mirror of
https://github.com/hashcat/hashcat.git
synced 2024-12-23 07:08:19 +00:00
Electrum Wallet: Added new entropy-based check to test whether the decryption was successful or not
This commit is contained in:
parent
49a7bb227b
commit
eb4b9d8c99
@ -35,6 +35,9 @@ typedef struct electrum_tmp
|
||||
|
||||
} electrum_tmp_t;
|
||||
|
||||
#define MIN_ENTROPY 3.0
|
||||
#define MAX_ENTROPY 6.0
|
||||
|
||||
DECLSPEC void hmac_sha512_run_V (u32x *w0, u32x *w1, u32x *w2, u32x *w3, u32x *w4, u32x *w5, u32x *w6, u32x *w7, u64x *ipad, u64x *opad, u64x *digest)
|
||||
{
|
||||
digest[0] = ipad[0];
|
||||
@ -489,8 +492,8 @@ KERNEL_FQ void m21800_comp (KERN_ATTR_TMPS_ESALT (electrum_tmp_t, electrum_t))
|
||||
|
||||
// #define AES_LEN 1024
|
||||
// in my tests it also worked with only 128 input bytes !
|
||||
#define AES_LEN 128
|
||||
#define AES_LEN_DIV_4 32
|
||||
#define AES_LEN 1024
|
||||
#define AES_LEN_DIV_4 256
|
||||
|
||||
u32 buf_full[AES_LEN_DIV_4];
|
||||
|
||||
@ -513,7 +516,11 @@ KERNEL_FQ void m21800_comp (KERN_ATTR_TMPS_ESALT (electrum_tmp_t, electrum_t))
|
||||
|
||||
// early reject
|
||||
|
||||
if ((buf[0] & 0x0006ffff) != 0x00049c78) return; // allow 0b100 or 0b101 at the end of 3rd byte
|
||||
// changed: 17.11.2021
|
||||
// I had not cracked some sample Salt Type 5 wallets with known passwords provided by the owner.
|
||||
// It was necessary to remove this early rejection and add a new signature
|
||||
// The decrypted data was this: {"seed_version": ...
|
||||
//if ((buf[0] & 0x0006ffff) != 0x00049c78) return; // allow 0b100 or 0b101 at the end of 3rd byte
|
||||
|
||||
buf[1] ^= iv[1];
|
||||
buf[2] ^= iv[2];
|
||||
@ -556,7 +563,6 @@ KERNEL_FQ void m21800_comp (KERN_ATTR_TMPS_ESALT (electrum_tmp_t, electrum_t))
|
||||
buf_full[j + 3] = buf[3];
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* zlib inflate/decompress:
|
||||
*/
|
||||
@ -572,9 +578,9 @@ KERNEL_FQ void m21800_comp (KERN_ATTR_TMPS_ESALT (electrum_tmp_t, electrum_t))
|
||||
|
||||
// output:
|
||||
|
||||
#define OUT_SIZE 16
|
||||
#define OUT_SIZE 1024
|
||||
|
||||
u8 tmp[OUT_SIZE];
|
||||
u8 tmp[OUT_SIZE] = { 0 };
|
||||
|
||||
infstream.avail_out = OUT_SIZE;
|
||||
infstream.next_out = tmp;
|
||||
@ -593,6 +599,38 @@ KERNEL_FQ void m21800_comp (KERN_ATTR_TMPS_ESALT (electrum_tmp_t, electrum_t))
|
||||
return;
|
||||
}
|
||||
|
||||
/*
|
||||
* Check with some strange signature.
|
||||
* The main problem is that the (invalid) decrypted data processed by zlib often results in random patterns but with low entropy,
|
||||
* so that a simple entropy check is not sufficient
|
||||
*/
|
||||
|
||||
if (tmp[0] == '{')
|
||||
{
|
||||
int qcnt = 0;
|
||||
int ccnt = 0;
|
||||
|
||||
for (int i = 1; i < 1024; i++)
|
||||
{
|
||||
if (tmp[i] == '"') qcnt++;
|
||||
if (tmp[i] == ':') ccnt++;
|
||||
}
|
||||
|
||||
if ((qcnt >= 3) && (ccnt >= 3))
|
||||
{
|
||||
const float entropy = hc_get_entropy ((const u32 *) tmp, 256);
|
||||
|
||||
if ((entropy >= MIN_ENTROPY) && (entropy <= MAX_ENTROPY))
|
||||
{
|
||||
if (hc_atomic_inc (&hashes_shown[DIGESTS_OFFSET]) == 0)
|
||||
{
|
||||
mark_hash (plains_buf, d_return_buf, SALT_POS, digests_cnt, 0, DIGESTS_OFFSET + 0, gid, 0, 0, 0);
|
||||
}
|
||||
|
||||
return;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* Verify if decompressed data is either:
|
||||
|
@ -36,6 +36,7 @@
|
||||
- Backend devices: In non -S mode, limit the number of workitems so that no more than 4GB of host memory is required per backend device
|
||||
- Backend types: The default filter for the device types is now set so that only the GPU is used, except for APPLE, where we set CPU
|
||||
- Benchmark: Update benchmark_deep.pl with new hash modes added (also new hash modes which were added with v6.2.3)
|
||||
- Electrum Wallet: Added new entropy-based check to test whether the decryption was successful or not
|
||||
- Module Optimizers: Added OPTS_TYPE_MAXIMUM_THREADS to deactivate the else branch route in the section to find -T before compilation
|
||||
- Makefile: Added wildcard include src/modules/module_*.mk directive so that plugin developers can add 3rd party libraries for their plugins
|
||||
- Rejects: Disabled checking of the minimum and maximum length of the password candidate in attack-mode 9 because they are incompatible
|
||||
|
Loading…
Reference in New Issue
Block a user