1
0
mirror of https://github.com/hashcat/hashcat.git synced 2024-12-22 22:58:30 +00:00
hashcat/OpenCL/m29200_a1-pure.cl
2022-05-28 15:56:29 +02:00

480 lines
15 KiB
Common Lisp

/**
* Author......: See docs/credits.txt
* License.....: MIT
* This algorithm for password-storage for the Radmin 3 software was analyzed and made public by synacktiv:
* https://www.synacktiv.com/publications/cracking-radmin-server-3-passwords.html
*/
//#define NEW_SIMD_CODE
#ifdef KERNEL_STATIC
#include M2S(INCLUDE_PATH/inc_vendor.h)
#include M2S(INCLUDE_PATH/inc_types.h)
#include M2S(INCLUDE_PATH/inc_platform.cl)
#include M2S(INCLUDE_PATH/inc_common.cl)
#include M2S(INCLUDE_PATH/inc_scalar.cl)
#include M2S(INCLUDE_PATH/inc_hash_sha1.cl)
#include M2S(INCLUDE_PATH/inc_bignum_operations.cl)
#include M2S(INCLUDE_PATH/inc_radmin3_constants.h)
#endif
typedef struct radmin3
{
u32 user[64];
u32 user_len;
u32 pre[PRECOMP_DATALEN]; // 38400 for PRECOMP_BITS = 4
} radmin3_t;
KERNEL_FQ void m29200_mxx (KERN_ATTR_ESALT (radmin3_t))
{
/**
* modifier
*/
const u64 lid = get_local_id (0);
const u64 gid = get_global_id (0);
const u64 lsz = get_local_size (0);
/**
* cache constant values to shared memory
*/
LOCAL_VK u32 m[64];
LOCAL_VK u32 r[64];
LOCAL_VK u32 fact[64];
for (u32 i = lid; i < 64; i += lsz)
{
m[i] = RADMIN3_M[i];
r[i] = RADMIN3_R[i];
fact[i] = RADMIN3_FACT[i];
}
SYNC_THREADS ();
if (gid >= GID_CNT) return;
/**
* base
*/
const u32 pw_len = pws[gid].pw_len;
u32x w[64] = { 0 };
for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1)
{
w[idx] = pws[gid].i[idx];
}
// ctx0 with user
sha1_ctx_t ctx0;
sha1_init (&ctx0);
sha1_update_global (&ctx0, esalt_bufs[DIGESTS_OFFSET_HOST].user, esalt_bufs[DIGESTS_OFFSET_HOST].user_len);
sha1_update_utf16le_swap (&ctx0, w, pw_len);
// ctx1 with main salt
sha1_ctx_t ctx1;
sha1_init (&ctx1);
sha1_update_global (&ctx1, salt_bufs[SALT_POS_HOST].salt_buf, salt_bufs[SALT_POS_HOST].salt_len);
/**
* loop
*/
for (u32 il_pos = 0; il_pos < IL_CNT; il_pos++)
{
// add password to the user name (and colon and first part of the password, included):
sha1_ctx_t c0 = ctx0;
sha1_update_global_utf16le_swap (&c0, combs_buf[il_pos].i, combs_buf[il_pos].pw_len);
sha1_final (&c0);
// add first SHA1 result to main salt:
sha1_ctx_t c1 = ctx1;
u32 w0_t[4] = { 0 };
u32 w1_t[4] = { 0 };
u32 w2_t[4] = { 0 };
u32 w3_t[4] = { 0 };
w0_t[0] = c0.h[0];
w0_t[1] = c0.h[1];
w0_t[2] = c0.h[2];
w0_t[3] = c0.h[3];
w1_t[0] = c0.h[4];
sha1_update_64 (&c1, w0_t, w1_t, w2_t, w3_t, 20);
sha1_final (&c1);
const u32 e[5] = { c1.h[4], c1.h[3], c1.h[2], c1.h[1], c1.h[0] };
// u32 r_t[64]; for (u32 i = 0; i < 64; i++) r_t[i] = r[i];
u32 r_t[64] =
{
r[ 0], r[ 1], r[ 2], r[ 3], r[ 4], r[ 5], r[ 6], r[ 7],
r[ 8], r[ 9], r[10], r[11], r[12], r[13], r[14], r[15],
r[16], r[17], r[18], r[19], r[20], r[21], r[22], r[23],
r[24], r[25], r[26], r[27], r[28], r[29], r[30], r[31],
r[32], r[33], r[34], r[35], r[36], r[37], r[38], r[39],
r[40], r[41], r[42], r[43], r[44], r[45], r[46], r[47],
r[48], r[49], r[50], r[51], r[52], r[53], r[54], r[55],
r[56], r[57], r[58], r[59], r[60], r[61], r[62], r[63],
};
// main loop over the SHA1 result/vector e[]:
for (u32 i = 0, j = 0; i < PRECOMP_SLOTS; i += 1, j += PRECOMP_ENTRIES - 1)
{
const u32 div = (PRECOMP_BITS * i) / 32; // for 4 bits: (i / 8)
const u32 shift = (PRECOMP_BITS * i) % 32; // for 4 bits: (i % 8) * 4
// const
u32 cur_sel = (e[div] >> shift) & PRECOMP_MASK; // 0x0f == 0b1111 (4 bits)
// working with non-divisible u32 (see PRECOMP_BITS):
if (32 - shift < PRECOMP_BITS)
{
cur_sel |= (e[div + 1] << (32 - shift)) & PRECOMP_MASK;
}
if (cur_sel == 0) continue;
const u32 pre_idx = (j + cur_sel - 1) * PRECOMP_ENTRYLEN; // x * 64 is same as x << 6
// u32 pre[64]; for (u32 i = 0; i < 64; i++) pre[i] = esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + i];
const u32 pre[64] =
{
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 0],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 1],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 2],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 3],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 4],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 5],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 6],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 7],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 8],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 9],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 10],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 11],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 12],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 13],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 14],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 15],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 16],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 17],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 18],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 19],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 20],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 21],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 22],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 23],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 24],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 25],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 26],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 27],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 28],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 29],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 30],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 31],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 32],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 33],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 34],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 35],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 36],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 37],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 38],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 39],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 40],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 41],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 42],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 43],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 44],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 45],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 46],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 47],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 48],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 49],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 50],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 51],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 52],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 53],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 54],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 55],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 56],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 57],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 58],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 59],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 60],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 61],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 62],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 63],
};
mul_mod (r_t, pre, m, fact); // r_t = (r_t * RADMIN3_PRE[n]) % m
}
const u32 r0 = r_t[0];
const u32 r1 = r_t[1];
const u32 r2 = r_t[2];
const u32 r3 = r_t[3];
COMPARE_M_SCALAR (r0, r1, r2, r3);
}
}
KERNEL_FQ void m29200_sxx (KERN_ATTR_ESALT (radmin3_t))
{
/**
* modifier
*/
const u64 lid = get_local_id (0);
const u64 gid = get_global_id (0);
const u64 lsz = get_local_size (0);
/**
* cache constant values to shared memory
*/
LOCAL_VK u32 m[64];
LOCAL_VK u32 r[64];
LOCAL_VK u32 fact[64];
for (u32 i = lid; i < 64; i += lsz)
{
m[i] = RADMIN3_M[i];
r[i] = RADMIN3_R[i];
fact[i] = RADMIN3_FACT[i];
}
SYNC_THREADS ();
if (gid >= GID_CNT) return;
/**
* digest
*/
const u32 search[4] =
{
digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R0],
digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R1],
digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R2],
digests_buf[DIGESTS_OFFSET_HOST].digest_buf[DGST_R3]
};
/**
* base
*/
const u32 pw_len = pws[gid].pw_len;
u32x w[64] = { 0 };
for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1)
{
w[idx] = pws[gid].i[idx];
}
// ctx0 with user
sha1_ctx_t ctx0;
sha1_init (&ctx0);
sha1_update_global (&ctx0, esalt_bufs[DIGESTS_OFFSET_HOST].user, esalt_bufs[DIGESTS_OFFSET_HOST].user_len);
sha1_update_utf16le_swap (&ctx0, w, pw_len);
// ctx1 with main salt
sha1_ctx_t ctx1;
sha1_init (&ctx1);
sha1_update_global (&ctx1, salt_bufs[SALT_POS_HOST].salt_buf, salt_bufs[SALT_POS_HOST].salt_len);
/**
* loop
*/
for (u32 il_pos = 0; il_pos < IL_CNT; il_pos++)
{
// add password to the user name (and colon and first part of the password, included):
sha1_ctx_t c0 = ctx0;
sha1_update_global_utf16le_swap (&c0, combs_buf[il_pos].i, combs_buf[il_pos].pw_len);
sha1_final (&c0);
// add first SHA1 result to main salt:
sha1_ctx_t c1 = ctx1;
u32 w0_t[4] = { 0 };
u32 w1_t[4] = { 0 };
u32 w2_t[4] = { 0 };
u32 w3_t[4] = { 0 };
w0_t[0] = c0.h[0];
w0_t[1] = c0.h[1];
w0_t[2] = c0.h[2];
w0_t[3] = c0.h[3];
w1_t[0] = c0.h[4];
sha1_update_64 (&c1, w0_t, w1_t, w2_t, w3_t, 20);
sha1_final (&c1);
const u32 e[5] = { c1.h[4], c1.h[3], c1.h[2], c1.h[1], c1.h[0] };
// u32 r_t[64]; for (u32 i = 0; i < 64; i++) r_t[i] = r[i];
u32 r_t[64] =
{
r[ 0], r[ 1], r[ 2], r[ 3], r[ 4], r[ 5], r[ 6], r[ 7],
r[ 8], r[ 9], r[10], r[11], r[12], r[13], r[14], r[15],
r[16], r[17], r[18], r[19], r[20], r[21], r[22], r[23],
r[24], r[25], r[26], r[27], r[28], r[29], r[30], r[31],
r[32], r[33], r[34], r[35], r[36], r[37], r[38], r[39],
r[40], r[41], r[42], r[43], r[44], r[45], r[46], r[47],
r[48], r[49], r[50], r[51], r[52], r[53], r[54], r[55],
r[56], r[57], r[58], r[59], r[60], r[61], r[62], r[63],
};
// main loop over the SHA1 result/vector e[]:
for (u32 i = 0, j = 0; i < PRECOMP_SLOTS; i += 1, j += PRECOMP_ENTRIES - 1)
{
const u32 div = (PRECOMP_BITS * i) / 32; // for 4 bits: (i / 8)
const u32 shift = (PRECOMP_BITS * i) % 32; // for 4 bits: (i % 8) * 4
// const
u32 cur_sel = (e[div] >> shift) & PRECOMP_MASK; // 0x0f == 0b1111 (4 bits)
// working with non-divisible u32 (see PRECOMP_BITS):
if (32 - shift < PRECOMP_BITS)
{
cur_sel |= (e[div + 1] << (32 - shift)) & PRECOMP_MASK;
}
if (cur_sel == 0) continue;
const u32 pre_idx = (j + cur_sel - 1) * PRECOMP_ENTRYLEN; // x * 64 is same as x << 6
// u32 pre[64]; for (u32 i = 0; i < 64; i++) pre[i] = esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + i];
const u32 pre[64] =
{
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 0],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 1],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 2],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 3],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 4],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 5],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 6],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 7],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 8],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 9],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 10],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 11],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 12],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 13],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 14],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 15],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 16],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 17],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 18],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 19],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 20],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 21],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 22],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 23],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 24],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 25],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 26],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 27],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 28],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 29],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 30],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 31],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 32],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 33],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 34],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 35],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 36],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 37],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 38],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 39],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 40],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 41],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 42],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 43],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 44],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 45],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 46],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 47],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 48],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 49],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 50],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 51],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 52],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 53],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 54],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 55],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 56],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 57],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 58],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 59],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 60],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 61],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 62],
esalt_bufs[DIGESTS_OFFSET_HOST].pre[pre_idx + 63],
};
mul_mod (r_t, pre, m, fact); // r_t = (r_t * RADMIN3_PRE[n]) % m
}
const u32 r0 = r_t[0];
const u32 r1 = r_t[1];
const u32 r2 = r_t[2];
const u32 r3 = r_t[3];
COMPARE_S_SCALAR (r0, r1, r2, r3);
}
}