/** * Author......: Robert Guetzkow * License.....: MIT */ #include "common.h" #include "types.h" #include "modules.h" #include "bitops.h" #include "convert.h" #include "shared.h" static const u32 ATTACK_EXEC = ATTACK_EXEC_OUTSIDE_KERNEL; static const u32 DGST_POS0 = 0; static const u32 DGST_POS1 = 1; static const u32 DGST_POS2 = 2; static const u32 DGST_POS3 = 3; static const u32 DGST_SIZE = DGST_SIZE_4_4; static const u32 HASH_CATEGORY = HASH_CATEGORY_NETWORK_SERVER; static const char *HASH_NAME = "KNX IP Secure - Device Authentication Code"; static const u64 KERN_TYPE = 25900; static const u32 OPTI_TYPE = OPTI_TYPE_SLOW_HASH_SIMD_LOOP; static const u64 OPTS_TYPE = OPTS_TYPE_PT_GENERATE_LE | OPTS_TYPE_DEEP_COMP_KERNEL; static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; static const char *ST_PASS = "hashcat"; static const char *ST_HASH = "$knx-ip-secure-device-authentication-code$*3033*fa7c0d787a9467c209f0a6e7cf16069ed704f3959dce19e45d7935c0a91bce41*f927640d9bbe9a4b0b74dd3289ad41ec"; u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; } u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; } u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; } u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; } const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; } u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; } u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; } u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; } u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; } const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } /* Details of the protocol design can be found in ISO 22510:2019 and the application notes published by the KNX Association. */ typedef struct blocks { u32 b1[4]; u32 b2[4]; u32 b3[4]; } blocks_t; typedef struct pbkdf2_sha256_tmp { u32 ipad[8]; u32 opad[8]; u32 dgst[32]; u32 out[32]; } pbkdf2_sha256_tmp_t; static const char *SIGNATURE_DEVICE_AUTHENTICATION_CODE = "$knx-ip-secure-device-authentication-code$"; static const char *SALT_DEVICE_AUTHENTICATION_CODE = "device-authentication-code.1.secure.ip.knx.org"; static const int ROUNDS_DEVICE_AUTHENTICATION_CODE = 65536; char *module_jit_build_options(MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra, MAYBE_UNUSED const hashes_t *hashes, MAYBE_UNUSED const hc_device_param_t *device_param) { char *jit_build_options = NULL; // Extra treatment for Apple systems if (device_param->opencl_platform_vendor_id == VENDOR_ID_APPLE) { return jit_build_options; } // NVIDIA GPU if (device_param->opencl_device_vendor_id == VENDOR_ID_NV) { hc_asprintf(&jit_build_options, "-D _unroll"); } // HIP if (device_param->opencl_device_vendor_id == VENDOR_ID_AMD_USE_HIP) { hc_asprintf (&jit_build_options, "-D _unroll"); } // ROCM if ((device_param->opencl_device_vendor_id == VENDOR_ID_AMD) && (device_param->has_vperm == true)) { hc_asprintf(&jit_build_options, "-D _unroll"); } return jit_build_options; } u32 module_deep_comp_kernel (MAYBE_UNUSED const hashes_t *hashes, MAYBE_UNUSED const u32 salt_pos, MAYBE_UNUSED const u32 digest_pos) { return KERN_RUN_3; } u64 module_esalt_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { const u64 esalt_size = (const u64) sizeof (blocks_t); return esalt_size; } u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { const u64 tmp_size = (const u64) sizeof (pbkdf2_sha256_tmp_t); return tmp_size; } u32 module_pw_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { // The ETS 5 allows a maximum of 20 ASCII characters for the password used to derive the device authentication code. const u32 pw_max = 20; return pw_max; } int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) { u32 *digest = (u32 *) digest_buf; blocks_t *blocks = (blocks_t *) esalt_buf; token_t token; token.token_cnt = 4; token.signatures_cnt = 1; token.signatures_buf[0] = SIGNATURE_DEVICE_AUTHENTICATION_CODE; // Signature token.sep[0] = '*'; token.len_min[0] = 42; token.len_max[0] = 42; token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH | TOKEN_ATTR_VERIFY_SIGNATURE; // Secure Session Identifier (from SESSION_RESPONSE) token.sep[1] = '*'; token.len_min[1] = 4; token.len_max[1] = 4; token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH | TOKEN_ATTR_VERIFY_HEX; // XOR of Client Public Value X (from SESSION_REQUEST) // and Server Public Value Y (from SESSION_RESPONSE) token.sep[2] = '*'; token.len_min[2] = 64; token.len_max[2] = 64; token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH | TOKEN_ATTR_VERIFY_HEX; // Message Authentication Code (from SESSION_RESPONSE) token.sep[3] = '*'; token.len_min[3] = 32; token.len_max[3] = 32; token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH | TOKEN_ATTR_VERIFY_HEX; const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); const u8 *secure_session_identifier_pos = token.buf[1]; const int secure_session_identifier_len = token.len[1]; const u8 *public_value_xor_pos = token.buf[2]; const int public_value_xor_len = token.len[2]; const u8 *mac_pos = token.buf[3]; u8 secure_session_identifier[2]; u8 public_value_xor[32]; hex_decode (secure_session_identifier_pos, secure_session_identifier_len, (u8 *) &secure_session_identifier); hex_decode (public_value_xor_pos, public_value_xor_len, (u8 *) &public_value_xor); digest[0] = hex_to_u32 ((const u8 *) &mac_pos[0]); digest[1] = hex_to_u32 ((const u8 *) &mac_pos[8]); digest[2] = hex_to_u32 ((const u8 *) &mac_pos[16]); digest[3] = hex_to_u32 ((const u8 *) &mac_pos[24]); u8 b1[16] = { 0x00, //-x Length of the associated data 0x28, //_| 0x06, //-x KNX IP Secure header of SESSION_RESPONSE 0x10, // | 0x09, // | 0x52, // | 0x00, // | 0x38, //_| secure_session_identifier[0], secure_session_identifier[1], public_value_xor[0], public_value_xor[1], public_value_xor[2], public_value_xor[3], public_value_xor[4], public_value_xor[5] }; memcpy (blocks->b1, b1, sizeof(b1)); memcpy (blocks->b2, &public_value_xor[6], 16); // The bytes that don't get set are zero padding memset (blocks->b3, 0, 16); memcpy (blocks->b3, &public_value_xor[22], 10); // The salt used in the derivation of the device authentication code is constant size_t salt_len = strlen(SALT_DEVICE_AUTHENTICATION_CODE); // exclude the null byte memcpy (salt->salt_buf, SALT_DEVICE_AUTHENTICATION_CODE, salt_len); salt->salt_len = salt_len; salt->salt_iter = ROUNDS_DEVICE_AUTHENTICATION_CODE - 1; return (PARSER_OK); } int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) { const u32 *digest = (const u32 *) digest_buf; blocks_t *blocks = (blocks_t *) esalt_buf; u8 secure_session_identifier[2]; u8 secure_session_identifier_hex[5] = { 0 }; u8 public_value_xor[32]; u8 public_value_xor_hex[65] = { 0 }; memcpy (secure_session_identifier, &(blocks->b1[2]), 2); memcpy (&public_value_xor[ 0], ((u8 *) &blocks->b1[2]) + 2, 6); memcpy (&public_value_xor[ 6], &(blocks->b2[0]), 16); memcpy (&public_value_xor[22], &(blocks->b3[0]), 10); hex_encode(secure_session_identifier, 2, secure_session_identifier_hex); hex_encode(public_value_xor, 32, public_value_xor_hex); const int line_len = snprintf (line_buf, line_size, "%s*%s*%s*%08x%08x%08x%08x", SIGNATURE_DEVICE_AUTHENTICATION_CODE, secure_session_identifier_hex, public_value_xor_hex, byte_swap_32 (digest[0]), byte_swap_32 (digest[1]), byte_swap_32 (digest[2]), byte_swap_32 (digest[3]) ); return line_len; } void module_init (module_ctx_t *module_ctx) { module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT; module_ctx->module_attack_exec = module_attack_exec; module_ctx->module_benchmark_esalt = MODULE_DEFAULT; module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT; module_ctx->module_benchmark_mask = MODULE_DEFAULT; module_ctx->module_benchmark_salt = MODULE_DEFAULT; module_ctx->module_build_plain_postprocess = MODULE_DEFAULT; module_ctx->module_deep_comp_kernel = module_deep_comp_kernel; module_ctx->module_deprecated_notice = MODULE_DEFAULT; module_ctx->module_dgst_pos0 = module_dgst_pos0; module_ctx->module_dgst_pos1 = module_dgst_pos1; module_ctx->module_dgst_pos2 = module_dgst_pos2; module_ctx->module_dgst_pos3 = module_dgst_pos3; module_ctx->module_dgst_size = module_dgst_size; module_ctx->module_dictstat_disable = MODULE_DEFAULT; module_ctx->module_esalt_size = module_esalt_size; module_ctx->module_extra_buffer_size = MODULE_DEFAULT; module_ctx->module_extra_tmp_size = MODULE_DEFAULT; module_ctx->module_extra_tuningdb_block = MODULE_DEFAULT; module_ctx->module_forced_outfile_format = MODULE_DEFAULT; module_ctx->module_hash_binary_count = MODULE_DEFAULT; module_ctx->module_hash_binary_parse = MODULE_DEFAULT; module_ctx->module_hash_binary_save = MODULE_DEFAULT; module_ctx->module_hash_decode_postprocess = MODULE_DEFAULT; module_ctx->module_hash_decode_potfile = MODULE_DEFAULT; module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; module_ctx->module_hash_decode = module_hash_decode; module_ctx->module_hash_encode_status = MODULE_DEFAULT; module_ctx->module_hash_encode_potfile = MODULE_DEFAULT; module_ctx->module_hash_encode = module_hash_encode; module_ctx->module_hash_init_selftest = MODULE_DEFAULT; module_ctx->module_hash_mode = MODULE_DEFAULT; module_ctx->module_hash_category = module_hash_category; module_ctx->module_hash_name = module_hash_name; module_ctx->module_hashes_count_min = MODULE_DEFAULT; module_ctx->module_hashes_count_max = MODULE_DEFAULT; module_ctx->module_hlfmt_disable = MODULE_DEFAULT; module_ctx->module_hook_extra_param_size = MODULE_DEFAULT; module_ctx->module_hook_extra_param_init = MODULE_DEFAULT; module_ctx->module_hook_extra_param_term = MODULE_DEFAULT; module_ctx->module_hook12 = MODULE_DEFAULT; module_ctx->module_hook23 = MODULE_DEFAULT; module_ctx->module_hook_salt_size = MODULE_DEFAULT; module_ctx->module_hook_size = MODULE_DEFAULT; module_ctx->module_jit_build_options = module_jit_build_options; module_ctx->module_jit_cache_disable = MODULE_DEFAULT; module_ctx->module_kernel_accel_max = MODULE_DEFAULT; module_ctx->module_kernel_accel_min = MODULE_DEFAULT; module_ctx->module_kernel_loops_max = MODULE_DEFAULT; module_ctx->module_kernel_loops_min = MODULE_DEFAULT; module_ctx->module_kernel_threads_max = MODULE_DEFAULT; module_ctx->module_kernel_threads_min = MODULE_DEFAULT; module_ctx->module_kern_type = module_kern_type; module_ctx->module_kern_type_dynamic = MODULE_DEFAULT; module_ctx->module_opti_type = module_opti_type; module_ctx->module_opts_type = module_opts_type; module_ctx->module_outfile_check_disable = MODULE_DEFAULT; module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT; module_ctx->module_potfile_custom_check = MODULE_DEFAULT; module_ctx->module_potfile_disable = MODULE_DEFAULT; module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; module_ctx->module_pwdump_column = MODULE_DEFAULT; module_ctx->module_pw_max = module_pw_max; module_ctx->module_pw_min = MODULE_DEFAULT; module_ctx->module_salt_max = MODULE_DEFAULT; module_ctx->module_salt_min = MODULE_DEFAULT; module_ctx->module_salt_type = module_salt_type; module_ctx->module_separator = MODULE_DEFAULT; module_ctx->module_st_hash = module_st_hash; module_ctx->module_st_pass = module_st_pass; module_ctx->module_tmp_size = module_tmp_size; module_ctx->module_unstable_warning = MODULE_DEFAULT; module_ctx->module_warmup_disable = MODULE_DEFAULT; }