6365672c34
Some algorithms have ambiguous hashes (e.g. case-insensetive usernames in Net-NTLMv2 hashes). This optional function allows test modules to unify the hashlist before the verification process starts. Also update readme and minor code formatting.
1.8 KiB
Hashcat test modules
Each module provides the functions module_generate_hash and module_verify_hash. The first parameter to module_generate_hash is the password, which can be either in ASCII or binary (packed) form. The module_verify_hash function accepts a line from the cracks file, without the newline characters.
During single and passthrough tests the module_generate_hash function must provide random values (e.g. salt) for hash generation if necessary. The test.pl script offers a few handy functions like random_hex_string, random_numeric_string and random_bytes. You can implement your own salt generation functions, if your mode has specific requirements.
During verify tests the module_verify_hash function must parse the hash:password line and calculate a hash by passing all necessary data to module_generate_hash. How you pass it is up to you, as long as the first parameter is the password.
Important: You have to call pack_if_HEX_notation as soon as you have parsed the password, or your tests will fail on passwords in the $HEX[...] format.
If the algorithm has ambiguous hashes (e.g. partial case-insensetivity), the test module can provide an optional function module_preprocess_hashlist. It recieves a reference to the hashlist array and can unify the hashes in a way that guarantees the match with the output of module_verify_hash.
Examples
- For the most basic test modules, see m00000.pm and m00100.pm
- For the basic salted hash tests, see m00110.pm and m00120.pm
- For some sligthly more complex modules with PBKDF2 and encryption, see m18400.pm and m18600.pm
- For a test module with hashlist preprocessing and a custom salt generation algorithm, see m05600.pm