arno/hashcat
1
0
Fork 0
mirror of https://github.com/hashcat/hashcat.git synced 2025-02-28 07:12:35 +00:00
Code Issues Releases Wiki Activity
5,257 Commits 1 Branch 27 Tags 209 MiB
cc59de6538
Commit Graph

568 Commits

Author SHA1 Message Date
Jens Steube
3aecd150f9 Call module_hash_encode() in ascii_digest() 2018-12-14 15:29:57 +01:00
R. Yushaev
b5a7e967c1 Add support for Open Document Format 1.1 
Contains a kernel for the ODF 1.1 encryption implemented in OpenOffice.
The algorithm uses a SHA-1 checksum, a PBKDF2-HMAC-SHA1 key derivation
with 1024 iterations and Blowfish-CFB encryption.

Valid hashes can be extracted with the libreoffice2john.py script,
available from the John the Ripper Jumbo repository at
https://github.com/magnumripper/JohnTheRipper/blob/bleeding-jumbo/run/libreoffice2john.py

You have to remove the filename suffix at the end of the hash before
passing it to hashcat. Also see 'hashcat -m18600 --example-hashes'.

You can leave the filename prefix if you use the --username option to
process those hashes.

 - Add hash-mode 18600 (Open Document Format (ODF) 1.1 (SHA-1, Blowfish))
 - Tests: add hash-mode 18600 (Open Document Format (ODF) 1.1 (SHA-1, Blowfish))
 2018-12-14 13:23:52 +01:00
R. Yushaev
875d6eb516 Fix selftest for hash-mode 18400 2018-12-14 13:09:54 +01:00
Jens Steube
222d76f01e Replace parse_func() with module_hash_decode() 2018-12-14 12:22:13 +01:00
Jens Steube
42c3ab0485
Merge pull request #1820 from hashcat/master 
backports from master
 2018-12-13 14:22:28 +01:00
Sein Coray
a70a0513bf
Added hash mode 18500 sha1(md5(md5($pass))) 
closes hashcat/hashcat#1652
 2018-12-10 16:11:11 +01:00
Jens Steube
c6dcb1b8ae
Merge pull request #1809 from hashcat/master 
Backports from master
 2018-12-09 20:41:00 +01:00
R. Yushaev
074fad9fef Correct buffer size parameter in snprintf calls 
There are approx. 240 snprintf calls that set the target buffer size to
out_len - 1 or similar. This "mind the null character" subtraction is
unnecessary since snprintf already includes the string termination into
the given buffer size.
 2018-12-07 10:37:56 +01:00
Jens Steube
15ece0902f
Merge pull request #1804 from Naufragous/odf-cracking 
Add support for Open Document Format 1.2
 2018-12-07 09:36:31 +01:00
Jens Steube
9d213147e8
Merge pull request #1805 from mcovalt/electrum_salt_type_2 
Electrum Salt-Type 2
 2018-12-07 09:33:13 +01:00
R. Yushaev
6a5b0c821e Add support for Open Document Format 1.2 
Contains a kernel for the latest ODF 1.2 encryption implemented in
LibreOffice. The algorithm uses a SHA-256 checksum, a PBKDF2-HMAC-SHA1
key derivation with 100000 iterations and key stretching and AES-CBC
encryption.

Valid hashes can be extracted with the libreoffice2john.py script,
available from the John the Ripper Jumbo repository at
https://github.com/magnumripper/JohnTheRipper/blob/bleeding-jumbo/run/libreoffice2john.py

You have to remove the filename suffix at the end of the hash before
passing it to hashcat. Also see 'hashcat -m18400 --example-hashes'.

You can leave the filename prefix if you use the --username option to
process those hashes.

 - Add hash-mode 18400 (Open Document Format (ODF) 1.2 (SHA-256, AES))
 - Tests: add hash-mode 18400 (Open Document Format (ODF) 1.2 (SHA-256, AES))
 2018-12-06 18:00:09 +01:00
Matt Covalt
e2ac101526 Update interface.c to remove non-existant Salt-Type 3 support. 2018-12-06 08:33:42 -08:00
Jens Steube
55add7c60e The goal of this branch to develop a plugin like interface for hashcat kernels. 
The modification of existing core source files to add new hashcat kernels conflicts with the idea of having private hashcat kernel repositories especially when backporting latest hashcat core changes and new features.
The final outcome of this should be a plugin format that does not require modifications on the core soruce files.
Also convert all existing hash-modes to hashcat modules.
We'll start with dynamic loading the modules at runtime rather than linking them at compile time.
This will require some extra code for different OS types but should beneficial on a long term.
This commit add some first ideas of how such modules could look like, however there's no dynamic loading interface yet.
Next steps will be removing all hash-mode depending special code from source files and move them to the modules.
Finally merge with master.
 2018-12-06 14:02:10 +01:00
Sein Coray
c941e55a35
Extended IKE PSK md5/sha1 (-m 5300/5400) to print hashes correctly 2018-12-05 12:57:54 +01:00
Jens Steube
fca4f7e8a6 Prepare to use --keyboard-layout-mapping for algorithms other than TC/VC 2018-11-25 18:21:07 +01:00
Jens Steube
ee2854ec2a Support multi-byte characters for TC/VC keyboard layout mapping tables 2018-11-25 13:31:37 +01:00
Jens Steube
49fc7d45b7 - Keymaps: Added hashcat keyboard mapping us.hckmap (can be used as template) 
- Keymaps: Added hashcat keyboard mapping de.hckmap
 2018-11-15 22:29:03 +01:00
Jens Steube
400be920ba Add missing non-boot volumes support 2018-11-15 15:05:30 +01:00
Jens Steube
5d5ac1c935 Prepare for on-the-fly keyboard layout substituations required to crack booting TrueCrypt/VeraCrypt volumes 2018-11-15 14:35:51 +01:00
Royce Williams
3bf663bee1 clarify xxHash change; add 'APFS' to Apple File System refs 2018-11-12 11:31:01 -09:00
Jens Steube
a4200ba167 Added hash-mode 18300 (Apple File System) 
Fixes https://github.com/hashcat/hashcat/issues/1686
 2018-11-12 11:37:01 +01:00
R. Yushaev
47bd838e25 Add VeraCrypt Streebog support 
VeraCrypt added the possibility to use Streebog-512 as hashing algorithm
for the key derivation. This commit adds the necessary VeraCrypt kernels
as well as additional HMAC-Streebog kernels.

 - Add hash-mode 13771: VeraCrypt PBKDF2-HMAC-Streebog-512 + XTS 512 bit
 - Add hash-mode 13772: VeraCrypt PBKDF2-HMAC-Streebog-512 + XTS 1024 bit
 - Add hash-mode 13773: VeraCrypt PBKDF2-HMAC-Streebog-512 + XTS 1536 bit
 - Add hash-mode 11750: HMAC-Streebog-256 (key = $pass), big-endian
 - Add hash-mode 11760: HMAC-Streebog-256 (key = $salt), big-endian
 - Add hash-mode 11860: HMAC-Streebog-512 (key = $salt), big-endian
 - Add test suite for hash-modes 11750, 11760 and 11860
 - Improve pure Streebog kernels
 2018-11-08 11:46:31 +01:00
Sein Coray
de5f0ceb5e Fixed separator parsing for additional algorithms 2018-11-08 09:08:36 +01:00
Jens Steube
2a366741a5 Added new option --kernel-threads to manually override the automatically calculated number of threads 2018-11-06 16:06:06 +01:00
Jens Steube
3eab677bdf Move the system include where it belongs to 2018-11-04 14:26:19 +01:00
Jens Steube
9baf728fe7 Fixed token configuration for: 
- descrypt_parse_hash
- keccak_*_parse_hash
- sha256crypt_parse_hash
- drupal7_parse_hash
 2018-11-04 12:49:56 +01:00
Jens Steube
82cdd585f0 Fixed token configuration for -m 6700 2018-11-04 10:11:29 +01:00
Jens Steube
399bd2562a Fixed checking the length of the last token in a hash if it was given the attribute TOKEN_ATTR_FIXED_LENGTH 
Fixes https://github.com/hashcat/hashcat/issues/1755
 2018-11-04 09:41:07 +01:00
R. Yushaev
a8eb611b1c Add HMAC-Streebog-512 (pure kernels) 
Implement HMAC based on GOST 34.11-2012 Streebog-512 as well as a test
case for it. Both the PyGOST + hmac python module and the VeraCrypt HMAC
for Streebog-512 were used as references. The kernels expect the digests
to be in big-endian order according to the RFC examples for Streebog.

Fix two bugs from commit 224315dd62.

 - Add hash-mode 11850: HMAC-Streebog-512 (key = $pass), big-endian
 - Add test case for hash-mode 11850
 - Bugfix for a3-pure Streebog kernels (modes 11700 and 11800)
 - Rename a few Streebog constants in interface.h
 2018-10-31 14:42:02 +01:00
Jens Steube
5f53a9ec32 Fix endianness and invalid separator character in outfile format of hash-mode 16801 (WPA-PMKID-PMK) 2018-10-31 08:55:32 +01:00
Arseniy Sharoglazov
ee873da300 Added hash-modes 18200 (Kerberos 5 AS-REP etype 23) 2018-10-30 19:05:44 +03:00
R. Yushaev
224315dd62 Add pure kernels and tests for Streebog hashes 
Complete Streebog support with pure kernels that allow for passwords
longer than 64 characters. Provide generic inc_hash_streebog files
for future Streebog-based hash modes (HMAC, PBKDF2, VeraCrypt).

Include streebog support in the test suite. For this, python module
PyGOST is needed. Also add clarification to hash mode description
stating that Streebog hashes are expected in big-endian byte order.
There are several implementations, including PyGOST, which default
to little-endian byte order, while the RFC examples are big-endian.

 - Add pure kernels for hash-mode 11700 (Streebog-256)
 - Add pure kernels for hash-mode 11800 (Streebog-512)
 - Tests: Add hash-modes 11700 (Streebog-256) and 11800 (Streebog-512)
 2018-10-29 10:33:30 +01:00
Sein Coray
591c1db0f6 Changed separator for certain hash algorithms to be static 2018-10-25 11:37:54 +02:00
R. Yushaev
831075b532 Fixed the byte order of digest output for hash-mode 11800 (Streebog-512) 2018-10-25 10:44:24 +02:00
Jens Steube
e2a9409413
Merge pull request #1710 from unix-ninja/master 
Add support for TOTP (RFC 6238)
 2018-10-22 20:49:31 +02:00
unix-ninja
55d56baaa5 Fix digest to allow auto optimized code by compiler 2018-10-22 08:25:05 -04:00
Jens Steube
99709a32a3 Allow keepass iteration count to be larger than 999999 2018-10-21 13:32:07 +02:00
unix-ninja
cef3c1cb06 Use C99 format specifier 2018-10-20 22:00:15 -04:00
unix-ninja
fddfd835d2 Support 64 bit timestamps properly 2018-10-19 15:35:52 -04:00
unix-ninja
770e21e5ee Support 64 bit timestamps properly 2018-10-19 15:16:46 -04:00
unix-ninja
8b2af6b207 More code style changes 2018-10-19 08:45:44 -04:00
R. Yushaev
4d457ca141 Fix conflicts caused by PR GH-1717 2018-10-19 10:53:23 +02:00
unix-ninja
3869ce9246 More coding style fixes 2018-10-18 08:55:55 -04:00
unix-ninja
db4ec8ed2c Fix formatting to comply with hashcat coding guidelines 2018-10-17 16:34:34 -04:00
unix-ninja
23ee9379c1 Fix zero-padding on token output for matches 2018-10-17 11:47:04 -04:00
unix-ninja
27366c3eff Don't duplicate existing functionality 2018-10-17 11:44:34 -04:00
unix-ninja
d66200a406 Force --keep-guessing on mode 18100 2018-10-17 08:17:48 -04:00
unix-ninja
83c78cdf0b Cleanup unused code 2018-10-17 08:15:49 -04:00
unix-ninja
37983de4b2 Fix compile warnings in totp_parse_hash() 2018-10-16 17:39:46 -04:00
unix-ninja
3c3b05d1e5 Resolve conflicts 2018-10-16 15:48:20 -04:00
unix-ninja
6cda8f7077 Change TOTP index from 17300 to 18100 2018-10-16 15:33:09 -04:00
unix-ninja
977b560bb4 Add support for TOTP (RFC 6238) 2018-10-16 15:05:14 -04:00
R. Yushaev
5c87720acc Add SHA3 and Keccak 
The previous hash-mode 5000 covered Keccak-256 only. FIPS changed one
padding byte while adopting Keccak as the SHA3 standard, which gives us
different digests. Now we have separate kernels for SHA3 and Keccak.

 - Added hash-mode 17300 = SHA3-224
 - Added hash-mode 17400 = SHA3-256
 - Added hash-mode 17500 = SHA3-384
 - Added hash-mode 17600 = SHA3-512
 - Added hash-mode 17700 = Keccak-224
 - Added hash-mode 17800 = Keccak-256
 - Added hash-mode 17900 = Keccak-384
 - Added hash-mode 18000 = Keccak-512
 - Removed hash-mode 5000 = SHA-3 (Keccak)
 2018-10-15 16:06:31 +02:00
Jens Steube
8452930795 Allow hashfile for -m 16800 to be used with -m 16801 2018-10-14 11:39:31 +02:00
Jens Steube
6afe989bed Fixed the tokenizer configuration in postgres hash parser 2018-10-14 11:38:31 +02:00
Jens Steube
1b980cf010 Allow hashfile for -m 16800 to be used with -m 16801 2018-09-29 11:52:21 +02:00
Michael Sprecher
1892b842d7
Increased the maximum size of edata2 in Kerberos 5 TGS-REP etype 23 2018-09-12 12:25:02 +02:00
jsteube
52c52836e3 Add new option --slow-candidates which allows hashcat to generate passwords on-host 2018-09-01 12:31:17 +02:00
Jens Steube
466ea8eaba Fixed detection of unique ESSID in WPA-PMKID-* parser 2018-08-31 15:47:48 +02:00
Jens Steube
3e149843ae Fixed detection of unique ESSID in WPA-PMKID-* parser 2018-08-30 11:13:44 +02:00
Michael Sprecher
e975612f82
Fixed the ciphertext max length in Ansible Vault parser 2018-08-16 12:13:22 +02:00
Michael Sprecher
5536ab9917
Getting rid of OPTS_TYPE_HASH_COPY for Ansible Vault 2018-08-15 23:32:58 +02:00
Jens Steube
ce9b56e06c Allow bitcoin master key length not be exactly 96 byte a multiple of 16 2018-08-14 15:39:39 +02:00
jsteube
634dd71384 Remove some suppressed warnings 2018-08-06 21:04:48 +02:00
jsteube
afd1efd59c Fixed a buffer overflow in precompute_salt_md5() in case salt was longer than 64 characters 2018-08-06 15:35:35 +02:00
Jens Steube
4a856b1149
Merge pull request #1643 from hops/master 
Added hash-mode 16900 = Ansible Vault
 2018-08-01 20:28:00 +02:00
Michael Sprecher
3a321c8dce
Added hash-mode 16900 = Ansible Vault 2018-08-01 19:44:30 +02:00
jsteube
d11070729b Fix Token Length Exception on NetNTLMv2 hashes 2018-08-01 19:09:41 +02:00
jsteube
39af031ced Fix Token Length Exception on NetNTLMv1 hashes 2018-07-31 17:31:54 +02:00
jsteube
bdec457951 TrueCrypt/VeraCrypt cracking: Do an entropy check on the TC/VC header on start 2018-07-31 16:18:45 +02:00
jsteube
b1788a934e Fix missing TOKEN_ATTR_VERIFY_SIGNATURE in phpass_parse_hash() 2018-07-26 13:22:28 +02:00
jsteube
88ebca40b8 Added hash-mode 16800 = WPA-PMKID-PBKDF2 
Added hash-mode 16801 = WPA-PMKID-PMK
Renamed lot's of existing WPA related variables to WPA-EAPOL in order to distinguish them with WPA-PMKID variables
Renamed WPA/WPA2 to WPA-EAPOL-PBKDF2
Renamed WPA/WPA2 PMK to WPA-EAPOL-PMK
 2018-07-25 16:46:06 +02:00
jsteube
cc8fa3ee80 Remove TOKEN_ATTR_TERMINATE_STRING from input_tokenizer() and replace with equalivalent code where it's needed 2018-07-24 13:55:23 +02:00
magnum
f5e9f4dc85 Fix a couple of gcc-6 -Wpointer-sign build warnings. 2018-07-24 10:57:54 +02:00
philsmd
2e1845ec11
fixes #1624: increase esalt/nonce buffer to 1024 for -m 11400 = SIP 2018-07-23 15:51:39 +02:00
Jens Steube
eb563f5a10 Fix minimum line length for token 3 in saph_sha1_parse_hash() 2018-07-21 14:09:52 +02:00
Jens Steube
a33af21642 Fix some output formats after refactorization with input_tokenizer() 2018-07-20 20:29:00 +02:00
jsteube
048298020e All remaining parser functions have been rewritten to make use of input_tokenizer(): 
chacha20_parse_hash
crammd5_dovecot_parse_hash
electrum_wallet13_parse_hash
ethereum_pbkdf2_parse_hash
ethereum_presale_parse_hash
ethereum_scrypt_parse_hash
filevault2_parse_hash
filezilla_server_parse_hash
jks_sha1_parse_hash
jwt_parse_hash
mywalletv2_parse_hash
netbsd_sha1crypt_parse_hash
plaintext_parse_hash
tacacs_plus_parse_hash
tripcode_parse_hash
Removed old generic salt parser function parse_and_store_salt()
 2018-07-20 11:00:39 +02:00
jsteube
85aef30dff The following parser functions have been rewritten to make use of input_tokenizer(): 
opencart_parse_hash
des_parse_hash
win8phone_parse_hash
sha1cx_parse_hash
itunes_backup_parse_hash
skip32_parse_hash
 2018-07-19 17:14:33 +02:00
jsteube
ed0ac581cd The following parser functions have been rewritten to make use of input_tokenizer(): 
keepass_parse_hash
zip2_parse_hash
 2018-07-18 17:59:44 +02:00
jsteube
558c2c4aa5 The following parser functions have been rewritten to make use of input_tokenizer(): 
ms_drsr_parse_hash
androidfde_samsung_parse_hash
rar5_parse_hash
krb5tgs_parse_hash
axcrypt_parse_hash
 2018-07-17 16:13:55 +02:00
jsteube
a6b52d6faf The following parser functions have been rewritten to make use of input_tokenizer(): 
ecryptfs_parse_hash
bsdicrypt_parse_hash
rar3hp_parse_hash
cf10_parse_hash
mywallet_parse_hash
 2018-07-16 18:22:58 +02:00
jsteube
e1fd84255b Some fixes for seven_zip_parse_hash() using input_tokenizer() 2018-07-15 20:54:49 +02:00
jsteube
230ec5e004 Add TOKEN_ATTR_TERMINATE_STRING feature to input_tokenizer() 
The following parser functions have been rewritten to make use of input_tokenizer():
bitcoin_wallet_parse_hash
sip_auth_parse_hash
crc32_parse_hash
oraclet_parse_hash
seven_zip_parse_hash
 2018-07-15 18:10:04 +02:00
jsteube
39418571db The following parser functions have been rewritten to make use of input_tokenizer(): 
prestashop_parse_hash
postgresql_auth_parse_hash
mysql_auth_parse_hash
 2018-07-14 22:40:03 +02:00
jsteube
cd552eb54d The following parser functions have been rewritten to make use of input_tokenizer(): 
pdf14_parse_hash
pdf17l8_parse_hash
pbkdf2_md5_parse_hash
pbkdf2_sha1_parse_hash
pbkdf2_sha256_parse_hash
pbkdf2_sha512_parse_hash
 2018-07-14 12:48:54 +02:00
jsteube
6ee7709d27 The following parser functions have been rewritten to make use of input_tokenizer(): 
djangopbkdf2_parse_hash
siphash_parse_hash
crammd5_parse_hash
saph_sha1_parse_hash
pdf11_parse_hash
pdf11cm2_parse_hash
 2018-07-13 09:59:59 +02:00
jsteube
bc8ed67a11 The following parser functions have been rewritten to make use of input_tokenizer(): 
oldoffice01_parse_hash
oldoffice01cm2_parse_hash
oldoffice34_parse_hash
oldoffice34cm2_parse_hash
 2018-07-12 18:06:00 +02:00
jsteube
9f4655e131 The following parser functions have been rewritten to make use of input_tokenizer(): 
lotus8_parse_hash
cisco8_parse_hash
cisco9_parse_hash
office2007_parse_hash
office2010_parse_hash
office2013_parse_hash
 2018-07-11 11:57:43 +02:00
jsteube
1b30a1d6c7 The following parser functions have been rewritten to make use of input_tokenizer(): 
nsec3_parse_hash
wbb3_parse_hash
racf_parse_hash
androidfde_parse_hash
scrypt_parse_hash
 2018-07-09 12:49:42 +02:00
jsteube
f02e72425b The following parser functions have been rewritten to make use of input_tokenizer(): 
sapb_parse_hash
sapg_parse_hash
drupal7_parse_hash
sybasease_parse_hash
netscaler_parse_hash
cloudkey_parse_hash
 2018-07-08 12:55:31 +02:00
jsteube
1c121ef79c The following parser functions have been rewritten to make use of input_tokenizer(): 
sha512macos_parse_hash
sha512grub_parse_hash
rakp_parse_hash
krb5pa_parse_hash
 2018-07-07 11:25:25 +02:00
jsteube
0820fe4100 The following parser functions have been rewritten to make use of input_tokenizer(): 
sha1aix_parse_hash
agilekey_parse_hash
lastpass_parse_hash
fortigate_parse_hash
 2018-07-06 13:48:39 +02:00
jsteube
18fed3053a The following parser functions have been rewritten to make use of input_tokenizer(): 
md5aix_parse_hash
sha256aix_parse_hash
sha512aix_parse_hash
 2018-07-05 11:11:24 +02:00
jsteube
7e18ab05be The following parser functions have been rewritten to make use of input_tokenizer(): 
ikepsk_md5_parse_hash
ikepsk_sha1_parse_hash
 2018-07-04 12:58:30 +02:00
jsteube
afd5fa760c The following parser functions have been rewritten to make use of 
input_tokenizer():
androidpin_parse_hash
chap_parse_hash
lotus5_parse_hash
lotus6_parse_hash
radmin2_parse_hash
gost2012sbog_256_parse_hash
gost2012sbog_512_parse_hash
 2018-07-03 10:23:04 +02:00
jsteube
8b2478d744 The following parser functions have been rewritten to make use of input_tokenizer(): 
sha256crypt_parse_hash
sha512crypt_parse_hash
keccak_parse_hash
blake2b_parse_hash
juniper_parse_hash
oracleh_parse_hash
gost_parse_hash
 2018-07-02 09:20:15 +02:00
jsteube
87be2e8cce The following parser functions have been rewritten to make use of input_tokenizer(): 
sha224_parse_hash
sha256_parse_hash
sha256s_parse_hash
sha384_parse_hash
sha512_parse_hash
sha512s_parse_hash
ripemd160_parse_hash
whirlpool_parse_hash
hmacmd5_parse_hash
hmacsha1_parse_hash
hmacsha256_parse_hash
hmacsha512_parse_hash
mysql323_parse_hash
 2018-07-01 10:49:30 +02:00
jsteube
c6eb269784 The following parser functions have been rewritten to make use of input_tokenizer(): 
mssql2000_parse_hash
mssql2005_parse_hash
mssql2012_parse_hash
oracles_parse_hash
episerver4_parse_hash
sha512b64s_parse_hash
hmailserver_parse_hash
phps_parse_hash
mediawiki_b_parse_hash
peoplesoft_parse_hash
skype_parse_hash
djangosha1_parse_hash
redmine_parse_hash
punbb_parse_hash
sha256b64s_parse_hash
atlassian_parse_hash
 2018-07-01 09:49:33 +02:00
jsteube
06a34bd026 Convert sha1b64s_parse_hash() to make use of input_tokenizer() 2018-06-30 10:51:21 +02:00