arno/hashcat
1
0
Fork 0
mirror of https://github.com/hashcat/hashcat.git synced 2024-11-22 16:18:09 +00:00
Code Issues Releases Wiki Activity

Merge pull request #1710 from unix-ninja/master

Browse Source 
Add support for TOTP (RFC 6238)
This commit is contained in:
Jens Steube 2018-10-22 20:49:31 +02:00 committed by GitHub
commit e2a9409413
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
11 changed files with 774 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

192
OpenCL/m18100_a0-pure.cl Normal file
View File

@ -0,0 +1,192 @@
/**
* Author......: See docs/credits.txt
* License.....: MIT
*/
//#define NEW_SIMD_CODE
#include "inc_vendor.cl"
#include "inc_hash_constants.h"
#include "inc_hash_functions.cl"
#include "inc_types.cl"
#include "inc_common.cl"
#include "inc_rp.h"
#include "inc_rp.cl"
#include "inc_scalar.cl"
#include "inc_hash_sha1.cl"
__kernel void m18100_mxx (__global pw_t *pws, __constant const kernel_rule_t *rules_buf, __global const pw_t *combs_buf, __global const bf_t *bfs_buf, __global void *tmps, __global void *hooks, __global const u32 *bitmaps_buf_s1_a, __global const u32 *bitmaps_buf_s1_b, __global const u32 *bitmaps_buf_s1_c, __global const u32 *bitmaps_buf_s1_d, __global const u32 *bitmaps_buf_s2_a, __global const u32 *bitmaps_buf_s2_b, __global const u32 *bitmaps_buf_s2_c, __global const u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global const digest_t *digests_buf, __global u32 *hashes_shown, __global const salt_t *salt_bufs, __global const void *esalt_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV0_buf, __global u32 *d_scryptV1_buf, __global u32 *d_scryptV2_buf, __global u32 *d_scryptV3_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u64 gid_max)
{
/**
* modifier
*/
const u64 lid = get_local_id (0);
const u64 gid = get_global_id (0);
if (gid >= gid_max) return;
/**
* base
*/
COPY_PW (pws[gid]);
const u32 salt_len = 8;
u32 s[64] = { 0 };
for (int i = 0, idx = 0; i < salt_len; i += 4, idx += 1)
{
s[idx] = swap32_S (salt_bufs[salt_pos].salt_buf[idx]);
}
/**
* loop
*/
for (u32 il_pos = 0; il_pos < il_cnt; il_pos++)
{
pw_t tmp = PASTE_PW;
tmp.pw_len = apply_rules (rules_buf[il_pos].cmds, tmp.i, tmp.pw_len);
sha1_hmac_ctx_t ctx;
sha1_hmac_init_swap (&ctx, tmp.i, tmp.pw_len);
sha1_hmac_update (&ctx, s, salt_len);
sha1_hmac_final (&ctx);
// initialize a buffer for the otp code
u32 otp_code = 0;
// grab 4 consecutive bytes of the hash, starting at offset
switch (ctx.opad.h[4] & 15)
{
case 0: otp_code = ctx.opad.h[0]; break;
case 1: otp_code = ctx.opad.h[0] << 8 | ctx.opad.h[1] >> 24; break;
case 2: otp_code = ctx.opad.h[0] << 16 | ctx.opad.h[1] >> 16; break;
case 3: otp_code = ctx.opad.h[0] << 24 | ctx.opad.h[1] >> 8; break;
case 4: otp_code = ctx.opad.h[1]; break;
case 5: otp_code = ctx.opad.h[1] << 8 | ctx.opad.h[2] >> 24; break;
case 6: otp_code = ctx.opad.h[1] << 16 | ctx.opad.h[2] >> 16; break;
case 7: otp_code = ctx.opad.h[1] << 24 | ctx.opad.h[2] >> 8; break;
case 8: otp_code = ctx.opad.h[2]; break;
case 9: otp_code = ctx.opad.h[2] << 8 | ctx.opad.h[3] >> 24; break;
case 10: otp_code = ctx.opad.h[2] << 16 | ctx.opad.h[3] >> 16; break;
case 11: otp_code = ctx.opad.h[2] << 24 | ctx.opad.h[3] >> 8; break;
case 12: otp_code = ctx.opad.h[3]; break;
case 13: otp_code = ctx.opad.h[3] << 8 | ctx.opad.h[4] >> 24; break;
case 14: otp_code = ctx.opad.h[3] << 16 | ctx.opad.h[4] >> 16; break;
case 15: otp_code = ctx.opad.h[3] << 24 | ctx.opad.h[4] >> 8; break;
}
// take only the lower 31 bits
otp_code &= 0x7fffffff;
// we want to generate only 6 digits of code
otp_code %= 1000000;
const u32 r0 = ctx.opad.h[DGST_R0];
const u32 r1 = ctx.opad.h[DGST_R1];
const u32 r2 = ctx.opad.h[DGST_R2];
const u32 r3 = ctx.opad.h[DGST_R3];
COMPARE_M_SCALAR (otp_code, 0, 0, 0);
}
}
__kernel void m18100_sxx (__global pw_t *pws, __constant const kernel_rule_t *rules_buf, __global const pw_t *combs_buf, __global const bf_t *bfs_buf, __global void *tmps, __global void *hooks, __global const u32 *bitmaps_buf_s1_a, __global const u32 *bitmaps_buf_s1_b, __global const u32 *bitmaps_buf_s1_c, __global const u32 *bitmaps_buf_s1_d, __global const u32 *bitmaps_buf_s2_a, __global const u32 *bitmaps_buf_s2_b, __global const u32 *bitmaps_buf_s2_c, __global const u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global const digest_t *digests_buf, __global u32 *hashes_shown, __global const salt_t *salt_bufs, __global const void *esalt_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV0_buf, __global u32 *d_scryptV1_buf, __global u32 *d_scryptV2_buf, __global u32 *d_scryptV3_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u64 gid_max)
{
/**
* modifier
*/
const u64 lid = get_local_id (0);
const u64 gid = get_global_id (0);
if (gid >= gid_max) return;
/**
* digest
*/
const u32 search[4] =
{
digests_buf[digests_offset].digest_buf[DGST_R0],
digests_buf[digests_offset].digest_buf[DGST_R1],
digests_buf[digests_offset].digest_buf[DGST_R2],
digests_buf[digests_offset].digest_buf[DGST_R3]
};
/**
* base
*/
COPY_PW (pws[gid]);
const u32 salt_len = 8;
u32 s[64] = { 0 };
for (int i = 0, idx = 0; i < salt_len; i += 4, idx += 1)
{
s[idx] = swap32_S (salt_bufs[salt_pos].salt_buf[idx]);
}
/**
* loop
*/
for (u32 il_pos = 0; il_pos < il_cnt; il_pos++)
{
pw_t tmp = PASTE_PW;
tmp.pw_len = apply_rules (rules_buf[il_pos].cmds, tmp.i, tmp.pw_len);
sha1_hmac_ctx_t ctx;
sha1_hmac_init_swap (&ctx, tmp.i, tmp.pw_len);
sha1_hmac_update (&ctx, s, salt_len);
sha1_hmac_final (&ctx);
// initialize a buffer for the otp code
u32 otp_code = 0;
// grab 4 consecutive bytes of the hash, starting at offset
switch (ctx.opad.h[4] & 15)
{
case 0: otp_code = ctx.opad.h[0]; break;
case 1: otp_code = ctx.opad.h[0] << 8 | ctx.opad.h[1] >> 24; break;
case 2: otp_code = ctx.opad.h[0] << 16 | ctx.opad.h[1] >> 16; break;
case 3: otp_code = ctx.opad.h[0] << 24 | ctx.opad.h[1] >> 8; break;
case 4: otp_code = ctx.opad.h[1]; break;
case 5: otp_code = ctx.opad.h[1] << 8 | ctx.opad.h[2] >> 24; break;
case 6: otp_code = ctx.opad.h[1] << 16 | ctx.opad.h[2] >> 16; break;
case 7: otp_code = ctx.opad.h[1] << 24 | ctx.opad.h[2] >> 8; break;
case 8: otp_code = ctx.opad.h[2]; break;
case 9: otp_code = ctx.opad.h[2] << 8 | ctx.opad.h[3] >> 24; break;
case 10: otp_code = ctx.opad.h[2] << 16 | ctx.opad.h[3] >> 16; break;
case 11: otp_code = ctx.opad.h[2] << 24 | ctx.opad.h[3] >> 8; break;
case 12: otp_code = ctx.opad.h[3]; break;
case 13: otp_code = ctx.opad.h[3] << 8 | ctx.opad.h[4] >> 24; break;
case 14: otp_code = ctx.opad.h[3] << 16 | ctx.opad.h[4] >> 16; break;
case 15: otp_code = ctx.opad.h[3] << 24 | ctx.opad.h[4] >> 8; break;
}
// take only the lower 31 bits
otp_code &= 0x7fffffff;
// we want to generate only 6 digits of code
otp_code %= 1000000;
const u32 r0 = ctx.opad.h[DGST_R0];
const u32 r1 = ctx.opad.h[DGST_R1];
const u32 r2 = ctx.opad.h[DGST_R2];
const u32 r3 = ctx.opad.h[DGST_R3];
COMPARE_S_SCALAR (otp_code, 0, 0, 0);
}
}

240
OpenCL/m18100_a1-pure.cl Normal file
View File

@ -0,0 +1,240 @@
/**
* Author......: See docs/credits.txt
* License.....: MIT
*/
//#define NEW_SIMD_CODE
#include "inc_vendor.cl"
#include "inc_hash_constants.h"
#include "inc_hash_functions.cl"
#include "inc_types.cl"
#include "inc_common.cl"
#include "inc_scalar.cl"
#include "inc_hash_sha1.cl"
__kernel void m18100_mxx (__global pw_t *pws, __global const kernel_rule_t *rules_buf, __global const pw_t *combs_buf, __global const bf_t *bfs_buf, __global void *tmps, __global void *hooks, __global const u32 *bitmaps_buf_s1_a, __global const u32 *bitmaps_buf_s1_b, __global const u32 *bitmaps_buf_s1_c, __global const u32 *bitmaps_buf_s1_d, __global const u32 *bitmaps_buf_s2_a, __global const u32 *bitmaps_buf_s2_b, __global const u32 *bitmaps_buf_s2_c, __global const u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global const digest_t *digests_buf, __global u32 *hashes_shown, __global const salt_t *salt_bufs, __global const void *esalt_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV0_buf, __global u32 *d_scryptV1_buf, __global u32 *d_scryptV2_buf, __global u32 *d_scryptV3_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u64 gid_max)
{
/**
* modifier
*/
const u64 lid = get_local_id (0);
const u64 gid = get_global_id (0);
if (gid >= gid_max) return;
/**
* base
*/
const u32 pw_len = pws[gid].pw_len;
u32 w[64] = { 0 };
for (int i = 0, idx = 0; i < pw_len; i += 4, idx += 1)
{
w[idx] = swap32_S (pws[gid].i[idx]);
}
const u32 salt_len = 8;
u32 s[64] = { 0 };
for (int i = 0, idx = 0; i < salt_len; i += 4, idx += 1)
{
s[idx] = swap32_S (salt_bufs[salt_pos].salt_buf[idx]);
}
/**
* loop
*/
for (u32 il_pos = 0; il_pos < il_cnt; il_pos++)
{
const u32 comb_len = combs_buf[il_pos].pw_len;
u32 c[64];
#ifdef _unroll
#pragma unroll
#endif
for (int idx = 0; idx < 64; idx++)
{
c[idx] = swap32_S (combs_buf[il_pos].i[idx]);
}
switch_buffer_by_offset_1x64_be_S (c, pw_len);
#ifdef _unroll
#pragma unroll
#endif
for (int i = 0; i < 64; i++)
{
c[i] |= w[i];
}
sha1_hmac_ctx_t ctx;
sha1_hmac_init (&ctx, c, pw_len + comb_len);
sha1_hmac_update (&ctx, s, salt_len);
sha1_hmac_final (&ctx);
// initialize a buffer for the otp code
u32 otp_code = 0;
// grab 4 consecutive bytes of the hash, starting at offset
switch (ctx.opad.h[4] & 15)
{
case 0: otp_code = ctx.opad.h[0]; break;
case 1: otp_code = ctx.opad.h[0] << 8 | ctx.opad.h[1] >> 24; break;
case 2: otp_code = ctx.opad.h[0] << 16 | ctx.opad.h[1] >> 16; break;
case 3: otp_code = ctx.opad.h[0] << 24 | ctx.opad.h[1] >> 8; break;
case 4: otp_code = ctx.opad.h[1]; break;
case 5: otp_code = ctx.opad.h[1] << 8 | ctx.opad.h[2] >> 24; break;
case 6: otp_code = ctx.opad.h[1] << 16 | ctx.opad.h[2] >> 16; break;
case 7: otp_code = ctx.opad.h[1] << 24 | ctx.opad.h[2] >> 8; break;
case 8: otp_code = ctx.opad.h[2]; break;
case 9: otp_code = ctx.opad.h[2] << 8 | ctx.opad.h[3] >> 24; break;
case 10: otp_code = ctx.opad.h[2] << 16 | ctx.opad.h[3] >> 16; break;
case 11: otp_code = ctx.opad.h[2] << 24 | ctx.opad.h[3] >> 8; break;
case 12: otp_code = ctx.opad.h[3]; break;
case 13: otp_code = ctx.opad.h[3] << 8 | ctx.opad.h[4] >> 24; break;
case 14: otp_code = ctx.opad.h[3] << 16 | ctx.opad.h[4] >> 16; break;
case 15: otp_code = ctx.opad.h[3] << 24 | ctx.opad.h[4] >> 8; break;
}
// take only the lower 31 bits
otp_code &= 0x7fffffff;
// we want to generate only 6 digits of code
otp_code %= 1000000;
const u32 r0 = ctx.opad.h[DGST_R0];
const u32 r1 = ctx.opad.h[DGST_R1];
const u32 r2 = ctx.opad.h[DGST_R2];
const u32 r3 = ctx.opad.h[DGST_R3];
COMPARE_M_SCALAR (otp_code, 0, 0, 0);
}
}
__kernel void m18100_sxx (__global pw_t *pws, __global const kernel_rule_t *rules_buf, __global const pw_t *combs_buf, __global const bf_t *bfs_buf, __global void *tmps, __global void *hooks, __global const u32 *bitmaps_buf_s1_a, __global const u32 *bitmaps_buf_s1_b, __global const u32 *bitmaps_buf_s1_c, __global const u32 *bitmaps_buf_s1_d, __global const u32 *bitmaps_buf_s2_a, __global const u32 *bitmaps_buf_s2_b, __global const u32 *bitmaps_buf_s2_c, __global const u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global const digest_t *digests_buf, __global u32 *hashes_shown, __global const salt_t *salt_bufs, __global const void *esalt_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV0_buf, __global u32 *d_scryptV1_buf, __global u32 *d_scryptV2_buf, __global u32 *d_scryptV3_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u64 gid_max)
{
/**
* modifier
*/
const u64 lid = get_local_id (0);
const u64 gid = get_global_id (0);
if (gid >= gid_max) return;
/**
* digest
*/
const u32 search[4] =
{
digests_buf[digests_offset].digest_buf[DGST_R0],
digests_buf[digests_offset].digest_buf[DGST_R1],
digests_buf[digests_offset].digest_buf[DGST_R2],
digests_buf[digests_offset].digest_buf[DGST_R3]
};
/**
* base
*/
const u32 pw_len = pws[gid].pw_len;
u32 w[64] = { 0 };
for (int i = 0, idx = 0; i < pw_len; i += 4, idx += 1)
{
w[idx] = swap32_S (pws[gid].i[idx]);
}
const u32 salt_len = 8;
u32 s[64] = { 0 };
for (int i = 0, idx = 0; i < salt_len; i += 4, idx += 1)
{
s[idx] = swap32_S (salt_bufs[salt_pos].salt_buf[idx]);
}
/**
* loop
*/
for (u32 il_pos = 0; il_pos < il_cnt; il_pos++)
{
const u32 comb_len = combs_buf[il_pos].pw_len;
u32 c[64];
#ifdef _unroll
#pragma unroll
#endif
for (int idx = 0; idx < 64; idx++)
{
c[idx] = swap32_S (combs_buf[il_pos].i[idx]);
}
switch_buffer_by_offset_1x64_be_S (c, pw_len);
#ifdef _unroll
#pragma unroll
#endif
for (int i = 0; i < 64; i++)
{
c[i] |= w[i];
}
sha1_hmac_ctx_t ctx;
sha1_hmac_init (&ctx, c, pw_len + comb_len);
sha1_hmac_update (&ctx, s, salt_len);
sha1_hmac_final (&ctx);
// initialize a buffer for the otp code
u32 otp_code = 0;
// grab 4 consecutive bytes of the hash, starting at offset
switch (ctx.opad.h[4] & 15)
{
case 0: otp_code = ctx.opad.h[0]; break;
case 1: otp_code = ctx.opad.h[0] << 8 | ctx.opad.h[1] >> 24; break;
case 2: otp_code = ctx.opad.h[0] << 16 | ctx.opad.h[1] >> 16; break;
case 3: otp_code = ctx.opad.h[0] << 24 | ctx.opad.h[1] >> 8; break;
case 4: otp_code = ctx.opad.h[1]; break;
case 5: otp_code = ctx.opad.h[1] << 8 | ctx.opad.h[2] >> 24; break;
case 6: otp_code = ctx.opad.h[1] << 16 | ctx.opad.h[2] >> 16; break;
case 7: otp_code = ctx.opad.h[1] << 24 | ctx.opad.h[2] >> 8; break;
case 8: otp_code = ctx.opad.h[2]; break;
case 9: otp_code = ctx.opad.h[2] << 8 | ctx.opad.h[3] >> 24; break;
case 10: otp_code = ctx.opad.h[2] << 16 | ctx.opad.h[3] >> 16; break;
case 11: otp_code = ctx.opad.h[2] << 24 | ctx.opad.h[3] >> 8; break;
case 12: otp_code = ctx.opad.h[3]; break;
case 13: otp_code = ctx.opad.h[3] << 8 | ctx.opad.h[4] >> 24; break;
case 14: otp_code = ctx.opad.h[3] << 16 | ctx.opad.h[4] >> 16; break;
case 15: otp_code = ctx.opad.h[3] << 24 | ctx.opad.h[4] >> 8; break;
}
// take only the lower 31 bits
otp_code &= 0x7fffffff;
// we want to generate only 6 digits of code
otp_code %= 1000000;
const u32 r0 = ctx.opad.h[DGST_R0];
const u32 r1 = ctx.opad.h[DGST_R1];
const u32 r2 = ctx.opad.h[DGST_R2];
const u32 r3 = ctx.opad.h[DGST_R3];
COMPARE_S_SCALAR (otp_code, 0, 0, 0);
}
}

204
OpenCL/m18100_a3-pure.cl Normal file
View File

@ -0,0 +1,204 @@
/**
* Author......: See docs/credits.txt
* License.....: MIT
*/
//#define NEW_SIMD_CODE
#include "inc_vendor.cl"
#include "inc_hash_constants.h"
#include "inc_hash_functions.cl"
#include "inc_types.cl"
#include "inc_common.cl"
#include "inc_simd.cl"
#include "inc_hash_sha1.cl"
__kernel void m18100_mxx (__global pw_t *pws, __global const kernel_rule_t *rules_buf, __global const pw_t *combs_buf, __constant const u32x *words_buf_r, __global void *tmps, __global void *hooks, __global const u32 *bitmaps_buf_s1_a, __global const u32 *bitmaps_buf_s1_b, __global const u32 *bitmaps_buf_s1_c, __global const u32 *bitmaps_buf_s1_d, __global const u32 *bitmaps_buf_s2_a, __global const u32 *bitmaps_buf_s2_b, __global const u32 *bitmaps_buf_s2_c, __global const u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global const digest_t *digests_buf, __global u32 *hashes_shown, __global const salt_t *salt_bufs, __global const void *esalt_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV0_buf, __global u32 *d_scryptV1_buf, __global u32 *d_scryptV2_buf, __global u32 *d_scryptV3_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u64 gid_max)
{
/**
* modifier
*/
const u64 lid = get_local_id (0);
const u64 gid = get_global_id (0);
if (gid >= gid_max) return;
/**
* base
*/
const u32 pw_len = pws[gid].pw_len;
u32x w[64] = { 0 };
for (int i = 0, idx = 0; i < pw_len; i += 4, idx += 1)
{
w[idx] = pws[gid].i[idx];
}
const u32 salt_len = 8;
u32x s[64] = { 0 };
for (int i = 0, idx = 0; i < salt_len; i += 4, idx += 1)
{
s[idx] = swap32_S (salt_bufs[salt_pos].salt_buf[idx]);
}
/**
* loop
*/
u32x w0l = w[0];
for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE)
{
const u32x w0r = words_buf_r[il_pos / VECT_SIZE];
const u32x w0 = w0l | w0r;
w[0] = w0;
sha1_hmac_ctx_vector_t ctx;
sha1_hmac_init_vector (&ctx, w, pw_len);
sha1_hmac_update_vector (&ctx, s, salt_len);
sha1_hmac_final_vector (&ctx);
// initialize a buffer for the otp code
u32 otp_code = 0;
// grab 4 consecutive bytes of the hash, starting at offset
switch (ctx.opad.h[4] & 15)
{
case 0: otp_code = ctx.opad.h[0]; break;
case 1: otp_code = ctx.opad.h[0] << 8 | ctx.opad.h[1] >> 24; break;
case 2: otp_code = ctx.opad.h[0] << 16 | ctx.opad.h[1] >> 16; break;
case 3: otp_code = ctx.opad.h[0] << 24 | ctx.opad.h[1] >> 8; break;
case 4: otp_code = ctx.opad.h[1]; break;
case 5: otp_code = ctx.opad.h[1] << 8 | ctx.opad.h[2] >> 24; break;
case 6: otp_code = ctx.opad.h[1] << 16 | ctx.opad.h[2] >> 16; break;
case 7: otp_code = ctx.opad.h[1] << 24 | ctx.opad.h[2] >> 8; break;
case 8: otp_code = ctx.opad.h[2]; break;
case 9: otp_code = ctx.opad.h[2] << 8 | ctx.opad.h[3] >> 24; break;
case 10: otp_code = ctx.opad.h[2] << 16 | ctx.opad.h[3] >> 16; break;
case 11: otp_code = ctx.opad.h[2] << 24 | ctx.opad.h[3] >> 8; break;
case 12: otp_code = ctx.opad.h[3]; break;
case 13: otp_code = ctx.opad.h[3] << 8 | ctx.opad.h[4] >> 24; break;
case 14: otp_code = ctx.opad.h[3] << 16 | ctx.opad.h[4] >> 16; break;
case 15: otp_code = ctx.opad.h[3] << 24 | ctx.opad.h[4] >> 8; break;
}
// take only the lower 31 bits
otp_code &= 0x7fffffff;
// we want to generate only 6 digits of code
otp_code %= 1000000;
COMPARE_M_SIMD (otp_code, 0, 0, 0);
}
}
__kernel void m18100_sxx (__global pw_t *pws, __global const kernel_rule_t *rules_buf, __global const pw_t *combs_buf, __constant const u32x *words_buf_r, __global void *tmps, __global void *hooks, __global const u32 *bitmaps_buf_s1_a, __global const u32 *bitmaps_buf_s1_b, __global const u32 *bitmaps_buf_s1_c, __global const u32 *bitmaps_buf_s1_d, __global const u32 *bitmaps_buf_s2_a, __global const u32 *bitmaps_buf_s2_b, __global const u32 *bitmaps_buf_s2_c, __global const u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global const digest_t *digests_buf, __global u32 *hashes_shown, __global const salt_t *salt_bufs, __global const void *esalt_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV0_buf, __global u32 *d_scryptV1_buf, __global u32 *d_scryptV2_buf, __global u32 *d_scryptV3_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u64 gid_max)
{
/**
* modifier
*/
const u64 lid = get_local_id (0);
const u64 gid = get_global_id (0);
if (gid >= gid_max) return;
/**
* digest
*/
const u32 search[4] =
{
digests_buf[digests_offset].digest_buf[DGST_R0],
digests_buf[digests_offset].digest_buf[DGST_R1],
digests_buf[digests_offset].digest_buf[DGST_R2],
digests_buf[digests_offset].digest_buf[DGST_R3]
};
/**
* base
*/
const u32 pw_len = pws[gid].pw_len;
u32x w[64] = { 0 };
for (int i = 0, idx = 0; i < pw_len; i += 4, idx += 1)
{
w[idx] = pws[gid].i[idx];
}
const u32 salt_len = 8;
u32x s[64] = { 0 };
for (int i = 0, idx = 0; i < salt_len; i += 4, idx += 1)
{
s[idx] = swap32_S (salt_bufs[salt_pos].salt_buf[idx]);
}
/**
* loop
*/
u32x w0l = w[0];
for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE)
{
const u32x w0r = words_buf_r[il_pos / VECT_SIZE];
const u32x w0 = w0l | w0r;
w[0] = w0;
sha1_hmac_ctx_vector_t ctx;
sha1_hmac_init_vector (&ctx, w, pw_len);
sha1_hmac_update_vector (&ctx, s, salt_len);
sha1_hmac_final_vector (&ctx);
// initialize a buffer for the otp code
u32 otp_code = 0;
// grab 4 consecutive bytes of the hash, starting at offset
switch (ctx.opad.h[4] & 15)
{
case 0: otp_code = ctx.opad.h[0]; break;
case 1: otp_code = ctx.opad.h[0] << 8 | ctx.opad.h[1] >> 24; break;
case 2: otp_code = ctx.opad.h[0] << 16 | ctx.opad.h[1] >> 16; break;
case 3: otp_code = ctx.opad.h[0] << 24 | ctx.opad.h[1] >> 8; break;
case 4: otp_code = ctx.opad.h[1]; break;
case 5: otp_code = ctx.opad.h[1] << 8 | ctx.opad.h[2] >> 24; break;
case 6: otp_code = ctx.opad.h[1] << 16 | ctx.opad.h[2] >> 16; break;
case 7: otp_code = ctx.opad.h[1] << 24 | ctx.opad.h[2] >> 8; break;
case 8: otp_code = ctx.opad.h[2]; break;
case 9: otp_code = ctx.opad.h[2] << 8 | ctx.opad.h[3] >> 24; break;
case 10: otp_code = ctx.opad.h[2] << 16 | ctx.opad.h[3] >> 16; break;
case 11: otp_code = ctx.opad.h[2] << 24 | ctx.opad.h[3] >> 8; break;
case 12: otp_code = ctx.opad.h[3]; break;
case 13: otp_code = ctx.opad.h[3] << 8 | ctx.opad.h[4] >> 24; break;
case 14: otp_code = ctx.opad.h[3] << 16 | ctx.opad.h[4] >> 16; break;
case 15: otp_code = ctx.opad.h[3] << 24 | ctx.opad.h[4] >> 8; break;
}
// take only the lower 31 bits
otp_code &= 0x7fffffff;
// we want to generate only 6 digits of code
otp_code %= 1000000;
COMPARE_S_SIMD (otp_code, 0, 0, 0);
}
}

1
docs/changes.txt
View File

@ -18,6 +18,7 @@
- Added hash-mode 17800 = Keccak-256 - Added hash-mode 17800 = Keccak-256
- Added hash-mode 17900 = Keccak-384 - Added hash-mode 17900 = Keccak-384
- Added hash-mode 18000 = Keccak-512 - Added hash-mode 18000 = Keccak-512
- Added hash-mode 18100 = TOTP (HMAC-SHA1)
- Removed hash-mode 5000 = SHA-3 (Keccak) - Removed hash-mode 5000 = SHA-3 (Keccak)
## ##

2
extra/tab_completion/hashcat.sh
View File

@ -176,7 +176,7 @@ _hashcat ()
{ {
local VERSION=4.2.1 local VERSION=4.2.1
local HASH_MODES="0 10 11 12 20 21 22 23 30 40 50 60 100 101 110 111 112 120 121 122 124 130 131 132 133 140 141 150 160 200 300 400 500 501 600 900 1000 1100 1400 1410 1411 1420 1421 1430 1440 1441 1450 1460 1500 1600 1700 1710 1711 1720 1722 1730 1731 1740 1750 1760 1800 2100 2400 2410 2500 2501 2600 2611 2612 2711 2811 3000 3100 3200 3710 3711 3800 3910 4010 4110 4300 4400 4500 4520 4521 4522 4700 4800 4900 5100 5200 5300 5400 5500 5600 5700 5800 6000 6100 6211 6212 6213 6221 6222 6223 6231 6232 6233 6241 6242 6243 6300 6400 6500 6600 6700 6800 6900 7000 7100 7200 7300 7400 7500 7700 7800 7900 8000 8100 8200 8300 8400 8500 8600 8700 8800 8900 9000 9100 9200 9300 9400 9500 9600 9700 9710 9720 9800 9810 9820 9900 10000 10100 10200 10300 10400 10410 10420 10500 10600 10700 10800 10900 11000 11100 11200 11300 11400 11500 11600 11700 11800 11900 12000 12001 12100 12200 12300 12400 12500 12600 12700 12800 12900 13000 13100 13200 13300 13400 13500 13600 13800 13900 14000 14100 14700 14800 14900 15000 15100 15200 15300 15400 15500 15600 15700 15900 16000 16100 16200 16300 16400 16500 16600 16700 16800 16801 16900 17300 17400 17500 17600 17700 17800 17900 18000" local HASH_MODES="0 10 11 12 20 21 22 23 30 40 50 60 100 101 110 111 112 120 121 122 124 130 131 132 133 140 141 150 160 200 300 400 500 501 600 900 1000 1100 1400 1410 1411 1420 1421 1430 1440 1441 1450 1460 1500 1600 1700 1710 1711 1720 1722 1730 1731 1740 1750 1760 1800 2100 2400 2410 2500 2501 2600 2611 2612 2711 2811 3000 3100 3200 3710 3711 3800 3910 4010 4110 4300 4400 4500 4520 4521 4522 4700 4800 4900 5100 5200 5300 5400 5500 5600 5700 5800 6000 6100 6211 6212 6213 6221 6222 6223 6231 6232 6233 6241 6242 6243 6300 6400 6500 6600 6700 6800 6900 7000 7100 7200 7300 7400 7500 7700 7800 7900 8000 8100 8200 8300 8400 8500 8600 8700 8800 8900 9000 9100 9200 9300 9400 9500 9600 9700 9710 9720 9800 9810 9820 9900 10000 10100 10200 10300 10400 10410 10420 10500 10600 10700 10800 10900 11000 11100 11200 11300 11400 11500 11600 11700 11800 11900 12000 12001 12100 12200 12300 12400 12500 12600 12700 12800 12900 13000 13100 13200 13300 13400 13500 13600 13800 13900 14000 14100 14700 14800 14900 15000 15100 15200 15300 15400 15500 15600 15700 15900 16000 16100 16200 16300 16400 16500 16600 16700 16800 16801 16900 17300 17400 17500 17600 17700 17800 17900 18000 18100"
local ATTACK_MODES="0 1 3 6 7" local ATTACK_MODES="0 1 3 6 7"
local HCCAPX_MESSAGE_PAIRS="0 1 2 3 4 5" local HCCAPX_MESSAGE_PAIRS="0 1 2 3 4 5"
local OUTFILE_FORMATS="1 2 3 4 5 6 7 8 9 10 11 12 13 14 15" local OUTFILE_FORMATS="1 2 3 4 5 6 7 8 9 10 11 12 13 14 15"

2
include/interface.h
View File

@ -1330,6 +1330,7 @@ typedef enum kern_type
KERN_TYPE_KECCAK_256 = 17800, KERN_TYPE_KECCAK_256 = 17800,
KERN_TYPE_KECCAK_384 = 17900, KERN_TYPE_KECCAK_384 = 17900,
KERN_TYPE_KECCAK_512 = 18000, KERN_TYPE_KECCAK_512 = 18000,
KERN_TYPE_TOTP_HMACSHA1 = 18100,
KERN_TYPE_PLAINTEXT = 99999, KERN_TYPE_PLAINTEXT = 99999,
} kern_type_t; } kern_type_t;
@ -1595,6 +1596,7 @@ int filevault2_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_bu
int wpa_pmkid_pbkdf2_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); int wpa_pmkid_pbkdf2_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig);
int wpa_pmkid_pmk_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); int wpa_pmkid_pmk_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig);
int ansible_vault_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig); int ansible_vault_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig);
int totp_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig);
/** /**
* hook functions * hook functions

15
src/hashes.c
View File

@ -262,6 +262,7 @@ void check_hash (hashcat_ctx_t *hashcat_ctx, hc_device_param_t *device_param, pl
debugfile_ctx_t *debugfile_ctx = hashcat_ctx->debugfile_ctx; debugfile_ctx_t *debugfile_ctx = hashcat_ctx->debugfile_ctx;
loopback_ctx_t *loopback_ctx = hashcat_ctx->loopback_ctx; loopback_ctx_t *loopback_ctx = hashcat_ctx->loopback_ctx;
hashes_t *hashes = hashcat_ctx->hashes; hashes_t *hashes = hashcat_ctx->hashes;
hashconfig_t *hashconfig = hashcat_ctx->hashconfig;
const u32 salt_pos = plain->salt_pos; const u32 salt_pos = plain->salt_pos;
const u32 digest_pos = plain->digest_pos; // relative const u32 digest_pos = plain->digest_pos; // relative
@ -283,6 +284,20 @@ void check_hash (hashcat_ctx_t *hashcat_ctx, hc_device_param_t *device_param, pl
build_plain (hashcat_ctx, device_param, plain, plain_buf, &plain_len); build_plain (hashcat_ctx, device_param, plain, plain_buf, &plain_len);
// TOTP should be base32 encoded
if (hashconfig->hash_mode == KERN_TYPE_TOTP_HMACSHA1)
{
// we need a temp buffer for the base32 encoding
u32 temp_buf[64] = { 0 };
u8 *temp_ptr = (u8 *) temp_buf;
// encode our plain
plain_len = base32_encode (int_to_base32, (const u8 *) plain_ptr, plain_len, (u8 *) temp_buf);
// copy the base32 content into our plain buffer
strncpy ((char *) plain_ptr, (char *) temp_ptr, sizeof (plain_buf));
}
// crackpos // crackpos
u64 crackpos = 0; u64 crackpos = 0;

94
src/interface.c
View File

@ -3,6 +3,7 @@
* License.....: MIT * License.....: MIT
*/ */
#include <inttypes.h>
#include "common.h" #include "common.h"
#include "types.h" #include "types.h"
#include "bitops.h" #include "bitops.h"
@ -288,6 +289,7 @@ static const char *ST_HASH_17700 = "e1dfad9bafeae6ef15f5bbb16cf4c26f09f5f1e78705
static const char *ST_HASH_17800 = "203f88777f18bb4ee1226627b547808f38d90d3e106262b5de9ca943b57137b6"; static const char *ST_HASH_17800 = "203f88777f18bb4ee1226627b547808f38d90d3e106262b5de9ca943b57137b6";
static const char *ST_HASH_17900 = "5804b7ada5806ba79540100e9a7ef493654ff2a21d94d4f2ce4bf69abda5d94bf03701fe9525a15dfdc625bfbd769701"; static const char *ST_HASH_17900 = "5804b7ada5806ba79540100e9a7ef493654ff2a21d94d4f2ce4bf69abda5d94bf03701fe9525a15dfdc625bfbd769701";
static const char *ST_HASH_18000 = "2fbf5c9080f0a704de2e915ba8fdae6ab00bbc026b2c1c8fa07da1239381c6b7f4dfd399bf9652500da723694a4c719587dd0219cb30eabe61210a8ae4dc0b03"; static const char *ST_HASH_18000 = "2fbf5c9080f0a704de2e915ba8fdae6ab00bbc026b2c1c8fa07da1239381c6b7f4dfd399bf9652500da723694a4c719587dd0219cb30eabe61210a8ae4dc0b03";
static const char *ST_HASH_18100 = "597056:3600";
static const char *ST_HASH_99999 = "hashcat"; static const char *ST_HASH_99999 = "hashcat";
static const char *OPTI_STR_OPTIMIZED_KERNEL = "Optimized-Kernel"; static const char *OPTI_STR_OPTIMIZED_KERNEL = "Optimized-Kernel";
@ -543,6 +545,7 @@ static const char *HT_17700 = "Keccak-224";
static const char *HT_17800 = "Keccak-256"; static const char *HT_17800 = "Keccak-256";
static const char *HT_17900 = "Keccak-384"; static const char *HT_17900 = "Keccak-384";
static const char *HT_18000 = "Keccak-512"; static const char *HT_18000 = "Keccak-512";
static const char *HT_18100 = "TOTP (HMAC-SHA1)";
static const char *HT_99999 = "Plaintext"; static const char *HT_99999 = "Plaintext";
static const char *HT_00011 = "Joomla < 2.5.18"; static const char *HT_00011 = "Joomla < 2.5.18";
@ -5156,6 +5159,66 @@ int sha1s_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUS
return (PARSER_OK); return (PARSER_OK);
} }
int totp_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig)
{
// this is going to start off like HMAC-SHA1
u32 *digest = (u32 *) hash_buf->digest;
salt_t *salt = hash_buf->salt;
token_t token;
token.token_cnt = 2;
token.sep[0] = hashconfig->separator;
token.len_min[0] = 6;
token.len_max[0] = 6;
token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.len_min[1] = SALT_MIN;
token.len_max[1] = SALT_MAX;
token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH;
if (hashconfig->opts_type & OPTS_TYPE_ST_HEX)
{
token.len_min[1] *= 2;
token.len_max[1] *= 2;
token.attr[1] |= TOKEN_ATTR_VERIFY_DIGIT;
}
const int rc_tokenizer = input_tokenizer (input_buf, input_len, &token);
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
// now we need to reduce our hash into a token
int otp_code = hc_strtoul ((const char *) input_buf, NULL, 10);
digest[0] = otp_code;
u8 *salt_pos = token.buf[1];
// convert ascii timestamp to ulong timestamp
u64 timestamp = hc_strtoull ((const char *) salt_pos, NULL, 10);
// store the original salt value. Step division will destroy granularity for output
salt->salt_buf[3] = ((u32) (timestamp >> 0));
salt->salt_buf[2] = ((u32) (timestamp >> 32));
// divide our timestamp by our step. We will use the RFC 6238 default of 30 for now
timestamp /= 30;
// convert counter to 8-byte salt
salt->salt_buf[1] = byte_swap_32 ((u32) (timestamp >> 0));
salt->salt_buf[0] = byte_swap_32 ((u32) (timestamp >> 32));
// our salt will always be 8 bytes, but we are going to cheat and store it twice, so...
salt->salt_len = 16;
return (PARSER_OK);
}
int pstoken_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig) int pstoken_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig)
{ {
u32 *digest = (u32 *) hash_buf->digest; u32 *digest = (u32 *) hash_buf->digest;
@ -18515,6 +18578,7 @@ const char *strhashtype (const u32 hash_mode)
case 17800: return HT_17800; case 17800: return HT_17800;
case 17900: return HT_17900; case 17900: return HT_17900;
case 18000: return HT_18000; case 18000: return HT_18000;
case 18100: return HT_18100;
case 99999: return HT_99999; case 99999: return HT_99999;
} }
@ -22310,6 +22374,16 @@ int ascii_digest (hashcat_ctx_t *hashcat_ctx, char *out_buf, const size_t out_le
ptr[15], ptr[14] ptr[15], ptr[14]
); );
} }
else if (hash_mode == 18100)
{
// salt_buf[1] holds our 32 bit value. salt_buf[0] and salt_buf[1] would be 64 bits.
// we also need to multiply salt by our step to see the floor of our original timestamp range.
// again, we will use the default RFC 6238 step of 30.
u64 tmp_salt_buf = (((u64) (salt.salt_buf[2])) << 32) | ((u64) (salt.salt_buf[3]));
snprintf (out_buf, out_len - 1, "%06d:%" PRIu64, digest_buf[0], tmp_salt_buf);
}
else if (hash_mode == 99999) else if (hash_mode == 99999)
{ {
char *ptr = (char *) digest_buf; char *ptr = (char *) digest_buf;
@ -27598,6 +27672,26 @@ int hashconfig_init (hashcat_ctx_t *hashcat_ctx)
hashconfig->st_pass = ST_PASS_HASHCAT_PLAIN; hashconfig->st_pass = ST_PASS_HASHCAT_PLAIN;
break; break;
case 18100: hashconfig->hash_type = HASH_TYPE_SHA1;
hashconfig->salt_type = SALT_TYPE_EMBEDDED;
hashconfig->attack_exec = ATTACK_EXEC_INSIDE_KERNEL;
hashconfig->opts_type = OPTS_TYPE_PT_GENERATE_BE
| OPTS_TYPE_PT_ADD80
| OPTS_TYPE_PT_ADDBITS15
| OPTS_TYPE_PT_NEVERCRACK;
hashconfig->kern_type = KERN_TYPE_TOTP_HMACSHA1;
hashconfig->dgst_size = DGST_SIZE_4_4;
hashconfig->parse_func = totp_parse_hash;
hashconfig->opti_type = OPTI_TYPE_ZERO_BYTE
| OPTI_TYPE_NOT_ITERATED;
hashconfig->dgst_pos0 = 0;
hashconfig->dgst_pos1 = 1;
hashconfig->dgst_pos2 = 2;
hashconfig->dgst_pos3 = 3;
hashconfig->st_hash = ST_HASH_18100;
hashconfig->st_pass = ST_PASS_HASHCAT_PLAIN;
break;
case 99999: hashconfig->hash_type = HASH_TYPE_PLAINTEXT; case 99999: hashconfig->hash_type = HASH_TYPE_PLAINTEXT;
hashconfig->salt_type = SALT_TYPE_NONE; hashconfig->salt_type = SALT_TYPE_NONE;
hashconfig->attack_exec = ATTACK_EXEC_INSIDE_KERNEL; hashconfig->attack_exec = ATTACK_EXEC_INSIDE_KERNEL;

1
src/usage.c
View File

@ -380,6 +380,7 @@ static const char *const USAGE_BIG[] =
" 15700 | Ethereum Wallet, SCRYPT | Password Managers", " 15700 | Ethereum Wallet, SCRYPT | Password Managers",
" 16300 | Ethereum Pre-Sale Wallet, PBKDF2-HMAC-SHA256 | Password Managers", " 16300 | Ethereum Pre-Sale Wallet, PBKDF2-HMAC-SHA256 | Password Managers",
" 16900 | Ansible Vault | Password Managers", " 16900 | Ansible Vault | Password Managers",
" 18100 | TOTP (HMAC-SHA1) | One-Time Passwords",
" 99999 | Plaintext | Plaintext", " 99999 | Plaintext | Plaintext",
"", "",
"- [ Outfile Formats ] -", "- [ Outfile Formats ] -",

26
tools/test.pl
View File

@ -41,6 +41,7 @@ use Crypt::Skip32;
use Crypt::OpenSSH::ChachaPoly; use Crypt::OpenSSH::ChachaPoly;
use JSON; use JSON;
use MIME::Base64 qw (encode_base64 decode_base64 encode_base64url decode_base64url); use MIME::Base64 qw (encode_base64 decode_base64 encode_base64url decode_base64url);
use MIME::Base32 qw (encode_base32 decode_base32);
use Authen::Passphrase::NTHash; use Authen::Passphrase::NTHash;
use Authen::Passphrase::MySQL323; use Authen::Passphrase::MySQL323;
use Authen::Passphrase::PHPass; use Authen::Passphrase::PHPass;
@ -58,7 +59,7 @@ my $hashcat = "./hashcat";
my $MAX_LEN = 55; my $MAX_LEN = 55;
my @modes = (0, 10, 11, 12, 20, 21, 22, 23, 30, 40, 50, 60, 100, 101, 110, 111, 112, 120, 121, 122, 125, 130, 131, 132, 133, 140, 141, 150, 160, 200, 300, 400, 500, 600, 900, 1000, 1100, 1300, 1400, 1410, 1411, 1420, 1430, 1440, 1441, 1450, 1460, 1500, 1600, 1700, 1710, 1711, 1720, 1730, 1740, 1722, 1731, 1750, 1760, 1800, 2100, 2400, 2410, 2500, 2600, 2611, 2612, 2711, 2811, 3000, 3100, 3200, 3710, 3711, 3300, 3500, 3610, 3720, 3800, 3910, 4010, 4110, 4210, 4300, 4400, 4500, 4520, 4521, 4522, 4600, 4700, 4800, 4900, 5100, 5300, 5400, 5500, 5600, 5700, 5800, 6000, 6100, 6300, 6400, 6500, 6600, 6700, 6800, 6900, 7000, 7100, 7200, 7300, 7400, 7500, 7700, 7701, 7800, 7801, 7900, 8000, 8100, 8200, 8300, 8400, 8500, 8600, 8700, 8900, 9100, 9200, 9300, 9400, 9500, 9600, 9700, 9800, 9900, 10000, 10100, 10200, 10300, 10400, 10500, 10600, 10700, 10800, 10900, 11000, 11100, 11200, 11300, 11400, 11500, 11600, 11900, 12000, 12001, 12100, 12200, 12300, 12400, 12600, 12700, 12800, 12900, 13000, 13100, 13200, 13300, 13400, 13500, 13600, 13800, 13900, 14000, 14100, 14400, 14700, 14800, 14900, 15000, 15100, 15200, 15300, 15400, 15500, 15600, 15700, 15900, 16000, 16100, 16200, 16300, 16400, 16500, 16600, 16700, 16800, 16900, 17300, 17400, 17500, 17600, 17700, 17800, 17900, 18000, 99999); my @modes = (0, 10, 11, 12, 20, 21, 22, 23, 30, 40, 50, 60, 100, 101, 110, 111, 112, 120, 121, 122, 125, 130, 131, 132, 133, 140, 141, 150, 160, 200, 300, 400, 500, 600, 900, 1000, 1100, 1300, 1400, 1410, 1411, 1420, 1430, 1440, 1441, 1450, 1460, 1500, 1600, 1700, 1710, 1711, 1720, 1730, 1740, 1722, 1731, 1750, 1760, 1800, 2100, 2400, 2410, 2500, 2600, 2611, 2612, 2711, 2811, 3000, 3100, 3200, 3710, 3711, 3300, 3500, 3610, 3720, 3800, 3910, 4010, 4110, 4210, 4300, 4400, 4500, 4520, 4521, 4522, 4600, 4700, 4800, 4900, 5100, 5300, 5400, 5500, 5600, 5700, 5800, 6000, 6100, 6300, 6400, 6500, 6600, 6700, 6800, 6900, 7000, 7100, 7200, 7300, 7400, 7500, 7700, 7701, 7800, 7801, 7900, 8000, 8100, 8200, 8300, 8400, 8500, 8600, 8700, 8900, 9100, 9200, 9300, 9400, 9500, 9600, 9700, 9800, 9900, 10000, 10100, 10200, 10300, 10400, 10500, 10600, 10700, 10800, 10900, 11000, 11100, 11200, 11300, 11400, 11500, 11600, 11900, 12000, 12001, 12100, 12200, 12300, 12400, 12600, 12700, 12800, 12900, 13000, 13100, 13200, 13300, 13400, 13500, 13600, 13800, 13900, 14000, 14100, 14400, 14700, 14800, 14900, 15000, 15100, 15200, 15300, 15400, 15500, 15600, 15700, 15900, 16000, 16100, 16200, 16300, 16400, 16500, 16600, 16700, 16800, 16900, 17300, 17400, 17500, 17600, 17700, 17800, 17900, 18000, 18100, 99999);
my %is_utf16le = map { $_ => 1 } qw (30 40 130 131 132 133 140 141 1000 1100 1430 1440 1441 1730 1740 1731 5500 5600 8000 9400 9500 9600 9700 9800 11600 13500 13800); my %is_utf16le = map { $_ => 1 } qw (30 40 130 131 132 133 140 141 1000 1100 1430 1440 1441 1730 1740 1731 5500 5600 8000 9400 9500 9600 9700 9800 11600 13500 13800);
my %less_fifteen = map { $_ => 1 } qw (500 1600 1800 3200 6300 7400 10500 10700); my %less_fifteen = map { $_ => 1 } qw (500 1600 1800 3200 6300 7400 10500 10700);
@ -239,7 +240,7 @@ sub verify
$word = substr ($line, $index + 1); $word = substr ($line, $index + 1);
} }
# hash:salt # hash:salt
elsif ($mode == 10 || $mode == 11 || $mode == 12 || $mode == 20 || $mode == 21 || $mode == 22 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 112 || $mode == 120 || $mode == 121 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1100 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 2410 || $mode == 2611 || $mode == 2711 || $mode == 2811 || $mode == 3100 || $mode == 3610 || $mode == 3710 || $mode == 3720 || $mode == 3800 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 4520 || $mode == 4521 || $mode == 4522 || $mode == 4900 || $mode == 5800 || $mode == 8400 || $mode == 11000 || $mode == 12600 || $mode == 13500 || $mode == 13800 || $mode == 13900 || $mode == 14000 || $mode == 14100 || $mode == 14400 || $mode == 14900 || $mode == 15000) elsif ($mode == 10 || $mode == 11 || $mode == 12 || $mode == 20 || $mode == 21 || $mode == 22 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 112 || $mode == 120 || $mode == 121 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1100 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 2410 || $mode == 2611 || $mode == 2711 || $mode == 2811 || $mode == 3100 || $mode == 3610 || $mode == 3710 || $mode == 3720 || $mode == 3800 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 4520 || $mode == 4521 || $mode == 4522 || $mode == 4900 || $mode == 5800 || $mode == 8400 || $mode == 11000 || $mode == 12600 || $mode == 13500 || $mode == 13800 || $mode == 13900 || $mode == 14000 || $mode == 14100 || $mode == 14400 || $mode == 14900 || $mode == 15000 || $mode == 18100)
{ {
# get hash # get hash
my $index1 = index ($line, ":"); my $index1 = index ($line, ":");
@ -3551,7 +3552,7 @@ sub passthrough
{ {
$tmp_hash = gen_hash ($mode, $word_buf, ""); $tmp_hash = gen_hash ($mode, $word_buf, "");
} }
elsif ($mode == 10 || $mode == 20 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 120 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1410 || $mode == 1411 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1711 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 3610 || $mode == 3710 || $mode == 3711 || $mode == 3720 || $mode == 3800 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 4900 || $mode == 8900 || $mode == 10000 || $mode == 10200 || $mode == 10900 || $mode == 11900 || $mode == 12000 || $mode == 12100) elsif ($mode == 10 || $mode == 20 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 120 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1410 || $mode == 1411 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1711 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 3610 || $mode == 3710 || $mode == 3711 || $mode == 3720 || $mode == 3800 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 4900 || $mode == 8900 || $mode == 10000 || $mode == 10200 || $mode == 10900 || $mode == 11900 || $mode == 12000 || $mode == 12100 || $mode == 18100)
{ {
my $salt_len = get_random_num (1, 15); my $salt_len = get_random_num (1, 15);
@ -4091,7 +4092,7 @@ sub single
} }
} }
} }
elsif ($mode == 10 || $mode == 20 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 120 || $mode == 121 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1410 || $mode == 1411 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1711 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 3610 || $mode == 3710 || $mode == 3711 || $mode == 3720 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 8900 || $mode == 10000 || $mode == 10200 || $mode == 10900 || $mode == 11900 || $mode == 12000 || $mode == 12100 || $mode == 16500) elsif ($mode == 10 || $mode == 20 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 120 || $mode == 121 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1410 || $mode == 1411 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1711 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 3610 || $mode == 3710 || $mode == 3711 || $mode == 3720 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 8900 || $mode == 10000 || $mode == 10200 || $mode == 10900 || $mode == 11900 || $mode == 12000 || $mode == 12100 || $mode == 16500 || $mode == 18100)
{ {
my $salt_len = get_random_num (1, 15); my $salt_len = get_random_num (1, 15);
@ -9971,6 +9972,23 @@ END_CODE
$tmp_hash = sprintf ("%s", $hash_buf); $tmp_hash = sprintf ("%s", $hash_buf);
} }
elsif ($mode == 18100)
{
my $paddedTime = sprintf ("%016x", int (int ($salt_buf) / 30));
my $data = pack ('H*', $paddedTime);
my $key = $word_buf;
$hash_buf = hmac_hex ($data, $key, \&sha1, 64);
my $offset = hex (substr ($hash_buf, -8)) & 0xf;
$offset *= 2;
my $token = hex (substr ($hash_buf, $offset, 8));
$token &= 0x7fffffff;
$token %= 1000000;
## token must be leading zero padded, and salt leading zero stripped
$tmp_hash = sprintf ("%06d:%d", $token, int ($salt_buf));
}
elsif ($mode == 99999) elsif ($mode == 99999)
{ {
$tmp_hash = sprintf ("%s", $word_buf); $tmp_hash = sprintf ("%s", $word_buf);

4
tools/test.sh
View File

@ -9,7 +9,7 @@ TDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
# missing hash types: 5200,6251,6261,6271,6281 # missing hash types: 5200,6251,6261,6271,6281
HASH_TYPES="0 10 11 12 20 21 22 23 30 40 50 60 100 101 110 111 112 120 121 122 125 130 131 132 133 140 141 150 160 200 300 400 500 600 900 1000 1100 1300 1400 1410 1411 1420 1430 1440 1441 1450 1460 1500 1600 1700 1710 1711 1720 1722 1730 1731 1740 1750 1760 1800 2100 2400 2410 2500 2600 2611 2612 2711 2811 3000 3100 3200 3710 3711 3800 3910 4010 4110 4300 4400 4500 4520 4521 4522 4700 4800 4900 5100 5300 5400 5500 5600 5700 5800 6000 6100 6211 6212 6213 6221 6222 6223 6231 6232 6233 6241 6242 6243 6300 6400 6500 6600 6700 6800 6900 7000 7100 7200 7300 7400 7500 7700 7701 7800 7801 7900 8000 8100 8200 8300 8400 8500 8600 8700 8900 9100 9200 9300 9400 9500 9600 9700 9800 9900 10000 10100 10200 10300 10400 10500 10600 10700 10800 10900 11000 11100 11200 11300 11400 11500 11600 11900 12000 12001 12100 12200 12300 12400 12600 12700 12800 12900 13000 13100 13200 13300 13400 13500 13600 13800 13900 14000 14100 14400 14600 14700 14800 14900 15000 15100 15200 15300 15400 15500 15600 15700 15900 16000 16100 16200 16300 16400 16500 16600 16700 16800 16900 17300 17400 17500 17600 17700 17800 17900 18000 99999" HASH_TYPES="0 10 11 12 20 21 22 23 30 40 50 60 100 101 110 111 112 120 121 122 125 130 131 132 133 140 141 150 160 200 300 400 500 600 900 1000 1100 1300 1400 1410 1411 1420 1430 1440 1441 1450 1460 1500 1600 1700 1710 1711 1720 1722 1730 1731 1740 1750 1760 1800 2100 2400 2410 2500 2600 2611 2612 2711 2811 3000 3100 3200 3710 3711 3800 3910 4010 4110 4300 4400 4500 4520 4521 4522 4700 4800 4900 5100 5300 5400 5500 5600 5700 5800 6000 6100 6211 6212 6213 6221 6222 6223 6231 6232 6233 6241 6242 6243 6300 6400 6500 6600 6700 6800 6900 7000 7100 7200 7300 7400 7500 7700 7701 7800 7801 7900 8000 8100 8200 8300 8400 8500 8600 8700 8900 9100 9200 9300 9400 9500 9600 9700 9800 9900 10000 10100 10200 10300 10400 10500 10600 10700 10800 10900 11000 11100 11200 11300 11400 11500 11600 11900 12000 12001 12100 12200 12300 12400 12600 12700 12800 12900 13000 13100 13200 13300 13400 13500 13600 13800 13900 14000 14100 14400 14600 14700 14800 14900 15000 15100 15200 15300 15400 15500 15600 15700 15900 16000 16100 16200 16300 16400 16500 16600 16700 16800 16900 17300 17400 17500 17600 17700 17800 17900 18000 18100 99999"
#ATTACK_MODES="0 1 3 6 7" #ATTACK_MODES="0 1 3 6 7"
ATTACK_MODES="0 1 3 7" ATTACK_MODES="0 1 3 7"
@ -20,7 +20,7 @@ MATCH_PASS_ONLY="2500 5300 5400 6600 6800 8200"
HASHFILE_ONLY="2500" HASHFILE_ONLY="2500"
NEVER_CRACK="11600 14900" NEVER_CRACK="11600 14900 18100"
SLOW_ALGOS="400 500 501 1600 1800 2100 2500 3200 5200 5800 6211 6212 6213 6221 6222 6223 6231 6232 6233 6241 6242 6243 6251 6261 6271 6281 6300 6400 6500 6600 6700 6800 7100 7200 7400 7900 8200 8800 8900 9000 9100 9200 9300 9400 9500 9600 10000 10300 10500 10700 10900 11300 11600 11900 12000 12001 12100 12200 12300 12400 12500 12700 12800 12900 13000 13200 13400 13600 13751 13752 13753 14600 14611 14612 14613 14621 14622 14623 14631 14632 14633 14641 14642 14643 14700 14800 15100 15200 15300 15600 15700 15900 16000 16200 16300 16800 16900" SLOW_ALGOS="400 500 501 1600 1800 2100 2500 3200 5200 5800 6211 6212 6213 6221 6222 6223 6231 6232 6233 6241 6242 6243 6251 6261 6271 6281 6300 6400 6500 6600 6700 6800 7100 7200 7400 7900 8200 8800 8900 9000 9100 9200 9300 9400 9500 9600 10000 10300 10500 10700 10900 11300 11600 11900 12000 12001 12100 12200 12300 12400 12500 12700 12800 12900 13000 13200 13400 13600 13751 13752 13753 14600 14611 14612 14613 14621 14622 14623 14631 14632 14633 14641 14642 14643 14700 14800 15100 15200 15300 15600 15700 15900 16000 16200 16300 16800 16900"