1
0
mirror of https://github.com/hashcat/hashcat.git synced 2024-11-22 08:08:10 +00:00

Add -m 16900 module

This commit is contained in:
jsteube 2019-01-27 10:58:11 +01:00
parent 773281a58b
commit ec518a19b4
2 changed files with 0 additions and 215 deletions

View File

@ -254,14 +254,6 @@ typedef struct electrum_wallet
} electrum_wallet_t;
typedef struct ansible_vault
{
u32 cipher;
u32 version;
u32 ct_data_buf[4096];
u32 ct_data_len;
} ansible_vault_t;
typedef struct luks_tmp
{
u32 ipad32[8];
@ -668,7 +660,6 @@ typedef enum hash_type
HASH_TYPE_CRAM_MD5_DOVECOT = 65,
HASH_TYPE_JWT = 66,
HASH_TYPE_ELECTRUM_WALLET = 67,
HASH_TYPE_ANSIBLE_VAULT = 70,
} hash_type_t;
@ -819,7 +810,6 @@ typedef enum kern_type
KERN_TYPE_JWT_HS384 = 16512,
KERN_TYPE_JWT_HS512 = 16513,
KERN_TYPE_ELECTRUM_WALLET13 = 16600,
KERN_TYPE_ANSIBLE_VAULT = 16900,
} kern_type_t;
@ -880,7 +870,6 @@ typedef enum rounds_count
ROUNDS_ETHEREUM_PBKDF2 = 262144 - 1,
ROUNDS_APPLE_SECURE_NOTES = 20000,
ROUNDS_ETHEREUM_PRESALE = 2000 - 1,
ROUNDS_ANSIBLE_VAULT = 10000,
ROUNDS_STDOUT = 0
} rounds_count_t;
@ -1035,7 +1024,6 @@ int ethereum_presale_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_bu
int jwt_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig);
int electrum_wallet13_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig);
int filevault2_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig);
int ansible_vault_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig);
/**

View File

@ -195,7 +195,6 @@
" 15600 | Ethereum Wallet, PBKDF2-HMAC-SHA256 | Password Managers",
" 15700 | Ethereum Wallet, SCRYPT | Password Managers",
" 16300 | Ethereum Pre-Sale Wallet, PBKDF2-HMAC-SHA256 | Password Managers",
" 16900 | Ansible Vault | Password Managers",
static const char *ST_PASS_HASHCAT_PLAIN = "hashcat";
@ -402,7 +401,6 @@ static const char *ST_HASH_16300 = "$ethereum$w*e94a8e49deac2d62206bf9bfb7d2aaea
static const char *ST_HASH_16400 = "{CRAM-MD5}5389b33b9725e5657cb631dc50017ff100000000000000000000000000000000";
static const char *ST_HASH_16600 = "$electrum$1*44358283104603165383613672586868*c43a6632d9f59364f74c395a03d8c2ea";
static const char *ST_HASH_16700 = "$fvde$1$16$84286044060108438487434858307513$20000$f1620ab93192112f0a23eea89b5d4df065661f974b704191";
static const char *ST_HASH_16900 = "$ansible$0*0*6b761adc6faeb0cc0bf197d3d4a4a7d3f1682e4b169cae8fa6b459b3214ed41e*426d313c5809d4a80a4b9bc7d4823070*d8bad190c7fbc7c3cb1c60a27abfb0ff59d6fb73178681c7454d94a0f56a4360";
static const char *HT_00030 = "md5(utf16le($pass).$salt)";
@ -550,7 +548,6 @@ static const char *HT_16400 = "CRAM-MD5 Dovecot";
static const char *HT_16500 = "JWT (JSON Web Token)";
static const char *HT_16600 = "Electrum Wallet (Salt-Type 1-3)";
static const char *HT_16700 = "FileVault 2";
static const char *HT_16900 = "Ansible Vault";
static const char *HT_00022 = "Juniper NetScreen/SSG (ScreenOS)";
static const char *HT_00023 = "Skype";
@ -668,7 +665,6 @@ static const char *SIGNATURE_TACACS_PLUS = "$tacacs-plus$0$";
static const char *SIGNATURE_ETHEREUM_PRESALE = "$ethereum$w";
static const char *SIGNATURE_ELECTRUM_WALLET = "$electrum$";
static const char *SIGNATURE_FILEVAULT2 = "$fvde$";
static const char *SIGNATURE_ANSIBLE_VAULT = "$ansible$";
static const char *SIGNATURE_APPLE_SECURE_NOTES = "$ASN$";
/**
@ -13994,144 +13990,6 @@ int filevault2_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE
return (PARSER_OK);
}
int ansible_vault_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig)
{
u32 *digest = (u32 *) hash_buf->digest;
salt_t *salt = hash_buf->salt;
ansible_vault_t *ansible_vault = (ansible_vault_t *) hash_buf->esalt;
token_t token;
token.token_cnt = 6;
token.signatures_cnt = 1;
token.signatures_buf[0] = SIGNATURE_ANSIBLE_VAULT;
token.len[0] = 9;
token.attr[0] = TOKEN_ATTR_FIXED_LENGTH
| TOKEN_ATTR_VERIFY_SIGNATURE;
token.sep[1] = '*';
token.len_min[1] = 1;
token.len_max[1] = 1;
token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_DIGIT;
token.sep[2] = '*';
token.len_min[2] = 1;
token.len_max[2] = 1;
token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_DIGIT;
token.sep[3] = '*';
token.len_min[3] = 64;
token.len_max[3] = 64;
token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.sep[4] = '*';
token.len_min[4] = 32;
token.len_max[4] = 32768;
token.attr[4] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.sep[5] = '*';
token.len_min[5] = 64;
token.len_max[5] = 64;
token.attr[5] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
const int rc_tokenizer = input_tokenizer (input_buf, input_len, &token);
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
// cipher (unused)
const u8 *cipher_pos = token.buf[1];
ansible_vault->cipher = hc_strtoul ((const char *) cipher_pos, NULL, 10);
// version (unused)
const u8 *version_pos = token.buf[2];
ansible_vault->version = hc_strtoul ((const char *) version_pos, NULL, 10);
// salt
const u8 *salt_pos = token.buf[3];
salt->salt_len = 32;
salt->salt_iter = ROUNDS_ANSIBLE_VAULT - 1;
salt->salt_buf[0] = hex_to_u32 (salt_pos + 0);
salt->salt_buf[1] = hex_to_u32 (salt_pos + 8);
salt->salt_buf[2] = hex_to_u32 (salt_pos + 16);
salt->salt_buf[3] = hex_to_u32 (salt_pos + 24);
salt->salt_buf[4] = hex_to_u32 (salt_pos + 32);
salt->salt_buf[5] = hex_to_u32 (salt_pos + 40);
salt->salt_buf[6] = hex_to_u32 (salt_pos + 48);
salt->salt_buf[7] = hex_to_u32 (salt_pos + 56);
salt->salt_buf[0] = byte_swap_32 (salt->salt_buf[0]);
salt->salt_buf[1] = byte_swap_32 (salt->salt_buf[1]);
salt->salt_buf[2] = byte_swap_32 (salt->salt_buf[2]);
salt->salt_buf[3] = byte_swap_32 (salt->salt_buf[3]);
salt->salt_buf[4] = byte_swap_32 (salt->salt_buf[4]);
salt->salt_buf[5] = byte_swap_32 (salt->salt_buf[5]);
salt->salt_buf[6] = byte_swap_32 (salt->salt_buf[6]);
salt->salt_buf[7] = byte_swap_32 (salt->salt_buf[7]);
// ciphertext
const u8 *ct_buf_pos = token.buf[4];
const int ct_buf_len = token.len[4];
u8 *ct_data_ptr = (u8 *) ansible_vault->ct_data_buf;
for (int i = 0, j = 0; j < ct_buf_len; i += 1, j += 2)
{
ct_data_ptr[i] = hex_to_u8 ((const u8 *) &ct_buf_pos[j]);
ansible_vault->ct_data_len++;
}
// hash
const u8 *hash_pos = token.buf[5];
digest[0] = hex_to_u32 ((const u8 *) &hash_pos[ 0]);
digest[1] = hex_to_u32 ((const u8 *) &hash_pos[ 8]);
digest[2] = hex_to_u32 ((const u8 *) &hash_pos[16]);
digest[3] = hex_to_u32 ((const u8 *) &hash_pos[24]);
digest[4] = hex_to_u32 ((const u8 *) &hash_pos[32]);
digest[5] = hex_to_u32 ((const u8 *) &hash_pos[40]);
digest[6] = hex_to_u32 ((const u8 *) &hash_pos[48]);
digest[7] = hex_to_u32 ((const u8 *) &hash_pos[56]);
digest[0] = byte_swap_32 (digest[0]);
digest[1] = byte_swap_32 (digest[1]);
digest[2] = byte_swap_32 (digest[2]);
digest[3] = byte_swap_32 (digest[3]);
digest[4] = byte_swap_32 (digest[4]);
digest[5] = byte_swap_32 (digest[5]);
digest[6] = byte_swap_32 (digest[6]);
digest[7] = byte_swap_32 (digest[7]);
return (PARSER_OK);
}
/**
* hook functions
*/
u32 kernel_threads_mxx (hashcat_ctx_t *hashcat_ctx)
{
@ -14303,8 +14161,6 @@ void hashconfig_benchmark_defaults (hashcat_ctx_t *hashcat_ctx, salt_t *salt, vo
break;
case 16700: salt->salt_len = 16;
break;
case 16900: salt->salt_len = 32;
break;
}
// special esalt handling
@ -14506,8 +14362,6 @@ void hashconfig_benchmark_defaults (hashcat_ctx_t *hashcat_ctx, salt_t *salt, vo
break;
case 16700: salt->salt_iter = ROUNDS_APPLE_SECURE_NOTES - 1;
break;
case 16900: salt->salt_iter = ROUNDS_ANSIBLE_VAULT - 1;
break;
}
}
@ -16868,43 +16722,6 @@ int ascii_digest (hashcat_ctx_t *hashcat_ctx, char *out_buf, const int out_size,
byte_swap_32 (apple_secure_notes->ZCRYPTOWRAPPEDKEY[4]),
byte_swap_32 (apple_secure_notes->ZCRYPTOWRAPPEDKEY[5]));
}
else if (hash_mode == 16900)
{
ansible_vault_t *ansible_vaults = (ansible_vault_t *) esalts_buf;
ansible_vault_t *ansible_vault = &ansible_vaults[digest_cur];
u8 ct_data[16384 + 1] = { 0 };
u32 *ct_data_ptr = ansible_vault->ct_data_buf;
for (u32 i = 0, j = 0; i < ansible_vault->ct_data_len / 4; i++, j += 8)
{
u32_to_hex (ct_data_ptr[i], ct_data + j);
}
snprintf (out_buf, out_size, "%s%u*%u*%08x%08x%08x%08x%08x%08x%08x%08x*%s*%08x%08x%08x%08x%08x%08x%08x%08x",
SIGNATURE_ANSIBLE_VAULT,
ansible_vault->cipher,
ansible_vault->version,
salt.salt_buf[0],
salt.salt_buf[1],
salt.salt_buf[2],
salt.salt_buf[3],
salt.salt_buf[4],
salt.salt_buf[5],
salt.salt_buf[6],
salt.salt_buf[7],
ct_data,
byte_swap_32 (digest_buf[0]),
byte_swap_32 (digest_buf[1]),
byte_swap_32 (digest_buf[2]),
byte_swap_32 (digest_buf[3]),
byte_swap_32 (digest_buf[4]),
byte_swap_32 (digest_buf[5]),
byte_swap_32 (digest_buf[6]),
byte_swap_32 (digest_buf[7]));
}
else
{
if (hash_type == HASH_TYPE_MD4)
@ -20904,23 +20721,6 @@ int hashconfig_init (hashcat_ctx_t *hashcat_ctx)
hashconfig->st_pass = ST_PASS_HASHCAT_PLAIN;
break;
case 16900: hashconfig->hash_type = HASH_TYPE_ANSIBLE_VAULT;
hashconfig->salt_type = SALT_TYPE_EMBEDDED;
hashconfig->attack_exec = ATTACK_EXEC_OUTSIDE_KERNEL;
hashconfig->opts_type = OPTS_TYPE_PT_GENERATE_LE;
hashconfig->kern_type = KERN_TYPE_ANSIBLE_VAULT;
hashconfig->dgst_size = DGST_SIZE_4_8;
hashconfig->parse_func = ansible_vault_parse_hash;
hashconfig->opti_type = OPTI_TYPE_ZERO_BYTE
| OPTI_TYPE_SLOW_HASH_SIMD_LOOP;
hashconfig->dgst_pos0 = 0;
hashconfig->dgst_pos1 = 1;
hashconfig->dgst_pos2 = 2;
hashconfig->dgst_pos3 = 3;
hashconfig->st_hash = ST_HASH_16900;
hashconfig->st_pass = ST_PASS_HASHCAT_PLAIN;
break;
}
@ -20996,7 +20796,6 @@ int hashconfig_init (hashcat_ctx_t *hashcat_ctx)
case 16500: hashconfig->esalt_size = sizeof (jwt_t); break;
case 16600: hashconfig->esalt_size = sizeof (electrum_wallet_t); break;
case 16700: hashconfig->esalt_size = sizeof (apple_secure_notes_t); break;
case 16900: hashconfig->esalt_size = sizeof (ansible_vault_t); break;
}
// tmp_size
@ -21068,7 +20867,6 @@ int hashconfig_init (hashcat_ctx_t *hashcat_ctx)
case 16200: hashconfig->tmp_size = sizeof (apple_secure_notes_tmp_t); break;
case 16300: hashconfig->tmp_size = sizeof (pbkdf2_sha256_tmp_t); break;
case 16700: hashconfig->tmp_size = sizeof (apple_secure_notes_tmp_t); break;
case 16900: hashconfig->tmp_size = sizeof (pbkdf2_sha256_tmp_t); break;
};
}
@ -21231,7 +21029,6 @@ u32 default_pw_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED co
case 15600: pw_max = PW_MAX; break;
case 15700: pw_max = PW_MAX; break;
case 16000: pw_max = 8; break; // Underlaying DES max
case 16900: pw_max = PW_MAX; break;
}
return pw_max;