diff --git a/tools/test_modules/m27000.pm b/tools/test_modules/m27000.pm new file mode 100644 index 000000000..42f40985c --- /dev/null +++ b/tools/test_modules/m27000.pm @@ -0,0 +1,178 @@ +#!/usr/bin/env perl + +## +## Author......: See docs/credits.txt +## License.....: MIT +## + +use strict; +use warnings; + +use Authen::Passphrase::NTHash; +use Digest::HMAC qw (hmac hmac_hex); +use Digest::MD5 qw (md5); +use Encode qw (encode); +use Crypt::ECB qw (encrypt); + +sub setup_des_key +{ + my @key_56 = split (//, shift); + + my $key = ""; + + $key = $key_56[0]; + + $key .= chr (((ord ($key_56[0]) << 7) | (ord ($key_56[1]) >> 1)) & 255); + $key .= chr (((ord ($key_56[1]) << 6) | (ord ($key_56[2]) >> 2)) & 255); + $key .= chr (((ord ($key_56[2]) << 5) | (ord ($key_56[3]) >> 3)) & 255); + $key .= chr (((ord ($key_56[3]) << 4) | (ord ($key_56[4]) >> 4)) & 255); + $key .= chr (((ord ($key_56[4]) << 3) | (ord ($key_56[5]) >> 5)) & 255); + $key .= chr (((ord ($key_56[5]) << 2) | (ord ($key_56[6]) >> 6)) & 255); + $key .= chr (( ord ($key_56[6]) << 1) & 255); + + return $key; +} + +sub get_random_netntlmv1_salt +{ + my $len_user = shift; + my $len_domain = shift; + + my $char; + my $type; + my $user = ""; + + for (my $i = 0; $i < $len_user; $i++) + { + $type = random_number (1, 3); + + if ($type == 1) + { + $char = random_numeric_string (1); + } + elsif ($type == 2) + { + $char = random_uppercase_string (1); + } + else + { + $char = random_lowercase_string (1); + } + + $user .= $char; + } + + my $domain = ""; + + for (my $i = 0; $i < $len_domain; $i++) + { + $type = random_number (1, 3); + + if ($type == 1) + { + $char = random_numeric_string (1); + } + elsif ($type == 2) + { + $char = random_uppercase_string (1); + } + else + { + $char = random_lowercase_string (1); + } + + $domain .= $char; + } + + my $c_challenge = random_bytes (8); + my $s_challenge = random_bytes (8); + + my $salt_buf = $user . "::" . $domain . ":" . unpack ("H*", $c_challenge) . unpack ("H*", $s_challenge); + + return $salt_buf; +} + +sub module_constraints { [[32, 32], [-1, -1], [0, 27], [-1, -1], [-1, -1]] } # room for improvement in pure kernel mode + +sub module_generate_hash +{ + my $word = shift; + my $unused = shift; + my $salt = shift // get_random_netntlmv1_salt (random_number (0, 15), random_number (0, 15)); + + my $index1 = index ($salt, "::"); + my $user = substr ($salt, 0, $index1); + + my $index2 = index ($salt, ":", $index1 + 2); + my $domain = substr ($salt, $index1 + 2, $index2 - $index1 - 2); + + my $len = length (substr ($salt, $index2 + 1)); + + my $c_challenge_hex; + + if ($len > 32) + { + $c_challenge_hex = substr ($salt, $index2 + 1, 48); + $index2 += 32; + } + else + { + $c_challenge_hex = substr ($salt, $index2 + 1, 16); + $c_challenge_hex .= 00 x 32; + } + + my $c_challenge = pack ("H*", substr ($c_challenge_hex, 0, 16)); + my $s_challenge_hex = substr ($salt, $index2 + 17, 16); + my $s_challenge = pack ("H*", $s_challenge_hex); + + my $challenge = substr (md5 ($s_challenge . $c_challenge), 0, 8); + + my $ntresp; + + # my $nthash = pack_if_HEX_notation ($word); + my $nthash = pack ("H*", $word); + my $nthashpadded = $nthash . "\x00" x 5; + + $ntresp .= Crypt::ECB::encrypt (setup_des_key (substr ($nthashpadded, 0, 7)), "DES", $challenge, "none"); + $ntresp .= Crypt::ECB::encrypt (setup_des_key (substr ($nthashpadded, 7, 7)), "DES", $challenge, "none"); + $ntresp .= Crypt::ECB::encrypt (setup_des_key (substr ($nthashpadded, 14, 7)), "DES", $challenge, "none"); + + my $tmp_hash = sprintf ("%s::%s:%s:%s:%s", $user, $domain, $c_challenge_hex, unpack ("H*", $ntresp), $s_challenge_hex); + + return $tmp_hash; +} + +sub module_verify_hash +{ + my $line = shift; + + my $index1 = index ($line, "::"); + + return if $index1 < 1; + + my $index2 = index ($line, ":", $index1 + 2); + + return if $index2 < 1; + + $index2 = index ($line, ":", $index2 + 1); + + return if $index2 < 1; + + my $salt = substr ($line, 0, $index2 - 32); + + $index2 = index ($line, ":", $index2 + 1); + + return if $index2 < 1; + + $salt .= substr ($line, $index2 + 1, 16); + + my $word = substr ($line, $index2 + 1 + 16 + 1); + + my $word_packed = pack_if_HEX_notation ($word); + + my $new_hash = module_generate_hash ($word_packed, undef, $salt); + + return ($new_hash, $word); +} + +1;