arno/hashcat
1
0
Fork 0
mirror of https://github.com/hashcat/hashcat.git synced 2025-07-23 15:08:37 +00:00
Code Issues Releases Wiki Activity

Merge pull request #4329 from matrix/install_modules

Browse Source 
Unit tests: Updated install_modules.sh
This commit is contained in:
hashcat-bot 2025-07-12 22:41:16 +02:00 committed by GitHub
commit fb70746f5f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 193 additions and 197 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
docs/changes.txt
View File

@ -165,6 +165,9 @@
- Unit tests: Updated install_modules.sh with Crypt::Argon2
- Unit tests: Updated install_modules.sh with Crypt::Passwd::XS, to test suite works also on Apple (ex: 1800)
- Unit tests: Updated install_modules.sh to use an external module for Digest::BLAKE2, due to maintenance being discontinued
- Unit tests: Updated install_modules.sh to use an external package for pygost, due to not available anymore
- Unit tests: Updated install_modules.sh to use cpanm instead of cpan
- Unit tests: Updated install_modules.sh to remove php and Crypt::GCrypt (updated relative test modules)
- User Options: Added error message when mixing --username and --show to warn users of exponential delay
- MetaMask: update extraction tool to support MetaMask Mobile wallets
- SecureCRT MasterPassphrase v2: update module, pure kernels and test unit. Add optimized kernels.

109
tools/install_modules.sh
View File

@ -1,4 +1,4 @@
#!/bin/sh
#!/usr/bin/env bash
##
## Author......: See docs/credits.txt
@ -7,10 +7,35 @@
## Test suite installation helper script
IS_APPLE=0
IS_APPLE_SILICON=0
UNAME=$(uname -s)
if [ "${UNAME}" == "Darwin" ]; then
IS_APPLE=1
fi
if [ ${IS_APPLE} -eq 1 ]; then
if [ "$(sysctl -in hw.optional.arm64 2>/dev/null)" == "1" ]; then
IS_APPLE_SILICON=1
fi
fi
# Sum of all exit codes
ERRORS=0
cpan install Authen::Passphrase::LANManager \
echo "> Installing perl deps ..."
if [ ${IS_APPLE} -eq 1 ]; then
# workaround for test failed with Net::SSLeay on Apple
cpanm --notest Net::SSLeay
else
cpanm Net::SSLeay
fi
ERRORS=$((ERRORS+$?))
cpanm Authen::Passphrase::LANManager \
Authen::Passphrase::MySQL323 \
Authen::Passphrase::NTHash \
Authen::Passphrase::PHPass \
@ -20,6 +45,7 @@ cpan install Authen::Passphrase::LANManager \
Convert::EBCDIC \
Crypt::Argon2 \
Crypt::AuthEnc::GCM \
Crypt::Blowfish \
Crypt::Camellia \
Crypt::CBC \
Crypt::Cipher::Serpent \
@ -30,7 +56,6 @@ cpan install Authen::Passphrase::LANManager \
Crypt::Digest::Whirlpool \
Crypt::ECB \
Crypt::Eksblowfish::Bcrypt \
Crypt::GCrypt \
Crypt::Mode::CBC \
Crypt::Mode::ECB \
Crypt::MySQL \
@ -45,6 +70,7 @@ cpan install Authen::Passphrase::LANManager \
Crypt::Skip32 \
Crypt::Twofish \
Crypt::UnixCrypt_XS \
CryptX \
Data::Types \
Digest::CMAC \
Digest::CRC \
@ -64,6 +90,8 @@ cpan install Authen::Passphrase::LANManager \
JSON \
Math::BigInt \
MIME::Base64 \
Module::Build \
Module::Build::Pluggable::XSUtil \
Net::DNS::RR::NSEC3 \
Net::DNS::SEC \
POSIX \
@ -73,42 +101,75 @@ cpan install Authen::Passphrase::LANManager \
ERRORS=$((ERRORS+$?))
cpanm https://github.com/matrix/p5-Digest-BLAKE2.git
ERRORS=$((ERRORS+$?))
pip3 install pygost
# checks for pyenv
ERRORS=$((ERRORS+$?))
pyenv_enabled=0
# pip3 uninstall -y pycryptoplus pycrypto pycryptodome
which pyenv &>/dev/null
if [ $? -eq 0 ]; then
pip3 install pycryptoplus
if [[ $(pyenv version-name) != "system" ]]; then
ERRORS=$((ERRORS+$?))
# active session detected
pyenv_enabled=1
# pip3 uninstall -y pycryptodome # latest versions do not require this work around anymore
pip3 install pycrypto
else
ERRORS=$((ERRORS+$?))
# enum last version available
latest=$(pyenv install --list | grep -E "^\s*3\.[0-9]+\.[0-9]$" | tail -n 1)
pip3 install cryptography
if [ $IS_APPLE -eq 1 ]; then
if [ $IS_APPLE_SILICON -eq 0 ]; then
# workaround but with pyenv and Apple Intel with brew binutils in path
remove_path="$(brew --prefix)/opt/binutils/bin"
PATH=$(echo "$PATH" | tr ':' '\n' | awk '$0 != "${remove_path}"' | xargs | sed 's/ /:/g')
export $PATH
fi
fi
ERRORS=$((ERRORS+$?))
# install the latest version or skip it if it is already present
pyenv install -s ${latest}
php --version > /dev/null 2> /dev/null
# enable
pyenv local $latest
if [ $? -eq 0 ]; then
pyenv_enabled=1
fi
if [ "$?" -ne 0 ]
then
echo '[ ERROR ] php must be installed for some unit tests'
fi
fi
if [ ${pyenv_enabled} -eq 0 ]; then
echo "! something is wrong with pyenv. Please setup latest version manually and re-run this script."
(( ERRORS++ ))
else
echo "> Installing python3 deps ..."
pip3 install git+https://github.com/matrix/pygost
ERRORS=$((ERRORS+$?))
pip3 install pycryptoplus
ERRORS=$((ERRORS+$?))
pip3 install pycryptodome
ERRORS=$((ERRORS+$?))
pip3 install cryptography
ERRORS=$((ERRORS+$?))
ERRORS=$((ERRORS+1))
fi
echo
if [ $ERRORS -eq 0 ]; then
echo '[ OK ] All commands were successful'
exit 0
else
echo '[ FAIL ] Some commands were not successful'
if [ $ERRORS -gt 0 ]; then
echo "[ FAIL ] Some commands were not successful"
exit 1
fi
echo "[ OK ] All commands were successful"
exit 0

132
tools/test_modules/m11900.pm
View File

@ -10,9 +10,44 @@ use warnings;
use Crypt::PBKDF2;
use MIME::Base64 qw (encode_base64 decode_base64);
use Digest::HMAC qw(hmac);
use Digest::MD5 qw(md5);
sub module_constraints { [[0, 256], [1, 15], [-1, -1], [-1, -1], [-1, -1]] }
sub pbkdf2_md5
{
my ($password, $salt, $iterations, $key_length) = @_;
$iterations ||= 1000;
$key_length ||= 32;
my $hash_length = 16; # MD5 outputs 16 bytes
my $block_count = int( ($key_length + $hash_length - 1) / $hash_length );
my $output = '';
for my $i (1 .. $block_count)
{
# pack N = big endian 32-bit
my $block_index = pack('N', $i);
# Initial U1 = HMAC(password, salt || block_index)
my $u = hmac($salt . $block_index, $password, \&md5);
my $t = $u;
for (my $j = 1; $j < $iterations; $j++)
{
$u = hmac($u, $password, \&md5);
$t ^= $u;
}
$output .= $t;
}
return substr($output, 0, $key_length);
}
sub module_generate_hash
{
my $word = shift;
@ -20,98 +55,15 @@ sub module_generate_hash
my $iterations = shift // 1000;
my $out_len = shift // 32;
#
# call PHP here - WTF
#
# Generate derived key (binary)
my $derived_key = pbkdf2_md5($word, $salt, $iterations, $out_len);
# sanitize $word_buf and $salt_buf:
# base64 encode salt and derived key
my $base64_salt = encode_base64($salt, '');
my $base64_key = encode_base64($derived_key, '');
my $word_buf_base64 = encode_base64 ($word, "");
my $salt_buf_base64 = encode_base64 ($salt, "");
# sanitize lengths
$out_len = int ($out_len);
# output is in hex encoding, otherwise it could be screwed (but shouldn't)
my $php_code = <<'END_CODE';
function pbkdf2 ($algorithm, $password, $salt, $count, $key_length, $raw_output = false)
{
$algorithm = strtolower ($algorithm);
if (! in_array ($algorithm, hash_algos (), true))
{
trigger_error ("PBKDF2 ERROR: Invalid hash algorithm.", E_USER_ERROR);
}
if ($count <= 0 || $key_length <= 0)
{
trigger_error ("PBKDF2 ERROR: Invalid parameters.", E_USER_ERROR);
}
if (function_exists ("hash_pbkdf2"))
{
if (!$raw_output)
{
$key_length = $key_length * 2;
}
return hash_pbkdf2 ($algorithm, $password, $salt, $count, $key_length, $raw_output);
}
$hash_length = strlen (hash ($algorithm, "", true));
$block_count = ceil ($key_length / $hash_length);
$output = "";
for ($i = 1; $i <= $block_count; $i++)
{
$last = $salt . pack ("N", $i);
$last = $xorsum = hash_hmac ($algorithm, $last, $password, true);
for ($j = 1; $j < $count; $j++)
{
$xorsum ^= ($last = hash_hmac ($algorithm, $last, $password, true));
}
$output .= $xorsum;
}
if ($raw_output)
{
return substr ($output, 0, $key_length);
}
else
{
return bin2hex (substr ($output, 0, $key_length));
}
}
print pbkdf2 ("md5", base64_decode ("$word_buf_base64"), base64_decode ("$salt_buf_base64"), $iterations, $out_len, False);
END_CODE
# replace with these command line arguments
$php_code =~ s/\$word_buf_base64/$word_buf_base64/;
$php_code =~ s/\$salt_buf_base64/$salt_buf_base64/;
$php_code =~ s/\$iterations/$iterations/;
$php_code =~ s/\$out_len/$out_len/;
my $php_output = `php -r '$php_code'`;
my $hash_buf = pack ("H*", $php_output);
$hash_buf = encode_base64 ($hash_buf, "");
my $base64_salt_buf = encode_base64 ($salt, "");
my $hash = sprintf ("md5:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
return $hash;
# Format output string
return sprintf("md5:%d:%s:%s", $iterations, $base64_salt, $base64_key);
}
sub module_verify_hash

32
tools/test_modules/m18600.pm
View File

@ -8,7 +8,8 @@
use strict;
use warnings;
use Crypt::GCrypt;
use Crypt::Blowfish;
use Crypt::Mode::CFB;
use Crypt::PBKDF2;
use Digest::SHA qw (sha1 sha1_hex);
@ -36,20 +37,9 @@ sub module_generate_hash
my $pass_hash = sha1 ($word);
my $key = $kdf->PBKDF2 ($b_salt, $pass_hash);
my $cfb = Crypt::GCrypt->new
(
type => 'cipher',
algorithm => 'blowfish',
mode => 'cfb'
);
my $cfb = Crypt::Mode::CFB->new('Blowfish');
$cfb->start ('encrypting');
$cfb->setkey ($key);
$cfb->setiv ($b_iv);
my $b_cipher = $cfb->encrypt ($b_plain);
$cfb->finish ();
my $b_cipher = $cfb->encrypt($b_plain, $key, $b_iv);
my $cipher = unpack ('H*', $b_cipher);
my $checksum = sha1_hex ($b_plain);
@ -113,19 +103,9 @@ sub module_verify_hash
my $pass_hash = sha1 ($word);
my $key = $kdf->PBKDF2 ($b_salt, $pass_hash);
my $cfb = Crypt::GCrypt->new (
type => 'cipher',
algorithm => 'blowfish',
mode => 'cfb'
);
my $cfb = Crypt::Mode::CFB->new('Blowfish');
$cfb->start ('decrypting');
$cfb->setkey ($key);
$cfb->setiv ($b_iv);
my $b_plain = $cfb->decrypt ($b_cipher);
$cfb->finish ();
my $b_plain = $cfb->decrypt($b_cipher, $key, $b_iv);
my $plain = unpack ('H*', $b_plain);