Merge 9a14c99bb1 into 6716447dfc

2 weeks ago · ff8b0eaaa6
parent 6716447dfc 9a14c99bb1
commit ff8b0eaaa6
4 changed files with 66 additions and 25 deletions
--- a/src/modules/module_26600.c
+++ b/src/modules/module_26600.c
@ -29,6 +29,8 @@ static const char *ST_PASS        = "hashcat1";
 // hash generated using with python3 tools/metamask2hashcat.py --vault tools/2hashcat_tests/metamask2hashcat.json
 static const char *ST_HASH        = "$metamask$jfGI3TXguhb8GPnKSXFrMzRk2NCEc131Gt5G3kZr5+s=$h+BoIf2CQ5BEjaIOShFE7g==$R95fzGt4UQ0uwrcrVYnIi4UcSlWn9wlmer+//526ZDwYAp50K82F1u1oacYcdjjhuEvbZnWk/uBG00UkgLLlO3WbINljqmu2QWdDEwjTgo/qWR6MU9d/82rxNiONHQE8UrZ8SV+htVr6XIB0ze3aCV0E+fwI93EeP79ZeDxuOEhuHoiYT0bHWMv5nA48AdluG4DbOo7SrDAWBVCBsEdXsOfYsS3/TIh0a/iFCMX4uhxY2824JwcWp4H36SFWyBYMZCJ3/U4DYFbbjWZtGRthoJlIik5BJq4FLu3Y1jEgza0AWlAvu4MKTEqrYSpUIghfxf1a1f+kPvxsHNq0as0kRwCXu09DObbdsiggbmeoBkxMZiFq0d9ar/3Gon0r3hfc3c124Wlivzbzu1JcZ3wURhLSsUS7b5cfG86aXHJkxmQDA5urBz6lw3bsIvlEUB2ErkQy/zD+cPwCG1Rs/WKt7KNh45lppCUkHccbf+xlpdc8OfUwj01Xp7BdH8LMR7Vx1C4hZCvSdtURVl0VaAMxHDX0MjRkwmqS";

+static const u32   ROUNDS_METAMASK    = 10000;
+
 u32         module_attack_exec    (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC;     }
 u32         module_dgst_pos0      (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0;       }
 u32         module_dgst_pos1      (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1;       }
@ -144,9 +146,10 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
                   | TOKEN_ATTR_VERIFY_SIGNATURE;

  token.sep[1]     = '$';
-  token.len[1]     = 44;
-  token.attr[1]    = TOKEN_ATTR_FIXED_LENGTH
-                   | TOKEN_ATTR_VERIFY_BASE64A;
+  token.len_min[1] = 0;
+  token.len_max[1] = 60;
+  token.attr[1]    = TOKEN_ATTR_VERIFY_LENGTH
+                   | TOKEN_ATTR_OPTIONAL_ROUNDS;

  token.sep[2]     = '$';
  token.len[2]     = 24;
@ -169,7 +172,12 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE

  // iter

-  salt->salt_iter = 10000 - 1;
+  salt->salt_iter = ROUNDS_METAMASK - 1;
+
+  if (token.opt_len != -1)
+  {
+    salt->salt_iter = hc_strtoul ((const char *) token.opt_buf + 7, NULL, 10) - 1; // 7 = "rounds="
+  }

  // salt

@ -312,14 +320,20 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
  base64_encode (int_to_base64, (const u8 *) tmp_buf, (const int) metamask->ct_len+16, ct_buf);

  u8 *out_buf = (u8 *) line_buf;
-
-  int out_len = snprintf ((char *) out_buf, line_size, "%s%s$%s$%s",
-    SIGNATURE_METAMASK_WALLET,
-    salt_buf,
-    iv_buf,
-    ct_buf);
-
-  return out_len;
+  
+  if (salt->salt_iter + 1 != ROUNDS_METAMASK)
+    return snprintf ((char *) out_buf, line_size, "%srounds=%d$%s$%s$%s",
+      SIGNATURE_METAMASK_WALLET,
+      salt->salt_iter + 1,
+      salt_buf,
+      iv_buf,
+      ct_buf);
+  else
+    return snprintf ((char *) out_buf, line_size, "%s%s$%s$%s",
+        SIGNATURE_METAMASK_WALLET,
+        salt_buf,
+        iv_buf,
+        ct_buf);
 }

 void module_init (module_ctx_t *module_ctx)
--- a/src/modules/module_26610.c
+++ b/src/modules/module_26610.c
@ -29,6 +29,8 @@ static const u32   SALT_TYPE      = SALT_TYPE_EMBEDDED;
 static const char *ST_PASS        = "hashcat1";
 static const char *ST_HASH        = "$metamask-short$jfGI3TXguhb8GPnKSXFrMzRk2NCEc131Gt5G3kZr5+s=$h+BoIf2CQ5BEjaIOShFE7g==$R95fzGt4UQ0uwrcrVYnIi4UcSlWn9wlmer+//526ZDwYAp50K82F1u1oacYcdjjhuEvbZnWk/uBG00UkgLLlOw==";

+static const u32   ROUNDS_METAMASK    = 10000;
+
 u32         module_attack_exec    (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC;     }
 u32         module_dgst_pos0      (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0;       }
 u32         module_dgst_pos1      (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1;       }
@ -147,9 +149,10 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
                   | TOKEN_ATTR_VERIFY_SIGNATURE;

  token.sep[1]     = '$';
-  token.len[1]     = 44;
-  token.attr[1]    = TOKEN_ATTR_FIXED_LENGTH
-                   | TOKEN_ATTR_VERIFY_BASE64A;
+  token.len_min[1] = 0;
+  token.len_max[1] = 60;
+  token.attr[1]    = TOKEN_ATTR_VERIFY_LENGTH
+                   | TOKEN_ATTR_OPTIONAL_ROUNDS;

  token.sep[2]     = '$';
  token.len[2]     = 24;
@ -168,7 +171,12 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE

  // iter

-  salt->salt_iter = 10000 - 1;
+  salt->salt_iter = ROUNDS_METAMASK - 1;
+
+  if (token.opt_len != -1)
+  {
+    salt->salt_iter = hc_strtoul ((const char *) token.opt_buf + 7, NULL, 10) - 1; // 7 = "rounds="
+  }

  // salt

@ -293,13 +301,19 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE

  u8 *out_buf = (u8 *) line_buf;

-  int out_len = snprintf ((char *) out_buf, line_size, "%s%s$%s$%s",
-    SIGNATURE_METAMASK_WALLET,
-    salt_buf,
-    iv_buf,
-    ct_buf);
-
-  return out_len;
+  if (salt->salt_iter + 1 != ROUNDS_METAMASK)
+    return snprintf ((char *) out_buf, line_size, "%srounds=%d$%s$%s$%s",
+      SIGNATURE_METAMASK_WALLET,
+      salt->salt_iter + 1,
+      salt_buf,
+      iv_buf,
+      ct_buf);
+  else
+    return snprintf ((char *) out_buf, line_size, "%s%s$%s$%s",
+        SIGNATURE_METAMASK_WALLET,
+        salt_buf,
+        iv_buf,
+        ct_buf);
 }

 void module_init (module_ctx_t *module_ctx)
--- a/tools/2hashcat_tests/metamask2hashcat.withrounds.json
+++ b/tools/2hashcat_tests/metamask2hashcat.withrounds.json
@ -0,0 +1 @@
+{"data":"G2Qsp8BtQNz9E1vFlSebykcGkps5iJ53fBjJV8GIE7eolAQpz5m25MTZv0b0t2tpqXvfgEYKYZKsoLvuWWRHqj2ommt+U0l6fEGPY6lTn5PYzDtMKNpPWHKCIS/QYhwEA9/X5RtyIwDL6VqcRp6owV+/icmRlQa+TI5buHWZ+99Z1kBbpTDVYLBwhMRsODM1vYizQDg0vFIo3cQDtpRWUqpAKXhFcpgRD+9grS3pP/zdlIUn//87DZ3ue6Sn6WFOe08EvuY8sYZqTiN3GxcfESOltNbZJGcedMubt/jGsk+qIwUWC/f456UgeX9DN7i2pQBBI+L7qkY5v1WT5Y0i8uho1c2M2G8M9miO8HSm/j4bpMN1J6lPtjFhfAzEPS1go1w2vTmOtr1y+2A4M6HEOcxIrPJ8lUUH9pcN7Xpd+u/tQv8BYFxd6RlNYKLyA6OChbF+TD5Zz6oFZQtkprXqzZUFOlxeWJ373kHMISZtXOx44YGaiT2178fXgHFXavw=","iv":"N1aDRjt2ZD5x15Q1X9zVUw==","keyMetadata":{"algorithm":"PBKDF2","params":{"iterations":600000}},"salt":"MBdUsmTcBHGCASECYr3gmD8XaJROwjhOegSWweCFhco="}
--- a/tools/metamask2hashcat.py
+++ b/tools/metamask2hashcat.py
@ -51,8 +51,14 @@ def metamask_parser(file, shortdata):
        parser.print_help()
        exit(1)

+
    if isMobile is False:

+      try:
+        iter_count = j['keyMetadata']['params']['iterations']
+      except KeyError:
+        iter_count = 10_000
+
      if((len(j['data']) > 3000) or shortdata):
        data_bin = base64.b64decode(j['data'])
        # TODO limit data to 16 bytes, we only check the first block of data, so we don't need more data.
@ -60,9 +66,15 @@ def metamask_parser(file, shortdata):
        #  Still the pbkdf 10k iter will be taking the most time by far probably.
        j['data'] = base64.b64encode(data_bin[0:64]).decode("ascii")

-        print('$metamask-short$' + j['salt'] + '$' + j['iv'] + '$' + j['data'])
+        if iter_count != 10000:
+          print('$metamask-short$rounds=' + str(iter_count) + '$' + j['salt'] + '$' + j['iv'] + '$' + j['data'])
+        else:
+          print('$metamask-short$' + j['salt'] + '$' + j['iv'] + '$' + j['data'])
      else:
-        print('$metamask$' + j['salt'] + '$' + j['iv'] + '$' + j['data'])
+        if iter_count != 10000:
+          print('$metamask$rounds=' + str(iter_count) + '$' + j['salt'] + '$' + j['iv'] + '$' + j['data'])
+        else:
+          print('$metamask$' + j['salt'] + '$' + j['iv'] + '$' + j['data'])

    else:
				`@ -0,0 +1 @@`
				{"data":"G2Qsp8BtQNz9E1vFlSebykcGkps5iJ53fBjJV8GIE7eolAQpz5m25MTZv0b0t2tpqXvfgEYKYZKsoLvuWWRHqj2ommt+U0l6fEGPY6lTn5PYzDtMKNpPWHKCIS/QYhwEA9/X5RtyIwDL6VqcRp6owV+/icmRlQa+TI5buHWZ+99Z1kBbpTDVYLBwhMRsODM1vYizQDg0vFIo3cQDtpRWUqpAKXhFcpgRD+9grS3pP/zdlIUn//87DZ3ue6Sn6WFOe08EvuY8sYZqTiN3GxcfESOltNbZJGcedMubt/jGsk+qIwUWC/f456UgeX9DN7i2pQBBI+L7qkY5v1WT5Y0i8uho1c2M2G8M9miO8HSm/j4bpMN1J6lPtjFhfAzEPS1go1w2vTmOtr1y+2A4M6HEOcxIrPJ8lUUH9pcN7Xpd+u/tQv8BYFxd6RlNYKLyA6OChbF+TD5Zz6oFZQtkprXqzZUFOlxeWJ373kHMISZtXOx44YGaiT2178fXgHFXavw=","iv":"N1aDRjt2ZD5x15Q1X9zVUw==","keyMetadata":{"algorithm":"PBKDF2","params":{"iterations":600000}},"salt":"MBdUsmTcBHGCASECYr3gmD8XaJROwjhOegSWweCFhco="}