diff --git a/src/modules/module_26600.c b/src/modules/module_26600.c index 4f6d0de3b..1f211310d 100644 --- a/src/modules/module_26600.c +++ b/src/modules/module_26600.c @@ -29,6 +29,8 @@ static const char *ST_PASS = "hashcat1"; // hash generated using with python3 tools/metamask2hashcat.py --vault tools/2hashcat_tests/metamask2hashcat.json static const char *ST_HASH = "$metamask$jfGI3TXguhb8GPnKSXFrMzRk2NCEc131Gt5G3kZr5+s=$h+BoIf2CQ5BEjaIOShFE7g==$R95fzGt4UQ0uwrcrVYnIi4UcSlWn9wlmer+//526ZDwYAp50K82F1u1oacYcdjjhuEvbZnWk/uBG00UkgLLlO3WbINljqmu2QWdDEwjTgo/qWR6MU9d/82rxNiONHQE8UrZ8SV+htVr6XIB0ze3aCV0E+fwI93EeP79ZeDxuOEhuHoiYT0bHWMv5nA48AdluG4DbOo7SrDAWBVCBsEdXsOfYsS3/TIh0a/iFCMX4uhxY2824JwcWp4H36SFWyBYMZCJ3/U4DYFbbjWZtGRthoJlIik5BJq4FLu3Y1jEgza0AWlAvu4MKTEqrYSpUIghfxf1a1f+kPvxsHNq0as0kRwCXu09DObbdsiggbmeoBkxMZiFq0d9ar/3Gon0r3hfc3c124Wlivzbzu1JcZ3wURhLSsUS7b5cfG86aXHJkxmQDA5urBz6lw3bsIvlEUB2ErkQy/zD+cPwCG1Rs/WKt7KNh45lppCUkHccbf+xlpdc8OfUwj01Xp7BdH8LMR7Vx1C4hZCvSdtURVl0VaAMxHDX0MjRkwmqS"; +static const u32 ROUNDS_METAMASK = 10000; + u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } @@ -144,9 +146,10 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE | TOKEN_ATTR_VERIFY_SIGNATURE; token.sep[1] = '$'; - token.len[1] = 44; - token.attr[1] = TOKEN_ATTR_FIXED_LENGTH - | TOKEN_ATTR_VERIFY_BASE64A; + token.len_min[1] = 0; + token.len_max[1] = 60; + token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_OPTIONAL_ROUNDS; token.sep[2] = '$'; token.len[2] = 24; @@ -169,7 +172,12 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE // iter - salt->salt_iter = 10000 - 1; + salt->salt_iter = ROUNDS_METAMASK - 1; + + if (token.opt_len != -1) + { + salt->salt_iter = hc_strtoul ((const char *) token.opt_buf + 7, NULL, 10) - 1; // 7 = "rounds=" + } // salt @@ -312,14 +320,20 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE base64_encode (int_to_base64, (const u8 *) tmp_buf, (const int) metamask->ct_len+16, ct_buf); u8 *out_buf = (u8 *) line_buf; - - int out_len = snprintf ((char *) out_buf, line_size, "%s%s$%s$%s", - SIGNATURE_METAMASK_WALLET, - salt_buf, - iv_buf, - ct_buf); - - return out_len; + + if (salt->salt_iter + 1 != ROUNDS_METAMASK) + return snprintf ((char *) out_buf, line_size, "%srounds=%d$%s$%s$%s", + SIGNATURE_METAMASK_WALLET, + salt->salt_iter + 1, + salt_buf, + iv_buf, + ct_buf); + else + return snprintf ((char *) out_buf, line_size, "%s%s$%s$%s", + SIGNATURE_METAMASK_WALLET, + salt_buf, + iv_buf, + ct_buf); } void module_init (module_ctx_t *module_ctx) diff --git a/src/modules/module_26610.c b/src/modules/module_26610.c index 532246128..64cf20f4b 100644 --- a/src/modules/module_26610.c +++ b/src/modules/module_26610.c @@ -29,6 +29,8 @@ static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; static const char *ST_PASS = "hashcat1"; static const char *ST_HASH = "$metamask-short$jfGI3TXguhb8GPnKSXFrMzRk2NCEc131Gt5G3kZr5+s=$h+BoIf2CQ5BEjaIOShFE7g==$R95fzGt4UQ0uwrcrVYnIi4UcSlWn9wlmer+//526ZDwYAp50K82F1u1oacYcdjjhuEvbZnWk/uBG00UkgLLlOw=="; +static const u32 ROUNDS_METAMASK = 10000; + u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } @@ -147,9 +149,10 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE | TOKEN_ATTR_VERIFY_SIGNATURE; token.sep[1] = '$'; - token.len[1] = 44; - token.attr[1] = TOKEN_ATTR_FIXED_LENGTH - | TOKEN_ATTR_VERIFY_BASE64A; + token.len_min[1] = 0; + token.len_max[1] = 60; + token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_OPTIONAL_ROUNDS; token.sep[2] = '$'; token.len[2] = 24; @@ -168,7 +171,12 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE // iter - salt->salt_iter = 10000 - 1; + salt->salt_iter = ROUNDS_METAMASK - 1; + + if (token.opt_len != -1) + { + salt->salt_iter = hc_strtoul ((const char *) token.opt_buf + 7, NULL, 10) - 1; // 7 = "rounds=" + } // salt @@ -293,13 +301,19 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE u8 *out_buf = (u8 *) line_buf; - int out_len = snprintf ((char *) out_buf, line_size, "%s%s$%s$%s", - SIGNATURE_METAMASK_WALLET, - salt_buf, - iv_buf, - ct_buf); - - return out_len; + if (salt->salt_iter + 1 != ROUNDS_METAMASK) + return snprintf ((char *) out_buf, line_size, "%srounds=%d$%s$%s$%s", + SIGNATURE_METAMASK_WALLET, + salt->salt_iter + 1, + salt_buf, + iv_buf, + ct_buf); + else + return snprintf ((char *) out_buf, line_size, "%s%s$%s$%s", + SIGNATURE_METAMASK_WALLET, + salt_buf, + iv_buf, + ct_buf); } void module_init (module_ctx_t *module_ctx) diff --git a/tools/2hashcat_tests/metamask2hashcat.withrounds.json b/tools/2hashcat_tests/metamask2hashcat.withrounds.json new file mode 100644 index 000000000..b865647fd --- /dev/null +++ b/tools/2hashcat_tests/metamask2hashcat.withrounds.json @@ -0,0 +1 @@ +{"data":"G2Qsp8BtQNz9E1vFlSebykcGkps5iJ53fBjJV8GIE7eolAQpz5m25MTZv0b0t2tpqXvfgEYKYZKsoLvuWWRHqj2ommt+U0l6fEGPY6lTn5PYzDtMKNpPWHKCIS/QYhwEA9/X5RtyIwDL6VqcRp6owV+/icmRlQa+TI5buHWZ+99Z1kBbpTDVYLBwhMRsODM1vYizQDg0vFIo3cQDtpRWUqpAKXhFcpgRD+9grS3pP/zdlIUn//87DZ3ue6Sn6WFOe08EvuY8sYZqTiN3GxcfESOltNbZJGcedMubt/jGsk+qIwUWC/f456UgeX9DN7i2pQBBI+L7qkY5v1WT5Y0i8uho1c2M2G8M9miO8HSm/j4bpMN1J6lPtjFhfAzEPS1go1w2vTmOtr1y+2A4M6HEOcxIrPJ8lUUH9pcN7Xpd+u/tQv8BYFxd6RlNYKLyA6OChbF+TD5Zz6oFZQtkprXqzZUFOlxeWJ373kHMISZtXOx44YGaiT2178fXgHFXavw=","iv":"N1aDRjt2ZD5x15Q1X9zVUw==","keyMetadata":{"algorithm":"PBKDF2","params":{"iterations":600000}},"salt":"MBdUsmTcBHGCASECYr3gmD8XaJROwjhOegSWweCFhco="} diff --git a/tools/metamask2hashcat.py b/tools/metamask2hashcat.py old mode 100755 new mode 100644 index a2aa99774..319889c60 --- a/tools/metamask2hashcat.py +++ b/tools/metamask2hashcat.py @@ -51,8 +51,14 @@ def metamask_parser(file, shortdata): parser.print_help() exit(1) + if isMobile is False: + try: + iter_count = j['keyMetadata']['params']['iterations'] + except KeyError: + iter_count = 10_000 + if((len(j['data']) > 3000) or shortdata): data_bin = base64.b64decode(j['data']) # TODO limit data to 16 bytes, we only check the first block of data, so we don't need more data. @@ -60,9 +66,15 @@ def metamask_parser(file, shortdata): # Still the pbkdf 10k iter will be taking the most time by far probably. j['data'] = base64.b64encode(data_bin[0:64]).decode("ascii") - print('$metamask-short$' + j['salt'] + '$' + j['iv'] + '$' + j['data']) + if iter_count != 10000: + print('$metamask-short$rounds=' + str(iter_count) + '$' + j['salt'] + '$' + j['iv'] + '$' + j['data']) + else: + print('$metamask-short$' + j['salt'] + '$' + j['iv'] + '$' + j['data']) else: - print('$metamask$' + j['salt'] + '$' + j['iv'] + '$' + j['data']) + if iter_count != 10000: + print('$metamask$rounds=' + str(iter_count) + '$' + j['salt'] + '$' + j['iv'] + '$' + j['data']) + else: + print('$metamask$' + j['salt'] + '$' + j['iv'] + '$' + j['data']) else: