1
mirror of https://github.com/hashcat/hashcat synced 2024-11-24 14:27:14 +01:00

Rewrite -m 32700 to use salt_iter and loop kernel as expected in slow hash modes

This commit is contained in:
Jens Steube 2023-09-12 07:10:31 +00:00
parent 992fb9047c
commit 573423af97
2 changed files with 87 additions and 66 deletions

View File

@ -16,10 +16,13 @@
typedef struct sha1_tmp
{
u32 digest[5];
u32 salt[2];
u32 newdes_key[15];
} sha1_tmp_t;
CONSTANT_VK uchar newdes_rotor[256] = {
CONSTANT_VK uchar newdes_rotor[256] =
{
32, 137, 239, 188, 102, 125, 221, 72, 212, 68, 81, 37, 86, 237, 147, 149,
70, 229, 17, 124, 115, 207, 33, 20, 122, 143, 25, 215, 51, 183, 138, 142,
146, 211, 110, 173, 1, 228, 189, 14, 103, 78, 162, 36, 253, 167, 116, 255,
@ -40,16 +43,14 @@ CONSTANT_VK uchar newdes_rotor[256] = {
DECLSPEC void new_des (uchar * block, uchar * newdes_key)
{
#define B0 (*block)
#define B1 (*(block+1))
#define B2 (*(block+2))
#define B3 (*(block+3))
#define B4 (*(block+4))
#define B5 (*(block+5))
#define B6 (*(block+6))
#define B7 (*(block+7))
#define B0 (*(block+0))
#define B1 (*(block+1))
#define B2 (*(block+2))
#define B3 (*(block+3))
#define B4 (*(block+4))
#define B5 (*(block+5))
#define B6 (*(block+6))
#define B7 (*(block+7))
for (int count = 0; count < 8; count++)
{
@ -89,8 +90,7 @@ KERNEL_FQ void m32700_init (KERN_ATTR_TMPS (sha1_tmp_t))
{
const u64 gid = get_global_id (0);
if (gid >= GID_CNT)
return;
if (gid >= GID_CNT) return;
// Initial "SHA-1" (with endianness bug)
sha1_ctx_t ctx;
@ -99,44 +99,72 @@ KERNEL_FQ void m32700_init (KERN_ATTR_TMPS (sha1_tmp_t))
sha1_update_global_swap (&ctx, pws[gid].i, pws[gid].pw_len);
sha1_final (&ctx);
tmps[gid].digest[0] = hc_swap32 (ctx.h[0]);
tmps[gid].digest[1] = hc_swap32 (ctx.h[1]);
tmps[gid].digest[2] = hc_swap32 (ctx.h[2]);
tmps[gid].digest[3] = hc_swap32 (ctx.h[3]);
tmps[gid].digest[4] = hc_swap32 (ctx.h[4]);
ctx.h[0] = hc_swap32_S (ctx.h[0]);
ctx.h[1] = hc_swap32_S (ctx.h[1]);
ctx.h[2] = hc_swap32_S (ctx.h[2]);
ctx.h[3] = hc_swap32_S (ctx.h[3]);
ctx.h[4] = hc_swap32_S (ctx.h[4]);
// Crate a NewDES key
u32 newdes_key[15];
key_expansion ((uchar *) ctx.h, (uchar *) newdes_key);
for (int i = 0; i < 15; i++)
{
tmps[gid].newdes_key[i] = newdes_key[i];
}
// Run NewDES on salt using the expanded key
tmps[gid].salt[0] = salt_bufs[SALT_POS_HOST].salt_buf[0];
tmps[gid].salt[1] = salt_bufs[SALT_POS_HOST].salt_buf[1];
}
KERNEL_FQ void m32700_loop (KERN_ATTR_TMPS (sha1_tmp_t))
{
const u64 gid = get_global_id (0);
if (gid >= GID_CNT)
return;
if (gid >= GID_CNT) return;
u32 digest[5];
u32 newdes_key[15];
digest[0] = tmps[gid].digest[0];
digest[1] = tmps[gid].digest[1];
digest[2] = tmps[gid].digest[2];
digest[3] = tmps[gid].digest[3];
digest[4] = tmps[gid].digest[4];
for (int i = 0; i < 15; i++)
{
newdes_key[i] = tmps[gid].newdes_key[i];
}
// Crate a NewDES key
uchar newdes_key[60];
u32 salt[2];
key_expansion ((uchar *) digest, newdes_key);
// Run NewDES on salt using the expanded key
u32 salt[16] = { 0 }; // sha1_update_swap needs more space then our 8 byte salt; This seem to work!
salt[0] = salt_bufs[SALT_POS_HOST].salt_buf[0];
salt[1] = salt_bufs[SALT_POS_HOST].salt_buf[1];
salt[0] = tmps[gid].salt[0];
salt[1] = tmps[gid].salt[1];
// Run 1000 iterations of NewDES on the derived salt
for (int i = 0; i < 1000; i++)
for (int i = 0; i < LOOP_CNT; i++)
{
new_des ((uchar *) salt, newdes_key);
new_des ((uchar *) salt, (uchar *) newdes_key);
}
for (int i = 0; i < 15; i++)
{
tmps[gid].newdes_key[i] = newdes_key[i];
}
// Run NewDES on salt using the expanded key
tmps[gid].salt[0] = salt[0];
tmps[gid].salt[1] = salt[1];
}
KERNEL_FQ void m32700_comp (KERN_ATTR_TMPS (sha1_tmp_t))
{
const u64 gid = get_global_id (0);
if (gid >= GID_CNT) return;
u32 salt[16] = { 0 };
salt[0] = tmps[gid].salt[0];
salt[1] = tmps[gid].salt[1];
// Final "SHA-1" (with endianness bug)
sha1_ctx_t ctx;
@ -145,28 +173,14 @@ KERNEL_FQ void m32700_loop (KERN_ATTR_TMPS (sha1_tmp_t))
sha1_update_global_swap (&ctx, pws[gid].i, pws[gid].pw_len);
sha1_final (&ctx);
tmps[gid].digest[0] = ctx.h[0];
tmps[gid].digest[1] = ctx.h[1];
tmps[gid].digest[2] = ctx.h[2];
tmps[gid].digest[3] = ctx.h[3];
tmps[gid].digest[4] = ctx.h[4];
}
KERNEL_FQ void m32700_comp (KERN_ATTR_TMPS (sha1_tmp_t))
{
const u64 gid = get_global_id (0);
if (gid >= GID_CNT)
return;
const u32 r0 = tmps[gid].digest[DGST_R0];
const u32 r1 = tmps[gid].digest[DGST_R1];
const u32 r2 = tmps[gid].digest[DGST_R2];
const u32 r3 = tmps[gid].digest[DGST_R3];
#define il_pos 0
#ifdef KERNEL_STATIC
#include COMPARE_M
#endif
const u32 r0 = ctx.h[0];
const u32 r1 = ctx.h[1];
const u32 r2 = ctx.h[2];
const u32 r3 = ctx.h[3];
#define il_pos 0
#ifdef KERNEL_STATIC
#include COMPARE_M
#endif
}

View File

@ -11,10 +11,10 @@
#include "shared.h"
static const u32 ATTACK_EXEC = ATTACK_EXEC_OUTSIDE_KERNEL;
static const u32 DGST_POS0 = 3;
static const u32 DGST_POS1 = 4;
static const u32 DGST_POS0 = 0;
static const u32 DGST_POS1 = 1;
static const u32 DGST_POS2 = 2;
static const u32 DGST_POS3 = 1;
static const u32 DGST_POS3 = 3;
static const u32 DGST_SIZE = DGST_SIZE_4_5;
static const u32 HASH_CATEGORY = HASH_CATEGORY_ARCHIVE;
static const char *HASH_NAME = "Kremlin Encrypt 3.0 w/NewDES";
@ -25,6 +25,13 @@ static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED;
static const char *ST_PASS = "hashcat";
static const char *ST_HASH = "$kgb$0ab30cf7a52dad93$82a7c454246fc7570224e9f24279791aa2a63bf4";
typedef struct sha1_tmp
{
u32 salt[2];
u32 newdes_key[15];
} sha1_tmp_t;
u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t * hashconfig, MAYBE_UNUSED const user_options_t * user_options, MAYBE_UNUSED const user_options_extra_t * user_options_extra)
{
return ATTACK_EXEC;
@ -145,7 +152,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t * hashconfig, MAYBE_UNUS
salt->salt_buf[i] = hex_to_u32 (salt_pos + j);
}
salt->salt_len = 8;
salt->salt_iter = 1;
salt->salt_iter = 1000;
// final "sha-1"-ish hash
const u8 *hash_pos = token.buf[2];
@ -180,7 +187,7 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t * hashconfig, MAYBE_UNUS
u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t * hashconfig, MAYBE_UNUSED const user_options_t * user_options, MAYBE_UNUSED const user_options_extra_t * user_options_extra)
{
const u64 tmp_size = (const u64) sizeof (u32) * 5;
const u64 tmp_size = (const u64) sizeof (sha1_tmp_t);
return tmp_size;
}