maxmem_alloc / 4) memory_limit_hit = 1;
if (size_hooks > device_param->device_maxmem_alloc / 4) memory_limit_hit = 1;
// work around, for some reason apple opencl can't have buffers larger 2^31
// typically runs into trap 6

6
src/interface.c
View File

@ -273,6 +273,12 @@ int hashconfig_init (hashcat_ctx_t *hashcat_ctx)
CHECK_MANDATORY (module_ctx->module_hash_encode);
}
// check deep comp kernel requirements
if (hashconfig->opts_type & OPTS_TYPE_DEEP_COMP_KERNEL)
{
CHECK_MANDATORY (module_ctx->module_deep_comp_kernel);
}
#undef CHECK_MANDATORY
if (user_options->keyboard_layout_mapping)

1
src/modules/module_07700.c
View File

@ -25,6 +25,7 @@ static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE
| OPTI_TYPE_NOT_ITERATED;
static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE
| OPTS_TYPE_PT_GENERATE_LE
| OPTS_TYPE_NATIVE_THREADS
| OPTS_TYPE_PT_UPPER
| OPTS_TYPE_ST_UPPER;
static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED;

1
src/modules/module_07701.c
View File

@ -25,6 +25,7 @@ static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE
| OPTI_TYPE_NOT_ITERATED;
static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE
| OPTS_TYPE_PT_GENERATE_LE
| OPTS_TYPE_NATIVE_THREADS
| OPTS_TYPE_PT_UPPER
| OPTS_TYPE_ST_UPPER;
static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED;

1
src/modules/module_09000.c
View File

@ -22,6 +22,7 @@ static const u64 KERN_TYPE = 9000;
static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE;
static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE
| OPTS_TYPE_PT_GENERATE_LE
| OPTS_TYPE_NATIVE_THREADS
| OPTS_TYPE_BINARY_HASHFILE
| OPTS_TYPE_AUTODETECT_DISABLE
| OPTS_TYPE_DYNAMIC_SHARED;

1
src/modules/module_13751.c
View File

@ -27,6 +27,7 @@ static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE
| OPTI_TYPE_REGISTER_LIMIT;
static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE
| OPTS_TYPE_PT_GENERATE_LE
| OPTS_TYPE_NATIVE_THREADS
| OPTS_TYPE_BINARY_HASHFILE
| OPTS_TYPE_LOOP_EXTENDED
| OPTS_TYPE_MP_MULTI_DISABLE

1
src/modules/module_13752.c
View File

@ -27,6 +27,7 @@ static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE
| OPTI_TYPE_REGISTER_LIMIT;
static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE
| OPTS_TYPE_PT_GENERATE_LE
| OPTS_TYPE_NATIVE_THREADS
| OPTS_TYPE_BINARY_HASHFILE
| OPTS_TYPE_LOOP_EXTENDED
| OPTS_TYPE_MP_MULTI_DISABLE

1
src/modules/module_13753.c
View File

@ -27,6 +27,7 @@ static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE
| OPTI_TYPE_REGISTER_LIMIT;
static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE
| OPTS_TYPE_PT_GENERATE_LE
| OPTS_TYPE_NATIVE_THREADS
| OPTS_TYPE_BINARY_HASHFILE
| OPTS_TYPE_LOOP_EXTENDED
| OPTS_TYPE_MP_MULTI_DISABLE

1
src/modules/module_13761.c
View File

@ -27,6 +27,7 @@ static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE
| OPTI_TYPE_REGISTER_LIMIT;
static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE
| OPTS_TYPE_PT_GENERATE_LE
| OPTS_TYPE_NATIVE_THREADS
| OPTS_TYPE_BINARY_HASHFILE
| OPTS_TYPE_LOOP_EXTENDED
| OPTS_TYPE_MP_MULTI_DISABLE

1
src/modules/module_13762.c
View File

@ -27,6 +27,7 @@ static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE
| OPTI_TYPE_REGISTER_LIMIT;
static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE
| OPTS_TYPE_PT_GENERATE_LE
| OPTS_TYPE_NATIVE_THREADS
| OPTS_TYPE_BINARY_HASHFILE
| OPTS_TYPE_LOOP_EXTENDED
| OPTS_TYPE_MP_MULTI_DISABLE

1
src/modules/module_13763.c
View File

@ -27,6 +27,7 @@ static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE
| OPTI_TYPE_REGISTER_LIMIT;
static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE
| OPTS_TYPE_PT_GENERATE_LE
| OPTS_TYPE_NATIVE_THREADS
| OPTS_TYPE_BINARY_HASHFILE
| OPTS_TYPE_LOOP_EXTENDED
| OPTS_TYPE_MP_MULTI_DISABLE

1
src/modules/module_14800.c
View File

@ -26,6 +26,7 @@ static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE
| OPTI_TYPE_SLOW_HASH_SIMD_LOOP2;
static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE
| OPTS_TYPE_PT_GENERATE_LE
| OPTS_TYPE_NATIVE_THREADS
| OPTS_TYPE_ST_HEX
| OPTS_TYPE_MP_MULTI_DISABLE
| OPTS_TYPE_INIT2

1
src/modules/module_19500.c
View File

@ -23,6 +23,7 @@ static const u64 KERN_TYPE = 19500;
static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE
| OPTI_TYPE_RAW_HASH;
static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE
| OPTS_TYPE_NATIVE_THREADS
| OPTS_TYPE_PT_GENERATE_BE;
static const u32 SALT_TYPE = SALT_TYPE_GENERIC;
static const char *ST_PASS = "hashcat";

4
src/modules/module_20712.c
View File

@ -64,8 +64,8 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
token.attr[0] = TOKEN_ATTR_FIXED_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.len_min[1] = SALT_MIN;
token.len_max[1] = SALT_MAX;
token.len_min[1] = ((SALT_MIN * 8) / 6) + 0;
token.len_max[1] = ((SALT_MAX * 8) / 6) + 3;
token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_BASE64A;

1
src/modules/module_23900.c
View File

@ -22,6 +22,7 @@ static const u64 KERN_TYPE = 23900;
static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE;
static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE
| OPTS_TYPE_PT_GENERATE_LE
| OPTS_TYPE_NATIVE_THREADS
| OPTS_TYPE_ST_HEX;
static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED;
static const char *ST_PASS = "hashcat";

8
src/modules/module_28800.c
View File

@ -23,6 +23,7 @@ static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE
| OPTI_TYPE_NOT_ITERATED
| OPTI_TYPE_SLOW_HASH_SIMD_LOOP;
static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE
| OPTS_TYPE_DEEP_COMP_KERNEL
| OPTS_TYPE_PT_GENERATE_LE;
static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED;
static const char *ST_PASS = "hashcat";
@ -63,6 +64,11 @@ typedef struct krb5db_17_tmp
static const char *SIGNATURE_KRB5DB = "$krb5db$17$";
u32 module_deep_comp_kernel (MAYBE_UNUSED const hashes_t *hashes, MAYBE_UNUSED const u32 salt_pos, MAYBE_UNUSED const u32 digest_pos)
{
return KERN_RUN_3;
}
u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra)
{
const u64 tmp_size = (const u64) sizeof (krb5db_17_tmp_t);
@ -254,7 +260,7 @@ void module_init (module_ctx_t *module_ctx)
module_ctx->module_bridge_name = MODULE_DEFAULT;
module_ctx->module_bridge_type = MODULE_DEFAULT;
module_ctx->module_build_plain_postprocess = MODULE_DEFAULT;
module_ctx->module_deep_comp_kernel = MODULE_DEFAULT;
module_ctx->module_deep_comp_kernel = module_deep_comp_kernel;
module_ctx->module_deprecated_notice = MODULE_DEFAULT;
module_ctx->module_dgst_pos0 = module_dgst_pos0;
module_ctx->module_dgst_pos1 = module_dgst_pos1;

8
src/modules/module_28900.c
View File

@ -23,6 +23,7 @@ static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE
| OPTI_TYPE_NOT_ITERATED
| OPTI_TYPE_SLOW_HASH_SIMD_LOOP;
static const u64 OPTS_TYPE = OPTS_TYPE_STOCK_MODULE
| OPTS_TYPE_DEEP_COMP_KERNEL
| OPTS_TYPE_PT_GENERATE_LE;
static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED;
static const char *ST_PASS = "hashcat";
@ -63,6 +64,11 @@ typedef struct krb5db_18_tmp
static const char *SIGNATURE_KRB5DB = "$krb5db$18$";
u32 module_deep_comp_kernel (MAYBE_UNUSED const hashes_t *hashes, MAYBE_UNUSED const u32 salt_pos, MAYBE_UNUSED const u32 digest_pos)
{
return KERN_RUN_3;
}
u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra)
{
const u64 tmp_size = (const u64) sizeof (krb5db_18_tmp_t);
@ -263,7 +269,7 @@ void module_init (module_ctx_t *module_ctx)
module_ctx->module_bridge_name = MODULE_DEFAULT;
module_ctx->module_bridge_type = MODULE_DEFAULT;
module_ctx->module_build_plain_postprocess = MODULE_DEFAULT;
module_ctx->module_deep_comp_kernel = MODULE_DEFAULT;
module_ctx->module_deep_comp_kernel = module_deep_comp_kernel;
module_ctx->module_deprecated_notice = MODULE_DEFAULT;
module_ctx->module_dgst_pos0 = module_dgst_pos0;
module_ctx->module_dgst_pos1 = module_dgst_pos1;

2
tools/test_modules/m14400.pm
View File

@ -10,7 +10,7 @@ use warnings;
use Digest::SHA qw (sha1_hex);
sub module_constraints { [[0, 235], [20, 20], [0, 35], [20, 20], [0, 55]] }
sub module_constraints { [[0, 235], [20, 20], [0, 24], [20, 20], [0, 55]] }
sub module_generate_hash
{

2
tools/test_modules/m21100.pm
View File

@ -16,7 +16,7 @@ sub module_constraints { [[0, 256], [0, 256], [0, 55], [0, 55], [0, 55]] }
sub module_generate_hash
{
my $word = shift;
my $salt = random_hex_string (1, 256);
my $salt = shift;
my $digest = sha1_hex (md5_hex ($word . $salt));