1
0
mirror of https://github.com/hashcat/hashcat.git synced 2024-12-27 08:58:10 +00:00
hashcat/tools/test.sh
2022-06-16 19:41:33 +02:00

3978 lines
113 KiB
Bash
Executable File

#!/usr/bin/env bash
##
## Author......: See docs/credits.txt
## License.....: MIT
##
OPTS="--quiet --potfile-disable --hwmon-disable"
FORCE=0
RUNTIME=400
TDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
# List of TrueCrypt modes which have test containers
TC_MODES="6211 6212 6213 6221 6222 6223 6231 6232 6233 6241 6242 6243 29311 29312 29313 29321 29322 29323 29331 29332 29333 29341 29342 29343"
# List of VeraCrypt modes which have test containers
VC_MODES="13711 13712 13713 13721 13722 13723 13731 13732 13733 13741 13742 13743 13751 13752 13753 13761 13762 13763 13771 13772 13773 13781 13782 13783 29411 29412 29413 29421 29422 29423 29431 29432 29433 29441 29442 29443 29451 29452 29453 29461 29462 29463 29471 29472 29473 29481 29482 29483"
# List of modes which either are OPTS_TYPE_PT_NEVERCRACK or produce collisions
NEVER_CRACK="9720 9820 14900 18100 27800"
# List of modes which return a different output hash format than the input hash format
NOCHECK_ENCODING="16800 22000"
# LUKS mode has test containers
LUKS_MODE="14600"
# Cryptoloop mode which have test containers
CL_MODES="14511 14512 14513 14521 14522 14523 14531 14532 14533 14541 14542 14543 14551 14552 14553"
# missing hash types: 5200
HASH_TYPES=$(ls "${TDIR}"/test_modules/*.pm | sed -E 's/.*m0*([0-9]+).pm/\1/')
HASH_TYPES="${HASH_TYPES} ${TC_MODES} ${VC_MODES} ${LUKS_MODE} ${CL_MODES}"
HASH_TYPES=$(echo -n "${HASH_TYPES}" | tr ' ' '\n' | sort -u -n | tr '\n' ' ')
VECTOR_WIDTHS="1 2 4 8 16"
HASHFILE_ONLY=$(grep -l OPTS_TYPE_BINARY_HASHFILE "${TDIR}"/../src/modules/module_*.c | sed -E 's/.*module_0*([0-9]+).c/\1/' | tr '\n' ' ')
SLOW_ALGOS=$(grep -l ATTACK_EXEC_OUTSIDE_KERNEL "${TDIR}"/../src/modules/module_*.c | sed -E 's/.*module_0*([0-9]+).c/\1/' | tr '\n' ' ')
# fake slow algos, due to specific password pattern (e.g. ?d from "mask_3" is invalid):
# ("only" drawback is that just -a 0 is tested with this workaround)
SLOW_ALGOS="${SLOW_ALGOS} 28501 28502"
OUTD="test_$(date +%s)"
PACKAGE_CMD="7z a"
PACKAGE_FOLDER=""
EXTRACT_CMD="7z x"
mask_3[0]=""
mask_3[1]="?d"
mask_3[2]="?d?d"
mask_3[3]="?d?d?d"
mask_3[4]="?d?d?d?d"
mask_3[5]="?d?d?d?d?d"
mask_3[6]="?d?d?d?d?d?d"
mask_3[7]="?d?d?d?d?d?d?d"
mask_3[8]="?d?d?d?d?d?d?d?d"
mask_3[9]="?d?d?d?d?d?d?d?d?d"
mask_3[10]="?d?d?d?d?d?d?d?d?d?d"
mask_3[11]="?d?d?d?d?d?d?d?d?d?d?d"
mask_3[12]="?d?d?d?d?d?d?d?d?d?d?d?d"
mask_3[13]="?d?d?d?d?d?d?d?d?d?d?d?d?d"
mask_3[14]="?d?d?d?d?d?d?d?d?d?d?d?d?d?d"
mask_3[15]="?d?d?d?d?d?d?d?d?d?d?d?d?d?d?d"
mask_3[16]="?d?d?d?d?d?d?d?d?d?d?d?d?d?d?d0"
mask_3[17]="?d?d?d?d?d?d?d?d?d?d?d?d?d?d?d00"
mask_3[18]="?d?d?d?d?d?d?d?d?d?d?d?d?d?d?d000"
mask_3[19]="?d?d?d?d?d?d?d?d?d?d?d?d?d?d?d0000"
mask_3[20]="?d?d?d?d?d?d?d?d?d?d?d?d?d?d?d00000"
mask_3[21]="?d?d?d?d?d?d?d?d?d?d?d?d?d?d?d000000"
mask_3[22]="?d?d?d?d?d?d?d?d?d?d?d?d?d?d?d0000000"
mask_3[23]="?d?d?d?d?d?d?d?d?d?d?d?d?d?d?d00000000"
mask_3[24]="?d?d?d?d?d?d?d?d?d?d?d?d?d?d?d000000000"
mask_3[25]="?d?d?d?d?d?d?d?d?d?d?d?d?d?d?d0000000000"
mask_3[26]="?d?d?d?d?d?d?d?d?d?d?d?d?d?d?d00000000000"
mask_3[27]="?d?d?d?d?d?d?d?d?d?d?d?d?d?d?d000000000000"
mask_3[28]="?d?d?d?d?d?d?d?d?d?d?d?d?d?d?d0000000000000"
mask_3[29]="?d?d?d?d?d?d?d?d?d?d?d?d?d?d?d00000000000000"
mask_3[30]="?d?d?d?d?d?d?d?d?d?d?d?d?d?d?d000000000000000"
mask_3[31]="?d?d?d?d?d?d?d?d?d?d?d?d?d?d?d0000000000000000"
mask_6[0]=""
mask_6[1]=""
mask_6[2]="?d"
mask_6[3]="?d?d"
mask_6[4]="?d?d"
mask_6[5]="?d?d?d"
mask_6[6]="?d?d?d"
mask_6[7]="?d?d?d?d"
mask_6[8]="?d?d?d?d"
mask_6[9]="?d?d?d?d?d"
mask_6[10]="?d?d?d?d?d"
mask_6[11]="?d?d?d?d?d?d"
mask_6[12]="?d?d?d?d?d?d"
mask_6[13]="?d?d?d?d?d?d?d"
mask_6[14]="?d?d?d?d?d?d?d"
mask_6[15]="?d?d?d?d?d?d?d?d"
mask_6[16]="?d?d?d?d?d?d?d?d"
mask_6[17]="?d?d?d?d?d?d?d?d0"
mask_6[18]="?d?d?d?d?d?d?d?d0"
mask_6[19]="?d?d?d?d?d?d?d?d00"
mask_6[20]="?d?d?d?d?d?d?d?d00"
mask_6[21]="?d?d?d?d?d?d?d?d000"
mask_6[22]="?d?d?d?d?d?d?d?d000"
mask_6[23]="?d?d?d?d?d?d?d?d0000"
mask_6[24]="?d?d?d?d?d?d?d?d0000"
mask_6[25]="?d?d?d?d?d?d?d?d00000"
mask_6[26]="?d?d?d?d?d?d?d?d00000"
mask_6[27]="?d?d?d?d?d?d?d?d000000"
mask_6[28]="?d?d?d?d?d?d?d?d000000"
mask_6[29]="?d?d?d?d?d?d?d?d0000000"
mask_6[30]="?d?d?d?d?d?d?d?d0000000"
mask_6[31]="?d?d?d?d?d?d?d?d00000000"
mask_7[0]=""
mask_7[1]=""
mask_7[2]="?d"
mask_7[3]="?d"
mask_7[4]="?d?d"
mask_7[5]="?d?d"
mask_7[6]="?d?d?d"
mask_7[7]="?d?d?d"
mask_7[8]="?d?d?d?d"
mask_7[9]="?d?d?d?d"
mask_7[10]="?d?d?d?d?d"
mask_7[11]="?d?d?d?d?d"
mask_7[12]="?d?d?d?d?d?d"
mask_7[13]="?d?d?d?d?d?d"
mask_7[14]="?d?d?d?d?d?d?d"
mask_7[15]="?d?d?d?d?d?d?d"
mask_7[16]="?d?d?d?d?d?d?d?d"
mask_7[17]="?d?d?d?d?d?d?d?d"
mask_7[18]="?d?d?d?d?d?d?d?d0"
mask_7[19]="?d?d?d?d?d?d?d?d0"
mask_7[20]="?d?d?d?d?d?d?d?d00"
mask_7[21]="?d?d?d?d?d?d?d?d00"
mask_7[22]="?d?d?d?d?d?d?d?d000"
mask_7[23]="?d?d?d?d?d?d?d?d000"
mask_7[24]="?d?d?d?d?d?d?d?d0000"
mask_7[25]="?d?d?d?d?d?d?d?d0000"
mask_7[26]="?d?d?d?d?d?d?d?d00000"
mask_7[27]="?d?d?d?d?d?d?d?d00000"
mask_7[28]="?d?d?d?d?d?d?d?d000000"
mask_7[29]="?d?d?d?d?d?d?d?d000000"
mask_7[30]="?d?d?d?d?d?d?d?d0000000"
mask_7[31]="?d?d?d?d?d?d?d?d0000000"
# Array lookup
# $1: value
# $2: array
# Returns 0 (SUCCESS) if the value is found, 1 otherwise
function is_in_array()
{
for e in "${@:2}"; do
[ "$e" = "$1" ] && return 0
done
return 1
}
function init()
{
if [ "${PACKAGE}" -eq 1 ]; then
echo "[ ${OUTD} ] > Generate tests for hash type $hash_type."
else
echo "[ ${OUTD} ] > Init test for hash type $hash_type."
fi
rm -rf "${OUTD}/${hash_type}.sh" "${OUTD}/${hash_type}_passwords.txt" "${OUTD}/${hash_type}_hashes.txt"
# Exclude TrueCrypt, VeraCrypt and CryptoLoop testing modes
if is_in_array "${hash_type}" ${TC_MODES}; then
return 0
fi
if is_in_array "${hash_type}" ${VC_MODES}; then
return 0
fi
if is_in_array "${hash_type}" ${CL_MODES}; then
return 0
fi
if [ "${hash_type}" -eq ${LUKS_MODE} ]; then
which 7z &>/dev/null
if [ $? -eq 1 ]; then
echo "ATTENTION: 7z is missing. Skipping download and extract luks test files."
return 0
fi
luks_tests_folder="${TDIR}/luks_tests/"
if [ ! -d "${luks_tests_folder}" ]; then
mkdir -p "${luks_tests_folder}"
fi
luks_first_test_file="${luks_tests_folder}/hashcat_ripemd160_aes_cbc-essiv_128.luks"
if [ ! -f "${luks_first_test_file}" ]; then
luks_tests="hashcat_luks_testfiles.7z"
luks_tests_url="https://hashcat.net/misc/example_hashes/${luks_tests}"
cd "${TDIR}" || exit
# if the file already exists, but was not successfully extracted, we assume it's a broken
# downloaded file and therefore it should be deleted
if [ -f "${luks_tests}" ]; then
rm -f "${luks_tests}"
fi
echo ""
echo "ATTENTION: the luks test files (for -m ${hash_type}) are currently missing on your system."
echo "They will be fetched from ${luks_tests_url}"
echo "Note: this needs to be done only once and could take a little bit to download/extract."
echo "These luks test files are not shipped directly with hashcat because the file sizes are"
echo "particularily large and therefore a bandwidth burner for users who do not run these tests."
echo ""
# download:
wget -q "${luks_tests_url}"
if [ $? -ne 0 ] || [ ! -f "${luks_tests}" ]; then
cd - >/dev/null
echo "ERROR: Could not fetch the luks test files from this url: ${luks_tests_url}"
return 0
fi
# extract:
${EXTRACT_CMD} "${luks_tests}" &>/dev/null
# cleanup:
rm -f "${luks_tests}"
cd - >/dev/null || exit
# just to be very sure, check again that (one of) the files now exist:
if [ ! -f "${luks_first_test_file}" ]; then
echo "ERROR: downloading and extracting ${luks_tests} into ${luks_tests_folder} did not complete successfully"
return 0
fi
fi
return 0
fi
# create list of password and hashes of same type
cmd_file=${OUTD}/${hash_type}.sh
grep " ${hash_type} '" "${OUTD}/all.sh" > "${cmd_file}" 2>/dev/null
# create separate list of password and hashes
sed 's/^echo *|.*$//' "${cmd_file}" | awk '{print $2}' > "${OUTD}/${hash_type}_passwords.txt"
sed 's/^echo *|/echo "" |/' "${cmd_file}" | awk '{print $10}' | cut -d"'" -f2 > "${OUTD}/${hash_type}_hashes.txt"
if [ "${hash_type}" -eq 10300 ]; then
#cat ${OUTD}/${hash_type}.sh | cut -d' ' -f11- | cut -d"'" -f2 > ${OUTD}/${hash_type}_hashes.txt
cut -d"'" -f2 "${OUTD}/${hash_type}.sh" > "${OUTD}/${hash_type}_hashes.txt"
fi
# truncate dicts
rm -rf "${OUTD}/${hash_type}_dict1" "${OUTD}/${hash_type}_dict2"
touch "${OUTD}/${hash_type}_dict1" "${OUTD}/${hash_type}_dict2"
# minimum password length
min=1 # minimum line number from start of the file
min_offset=0 # minimum offset starting from ${min} lines
if [ "${hash_type}" -eq 2500 ]; then
min_offset=7 # means length 8, since we start with 0
elif [ "${hash_type}" -eq 14000 ]; then
min=0
min_offset=4
elif [ "${hash_type}" -eq 14100 ]; then
min=0
min_offset=3
elif [ "${hash_type}" -eq 14900 ]; then
min=0
min_offset=5
elif [ "${hash_type}" -eq 15400 ]; then
min=0
min_offset=3
elif [ "${hash_type}" -eq 16800 ]; then
min_offset=7 # means length 8, since we start with 0
elif [ "${hash_type}" -eq 22000 ]; then
min_offset=7 # means length 8, since we start with 0
fi
# foreach password entry split password in 2 (skip first entry, is len 1)
i=1
while read -r -u 9 pass; do
if [ ${i} -gt ${min} ]; then
# split password, 'i' is the len
p0=$((i / 2))
p1=$((p0 + 1))
# special case (passwords longer than expected)
pass_len=${#pass}
if [ "${pass_len}" -gt 1 ]; then
p1=$((p1 + min_offset))
p0=$((p0 + min_offset))
if [ "${p1}" -gt "${pass_len}" ]; then
p1=${pass_len}
p0=$((p1 - 1))
fi
# add splitted password to dicts
echo "${pass}" | cut -c -${p0} >> "${OUTD}/${hash_type}_dict1"
echo "${pass}" | cut -c ${p1}- >> "${OUTD}/${hash_type}_dict2"
elif [ "${pass_len}" -eq 1 ]; then
echo "${pass}" >> "${OUTD}/${hash_type}_dict1"
echo >> "${OUTD}/${hash_type}_dict2"
else
echo >> "${OUTD}/${hash_type}_dict1"
echo >> "${OUTD}/${hash_type}_dict2"
fi
fi
i=$((i + 1))
done 9< "${OUTD}/${hash_type}_passwords.txt"
min_len=0
if [ "${hash_type}" -eq 2500 ]; then
min_len=7 # means length 8, since we start with 0
elif [ "${hash_type}" -eq 14000 ]; then
min_len=7
elif [ "${hash_type}" -eq 14100 ]; then
min_len=23
elif [ "${hash_type}" -eq 14900 ]; then
min_len=9
elif [ "${hash_type}" -eq 15400 ]; then
min_len=31
elif [ "${hash_type}" -eq 16800 ]; then
min_len=7 # means length 8, since we start with 0
elif [ "${hash_type}" -eq 22000 ]; then
min_len=7 # means length 8, since we start with 0
fi
# generate multiple pass/hash foreach len (2 to 8)
if [ "${MODE}" -ge 1 ]; then
i=2
while [ "$i" -lt 9 ]; do
cmd_file=${OUTD}/${hash_type}_multi_${i}.txt
rm -rf "${cmd_file}" "${OUTD}/${hash_type}_passwords_multi_${i}.txt" "${OUTD}/${hash_type}_hashes_multi_${i}.txt"
rm -rf "${OUTD}/${hash_type}_dict1_multi_${i}" "${OUTD}/${hash_type}_dict2_multi_${i}"
touch "${OUTD}/${hash_type}_dict1_multi_${i}" "${OUTD}/${hash_type}_dict2_multi_${i}"
perl tools/test.pl single "${hash_type}" ${i} > "${cmd_file}"
sed 's/^echo *|.*$//' "${cmd_file}" | awk '{print $2}' > "${OUTD}/${hash_type}_passwords_multi_${i}.txt"
sed 's/^echo *|/echo "" |/' "${cmd_file}" | awk '{print $10}' | cut -d"'" -f2 > "${OUTD}/${hash_type}_hashes_multi_${i}.txt"
if [ "${hash_type}" -eq 10300 ]; then
#cat ${OUTD}/${hash_type}_multi_${i}.txt | cut -d' ' -f11- | cut -d"'" -f2 > ${OUTD}/${hash_type}_hashes_multi_${i}.txt
cut -d"'" -f2 "${OUTD}/${hash_type}_multi_${i}.txt" > "${OUTD}/${hash_type}_hashes_multi_${i}.txt"
fi
# split password, 'i' is the len
p0=$((i / 2))
p1=$((p0 + 1))
p0=$((p0 + min_len))
p1=$((p1 + min_len))
while read -r -u 9 pass; do
# add splitted password to dicts
echo "${pass}" | cut -c -${p0} >> "${OUTD}/${hash_type}_dict1_multi_${i}"
echo "${pass}" | cut -c ${p1}- >> "${OUTD}/${hash_type}_dict2_multi_${i}"
done 9< "${OUTD}/${hash_type}_passwords_multi_${i}.txt"
i=$((i + 1))
done
fi
}
function status()
{
RET=$1
cnt=$((cnt + 1))
if [ "${RET}" -ne 0 ]; then
case ${RET} in
246)
echo "autotune failure, cmdline : ${CMD}" >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
e_rs=$((e_rs + 1))
;;
248)
echo "skipped by runtime (mixed backend errors detected), cmdline : ${CMD}" >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
e_rs=$((e_rs + 1))
;;
249)
echo "skipped by runtime (Invalid module_extra_buffer_size), cmdline : ${CMD}" >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
e_rs=$((e_rs + 1))
;;
250)
echo "skipped by runtime (Too many compute units to keep minimum kernel accel limit), cmdline : ${CMD}" >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
e_rs=$((e_rs + 1))
;;
251)
echo "skipped by runtime (main kernel build error), cmdline : ${CMD}" >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
e_rs=$((e_rs + 1))
;;
252)
echo "skipped by runtime (memory hit limit), cmdline : ${CMD}" >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
e_rs=$((e_rs + 1))
;;
253)
echo "skipped by runtime (module_unstable_warning), cmdline : ${CMD}" >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
e_rs=$((e_rs + 1))
;;
1)
if ! is_in_array "${hash_type}" ${NEVER_CRACK_ALGOS}; then
echo "password not found, cmdline : ${CMD}" >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
e_nf=$((e_nf + 1))
fi
;;
4)
echo "timeout reached, cmdline : ${CMD}" >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
e_to=$((e_to + 1))
;;
10)
if is_in_array "${hash_type}" ${NEVER_CRACK_ALGOS}; then
return
fi
if [ "${pass_only}" -eq 1 ]; then
echo "plains not found in output, cmdline : ${CMD}" >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
else
echo "hash:plains not matched in output, cmdline : ${CMD}" >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.tx"t
fi
e_nm=$((e_nm + 1))
;;
20)
echo "grep out-of-memory (cannot check if plains match in output), cmdline : ${CMD}" >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
e_ce=$((e_ce + 1))
e_nm=$((e_nm + 1))
;;
30)
echo "luks test files are missing, cmdline : ${CMD}" >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
e_rs=$((e_rs + 1))
;;
*)
echo "! unhandled return code ${RET}, cmdline : ${CMD}" >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
echo "! unhandled return code, see ${OUTD}/logfull.txt or ${OUTD}/test_report.log for details."
e_nf=$((e_nf + 1))
;;
esac
fi
}
function attack_0()
{
file_only=0
if is_in_array "${hash_type}" ${FILE_BASED_ALGOS}; then
file_only=1
fi
# single hash
if [ "${MODE}" -ne 1 ]; then
e_ce=0
e_rs=0
e_to=0
e_nf=0
e_nm=0
cnt=0
echo "> Testing hash type $hash_type with attack mode 0, markov ${MARKOV}, single hash, Device-Type ${DEVICE_TYPE}, Kernel-Type ${KERNEL_TYPE}, Vector-Width ${VECTOR}." >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
max=32
if is_in_array "${hash_type}" ${TIMEOUT_ALGOS}; then
max=12
fi
i=0
while read -r -u 9 line; do
if [ "${i}" -ge ${max} ]; then
break
fi
hash="$(echo "${line}" | cut -d\' -f2)"
pass="$(echo "${line}" | cut -d' ' -f2)"
if [ -z "${hash}" ]; then
break
fi
if [ "${file_only}" -eq 1 ]; then
temp_file="${OUTD}/${hash_type}_filebased_only_temp.txt"
if [ "${hash_type}" -ne 22000 ]; then
echo "${hash}" | base64 -d > "${temp_file}"
else
echo "${hash}" > "${temp_file}"
fi
hash="${temp_file}"
fi
pass_old=${pass}
if [ "${hash_type}" -eq 20510 ]; then # special case for PKZIP Master Key
pass=$(echo "${pass}" | cut -b 7-) # skip the first 6 chars
fi
CMD="echo ${pass} | ./${BIN} ${OPTS} -a 0 -m ${hash_type} '${hash}'"
echo -n "[ len $((i + 1)) ] " >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
output=$(echo "${pass}" | ./${BIN} ${OPTS} -a 0 -m ${hash_type} "${hash}" 2>&1)
ret=${?}
pass=${pass_old}
echo "${output}" >> "${OUTD}/logfull.txt"
if [ "${ret}" -eq 0 ]; then
if [ "${pass_only}" -eq 1 ]; then
search=":${pass}"
else
search="${hash}:${pass}"
fi
echo "${output}" | grep -F "${search}" &>/dev/null
newRet=$?
if [ "${newRet}" -eq 2 ]; then
# out-of-memory, workaround
echo "${output}" | head -1 > tmp_file_out
echo "${search}" > tmp_file_search
out_md5=$(md5sum tmp_file_out | cut -d' ' -f1)
search_md5=$(md5sum tmp_file_search | cut -d' ' -f1)
rm tmp_file_out tmp_file_search
if [ "${out_md5}" == "${search_md5}" ]; then
newRet=0
fi
fi
if [ "${newRet}" -ne 0 ]; then
if [ "${newRet}" -eq 2 ]; then
ret=20
else
ret=10
fi
fi
fi
status ${ret}
i=$((i + 1))
done 9< "${OUTD}/${hash_type}.sh"
msg="OK"
if [ "${e_ce}" -ne 0 ]; then
msg="Compare Error"
elif [ "${e_rs}" -ne 0 ]; then
msg="Skip"
elif [ "${e_nf}" -ne 0 ] || [ "${e_nm}" -ne 0 ]; then
msg="Error"
elif [ "${e_to}" -ne 0 ]; then
msg="Warning"
fi
echo "[ ${OUTD} ] [ Type ${hash_type}, Attack 0, Mode single, Device-Type ${DEVICE_TYPE}, Kernel-Type ${KERNEL_TYPE}, Vector-Width ${VECTOR} ] > $msg : ${e_nf}/${cnt} not found, ${e_nm}/${cnt} not matched, ${e_to}/${cnt} timeout, ${e_rs}/${cnt} skipped"
fi
# multihash
if [ "${MODE}" -ne 0 ]; then
e_ce=0
e_rs=0
e_to=0
e_nf=0
e_nm=0
cnt=0
echo "> Testing hash type $hash_type with attack mode 0, markov ${MARKOV}, multi hash, Device-Type ${DEVICE_TYPE}, Kernel-Type ${KERNEL_TYPE}, Vector-Width ${VECTOR}." >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
hash_file=${OUTD}/${hash_type}_hashes.txt
# if file_only -> decode all base64 "hashes" and put them in the temporary file
if [ "${file_only}" -eq 1 ]; then
temp_file="${OUTD}/${hash_type}_filebased_only_temp.txt"
rm -f "${temp_file}"
hash_file=${temp_file}
while read -r file_only_hash; do
if [ "${hash_type}" -ne 22000 ]; then
echo -n "${file_only_hash}" | base64 -d >> "${temp_file}"
else
echo "${file_only_hash}" >> "${temp_file}"
fi
done < "${OUTD}/${hash_type}_hashes.txt"
fi
CMD="cat ${OUTD}/${hash_type}_passwords.txt | ./${BIN} ${OPTS} -a 0 -m ${hash_type} ${hash_file}"
output=$(./${BIN} ${OPTS} -a 0 -m ${hash_type} ${hash_file} < ${OUTD}/${hash_type}_passwords.txt 2>&1)
ret=${?}
echo "${output}" >> "${OUTD}/logfull.txt"
if [ "${ret}" -eq 0 ]; then
i=1
while read -r -u 9 hash; do
pass=$(sed -n ${i}p "${OUTD}/${hash_type}_passwords.txt")
if [ "${pass_only}" -eq 1 ]; then
search=":${pass}"
else
search="${hash}:${pass}"
fi
echo "${output}" | grep -F "${search}" &>/dev/null
newRet=$?
if [ "${newRet}" -ne 0 ]; then
if [ "${newRet}" -eq 2 ]; then
ret=20
else
ret=10
fi
break
fi
i=$((i + 1))
done 9< "${OUTD}/${hash_type}_hashes.txt"
fi
status ${ret}
msg="OK"
if [ "${e_ce}" -ne 0 ]; then
msg="Compare Error"
elif [ "${e_rs}" -ne 0 ]; then
msg="Skip"
elif [ "${e_nf}" -ne 0 ] || [ "${e_nm}" -ne 0 ]; then
msg="Error"
elif [ "${e_to}" -ne 0 ]; then
msg="Warning"
fi
echo "[ ${OUTD} ] [ Type ${hash_type}, Attack 0, Mode multi, Device-Type ${DEVICE_TYPE}, Kernel-Type ${KERNEL_TYPE}, Vector-Width ${VECTOR} ] > $msg : ${e_nf}/${cnt} not found, ${e_nm}/${cnt} not matched, ${e_to}/${cnt} timeout, ${e_rs}/${cnt} skipped"
fi
}
function attack_1()
{
file_only=0
if is_in_array "${hash_type}" ${FILE_BASED_ALGOS}; then
file_only=1
fi
# single hash
if [ "${MODE}" -ne 1 ]; then
e_ce=0
e_rs=0
e_to=0
e_nf=0
e_nm=0
cnt=0
min=1
max=8
if [ "${hash_type}" -eq 14000 ]; then
min=0
max=5
elif [ "${hash_type}" -eq 14100 ]; then
min=0
max=5
elif [ "${hash_type}" -eq 14900 ]; then
min=0
max=5
elif [ "${hash_type}" -eq 15400 ]; then
min=0
max=5
elif [ "${hash_type}" -eq 20510 ]; then
min=2
fi
echo "> Testing hash type $hash_type with attack mode 1, markov ${MARKOV}, single hash, Device-Type ${DEVICE_TYPE}, Kernel-Type ${KERNEL_TYPE}, Vector-Width ${VECTOR}." >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
i=1
while read -r -u 9 hash; do
if [ $i -gt ${min} ]; then
if [ "${file_only}" -eq 1 ]; then
temp_file="${OUTD}/${hash_type}_filebased_only_temp.txt"
if [ "${hash_type}" -ne 22000 ]; then
echo "${hash}" | base64 -d > "${temp_file}"
else
echo "${hash}" > "${temp_file}"
fi
hash="${temp_file}"
fi
line_nr=1
if [ "$min" -eq 0 ]; then
line_nr=$i
elif [ "${i}" -gt 1 ]; then
line_nr=$((i - 1))
fi
dict1="${OUTD}/${hash_type}_dict1"
dict2="${OUTD}/${hash_type}_dict2"
if [ "${hash_type}" -eq 20510 ]; then # special case for PKZIP Master Key
line_dict1=$(sed -n ${line_nr}p "${dict1}")
line_dict2=$(sed -n ${line_nr}p "${dict2}")
line_num=$(wc -l "${dict1}" | sed -E 's/ *([0-9]+) .*$/\1/')
line_dict1_orig=${line_dict1}
line_dict2_orig=${line_dict2}
if [ "${#line_dict1}" -ge 6 ]; then
line_dict1=$(echo "${line_dict1}" | cut -b 7-) # skip the first 6 chars
else
# we need to also "steal" some chars from the second dict
num_to_steal=$((6 - ${#line_dict1}))
num_steal_start=$((num_to_steal + 1))
if [ "${#line_dict2}" -ge 6 ]; then
num_to_steal_new=$(((${#line_dict2} - num_to_steal) / 2))
if [ "${num_to_steal_new}" -gt ${num_to_steal} ]; then
num_to_steal=${num_to_steal_new}
fi
fi
line_chars_stolen=$(echo "${line_dict2}" | cut -b -${num_to_steal} | cut -b ${num_steal_start}-)
line_dict1="${line_chars_stolen}"
line_dict2=$(echo "${line_dict2}" | cut -b $((num_to_steal + 1))-)
fi
# finally, modify the dicts accordingly:
tmp_file="${dict1}_mod"
head -n $((line_nr - 1)) "${dict1}" > "${tmp_file}"
echo "${line_dict1}" >> "${tmp_file}"
tail -n $((line_num - line_nr - 1)) "${dict1}" >> "${tmp_file}"
dict1=${tmp_file}
tmp_file="${dict2}_mod"
head -n $((line_nr - 1)) "${dict2}" > "${tmp_file}"
echo "${line_dict2}" >> "${tmp_file}"
tail -n $((line_num - line_nr - 1)) "${dict2}" >> "${tmp_file}"
dict2=${tmp_file}
fi
CMD="./${BIN} ${OPTS} -a 1 -m ${hash_type} '${hash}' ${dict1} ${dict2}"
echo -n "[ len $i ] " >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
output=$(./${BIN} ${OPTS} -a 1 -m ${hash_type} "${hash}" ${dict1} ${dict2} 2>&1)
ret=${?}
echo "${output}" >> "${OUTD}/logfull.txt"
if [ "${ret}" -eq 0 ]; then
line_dict1=$(sed -n ${line_nr}p "${OUTD}/${hash_type}_dict1")
line_dict2=$(sed -n ${line_nr}p "${OUTD}/${hash_type}_dict2")
if [ "${pass_only}" -eq 1 ]; then
search=":${line_dict1}${line_dict2}"
else
search="${hash}:${line_dict1}${line_dict2}"
fi
echo "${output}" | grep -F "${search}" &>/dev/null
newRet=$?
if [ "${newRet}" -eq 2 ]; then
# out-of-memory, workaround
echo "${output}" | head -1 > tmp_file_out
echo "${search}" > tmp_file_search
out_md5=$(md5sum tmp_file_out | cut -d' ' -f1)
search_md5=$(md5sum tmp_file_search | cut -d' ' -f1)
rm tmp_file_out tmp_file_search
if [ "${out_md5}" == "${search_md5}" ]; then
newRet=0
fi
fi
if [ "${newRet}" -ne 0 ]; then
if [ "${newRet}" -eq 2 ]; then
ret=20
else
ret=10
fi
fi
fi
status ${ret}
fi
if [ $i -eq ${max} ]; then break; fi
i=$((i + 1))
done 9< "${OUTD}/${hash_type}_hashes.txt"
msg="OK"
if [ "${e_ce}" -ne 0 ]; then
msg="Compare Error"
elif [ "${e_rs}" -ne 0 ]; then
msg="Skip"
elif [ "${e_nf}" -ne 0 ] || [ "${e_nm}" -ne 0 ]; then
msg="Error"
elif [ "${e_to}" -ne 0 ]; then
msg="Warning"
fi
echo "[ ${OUTD} ] [ Type ${hash_type}, Attack 1, Mode single, Device-Type ${DEVICE_TYPE}, Kernel-Type ${KERNEL_TYPE}, Vector-Width ${VECTOR} ] > $msg : ${e_nf}/${cnt} not found, ${e_nm}/${cnt} not matched, ${e_to}/${cnt} timeout, ${e_rs}/${cnt} skipped"
fi
# multihash
if [ "${MODE}" -ne 0 ]; then
# no multi hash checks for these modes (because we only have 1 hash for each of them)
if [ "${hash_type}" -eq 14000 ]; then
return
elif [ "${hash_type}" -eq 14100 ]; then
return
elif [ "${hash_type}" -eq 14900 ]; then
return
elif [ "${hash_type}" -eq 15400 ]; then
return
fi
e_ce=0
e_rs=0
e_to=0
e_nf=0
e_nm=0
cnt=0
offset=7
if [ "${hash_type}" -eq 5800 ]; then
offset=6
elif [ "${hash_type}" -eq 3000 ]; then
offset=6
fi
hash_file=${OUTD}/${hash_type}_multihash_combi.txt
tail -n ${offset} "${OUTD}/${hash_type}_hashes.txt" > "${hash_file}"
# if file_only -> decode all base64 "hashes" and put them in the temporary file
if [ "${file_only}" -eq 1 ]; then
temp_file="${OUTD}/${hash_type}_filebased_only_temp.txt"
rm -f "${temp_file}"
hash_file=${temp_file}
while read -r file_only_hash; do
if [ "${hash_type}" -ne 22000 ]; then
echo -n "${file_only_hash}" | base64 -d >> "${temp_file}"
else
echo "${file_only_hash}" >> "${temp_file}"
fi
done < "${OUTD}/${hash_type}_multihash_combi.txt"
fi
CMD="./${BIN} ${OPTS} -a 1 -m ${hash_type} ${hash_file} ${OUTD}/${hash_type}_dict1 ${OUTD}/${hash_type}_dict2"
echo "> Testing hash type $hash_type with attack mode 1, markov ${MARKOV}, multi hash, Device-Type ${DEVICE_TYPE}, Kernel-Type ${KERNEL_TYPE}, Vector-Width ${VECTOR}." >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
output=$(./${BIN} ${OPTS} -a 1 -m ${hash_type} ${hash_file} ${OUTD}/${hash_type}_dict1 ${OUTD}/${hash_type}_dict2 2>&1)
ret=${?}
echo "${output}" >> "${OUTD}/logfull.txt"
if [ "${ret}" -eq 0 ]; then
i=0
while read -r -u 9 hash; do
line_nr=1
if [ "${offset}" -gt ${i} ]; then
line_nr=$((offset - i))
fi
line_dict1=$(tail -n ${line_nr} "${OUTD}/${hash_type}_dict1" | head -1)
line_dict2=$(tail -n ${line_nr} "${OUTD}/${hash_type}_dict2" | head -1)
if [ "${pass_only}" -eq 1 ]; then
search=":${line_dict1}${line_dict2}"
else
search="${hash}:${line_dict1}${line_dict2}"
fi
echo "${output}" | grep -F "${search}" &>/dev/null
newRet=$?
if [ "${newRet}" -ne 0 ]; then
if [ "${newRet}" -eq 2 ]; then
ret=20
else
ret=10
fi
break
fi
i=$((i + 1))
done 9< "${OUTD}/${hash_type}_multihash_combi.txt"
fi
status ${ret}
msg="OK"
if [ "${e_ce}" -ne 0 ]; then
msg="Compare Error"
elif [ "${e_rs}" -ne 0 ]; then
msg="Skip"
elif [ "${e_nf}" -ne 0 ] || [ "${e_nm}" -ne 0 ]; then
msg="Error"
elif [ "${e_to}" -ne 0 ]; then
msg="Warning"
fi
echo "[ ${OUTD} ] [ Type ${hash_type}, Attack 1, Mode multi, Device-Type ${DEVICE_TYPE}, Kernel-Type ${KERNEL_TYPE}, Vector-Width ${VECTOR} ] > $msg : ${e_nf}/${cnt} not found, ${e_nm}/${cnt} not matched, ${e_to}/${cnt} timeout, ${e_rs}/${cnt} skipped"
fi
}
function attack_3()
{
file_only=0
if is_in_array "${hash_type}" ${FILE_BASED_ALGOS}; then
file_only=1
fi
# single hash
if [ "${MODE}" -ne 1 ]; then
e_ce=0
e_rs=0
e_to=0
e_nf=0
e_nm=0
cnt=0
echo "> Testing hash type $hash_type with attack mode 3, markov ${MARKOV}, single hash, Device-Type ${DEVICE_TYPE}, Kernel-Type ${KERNEL_TYPE}, Vector-Width ${VECTOR}." >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
max=8
# some algos have a minimum password length
if [ "${hash_type}" -eq 2500 ]; then
max=7
elif [ "${hash_type}" -eq 14000 ]; then
max=1
elif [ "${hash_type}" -eq 14100 ]; then
max=1
elif [ "${hash_type}" -eq 14900 ]; then
max=1
elif [ "${hash_type}" -eq 15400 ]; then
max=1
elif [ "${hash_type}" -eq 16800 ]; then
max=7
elif [ "${hash_type}" -eq 22000 ]; then
max=7
fi
i=1
while read -r -u 9 hash; do
if [ "${i}" -gt 6 ]; then
if is_in_array "${hash_type}" ${TIMEOUT_ALGOS}; then
break
fi
fi
if [ "${file_only}" -eq 1 ]; then
temp_file="${OUTD}/${hash_type}_filebased_only_temp.txt"
if [ "${hash_type}" -ne 22000 ]; then
echo "${hash}" | base64 -d > "${temp_file}"
else
echo "${hash}" > "${temp_file}"
fi
hash="${temp_file}"
fi
# construct a meaningful mask from the password itself:
dict="${OUTD}/${hash_type}_passwords.txt"
pass=$(sed -n ${i}p "${dict}")
# passwords can't be smaller than mask in -a 3 = mask attack
if [ "${#pass}" -lt ${i} ]; then
i=$((i + 1))
continue
fi
pass_part_2=$(echo -n "${pass}" | cut -b $((i + 1))-)
mask=""
if [ "${hash_type}" -eq 14000 ]; then
mask="${pass}"
elif [ "${hash_type}" -eq 14100 ]; then
mask="${pass}"
else
for i in $(seq 1 ${i}); do
mask="${mask}?d"
done
mask="${mask}${pass_part_2}"
fi
if [ "${hash_type}" -eq 20510 ]; then # special case for PKZIP Master Key
if [ "${i}" -le 1 ]; then
i=$((i + 1))
continue
fi
cut_pos=$((i * 2 + 6 - i + 1)) # skip it in groups of 2 ("?d"), at least 6, offset +1 for cut to work
if [ "${i}" -gt 6 ]; then
cut_pos=13 # 6 * ?d + 1 (6 * 2 + 1)
fi
mask=$(echo "${mask}" | cut -b ${cut_pos}-)
fi
CMD="./${BIN} ${OPTS} -a 3 -m ${hash_type} '${hash}' ${mask}"
echo -n "[ len $i ] " >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
output=$(./${BIN} ${OPTS} -a 3 -m ${hash_type} "${hash}" ${mask} 2>&1)
ret=${?}
echo "${output}" >> "${OUTD}/logfull.txt"
if [ "${ret}" -eq 0 ]; then
line_dict=$(sed -n ${i}p "${dict}")
if [ "${pass_only}" -eq 1 ]; then
search=":${line_dict}"
else
search="${hash}:${line_dict}"
fi
echo "${output}" | grep -F "${search}" &>/dev/null
newRet=$?
if [ "${newRet}" -eq 2 ]; then
# out-of-memory, workaround
echo "${output}" | head -1 > tmp_file_out
echo "${search}" > tmp_file_search
out_md5=$(md5sum tmp_file_out | cut -d' ' -f1)
search_md5=$(md5sum tmp_file_search | cut -d' ' -f1)
rm tmp_file_out tmp_file_search
if [ "${out_md5}" == "${search_md5}" ]; then
newRet=0
fi
fi
if [ "${newRet}" -ne 0 ]; then
if [ "${newRet}" -eq 2 ]; then
ret=20
else
ret=10
fi
fi
fi
status ${ret}
if [ $i -eq ${max} ]; then break; fi
i=$((i + 1))
done 9< "${OUTD}/${hash_type}_hashes.txt"
msg="OK"
if [ "${e_ce}" -ne 0 ]; then
msg="Compare Error"
elif [ "${e_rs}" -ne 0 ]; then
msg="Skip"
elif [ "${e_nf}" -ne 0 ] || [ "${e_nm}" -ne 0 ]; then
msg="Error"
elif [ "${e_to}" -ne 0 ]; then
msg="Warning"
fi
echo "[ ${OUTD} ] [ Type ${hash_type}, Attack 3, Mode single, Device-Type ${DEVICE_TYPE}, Kernel-Type ${KERNEL_TYPE}, Vector-Width ${VECTOR} ] > $msg : ${e_nf}/${cnt} not found, ${e_nm}/${cnt} not matched, ${e_to}/${cnt} timeout, ${e_rs}/${cnt} skipped"
fi
# multihash
if [ "${MODE}" -ne 0 ]; then
# no multi hash checks for these modes (because we only have 1 hash for each of them)
if [ "${hash_type}" -eq 14000 ]; then
return
elif [ "${hash_type}" -eq 14100 ]; then
return
elif [ "${hash_type}" -eq 14900 ]; then
return
elif [ "${hash_type}" -eq 15400 ]; then
return
fi
e_ce=0
e_rs=0
e_to=0
e_nf=0
e_nm=0
cnt=0
increment_max=8
if is_in_array "${hash_type}" ${TIMEOUT_ALGOS}; then
increment_max=5
fi
increment_min=1
if [ "${hash_type}" -eq 2500 ]; then
increment_min=8
increment_max=9
fi
if [ "${hash_type}" -eq 16800 ]; then
increment_min=8
increment_max=9
fi
if [ "${hash_type}" -eq 22000 ]; then
increment_min=8
increment_max=9
fi
# if file_only -> decode all base64 "hashes" and put them in the temporary file
if [ "${file_only}" -eq 1 ]; then
temp_file="${OUTD}/${hash_type}_filebased_only_temp.txt"
rm -f "${temp_file}"
hash_file=${temp_file}
while read -r file_only_hash; do
if [ "${hash_type}" -ne 22000 ]; then
echo -n "${file_only_hash}" | base64 -d >> "${temp_file}"
else
echo "${file_only_hash}" >> "${temp_file}"
fi
done < "${OUTD}/${hash_type}_multihash_bruteforce.txt"
fi
hash_file=${OUTD}/${hash_type}_multihash_bruteforce.txt
tail_hashes=$(awk "length >= ${increment_min} && length <= ${increment_max}" "${OUTD}/${hash_type}_passwords.txt" | wc -l)
head_hashes=$(awk "length <= ${increment_max}" "${OUTD}/${hash_type}_passwords.txt" | wc -l)
# in very rare cases (e.g. without -O and long passwords) we need to use .hcmask files with the passwords in it
# otherwise there are no good masks we can test for such long passwords
need_hcmask=0
if [ "${tail_hashes}" -gt "${head_hashes}" ]; then
need_hcmask=1
fi
if [ "${tail_hashes}" -lt 1 ]; then
need_hcmask=1
fi
if [ ${need_hcmask} -eq 0 ]; then
head -n "${head_hashes}" "${OUTD}/${hash_type}_hashes.txt" | tail -n "${tail_hashes}" > "${hash_file}"
else
tail_hashes=$(awk "length >= ${increment_min}" "${OUTD}/${hash_type}_passwords.txt" | wc -l)
if [ "${tail_hashes}" -lt 1 ]; then
return
fi
tail -n "${tail_hashes}" "${OUTD}/${hash_type}_hashes.txt" > "${hash_file}"
fi
mask_pos=8
if [ "${increment_min}" -gt ${mask_pos} ]; then
mask_pos=${increment_min}
fi
mask=""
cracks_offset=0
if [ ${need_hcmask} -eq 0 ]; then
cracks_offset=$((head_hashes - tail_hashes))
mask=${mask_3[${mask_pos}]}
else
num_hashes=$(wc -l < "${OUTD}/${hash_type}_hashes.txt")
cracks_offset=$((num_hashes - tail_hashes))
mask=${OUTD}/${hash_type}_passwords.txt # fake hcmask file (i.e. the original dict)
fi
custom_charsets=""
# modify "default" mask if needed (and set custom charset to reduce keyspace)
if [ "${hash_type}" -eq 2500 ]; then
mask="?d?d?d?d?d?1?2?3?4"
charset_1=""
charset_2=""
charset_3=""
charset_4=""
# check positions (here we assume that mask is always composed of non literal chars
# i.e. something like ?d?l?u?s?1 is possible, but ?d?dsuffix not
charset_1_pos=$(expr index "${mask}" 1)
charset_2_pos=$(expr index "${mask}" 2)
charset_3_pos=$(expr index "${mask}" 3)
charset_4_pos=$(expr index "${mask}" 4)
# divide each charset position by 2 since each of them occupies 2 positions in the mask
charset_1_pos=$((charset_1_pos / 2))
charset_2_pos=$((charset_2_pos / 2))
charset_3_pos=$((charset_3_pos / 2))
charset_4_pos=$((charset_4_pos / 2))
i=1
while read -r -u 9 hash; do
pass=$(sed -n ${i}p "${OUTD}/${hash_type}_passwords.txt")
# charset 1
char=$(echo "${pass}" | cut -b ${charset_1_pos})
charset_1=$(printf "%s\n%s\n" "${charset_1}" "${char}")
# charset 2
char=$(echo "${pass}" | cut -b ${charset_2_pos})
charset_2=$(printf "%s\n%s\n" "${charset_2}" "${char}")
# charset 3
char=$(echo "${pass}" | cut -b ${charset_3_pos})
charset_3=$(printf "%s\n%s\n" "${charset_3}" "${char}")
# charset 4
char=$(echo "${pass}" | cut -b ${charset_4_pos})
charset_4=$(printf "%s\n%s\n" "${charset_4}" "${char}")
i=$((i + 1))
done 9< "${OUTD}/${hash_type}_multihash_bruteforce.txt"
# just make sure that all custom charset fields are initialized
if [ -z "${charset_1}" ]; then
charset_1="1"
fi
if [ -z "${charset_2}" ]; then
charset_2="2"
fi
if [ -z "${charset_3}" ]; then
charset_3="3"
fi
if [ -z "${charset_4}" ]; then
charset_4="4"
fi
# unique and remove new lines
charset_1=$(echo "${charset_1}" | sort -u | tr -d '\n')
charset_2=$(echo "${charset_2}" | sort -u | tr -d '\n')
charset_3=$(echo "${charset_3}" | sort -u | tr -d '\n')
charset_4=$(echo "${charset_4}" | sort -u | tr -d '\n')
custom_charsets="-1 ${charset_1} -2 ${charset_2} -3 ${charset_3} -4 ${charset_4}"
fi
if [ "${hash_type}" -eq 16800 ]; then
mask="?d?d?d?d?d?1?2?3?4"
charset_1=""
charset_2=""
charset_3=""
charset_4=""
# check positions (here we assume that mask is always composed of non literal chars
# i.e. something like ?d?l?u?s?1 is possible, but ?d?dsuffix not
charset_1_pos=$(expr index "${mask}" 1)
charset_2_pos=$(expr index "${mask}" 2)
charset_3_pos=$(expr index "${mask}" 3)
charset_4_pos=$(expr index "${mask}" 4)
# divide each charset position by 2 since each of them occupies 2 positions in the mask
charset_1_pos=$((charset_1_pos / 2))
charset_2_pos=$((charset_2_pos / 2))
charset_3_pos=$((charset_3_pos / 2))
charset_4_pos=$((charset_4_pos / 2))
i=1
while read -r -u 9 hash; do
pass=$(sed -n ${i}p "${OUTD}/${hash_type}_passwords.txt")
# charset 1
char=$(echo "${pass}" | cut -b ${charset_1_pos})
charset_1=$(printf "%s\n%s\n" "${charset_1}" "${char}")
# charset 2
char=$(echo "${pass}" | cut -b ${charset_2_pos})
charset_2=$(printf "%s\n%s\n" "${charset_2}" "${char}")
# charset 3
char=$(echo "${pass}" | cut -b ${charset_3_pos})
charset_3=$(printf "%s\n%s\n" "${charset_3}" "${char}")
# charset 4
char=$(echo "${pass}" | cut -b ${charset_4_pos})
charset_4=$(printf "%s\n%s\n" "${charset_4}" "${char}")
i=$((i + 1))
done 9< "${OUTD}/${hash_type}_multihash_bruteforce.txt"
# just make sure that all custom charset fields are initialized
if [ -z "${charset_1}" ]; then
charset_1="1"
fi
if [ -z "${charset_2}" ]; then
charset_2="2"
fi
if [ -z "${charset_3}" ]; then
charset_3="3"
fi
if [ -z "${charset_4}" ]; then
charset_4="4"
fi
# unique and remove new lines
charset_1=$(echo "${charset_1}" | sort -u | tr -d '\n')
charset_2=$(echo "${charset_2}" | sort -u | tr -d '\n')
charset_3=$(echo "${charset_3}" | sort -u | tr -d '\n')
charset_4=$(echo "${charset_4}" | sort -u | tr -d '\n')
custom_charsets="-1 ${charset_1} -2 ${charset_2} -3 ${charset_3} -4 ${charset_4}"
fi
if [ "${hash_type}" -eq 22000 ]; then
mask="?d?d?d?d?d?1?2?3?4"
charset_1=""
charset_2=""
charset_3=""
charset_4=""
# check positions (here we assume that mask is always composed of non literal chars
# i.e. something like ?d?l?u?s?1 is possible, but ?d?dsuffix not
charset_1_pos=$(expr index "${mask}" 1)
charset_2_pos=$(expr index "${mask}" 2)
charset_3_pos=$(expr index "${mask}" 3)
charset_4_pos=$(expr index "${mask}" 4)
# divide each charset position by 2 since each of them occupies 2 positions in the mask
charset_1_pos=$((charset_1_pos / 2))
charset_2_pos=$((charset_2_pos / 2))
charset_3_pos=$((charset_3_pos / 2))
charset_4_pos=$((charset_4_pos / 2))
i=1
while read -r -u 9 hash; do
pass=$(sed -n ${i}p "${OUTD}/${hash_type}_passwords.txt")
# charset 1
char=$(echo "${pass}" | cut -b ${charset_1_pos})
charset_1=$(printf "%s\n%s\n" "${charset_1}" "${char}")
# charset 2
char=$(echo "${pass}" | cut -b ${charset_2_pos})
charset_2=$(printf "%s\n%s\n" "${charset_2}" "${char}")
# charset 3
char=$(echo "${pass}" | cut -b ${charset_3_pos})
charset_3=$(printf "%s\n%s\n" "${charset_3}" "${char}")
# charset 4
char=$(echo "${pass}" | cut -b ${charset_4_pos})
charset_4=$(printf "%s\n%s\n" "${charset_4}" "${char}")
i=$((i + 1))
done 9< "${OUTD}/${hash_type}_multihash_bruteforce.txt"
# just make sure that all custom charset fields are initialized
if [ -z "${charset_1}" ]; then
charset_1="1"
fi
if [ -z "${charset_2}" ]; then
charset_2="2"
fi
if [ -z "${charset_3}" ]; then
charset_3="3"
fi
if [ -z "${charset_4}" ]; then
charset_4="4"
fi
# unique and remove new lines
charset_1=$(echo "${charset_1}" | sort -u | tr -d '\n')
charset_2=$(echo "${charset_2}" | sort -u | tr -d '\n')
charset_3=$(echo "${charset_3}" | sort -u | tr -d '\n')
charset_4=$(echo "${charset_4}" | sort -u | tr -d '\n')
custom_charsets="-1 ${charset_1} -2 ${charset_2} -3 ${charset_3} -4 ${charset_4}"
fi
increment_charset_opts=""
if [ ${need_hcmask} -eq 0 ]; then # the "normal" case without .hcmask file
increment_charset_opts="--increment --increment-min ${increment_min} --increment-max ${increment_max}"
if [ -n "${custom_charsets}" ]; then
increment_charset_opts="${increment_charset_opts} ${custom_charsets}"
fi
fi
CMD="./${BIN} ${OPTS} -a 3 -m ${hash_type} ${increment_charset_opts} ${hash_file} ${mask} "
echo "> Testing hash type $hash_type with attack mode 3, markov ${MARKOV}, multi hash, Device-Type ${DEVICE_TYPE}, Kernel-Type ${KERNEL_TYPE}, Vector-Width ${VECTOR}." >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
output=$(./${BIN} ${OPTS} -a 3 -m ${hash_type} ${increment_charset_opts} ${hash_file} ${mask} 2>&1)
ret=${?}
echo "${output}" >> "${OUTD}/logfull.txt"
if [ "${ret}" -eq 0 ]; then
i=1
while read -r -u 9 hash; do
line_nr=$((i + cracks_offset))
pass=$(sed -n ${line_nr}p "${OUTD}/${hash_type}_passwords.txt")
if [ "${pass_only}" -eq 1 ]; then
search=":${pass}"
else
search="${hash}:${pass}"
fi
echo "${output}" | grep -F "${search}" &>/dev/null
newRet=$?
if [ "${newRet}" -ne 0 ]; then
if [ "${newRet}" -eq 2 ]; then
ret=20
else
ret=10
fi
break
fi
i=$((i + 1))
done 9< "${OUTD}/${hash_type}_multihash_bruteforce.txt"
fi
status ${ret}
msg="OK"
if [ "${e_ce}" -ne 0 ]; then
msg="Compare Error"
elif [ "${e_rs}" -ne 0 ]; then
msg="Skip"
elif [ "${e_nf}" -ne 0 ] || [ "${e_nm}" -ne 0 ]; then
msg="Error"
elif [ "${e_to}" -ne 0 ]; then
msg="Warning"
fi
echo "[ ${OUTD} ] [ Type ${hash_type}, Attack 3, Mode multi, Device-Type ${DEVICE_TYPE}, Kernel-Type ${KERNEL_TYPE}, Vector-Width ${VECTOR} ] > $msg : ${e_nf}/${cnt} not found, ${e_nm}/${cnt} not matched, ${e_to}/${cnt} timeout, ${e_rs}/${cnt} skipped"
fi
}
function attack_6()
{
file_only=0
if is_in_array "${hash_type}" ${FILE_BASED_ALGOS}; then
file_only=1
fi
# single hash
if [ "${MODE}" -ne 1 ]; then
e_ce=0
e_rs=0
e_to=0
e_nf=0
e_nm=0
cnt=0
echo "> Testing hash type $hash_type with attack mode 6, markov ${MARKOV}, single hash, Device-Type ${DEVICE_TYPE}, Kernel-Type ${KERNEL_TYPE}, Vector-Width ${VECTOR}." >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
min=1
max=8
mask_offset=0
if [ "${hash_type}" -eq 2500 ]; then
max=6
elif [ "${hash_type}" -eq 14000 ]; then
min=0
max=1
mask_offset=4
elif [ "${hash_type}" -eq 14100 ]; then
min=0
max=1
mask_offset=21
elif [ "${hash_type}" -eq 14900 ]; then
min=0
max=1
mask_offset=5
elif [ "${hash_type}" -eq 15400 ]; then
min=0
max=1
mask_offset=29
elif [ "${hash_type}" -eq 16800 ]; then
max=6
elif [ "${hash_type}" -eq 22000 ]; then
max=6
fi
# special case: we need to split the first line
if [ "${min}" -eq 0 ]; then
pass_part_1=$(sed -n 1p "${OUTD}/${hash_type}_dict1")
pass_part_2=$(sed -n 1p "${OUTD}/${hash_type}_dict2")
pass="${pass_part_1}${pass_part_2}"
echo -n "${pass}" | cut -b -$((mask_offset + 0)) > "${OUTD}/${hash_type}_dict1_custom"
echo -n "${pass}" | cut -b $((mask_offset + 1))- > "${OUTD}/${hash_type}_dict2_custom"
mask_custom=""
for i in $(seq 1 $((${#pass} - mask_offset))); do
if [ "${hash_type}" -eq 14000 ]; then
char=$(echo -n "${pass}" | cut -b $((i + mask_offset)))
mask_custom="${mask_custom}${char}"
elif [ "${hash_type}" -eq 14100 ]; then
char=$(echo -n "${pass}" | cut -b $((i + mask_offset)))
mask_custom="${mask_custom}${char}"
else
mask_custom="${mask_custom}?d"
fi
done
fi
i=1
while read -r -u 9 hash; do
if [ "${i}" -gt 6 ]; then
if is_in_array "${hash_type}" ${TIMEOUT_ALGOS}; then
break
fi
fi
if [ ${i} -gt ${min} ]; then
if [ "${file_only}" -eq 1 ]; then
temp_file="${OUTD}/${hash_type}_filebased_only_temp.txt"
if [ "${hash_type}" -ne 22000 ]; then
echo "${hash}" | base64 -d > "${temp_file}"
else
echo "${hash}" > "${temp_file}"
fi
hash="${temp_file}"
fi
dict1=${OUTD}/${hash_type}_dict1
dict2=${OUTD}/${hash_type}_dict2
dict1_a6=${OUTD}/${hash_type}_dict1_a6
cp "${dict1}" "${dict1_a6}"
pass=$(sed -n ${i}p "${OUTD}/${hash_type}_passwords.txt")
if [ "${hash_type}" -eq 20510 ]; then # special case for PKZIP Master Key
pass=$(echo "${pass}" | cut -b 7-) # skip the first 6 chars
fi
if [ ${#pass} -le ${i} ]; then
i=$((i + 1))
continue
fi
echo "${pass}" | cut -b -$((${#pass} - i)) >> "${dict1_a6}"
# the block below is just a fancy way to do a "shuf" (or sort -R) because macOS doesn't really support it natively
# we do not really need a shuf, but it's actually better for testing purposes
rm -f "${dict1_a6}.txt" # temporary file
line_num=$(wc -l "${dict1_a6}" | sed -E 's/ *([0-9]+) .*$/\1/')
sorted_lines=$(seq 1 "${line_num}")
for lines in $(seq 1 "${line_num}"); do
random_num=$((RANDOM % line_num))
random_num=$((random_num + 1)) # sed -n [n]p starts counting with 1 (not 0)
random_line=$(echo -n "${sorted_lines}" | sed -n ${random_num}p)
sed -n ${random_line}p "${dict1_a6}" >> "${dict1_a6}.txt"
# update the temp list of lines
sorted_lines=$(echo -n "${sorted_lines}" | grep -v "^${random_line}$")
line_num=$((line_num - 1))
done
mv "${dict1_a6}.txt" "${dict1_a6}"
# end of shuf/sort -R
mask=""
for j in $(seq 1 ${i}); do
mask="${mask}?d"
done
CMD="./${BIN} ${OPTS} -a 6 -m ${hash_type} '${hash}' ${dict1_a6} ${mask}"
echo -n "[ len $i ] " >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
output=$(./${BIN} ${OPTS} -a 6 -m ${hash_type} "${hash}" ${dict1_a6} ${mask} 2>&1)
ret=${?}
echo "${output}" >> "${OUTD}/logfull.txt"
if [ "${ret}" -eq 0 ]; then
line_nr=1
if [ "${i}" -gt 1 ]; then
line_nr=$((i - 1))
fi
line_dict1=$(sed -n ${line_nr}p "${dict1}")
line_dict2=$(sed -n ${line_nr}p "${dict2}")
if [ "${pass_only}" -eq 1 ]; then
search=":${line_dict1}${line_dict2}"
else
search="${hash}:${line_dict1}${line_dict2}"
fi
echo "${output}" | grep -F "${search}" &>/dev/null
newRet=$?
if [ "${newRet}" -eq 2 ]; then
# out-of-memory, workaround
echo "${output}" | head -1 > tmp_file_out
echo "${search}" > tmp_file_search
out_md5=$(md5sum tmp_file_out | cut -d' ' -f1)
search_md5=$(md5sum tmp_file_search | cut -d' ' -f1)
rm tmp_file_out tmp_file_search
if [ "${out_md5}" == "${search_md5}" ]; then
newRet=0
fi
fi
if [ "${newRet}" -ne 0 ]; then
if [ "${newRet}" -eq 2 ]; then
ret=20
else
ret=10
fi
fi
fi
status ${ret}
fi
if [ "${i}" -eq ${max} ]; then break; fi
i=$((i + 1))
done 9< "${OUTD}/${hash_type}_hashes.txt"
msg="OK"
if [ "${e_ce}" -ne 0 ]; then
msg="Compare Error"
elif [ "${e_rs}" -ne 0 ]; then
msg="Skip"
elif [ "${e_nf}" -ne 0 ] || [ "${e_nm}" -ne 0 ]; then
msg="Error"
elif [ "${e_to}" -ne 0 ]; then
msg="Warning"
fi
echo "[ ${OUTD} ] [ Type ${hash_type}, Attack 6, Mode single, Device-Type ${DEVICE_TYPE}, Kernel-Type ${KERNEL_TYPE}, Vector-Width ${VECTOR} ] > $msg : ${e_nf}/${cnt} not found, ${e_nm}/${cnt} not matched, ${e_to}/${cnt} timeout, ${e_rs}/${cnt} skipped"
rm -f "${OUTD}/${hash_type}_dict1_custom"
rm -f "${OUTD}/${hash_type}_dict2_custom"
fi
# multihash
if [ "${MODE}" -ne 0 ]; then
# no multi hash checks for these modes (because we only have 1 hash for each of them)
if [ "${hash_type}" -eq 14000 ]; then
return
elif [ "${hash_type}" -eq 14100 ]; then
return
elif [ "${hash_type}" -eq 14900 ]; then
return
elif [ "${hash_type}" -eq 15400 ]; then
return
fi
e_ce=0
e_rs=0
e_to=0
e_nf=0
e_nm=0
cnt=0
max=9
if [ "${hash_type}" -eq 2500 ]; then
max=5
elif [ "${hash_type}" -eq 3000 ]; then
max=8
elif [ "${hash_type}" -eq 7700 ] || [ "${hash_type}" -eq 7701 ]; then
max=8
elif [ "${hash_type}" -eq 8500 ]; then
max=8
elif [ "${hash_type}" -eq 16800 ]; then
max=5
elif [ "${hash_type}" -eq 22000 ]; then
max=5
fi
if is_in_array "${hash_type}" ${TIMEOUT_ALGOS}; then
max=5
if [ "${hash_type}" -eq 3200 ]; then
max=3
fi
fi
i=2
while [ "$i" -lt "$max" ]; do
hash_file=${OUTD}/${hash_type}_hashes_multi_${i}.txt
# if file_only -> decode all base64 "hashes" and put them in the temporary file
if [ "${file_only}" -eq 1 ]; then
temp_file="${OUTD}/${hash_type}_filebased_only_temp.txt"
rm -f "${temp_file}"
hash_file=${temp_file}
while read -r file_only_hash; do
if [ "${hash_type}" -ne 22000 ]; then
echo -n "${file_only_hash}" | base64 -d >> "${temp_file}"
else
echo "${file_only_hash}" >> "${temp_file}"
fi
done < "${OUTD}/${hash_type}_hashes_multi_${i}.txt"
fi
mask=${mask_6[$i]}
CMD="./${BIN} ${OPTS} -a 6 -m ${hash_type} ${hash_file} ${OUTD}/${hash_type}_dict1_multi_${i} ${mask}"
echo "> Testing hash type $hash_type with attack mode 6, markov ${MARKOV}, multi hash with word len ${i}." >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
output=$(./${BIN} ${OPTS} -a 6 -m ${hash_type} ${hash_file} ${OUTD}/${hash_type}_dict1_multi_${i} ${mask} 2>&1)
ret=${?}
echo "${output}" >> "${OUTD}/logfull.txt"
if [ "${ret}" -eq 0 ]; then
j=1
while read -r -u 9 hash; do
line_dict1=$(sed -n ${j}p "${OUTD}/${hash_type}_dict1_multi_${i}")
line_dict2=$(sed -n ${j}p "${OUTD}/${hash_type}_dict2_multi_${i}")
if [ "${pass_only}" -eq 1 ]; then
search=":${line_dict1}${line_dict2}"
else
search="${hash}:${line_dict1}${line_dict2}"
fi
echo "${output}" | grep -F "${search}" &>/dev/null
newRet=$?
if [ "${newRet}" -ne 0 ]; then
if [ "${newRet}" -eq 2 ]; then
ret=20
else
ret=10
fi
break
fi
j=$((j + 1))
done 9< "${OUTD}/${hash_type}_hashes_multi_${i}.txt"
fi
status ${ret}
i=$((i + 1))
done
msg="OK"
if [ "${e_ce}" -ne 0 ]; then
msg="Compare Error"
elif [ "${e_rs}" -ne 0 ]; then
msg="Skip"
elif [ "${e_nf}" -ne 0 ] || [ "${e_nm}" -ne 0 ]; then
msg="Error"
elif [ "${e_to}" -ne 0 ]; then
msg="Warning"
fi
echo "[ ${OUTD} ] [ Type ${hash_type}, Attack 6, Mode multi, Device-Type ${DEVICE_TYPE}, Kernel-Type ${KERNEL_TYPE}, Vector-Width ${VECTOR} ] > $msg : ${e_nf}/${cnt} not found, ${e_nm}/${cnt} not matched, ${e_to}/${cnt} timeout, ${e_rs}/${cnt} skipped"
fi
}
function attack_7()
{
file_only=0
if is_in_array "${hash_type}" ${FILE_BASED_ALGOS}; then
file_only=1
fi
# single hash
if [ "${MODE}" -ne 1 ]; then
e_ce=0
e_rs=0
e_to=0
e_nf=0
e_nm=0
cnt=0
echo "> Testing hash type $hash_type with attack mode 7, markov ${MARKOV}, single hash, Device-Type ${DEVICE_TYPE}, Kernel-Type ${KERNEL_TYPE}, Vector-Width ${VECTOR}." >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
min=1
max=8
mask_offset=0
if [ "${hash_type}" -eq 2500 ]; then
max=5
elif [ "${hash_type}" -eq 14000 ]; then
mask_offset=4
min=0
max=1
elif [ "${hash_type}" -eq 14100 ]; then
mask_offset=3
min=0
max=1
elif [ "${hash_type}" -eq 14900 ]; then
mask_offset=5
min=0
max=1
elif [ "${hash_type}" -eq 15400 ]; then
mask_offset=3
min=0
max=1
elif [ "${hash_type}" -eq 16800 ]; then
max=5
elif [ "${hash_type}" -eq 22000 ]; then
max=5
fi
# special case: we need to split the first line
if [ "${min}" -eq 0 ]; then
pass_part_1=$(sed -n 1p "${OUTD}/${hash_type}_dict1")
pass_part_2=$(sed -n 1p "${OUTD}/${hash_type}_dict2")
pass="${pass_part_1}${pass_part_2}"
echo -n "${pass}" | cut -b -$((mask_offset + 0)) > "${OUTD}/${hash_type}_dict1_custom"
echo -n "${pass}" | cut -b $((mask_offset + 1))- > "${OUTD}/${hash_type}_dict2_custom"
mask_custom=""
for i in $(seq 1 ${mask_offset}); do
if [ "${hash_type}" -eq 14000 ]; then
char=$(echo -n "${pass}" | cut -b ${i})
mask_custom="${mask_custom}${char}"
elif [ "${hash_type}" -eq 14100 ]; then
char=$(echo -n "${pass}" | cut -b ${i})
mask_custom="${mask_custom}${char}"
else
mask_custom="${mask_custom}?d"
fi
done
fi
i=1
while read -r -u 9 hash; do
if [ ${i} -gt ${min} ]; then
if [ "${file_only}" -eq 1 ]; then
temp_file="${OUTD}/${hash_type}_filebased_only_temp.txt"
if [ "${hash_type}" -ne 22000 ]; then
echo "${hash}" | base64 -d > "${temp_file}"
else
echo "${hash}" > "${temp_file}"
fi
hash="${temp_file}"
fi
mask=${mask_7[$i]}
# adjust mask if needed
line_nr=1
if [ "${i}" -gt 1 ]; then
line_nr=$((i - 1))
fi
if [ "${hash_type}" -eq 2500 ]; then
pass_part_1=$(sed -n ${line_nr}p "${OUTD}/${hash_type}_dict1")
pass_part_2=$(sed -n ${line_nr}p "${OUTD}/${hash_type}_dict2")
pass_part_2_len=${#pass_part_2}
pass=${pass_part_1}${pass_part_2}
pass_len=${#pass}
# add first x chars of password to mask and append the (old) mask
mask_len=${#mask}
mask_len=$((mask_len / 2))
mask_prefix=$(echo ${pass} | cut -b -$((pass_len - mask_len - pass_part_2_len)))
mask=${mask_prefix}${mask}
fi
if [ "${hash_type}" -eq 16800 ]; then
pass_part_1=$(sed -n ${line_nr}p "${OUTD}/${hash_type}_dict1")
pass_part_2=$(sed -n ${line_nr}p "${OUTD}/${hash_type}_dict2")
pass_part_2_len=${#pass_part_2}
pass=${pass_part_1}${pass_part_2}
pass_len=${#pass}
# add first x chars of password to mask and append the (old) mask
mask_len=${#mask}
mask_len=$((mask_len / 2))
mask_prefix=$(echo "${pass}" | cut -b -$((pass_len - mask_len - pass_part_2_len)))
mask=${mask_prefix}${mask}
fi
if [ "${hash_type}" -eq 22000 ]; then
pass_part_1=$(sed -n ${line_nr}p "${OUTD}/${hash_type}_dict1")
pass_part_2=$(sed -n ${line_nr}p "${OUTD}/${hash_type}_dict2")
pass_part_2_len=${#pass_part_2}
pass=${pass_part_1}${pass_part_2}
pass_len=${#pass}
# add first x chars of password to mask and append the (old) mask
mask_len=${#mask}
mask_len=$((mask_len / 2))
mask_prefix=$(echo "${pass}" | cut -b -$((pass_len - mask_len - pass_part_2_len)))
mask=${mask_prefix}${mask}
fi
if [ "${hash_type}" -eq 20510 ]; then
pass_part_1=$(sed -n ${line_nr}p "${OUTD}/${hash_type}_dict1")
pass_part_2=$(sed -n ${line_nr}p "${OUTD}/${hash_type}_dict2")
pass=${pass_part_1}${pass_part_2}
pass_len=${#pass}
if [ "${pass_len}" -le 6 ]; then
i=$((i + 1))
continue
fi
pass_old=${pass}
pass=$(echo "${pass}" | cut -b 7-) # skip the first 6 chars
mask_len=$((${#mask} / 2))
echo "${pass_old}" | cut -b -$((6 + mask_len)) > "${OUTD}/${hash_type}_dict1_custom"
echo "${pass}" | cut -b $((mask_len + 1))- > "${OUTD}/${hash_type}_dict2_custom"
min=0 # hack to use the custom dict
mask_custom=${mask}
fi
dict1=${OUTD}/${hash_type}_dict1
dict2=${OUTD}/${hash_type}_dict2
if [ "${min}" -eq 0 ]; then
mask=${mask_custom}
dict1=${OUTD}/${hash_type}_dict1_custom
dict2=${OUTD}/${hash_type}_dict2_custom
fi
CMD="./${BIN} ${OPTS} -a 7 -m ${hash_type} '${hash}' ${mask} ${dict2}"
echo -n "[ len $i ] " >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
output=$(./${BIN} ${OPTS} -a 7 -m ${hash_type} "${hash}" ${mask} ${dict2} 2>&1)
ret=${?}
echo "${output}" >> "${OUTD}/logfull.txt"
if [ "${ret}" -eq 0 ]; then
line_nr=1
if [ "${i}" -gt 1 ]; then
line_nr=$((i - 1))
fi
line_dict1=$(sed -n ${line_nr}p "${dict1}")
line_dict2=$(sed -n ${line_nr}p "${dict2}")
if [ "${pass_only}" -eq 1 ]; then
search=":${line_dict1}${line_dict2}"
else
search="${hash}:${line_dict1}${line_dict2}"
fi
echo "${output}" | grep -F "${search}" &>/dev/null
newRet=$?
if [ "${newRet}" -eq 2 ]; then
# out-of-memory, workaround
echo "${output}" | head -1 > tmp_file_out
echo "${search}" > tmp_file_search
out_md5=$(md5sum tmp_file_out | cut -d' ' -f1)
search_md5=$(md5sum tmp_file_search | cut -d' ' -f1)
rm tmp_file_out tmp_file_search
if [ "${out_md5}" == "${search_md5}" ]; then
newRet=0
fi
fi
if [ "${newRet}" -ne 0 ]; then
if [ "${newRet}" -eq 2 ]; then
ret=20
else
ret=10
fi
fi
fi
status ${ret}
fi
if [ $i -eq ${max} ]; then break; fi
i=$((i + 1))
done 9< "${OUTD}/${hash_type}_hashes.txt"
msg="OK"
if [ "${e_ce}" -ne 0 ]; then
msg="Compare Error"
elif [ "${e_rs}" -ne 0 ]; then
msg="Skip"
elif [ "${e_nf}" -ne 0 ] || [ "${e_nm}" -ne 0 ]; then
msg="Error"
elif [ "${e_to}" -ne 0 ]; then
msg="Warning"
fi
echo "[ ${OUTD} ] [ Type ${hash_type}, Attack 7, Mode single, Device-Type ${DEVICE_TYPE}, Kernel-Type ${KERNEL_TYPE}, Vector-Width ${VECTOR} ] > $msg : ${e_nf}/${cnt} not found, ${e_nm}/${cnt} not matched, ${e_to}/${cnt} timeout, ${e_rs}/${cnt} skipped"
rm -f "${OUTD}/${hash_type}_dict1_custom"
rm -f "${OUTD}/${hash_type}_dict2_custom"
fi
# multihash
if [ "${MODE}" -ne 0 ]; then
# no multi hash checks for these modes (because we only have 1 hash for each of them)
if [ "${hash_type}" -eq 14000 ]; then
return
elif [ "${hash_type}" -eq 14100 ]; then
return
elif [ "${hash_type}" -eq 14900 ]; then
return
elif [ "${hash_type}" -eq 15400 ]; then
return
fi
e_ce=0
e_rs=0
e_to=0
e_nf=0
e_nm=0
cnt=0
max=9
if [ "${hash_type}" -eq 2500 ]; then
max=5
elif [ "${hash_type}" -eq 3000 ]; then
max=8
elif [ "${hash_type}" -eq 7700 ] || [ "${hash_type}" -eq 7701 ]; then
max=8
elif [ "${hash_type}" -eq 8500 ]; then
max=8
elif [ "${hash_type}" -eq 14000 ]; then
max=5
elif [ "${hash_type}" -eq 14100 ]; then
max=5
elif [ "${hash_type}" -eq 14900 ]; then
max=5
elif [ "${hash_type}" -eq 15400 ]; then
max=5
elif [ "${hash_type}" -eq 16800 ]; then
max=5
elif [ "${hash_type}" -eq 22000 ]; then
max=5
fi
if is_in_array "${hash_type}" ${TIMEOUT_ALGOS}; then
max=7
if [ "${hash_type}" -eq 3200 ]; then
max=4
fi
fi
i=2
while [ "$i" -lt "$max" ]; do
hash_file=${OUTD}/${hash_type}_hashes_multi_${i}.txt
dict_file=${OUTD}/${hash_type}_dict2_multi_${i}
mask=${mask_7[$i]}
# if file_only -> decode all base64 "hashes" and put them in the temporary file
if [ "${file_only}" -eq 1 ]; then
temp_file="${OUTD}/${hash_type}_filebased_only_temp.txt"
rm -f "${temp_file}"
hash_file=${temp_file}
while read -r file_only_hash; do
if [ "${hash_type}" -ne 22000 ]; then
echo -n "${file_only_hash}" | base64 -d >> "${temp_file}"
else
echo "${file_only_hash}" >> "${temp_file}"
fi
done < "${OUTD}/${hash_type}_hashes_multi_${i}.txt"
# a little hack: since we don't want to have a very large mask (and wpa has minimum length of 8),
# we need to create a temporary dict file on-the-fly and use it like this: [small mask] [long(er) words in dict]
dict_file=${OUTD}/${hash_type}_dict2_multi_${i}_longer
rm -f "${dict_file}"
mask_len=${#mask}
mask_len=$((mask_len / 2))
j=1
while read -r -u 9 hash; do
pass_part_1=$(sed -n ${j}p "${OUTD}/${hash_type}_dict1_multi_${i}")
pass_part_2=$(sed -n ${j}p "${OUTD}/${hash_type}_dict2_multi_${i}")
pass="${pass_part_1}${pass_part_2}"
pass_suffix=$(echo "${pass}" | cut -b $((mask_len + 1))-)
echo "${pass_suffix}" >> "${dict_file}"
j=$((j + 1))
done 9< "${OUTD}/${hash_type}_hashes_multi_${i}.txt"
fi
CMD="./${BIN} ${OPTS} -a 7 -m ${hash_type} ${hash_file} ${mask} ${dict_file}"
echo "> Testing hash type $hash_type with attack mode 7, markov ${MARKOV}, multi hash with word len ${i}." >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
output=$(./${BIN} ${OPTS} -a 7 -m ${hash_type} ${hash_file} ${mask} ${dict_file} 2>&1)
ret=${?}
echo "${output}" >> "${OUTD}/logfull.txt"
if [ "${ret}" -eq 0 ]; then
j=1
while read -r -u 9 hash; do
line_dict1=$(sed -n ${j}p "${OUTD}/${hash_type}_dict1_multi_${i}")
line_dict2=$(sed -n ${j}p "${OUTD}/${hash_type}_dict2_multi_${i}")
if [ "${pass_only}" -eq 1 ]; then
search=":${line_dict1}${line_dict2}"
else
search="${hash}:${line_dict1}${line_dict2}"
fi
echo "${output}" | grep -F "${search}" &>/dev/null
newRet=$?
if [ "${newRet}" -ne 0 ]; then
if [ "${newRet}" -eq 2 ]; then
ret=20
else
ret=10
fi
break
fi
j=$((j + 1))
done 9< "${OUTD}/${hash_type}_hashes_multi_${i}.txt"
fi
status ${ret}
i=$((i + 1))
done
msg="OK"
if [ "${e_ce}" -ne 0 ]; then
msg="Compare Error"
elif [ "${e_rs}" -ne 0 ]; then
msg="Skip"
elif [ "${e_nf}" -ne 0 ] || [ "${e_nm}" -ne 0 ]; then
msg="Error"
elif [ "${e_to}" -ne 0 ]; then
msg="Warning"
fi
echo "[ ${OUTD} ] [ Type ${hash_type}, Attack 7, Mode multi, Device-Type ${DEVICE_TYPE}, Kernel-Type ${KERNEL_TYPE}, Vector-Width ${VECTOR} ] > $msg : ${e_nf}/${cnt} not found, ${e_nm}/${cnt} not matched, ${e_to}/${cnt} timeout, ${e_rs}/${cnt} skipped"
fi
}
function cryptoloop_test()
{
hashType=$1
keySize=$2
CMD="unset"
mkdir -p ${OUTD}/cl_tests
chmod u+x "${TDIR}/cryptoloop2hashcat.py"
case $hashType in
14511)
case $keySize in
128|192|256)
eval \"${TDIR}/cryptoloop2hashcat.py\" --source \"${TDIR}/cl_tests/hashcat_sha1_aes_${keySize}.img\" --hash sha1 --cipher aes --keysize ${keySize} > ${OUTD}/cl_tests/hashcat_sha1_aes_${keySize}.hash
CMD="./${BIN} ${OPTS} -a 3 -m 14500 ${OUTD}/cl_tests/hashcat_sha1_aes_${keySize}.hash hashca?l"
;;
esac
;;
14512)
case $keySize in
128|192|256)
eval \"${TDIR}/cryptoloop2hashcat.py\" --source \"${TDIR}/cl_tests/hashcat_sha1_serpent_${keySize}.img\" --hash sha1 --cipher serpent --keysize ${keySize} > ${OUTD}/cl_tests/hashcat_sha1_serpent_${keySize}.hash
CMD="./${BIN} ${OPTS} -a 3 -m 14500 ${OUTD}/cl_tests/hashcat_sha1_serpent_${keySize}.hash hashca?l"
;;
esac
;;
14513)
case $keySize in
128|192|256)
eval \"${TDIR}/cryptoloop2hashcat.py\" --source \"${TDIR}/cl_tests/hashcat_sha1_twofish_${keySize}.img\" --hash sha1 --cipher twofish --keysize ${keySize} > ${OUTD}/cl_tests/hashcat_sha1_twofish_${keySize}.hash
CMD="./${BIN} ${OPTS} -a 3 -m 14500 ${OUTD}/cl_tests/hashcat_sha1_twofish_${keySize}.hash hashca?l"
;;
esac
;;
14521)
case $keySize in
128|192|256)
eval \"${TDIR}/cryptoloop2hashcat.py\" --source \"${TDIR}/cl_tests/hashcat_sha256_aes_${keySize}.img\" --hash sha256 --cipher aes --keysize ${keySize} > ${OUTD}/cl_tests/hashcat_sha256_aes_${keySize}.hash
CMD="./${BIN} ${OPTS} -a 3 -m 14500 ${OUTD}/cl_tests/hashcat_sha256_aes_${keySize}.hash hashca?l"
;;
esac
;;
14522)
case $keySize in
128|192|256)
eval \"${TDIR}/cryptoloop2hashcat.py\" --source \"${TDIR}/cl_tests/hashcat_sha256_serpent_${keySize}.img\" --hash sha256 --cipher serpent --keysize ${keySize} > ${OUTD}/cl_tests/hashcat_sha256_serpent_${keySize}.hash
CMD="./${BIN} ${OPTS} -a 3 -m 14500 ${OUTD}/cl_tests/hashcat_sha256_serpent_${keySize}.hash hashca?l"
;;
esac
;;
14523)
case $keySize in
128|192|256)
eval \"${TDIR}/cryptoloop2hashcat.py\" --source \"${TDIR}/cl_tests/hashcat_sha256_twofish_${keySize}.img\" --hash sha256 --cipher twofish --keysize ${keySize} > ${OUTD}/cl_tests/hashcat_sha256_twofish_${keySize}.hash
CMD="./${BIN} ${OPTS} -a 3 -m 14500 ${OUTD}/cl_tests/hashcat_sha256_twofish_${keySize}.hash hashca?l"
;;
esac
;;
14531)
case $keySize in
128|192|256)
eval \"${TDIR}/cryptoloop2hashcat.py\" --source \"${TDIR}/cl_tests/hashcat_sha512_aes_${keySize}.img\" --hash sha512 --cipher aes --keysize ${keySize} > ${OUTD}/cl_tests/hashcat_sha512_aes_${keySize}.hash
CMD="./${BIN} ${OPTS} -a 3 -m 14500 ${OUTD}/cl_tests/hashcat_sha512_aes_${keySize}.hash hashca?l"
;;
esac
;;
14532)
case $keySize in
128|192|256)
eval \"${TDIR}/cryptoloop2hashcat.py\" --source \"${TDIR}/cl_tests/hashcat_sha512_serpent_${keySize}.img\" --hash sha512 --cipher serpent --keysize ${keySize} > ${OUTD}/cl_tests/hashcat_sha512_serpent_${keySize}.hash
CMD="./${BIN} ${OPTS} -a 3 -m 14500 ${OUTD}/cl_tests/hashcat_sha512_serpent_${keySize}.hash hashca?l"
;;
esac
;;
14533)
case $keySize in
128|192|256)
eval \"${TDIR}/cryptoloop2hashcat.py\" --source \"${TDIR}/cl_tests/hashcat_sha512_twofish_${keySize}.img\" --hash sha512 --cipher twofish --keysize ${keySize} > ${OUTD}/cl_tests/hashcat_sha512_twofish_${keySize}.hash
CMD="./${BIN} ${OPTS} -a 3 -m 14500 ${OUTD}/cl_tests/hashcat_sha512_twofish_${keySize}.hash hashca?l"
;;
esac
;;
14541)
case $keySize in
128|192|256)
eval \"${TDIR}/cryptoloop2hashcat.py\" --source \"${TDIR}/cl_tests/hashcat_ripemd160_aes_${keySize}.img\" --hash ripemd160 --cipher aes --keysize ${keySize} > ${OUTD}/cl_tests/hashcat_ripemd160_aes_${keySize}.hash
CMD="./${BIN} ${OPTS} -a 3 -m 14500 ${OUTD}/cl_tests/hashcat_ripemd160_aes_${keySize}.hash hashca?l"
;;
esac
;;
14542)
case $keySize in
128|192|256)
eval \"${TDIR}/cryptoloop2hashcat.py\" --source \"${TDIR}/cl_tests/hashcat_ripemd160_serpent_${keySize}.img\" --hash ripemd160 --cipher serpent --keysize ${keySize} > ${OUTD}/cl_tests/hashcat_ripemd160_serpent_${keySize}.hash
CMD="./${BIN} ${OPTS} -a 3 -m 14500 ${OUTD}/cl_tests/hashcat_ripemd160_serpent_${keySize}.hash hashca?l"
;;
esac
;;
14543)
case $keySize in
128|192|256)
eval \"${TDIR}/cryptoloop2hashcat.py\" --source \"${TDIR}/cl_tests/hashcat_ripemd160_twofish_${keySize}.img\" --hash ripemd160 --cipher twofish --keysize ${keySize} > ${OUTD}/cl_tests/hashcat_ripemd160_twofish_${keySize}.hash
CMD="./${BIN} ${OPTS} -a 3 -m 14500 ${OUTD}/cl_tests/hashcat_ripemd160_twofish_${keySize}.hash hashca?l"
;;
esac
;;
14551)
case $keySize in
128|192|256)
eval \"${TDIR}/cryptoloop2hashcat.py\" --source \"${TDIR}/cl_tests/hashcat_whirlpool_aes_${keySize}.img\" --hash whirlpool --cipher aes --keysize ${keySize} > ${OUTD}/cl_tests/hashcat_whirlpool_aes_${keySize}.hash
CMD="./${BIN} ${OPTS} -a 3 -m 14500 ${OUTD}/cl_tests/hashcat_whirlpool_aes_${keySize}.hash hashca?l"
;;
esac
;;
14552)
case $keySize in
128|192|256)
eval \"${TDIR}/cryptoloop2hashcat.py\" --source \"${TDIR}/cl_tests/hashcat_whirlpool_serpent_${keySize}.img\" --hash whirlpool --cipher serpent --keysize ${keySize} > ${OUTD}/cl_tests/hashcat_whirlpool_serpent_${keySize}.hash
CMD="./${BIN} ${OPTS} -a 3 -m 14500 ${OUTD}/cl_tests/hashcat_whirlpool_serpent_${keySize}.hash hashca?l"
;;
esac
;;
14553)
case $keySize in
128|192|256)
eval \"${TDIR}/cryptoloop2hashcat.py --source ${TDIR}/cl_tests/hashcat_whirlpool_twofish_${keySize}.img\" --hash whirlpool --cipher twofish --keysize ${keySize} > ${OUTD}/cl_tests/hashcat_whirlpool_twofish_${keySize}.hash
CMD="./${BIN} ${OPTS} -a 3 -m 14500 ${OUTD}/cl_tests/hashcat_whirlpool_twofish_${keySize}.hash hashca?l"
;;
esac
;;
esac
if [ ${#CMD} -gt 5 ]; then
echo "> Testing hash type $hashType with attack mode 3, markov ${MARKOV}, single hash, Device-Type ${DEVICE_TYPE}, Kernel-Type ${KERNEL_TYPE}, Vector-Width ${VECTOR}, Key-Size ${keySize}" >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
output=$(${CMD} 2>&1)
ret=${?}
echo "${output}" >> "${OUTD}/logfull.txt"
e_ce=0
e_rs=0
e_to=0
e_nf=0
e_nm=0
cnt=0
status ${ret}
cnt=1
msg="OK"
if [ "${e_ce}" -ne 0 ]; then
msg="Compare Error"
elif [ "${e_rs}" -ne 0 ]; then
msg="Skip"
elif [ "${e_nf}" -ne 0 ] || [ "${e_nm}" -ne 0 ]; then
msg="Error"
elif [ "${e_to}" -ne 0 ]; then
msg="Warning"
fi
echo "[ ${OUTD} ] [ Type ${hash_type}, Attack 3, Mode single, Device-Type ${DEVICE_TYPE}, Kernel-Type ${KERNEL_TYPE}, Vector-Width ${VECTOR}, Key-Size ${keySize} ] > $msg : ${e_nf}/${cnt} not found, ${e_nm}/${cnt} not matched, ${e_to}/${cnt} timeout, ${e_rs}/${cnt} skipped"
fi
}
function truecrypt_test()
{
hashType=$1
tcMode=$2
CMD="unset"
mkdir -p ${OUTD}/tc_tests
chmod u+x "${TDIR}/truecrypt2hashcat.py"
case $hashType in
6211)
case $tcMode in
0)
CMD="./${BIN} ${OPTS} -a 3 -m 6211 '${TDIR}/tc_tests/hashcat_ripemd160_aes.tc' hashca?l"
;;
1)
CMD="./${BIN} ${OPTS} -a 3 -m 6211 '${TDIR}/tc_tests/hashcat_ripemd160_serpent.tc' hashca?l"
;;
2)
CMD="./${BIN} ${OPTS} -a 3 -m 6211 '${TDIR}/tc_tests/hashcat_ripemd160_twofish.tc' hashca?l"
;;
esac
;;
6212)
case $tcMode in
0)
CMD="./${BIN} ${OPTS} -a 3 -m 6212 '${TDIR}/tc_tests/hashcat_ripemd160_aes-twofish.tc' hashca?l"
;;
1)
CMD="./${BIN} ${OPTS} -a 3 -m 6212 '${TDIR}/tc_tests/hashcat_ripemd160_serpent-aes.tc' hashca?l"
;;
2)
CMD="./${BIN} ${OPTS} -a 3 -m 6212 '${TDIR}/tc_tests/hashcat_ripemd160_twofish-serpent.tc' hashca?l"
;;
esac
;;
6213)
case $tcMode in
0)
CMD="./${BIN} ${OPTS} -a 3 -m 6213 '${TDIR}/tc_tests/hashcat_ripemd160_aes-twofish-serpent.tc' hashca?l"
;;
1)
CMD="./${BIN} ${OPTS} -a 3 -m 6213 '${TDIR}/tc_tests/hashcat_ripemd160_serpent-twofish-aes.tc' hashca?l"
;;
esac
;;
6221)
case $tcMode in
0)
CMD="./${BIN} ${OPTS} -a 3 -m 6221 '${TDIR}/tc_tests/hashcat_sha512_aes.tc' hashca?l"
;;
1)
CMD="./${BIN} ${OPTS} -a 3 -m 6221 '${TDIR}/tc_tests/hashcat_sha512_serpent.tc' hashca?l"
;;
2)
CMD="./${BIN} ${OPTS} -a 3 -m 6221 '${TDIR}/tc_tests/hashcat_sha512_twofish.tc' hashca?l"
;;
esac
;;
6222)
case $tcMode in
0)
CMD="./${BIN} ${OPTS} -a 3 -m 6222 '${TDIR}/tc_tests/hashcat_sha512_aes-twofish.tc' hashca?l"
;;
1)
CMD="./${BIN} ${OPTS} -a 3 -m 6222 '${TDIR}/tc_tests/hashcat_sha512_serpent-aes.tc' hashca?l"
;;
2)
CMD="./${BIN} ${OPTS} -a 3 -m 6222 '${TDIR}/tc_tests/hashcat_sha512_twofish-serpent.tc' hashca?l"
;;
esac
;;
6223)
case $tcMode in
0)
CMD="./${BIN} ${OPTS} -a 3 -m 6223 '${TDIR}/tc_tests/hashcat_sha512_aes-twofish-serpent.tc' hashca?l"
;;
1)
CMD="./${BIN} ${OPTS} -a 3 -m 6223 '${TDIR}/tc_tests/hashcat_sha512_serpent-twofish-aes.tc' hashca?l"
;;
esac
;;
6231)
case $tcMode in
0)
CMD="./${BIN} ${OPTS} -a 3 -m 6231 '${TDIR}/tc_tests/hashcat_whirlpool_aes.tc' hashca?l"
;;
1)
CMD="./${BIN} ${OPTS} -a 3 -m 6231 '${TDIR}/tc_tests/hashcat_whirlpool_serpent.tc' hashca?l"
;;
2)
CMD="./${BIN} ${OPTS} -a 3 -m 6231 '${TDIR}/tc_tests/hashcat_whirlpool_twofish.tc' hashca?l"
;;
esac
;;
6232)
case $tcMode in
0)
CMD="./${BIN} ${OPTS} -a 3 -m 6232 '${TDIR}/tc_tests/hashcat_whirlpool_aes-twofish.tc' hashca?l"
;;
1)
CMD="./${BIN} ${OPTS} -a 3 -m 6232 '${TDIR}/tc_tests/hashcat_whirlpool_serpent-aes.tc' hashca?l"
;;
2)
CMD="./${BIN} ${OPTS} -a 3 -m 6232 '${TDIR}/tc_tests/hashcat_whirlpool_twofish-serpent.tc' hashca?l"
;;
esac
;;
6233)
case $tcMode in
0)
CMD="./${BIN} ${OPTS} -a 3 -m 6233 '${TDIR}/tc_tests/hashcat_whirlpool_aes-twofish-serpent.tc' hashca?l"
;;
1)
CMD="./${BIN} ${OPTS} -a 3 -m 6233 '${TDIR}/tc_tests/hashcat_whirlpool_serpent-twofish-aes.tc' hashca?l"
;;
esac
;;
6241)
case $tcMode in
0)
CMD="./${BIN} ${OPTS} -a 3 -m 6241 '${TDIR}/tc_tests/hashcat_ripemd160_aes_boot.tc' hashca?l"
;;
1)
CMD="./${BIN} ${OPTS} -a 3 -m 6241 '${TDIR}/tc_tests/hashcat_ripemd160_serpent_boot.tc' hashca?l"
;;
2)
CMD="./${BIN} ${OPTS} -a 3 -m 6241 '${TDIR}/tc_tests/hashcat_ripemd160_twofish_boot.tc' hashca?l"
;;
esac
;;
6242)
case $tcMode in
0)
CMD="./${BIN} ${OPTS} -a 3 -m 6242 '${TDIR}/tc_tests/hashcat_ripemd160_aes-twofish_boot.tc' hashca?l"
;;
1)
CMD="./${BIN} ${OPTS} -a 3 -m 6242 '${TDIR}/tc_tests/hashcat_ripemd160_serpent-aes_boot.tc' hashca?l"
;;
esac
;;
6243)
case $tcMode in
0)
CMD="./${BIN} ${OPTS} -a 3 -m 6243 '${TDIR}/tc_tests/hashcat_ripemd160_aes-twofish-serpent_boot.tc' hashca?l"
;;
esac
;;
29311)
case $tcMode in
0)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_ripemd160_aes.tc\" > ${OUTD}/tc_tests/hashcat_ripemd160_aes.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29311 '${OUTD}/tc_tests/hashcat_ripemd160_aes.hash' hashca?l"
;;
1)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_ripemd160_serpent.tc\" > ${OUTD}/tc_tests/hashcat_ripemd160_serpent.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29311 '${OUTD}/tc_tests/hashcat_ripemd160_serpent.hash' hashca?l"
;;
2)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_ripemd160_twofish.tc\" > ${OUTD}/tc_tests/hashcat_ripemd160_twofish.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29311 '${OUTD}/tc_tests/hashcat_ripemd160_twofish.hash' hashca?l"
;;
esac
;;
29312)
case $tcMode in
0)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_ripemd160_aes-twofish.tc\" > ${OUTD}/tc_tests/hashcat_ripemd160_aes-twofish.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29312 '${OUTD}/tc_tests/hashcat_ripemd160_aes-twofish.hash' hashca?l"
;;
1)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_ripemd160_serpent-aes.tc\" > ${OUTD}/tc_tests/hashcat_ripemd160_serpent-aes.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29312 '${OUTD}/tc_tests/hashcat_ripemd160_serpent-aes.hash' hashca?l"
;;
2)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_ripemd160_twofish-serpent.tc\" > ${OUTD}/tc_tests/hashcat_ripemd160_twofish-serpent.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29312 '${OUTD}/tc_tests/hashcat_ripemd160_twofish-serpent.hash' hashca?l"
;;
esac
;;
29313)
case $tcMode in
0)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_ripemd160_aes-twofish-serpent.tc\" > ${OUTD}/tc_tests/hashcat_ripemd160_aes-twofish-serpent.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29313 '${OUTD}/tc_tests/hashcat_ripemd160_aes-twofish-serpent.hash' hashca?l"
;;
1)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_ripemd160_serpent-twofish-aes.tc\" > ${OUTD}/tc_tests/hashcat_ripemd160_serpent-twofish-aes.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29313 '${OUTD}/tc_tests/hashcat_ripemd160_serpent-twofish-aes.hash' hashca?l"
;;
esac
;;
29321)
case $tcMode in
0)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_sha512_aes.tc\" > ${OUTD}/tc_tests/hashcat_sha512_aes.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29321 '${OUTD}/tc_tests/hashcat_sha512_aes.hash' hashca?l"
;;
1)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_sha512_serpent.tc\" > ${OUTD}/tc_tests/hashcat_sha512_serpent.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29321 '${OUTD}/tc_tests/hashcat_sha512_serpent.hash' hashca?l"
;;
2)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_sha512_twofish.tc\" > ${OUTD}/tc_tests/hashcat_sha512_twofish.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29321 '${OUTD}/tc_tests/hashcat_sha512_twofish.hash' hashca?l"
;;
esac
;;
29322)
case $tcMode in
0)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_sha512_aes-twofish.tc\" > ${OUTD}/tc_tests/hashcat_sha512_aes-twofish.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29322 '${OUTD}/tc_tests/hashcat_sha512_aes-twofish.hash' hashca?l"
;;
1)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_sha512_serpent-aes.tc\" > ${OUTD}/tc_tests/hashcat_sha512_serpent-aes.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29322 '${OUTD}/tc_tests/hashcat_sha512_serpent-aes.hash' hashca?l"
;;
2)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_sha512_twofish-serpent.tc\" > ${OUTD}/tc_tests/hashcat_sha512_twofish-serpent.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29322 '${OUTD}/tc_tests/hashcat_sha512_twofish-serpent.hash' hashca?l"
;;
esac
;;
29323)
case $tcMode in
0)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_sha512_aes-twofish-serpent.tc\" > ${OUTD}/tc_tests/hashcat_sha512_aes-twofish-serpent.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29323 '${OUTD}/tc_tests/hashcat_sha512_aes-twofish-serpent.hash' hashca?l"
;;
1)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_sha512_serpent-twofish-aes.tc\" > ${OUTD}/tc_tests/hashcat_sha512_serpent-twofish-aes.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29323 '${OUTD}/tc_tests/hashcat_sha512_serpent-twofish-aes.hash' hashca?l"
;;
esac
;;
29331)
case $tcMode in
0)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_whirlpool_aes.tc\" > ${OUTD}/tc_tests/hashcat_whirlpool_aes.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29331 '${OUTD}/tc_tests/hashcat_whirlpool_aes.hash' hashca?l"
;;
1)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_whirlpool_serpent.tc\" > ${OUTD}/tc_tests/hashcat_whirlpool_serpent.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29331 '${OUTD}/tc_tests/hashcat_whirlpool_serpent.hash' hashca?l"
;;
2)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_whirlpool_twofish.tc\" > ${OUTD}/tc_tests/hashcat_whirlpool_twofish.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29331 '${OUTD}/tc_tests/hashcat_whirlpool_twofish.hash' hashca?l"
;;
esac
;;
29332)
case $tcMode in
0)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_whirlpool_aes-twofish.tc\" > ${OUTD}/tc_tests/hashcat_whirlpool_aes-twofish.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29332 '${OUTD}/tc_tests/hashcat_whirlpool_aes-twofish.hash' hashca?l"
;;
1)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_whirlpool_serpent-aes.tc\" > ${OUTD}/tc_tests/hashcat_whirlpool_serpent-aes.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29332 '${OUTD}/tc_tests/hashcat_whirlpool_serpent-aes.hash' hashca?l"
;;
2)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_whirlpool_twofish-serpent.tc\" > ${OUTD}/tc_tests/hashcat_whirlpool_twofish-serpent.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29332 '${OUTD}/tc_tests/hashcat_whirlpool_twofish-serpent.hash' hashca?l"
;;
esac
;;
29333)
case $tcMode in
0)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_whirlpool_aes-twofish-serpent.tc\" > ${OUTD}/tc_tests/hashcat_whirlpool_aes-twofish-serpent.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29333 '${OUTD}/tc_tests/hashcat_whirlpool_aes-twofish-serpent.hash' hashca?l"
;;
1)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_whirlpool_serpent-twofish-aes.tc\" > ${OUTD}/tc_tests/hashcat_whirlpool_serpent-twofish-aes.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29333 '${OUTD}/tc_tests/hashcat_whirlpool_serpent-twofish-aes.hash' hashca?l"
;;
esac
;;
29341)
case $tcMode in
0)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_ripemd160_aes_boot.tc\" > ${OUTD}/tc_tests/hashcat_ripemd160_aes_boot.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29341 '${OUTD}/tc_tests/hashcat_ripemd160_aes_boot.hash' hashca?l"
;;
1)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_ripemd160_serpent_boot.tc\" > ${OUTD}/tc_tests/hashcat_ripemd160_serpent_boot.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29341 '${OUTD}/tc_tests/hashcat_ripemd160_serpent_boot.hash' hashca?l"
;;
2)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_ripemd160_twofish_boot.tc\" > ${OUTD}/tc_tests/hashcat_ripemd160_twofish_boot.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29341 '${OUTD}/tc_tests/hashcat_ripemd160_twofish_boot.hash' hashca?l"
;;
esac
;;
29342)
case $tcMode in
0)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_ripemd160_aes-twofish_boot.tc\" > ${OUTD}/tc_tests/hashcat_ripemd160_aes-twofish_boot.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29342 '${OUTD}/tc_tests/hashcat_ripemd160_aes-twofish_boot.hash' hashca?l"
;;
1)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_ripemd160_serpent-aes_boot.tc\" > ${OUTD}/tc_tests/hashcat_ripemd160_serpent-aes_boot.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29342 '${OUTD}/tc_tests/hashcat_ripemd160_serpent-aes_boot.hash' hashca?l"
;;
esac
;;
29343)
case $tcMode in
0)
eval \"${TDIR}/truecrypt2hashcat.py\" \"${TDIR}/tc_tests/hashcat_ripemd160_aes-twofish-serpent_boot.tc\" > ${OUTD}/tc_tests/hashcat_ripemd160_aes-twofish-serpent_boot.hash
CMD="./${BIN} ${OPTS} -a 3 -m 29343 '${OUTD}/tc_tests/hashcat_ripemd160_aes-twofish-serpent_boot.hash' hashca?l"
;;
esac
;;
esac
if [ ${#CMD} -gt 5 ]; then
echo "> Testing hash type $hashType with attack mode 3, markov ${MARKOV}, single hash, Device-Type ${DEVICE_TYPE}, Kernel-Type ${KERNEL_TYPE}, Vector-Width ${VECTOR}, tcMode ${tcMode}" >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
output=$(eval ${CMD} 2>&1)
ret=${?}
echo "${output}" >> "${OUTD}/logfull.txt"
e_ce=0
e_rs=0
e_to=0
e_nf=0
e_nm=0
cnt=0
status ${ret}
cnt=1
msg="OK"
if [ "${e_ce}" -ne 0 ]; then
msg="Compare Error"
elif [ "${e_rs}" -ne 0 ]; then
msg="Skip"
elif [ "${e_nf}" -ne 0 ] || [ "${e_nm}" -ne 0 ]; then
msg="Error"
elif [ "${e_to}" -ne 0 ]; then
msg="Warning"
fi
echo "[ ${OUTD} ] [ Type ${hash_type}, Attack 3, Mode single, Device-Type ${DEVICE_TYPE}, Kernel-Type ${KERNEL_TYPE}, Vector-Width ${VECTOR}, tcMode ${tcMode} ] > $msg : ${e_nf}/${cnt} not found, ${e_nm}/${cnt} not matched, ${e_to}/${cnt} timeout, ${e_rs}/${cnt} skipped"
fi
}
# Compose and execute hashcat command on a VeraCrypt test container
# Must not be called for hash types other than 137XY/294XY
# $1: cipher variation, can be 0-6
function veracrypt_test()
{
cipher_variation=$1
hash_function=""
hash_digit="${hash_type:3:1}"
[ "$hash_digit" -eq "1" ] && hash_function="ripemd160"
[ "$hash_digit" -eq "2" ] && hash_function="sha512"
[ "$hash_digit" -eq "3" ] && hash_function="whirlpool"
[ "$hash_digit" -eq "5" ] && hash_function="sha256"
[ "$hash_digit" -eq "7" ] && hash_function="streebog"
[ -n "$hash_function" ] || return
cipher_cascade=""
cipher_digit="${hash_type:4:1}"
case $cipher_digit in
1)
[ "$cipher_variation" -eq "0" ] && cipher_cascade="aes"
[ "$cipher_variation" -eq "1" ] && cipher_cascade="serpent"
[ "$cipher_variation" -eq "2" ] && cipher_cascade="twofish"
[ "$cipher_variation" -eq "3" ] && cipher_cascade="camellia"
[ "$cipher_variation" -eq "5" ] && cipher_cascade="kuznyechik"
;;
2)
[ "$cipher_variation" -eq "0" ] && cipher_cascade="aes-twofish"
[ "$cipher_variation" -eq "1" ] && cipher_cascade="serpent-aes"
[ "$cipher_variation" -eq "2" ] && cipher_cascade="twofish-serpent"
[ "$cipher_variation" -eq "3" ] && cipher_cascade="camellia-kuznyechik"
[ "$cipher_variation" -eq "4" ] && cipher_cascade="camellia-serpent"
[ "$cipher_variation" -eq "5" ] && cipher_cascade="kuznyechik-aes"
[ "$cipher_variation" -eq "6" ] && cipher_cascade="kuznyechik-twofish"
;;
3)
[ "$cipher_variation" -eq "0" ] && cipher_cascade="aes-twofish-serpent"
[ "$cipher_variation" -eq "1" ] && cipher_cascade="serpent-twofish-aes"
[ "$cipher_variation" -eq "5" ] && cipher_cascade="kuznyechik-serpent-camellia"
;;
esac
[ -n "$cipher_cascade" ] || return
filename="${TDIR}/vc_tests/hashcat_${hash_function}_${cipher_cascade}.vc"
# The hash-cipher combination might be invalid (e.g. RIPEMD-160 + Kuznyechik)
[ -f "${filename}" ] || return
case "${hash_type:0:3}" in
137)
CMD="./${BIN} ${OPTS} -a 3 -m ${hash_type} '${filename}' hashc?lt"
;;
294)
mkdir -p ${OUTD}/vc_tests
chmod u+x "${TDIR}/veracrypt2hashcat.py"
eval \"${TDIR}/veracrypt2hashcat.py\" \"${TDIR}/vc_tests/hashcat_${hash_function}_${cipher_cascade}.vc\" > ${OUTD}/vc_tests/hashcat_${hash_function}_${cipher_cascade}.hash
CMD="./${BIN} ${OPTS} -a 3 -m ${hash_type} '${OUTD}/vc_tests/hashcat_${hash_function}_${cipher_cascade}.hash' hashc?lt"
;;
esac
echo "> Testing hash type ${hash_type} with attack mode 0, markov ${MARKOV}, single hash, Device-Type ${DEVICE_TYPE}, Kernel-Type ${KERNEL_TYPE}, Vector-Width ${VECTOR}, Cipher ${cipher_cascade}" >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
output=$(eval ${CMD} 2>&1)
ret=${?}
echo "${output}" >> "${OUTD}/logfull.txt"
e_ce=0
e_rs=0
e_to=0
e_nf=0
e_nm=0
cnt=0
status ${ret}
cnt=1
msg="OK"
if [ "${e_ce}" -ne 0 ]; then
msg="Compare Error"
elif [ "${e_rs}" -ne 0 ]; then
msg="Skip"
elif [ "${e_nf}" -ne 0 ] || [ "${e_nm}" -ne 0 ]; then
msg="Error"
elif [ "${e_to}" -ne 0 ]; then
msg="Warning"
fi
echo "[ ${OUTD} ] [ Type ${hash_type}, Attack 0, Mode single, Device-Type ${DEVICE_TYPE}, Kernel-Type ${KERNEL_TYPE}, Vector-Width ${VECTOR}, Cipher ${cipher_cascade} ] > $msg : ${e_nf}/${cnt} not found, ${e_nm}/${cnt} not matched, ${e_to}/${cnt} timeout, ${e_rs}/${cnt} skipped"
}
function luks_test()
{
hashType=$1
attackType=$2
# if -m all was set let us default to -a 3 only. You could specify the attack type directly, e.g. -m 0
# the problem with defaulting to all=0,1,3,6,7 is that it could take way too long
if [ "${attackType}" -eq 65535 ]; then
attackType=3
fi
#LUKS_HASHES="sha1 sha256 sha512 ripemd160 whirlpool"
LUKS_HASHES="sha1 sha256 sha512 ripemd160"
LUKS_CIPHERS="aes serpent twofish"
LUKS_MODES="cbc-essiv cbc-plain64 xts-plain64"
LUKS_KEYSIZES="128 256 512"
LUKS_PASSWORD=$(cat "${TDIR}/luks_tests/pw" 2>/dev/null)
for luks_h in ${LUKS_HASHES}; do
for luks_c in ${LUKS_CIPHERS}; do
for luks_m in ${LUKS_MODES}; do
for luks_k in ${LUKS_KEYSIZES}; do
CMD=""
# filter out not supported combinations:
case "${luks_k}" in
128)
case "${luks_m}" in
cbc-essiv|cbc-plain64)
;;
*)
continue
;;
esac
;;
256)
case "${luks_m}" in
cbc-essiv|cbc-plain64|xts-plain64)
;;
*)
continue
;;
esac
;;
512)
case "${luks_m}" in
xts-plain64)
;;
*)
continue
;;
esac
;;
esac
luks_mode="${luks_h}-${luks_c}-${luks_m}-${luks_k}"
luks_file="${TDIR}/luks_tests/hashcat_${luks_h}_${luks_c}_${luks_m}_${luks_k}.luks"
luks_main_mask="?l"
luks_mask="${luks_main_mask}"
# for combination or hybrid attacks
luks_pass_part_file1="${OUTD}/${hashType}_dict1"
luks_pass_part_file2="${OUTD}/${hashType}_dict2"
case $attackType in
0)
CMD="./${BIN} ${OPTS} -a 0 -m ${hashType} '${luks_file}' '${TDIR}/luks_tests/pw'"
;;
1)
luks_pass_part1_len=$((${#LUKS_PASSWORD} / 2))
luks_pass_part2_start=$((luks_pass_part1_len + 1))
echo "${LUKS_PASSWORD}" | cut -c-${luks_pass_part1_len} > "${luks_pass_part_file1}" 2>/dev/null
echo "${LUKS_PASSWORD}" | cut -c${luks_pass_part2_start}- > "${luks_pass_part_file2}" 2>/dev/null
CMD="./${BIN} ${OPTS} -a 6 -m ${hashType} '${luks_file}' ${luks_pass_part_file1} ${luks_pass_part_file2}"
;;
3)
luks_mask_fixed_len=$((${#LUKS_PASSWORD} - 1))
luks_mask="$(echo "${LUKS_PASSWORD}" | cut -c-${luks_mask_fixed_len} 2>/dev/null)"
luks_mask="${luks_mask}${luks_main_mask}"
CMD="./${BIN} ${OPTS} -a 3 -m ${hashType} '${luks_file}' ${luks_mask}"
;;
6)
luks_pass_part1_len=$((${#LUKS_PASSWORD} - 1))
echo "${LUKS_PASSWORD}" | cut -c-${luks_pass_part1_len} > "${luks_pass_part_file1}" 2>/dev/null
CMD="./${BIN} ${OPTS} -a 6 -m ${hashType} '${luks_file}' ${luks_pass_part_file1} ${luks_mask}"
;;
7)
echo "${LUKS_PASSWORD}" | cut -c2- > "${luks_pass_part_file1}" 2>/dev/null
CMD="./${BIN} ${OPTS} -a 7 -m ${hashType} '${luks_file}' ${luks_mask} ${luks_pass_part_file1}"
;;
esac
if [ -n "${CMD}" ]; then
echo "> Testing hash type ${hashType} with attack mode ${attackType}, markov ${MARKOV}, single hash, Device-Type ${DEVICE_TYPE}, Kernel-Type ${KERNEL_TYPE}, Vector-Width ${VECTOR}, luksMode ${luks_mode}" >> "${OUTD}/logfull.txt" 2>> "${OUTD}/logfull.txt"
if [ -f "${luks_first_test_file}" ]; then
output=$(eval ${CMD} 2>&1)
ret=${?}
echo "${output}" >> "${OUTD}/logfull.txt"
else
ret=30
fi
e_ce=0
e_rs=0
e_to=0
e_nf=0
e_nm=0
cnt=0
status ${ret}
cnt=1
msg="OK"
if [ "${e_ce}" -ne 0 ]; then
msg="Compare Error"
elif [ "${e_rs}" -ne 0 ]; then
msg="Skip"
elif [ "${e_nf}" -ne 0 ] || [ "${e_nm}" -ne 0 ]; then
msg="Error"
elif [ "${e_to}" -ne 0 ]; then
msg="Warning"
fi
echo "[ ${OUTD} ] [ Type ${hash_type}, Attack ${attackType}, Mode single, Device-Type ${DEVICE_TYPE}, Kernel-Type ${KERNEL_TYPE}, Vector-Width ${VECTOR}, luksMode ${luks_mode} ] > $msg : ${e_nf}/${cnt} not found, ${e_nm}/${cnt} not matched, ${e_to}/${cnt} timeout, ${e_rs}/${cnt} skipped"
status ${ret}
fi
done
done
done
done
}
function usage()
{
cat << EOF
> Usage : ${0} <options>
OPTIONS:
-V Backend vector-width (either 1, 2, 4 or 8), overrides value from device query :
'1' => vector-width 1
'2' => vector-width 2 (default)
'4' => vector-width 4
'8' => vector-width 8
'all' => test sequentially vector-width ${VECTOR_WIDTHS}
-t Select test mode :
'single' => single hash (default)
'multi' => multi hash
'all' => single and multi hash
-m Select hash type :
'all' => all hash type supported
(int) => hash type integer code (default : 0)
(int)-(int) => hash type integer range
-a Select attack mode :
'all' => all attack modes
(int) => attack mode integer code (default : 0)
-x Select cpu architecture :
'32' => 32 bit architecture
'64' => 64 bit architecture (default)
-o Select operating system :
'win' => Windows operating system (use .exe file extension)
'linux' => Linux operating system (use .bin file extension)
'macos' => macOS operating system (use .app file extension)
-d Select the Backend device :
(int)[,int] => comma separated list of devices (default : 1)
-D Select the OpenCL device types :
'1' => CPU
'2' => GPU (default)
'3' => FPGA, DSP, Co-Processor
(int)[,int] => multiple comma separated device types from the list above
-O Use optimized kernels (default : -O)
-P Use pure kernels instead of optimized kernels (default : -O)
-s Use this session name instead of the default one (default : "hashcat")
-c Disables markov-chains
-f Use --force to ignore hashcat warnings (default : disabled)
-r Setup max runtime limit (default: 400)
-p Package the tests into a .7z file
-F Use this folder as test folder instead of the default one
(string) => path to folder
-I Use this folder as input/output folder for packaged tests
(string) => path to folder
-h Show this help
EOF
exit 1
}
BIN="hashcat"
MARKOV="enabled"
ATTACK=0
MODE=0
DEVICE_TYPE="null"
KERNEL_TYPE="Optimized"
VECTOR="default"
HT=0
PACKAGE=0
OPTIMIZED=1
while getopts "V:t:m:a:b:hcpd:x:o:d:D:F:POI:s:fr:" opt; do
case ${opt} in
"V")
if [ "${OPTARG}" = "1" ]; then
VECTOR=1
elif [ "${OPTARG}" = "2" ]; then
VECTOR=2
elif [ "${OPTARG}" = "4" ]; then
VECTOR=4
elif [ "${OPTARG}" = "8" ]; then
VECTOR=8
elif [ "${OPTARG}" = "16" ]; then
VECTOR=16
elif [ "${OPTARG}" = "all" ]; then
VECTOR="all"
else
usage
fi
;;
"t")
if [ "${OPTARG}" = "single" ]; then
MODE=0
elif [ "${OPTARG}" = "multi" ]; then
MODE=1
elif [ "${OPTARG}" = "all" ]; then
MODE=2
else
usage
fi
;;
"m")
if [ "${OPTARG}" = "all" ]; then
HT=65535
else
HT=${OPTARG}
fi
;;
"a")
if [ "${OPTARG}" = "all" ]; then
ATTACK=65535
elif [ "${OPTARG}" = "0" ]; then
ATTACK=0
elif [ "${OPTARG}" = "1" ]; then
ATTACK=1
elif [ "${OPTARG}" = "3" ]; then
ATTACK=3
elif [ "${OPTARG}" = "6" ]; then
ATTACK=6
elif [ "${OPTARG}" = "7" ]; then
ATTACK=7
else
usage
fi
;;
"c")
OPTS="${OPTS} --markov-disable"
MARKOV="disabled"
;;
"I")
PACKAGE_FOLDER=$( echo "${OPTARG}" | sed 's!/$!!g' )
;;
"s")
OPTS="${OPTS} --session \"${OPTARG}\""
;;
"p")
PACKAGE=1
;;
"x")
if [ "${OPTARG}" = "32" ]; then
ARCHITECTURE=32
elif [ "${OPTARG}" = "64" ]; then
ARCHITECTURE=64
else
usage
fi
;;
"o")
if [ "${OPTARG}" = "win" ]; then
EXTENSION="exe"
elif [ "${OPTARG}" = "linux" ]; then
EXTENSION="bin"
elif [ "${OPTARG}" = "macos" ]; then
EXTENSION="app"
else
usage
fi
;;
"O")
# optimized is already default, ignore it
;;
"d")
OPTS="${OPTS} -d ${OPTARG}"
;;
"D")
if [ "${OPTARG}" = "1" ]; then
OPTS="${OPTS} -D 1"
DEVICE_TYPE="Cpu"
elif [ "${OPTARG}" = "2" ]; then
OPTS="${OPTS} -D 2"
DEVICE_TYPE="Gpu"
else
OPTS="${OPTS} -D ${OPTARG}"
DEVICE_TYPE="Cpu + Gpu"
fi
;;
"F")
OUTD=$( echo "${OPTARG}" | sed 's!/$!!g' )
;;
"P")
OPTIMIZED=0
KERNEL_TYPE="Pure"
;;
"f")
FORCE=1
;;
"r")
RUNTIME=${OPTARG}
;;
\?)
usage
;;
"h")
usage
;;
esac
done
# handle Apple Silicon
IS_APPLE_SILICON=0
if [ $(uname) == "Darwin" ]; then
BIN_sysctl=$(which sysctl)
if [ $? -eq 0 ]; then
CPU_TYPE=$(sysctl hw.cputype | awk '{print $2}')
if [ ${CPU_TYPE} -eq 16777228 ]; then
IS_APPLE_SILICON=1
fi
fi
fi
export IS_OPTIMIZED=${OPTIMIZED}
if [ "${OPTIMIZED}" -eq 1 ]; then
OPTS="${OPTS} -O"
fi
# set max-runtime
OPTS="${OPTS} --runtime ${RUNTIME}"
# set default device-type to CPU with Apple Intel, else GPU
if [ "${DEVICE_TYPE}" = "null" ]; then
if [ $(uname) == "Darwin" ] && [ ${IS_APPLE_SILICON} -eq 0 ]; then
OPTS="${OPTS} -D 1"
DEVICE_TYPE="Cpu"
else
OPTS="${OPTS} -D 2"
DEVICE_TYPE="Gpu"
fi
fi
if [ ${FORCE} -eq 1 ]; then
OPTS="${OPTS} --force"
fi
if [ -n "${ARCHITECTURE}" ]; then
BIN="${BIN}${ARCHITECTURE}"
fi
if [ -n "${EXTENSION}" ]; then
BIN="${BIN}.${EXTENSION}"
fi
if [ -n "${PACKAGE_FOLDER}" ]; then
if [ ! -e "${PACKAGE_FOLDER}" ]; then
echo "! folder '${PACKAGE_FOLDER}' does not exist"
exit 1
fi
fi
if [ "${PACKAGE}" -eq 0 ] || [ -z "${PACKAGE_FOLDER}" ]; then
# check existence of binary
if [ ! -e "${BIN}" ]; then
echo "! ${BIN} not found, please build binary before run test."
exit 1
fi
HT_MIN=0
HT_MAX=0
if echo -n "${HT}" | grep -q '^[0-9]\+$'; then
HT_MIN=${HT}
HT_MAX=${HT}
elif echo -n "${HT}" | grep -q '^[0-9]\+-[1-9][0-9]*$'; then
HT_MIN=$(echo -n ${HT} | sed "s/-.*//")
HT_MAX=$(echo -n ${HT} | sed "s/.*-//")
if [ "${HT_MIN}" -gt "${HT_MAX}" ]; then
echo "! hash type range -m ${HT} is not valid ..."
usage
fi
else
echo "! hash type is not a number ..."
usage
fi
HT=${HT_MIN}
# filter by hash_type
if [ "${HT}" -ne 65535 ]; then
# validate filter
if ! is_in_array "${HT_MIN}" ${HASH_TYPES}; then
echo "! invalid hash type selected ..."
usage
fi
if ! is_in_array "${HT_MAX}" ${HASH_TYPES}; then
echo "! invalid hash type selected ..."
usage
fi
fi
if [ -z "${PACKAGE_FOLDER}" ]; then
# make new dir
mkdir -p "${OUTD}"
# generate random test entry
if [ "${HT}" -eq 65535 ]; then
for TMP_HT in ${HASH_TYPES}; do
if [ "${TMP_HT}" -ne ${LUKS_MODE} ]; then
if ! is_in_array "${TMP_HT}" ${TC_MODES}; then
if ! is_in_array "${TMP_HT}" ${VC_MODES}; then
if ! is_in_array "${TMP_HT}" ${CL_MODES}; then
perl tools/test.pl single "${TMP_HT}" >> "${OUTD}/all.sh"
fi
fi
fi
fi
done
else
for TMP_HT in $(seq "${HT_MIN}" "${HT_MAX}"); do
if ! is_in_array "${TMP_HT}" ${HASH_TYPES}; then
continue
fi
if [ "${TMP_HT}" -ne ${LUKS_MODE} ]; then
# Exclude TrueCrypt and VeraCrypt testing modes
if ! is_in_array "${TMP_HT}" ${TC_MODES}; then
if ! is_in_array "${TMP_HT}" ${VC_MODES}; then
if ! is_in_array "${TMP_HT}" ${CL_MODES}; then
perl tools/test.pl single "${TMP_HT}" >> "${OUTD}/all.sh"
fi
fi
fi
fi
done
fi
else
OUTD=${PACKAGE_FOLDER}
fi
rm -rf "${OUTD}/logfull.txt" && touch "${OUTD}/logfull.txt"
# populate array of hash types where we only should check if pass is in output (not both hash:pass)
IFS=';' read -ra PASS_ONLY <<< "${HASHFILE_ONLY} ${NOCHECK_ENCODING}"
IFS=';' read -ra TIMEOUT_ALGOS <<< "${SLOW_ALGOS}"
IFS=';' read -ra NEVER_CRACK_ALGOS <<< "${NEVER_CRACK}"
# for these particular algos we need to save the output to a temporary file
IFS=';' read -ra FILE_BASED_ALGOS <<< "${HASHFILE_ONLY}"
for hash_type in $HASH_TYPES; do
if [ "${HT}" -ne 65535 ]; then
# check if the loop variable "hash_type" is between HT_MIN and HT_MAX (both included)
if [ "${hash_type}" -lt "${HT_MIN}" ]; then
continue
elif [ "${hash_type}" -gt "${HT_MAX}" ]; then
# we are done because hash_type is larger than range:
break
fi
fi
if [ "${hash_type}" -eq 20510 ]; then # special case for PKZIP Master Key
if [ "${MODE}" -eq 1 ]; then # if "multi" was forced we need to skip it
if [ "${HT_MIN}" -eq 20510 ]; then
if [ "${HT_MAX}" -eq 20510 ]; then
echo "ERROR: -m 20510 = PKZIP Master Key can only be run with a single hash"
fi
fi
continue
fi
fi
# skip deprecated hash-types
if [ "${hash_type}" -eq 2500 ] || [ "${hash_type}" -eq 2501 ] || [ "${hash_type}" -eq 16800 ] || [ "${hash_type}" -eq 16801 ] ; then
continue
fi
# test.pl produce wrong hashes with Apple
# would be necessary to investigate to understand why
if [ "${hash_type}" -eq 1800 ]; then
if [[ "$OSTYPE" == "darwin"* ]]; then
continue
fi
fi
# Digest::BLAKE2 is broken on Apple Silicon
if [ "${hash_type}" -eq 600 ]; then
if [ "${IS_APPLE_SILICON}" -eq 1 ]; then
continue
fi
fi
# Digest::GOST is broken on Apple Silicon
if [ "${hash_type}" -eq 6900 ]; then
if [ "${IS_APPLE_SILICON}" -eq 1 ]; then
continue
fi
fi
# Crypt::GCrypt is broken on Apple
if [ "${hash_type}" -eq 18600 ]; then
if [[ "$OSTYPE" == "darwin"* ]]; then
continue
fi
fi
if [ -z "${PACKAGE_FOLDER}" ]; then
# init test data
init
else
echo "[ ${OUTD} ] > Run packaged test for hash type $hash_type."
fi
if [ "${PACKAGE}" -eq 0 ]; then
# should we check only the pass?
pass_only=0
is_in_array "${hash_type}" ${PASS_ONLY} && pass_only=1
IS_SLOW=0
is_in_array "${hash_type}" ${SLOW_ALGOS} && IS_SLOW=1
# we use phpass as slow hash for testing the AMP kernel
[ "${hash_type}" -eq 400 ] && IS_SLOW=0
OPTS_OLD=${OPTS}
VECTOR_OLD=${VECTOR}
MODE_OLD=${MODE}
if [ "${hash_type}" -eq 20510 ]; then # special case for PKZIP Master Key
if [ "${MODE}" -eq 1 ]; then # if "multi" was forced we need to skip it
continue
fi
MODE=0 # force single only
fi
for CUR_WIDTH in $VECTOR_WIDTHS; do
if [ "${VECTOR_OLD}" = "all" ] || [ "${VECTOR_OLD}" = "default" ] || [ "${VECTOR_OLD}" = "${CUR_WIDTH}" ]; then
if [ "${VECTOR_OLD}" = "default" ] && \
[ "${CUR_WIDTH}" != "1" ] && \
[ "${CUR_WIDTH}" != "4" ]; then
continue
fi
VECTOR=${CUR_WIDTH}
OPTS="${OPTS_OLD} --backend-vector-width ${VECTOR}"
if [ ${IS_SLOW} -eq 1 ]; then
# Look up if this is one of supported VeraCrypt modes
if is_in_array "${hash_type}" ${VC_MODES}; then
veracrypt_test 0 # aes
veracrypt_test 1 # serpent
veracrypt_test 2 # twofish
veracrypt_test 3 # camellia
veracrypt_test 4 # camellia (alternative cascade)
veracrypt_test 5 # kuznyechik
veracrypt_test 6 # kuznyechik (alternative cascade)
elif is_in_array "${hash_type}" ${TC_MODES}; then
# run truecrypt tests
truecrypt_test "${hash_type}" 0
truecrypt_test "${hash_type}" 1
truecrypt_test "${hash_type}" 2
elif [ "${hash_type}" -eq ${LUKS_MODE} ]; then
# run luks tests
luks_test "${hash_type}" ${ATTACK}
else
# run attack mode 0 (stdin)
if [ ${ATTACK} -eq 65535 ] || [ ${ATTACK} -eq 0 ]; then attack_0; fi
fi
else
if is_in_array "${hash_type}" ${CL_MODES}; then
# run cryptoloop tests
cryptoloop_test "${hash_type}" 128
cryptoloop_test "${hash_type}" 192
cryptoloop_test "${hash_type}" 256
else
# run attack mode 0 (stdin)
if [ ${ATTACK} -eq 65535 ] || [ ${ATTACK} -eq 0 ]; then attack_0; fi
# run attack mode 1 (combinator)
if [ ${ATTACK} -eq 65535 ] || [ ${ATTACK} -eq 1 ]; then attack_1; fi
# run attack mode 3 (bruteforce)
if [ ${ATTACK} -eq 65535 ] || [ ${ATTACK} -eq 3 ]; then attack_3; fi
# run attack mode 6 (dict+mask)
if [ ${ATTACK} -eq 65535 ] || [ ${ATTACK} -eq 6 ]; then attack_6; fi
# run attack mode 7 (mask+dict)
if [ ${ATTACK} -eq 65535 ] || [ ${ATTACK} -eq 7 ]; then attack_7; fi
fi
fi
fi
done
OPTS="${OPTS_OLD}"
VECTOR="${VECTOR_OLD}"
MODE=${MODE_OLD}
fi
done
else
OUTD=${PACKAGE_FOLDER}
fi
# fix logfile
if [ "${PACKAGE}" -eq 0 ]; then
cat -vet "${OUTD}/logfull.txt" | sed -e 's/\^M \^M//g' | sed -e 's/\$$//g' > "${OUTD}/test_report.log"
fi
rm -rf "${OUTD}/logfull.txt"
if [ "${PACKAGE}" -eq 1 ]; then
echo "[ ${OUTD} ] > Generate package ${OUTD}/${OUTD}.7z"
cp "${BASH_SOURCE[0]}" "${OUTD}/test.sh"
copy_luks_dir=0
copy_tc_dir=0
copy_vc_dir=0
copy_cl_dir=0
if [ "${HT}" -eq 65535 ]; then
copy_luks_dir=1
copy_tc_dir=1
copy_vc_dir=1
copy_cl_dir=1
else
for TMP_HT in $(seq "${HT_MIN}" "${HT_MAX}"); do
if [ "${TMP_HT}" -eq "${LUKS_MODE}" ]; then
copy_luks_dir=1
elif is_in_array "${TMP_HT}" ${TC_MODES}; then
copy_tc_dir=1
elif is_in_array "${TMP_HT}" ${VC_MODES}; then
copy_vc_dir=1
elif is_in_array "${TMP_HT}" ${CL_MODES}; then
copy_cl_dir=1
fi
done
fi
if [ "${copy_luks_dir}" -eq 1 ]; then
mkdir "${OUTD}/luks_tests/"
cp ${TDIR}/luks_tests/* "${OUTD}/luks_tests/"
fi
if [ "${copy_tc_dir}" -eq 1 ]; then
mkdir "${OUTD}/tc_tests/"
cp ${TDIR}/tc_tests/* "${OUTD}/tc_tests/"
fi
if [ "${copy_vc_dir}" -eq 1 ]; then
mkdir "${OUTD}/vc_tests/"
cp ${TDIR}/vc_tests/* "${OUTD}/vc_tests/"
fi
if [ "${copy_cl_dir}" -eq 1 ]; then
mkdir "${OUTD}/cl_tests/"
cp ${TDIR}/cl_tests/* "${OUTD}/cl_tests/"
fi
# if we package from a given folder, we need to check if e.g. the files needed for multi mode are there
if [ -n "${PACKAGE_FOLDER}" ]; then
MODE=2
ls "${PACKAGE_FOLDER}"/*multi* &>/dev/null
if [ "${?}" -ne 0 ]; then
MODE=0
fi
HT=$(grep -o -- "-m *[0-9]*" "${PACKAGE_FOLDER}/all.sh" | sort -u | sed 's/-m //' 2> /dev/null)
if [ -n "${HT}" ]; then
HT_COUNT=$(echo "${HT}" | wc -l)
if [ "${HT_COUNT}" -gt 1 ]; then
HT=65535
fi
fi
#ATTACK=65535 # more appropriate ?
fi
# for convenience: 'run package' is default action for packaged test.sh ( + add other defaults too )
SED_IN_PLACE='-i'
UNAME=$(uname -s)
# of course macOS requires us to implement a special case (sed -i "" for the backup file)
if [ "${UNAME}" = "Darwin" ] ; then
SED_IN_PLACE='-i ""'
fi
HT_PACKAGED=${HT}
if [ "${HT_MIN}" -ne "${HT_MAX}" ]; then
HT_PACKAGED=${HT_MIN}-${HT_MAX}
fi
HASH_TYPES_PACKAGED=$( echo "${HASH_TYPES}" | tr '\n' ' ' | sed 's/ $//')
HASHFILE_ONLY_PACKAGED=$(echo "${HASHFILE_ONLY}" | tr '\n' ' ' | sed 's/ $//')
NEVER_CRACK_PACKAGED=$( echo "${NEVER_CRACK}" | tr '\n' ' ' | sed 's/ $//')
SLOW_ALGOS_PACKAGED=$( echo "${SLOW_ALGOS}" | tr '\n' ' ' | sed 's/ $//')
sed "${SED_IN_PLACE}" -e 's/^\(PACKAGE_FOLDER\)=""/\1="$( echo "${BASH_SOURCE[0]}" | sed \"s!test.sh\\$!!\" )"/' \
-e "s/^\(HASH_TYPES\)=\$(.*/\1=\"${HASH_TYPES_PACKAGED}\"/" \
-e "s/^\(HASHFILE_ONLY\)=\$(.*/\1=\"${HASHFILE_ONLY_PACKAGED}\"/" \
-e "s/^\(NEVER_CRACK\)=\$(.*/\1=\"${NEVER_CRACK_PACKAGED}\"/" \
-e "s/^\(SLOW_ALGOS\)=\$(.*/\1=\"${SLOW_ALGOS_PACKAGED}\"/" \
-e "s/^\(HT\)=0/\1=${HT_PACKAGED}/" \
-e "s/^\(MODE\)=0/\1=${MODE}/" \
-e "s/^\(ATTACK\)=0/\1=${ATTACK}/" \
"${OUTD}/test.sh"
${PACKAGE_CMD} "${OUTD}/${OUTD}.7z" "${OUTD}/" &>/dev/null
fi