From 7532058be0383f78f39d9b782c0578bcae4af650 Mon Sep 17 00:00:00 2001 From: Gabriele Gristina Date: Mon, 5 Aug 2019 01:40:49 +0200 Subject: [PATCH 1/5] Added hash-mode 21500 - SHA512(PBKDF2-HMAC-SHA1) --- OpenCL/m21500-pure.cl | 260 +++++++++++++++++++++++++++++++++ src/modules/module_21500.c | 274 +++++++++++++++++++++++++++++++++++ tools/test_modules/m21500.pm | 82 +++++++++++ 3 files changed, 616 insertions(+) create mode 100644 OpenCL/m21500-pure.cl create mode 100644 src/modules/module_21500.c create mode 100644 tools/test_modules/m21500.pm diff --git a/OpenCL/m21500-pure.cl b/OpenCL/m21500-pure.cl new file mode 100644 index 000000000..ff81e2b05 --- /dev/null +++ b/OpenCL/m21500-pure.cl @@ -0,0 +1,260 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#define NEW_SIMD_CODE + +#ifdef KERNEL_STATIC +#include "inc_vendor.h" +#include "inc_types.h" +#include "inc_platform.cl" +#include "inc_common.cl" +#include "inc_simd.cl" +#include "inc_hash_sha1.cl" +#include "inc_hash_sha512.cl" +#endif + +#define COMPARE_S "inc_comp_single.cl" +#define COMPARE_M "inc_comp_multi.cl" + +typedef struct pbkdf2_sha1_tmp +{ + u32 ipad[5]; + u32 opad[5]; + + u32 dgst[260]; + u32 out[260]; + +} pbkdf2_sha1_tmp_t; + +typedef struct pbkdf2_sha1 +{ + u32 salt_buf[64]; + +} pbkdf2_sha1_t; + +DECLSPEC void hmac_sha1_run_V (u32x *w0, u32x *w1, u32x *w2, u32x *w3, u32x *ipad, u32x *opad, u32x *digest) +{ + digest[0] = ipad[0]; + digest[1] = ipad[1]; + digest[2] = ipad[2]; + digest[3] = ipad[3]; + digest[4] = ipad[4]; + + sha1_transform_vector (w0, w1, w2, w3, digest); + + w0[0] = digest[0]; + w0[1] = digest[1]; + w0[2] = digest[2]; + w0[3] = digest[3]; + w1[0] = digest[4]; + w1[1] = 0x80000000; + w1[2] = 0; + w1[3] = 0; + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = (64 + 20) * 8; + + digest[0] = opad[0]; + digest[1] = opad[1]; + digest[2] = opad[2]; + digest[3] = opad[3]; + digest[4] = opad[4]; + + sha1_transform_vector (w0, w1, w2, w3, digest); +} + +KERNEL_FQ void m21500_init (KERN_ATTR_TMPS_ESALT (pbkdf2_sha1_tmp_t, pbkdf2_sha1_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + + if (gid >= gid_max) return; + + sha1_hmac_ctx_t sha1_hmac_ctx; + + sha1_hmac_init_global_swap (&sha1_hmac_ctx, pws[gid].i, pws[gid].pw_len); + + tmps[gid].ipad[0] = sha1_hmac_ctx.ipad.h[0]; + tmps[gid].ipad[1] = sha1_hmac_ctx.ipad.h[1]; + tmps[gid].ipad[2] = sha1_hmac_ctx.ipad.h[2]; + tmps[gid].ipad[3] = sha1_hmac_ctx.ipad.h[3]; + tmps[gid].ipad[4] = sha1_hmac_ctx.ipad.h[4]; + + tmps[gid].opad[0] = sha1_hmac_ctx.opad.h[0]; + tmps[gid].opad[1] = sha1_hmac_ctx.opad.h[1]; + tmps[gid].opad[2] = sha1_hmac_ctx.opad.h[2]; + tmps[gid].opad[3] = sha1_hmac_ctx.opad.h[3]; + tmps[gid].opad[4] = sha1_hmac_ctx.opad.h[4]; + + sha1_hmac_update_global_swap (&sha1_hmac_ctx, esalt_bufs[digests_offset].salt_buf, salt_bufs[salt_pos].salt_len); + + for (u32 i = 0, j = 1; i < 256; i += 5, j += 1) + { + sha1_hmac_ctx_t sha1_hmac_ctx2 = sha1_hmac_ctx; + + u32 w0[4]; + u32 w1[4]; + u32 w2[4]; + u32 w3[4]; + + w0[0] = j; + w0[1] = 0; + w0[2] = 0; + w0[3] = 0; + w1[0] = 0; + w1[1] = 0; + w1[2] = 0; + w1[3] = 0; + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = 0; + + sha1_hmac_update_64 (&sha1_hmac_ctx2, w0, w1, w2, w3, 4); + + sha1_hmac_final (&sha1_hmac_ctx2); + + tmps[gid].dgst[i + 0] = sha1_hmac_ctx2.opad.h[0]; + tmps[gid].dgst[i + 1] = sha1_hmac_ctx2.opad.h[1]; + tmps[gid].dgst[i + 2] = sha1_hmac_ctx2.opad.h[2]; + tmps[gid].dgst[i + 3] = sha1_hmac_ctx2.opad.h[3]; + tmps[gid].dgst[i + 4] = sha1_hmac_ctx2.opad.h[4]; + + tmps[gid].out[i + 0] = tmps[gid].dgst[i + 0]; + tmps[gid].out[i + 1] = tmps[gid].dgst[i + 1]; + tmps[gid].out[i + 2] = tmps[gid].dgst[i + 2]; + tmps[gid].out[i + 3] = tmps[gid].dgst[i + 3]; + tmps[gid].out[i + 4] = tmps[gid].dgst[i + 4]; + } +} + +KERNEL_FQ void m21500_loop (KERN_ATTR_TMPS_ESALT (pbkdf2_sha1_tmp_t, pbkdf2_sha1_t)) +{ + const u64 gid = get_global_id (0); + + if ((gid * VECT_SIZE) >= gid_max) return; + + u32x ipad[5]; + u32x opad[5]; + + ipad[0] = packv (tmps, ipad, gid, 0); + ipad[1] = packv (tmps, ipad, gid, 1); + ipad[2] = packv (tmps, ipad, gid, 2); + ipad[3] = packv (tmps, ipad, gid, 3); + ipad[4] = packv (tmps, ipad, gid, 4); + + opad[0] = packv (tmps, opad, gid, 0); + opad[1] = packv (tmps, opad, gid, 1); + opad[2] = packv (tmps, opad, gid, 2); + opad[3] = packv (tmps, opad, gid, 3); + opad[4] = packv (tmps, opad, gid, 4); + + for (u32 i = 0; i < 256; i += 5) + { + u32x dgst[5]; + u32x out[5]; + + dgst[0] = packv (tmps, dgst, gid, i + 0); + dgst[1] = packv (tmps, dgst, gid, i + 1); + dgst[2] = packv (tmps, dgst, gid, i + 2); + dgst[3] = packv (tmps, dgst, gid, i + 3); + dgst[4] = packv (tmps, dgst, gid, i + 4); + + out[0] = packv (tmps, out, gid, i + 0); + out[1] = packv (tmps, out, gid, i + 1); + out[2] = packv (tmps, out, gid, i + 2); + out[3] = packv (tmps, out, gid, i + 3); + out[4] = packv (tmps, out, gid, i + 4); + + for (u32 j = 0; j < loop_cnt; j++) + { + u32x w0[4]; + u32x w1[4]; + u32x w2[4]; + u32x w3[4]; + + w0[0] = dgst[0]; + w0[1] = dgst[1]; + w0[2] = dgst[2]; + w0[3] = dgst[3]; + w1[0] = dgst[4]; + w1[1] = 0x80000000; + w1[2] = 0; + w1[3] = 0; + w2[0] = 0; + w2[1] = 0; + w2[2] = 0; + w2[3] = 0; + w3[0] = 0; + w3[1] = 0; + w3[2] = 0; + w3[3] = (64 + 20) * 8; + + hmac_sha1_run_V (w0, w1, w2, w3, ipad, opad, dgst); + + out[0] ^= dgst[0]; + out[1] ^= dgst[1]; + out[2] ^= dgst[2]; + out[3] ^= dgst[3]; + out[4] ^= dgst[4]; + } + + unpackv (tmps, dgst, gid, i + 0, dgst[0]); + unpackv (tmps, dgst, gid, i + 1, dgst[1]); + unpackv (tmps, dgst, gid, i + 2, dgst[2]); + unpackv (tmps, dgst, gid, i + 3, dgst[3]); + unpackv (tmps, dgst, gid, i + 4, dgst[4]); + + unpackv (tmps, out, gid, i + 0, out[0]); + unpackv (tmps, out, gid, i + 1, out[1]); + unpackv (tmps, out, gid, i + 2, out[2]); + unpackv (tmps, out, gid, i + 3, out[3]); + unpackv (tmps, out, gid, i + 4, out[4]); + } +} + +KERNEL_FQ void m21500_comp (KERN_ATTR_TMPS_ESALT (pbkdf2_sha1_tmp_t, pbkdf2_sha1_t)) +{ + /** + * base + */ + + const u64 gid = get_global_id (0); + + if (gid >= gid_max) return; + + const u64 lid = get_local_id (0); + + sha512_ctx_t ctx; + + sha512_init (&ctx); + + sha512_update (&ctx, (const u32 *)tmps[gid].out, 1024); + + sha512_final (&ctx); + + const u32 r0 = l32_from_64_S (ctx.h[7]); + const u32 r1 = h32_from_64_S (ctx.h[7]); + const u32 r2 = l32_from_64_S (ctx.h[3]); + const u32 r3 = h32_from_64_S (ctx.h[3]); + + #define il_pos 0 + + #ifdef KERNEL_STATIC + #include COMPARE_M + #endif +} diff --git a/src/modules/module_21500.c b/src/modules/module_21500.c new file mode 100644 index 000000000..a33949735 --- /dev/null +++ b/src/modules/module_21500.c @@ -0,0 +1,274 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#include "common.h" +#include "types.h" +#include "modules.h" +#include "bitops.h" +#include "convert.h" +#include "shared.h" + +static const u32 ATTACK_EXEC = ATTACK_EXEC_OUTSIDE_KERNEL; +static const u32 DGST_POS0 = 14; +static const u32 DGST_POS1 = 15; +static const u32 DGST_POS2 = 6; +static const u32 DGST_POS3 = 7; +static const u32 DGST_SIZE = DGST_SIZE_8_8; +static const u32 HASH_CATEGORY = HASH_CATEGORY_GENERIC_KDF; +static const char *HASH_NAME = "SHA512(PBKDF2-HMAC-SHA1)"; +static const u64 KERN_TYPE = 21500; +static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE + | OPTI_TYPE_USES_BITS_64 + | OPTI_TYPE_SLOW_HASH_SIMD_LOOP; +static const u64 OPTS_TYPE = OPTS_TYPE_PT_GENERATE_LE + | OPTS_TYPE_ST_BASE64 + | OPTS_TYPE_HASH_COPY; +static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; +static const char *ST_PASS = "hashcat"; +static const char *ST_HASH = "sha1:1000:aGFzaGNhdDE=:Dnz04T9ptYINnj9mckXTuk80w6f1vkZLwv02HiufklgnDw53BU1bgn4gsHia/Q6kxYSqK4PDbxRMwa6HB5KA/w=="; + +u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } +u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } +u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } +u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; } +u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; } +u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; } +u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; } +const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; } +u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; } +u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; } +u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; } +u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; } +const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } +const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } + +typedef struct pbkdf2_sha1_tmp +{ + u32 ipad[5]; + u32 opad[5]; + + u32 dgst[260]; + u32 out[260]; + +} pbkdf2_sha1_tmp_t; + +typedef struct pbkdf2_sha1 +{ + u32 salt_buf[64]; + +} pbkdf2_sha1_t; + +static const char *SIGNATURE_PBKDF2_SHA1 = "sha1"; + +u64 module_esalt_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 esalt_size = (const u64) sizeof (pbkdf2_sha1_t); + + return esalt_size; +} + +u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 tmp_size = (const u64) sizeof (pbkdf2_sha1_tmp_t); + + return tmp_size; +} + +u32 module_pw_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + // this overrides the reductions of PW_MAX in case optimized kernel is selected + // IOW, even in optimized kernel mode it support length 256 + + const u32 pw_max = PW_MAX; + + return pw_max; +} + +char *module_jit_build_options (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra, MAYBE_UNUSED const hashes_t *hashes, MAYBE_UNUSED const hc_device_param_t *device_param) +{ + char *jit_build_options = NULL; + + if (device_param->opencl_device_vendor_id == VENDOR_ID_AMD) + { + hc_asprintf (&jit_build_options, "-D NO_UNROLL"); + } + + return jit_build_options; +} + +int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) +{ + u64 *digest = (u64 *) digest_buf; + + pbkdf2_sha1_t *pbkdf2_sha1 = (pbkdf2_sha1_t *) esalt_buf; + + token_t token; + + token.token_cnt = 4; + + token.signatures_cnt = 1; + token.signatures_buf[0] = SIGNATURE_PBKDF2_SHA1; + + token.sep[0] = ':'; + token.len_min[0] = 4; + token.len_max[0] = 4; + token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_SIGNATURE; + + token.sep[1] = ':'; + token.len_min[1] = 1; + token.len_max[1] = 6; + token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_DIGIT; + + token.sep[2] = ':'; + token.len_min[2] = 12; + token.len_max[2] = 24; + token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_BASE64A; + + token.len_min[3] = 64; + token.len_max[3] = 256; + token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_BASE64A; + + const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); + + if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); + + u8 tmp_buf[512]; + int tmp_len; + + // iter + + const u8 *iter_pos = token.buf[1]; + + const u32 iter = hc_strtoul ((const char *) iter_pos, NULL, 10); + + salt->salt_iter = iter - 1; + + // salt + + const u8 *salt_pos = token.buf[2]; + const int salt_len = token.len[2]; + + memset (tmp_buf, 0, sizeof (tmp_buf)); + + tmp_len = base64_decode (base64_to_int, salt_pos, salt_len, tmp_buf); + + if (tmp_len < 8 || tmp_len > 16) return (PARSER_SALT_LENGTH); + + memcpy (pbkdf2_sha1->salt_buf, tmp_buf, tmp_len); + + salt->salt_len = tmp_len; + + salt->salt_buf[0] = pbkdf2_sha1->salt_buf[0]; + salt->salt_buf[1] = pbkdf2_sha1->salt_buf[1]; + salt->salt_buf[2] = pbkdf2_sha1->salt_buf[2]; + salt->salt_buf[3] = pbkdf2_sha1->salt_buf[3]; + salt->salt_buf[4] = salt->salt_iter; + + // hash + + const u8 *hash_pos = token.buf[3]; + const int hash_len = token.len[3]; + + memset (tmp_buf, 0, sizeof (tmp_buf)); + + tmp_len = base64_decode (base64_to_int, hash_pos, hash_len, tmp_buf); + + if (tmp_len < 64) return (PARSER_HASH_LENGTH); + + memcpy (digest, tmp_buf, tmp_len); + + digest[0] = byte_swap_64 (digest[0]); + digest[1] = byte_swap_64 (digest[1]); + digest[2] = byte_swap_64 (digest[2]); + digest[3] = byte_swap_64 (digest[3]); + digest[4] = byte_swap_64 (digest[4]); + digest[5] = byte_swap_64 (digest[5]); + digest[6] = byte_swap_64 (digest[6]); + digest[7] = byte_swap_64 (digest[7]); + + return (PARSER_OK); +} + +int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) +{ + return snprintf (line_buf, line_size, "%s", hash_info->orighash); +} + +void module_init (module_ctx_t *module_ctx) +{ + module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; + module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT; + + module_ctx->module_attack_exec = module_attack_exec; + module_ctx->module_benchmark_esalt = MODULE_DEFAULT; + module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT; + module_ctx->module_benchmark_mask = MODULE_DEFAULT; + module_ctx->module_benchmark_salt = MODULE_DEFAULT; + module_ctx->module_build_plain_postprocess = MODULE_DEFAULT; + module_ctx->module_deep_comp_kernel = MODULE_DEFAULT; + module_ctx->module_dgst_pos0 = module_dgst_pos0; + module_ctx->module_dgst_pos1 = module_dgst_pos1; + module_ctx->module_dgst_pos2 = module_dgst_pos2; + module_ctx->module_dgst_pos3 = module_dgst_pos3; + module_ctx->module_dgst_size = module_dgst_size; + module_ctx->module_dictstat_disable = MODULE_DEFAULT; + module_ctx->module_esalt_size = module_esalt_size; + module_ctx->module_extra_buffer_size = MODULE_DEFAULT; + module_ctx->module_extra_tmp_size = MODULE_DEFAULT; + module_ctx->module_forced_outfile_format = MODULE_DEFAULT; + module_ctx->module_hash_binary_count = MODULE_DEFAULT; + module_ctx->module_hash_binary_parse = MODULE_DEFAULT; + module_ctx->module_hash_binary_save = MODULE_DEFAULT; + module_ctx->module_hash_decode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; + module_ctx->module_hash_decode = module_hash_decode; + module_ctx->module_hash_encode_status = MODULE_DEFAULT; + module_ctx->module_hash_encode_potfile = MODULE_DEFAULT; + module_ctx->module_hash_encode = module_hash_encode; + module_ctx->module_hash_init_selftest = MODULE_DEFAULT; + module_ctx->module_hash_mode = MODULE_DEFAULT; + module_ctx->module_hash_category = module_hash_category; + module_ctx->module_hash_name = module_hash_name; + module_ctx->module_hashes_count_min = MODULE_DEFAULT; + module_ctx->module_hashes_count_max = MODULE_DEFAULT; + module_ctx->module_hlfmt_disable = MODULE_DEFAULT; + module_ctx->module_hook12 = MODULE_DEFAULT; + module_ctx->module_hook23 = MODULE_DEFAULT; + module_ctx->module_hook_salt_size = MODULE_DEFAULT; + module_ctx->module_hook_size = MODULE_DEFAULT; + module_ctx->module_jit_build_options = module_jit_build_options; + module_ctx->module_jit_cache_disable = MODULE_DEFAULT; + module_ctx->module_kernel_accel_max = MODULE_DEFAULT; + module_ctx->module_kernel_accel_min = MODULE_DEFAULT; + module_ctx->module_kernel_loops_max = MODULE_DEFAULT; + module_ctx->module_kernel_loops_min = MODULE_DEFAULT; + module_ctx->module_kernel_threads_max = MODULE_DEFAULT; + module_ctx->module_kernel_threads_min = MODULE_DEFAULT; + module_ctx->module_kern_type = module_kern_type; + module_ctx->module_kern_type_dynamic = MODULE_DEFAULT; + module_ctx->module_opti_type = module_opti_type; + module_ctx->module_opts_type = module_opts_type; + module_ctx->module_outfile_check_disable = MODULE_DEFAULT; + module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT; + module_ctx->module_potfile_custom_check = MODULE_DEFAULT; + module_ctx->module_potfile_disable = MODULE_DEFAULT; + module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; + module_ctx->module_pwdump_column = MODULE_DEFAULT; + module_ctx->module_pw_max = module_pw_max; + module_ctx->module_pw_min = MODULE_DEFAULT; + module_ctx->module_salt_max = MODULE_DEFAULT; + module_ctx->module_salt_min = MODULE_DEFAULT; + module_ctx->module_salt_type = module_salt_type; + module_ctx->module_separator = MODULE_DEFAULT; + module_ctx->module_st_hash = module_st_hash; + module_ctx->module_st_pass = module_st_pass; + module_ctx->module_tmp_size = module_tmp_size; + module_ctx->module_unstable_warning = MODULE_DEFAULT; + module_ctx->module_warmup_disable = MODULE_DEFAULT; +} diff --git a/tools/test_modules/m21500.pm b/tools/test_modules/m21500.pm new file mode 100644 index 000000000..4579efa33 --- /dev/null +++ b/tools/test_modules/m21500.pm @@ -0,0 +1,82 @@ +#!/usr/bin/env perl + +## +## Author......: See docs/credits.txt +## License.....: MIT +## + +use strict; +use warnings; + +use MIME::Base64 qw (encode_base64 decode_base64); +use Crypt::PBKDF2; +use Digest::SHA qw (sha512); +use Encode; + +sub module_constraints { [[0, 256], [8, 16], [-1, -1], [-1, -1], [-1, -1]] } + +sub module_generate_hash +{ + my $word = shift; + my $salt = shift; + my $iter = 1000; + + my $kdf = Crypt::PBKDF2->new + ( + hash_class => 'HMACSHA1', + iterations => $iter, + output_len => 1024 + ); + + my $key = $kdf->PBKDF2 ($salt, $word); + + my $key_b64 = encode_base64 (sha512($key), ""); + + my $salt_b64 = encode_base64 ($salt, ""); + + my $hash = sprintf ("sha1:%i:%s:%s", $iter, $salt_b64, $key_b64); + + return $hash; +} + +sub module_verify_hash +{ + my $line = shift; + + return unless (substr ($line, 0, 5) eq 'sha1:'); + + # iterations + my $index1 = index ($line, ":", 5); + + return if $index1 < 1; + + my $iter = substr ($line, 5, $index1 - 5); + + # salt + + my $index2 = index ($line, ":", $index1 + 1); + + return if $index2 < 1; + + my $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1); + + $salt = decode_base64 ($salt); + + # end of digest + + $index1 = index ($line, ":", $index2 + 1); + + return if $index1 < 1; + + # word / hash + + my $word = substr ($line, $index1 + 1); + + my $word_packed = pack_if_HEX_notation ($word); + + my $new_hash = module_generate_hash ($word_packed, $salt, $iter); + + return ($new_hash, $word); +} + +1; From 54f8811b4ed3dfd03b76c8b9ce7f1dfa4db4bd9e Mon Sep 17 00:00:00 2001 From: Gabriele Gristina Date: Tue, 6 Aug 2019 02:29:52 +0200 Subject: [PATCH 2/5] update SolarWinds Orion patch (1) --- OpenCL/m21500-pure.cl | 2 +- docs/changes.txt | 1 + docs/credits.txt | 1 + docs/readme.txt | 1 + src/modules/module_21500.c | 111 ++++++++++++++++++++++++------------- 5 files changed, 76 insertions(+), 40 deletions(-) diff --git a/OpenCL/m21500-pure.cl b/OpenCL/m21500-pure.cl index ff81e2b05..f0614c07d 100644 --- a/OpenCL/m21500-pure.cl +++ b/OpenCL/m21500-pure.cl @@ -30,7 +30,7 @@ typedef struct pbkdf2_sha1_tmp typedef struct pbkdf2_sha1 { - u32 salt_buf[64]; + u32 salt_buf[4]; } pbkdf2_sha1_t; diff --git a/docs/changes.txt b/docs/changes.txt index 511a0d95f..8443e93e3 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -37,6 +37,7 @@ - Added hash-mode: Python passlib pbkdf2-sha512 - Added hash-mode: Oracle Transportation Management (SHA256) - Added hash-mode: sha1(md5($pass).$salt) +- Added hash-mode: SolarWinds Orion, SHA512(PBKDF2-HMAC-SHA1) ## ## Bugs diff --git a/docs/credits.txt b/docs/credits.txt index 9eb7b0dac..58360d3de 100644 --- a/docs/credits.txt +++ b/docs/credits.txt @@ -18,6 +18,7 @@ Philipp "philsmd" Schmidt (@philsmd) Gabriele "matrix" Gristina (@gm4tr1x) +* SolarWinds Orion, SHA512(PBKDF2-HMAC-SHA1), kernel module * sha1(md5($pass).$salt) kernel module * gzip wordlists feature * SHA-224 kernel module + optimizations diff --git a/docs/readme.txt b/docs/readme.txt index 7e3e8d468..442dab752 100644 --- a/docs/readme.txt +++ b/docs/readme.txt @@ -279,6 +279,7 @@ NVIDIA GPUs require "NVIDIA Driver" (418.56 or later) and "CUDA Toolkit" (10.1 o - Ethereum Wallet, SCRYPT - Ethereum Pre-Sale Wallet, PBKDF2-HMAC-SHA256 - Ansible Vault +- SolarWinds Orion, SHA512(PBKDF2-HMAC-SHA1) - Plaintext ## diff --git a/src/modules/module_21500.c b/src/modules/module_21500.c index a33949735..cd6bbec6d 100644 --- a/src/modules/module_21500.c +++ b/src/modules/module_21500.c @@ -17,7 +17,7 @@ static const u32 DGST_POS2 = 6; static const u32 DGST_POS3 = 7; static const u32 DGST_SIZE = DGST_SIZE_8_8; static const u32 HASH_CATEGORY = HASH_CATEGORY_GENERIC_KDF; -static const char *HASH_NAME = "SHA512(PBKDF2-HMAC-SHA1)"; +static const char *HASH_NAME = "SolarWinds Orion"; static const u64 KERN_TYPE = 21500; static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE | OPTI_TYPE_USES_BITS_64 @@ -27,7 +27,9 @@ static const u64 OPTS_TYPE = OPTS_TYPE_PT_GENERATE_LE | OPTS_TYPE_HASH_COPY; static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; static const char *ST_PASS = "hashcat"; -static const char *ST_HASH = "sha1:1000:aGFzaGNhdDE=:Dnz04T9ptYINnj9mckXTuk80w6f1vkZLwv02HiufklgnDw53BU1bgn4gsHia/Q6kxYSqK4PDbxRMwa6HB5KA/w=="; +static const char *ST_HASH = "$solarwinds$0$hashcat1$Dnz04T9ptYINnj9mckXTuk80w6f1vkZLwv02HiufklgnDw53BU1bgn4gsHia/Q6kxYSqK4PDbxRMwa6HB5KA/w=="; + +static const char *SALT_PADDING = "1244352345234"; u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } @@ -60,7 +62,7 @@ typedef struct pbkdf2_sha1 } pbkdf2_sha1_t; -static const char *SIGNATURE_PBKDF2_SHA1 = "sha1"; +static const char *SIGNATURE_SOLARWINDS_ORION = "$solarwinds$0$"; u64 module_esalt_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { @@ -106,63 +108,67 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE token_t token; - token.token_cnt = 4; + token.token_cnt = 3; token.signatures_cnt = 1; - token.signatures_buf[0] = SIGNATURE_PBKDF2_SHA1; + token.signatures_buf[0] = SIGNATURE_SOLARWINDS_ORION; - token.sep[0] = ':'; - token.len_min[0] = 4; - token.len_max[0] = 4; - token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH + token.len[0] = 14; + token.attr[0] = TOKEN_ATTR_FIXED_LENGTH | TOKEN_ATTR_VERIFY_SIGNATURE; - token.sep[1] = ':'; - token.len_min[1] = 1; - token.len_max[1] = 6; - token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH - | TOKEN_ATTR_VERIFY_DIGIT; + token.sep[1] = '$'; + token.len_min[1] = 0; + token.len_max[1] = 16; + token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH; - token.sep[2] = ':'; - token.len_min[2] = 12; - token.len_max[2] = 24; + token.sep[2] = '$'; + token.len_min[2] = 64; + token.len_max[2] = 256; token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH | TOKEN_ATTR_VERIFY_BASE64A; - token.len_min[3] = 64; - token.len_max[3] = 256; - token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH - | TOKEN_ATTR_VERIFY_BASE64A; - const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); - u8 tmp_buf[512]; - int tmp_len; - // iter - const u8 *iter_pos = token.buf[1]; - - const u32 iter = hc_strtoul ((const char *) iter_pos, NULL, 10); + const u32 iter = 1000; salt->salt_iter = iter - 1; // salt - const u8 *salt_pos = token.buf[2]; - const int salt_len = token.len[2]; + char *salt_pos = (char *) token.buf[1]; + int salt_len = token.len[1]; - memset (tmp_buf, 0, sizeof (tmp_buf)); + if (salt_len > 16) return (PARSER_SALT_LENGTH); - tmp_len = base64_decode (base64_to_int, salt_pos, salt_len, tmp_buf); + char custom_salt[17]; - if (tmp_len < 8 || tmp_len > 16) return (PARSER_SALT_LENGTH); + memset (custom_salt, 0, sizeof (custom_salt)); - memcpy (pbkdf2_sha1->salt_buf, tmp_buf, tmp_len); + for (int i = 0; i < salt_len; i++, salt_pos++) + { + if (*salt_pos >= 'A' && *salt_pos <= 'Z') { + custom_salt[i] = *salt_pos + 32; + } else { + custom_salt[i] = *salt_pos; + } + } - salt->salt_len = tmp_len; + if (salt_len < 8) + { + strncat (custom_salt, SALT_PADDING, 8 - salt_len); + salt_len = 8; + } + + salt_pos = custom_salt; + + memcpy (pbkdf2_sha1->salt_buf, salt_pos, salt_len); + + salt->salt_len = salt_len; salt->salt_buf[0] = pbkdf2_sha1->salt_buf[0]; salt->salt_buf[1] = pbkdf2_sha1->salt_buf[1]; @@ -172,12 +178,14 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE // hash - const u8 *hash_pos = token.buf[3]; - const int hash_len = token.len[3]; + const u8 *hash_pos = token.buf[2]; + const int hash_len = token.len[2]; + + u8 tmp_buf[256]; memset (tmp_buf, 0, sizeof (tmp_buf)); - tmp_len = base64_decode (base64_to_int, hash_pos, hash_len, tmp_buf); + int tmp_len = base64_decode (base64_to_int, hash_pos, hash_len, tmp_buf); if (tmp_len < 64) return (PARSER_HASH_LENGTH); @@ -197,7 +205,32 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) { - return snprintf (line_buf, line_size, "%s", hash_info->orighash); + const u64 *digest = (u64 *) digest_buf; + + const pbkdf2_sha1_t *pbkdf2_sha1 = (const pbkdf2_sha1_t *) esalt_buf; + + // hash + + u64 tmp[9]; + + tmp[0] = byte_swap_64 (digest[0]); + tmp[1] = byte_swap_64 (digest[1]); + tmp[2] = byte_swap_64 (digest[2]); + tmp[3] = byte_swap_64 (digest[3]); + tmp[4] = byte_swap_64 (digest[4]); + tmp[5] = byte_swap_64 (digest[5]); + tmp[6] = byte_swap_64 (digest[6]); + tmp[7] = byte_swap_64 (digest[7]); + tmp[8] = 0; + + char hash_enc[256] = { 0 }; + + base64_encode (int_to_base64, (const u8 *) tmp, 64, (u8 *) hash_enc); + + // output + const int line_len = snprintf (line_buf, line_size, "%s%s$%s", SIGNATURE_SOLARWINDS_ORION, (const u8 *) pbkdf2_sha1->salt_buf, hash_enc); + + return line_len; } void module_init (module_ctx_t *module_ctx) From 18834efa3fadc87e68e0824386833558d26fe181 Mon Sep 17 00:00:00 2001 From: Gabriele Gristina Date: Tue, 6 Aug 2019 02:31:41 +0200 Subject: [PATCH 3/5] cleanup changes.txt --- docs/changes.txt | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/changes.txt b/docs/changes.txt index 8443e93e3..511a0d95f 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -37,7 +37,6 @@ - Added hash-mode: Python passlib pbkdf2-sha512 - Added hash-mode: Oracle Transportation Management (SHA256) - Added hash-mode: sha1(md5($pass).$salt) -- Added hash-mode: SolarWinds Orion, SHA512(PBKDF2-HMAC-SHA1) ## ## Bugs From 5f44ce06f67aa74a9e524e912e07e38fde379568 Mon Sep 17 00:00:00 2001 From: Gabriele Gristina Date: Tue, 6 Aug 2019 20:23:37 +0200 Subject: [PATCH 4/5] update SolarWinds Orion patch (2) --- OpenCL/inc_hash_sha512.h | 1 + OpenCL/m21500-pure.cl | 2 +- src/Makefile | 2 +- src/modules/module_21500.c | 25 +++++++-------------- tools/test_modules/m21500.pm | 43 ++++++++++++++---------------------- 5 files changed, 28 insertions(+), 45 deletions(-) diff --git a/OpenCL/inc_hash_sha512.h b/OpenCL/inc_hash_sha512.h index 923eae678..f30dc2b86 100644 --- a/OpenCL/inc_hash_sha512.h +++ b/OpenCL/inc_hash_sha512.h @@ -127,6 +127,7 @@ DECLSPEC void sha512_hmac_init (sha512_hmac_ctx_t *ctx, const u32 *w, const int DECLSPEC void sha512_hmac_init_swap (sha512_hmac_ctx_t *ctx, const u32 *w, const int len); DECLSPEC void sha512_hmac_init_global (sha512_hmac_ctx_t *ctx, GLOBAL_AS const u32 *w, const int len); DECLSPEC void sha512_hmac_init_global_swap (sha512_hmac_ctx_t *ctx, GLOBAL_AS const u32 *w, const int len); +DECLSPEC void sha512_hmac_init_global_utf16le_swap (sha512_hmac_ctx_t *ctx, GLOBAL_AS const u32 *w, const int len); DECLSPEC void sha512_hmac_update_128 (sha512_hmac_ctx_t *ctx, u32 *w0, u32 *w1, u32 *w2, u32 *w3, u32 *w4, u32 *w5, u32 *w6, u32 *w7, const int len); DECLSPEC void sha512_hmac_update (sha512_hmac_ctx_t *ctx, const u32 *w, const int len); DECLSPEC void sha512_hmac_update_swap (sha512_hmac_ctx_t *ctx, const u32 *w, const int len); diff --git a/OpenCL/m21500-pure.cl b/OpenCL/m21500-pure.cl index f0614c07d..0a8cad2f4 100644 --- a/OpenCL/m21500-pure.cl +++ b/OpenCL/m21500-pure.cl @@ -30,7 +30,7 @@ typedef struct pbkdf2_sha1_tmp typedef struct pbkdf2_sha1 { - u32 salt_buf[4]; + u32 salt_buf[5]; } pbkdf2_sha1_t; diff --git a/src/Makefile b/src/Makefile index c61078a4a..a0fc8e842 100644 --- a/src/Makefile +++ b/src/Makefile @@ -4,7 +4,7 @@ ## SHARED := 0 -DEBUG := 0 +DEBUG := 1 PRODUCTION := 0 PRODUCTION_VERSION := v5.1.0 ENABLE_BRAIN := 1 diff --git a/src/modules/module_21500.c b/src/modules/module_21500.c index cd6bbec6d..4afb4d687 100644 --- a/src/modules/module_21500.c +++ b/src/modules/module_21500.c @@ -16,7 +16,7 @@ static const u32 DGST_POS1 = 15; static const u32 DGST_POS2 = 6; static const u32 DGST_POS3 = 7; static const u32 DGST_SIZE = DGST_SIZE_8_8; -static const u32 HASH_CATEGORY = HASH_CATEGORY_GENERIC_KDF; +static const u32 HASH_CATEGORY = HASH_CATEGORY_EAS; static const char *HASH_NAME = "SolarWinds Orion"; static const u64 KERN_TYPE = 21500; static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE @@ -58,10 +58,12 @@ typedef struct pbkdf2_sha1_tmp typedef struct pbkdf2_sha1 { - u32 salt_buf[64]; + u32 salt_buf[5]; } pbkdf2_sha1_t; +static const u32 ROUNDS_SOLARWINDS_ORION = 1000; + static const char *SIGNATURE_SOLARWINDS_ORION = "$solarwinds$0$"; u64 module_esalt_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) @@ -134,16 +136,13 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE // iter - const u32 iter = 1000; - - salt->salt_iter = iter - 1; + salt->salt_iter = ROUNDS_SOLARWINDS_ORION - 1; // salt - char *salt_pos = (char *) token.buf[1]; - int salt_len = token.len[1]; + const u8 *salt_pos = token.buf[1]; - if (salt_len > 16) return (PARSER_SALT_LENGTH); + int salt_len = token.len[1]; char custom_salt[17]; @@ -164,18 +163,10 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE salt_len = 8; } - salt_pos = custom_salt; - - memcpy (pbkdf2_sha1->salt_buf, salt_pos, salt_len); + memcpy (pbkdf2_sha1->salt_buf, custom_salt, salt_len); salt->salt_len = salt_len; - salt->salt_buf[0] = pbkdf2_sha1->salt_buf[0]; - salt->salt_buf[1] = pbkdf2_sha1->salt_buf[1]; - salt->salt_buf[2] = pbkdf2_sha1->salt_buf[2]; - salt->salt_buf[3] = pbkdf2_sha1->salt_buf[3]; - salt->salt_buf[4] = salt->salt_iter; - // hash const u8 *hash_pos = token.buf[2]; diff --git a/tools/test_modules/m21500.pm b/tools/test_modules/m21500.pm index 4579efa33..209a9c16b 100644 --- a/tools/test_modules/m21500.pm +++ b/tools/test_modules/m21500.pm @@ -32,9 +32,7 @@ sub module_generate_hash my $key_b64 = encode_base64 (sha512($key), ""); - my $salt_b64 = encode_base64 ($salt, ""); - - my $hash = sprintf ("sha1:%i:%s:%s", $iter, $salt_b64, $key_b64); + my $hash = sprintf ("\$solarwinds\$0\$%s\$%s", $salt, $key_b64); return $hash; } @@ -43,38 +41,31 @@ sub module_verify_hash { my $line = shift; - return unless (substr ($line, 0, 5) eq 'sha1:'); + my ($hash, $word) = split (':', $line); - # iterations - my $index1 = index ($line, ":", 5); + return unless defined $hash; + return unless defined $word; - return if $index1 < 1; + my @data = split ('\$', $hash); - my $iter = substr ($line, 5, $index1 - 5); + return unless scalar @data == 4; - # salt + shift @data; - my $index2 = index ($line, ":", $index1 + 1); + my $signature = shift @data; + my $sig_dec = shift @data; + my $salt = shift @data; + my $hash_b64 = shift @data; + my $hash_raw = decode_base64 ($hash_b64); - return if $index2 < 1; - - my $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1); - - $salt = decode_base64 ($salt); - - # end of digest - - $index1 = index ($line, ":", $index2 + 1); - - return if $index1 < 1; - - # word / hash - - my $word = substr ($line, $index1 + 1); + return unless ($signature eq "solarwinds"); + return unless ($sig_dec eq "0"); + return unless (length ($salt) > 16); + return unless (length ($hash_raw) != 128); my $word_packed = pack_if_HEX_notation ($word); - my $new_hash = module_generate_hash ($word_packed, $salt, $iter); + my $new_hash = module_generate_hash ($word_packed, $salt); return ($new_hash, $word); } From e921fbdf19b1958a7849c2b4eb0bff025a2dada9 Mon Sep 17 00:00:00 2001 From: Gabriele Gristina Date: Wed, 7 Aug 2019 21:21:14 +0200 Subject: [PATCH 5/5] update SolarWinds Orion patch (3) --- OpenCL/m21500-pure.cl | 4 ++-- docs/readme.txt | 1 - src/Makefile | 2 +- src/modules/module_21500.c | 45 +++++++------------------------------- 4 files changed, 11 insertions(+), 41 deletions(-) diff --git a/OpenCL/m21500-pure.cl b/OpenCL/m21500-pure.cl index 0a8cad2f4..5864d8a61 100644 --- a/OpenCL/m21500-pure.cl +++ b/OpenCL/m21500-pure.cl @@ -30,7 +30,7 @@ typedef struct pbkdf2_sha1_tmp typedef struct pbkdf2_sha1 { - u32 salt_buf[5]; + u32 salt_buf[64]; } pbkdf2_sha1_t; @@ -243,7 +243,7 @@ KERNEL_FQ void m21500_comp (KERN_ATTR_TMPS_ESALT (pbkdf2_sha1_tmp_t, pbkdf2_sha1 sha512_init (&ctx); - sha512_update (&ctx, (const u32 *)tmps[gid].out, 1024); + sha512_update_global (&ctx, tmps[gid].out, 1024); sha512_final (&ctx); diff --git a/docs/readme.txt b/docs/readme.txt index 442dab752..7e3e8d468 100644 --- a/docs/readme.txt +++ b/docs/readme.txt @@ -279,7 +279,6 @@ NVIDIA GPUs require "NVIDIA Driver" (418.56 or later) and "CUDA Toolkit" (10.1 o - Ethereum Wallet, SCRYPT - Ethereum Pre-Sale Wallet, PBKDF2-HMAC-SHA256 - Ansible Vault -- SolarWinds Orion, SHA512(PBKDF2-HMAC-SHA1) - Plaintext ## diff --git a/src/Makefile b/src/Makefile index a0fc8e842..c61078a4a 100644 --- a/src/Makefile +++ b/src/Makefile @@ -4,7 +4,7 @@ ## SHARED := 0 -DEBUG := 1 +DEBUG := 0 PRODUCTION := 0 PRODUCTION_VERSION := v5.1.0 ENABLE_BRAIN := 1 diff --git a/src/modules/module_21500.c b/src/modules/module_21500.c index 4afb4d687..53d4fd46b 100644 --- a/src/modules/module_21500.c +++ b/src/modules/module_21500.c @@ -58,7 +58,7 @@ typedef struct pbkdf2_sha1_tmp typedef struct pbkdf2_sha1 { - u32 salt_buf[5]; + u32 salt_buf[64]; } pbkdf2_sha1_t; @@ -140,7 +140,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE // salt - const u8 *salt_pos = token.buf[1]; + const char *salt_pos = (char *) token.buf[1]; int salt_len = token.len[1]; @@ -148,14 +148,9 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE memset (custom_salt, 0, sizeof (custom_salt)); - for (int i = 0; i < salt_len; i++, salt_pos++) - { - if (*salt_pos >= 'A' && *salt_pos <= 'Z') { - custom_salt[i] = *salt_pos + 32; - } else { - custom_salt[i] = *salt_pos; - } - } + strncpy (custom_salt, salt_pos, salt_len); + + lowercase ((u8 *) custom_salt, salt_len); if (salt_len < 8) { @@ -163,7 +158,8 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE salt_len = 8; } - memcpy (pbkdf2_sha1->salt_buf, custom_salt, salt_len); + memcpy ((char *) pbkdf2_sha1->salt_buf, custom_salt, salt_len); + memcpy (salt->salt_buf, custom_salt, salt_len); salt->salt_len = salt_len; @@ -196,32 +192,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) { - const u64 *digest = (u64 *) digest_buf; - - const pbkdf2_sha1_t *pbkdf2_sha1 = (const pbkdf2_sha1_t *) esalt_buf; - - // hash - - u64 tmp[9]; - - tmp[0] = byte_swap_64 (digest[0]); - tmp[1] = byte_swap_64 (digest[1]); - tmp[2] = byte_swap_64 (digest[2]); - tmp[3] = byte_swap_64 (digest[3]); - tmp[4] = byte_swap_64 (digest[4]); - tmp[5] = byte_swap_64 (digest[5]); - tmp[6] = byte_swap_64 (digest[6]); - tmp[7] = byte_swap_64 (digest[7]); - tmp[8] = 0; - - char hash_enc[256] = { 0 }; - - base64_encode (int_to_base64, (const u8 *) tmp, 64, (u8 *) hash_enc); - - // output - const int line_len = snprintf (line_buf, line_size, "%s%s$%s", SIGNATURE_SOLARWINDS_ORION, (const u8 *) pbkdf2_sha1->salt_buf, hash_enc); - - return line_len; + return snprintf (line_buf, line_size, "%s", hash_info->orighash); } void module_init (module_ctx_t *module_ctx)