1
0
mirror of https://github.com/hashcat/hashcat.git synced 2025-01-04 04:40:58 +00:00
Commit Graph

132 Commits

Author SHA1 Message Date
R. Yushaev
47bd838e25 Add VeraCrypt Streebog support
VeraCrypt added the possibility to use Streebog-512 as hashing algorithm
for the key derivation. This commit adds the necessary VeraCrypt kernels
as well as additional HMAC-Streebog kernels.

 - Add hash-mode 13771: VeraCrypt PBKDF2-HMAC-Streebog-512 + XTS 512 bit
 - Add hash-mode 13772: VeraCrypt PBKDF2-HMAC-Streebog-512 + XTS 1024 bit
 - Add hash-mode 13773: VeraCrypt PBKDF2-HMAC-Streebog-512 + XTS 1536 bit
 - Add hash-mode 11750: HMAC-Streebog-256 (key = $pass), big-endian
 - Add hash-mode 11760: HMAC-Streebog-256 (key = $salt), big-endian
 - Add hash-mode 11860: HMAC-Streebog-512 (key = $salt), big-endian
 - Add test suite for hash-modes 11750, 11760 and 11860
 - Improve pure Streebog kernels
2018-11-08 11:46:31 +01:00
Royce Williams
6053f473eb trailing whitespace 2018-11-01 11:17:02 -08:00
R. Yushaev
a8eb611b1c Add HMAC-Streebog-512 (pure kernels)
Implement HMAC based on GOST 34.11-2012 Streebog-512 as well as a test
case for it. Both the PyGOST + hmac python module and the VeraCrypt HMAC
for Streebog-512 were used as references. The kernels expect the digests
to be in big-endian order according to the RFC examples for Streebog.

Fix two bugs from commit 224315dd62.

 - Add hash-mode 11850: HMAC-Streebog-512 (key = $pass), big-endian
 - Add test case for hash-mode 11850
 - Bugfix for a3-pure Streebog kernels (modes 11700 and 11800)
 - Rename a few Streebog constants in interface.h
2018-10-31 14:42:02 +01:00
Arseniy Sharoglazov
ee873da300 Added hash-modes 18200 (Kerberos 5 AS-REP etype 23) 2018-10-30 19:05:44 +03:00
R. Yushaev
224315dd62 Add pure kernels and tests for Streebog hashes
Complete Streebog support with pure kernels that allow for passwords
longer than 64 characters. Provide generic inc_hash_streebog files
for future Streebog-based hash modes (HMAC, PBKDF2, VeraCrypt).

Include streebog support in the test suite. For this, python module
PyGOST is needed. Also add clarification to hash mode description
stating that Streebog hashes are expected in big-endian byte order.
There are several implementations, including PyGOST, which default
to little-endian byte order, while the RFC examples are big-endian.

 - Add pure kernels for hash-mode 11700 (Streebog-256)
 - Add pure kernels for hash-mode 11800 (Streebog-512)
 - Tests: Add hash-modes 11700 (Streebog-256) and 11800 (Streebog-512)
2018-10-29 10:33:30 +01:00
unix-ninja
3705ebfbf6 Remove extra whitespace in test.pl 2018-10-19 16:00:26 -04:00
unix-ninja
db4ec8ed2c Fix formatting to comply with hashcat coding guidelines 2018-10-17 16:34:34 -04:00
unix-ninja
3c3b05d1e5 Resolve conflicts 2018-10-16 15:48:20 -04:00
unix-ninja
6cda8f7077 Change TOTP index from 17300 to 18100 2018-10-16 15:33:09 -04:00
unix-ninja
1ecc5e5559 Add TOTP to test.pl 2018-10-16 15:06:39 -04:00
R. Yushaev
5c87720acc Add SHA3 and Keccak
The previous hash-mode 5000 covered Keccak-256 only. FIPS changed one
padding byte while adopting Keccak as the SHA3 standard, which gives us
different digests. Now we have separate kernels for SHA3 and Keccak.

 - Added hash-mode 17300 = SHA3-224
 - Added hash-mode 17400 = SHA3-256
 - Added hash-mode 17500 = SHA3-384
 - Added hash-mode 17600 = SHA3-512
 - Added hash-mode 17700 = Keccak-224
 - Added hash-mode 17800 = Keccak-256
 - Added hash-mode 17900 = Keccak-384
 - Added hash-mode 18000 = Keccak-512
 - Removed hash-mode 5000 = SHA-3 (Keccak)
2018-10-15 16:06:31 +02:00
philsmd
883336089e test: fixed verify code for -m 16600 = Electrum Wallet 2018-08-04 19:26:42 +02:00
Michael Sprecher
3a321c8dce
Added hash-mode 16900 = Ansible Vault 2018-08-01 19:44:30 +02:00
jsteube
88ebca40b8 Added hash-mode 16800 = WPA-PMKID-PBKDF2
Added hash-mode 16801 = WPA-PMKID-PMK
Renamed lot's of existing WPA related variables to WPA-EAPOL in order to distinguish them with WPA-PMKID variables
Renamed WPA/WPA2 to WPA-EAPOL-PBKDF2
Renamed WPA/WPA2 PMK to WPA-EAPOL-PMK
2018-07-25 16:46:06 +02:00
jsteube
c28fdf7f44 Added hash-mode 16700 = FileVault 2 2018-06-18 14:38:35 +02:00
jsteube
215063d0fc Fix some formating for -m 7701 and -m 7801 in test.pl 2018-06-12 16:40:20 +02:00
Mathieu Geli
48283cf473 Add tests for 7701/7801 2018-03-06 16:43:09 +03:00
jsteube
c99de3c22a Fix missing function export in test.pl 2018-02-04 14:01:11 +01:00
jsteube
e877c30ebc OpenCL Kernels: Remove password length restriction to 16 for Cisco-PIX and Cisco-ASA hashes
Fixes #1488
2018-01-27 22:21:44 +01:00
Jens Steube
e1eab586fd Add some note for test.pl 2018-01-25 23:03:06 +01:00
Jens Steube
3b4c418b47 Prepare for -m 16600 2018-01-24 17:30:16 +01:00
jsteube
ce0cee0ac4 Stick to original JWT format from jwt.io 2018-01-21 19:57:24 +01:00
jsteube
0796c074c3 Added -m 16500 Kernels
Also changed function declaration of parser function from const hashconfig_t to just hashconfig_t
2018-01-21 18:53:55 +01:00
jsteube
6c86243b9b Prepare for JWT 2018-01-20 21:41:10 +01:00
Arseniy Sharoglazov
f84b2c52f8 Tests: added support for -m 16400 = CRAM-MD5 Dovecot 2018-01-18 19:24:27 +03:00
philsmd
bf656774bb
fixes #1279: added -m 16300 = Ethereum Pre-Sale Wallet, PBKDF2-HMAC-SHA256 2017-12-20 11:41:46 +01:00
jsteube
d9c5c42966 Rename $SN$ signature to $ASN$ for apple secure notes 2017-12-13 12:36:01 +01:00
jsteube
dc58253703 Fix salt length for mode 16200 in test.pl 2017-12-12 16:44:04 +01:00
jsteube
94c668ce8a Prepare hash-mode 16200 (Apple Secure Notes) 2017-12-12 16:36:43 +01:00
jsteube
6671005fa2 Simplify code to verify cracked hash in test.pl for hash-mode 16100 2017-11-29 13:40:41 +01:00
jsteube
c9d352743c Unit tests for mode 16100 2017-11-29 13:29:08 +01:00
jsteube
1b312d14fd Added hash-mode 16000 = Tripcode 2017-11-11 14:44:56 +01:00
jsteube
d0f5c9f2b3 Rename MacOS to macOS 2017-10-20 13:36:47 +02:00
jsteube
980f04a7b6 Rename instances of OSX to MacOS 2017-10-20 11:58:31 +02:00
Fist0urs
e3cb3e9b4c test.pl ready and 0 error. Ready for PR 2017-09-21 16:55:30 +02:00
jsteube
617dbb97ba Prepare migration -m 15800 into -m 2500 2017-09-18 13:21:00 +02:00
jsteube
0a0522cf76 Reset salt length limit in test.pl for mode 4520 to not run into errors in case the user specifies the -O mode 2017-09-04 15:57:57 +02:00
jsteube
b9a1e84093 Fix test script for updated max password length of -m 9700 and -m 9800 2017-08-05 13:23:51 +02:00
jsteube
03bb234045 Preparation for WPA/WPA2 AES-CMAC: works till PMK 2017-07-20 12:46:18 +02:00
jsteube
335ed09478 Fix test script settings for -m 15400 with new settings from interface.c 2017-07-19 18:41:53 +02:00
jsteube
8c89ed9406 Fix test script settings for -m 2400 and -m 2410 with new settings from interface.c 2017-07-19 16:40:03 +02:00
jsteube
10d9918bb1 Remove password minimum length for -m 112 and -m 3100 2017-07-19 12:35:54 +02:00
jsteube
6cbd2acd24 Added long passwords support for Drupal7 2017-07-06 11:02:43 +02:00
jsteube
52c1e15f3f Move kernel-code for -L to standalone files with -pure suffix 2017-07-01 13:02:07 +02:00
jsteube
71d4926afa Converted -m 400 to password length 256 support
Something weird happend here, read on!

I've expected some performance drop because this algorithm is using the password data itself inside the iteration loop.
That is different to PBKDF2, which I've converted in mode 2100 before and which did not show any performance as expected.

So after I've finished converting this kernel and testing everything works using the unit test, I did some benchmarks to see how much the
performance drop is.

On my 750ti, the speed dropped (minimal) from 981kH/s -> 948kH/s, that's mostly because of the SIMD support i had to drop.
If I'd turn off the SIMD support in the original, the drop would be even less, that us 967kH/s -> 948kH/s which is a bit of a more reasable
comparison in case we just want to rate the drop that is actually caused by the code change itself.

The drop was acceptable for me, so I've decided to check on my GTX1080.Now the weird thing: The performance increased from 6619kH/s to
7134kH/s!!

When I gave it a second thought, it turned out that:

1. The GTX1080 is a scalar GPU so it wont suffer from the drop of the SIMD code as the 750ti did
2. There's a change in how the global data (password) is read into the registers, it reads only that amount of data it actually needs by using
the pw_len information
3. I've added a barrier for CLK_GLOBAL_MEM_FENCE as it turned out to increase the performance in the 750ti

Note that this kernel is now branched into password length < 40 and larger.

There's a large drop on performance where SIMD is really important, for example CPU.

We could workaround this issue by sticking to SIMD inside the length < 40 branch, but I don't know yet how this can be done efficiently.
2017-06-22 13:49:15 +02:00
jsteube
cea78024bf Fix -m 2100 cracking if (password length & 31) == 0 2017-06-21 16:21:12 +02:00
jsteube
83455817a7 Working example of password up to length 256 for mode 2100 2017-06-20 17:30:07 +02:00
jsteube
ad242c2f12 Working example of generic salt up to length 256 for mode 2100 2017-06-20 17:17:13 +02:00
Jens Steube
7e5b8d3f25 Added hash-mode 15500 = JKS Java Key Store Private Keys (SHA1) 2017-06-09 09:56:06 +02:00
philsmd
c5f88f1a60 test: added missing verify part for -m 15400 = chacha 2017-06-07 13:48:05 +02:00