mirror of
https://github.com/hashcat/hashcat.git
synced 2024-10-31 20:48:57 +00:00
165 lines
3.6 KiB
Perl
165 lines
3.6 KiB
Perl
#!/usr/bin/env perl
|
|
|
|
##
|
|
## Author......: See docs/credits.txt
|
|
## License.....: MIT
|
|
##
|
|
|
|
use strict;
|
|
use warnings;
|
|
|
|
use Digest::MD5 qw (md5_hex);
|
|
|
|
sub module_constraints { [[0, 24], [1, 15], [0, 24], [1, 15], [-1, -1]] }
|
|
|
|
sub module_generate_hash
|
|
{
|
|
my $word = shift;
|
|
my $nonce = shift;
|
|
my $user = shift // random_string (random_number (1, 12 + 1));
|
|
my $realm = shift;
|
|
my $nonce_count = shift;
|
|
my $nonce_client = shift;
|
|
my $qop = shift;
|
|
my $method = shift // random_string (random_number (1, 24 + 1));
|
|
my $URI_prefix = shift // random_string (random_number (1, 10 + 1));
|
|
my $URI_resource = shift // random_string (random_number (1, 32 + 1));
|
|
my $URI_suffix = shift // random_string (random_number (1, 32 + 1));
|
|
my $directive = shift // "MD5";
|
|
|
|
# not needed information
|
|
my $URI_server = shift // random_string (random_number (1, 32 + 1));
|
|
my $URI_client = $URI_resource;
|
|
|
|
return unless ($directive eq "MD5"); # only MD5 directive currently supported
|
|
|
|
unless (defined $realm)
|
|
{
|
|
# special limit: (user_len + 1 + realm_len + 1 + word_len) < 56
|
|
my $realm_max_len = 55 - length ($user) - 1 - length ($word) - 1;
|
|
|
|
if ($realm_max_len < 1) # should never happen
|
|
{
|
|
$realm_max_len = 1;
|
|
}
|
|
|
|
$realm_max_len = min (20, $realm_max_len);
|
|
|
|
$realm = random_string (random_number (1, $realm_max_len + 1));
|
|
}
|
|
|
|
unless ((defined $nonce_count) && (defined $nonce_client) && (defined $qop))
|
|
{
|
|
if (random_number (0, 1 + 1) == 1)
|
|
{
|
|
$qop = "auth";
|
|
|
|
$nonce_count = random_string (random_number (1, 10 + 1));
|
|
$nonce_client = random_string (random_number (1, 12 + 1));
|
|
}
|
|
else
|
|
{
|
|
$qop = "";
|
|
|
|
$nonce_count = "";
|
|
$nonce_client = "";
|
|
}
|
|
}
|
|
|
|
# start
|
|
|
|
my $URI = "";
|
|
|
|
if (length ($URI_prefix) > 0)
|
|
{
|
|
$URI = $URI_prefix . ":";
|
|
}
|
|
|
|
$URI .= $URI_resource;
|
|
|
|
if (length ($URI_suffix) > 0)
|
|
{
|
|
$URI .= ":" . $URI_suffix;
|
|
}
|
|
|
|
my $HA2 = md5_hex ($method . ":" . $URI);
|
|
|
|
my $HA1 = md5_hex ($user . ":" . $realm . ":" . $word);
|
|
|
|
my $tmp;
|
|
|
|
if (($qop eq "auth") || ($qop eq "auth-int"))
|
|
{
|
|
$tmp = $nonce . ":" . $nonce_count . ":" . $nonce_client . ":" . $qop;
|
|
}
|
|
else
|
|
{
|
|
$tmp = $nonce;
|
|
}
|
|
|
|
my $digest = md5_hex ($HA1 . ":" . $tmp . ":" . $HA2);
|
|
|
|
my $hash = sprintf ("\$sip\$*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s", $URI_server, $URI_resource, $user, $realm, $method, $URI_prefix, $URI_resource, $URI_suffix, $nonce, $nonce_client, $nonce_count, $qop, $directive, $digest);
|
|
|
|
return $hash;
|
|
}
|
|
|
|
sub module_verify_hash
|
|
{
|
|
|
|
my $line = shift;
|
|
|
|
my ($digest, $word) = split (/:/, $line);
|
|
|
|
return unless defined $digest;
|
|
return unless defined $word;
|
|
|
|
my @data = split ('\*', $digest);
|
|
|
|
return unless scalar @data == 15;
|
|
|
|
my $signature = shift @data;
|
|
my $URI_server = shift @data;
|
|
my $URI_client = shift @data;
|
|
my $user = shift @data;
|
|
my $realm = shift @data;
|
|
my $method = shift @data;
|
|
my $URI_prefix = shift @data;
|
|
my $URI_resource = shift @data;
|
|
my $URI_suffix = shift @data;
|
|
my $nonce = shift @data;
|
|
my $nonce_client = shift @data;
|
|
my $nonce_count = shift @data;
|
|
my $qop = shift @data;
|
|
my $directive = shift @data;
|
|
my $hash = shift @data;
|
|
|
|
return unless ($signature eq '$sip$');
|
|
|
|
my $word_packed = pack_if_HEX_notation ($word);
|
|
|
|
my $new_hash = module_generate_hash (
|
|
$word_packed,
|
|
$nonce,
|
|
$user,
|
|
$realm,
|
|
$nonce_count,
|
|
$nonce_client,
|
|
$qop,
|
|
$method,
|
|
$URI_prefix,
|
|
$URI_resource,
|
|
$URI_suffix,
|
|
$directive,
|
|
$URI_server);
|
|
|
|
return ($new_hash, $word);
|
|
}
|
|
|
|
sub min
|
|
{
|
|
$_[$_[0] > $_[1]];
|
|
}
|
|
|
|
1;
|