From eb4e845672b8c30bead8a4f17c1de53c45d26b7e Mon Sep 17 00:00:00 2001
From: Royce Williams <royce@techsolvency.com>
Date: Sat, 23 May 2020 12:35:41 -0800
Subject: [PATCH 01/12] add hashcat's default mask for external use
---
masks/hashcat-default.hcmask | 1 +
1 file changed, 1 insertion(+)
create mode 100644 masks/hashcat-default.hcmask
diff --git a/masks/hashcat-default.hcmask b/masks/hashcat-default.hcmask
new file mode 100644
index 000000000..4ab0547ca
--- /dev/null
+++ b/masks/hashcat-default.hcmask
@@ -0,0 +1 @@
+?l?d?u,?l?d,?l?d*!$@_,?1?2?2?2?2?2?2?3?3?3?3?d?d?d?d
From abd204565958e190dc32face7955047278623978 Mon Sep 17 00:00:00 2001
From: philsmd <philsmd@hashcat.net>
Date: Mon, 25 May 2020 10:58:08 +0200
Subject: [PATCH 02/12] fixes #2413: documentation of rule "*" was incorrect
---
docs/rules.txt | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/docs/rules.txt b/docs/rules.txt
index 622a9bc8d..52fba68ca 100644
--- a/docs/rules.txt
+++ b/docs/rules.txt
@@ -28,7 +28,7 @@
#define RULE_OP_MANGLE_DUPECHAR_ALL 'q' // duplicate all chars. ex: hello -> hheelllloo
#define RULE_OP_MANGLE_SWITCH_FIRST 'k' // switches the first 2 chars. ex: hello -> ehllo
#define RULE_OP_MANGLE_SWITCH_LAST 'K' // switches the last 2 chars. ex: hello -> helol
-#define RULE_OP_MANGLE_SWITCH_AT '*' // switches the first 2 chars after pos N. ex: hello -> hlelo
+#define RULE_OP_MANGLE_SWITCH_AT '*' // switches char at pos N with char at pos M. ex: hello -> holle
#define RULE_OP_MANGLE_CHR_SHIFTL 'L' // bitwise shift left char at pos N. ex: hello0 -> hello`
#define RULE_OP_MANGLE_CHR_SHIFTR 'R' // bitwise shift right char at pos N. ex: hello` -> hello0
#define RULE_OP_MANGLE_CHR_INCR '+' // bytewise increase at pos N. ex: hello0 -> hello1
@@ -42,7 +42,7 @@
/* With -j or -k only */
-#define RULE_OP_MANGLE_EXTRACT_MEMORY 'X' // insert substring delimited by N and M into current word at position I
+#define RULE_OP_MANGLE_EXTRACT_MEMORY 'X' // insert substring delimited by N and M into current word at pos I
#define RULE_OP_MANGLE_APPEND_MEMORY '4' // insert the word saved by 'M' at the end of current word
#define RULE_OP_MANGLE_PREPEND_MEMORY '6' // insert the word saved by 'M' at the beginning of current word
#define RULE_OP_MEMORIZE_WORD 'M' // memorize current word
@@ -52,9 +52,9 @@
#define RULE_OP_REJECT_EQUAL '_' // reject plains of length not equal to N
#define RULE_OP_REJECT_CONTAIN '!' // reject plains that contain char X
#define RULE_OP_REJECT_NOT_CONTAIN '/' // reject plains that do not contain char X
-#define RULE_OP_REJECT_EQUAL_FIRST '(' // reject plains that do not contain char X at first position
-#define RULE_OP_REJECT_EQUAL_LAST ')' // reject plains that do not contain char X at last position
-#define RULE_OP_REJECT_EQUAL_AT '=' // reject plains that do not contain char X at position N
+#define RULE_OP_REJECT_EQUAL_FIRST '(' // reject plains that do not contain char X at first pos
+#define RULE_OP_REJECT_EQUAL_LAST ')' // reject plains that do not contain char X at last pos
+#define RULE_OP_REJECT_EQUAL_AT '=' // reject plains that do not contain char X at pos N
#define RULE_OP_REJECT_CONTAINS '%' // reject plains that contain char X less than N times
#define RULE_OP_REJECT_MEMORY 'Q' // reject plains that match the plain saved (see M), i.e. if unchanged
-#define RULE_LAST_REJECTED_SAVED_POS 'p' // position of the character last found with '/' or '%'
+#define RULE_LAST_REJECTED_SAVED_POS 'p' // pos of the character last found with '/' or '%'
From edfe21b902c727a1f60e03decb30154358e97f37 Mon Sep 17 00:00:00 2001
From: philsmd <philsmd@hashcat.net>
Date: Mon, 25 May 2020 11:08:33 +0200
Subject: [PATCH 03/12] fixes #2390: RAR3-hp cracking w/ pass > 28 (pure
kernel) + tests added
---
OpenCL/m12500-pure.cl | 917 ++++++++++++++++++++++++++++++-----
docs/changes.txt | 1 +
src/modules/module_12500.c | 23 +-
tools/test_modules/m12500.pm | 405 ++++++++++++++++
4 files changed, 1218 insertions(+), 128 deletions(-)
create mode 100644 tools/test_modules/m12500.pm
diff --git a/OpenCL/m12500-pure.cl b/OpenCL/m12500-pure.cl
index 24b0a8f05..eefd4b30d 100644
--- a/OpenCL/m12500-pure.cl
+++ b/OpenCL/m12500-pure.cl
@@ -17,14 +17,6 @@
#define ROUNDS 0x40000
-#define PUTCHAR(a,p,c) ((u8 *)(a))[(p)] = (u8) (c)
-#define GETCHAR(a,p) ((u8 *)(a))[(p)]
-
-#define PUTCHAR_BE(a,p,c) ((u8 *)(a))[(p) ^ 3] = (u8) (c)
-#define GETCHAR_BE(a,p) ((u8 *)(a))[(p) ^ 3]
-
-#define MIN(a,b) (((a) < (b)) ? (a) : (b))
-
typedef struct pbkdf2_sha1
{
u32 salt_buf[64];
@@ -33,7 +25,11 @@ typedef struct pbkdf2_sha1
typedef struct rar3_tmp
{
- u32 dgst[17][5];
+ u32 dgst[5];
+
+ u32 w[66]; // 256 byte pass + 8 byte salt
+
+ u32 iv[4];
} rar3_tmp_t;
@@ -138,6 +134,627 @@ DECLSPEC void memcat8c_be (u32 *w0, u32 *w1, u32 *w2, u32 *w3, const u32 len, co
}
}
+// only change in this function compared to OpenCL/inc_hash_sha1.cl is that it returns
+// the expanded 64 byte buffer w0_t..wf_t in t[]:
+
+DECLSPEC void sha1_transform_rar29 (const u32 *w0, const u32 *w1, const u32 *w2, const u32 *w3, u32 *digest, u32 *t)
+{
+ u32 a = digest[0];
+ u32 b = digest[1];
+ u32 c = digest[2];
+ u32 d = digest[3];
+ u32 e = digest[4];
+
+ #ifdef IS_CPU
+
+ u32 w0_t = w0[0];
+ u32 w1_t = w0[1];
+ u32 w2_t = w0[2];
+ u32 w3_t = w0[3];
+ u32 w4_t = w1[0];
+ u32 w5_t = w1[1];
+ u32 w6_t = w1[2];
+ u32 w7_t = w1[3];
+ u32 w8_t = w2[0];
+ u32 w9_t = w2[1];
+ u32 wa_t = w2[2];
+ u32 wb_t = w2[3];
+ u32 wc_t = w3[0];
+ u32 wd_t = w3[1];
+ u32 we_t = w3[2];
+ u32 wf_t = w3[3];
+
+ #define K SHA1C00
+
+ SHA1_STEP_S (SHA1_F0o, a, b, c, d, e, w0_t);
+ SHA1_STEP_S (SHA1_F0o, e, a, b, c, d, w1_t);
+ SHA1_STEP_S (SHA1_F0o, d, e, a, b, c, w2_t);
+ SHA1_STEP_S (SHA1_F0o, c, d, e, a, b, w3_t);
+ SHA1_STEP_S (SHA1_F0o, b, c, d, e, a, w4_t);
+ SHA1_STEP_S (SHA1_F0o, a, b, c, d, e, w5_t);
+ SHA1_STEP_S (SHA1_F0o, e, a, b, c, d, w6_t);
+ SHA1_STEP_S (SHA1_F0o, d, e, a, b, c, w7_t);
+ SHA1_STEP_S (SHA1_F0o, c, d, e, a, b, w8_t);
+ SHA1_STEP_S (SHA1_F0o, b, c, d, e, a, w9_t);
+ SHA1_STEP_S (SHA1_F0o, a, b, c, d, e, wa_t);
+ SHA1_STEP_S (SHA1_F0o, e, a, b, c, d, wb_t);
+ SHA1_STEP_S (SHA1_F0o, d, e, a, b, c, wc_t);
+ SHA1_STEP_S (SHA1_F0o, c, d, e, a, b, wd_t);
+ SHA1_STEP_S (SHA1_F0o, b, c, d, e, a, we_t);
+ SHA1_STEP_S (SHA1_F0o, a, b, c, d, e, wf_t);
+ w0_t = hc_rotl32_S ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP_S (SHA1_F0o, e, a, b, c, d, w0_t);
+ w1_t = hc_rotl32_S ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP_S (SHA1_F0o, d, e, a, b, c, w1_t);
+ w2_t = hc_rotl32_S ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP_S (SHA1_F0o, c, d, e, a, b, w2_t);
+ w3_t = hc_rotl32_S ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP_S (SHA1_F0o, b, c, d, e, a, w3_t);
+
+ #undef K
+ #define K SHA1C01
+
+ w4_t = hc_rotl32_S ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, w4_t);
+ w5_t = hc_rotl32_S ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, w5_t);
+ w6_t = hc_rotl32_S ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, w6_t);
+ w7_t = hc_rotl32_S ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, w7_t);
+ w8_t = hc_rotl32_S ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, w8_t);
+ w9_t = hc_rotl32_S ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, w9_t);
+ wa_t = hc_rotl32_S ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, wa_t);
+ wb_t = hc_rotl32_S ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, wb_t);
+ wc_t = hc_rotl32_S ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, wc_t);
+ wd_t = hc_rotl32_S ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, wd_t);
+ we_t = hc_rotl32_S ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, we_t);
+ wf_t = hc_rotl32_S ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, wf_t);
+ w0_t = hc_rotl32_S ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, w0_t);
+ w1_t = hc_rotl32_S ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, w1_t);
+ w2_t = hc_rotl32_S ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, w2_t);
+ w3_t = hc_rotl32_S ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, w3_t);
+ w4_t = hc_rotl32_S ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, w4_t);
+ w5_t = hc_rotl32_S ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, w5_t);
+ w6_t = hc_rotl32_S ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, w6_t);
+ w7_t = hc_rotl32_S ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, w7_t);
+
+ #undef K
+ #define K SHA1C02
+
+ w8_t = hc_rotl32_S ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP_S (SHA1_F2o, a, b, c, d, e, w8_t);
+ w9_t = hc_rotl32_S ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP_S (SHA1_F2o, e, a, b, c, d, w9_t);
+ wa_t = hc_rotl32_S ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP_S (SHA1_F2o, d, e, a, b, c, wa_t);
+ wb_t = hc_rotl32_S ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP_S (SHA1_F2o, c, d, e, a, b, wb_t);
+ wc_t = hc_rotl32_S ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP_S (SHA1_F2o, b, c, d, e, a, wc_t);
+ wd_t = hc_rotl32_S ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP_S (SHA1_F2o, a, b, c, d, e, wd_t);
+ we_t = hc_rotl32_S ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP_S (SHA1_F2o, e, a, b, c, d, we_t);
+ wf_t = hc_rotl32_S ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP_S (SHA1_F2o, d, e, a, b, c, wf_t);
+ w0_t = hc_rotl32_S ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP_S (SHA1_F2o, c, d, e, a, b, w0_t);
+ w1_t = hc_rotl32_S ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP_S (SHA1_F2o, b, c, d, e, a, w1_t);
+ w2_t = hc_rotl32_S ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP_S (SHA1_F2o, a, b, c, d, e, w2_t);
+ w3_t = hc_rotl32_S ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP_S (SHA1_F2o, e, a, b, c, d, w3_t);
+ w4_t = hc_rotl32_S ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP_S (SHA1_F2o, d, e, a, b, c, w4_t);
+ w5_t = hc_rotl32_S ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP_S (SHA1_F2o, c, d, e, a, b, w5_t);
+ w6_t = hc_rotl32_S ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP_S (SHA1_F2o, b, c, d, e, a, w6_t);
+ w7_t = hc_rotl32_S ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP_S (SHA1_F2o, a, b, c, d, e, w7_t);
+ w8_t = hc_rotl32_S ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP_S (SHA1_F2o, e, a, b, c, d, w8_t);
+ w9_t = hc_rotl32_S ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP_S (SHA1_F2o, d, e, a, b, c, w9_t);
+ wa_t = hc_rotl32_S ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP_S (SHA1_F2o, c, d, e, a, b, wa_t);
+ wb_t = hc_rotl32_S ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP_S (SHA1_F2o, b, c, d, e, a, wb_t);
+
+ #undef K
+ #define K SHA1C03
+
+ wc_t = hc_rotl32_S ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, wc_t);
+ wd_t = hc_rotl32_S ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, wd_t);
+ we_t = hc_rotl32_S ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, we_t);
+ wf_t = hc_rotl32_S ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, wf_t);
+ w0_t = hc_rotl32_S ((wd_t ^ w8_t ^ w2_t ^ w0_t), 1u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, w0_t);
+ w1_t = hc_rotl32_S ((we_t ^ w9_t ^ w3_t ^ w1_t), 1u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, w1_t);
+ w2_t = hc_rotl32_S ((wf_t ^ wa_t ^ w4_t ^ w2_t), 1u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, w2_t);
+ w3_t = hc_rotl32_S ((w0_t ^ wb_t ^ w5_t ^ w3_t), 1u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, w3_t);
+ w4_t = hc_rotl32_S ((w1_t ^ wc_t ^ w6_t ^ w4_t), 1u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, w4_t);
+ w5_t = hc_rotl32_S ((w2_t ^ wd_t ^ w7_t ^ w5_t), 1u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, w5_t);
+ w6_t = hc_rotl32_S ((w3_t ^ we_t ^ w8_t ^ w6_t), 1u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, w6_t);
+ w7_t = hc_rotl32_S ((w4_t ^ wf_t ^ w9_t ^ w7_t), 1u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, w7_t);
+ w8_t = hc_rotl32_S ((w5_t ^ w0_t ^ wa_t ^ w8_t), 1u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, w8_t);
+ w9_t = hc_rotl32_S ((w6_t ^ w1_t ^ wb_t ^ w9_t), 1u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, w9_t);
+ wa_t = hc_rotl32_S ((w7_t ^ w2_t ^ wc_t ^ wa_t), 1u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, wa_t);
+ wb_t = hc_rotl32_S ((w8_t ^ w3_t ^ wd_t ^ wb_t), 1u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, wb_t);
+ wc_t = hc_rotl32_S ((w9_t ^ w4_t ^ we_t ^ wc_t), 1u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, wc_t);
+ wd_t = hc_rotl32_S ((wa_t ^ w5_t ^ wf_t ^ wd_t), 1u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, wd_t);
+ we_t = hc_rotl32_S ((wb_t ^ w6_t ^ w0_t ^ we_t), 1u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, we_t);
+ wf_t = hc_rotl32_S ((wc_t ^ w7_t ^ w1_t ^ wf_t), 1u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, wf_t);
+
+ t[ 0] = w0_t;
+ t[ 1] = w1_t;
+ t[ 2] = w2_t;
+ t[ 3] = w3_t;
+ t[ 4] = w4_t;
+ t[ 5] = w5_t;
+ t[ 6] = w6_t;
+ t[ 7] = w7_t;
+ t[ 8] = w8_t;
+ t[ 9] = w9_t;
+ t[10] = wa_t;
+ t[11] = wb_t;
+ t[12] = wc_t;
+ t[13] = wd_t;
+ t[14] = we_t;
+ t[15] = wf_t;
+
+ #undef K
+
+ #else
+
+ u32 w00_t = w0[0];
+ u32 w01_t = w0[1];
+ u32 w02_t = w0[2];
+ u32 w03_t = w0[3];
+ u32 w04_t = w1[0];
+ u32 w05_t = w1[1];
+ u32 w06_t = w1[2];
+ u32 w07_t = w1[3];
+ u32 w08_t = w2[0];
+ u32 w09_t = w2[1];
+ u32 w0a_t = w2[2];
+ u32 w0b_t = w2[3];
+ u32 w0c_t = w3[0];
+ u32 w0d_t = w3[1];
+ u32 w0e_t = w3[2];
+ u32 w0f_t = w3[3];
+ u32 w10_t;
+ u32 w11_t;
+ u32 w12_t;
+ u32 w13_t;
+ u32 w14_t;
+ u32 w15_t;
+ u32 w16_t;
+ u32 w17_t;
+ u32 w18_t;
+ u32 w19_t;
+ u32 w1a_t;
+ u32 w1b_t;
+ u32 w1c_t;
+ u32 w1d_t;
+ u32 w1e_t;
+ u32 w1f_t;
+ u32 w20_t;
+ u32 w21_t;
+ u32 w22_t;
+ u32 w23_t;
+ u32 w24_t;
+ u32 w25_t;
+ u32 w26_t;
+ u32 w27_t;
+ u32 w28_t;
+ u32 w29_t;
+ u32 w2a_t;
+ u32 w2b_t;
+ u32 w2c_t;
+ u32 w2d_t;
+ u32 w2e_t;
+ u32 w2f_t;
+ u32 w30_t;
+ u32 w31_t;
+ u32 w32_t;
+ u32 w33_t;
+ u32 w34_t;
+ u32 w35_t;
+ u32 w36_t;
+ u32 w37_t;
+ u32 w38_t;
+ u32 w39_t;
+ u32 w3a_t;
+ u32 w3b_t;
+ u32 w3c_t;
+ u32 w3d_t;
+ u32 w3e_t;
+ u32 w3f_t;
+ u32 w40_t;
+ u32 w41_t;
+ u32 w42_t;
+ u32 w43_t;
+ u32 w44_t;
+ u32 w45_t;
+ u32 w46_t;
+ u32 w47_t;
+ u32 w48_t;
+ u32 w49_t;
+ u32 w4a_t;
+ u32 w4b_t;
+ u32 w4c_t;
+ u32 w4d_t;
+ u32 w4e_t;
+ u32 w4f_t;
+
+ #define K SHA1C00
+
+ SHA1_STEP_S (SHA1_F0o, a, b, c, d, e, w00_t);
+ SHA1_STEP_S (SHA1_F0o, e, a, b, c, d, w01_t);
+ SHA1_STEP_S (SHA1_F0o, d, e, a, b, c, w02_t);
+ SHA1_STEP_S (SHA1_F0o, c, d, e, a, b, w03_t);
+ SHA1_STEP_S (SHA1_F0o, b, c, d, e, a, w04_t);
+ SHA1_STEP_S (SHA1_F0o, a, b, c, d, e, w05_t);
+ SHA1_STEP_S (SHA1_F0o, e, a, b, c, d, w06_t);
+ SHA1_STEP_S (SHA1_F0o, d, e, a, b, c, w07_t);
+ SHA1_STEP_S (SHA1_F0o, c, d, e, a, b, w08_t);
+ SHA1_STEP_S (SHA1_F0o, b, c, d, e, a, w09_t);
+ SHA1_STEP_S (SHA1_F0o, a, b, c, d, e, w0a_t);
+ SHA1_STEP_S (SHA1_F0o, e, a, b, c, d, w0b_t);
+ SHA1_STEP_S (SHA1_F0o, d, e, a, b, c, w0c_t);
+ SHA1_STEP_S (SHA1_F0o, c, d, e, a, b, w0d_t);
+ SHA1_STEP_S (SHA1_F0o, b, c, d, e, a, w0e_t);
+ SHA1_STEP_S (SHA1_F0o, a, b, c, d, e, w0f_t);
+ w10_t = hc_rotl32_S ((w0d_t ^ w08_t ^ w02_t ^ w00_t), 1u); SHA1_STEP_S (SHA1_F0o, e, a, b, c, d, w10_t);
+ w11_t = hc_rotl32_S ((w0e_t ^ w09_t ^ w03_t ^ w01_t), 1u); SHA1_STEP_S (SHA1_F0o, d, e, a, b, c, w11_t);
+ w12_t = hc_rotl32_S ((w0f_t ^ w0a_t ^ w04_t ^ w02_t), 1u); SHA1_STEP_S (SHA1_F0o, c, d, e, a, b, w12_t);
+ w13_t = hc_rotl32_S ((w10_t ^ w0b_t ^ w05_t ^ w03_t), 1u); SHA1_STEP_S (SHA1_F0o, b, c, d, e, a, w13_t);
+
+ #undef K
+ #define K SHA1C01
+
+ w14_t = hc_rotl32_S ((w11_t ^ w0c_t ^ w06_t ^ w04_t), 1u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, w14_t);
+ w15_t = hc_rotl32_S ((w12_t ^ w0d_t ^ w07_t ^ w05_t), 1u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, w15_t);
+ w16_t = hc_rotl32_S ((w13_t ^ w0e_t ^ w08_t ^ w06_t), 1u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, w16_t);
+ w17_t = hc_rotl32_S ((w14_t ^ w0f_t ^ w09_t ^ w07_t), 1u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, w17_t);
+ w18_t = hc_rotl32_S ((w15_t ^ w10_t ^ w0a_t ^ w08_t), 1u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, w18_t);
+ w19_t = hc_rotl32_S ((w16_t ^ w11_t ^ w0b_t ^ w09_t), 1u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, w19_t);
+ w1a_t = hc_rotl32_S ((w17_t ^ w12_t ^ w0c_t ^ w0a_t), 1u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, w1a_t);
+ w1b_t = hc_rotl32_S ((w18_t ^ w13_t ^ w0d_t ^ w0b_t), 1u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, w1b_t);
+ w1c_t = hc_rotl32_S ((w19_t ^ w14_t ^ w0e_t ^ w0c_t), 1u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, w1c_t);
+ w1d_t = hc_rotl32_S ((w1a_t ^ w15_t ^ w0f_t ^ w0d_t), 1u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, w1d_t);
+ w1e_t = hc_rotl32_S ((w1b_t ^ w16_t ^ w10_t ^ w0e_t), 1u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, w1e_t);
+ w1f_t = hc_rotl32_S ((w1c_t ^ w17_t ^ w11_t ^ w0f_t), 1u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, w1f_t);
+ w20_t = hc_rotl32_S ((w1a_t ^ w10_t ^ w04_t ^ w00_t), 2u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, w20_t);
+ w21_t = hc_rotl32_S ((w1b_t ^ w11_t ^ w05_t ^ w01_t), 2u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, w21_t);
+ w22_t = hc_rotl32_S ((w1c_t ^ w12_t ^ w06_t ^ w02_t), 2u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, w22_t);
+ w23_t = hc_rotl32_S ((w1d_t ^ w13_t ^ w07_t ^ w03_t), 2u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, w23_t);
+ w24_t = hc_rotl32_S ((w1e_t ^ w14_t ^ w08_t ^ w04_t), 2u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, w24_t);
+ w25_t = hc_rotl32_S ((w1f_t ^ w15_t ^ w09_t ^ w05_t), 2u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, w25_t);
+ w26_t = hc_rotl32_S ((w20_t ^ w16_t ^ w0a_t ^ w06_t), 2u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, w26_t);
+ w27_t = hc_rotl32_S ((w21_t ^ w17_t ^ w0b_t ^ w07_t), 2u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, w27_t);
+
+ #undef K
+ #define K SHA1C02
+
+ w28_t = hc_rotl32_S ((w22_t ^ w18_t ^ w0c_t ^ w08_t), 2u); SHA1_STEP_S (SHA1_F2o, a, b, c, d, e, w28_t);
+ w29_t = hc_rotl32_S ((w23_t ^ w19_t ^ w0d_t ^ w09_t), 2u); SHA1_STEP_S (SHA1_F2o, e, a, b, c, d, w29_t);
+ w2a_t = hc_rotl32_S ((w24_t ^ w1a_t ^ w0e_t ^ w0a_t), 2u); SHA1_STEP_S (SHA1_F2o, d, e, a, b, c, w2a_t);
+ w2b_t = hc_rotl32_S ((w25_t ^ w1b_t ^ w0f_t ^ w0b_t), 2u); SHA1_STEP_S (SHA1_F2o, c, d, e, a, b, w2b_t);
+ w2c_t = hc_rotl32_S ((w26_t ^ w1c_t ^ w10_t ^ w0c_t), 2u); SHA1_STEP_S (SHA1_F2o, b, c, d, e, a, w2c_t);
+ w2d_t = hc_rotl32_S ((w27_t ^ w1d_t ^ w11_t ^ w0d_t), 2u); SHA1_STEP_S (SHA1_F2o, a, b, c, d, e, w2d_t);
+ w2e_t = hc_rotl32_S ((w28_t ^ w1e_t ^ w12_t ^ w0e_t), 2u); SHA1_STEP_S (SHA1_F2o, e, a, b, c, d, w2e_t);
+ w2f_t = hc_rotl32_S ((w29_t ^ w1f_t ^ w13_t ^ w0f_t), 2u); SHA1_STEP_S (SHA1_F2o, d, e, a, b, c, w2f_t);
+ w30_t = hc_rotl32_S ((w2a_t ^ w20_t ^ w14_t ^ w10_t), 2u); SHA1_STEP_S (SHA1_F2o, c, d, e, a, b, w30_t);
+ w31_t = hc_rotl32_S ((w2b_t ^ w21_t ^ w15_t ^ w11_t), 2u); SHA1_STEP_S (SHA1_F2o, b, c, d, e, a, w31_t);
+ w32_t = hc_rotl32_S ((w2c_t ^ w22_t ^ w16_t ^ w12_t), 2u); SHA1_STEP_S (SHA1_F2o, a, b, c, d, e, w32_t);
+ w33_t = hc_rotl32_S ((w2d_t ^ w23_t ^ w17_t ^ w13_t), 2u); SHA1_STEP_S (SHA1_F2o, e, a, b, c, d, w33_t);
+ w34_t = hc_rotl32_S ((w2e_t ^ w24_t ^ w18_t ^ w14_t), 2u); SHA1_STEP_S (SHA1_F2o, d, e, a, b, c, w34_t);
+ w35_t = hc_rotl32_S ((w2f_t ^ w25_t ^ w19_t ^ w15_t), 2u); SHA1_STEP_S (SHA1_F2o, c, d, e, a, b, w35_t);
+ w36_t = hc_rotl32_S ((w30_t ^ w26_t ^ w1a_t ^ w16_t), 2u); SHA1_STEP_S (SHA1_F2o, b, c, d, e, a, w36_t);
+ w37_t = hc_rotl32_S ((w31_t ^ w27_t ^ w1b_t ^ w17_t), 2u); SHA1_STEP_S (SHA1_F2o, a, b, c, d, e, w37_t);
+ w38_t = hc_rotl32_S ((w32_t ^ w28_t ^ w1c_t ^ w18_t), 2u); SHA1_STEP_S (SHA1_F2o, e, a, b, c, d, w38_t);
+ w39_t = hc_rotl32_S ((w33_t ^ w29_t ^ w1d_t ^ w19_t), 2u); SHA1_STEP_S (SHA1_F2o, d, e, a, b, c, w39_t);
+ w3a_t = hc_rotl32_S ((w34_t ^ w2a_t ^ w1e_t ^ w1a_t), 2u); SHA1_STEP_S (SHA1_F2o, c, d, e, a, b, w3a_t);
+ w3b_t = hc_rotl32_S ((w35_t ^ w2b_t ^ w1f_t ^ w1b_t), 2u); SHA1_STEP_S (SHA1_F2o, b, c, d, e, a, w3b_t);
+
+ #undef K
+ #define K SHA1C03
+
+ w3c_t = hc_rotl32_S ((w36_t ^ w2c_t ^ w20_t ^ w1c_t), 2u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, w3c_t);
+ w3d_t = hc_rotl32_S ((w37_t ^ w2d_t ^ w21_t ^ w1d_t), 2u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, w3d_t);
+ w3e_t = hc_rotl32_S ((w38_t ^ w2e_t ^ w22_t ^ w1e_t), 2u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, w3e_t);
+ w3f_t = hc_rotl32_S ((w39_t ^ w2f_t ^ w23_t ^ w1f_t), 2u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, w3f_t);
+ w40_t = hc_rotl32_S ((w34_t ^ w20_t ^ w08_t ^ w00_t), 4u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, w40_t);
+ w41_t = hc_rotl32_S ((w35_t ^ w21_t ^ w09_t ^ w01_t), 4u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, w41_t);
+ w42_t = hc_rotl32_S ((w36_t ^ w22_t ^ w0a_t ^ w02_t), 4u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, w42_t);
+ w43_t = hc_rotl32_S ((w37_t ^ w23_t ^ w0b_t ^ w03_t), 4u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, w43_t);
+ w44_t = hc_rotl32_S ((w38_t ^ w24_t ^ w0c_t ^ w04_t), 4u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, w44_t);
+ w45_t = hc_rotl32_S ((w39_t ^ w25_t ^ w0d_t ^ w05_t), 4u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, w45_t);
+ w46_t = hc_rotl32_S ((w3a_t ^ w26_t ^ w0e_t ^ w06_t), 4u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, w46_t);
+ w47_t = hc_rotl32_S ((w3b_t ^ w27_t ^ w0f_t ^ w07_t), 4u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, w47_t);
+ w48_t = hc_rotl32_S ((w3c_t ^ w28_t ^ w10_t ^ w08_t), 4u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, w48_t);
+ w49_t = hc_rotl32_S ((w3d_t ^ w29_t ^ w11_t ^ w09_t), 4u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, w49_t);
+ w4a_t = hc_rotl32_S ((w3e_t ^ w2a_t ^ w12_t ^ w0a_t), 4u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, w4a_t);
+ w4b_t = hc_rotl32_S ((w3f_t ^ w2b_t ^ w13_t ^ w0b_t), 4u); SHA1_STEP_S (SHA1_F1, a, b, c, d, e, w4b_t);
+ w4c_t = hc_rotl32_S ((w40_t ^ w2c_t ^ w14_t ^ w0c_t), 4u); SHA1_STEP_S (SHA1_F1, e, a, b, c, d, w4c_t);
+ w4d_t = hc_rotl32_S ((w41_t ^ w2d_t ^ w15_t ^ w0d_t), 4u); SHA1_STEP_S (SHA1_F1, d, e, a, b, c, w4d_t);
+ w4e_t = hc_rotl32_S ((w42_t ^ w2e_t ^ w16_t ^ w0e_t), 4u); SHA1_STEP_S (SHA1_F1, c, d, e, a, b, w4e_t);
+ w4f_t = hc_rotl32_S ((w43_t ^ w2f_t ^ w17_t ^ w0f_t), 4u); SHA1_STEP_S (SHA1_F1, b, c, d, e, a, w4f_t);
+
+ t[ 0] = w40_t;
+ t[ 1] = w41_t;
+ t[ 2] = w42_t;
+ t[ 3] = w43_t;
+ t[ 4] = w44_t;
+ t[ 5] = w45_t;
+ t[ 6] = w46_t;
+ t[ 7] = w47_t;
+ t[ 8] = w48_t;
+ t[ 9] = w49_t;
+ t[10] = w4a_t;
+ t[11] = w4b_t;
+ t[12] = w4c_t;
+ t[13] = w4d_t;
+ t[14] = w4e_t;
+ t[15] = w4f_t;
+
+ #undef K
+ #endif
+
+ digest[0] += a;
+ digest[1] += b;
+ digest[2] += c;
+ digest[3] += d;
+ digest[4] += e;
+}
+
+// only change in this function compared to OpenCL/inc_hash_sha1.cl is that
+// it calls our modified sha1_transform_rar29 () function
+
+DECLSPEC void sha1_update_64_rar29 (sha1_ctx_t *ctx, u32 *w0, u32 *w1, u32 *w2, u32 *w3, const int bytes, u32 *t)
+{
+ MAYBE_VOLATILE const int pos = ctx->len & 63;
+
+ int len = 64;
+
+ if (bytes < 64)
+ {
+ len = bytes;
+ }
+
+ ctx->len += len;
+
+ if (pos == 0)
+ {
+ ctx->w0[0] = w0[0];
+ ctx->w0[1] = w0[1];
+ ctx->w0[2] = w0[2];
+ ctx->w0[3] = w0[3];
+ ctx->w1[0] = w1[0];
+ ctx->w1[1] = w1[1];
+ ctx->w1[2] = w1[2];
+ ctx->w1[3] = w1[3];
+ ctx->w2[0] = w2[0];
+ ctx->w2[1] = w2[1];
+ ctx->w2[2] = w2[2];
+ ctx->w2[3] = w2[3];
+ ctx->w3[0] = w3[0];
+ ctx->w3[1] = w3[1];
+ ctx->w3[2] = w3[2];
+ ctx->w3[3] = w3[3];
+
+ if (len == 64)
+ {
+ sha1_transform_rar29 (ctx->w0, ctx->w1, ctx->w2, ctx->w3, ctx->h, t);
+
+ ctx->w0[0] = 0;
+ ctx->w0[1] = 0;
+ ctx->w0[2] = 0;
+ ctx->w0[3] = 0;
+ ctx->w1[0] = 0;
+ ctx->w1[1] = 0;
+ ctx->w1[2] = 0;
+ ctx->w1[3] = 0;
+ ctx->w2[0] = 0;
+ ctx->w2[1] = 0;
+ ctx->w2[2] = 0;
+ ctx->w2[3] = 0;
+ ctx->w3[0] = 0;
+ ctx->w3[1] = 0;
+ ctx->w3[2] = 0;
+ ctx->w3[3] = 0;
+ }
+ }
+ else
+ {
+ if ((pos + len) < 64)
+ {
+ switch_buffer_by_offset_be_S (w0, w1, w2, w3, pos);
+
+ ctx->w0[0] |= w0[0];
+ ctx->w0[1] |= w0[1];
+ ctx->w0[2] |= w0[2];
+ ctx->w0[3] |= w0[3];
+ ctx->w1[0] |= w1[0];
+ ctx->w1[1] |= w1[1];
+ ctx->w1[2] |= w1[2];
+ ctx->w1[3] |= w1[3];
+ ctx->w2[0] |= w2[0];
+ ctx->w2[1] |= w2[1];
+ ctx->w2[2] |= w2[2];
+ ctx->w2[3] |= w2[3];
+ ctx->w3[0] |= w3[0];
+ ctx->w3[1] |= w3[1];
+ ctx->w3[2] |= w3[2];
+ ctx->w3[3] |= w3[3];
+ }
+ else
+ {
+ u32 c0[4] = { 0 };
+ u32 c1[4] = { 0 };
+ u32 c2[4] = { 0 };
+ u32 c3[4] = { 0 };
+
+ switch_buffer_by_offset_carry_be_S (w0, w1, w2, w3, c0, c1, c2, c3, pos);
+
+ ctx->w0[0] |= w0[0];
+ ctx->w0[1] |= w0[1];
+ ctx->w0[2] |= w0[2];
+ ctx->w0[3] |= w0[3];
+ ctx->w1[0] |= w1[0];
+ ctx->w1[1] |= w1[1];
+ ctx->w1[2] |= w1[2];
+ ctx->w1[3] |= w1[3];
+ ctx->w2[0] |= w2[0];
+ ctx->w2[1] |= w2[1];
+ ctx->w2[2] |= w2[2];
+ ctx->w2[3] |= w2[3];
+ ctx->w3[0] |= w3[0];
+ ctx->w3[1] |= w3[1];
+ ctx->w3[2] |= w3[2];
+ ctx->w3[3] |= w3[3];
+
+ sha1_transform_rar29 (ctx->w0, ctx->w1, ctx->w2, ctx->w3, ctx->h, t);
+
+ ctx->w0[0] = c0[0];
+ ctx->w0[1] = c0[1];
+ ctx->w0[2] = c0[2];
+ ctx->w0[3] = c0[3];
+ ctx->w1[0] = c1[0];
+ ctx->w1[1] = c1[1];
+ ctx->w1[2] = c1[2];
+ ctx->w1[3] = c1[3];
+ ctx->w2[0] = c2[0];
+ ctx->w2[1] = c2[1];
+ ctx->w2[2] = c2[2];
+ ctx->w2[3] = c2[3];
+ ctx->w3[0] = c3[0];
+ ctx->w3[1] = c3[1];
+ ctx->w3[2] = c3[2];
+ ctx->w3[3] = c3[3];
+ }
+ }
+}
+
+// main change in this function compared to OpenCL/inc_hash_sha1.cl is that
+// we call sha1_update_64_rar29 () and sometimes replace w[]
+
+DECLSPEC void sha1_update_rar29 (sha1_ctx_t *ctx, u32 *w, const int len)
+{
+ u32 w0[4];
+ u32 w1[4];
+ u32 w2[4];
+ u32 w3[4];
+
+ MAYBE_VOLATILE const int pos = ctx->len & 63;
+
+ int pos1 = 0;
+ int pos4 = 0;
+
+ if (len > 64) // or: if (pos1 < (len - 64))
+ {
+ w0[0] = w[pos4 + 0];
+ w0[1] = w[pos4 + 1];
+ w0[2] = w[pos4 + 2];
+ w0[3] = w[pos4 + 3];
+ w1[0] = w[pos4 + 4];
+ w1[1] = w[pos4 + 5];
+ w1[2] = w[pos4 + 6];
+ w1[3] = w[pos4 + 7];
+ w2[0] = w[pos4 + 8];
+ w2[1] = w[pos4 + 9];
+ w2[2] = w[pos4 + 10];
+ w2[3] = w[pos4 + 11];
+ w3[0] = w[pos4 + 12];
+ w3[1] = w[pos4 + 13];
+ w3[2] = w[pos4 + 14];
+ w3[3] = w[pos4 + 15];
+
+ sha1_update_64 (ctx, w0, w1, w2, w3, 64);
+
+ pos1 += 64;
+ pos4 += 16;
+ }
+
+ for (int diff = 64 - pos; pos1 < len; pos1 += 64, pos4 += 16, diff += 64)
+ {
+ w0[0] = w[pos4 + 0];
+ w0[1] = w[pos4 + 1];
+ w0[2] = w[pos4 + 2];
+ w0[3] = w[pos4 + 3];
+ w1[0] = w[pos4 + 4];
+ w1[1] = w[pos4 + 5];
+ w1[2] = w[pos4 + 6];
+ w1[3] = w[pos4 + 7];
+ w2[0] = w[pos4 + 8];
+ w2[1] = w[pos4 + 9];
+ w2[2] = w[pos4 + 10];
+ w2[3] = w[pos4 + 11];
+ w3[0] = w[pos4 + 12];
+ w3[1] = w[pos4 + 13];
+ w3[2] = w[pos4 + 14];
+ w3[3] = w[pos4 + 15];
+
+ // only major change in this function compared to OpenCL/inc_hash_sha1.cl:
+
+ u32 t[17] = { 0 };
+
+ sha1_update_64_rar29 (ctx, w0, w1, w2, w3, len - pos1, t);
+
+
+ if ((diff + 63) >= len) break;
+
+ // replaces 64 bytes (with offset diff) of the underlying data w[] with t[]:
+
+ // for (int i = 0; i < 16; i++) t[i] = hc_swap32_S (t[i]);
+
+ t[ 0] = hc_swap32_S (t[ 0]); // unroll seems to be faster
+ t[ 1] = hc_swap32_S (t[ 1]);
+ t[ 2] = hc_swap32_S (t[ 2]);
+ t[ 3] = hc_swap32_S (t[ 3]);
+ t[ 4] = hc_swap32_S (t[ 4]);
+ t[ 5] = hc_swap32_S (t[ 5]);
+ t[ 6] = hc_swap32_S (t[ 6]);
+ t[ 7] = hc_swap32_S (t[ 7]);
+ t[ 8] = hc_swap32_S (t[ 8]);
+ t[ 9] = hc_swap32_S (t[ 9]);
+ t[10] = hc_swap32_S (t[10]);
+ t[11] = hc_swap32_S (t[11]);
+ t[12] = hc_swap32_S (t[12]);
+ t[13] = hc_swap32_S (t[13]);
+ t[14] = hc_swap32_S (t[14]);
+ t[15] = hc_swap32_S (t[15]);
+
+ const u32 n_idx = diff >> 2;
+ const u32 n_off = diff & 3;
+
+ if (n_off)
+ {
+ const u32 off_mul = n_off << 3;
+ const u32 off_sub = 32 - off_mul;
+
+ t[16] = (t[15] << off_sub);
+ t[15] = (t[15] >> off_mul) | (t[14] << off_sub);
+ t[14] = (t[14] >> off_mul) | (t[13] << off_sub);
+ t[13] = (t[13] >> off_mul) | (t[12] << off_sub);
+ t[12] = (t[12] >> off_mul) | (t[11] << off_sub);
+ t[11] = (t[11] >> off_mul) | (t[10] << off_sub);
+ t[10] = (t[10] >> off_mul) | (t[ 9] << off_sub);
+ t[ 9] = (t[ 9] >> off_mul) | (t[ 8] << off_sub);
+ t[ 8] = (t[ 8] >> off_mul) | (t[ 7] << off_sub);
+ t[ 7] = (t[ 7] >> off_mul) | (t[ 6] << off_sub);
+ t[ 6] = (t[ 6] >> off_mul) | (t[ 5] << off_sub);
+ t[ 5] = (t[ 5] >> off_mul) | (t[ 4] << off_sub);
+ t[ 4] = (t[ 4] >> off_mul) | (t[ 3] << off_sub);
+ t[ 3] = (t[ 3] >> off_mul) | (t[ 2] << off_sub);
+ t[ 2] = (t[ 2] >> off_mul) | (t[ 1] << off_sub);
+ t[ 1] = (t[ 1] >> off_mul) | (t[ 0] << off_sub);
+ t[ 0] = (t[ 0] >> off_mul);
+ }
+
+ w[n_idx] &= 0xffffff00 << ((3 - n_off) << 3);
+
+ w[n_idx] |= t[0];
+
+ w[n_idx + 1] = t[ 1];
+ w[n_idx + 2] = t[ 2];
+ w[n_idx + 3] = t[ 3];
+ w[n_idx + 4] = t[ 4];
+ w[n_idx + 5] = t[ 5];
+ w[n_idx + 6] = t[ 6];
+ w[n_idx + 7] = t[ 7];
+ w[n_idx + 8] = t[ 8];
+ w[n_idx + 9] = t[ 9];
+ w[n_idx + 10] = t[10];
+ w[n_idx + 11] = t[11];
+ w[n_idx + 12] = t[12];
+ w[n_idx + 13] = t[13];
+ w[n_idx + 14] = t[14];
+ w[n_idx + 15] = t[15];
+
+ // the final set is only meaningful: if (n_off)
+
+ w[n_idx + 16] &= 0xffffffff >> (n_off << 3);
+
+ w[n_idx + 16] |= t[16];
+ }
+}
+
KERNEL_FQ void m12500_init (KERN_ATTR_TMPS_ESALT (rar3_tmp_t, pbkdf2_sha1_t))
{
/**
@@ -148,19 +765,82 @@ KERNEL_FQ void m12500_init (KERN_ATTR_TMPS_ESALT (rar3_tmp_t, pbkdf2_sha1_t))
if (gid >= gid_max) return;
- tmps[gid].dgst[0][0] = SHA1M_A;
- tmps[gid].dgst[0][1] = SHA1M_B;
- tmps[gid].dgst[0][2] = SHA1M_C;
- tmps[gid].dgst[0][3] = SHA1M_D;
- tmps[gid].dgst[0][4] = SHA1M_E;
+ tmps[gid].dgst[0] = SHA1M_A;
+ tmps[gid].dgst[1] = SHA1M_B;
+ tmps[gid].dgst[2] = SHA1M_C;
+ tmps[gid].dgst[3] = SHA1M_D;
+ tmps[gid].dgst[4] = SHA1M_E;
- /**
- * context save
- */
+ // store pass and salt in tmps:
- sha1_ctx_t ctx;
+ const u32 pw_len = pws[gid].pw_len;
- sha1_init (&ctx);
+ // first set the utf16le pass:
+
+ u32 w[80] = { 0 };
+
+ for (u32 i = 0, j = 0, k = 0; i < pw_len; i += 16, j += 4, k += 8)
+ {
+ u32 a[4];
+
+ a[0] = pws[gid].i[j + 0];
+ a[1] = pws[gid].i[j + 1];
+ a[2] = pws[gid].i[j + 2];
+ a[3] = pws[gid].i[j + 3];
+
+ u32 b[4];
+ u32 c[4];
+
+ make_utf16le (a, b, c);
+
+ w[k + 0] = hc_swap32_S (b[0]);
+ w[k + 1] = hc_swap32_S (b[1]);
+ w[k + 2] = hc_swap32_S (b[2]);
+ w[k + 3] = hc_swap32_S (b[3]);
+ w[k + 4] = hc_swap32_S (c[0]);
+ w[k + 5] = hc_swap32_S (c[1]);
+ w[k + 6] = hc_swap32_S (c[2]);
+ w[k + 7] = hc_swap32_S (c[3]);
+ }
+
+ // append salt:
+
+ const u32 salt_idx = (pw_len * 2) / 4;
+ const u32 salt_off = (pw_len * 2) & 3;
+
+ u32 salt_buf[3];
+
+ salt_buf[0] = hc_swap32_S (salt_bufs[salt_pos].salt_buf[0]); // swap needed due to -O kernel
+ salt_buf[1] = hc_swap32_S (salt_bufs[salt_pos].salt_buf[1]);
+ salt_buf[2] = 0;
+
+ // switch buffer by offset (can only be 0 or 2 because of utf16):
+
+ if (salt_off == 2) // or just: if (salt_off)
+ {
+ salt_buf[2] = (salt_buf[1] << 16);
+ salt_buf[1] = (salt_buf[1] >> 16) | (salt_buf[0] << 16);
+ salt_buf[0] = (salt_buf[0] >> 16);
+ }
+
+ w[salt_idx] |= salt_buf[0];
+
+ w[salt_idx + 1] = salt_buf[1];
+ w[salt_idx + 2] = salt_buf[2];
+
+ // store initial w[] (pass and salt) in tmps:
+
+ for (u32 i = 0; i < 66; i++) // unroll ?
+ {
+ tmps[gid].w[i] = w[i];
+ }
+
+ // iv:
+
+ tmps[gid].iv[0] = 0;
+ tmps[gid].iv[1] = 0;
+ tmps[gid].iv[2] = 0;
+ tmps[gid].iv[3] = 0;
}
KERNEL_FQ void m12500_loop (KERN_ATTR_TMPS_ESALT (rar3_tmp_t, pbkdf2_sha1_t))
@@ -175,62 +855,106 @@ KERNEL_FQ void m12500_loop (KERN_ATTR_TMPS_ESALT (rar3_tmp_t, pbkdf2_sha1_t))
const u32 pw_len = pws[gid].pw_len;
- u32 w[64] = { 0 };
+ const u32 salt_len = 8;
- for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1)
+ const u32 pw_salt_len = (pw_len * 2) + salt_len;
+
+ const u32 p3 = pw_salt_len + 3;
+
+ u32 w[80] = { 0 }; // 64 byte aligned
+
+ for (u32 i = 0; i < 66; i++) // unroll ?
{
- w[idx] = pws[gid].i[idx];
+ w[i] = tmps[gid].w[i];
}
- u32 salt_buf[16];
-
- salt_buf[ 0] = salt_bufs[salt_pos].salt_buf[0];
- salt_buf[ 1] = salt_bufs[salt_pos].salt_buf[1];
- salt_buf[ 2] = 0;
- salt_buf[ 3] = 0;
- salt_buf[ 4] = 0;
- salt_buf[ 5] = 0;
- salt_buf[ 6] = 0;
- salt_buf[ 7] = 0;
- salt_buf[ 8] = 0;
- salt_buf[ 9] = 0;
- salt_buf[10] = 0;
- salt_buf[11] = 0;
- salt_buf[12] = 0;
- salt_buf[13] = 0;
- salt_buf[14] = 0;
- salt_buf[15] = 0;
-
- const u32 salt_len = 8;
+ // update IV:
const u32 init_pos = loop_pos / (ROUNDS / 16);
+ sha1_ctx_t ctx_iv;
+
+ sha1_init (&ctx_iv);
+
+ ctx_iv.h[0] = tmps[gid].dgst[0];
+ ctx_iv.h[1] = tmps[gid].dgst[1];
+ ctx_iv.h[2] = tmps[gid].dgst[2];
+ ctx_iv.h[3] = tmps[gid].dgst[3];
+ ctx_iv.h[4] = tmps[gid].dgst[4];
+
+ ctx_iv.len = loop_pos * p3;
+
+ sha1_update_rar29 (&ctx_iv, w, pw_salt_len);
+
+ memcat8c_be (ctx_iv.w0, ctx_iv.w1, ctx_iv.w2, ctx_iv.w3, ctx_iv.len, hc_swap32_S (loop_pos), ctx_iv.h);
+
+ ctx_iv.len += 3;
+
+
+ // copy the context from ctx_iv to ctx:
+
sha1_ctx_t ctx;
- sha1_init (&ctx);
+ ctx.h[0] = ctx_iv.h[0];
+ ctx.h[1] = ctx_iv.h[1];
+ ctx.h[2] = ctx_iv.h[2];
+ ctx.h[3] = ctx_iv.h[3];
+ ctx.h[4] = ctx_iv.h[4];
- ctx.h[0] = tmps[gid].dgst[init_pos][0];
- ctx.h[1] = tmps[gid].dgst[init_pos][1];
- ctx.h[2] = tmps[gid].dgst[init_pos][2];
- ctx.h[3] = tmps[gid].dgst[init_pos][3];
- ctx.h[4] = tmps[gid].dgst[init_pos][4];
+ ctx.w0[0] = ctx_iv.w0[0];
+ ctx.w0[1] = ctx_iv.w0[1];
+ ctx.w0[2] = ctx_iv.w0[2];
+ ctx.w0[3] = ctx_iv.w0[3];
- for (u32 i = 0, j = loop_pos; i < 16384; i++, j++)
+ ctx.w1[0] = ctx_iv.w1[0];
+ ctx.w1[1] = ctx_iv.w1[1];
+ ctx.w1[2] = ctx_iv.w1[2];
+ ctx.w1[3] = ctx_iv.w1[3];
+
+ ctx.w2[0] = ctx_iv.w2[0];
+ ctx.w2[1] = ctx_iv.w2[1];
+ ctx.w2[2] = ctx_iv.w2[2];
+ ctx.w2[3] = ctx_iv.w2[3];
+
+ ctx.w3[0] = ctx_iv.w3[0];
+ ctx.w3[1] = ctx_iv.w3[1];
+ ctx.w3[2] = ctx_iv.w3[2];
+ ctx.w3[3] = ctx_iv.w3[3];
+
+ ctx.len = p3; // or ctx_iv.len ?
+
+ // final () for the IV byte:
+
+ sha1_final (&ctx_iv);
+
+ const u32 iv_idx = init_pos / 4;
+ const u32 iv_off = init_pos & 3;
+
+ tmps[gid].iv[iv_idx] |= (ctx_iv.h[4] & 0xff) << (iv_off << 3);
+
+ // main loop:
+
+ for (u32 i = 0, j = (loop_pos + 1); i < 16383; i++, j++)
{
- sha1_update_utf16le_swap (&ctx, w, pw_len);
-
- sha1_update_swap (&ctx, salt_buf, salt_len);
+ sha1_update_rar29 (&ctx, w, pw_salt_len);
memcat8c_be (ctx.w0, ctx.w1, ctx.w2, ctx.w3, ctx.len, hc_swap32_S (j), ctx.h);
ctx.len += 3;
}
- tmps[gid].dgst[init_pos + 1][0] = ctx.h[0];
- tmps[gid].dgst[init_pos + 1][1] = ctx.h[1];
- tmps[gid].dgst[init_pos + 1][2] = ctx.h[2];
- tmps[gid].dgst[init_pos + 1][3] = ctx.h[3];
- tmps[gid].dgst[init_pos + 1][4] = ctx.h[4];
+ tmps[gid].dgst[0] = ctx.h[0];
+ tmps[gid].dgst[1] = ctx.h[1];
+ tmps[gid].dgst[2] = ctx.h[2];
+ tmps[gid].dgst[3] = ctx.h[3];
+ tmps[gid].dgst[4] = ctx.h[4];
+
+ // only needed if pw_len > 28:
+
+ for (u32 i = 0; i < 66; i++) // unroll ?
+ {
+ tmps[gid].w[i] = w[i];
+ }
}
KERNEL_FQ void m12500_comp (KERN_ATTR_TMPS_ESALT (rar3_tmp_t, pbkdf2_sha1_t))
@@ -298,43 +1022,19 @@ KERNEL_FQ void m12500_comp (KERN_ATTR_TMPS_ESALT (rar3_tmp_t, pbkdf2_sha1_t))
const u32 pw_len = pws[gid].pw_len;
- u32 w[64] = { 0 };
-
- for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1)
- {
- w[idx] = pws[gid].i[idx];
- }
-
- u32 salt_buf[16];
-
- salt_buf[ 0] = salt_bufs[salt_pos].salt_buf[0];
- salt_buf[ 1] = salt_bufs[salt_pos].salt_buf[1];
- salt_buf[ 2] = 0;
- salt_buf[ 3] = 0;
- salt_buf[ 4] = 0;
- salt_buf[ 5] = 0;
- salt_buf[ 6] = 0;
- salt_buf[ 7] = 0;
- salt_buf[ 8] = 0;
- salt_buf[ 9] = 0;
- salt_buf[10] = 0;
- salt_buf[11] = 0;
- salt_buf[12] = 0;
- salt_buf[13] = 0;
- salt_buf[14] = 0;
- salt_buf[15] = 0;
-
const u32 salt_len = 8;
- const u32 p3 = (pw_len * 2) + salt_len + 3;
+ const u32 pw_salt_len = (pw_len * 2) + salt_len;
+
+ const u32 p3 = pw_salt_len + 3;
u32 h[5];
- h[0] = tmps[gid].dgst[16][0];
- h[1] = tmps[gid].dgst[16][1];
- h[2] = tmps[gid].dgst[16][2];
- h[3] = tmps[gid].dgst[16][3];
- h[4] = tmps[gid].dgst[16][4];
+ h[0] = tmps[gid].dgst[0];
+ h[1] = tmps[gid].dgst[1];
+ h[2] = tmps[gid].dgst[2];
+ h[3] = tmps[gid].dgst[3];
+ h[4] = tmps[gid].dgst[4];
u32 w0[4];
u32 w1[4];
@@ -382,46 +1082,13 @@ KERNEL_FQ void m12500_comp (KERN_ATTR_TMPS_ESALT (rar3_tmp_t, pbkdf2_sha1_t))
AES128_decrypt (ks, data, out, s_td0, s_td1, s_td2, s_td3, s_td4);
- u32 iv[4];
+ u32 iv[2];
- iv[0] = 0;
- iv[1] = 0;
- iv[2] = 0;
- iv[3] = 0;
-
- for (int i = 0; i < 16; i++)
- {
- sha1_ctx_t ctx;
-
- sha1_init (&ctx);
-
- ctx.h[0] = tmps[gid].dgst[i][0];
- ctx.h[1] = tmps[gid].dgst[i][1];
- ctx.h[2] = tmps[gid].dgst[i][2];
- ctx.h[3] = tmps[gid].dgst[i][3];
- ctx.h[4] = tmps[gid].dgst[i][4];
-
- const u32 iter_pos = i * (ROUNDS / 16);
-
- ctx.len = iter_pos * p3;
-
- sha1_update_utf16le_swap (&ctx, w, pw_len);
-
- sha1_update_swap (&ctx, salt_buf, salt_len);
-
- memcat8c_be (ctx.w0, ctx.w1, ctx.w2, ctx.w3, ctx.len, hc_swap32_S (iter_pos), ctx.h);
-
- ctx.len += 3;
-
- sha1_final (&ctx);
-
- PUTCHAR (iv, i, ctx.h[4] & 0xff);
- }
+ iv[0] = tmps[gid].iv[0];
+ iv[1] = tmps[gid].iv[1];
out[0] ^= hc_swap32_S (iv[0]);
out[1] ^= hc_swap32_S (iv[1]);
- out[2] ^= hc_swap32_S (iv[2]);
- out[3] ^= hc_swap32_S (iv[3]);
const u32 r0 = out[0];
const u32 r1 = out[1];
diff --git a/docs/changes.txt b/docs/changes.txt
index afdd8b716..20e930f62 100644
--- a/docs/changes.txt
+++ b/docs/changes.txt
@@ -85,6 +85,7 @@
- Fixed cracking of Cisco-PIX and Cisco-ASA MD5 passwords in mask-attack mode if mask > length 16
- Fixed cracking of Electrum Wallet Salt-Type 2 hashes
- Fixed cracking of NetNTLMv1 passwords in mask-attack mode if mask > length 16 (optimized kernels only)
+- Fixed cracking of RAR3-hp hashes with passwords longer than 28 bytes with pure kernel
- Fixed cracking of VeraCrypt Streebog-512 hashes (CPU only)
- Fixed cracking raw Streebog-HMAC 256 and 512 hashes with password of length >= 64
- Fixed cracking raw Whirlpool hashes cracking with password of length >= 32
diff --git a/src/modules/module_12500.c b/src/modules/module_12500.c
index 6e5c46635..45540e0d4 100644
--- a/src/modules/module_12500.c
+++ b/src/modules/module_12500.c
@@ -42,16 +42,33 @@ const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig,
typedef struct rar3_tmp
{
- u32 dgst[17][5];
+ u32 dgst[5];
+
+ u32 w[66]; // 256 byte pass + 8 byte salt
+
+ u32 iv[4];
} rar3_tmp_t;
+typedef struct rar3_tmp_optimized
+{
+ u32 dgst[17][5];
+
+} rar3_tmp_optimized_t;
+
static const int ROUNDS_RAR3 = 262144;
static const char *SIGNATURE_RAR3 = "$RAR3$";
u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra)
{
- const u64 tmp_size = (const u64) sizeof (rar3_tmp_t);
+ const bool optimized_kernel = (hashconfig->opti_type & OPTI_TYPE_OPTIMIZED_KERNEL);
+
+ u64 tmp_size = (u64) sizeof (rar3_tmp_t);
+
+ if (optimized_kernel == true)
+ {
+ tmp_size = (u64) sizeof (rar3_tmp_optimized_t);
+ }
return tmp_size;
}
@@ -74,7 +91,7 @@ u32 module_pw_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED con
{
const bool optimized_kernel = (hashconfig->opti_type & OPTI_TYPE_OPTIMIZED_KERNEL);
- u32 pw_max = PW_MAX;
+ u32 pw_max = 127;
if (optimized_kernel == true)
{
diff --git a/tools/test_modules/m12500.pm b/tools/test_modules/m12500.pm
new file mode 100644
index 000000000..155683a15
--- /dev/null
+++ b/tools/test_modules/m12500.pm
@@ -0,0 +1,405 @@
+#!/usr/bin/env perl
+
+##
+## Author......: See docs/credits.txt
+## License.....: MIT
+##
+
+use strict;
+use warnings;
+
+use Digest::SHA;
+use Crypt::CBC;
+use Encode;
+
+sub module_constraints { [[0, 127], [8, 8], [0, 20], [8, 8], [-1, -1]] }
+
+my $ITERATIONS = 0x40000;
+
+my $FIXED_RAW_STRING = pack ("H*", "c43d7b00400700000000000000000000");
+
+my $SHA1C00 = 0x5a827999;
+my $SHA1C01 = 0x6ed9eba1;
+my $SHA1C02 = 0x8f1bbcdc;
+my $SHA1C03 = 0xca62c1d6;
+
+my $SHA1M_A = 0x67452301;
+my $SHA1M_B = 0xefcdab89;
+my $SHA1M_C = 0x98badcfe;
+my $SHA1M_D = 0x10325476;
+my $SHA1M_E = 0xc3d2e1f0;
+
+sub rotl32
+{
+ my $x = shift;
+ my $n = shift;
+
+ return (($x << $n) | ($x >> (32 - $n))) & 0xffffffff;
+}
+
+sub blk
+{
+ my $b = shift;
+ my $i = shift;
+
+ $$b[$i & 15] = rotl32 ($$b[($i + 13) & 15] ^
+ $$b[($i + 8) & 15] ^
+ $$b[($i + 2) & 15] ^
+ $$b[($i + 0) & 15], 1);
+
+ return $$b[$i & 15];
+}
+
+sub R0
+{
+ my ($b, $v, $w, $x, $y, $z, $i) = @_;
+
+ $$b[$i] = unpack ("L<", pack ("L>", $$b[$i])); # blk0 or just swap_byte32 ()
+
+ $z += (($w & ($x ^ $y)) ^ $y) + $$b[$i] + $SHA1C00 + rotl32 ($v, 5);
+
+ $z &= 0xffffffff;
+
+ $w = rotl32 ($w, 30);
+
+ return ($z, $w);
+}
+
+sub R1
+{
+ my ($b, $v, $w, $x, $y, $z, $i) = @_;
+
+ $z += (($w & ($x ^ $y)) ^ $y) + blk ($b, $i) + $SHA1C00 + rotl32 ($v, 5);
+
+ $z &= 0xffffffff;
+
+ $w = rotl32 ($w, 30);
+
+ return ($z, $w);
+}
+
+sub R2
+{
+ my ($b, $v, $w, $x, $y, $z, $i) = @_;
+
+ $z += ($w ^ $x ^ $y) + blk ($b, $i) + $SHA1C01 + rotl32 ($v, 5);
+
+ $z &= 0xffffffff;
+
+ $w = rotl32 ($w, 30);
+
+ return ($z, $w);
+}
+
+sub R3
+{
+ my ($b, $v, $w, $x, $y, $z, $i) = @_;
+
+ $z += ((($w | $x) & $y) | ($w & $x)) + blk ($b, $i) + $SHA1C02 + rotl32 ($v, 5);
+
+ $z &= 0xffffffff;
+
+ $w = rotl32 ($w, 30);
+
+ return ($z, $w);
+}
+
+sub R4
+{
+ my ($b, $v, $w, $x, $y, $z, $i) = @_;
+
+ $z += ($w ^ $x ^ $y) + blk ($b, $i) + $SHA1C03 + rotl32 ($v, 5);
+
+ $z &= 0xffffffff;
+
+ $w = rotl32 ($w, 30);
+
+ return ($z, $w);
+}
+
+sub sha1_transform
+{
+ my ($state, $buffer) = @_;
+
+ my @block = unpack ("L<*", $$buffer);
+
+ my $a = $$state[0];
+ my $b = $$state[1];
+ my $c = $$state[2];
+ my $d = $$state[3];
+ my $e = $$state[4];
+
+ ($e, $b) = R0 (\@block, $a, $b, $c, $d, $e, 0);
+ ($d, $a) = R0 (\@block, $e, $a, $b, $c, $d, 1);
+ ($c, $e) = R0 (\@block, $d, $e, $a, $b, $c, 2);
+ ($b, $d) = R0 (\@block, $c, $d, $e, $a, $b, 3);
+
+ ($a, $c) = R0 (\@block, $b, $c, $d, $e, $a, 4);
+ ($e, $b) = R0 (\@block, $a, $b, $c, $d, $e, 5);
+ ($d, $a) = R0 (\@block, $e, $a, $b, $c, $d, 6);
+ ($c, $e) = R0 (\@block, $d, $e, $a, $b, $c, 7);
+
+ ($b, $d) = R0 (\@block, $c, $d, $e, $a, $b, 8);
+ ($a, $c) = R0 (\@block, $b, $c, $d, $e, $a, 9);
+ ($e, $b) = R0 (\@block, $a, $b, $c, $d, $e, 10);
+ ($d, $a) = R0 (\@block, $e, $a, $b, $c, $d, 11);
+
+ ($c, $e) = R0 (\@block, $d, $e, $a, $b, $c, 12);
+ ($b, $d) = R0 (\@block, $c, $d, $e, $a, $b, 13);
+ ($a, $c) = R0 (\@block, $b, $c, $d, $e, $a, 14);
+ ($e, $b) = R0 (\@block, $a, $b, $c, $d, $e, 15);
+
+ ($d, $a) = R1 (\@block, $e, $a, $b, $c, $d, 16);
+ ($c, $e) = R1 (\@block, $d, $e, $a, $b, $c, 17);
+ ($b, $d) = R1 (\@block, $c, $d, $e, $a, $b, 18);
+ ($a, $c) = R1 (\@block, $b, $c, $d, $e, $a, 19);
+
+ ($e, $b) = R2 (\@block, $a, $b, $c, $d, $e, 20);
+ ($d, $a) = R2 (\@block, $e, $a, $b, $c, $d, 21);
+ ($c, $e) = R2 (\@block, $d, $e, $a, $b, $c, 22);
+ ($b, $d) = R2 (\@block, $c, $d, $e, $a, $b, 23);
+
+ ($a, $c) = R2 (\@block, $b, $c, $d, $e, $a, 24);
+ ($e, $b) = R2 (\@block, $a, $b, $c, $d, $e, 25);
+ ($d, $a) = R2 (\@block, $e, $a, $b, $c, $d, 26);
+ ($c, $e) = R2 (\@block, $d, $e, $a, $b, $c, 27);
+
+ ($b, $d) = R2 (\@block, $c, $d, $e, $a, $b, 28);
+ ($a, $c) = R2 (\@block, $b, $c, $d, $e, $a, 29);
+ ($e, $b) = R2 (\@block, $a, $b, $c, $d, $e, 30);
+ ($d, $a) = R2 (\@block, $e, $a, $b, $c, $d, 31);
+
+ ($c, $e) = R2 (\@block, $d, $e, $a, $b, $c, 32);
+ ($b, $d) = R2 (\@block, $c, $d, $e, $a, $b, 33);
+ ($a, $c) = R2 (\@block, $b, $c, $d, $e, $a, 34);
+ ($e, $b) = R2 (\@block, $a, $b, $c, $d, $e, 35);
+
+ ($d, $a) = R2 (\@block, $e, $a, $b, $c, $d, 36);
+ ($c, $e) = R2 (\@block, $d, $e, $a, $b, $c, 37);
+ ($b, $d) = R2 (\@block, $c, $d, $e, $a, $b, 38);
+ ($a, $c) = R2 (\@block, $b, $c, $d, $e, $a, 39);
+
+ ($e, $b) = R3 (\@block, $a, $b, $c, $d, $e, 40);
+ ($d, $a) = R3 (\@block, $e, $a, $b, $c, $d, 41);
+ ($c, $e) = R3 (\@block, $d, $e, $a, $b, $c, 42);
+ ($b, $d) = R3 (\@block, $c, $d, $e, $a, $b, 43);
+
+ ($a, $c) = R3 (\@block, $b, $c, $d, $e, $a, 44);
+ ($e, $b) = R3 (\@block, $a, $b, $c, $d, $e, 45);
+ ($d, $a) = R3 (\@block, $e, $a, $b, $c, $d, 46);
+ ($c, $e) = R3 (\@block, $d, $e, $a, $b, $c, 47);
+
+ ($b, $d) = R3 (\@block, $c, $d, $e, $a, $b, 48);
+ ($a, $c) = R3 (\@block, $b, $c, $d, $e, $a, 49);
+ ($e, $b) = R3 (\@block, $a, $b, $c, $d, $e, 50);
+ ($d, $a) = R3 (\@block, $e, $a, $b, $c, $d, 51);
+
+ ($c, $e) = R3 (\@block, $d, $e, $a, $b, $c, 52);
+ ($b, $d) = R3 (\@block, $c, $d, $e, $a, $b, 53);
+ ($a, $c) = R3 (\@block, $b, $c, $d, $e, $a, 54);
+ ($e, $b) = R3 (\@block, $a, $b, $c, $d, $e, 55);
+
+ ($d, $a) = R3 (\@block, $e, $a, $b, $c, $d, 56);
+ ($c, $e) = R3 (\@block, $d, $e, $a, $b, $c, 57);
+ ($b, $d) = R3 (\@block, $c, $d, $e, $a, $b, 58);
+ ($a, $c) = R3 (\@block, $b, $c, $d, $e, $a, 59);
+
+ ($e, $b) = R4 (\@block, $a, $b, $c, $d, $e, 60);
+ ($d, $a) = R4 (\@block, $e, $a, $b, $c, $d, 61);
+ ($c, $e) = R4 (\@block, $d, $e, $a, $b, $c, 62);
+ ($b, $d) = R4 (\@block, $c, $d, $e, $a, $b, 63);
+
+ ($a, $c) = R4 (\@block, $b, $c, $d, $e, $a, 64);
+ ($e, $b) = R4 (\@block, $a, $b, $c, $d, $e, 65);
+ ($d, $a) = R4 (\@block, $e, $a, $b, $c, $d, 66);
+ ($c, $e) = R4 (\@block, $d, $e, $a, $b, $c, 67);
+
+ ($b, $d) = R4 (\@block, $c, $d, $e, $a, $b, 68);
+ ($a, $c) = R4 (\@block, $b, $c, $d, $e, $a, 69);
+ ($e, $b) = R4 (\@block, $a, $b, $c, $d, $e, 70);
+ ($d, $a) = R4 (\@block, $e, $a, $b, $c, $d, 71);
+
+ ($c, $e) = R4 (\@block, $d, $e, $a, $b, $c, 72);
+ ($b, $d) = R4 (\@block, $c, $d, $e, $a, $b, 73);
+ ($a, $c) = R4 (\@block, $b, $c, $d, $e, $a, 74);
+ ($e, $b) = R4 (\@block, $a, $b, $c, $d, $e, 75);
+
+ ($d, $a) = R4 (\@block, $e, $a, $b, $c, $d, 76);
+ ($c, $e) = R4 (\@block, $d, $e, $a, $b, $c, 77);
+ ($b, $d) = R4 (\@block, $c, $d, $e, $a, $b, 78);
+ ($a, $c) = R4 (\@block, $b, $c, $d, $e, $a, 79);
+
+ $$state[0] = ($$state[0] + $a) & 0xffffffff;
+ $$state[1] = ($$state[1] + $b) & 0xffffffff;
+ $$state[2] = ($$state[2] + $c) & 0xffffffff;
+ $$state[3] = ($$state[3] + $d) & 0xffffffff;
+ $$state[4] = ($$state[4] + $e) & 0xffffffff;
+
+ $$buffer = pack ("L<*", @block);
+}
+
+sub sha1_getstate
+{
+ my $ctx = shift;
+
+ my $info = $ctx->getstate;
+
+ # state:
+
+ my $idx = index ($info, "H:");
+
+ my $state = substr ($info, $idx + 2, 44);
+
+ $state =~ s/://g;
+
+ my @state_arr = unpack ("L>*", pack ("H*", $state));
+
+ # block:
+
+ $idx = index ($info, "block:");
+
+ my $block = substr ($info, $idx + 6, 191);
+
+ $block =~ s/://g;
+
+ $block = pack ("H*", $block);
+
+
+ return (\@state_arr, $block);
+}
+
+sub sha1_update_rar29
+{
+ my $ctx = shift;
+ my $data = shift;
+ my $len = shift;
+ my $count = shift;
+
+ my $ctx_orig = $ctx->clone;
+
+ $ctx->add ($$data);
+
+
+ # two early exits from this function, if (strange data) manipulation is not needed:
+
+ my $j = $count & 63;
+
+ return if (($j + $len) <= 63);
+
+
+ my $i = 64 - $j;
+
+ return if (($i + 63) >= $len);
+
+
+ # proceed with updating $data:
+
+ my ($state, $block) = sha1_getstate ($ctx_orig);
+
+
+ substr ($block, $j, $i) = substr ($$data, 0, $i);
+
+ sha1_transform ($state, \$block);
+
+
+ while (($i + 63) < $len)
+ {
+ my $workspace = substr ($$data, $i, 64);
+
+ sha1_transform ($state, \$workspace);
+
+ substr ($$data, $i, 64) = $workspace;
+
+ $i += 64;
+ }
+}
+
+sub module_generate_hash
+{
+ my $pass = shift;
+ my $salt = shift;
+
+ # convert to utf16le:
+
+ my $buf = encode ("UTF-16LE", $pass);
+
+ # add the salt to the password buffer:
+
+ $buf .= $salt;
+
+ my $len = length ($buf);
+
+ my $count = 0;
+
+ my $ctx = Digest::SHA->new ('SHA1');
+
+ my $iv = "";
+
+ # main loop:
+
+ for (my $i = 0; $i < $ITERATIONS; $i++)
+ {
+ sha1_update_rar29 ($ctx, \$buf, $len, $count);
+
+ $count += $len;
+
+ my $pos = substr (pack ("L<", $i), 0, 3);
+
+ $ctx->add ($pos);
+
+ $count += 3;
+
+ if (($i & 0x3fff) == 0)
+ {
+ my $dgst = $ctx->clone->digest;
+
+ $iv .= substr ($dgst, 19, 1);
+ }
+ }
+
+ my $k = $ctx->digest;
+
+ $k = pack ("L<*", unpack ("L>4", $k)); # byte swap the first 4 * 4 = 16 bytes
+
+ my $aes = Crypt::CBC->new (
+ -cipher => "Crypt::Rijndael",
+ -key => $k,
+ -iv => $iv,
+ -keysize => 16,
+ -literal_key => 1,
+ -header => 'none');
+
+ my $hash = $aes->encrypt ($FIXED_RAW_STRING);
+
+ return sprintf ("\$RAR3\$*0*%s*%s", unpack ("H*", $salt), unpack ("H*", substr ($hash, 0, 16)));
+}
+
+sub module_verify_hash
+{
+ my $line = shift;
+
+ my $idx = index ($line, ':');
+
+ return if ($idx < 1);
+
+ my $hash = substr ($line, 0, $idx);
+ my $word = substr ($line, $idx + 1);
+
+ return if (substr ($hash, 0, 9) ne "\$RAR3\$*0*");
+
+ $idx = index ($hash, '*', 9);
+
+ return if ($idx < 1);
+
+ my $salt = substr ($hash, 9, $idx - 9);
+
+ $salt = pack ("H*", $salt);
+
+ my $word_packed = pack_if_HEX_notation ($word);
+
+ my $new_hash = module_generate_hash ($word_packed, $salt);
+
+ return ($new_hash, $word);
+}
+
+1;
From f382d24dcf147e97d8c0bb8c5e4ba423fc69059a Mon Sep 17 00:00:00 2001
From: philsmd <philsmd@hashcat.net>
Date: Mon, 25 May 2020 11:30:45 +0200
Subject: [PATCH 04/12] fixes #2365: NSEC3 dot replace and empty salt/domain
fix
---
OpenCL/m08300_a0-optimized.cl | 201 ++++++++++++++++++++++++++++++++--
OpenCL/m08300_a0-pure.cl | 62 ++++++++++-
OpenCL/m08300_a1-optimized.cl | 201 ++++++++++++++++++++++++++++++++--
OpenCL/m08300_a1-pure.cl | 80 ++++++++++++--
OpenCL/m08300_a3-optimized.cl | 174 ++++++++++++++++++++++++++++-
OpenCL/m08300_a3-pure.cl | 129 +++++++++++++++++++++-
docs/changes.txt | 1 +
src/modules/module_08300.c | 9 +-
tools/test_modules/m08300.pm | 15 ++-
9 files changed, 821 insertions(+), 51 deletions(-)
diff --git a/OpenCL/m08300_a0-optimized.cl b/OpenCL/m08300_a0-optimized.cl
index d9461bd26..62d964fe2 100644
--- a/OpenCL/m08300_a0-optimized.cl
+++ b/OpenCL/m08300_a0-optimized.cl
@@ -16,6 +16,113 @@
#include "inc_hash_sha1.cl"
#endif
+const u32 replace_dots (u32 *w, const u32 idx, const u32 old_len, const u32 pw_len)
+{
+ const u32 min_len = idx << 4; // 2 ^ 4 = 16 for each u32 w[4]
+
+ if (pw_len <= min_len) return 0;
+
+ const u32 max_len = pw_len - min_len - 1;
+
+ const u32 start_pos = (max_len < 15) ? max_len : 15;
+
+ u32 cur_len = old_len;
+
+ for (int pos = (int) start_pos; pos >= 0; pos--)
+ {
+ const u32 div = pos / 4;
+ const u32 mod = pos & 3;
+ const u32 sht = mod << 3;
+
+ if (((w[div] >> sht) & 0xff) == 0x2e) // '.'
+ {
+ w[div] += (cur_len - 0x2e) << sht;
+
+ cur_len = 0;
+ }
+ else
+ {
+ cur_len++;
+ }
+ }
+
+ return cur_len;
+}
+
+const u32 replace_dot_by_len (u32 *w0, u32 *w1, u32 *w2, u32 *w3, const u32 pw_len)
+{
+ u32 cur_len = 0;
+
+ // loop over w3...w0 (4 * 16 = 64 bytes):
+
+ cur_len = replace_dots (w3, 3, cur_len, pw_len);
+ cur_len = replace_dots (w2, 2, cur_len, pw_len);
+ cur_len = replace_dots (w1, 1, cur_len, pw_len);
+ cur_len = replace_dots (w0, 0, cur_len, pw_len);
+
+ return cur_len;
+}
+
+#define REPLACE_DOT_BY_LEN_VECT(n) \
+ if (out_len.s##n > 0) \
+ { \
+ u32 tmp0[4]; \
+ \
+ tmp0[0] = w0_t[0].s##n; \
+ tmp0[1] = w0_t[1].s##n; \
+ tmp0[2] = w0_t[2].s##n; \
+ tmp0[3] = w0_t[3].s##n; \
+ \
+ u32 tmp1[4]; \
+ \
+ tmp1[0] = w1_t[0].s##n; \
+ tmp1[1] = w1_t[1].s##n; \
+ tmp1[2] = w1_t[2].s##n; \
+ tmp1[3] = w1_t[3].s##n; \
+ \
+ u32 tmp2[4]; \
+ \
+ tmp2[0] = w2_t[0].s##n; \
+ tmp2[1] = w2_t[1].s##n; \
+ tmp2[2] = w2_t[2].s##n; \
+ tmp2[3] = w2_t[3].s##n; \
+ \
+ u32 tmp3[4]; \
+ \
+ tmp3[0] = w3_t[0].s##n; \
+ tmp3[1] = w3_t[1].s##n; \
+ tmp3[2] = w3_t[2].s##n; \
+ tmp3[3] = w3_t[3].s##n; \
+ \
+ const u32 len = replace_dot_by_len (tmp0, tmp1, tmp2, tmp3, out_len.s##n); \
+ \
+ switch_buffer_by_offset_le_S (tmp0, tmp1, tmp2, tmp3, 1); \
+ \
+ tmp0[0] |= len & 0xff; \
+ \
+ w0_t[0].s##n = tmp0[0]; \
+ w0_t[1].s##n = tmp0[1]; \
+ w0_t[2].s##n = tmp0[2]; \
+ w0_t[3].s##n = tmp0[3]; \
+ \
+ w1_t[0].s##n = tmp1[0]; \
+ w1_t[1].s##n = tmp1[1]; \
+ w1_t[2].s##n = tmp1[2]; \
+ w1_t[3].s##n = tmp1[3]; \
+ \
+ w2_t[0].s##n = tmp2[0]; \
+ w2_t[1].s##n = tmp2[1]; \
+ w2_t[2].s##n = tmp2[2]; \
+ w2_t[3].s##n = tmp2[3]; \
+ \
+ w3_t[0].s##n = tmp3[0]; \
+ w3_t[1].s##n = tmp3[1]; \
+ w3_t[2].s##n = tmp3[2]; \
+ w3_t[3].s##n = tmp3[3]; \
+ \
+ out_len.s##n++; \
+ }
+
KERNEL_FQ void m08300_m04 (KERN_ATTR_RULES ())
{
/**
@@ -91,7 +198,7 @@ KERNEL_FQ void m08300_m04 (KERN_ATTR_RULES ())
u32x w2[4] = { 0 };
u32x w3[4] = { 0 };
- const u32x out_len = apply_rules_vect_optimized (pw_buf0, pw_buf1, pw_len, rules_buf, il_pos, w0, w1);
+ u32x out_len = apply_rules_vect_optimized (pw_buf0, pw_buf1, pw_len, rules_buf, il_pos, w0, w1);
/**
* salt
@@ -119,9 +226,44 @@ KERNEL_FQ void m08300_m04 (KERN_ATTR_RULES ())
w3_t[2] = w3[2];
w3_t[3] = w3[3];
- switch_buffer_by_offset_le (w0_t, w1_t, w2_t, w3_t, 1);
+ // replace "." with the length:
- w0_t[0] |= out_len & 0xff;
+ #if VECT_SIZE == 1
+ if (out_len > 0)
+ {
+ const u32 len = replace_dot_by_len (w0_t, w1_t, w2_t, w3_t, out_len);
+
+ switch_buffer_by_offset_le (w0_t, w1_t, w2_t, w3_t, 1);
+
+ w0_t[0] |= len & 0xff;
+
+ out_len++;
+ }
+ #endif
+ #if VECT_SIZE >= 2
+ REPLACE_DOT_BY_LEN_VECT (0)
+ REPLACE_DOT_BY_LEN_VECT (1)
+ #endif
+ #if VECT_SIZE >= 4
+ REPLACE_DOT_BY_LEN_VECT (2)
+ REPLACE_DOT_BY_LEN_VECT (3)
+ #endif
+ #if VECT_SIZE >= 8
+ REPLACE_DOT_BY_LEN_VECT (4)
+ REPLACE_DOT_BY_LEN_VECT (5)
+ REPLACE_DOT_BY_LEN_VECT (6)
+ REPLACE_DOT_BY_LEN_VECT (7)
+ #endif
+ #if VECT_SIZE >= 16
+ REPLACE_DOT_BY_LEN_VECT (8)
+ REPLACE_DOT_BY_LEN_VECT (9)
+ REPLACE_DOT_BY_LEN_VECT (a)
+ REPLACE_DOT_BY_LEN_VECT (b)
+ REPLACE_DOT_BY_LEN_VECT (c)
+ REPLACE_DOT_BY_LEN_VECT (d)
+ REPLACE_DOT_BY_LEN_VECT (e)
+ REPLACE_DOT_BY_LEN_VECT (f)
+ #endif
u32x s0[4];
u32x s1[4];
@@ -145,7 +287,7 @@ KERNEL_FQ void m08300_m04 (KERN_ATTR_RULES ())
s3[2] = 0;
s3[3] = 0;
- switch_buffer_by_offset_le_VV (s0, s1, s2, s3, 1 + out_len);
+ switch_buffer_by_offset_le_VV (s0, s1, s2, s3, out_len);
w0_t[0] |= s0[0];
w0_t[1] |= s0[1];
@@ -181,7 +323,7 @@ KERNEL_FQ void m08300_m04 (KERN_ATTR_RULES ())
s3[2] = 0;
s3[3] = 0;
- switch_buffer_by_offset_le_VV (s0, s1, s2, s3, 1 + out_len + domain_len + 1);
+ switch_buffer_by_offset_le_VV (s0, s1, s2, s3, out_len + domain_len + 1);
w0_t[0] |= s0[0];
w0_t[1] |= s0[1];
@@ -219,7 +361,7 @@ KERNEL_FQ void m08300_m04 (KERN_ATTR_RULES ())
w3_t[0] = hc_swap32 (w3_t[0]);
w3_t[1] = hc_swap32 (w3_t[1]);
w3_t[2] = 0;
- w3_t[3] = (1 + out_len + domain_len + 1 + salt_len) * 8;
+ w3_t[3] = (out_len + domain_len + 1 + salt_len) * 8;
u32x digest[5];
@@ -360,7 +502,7 @@ KERNEL_FQ void m08300_s04 (KERN_ATTR_RULES ())
u32x w2[4] = { 0 };
u32x w3[4] = { 0 };
- const u32x out_len = apply_rules_vect_optimized (pw_buf0, pw_buf1, pw_len, rules_buf, il_pos, w0, w1);
+ u32x out_len = apply_rules_vect_optimized (pw_buf0, pw_buf1, pw_len, rules_buf, il_pos, w0, w1);
/**
* salt
@@ -388,9 +530,44 @@ KERNEL_FQ void m08300_s04 (KERN_ATTR_RULES ())
w3_t[2] = w3[2];
w3_t[3] = w3[3];
- switch_buffer_by_offset_le (w0_t, w1_t, w2_t, w3_t, 1);
+ // replace "." with the length:
- w0_t[0] |= out_len & 0xff;
+ #if VECT_SIZE == 1
+ if (out_len > 0)
+ {
+ const u32 len = replace_dot_by_len (w0_t, w1_t, w2_t, w3_t, out_len);
+
+ switch_buffer_by_offset_le (w0_t, w1_t, w2_t, w3_t, 1);
+
+ w0_t[0] |= len & 0xff;
+
+ out_len++;
+ }
+ #endif
+ #if VECT_SIZE >= 2
+ REPLACE_DOT_BY_LEN_VECT (0)
+ REPLACE_DOT_BY_LEN_VECT (1)
+ #endif
+ #if VECT_SIZE >= 4
+ REPLACE_DOT_BY_LEN_VECT (2)
+ REPLACE_DOT_BY_LEN_VECT (3)
+ #endif
+ #if VECT_SIZE >= 8
+ REPLACE_DOT_BY_LEN_VECT (4)
+ REPLACE_DOT_BY_LEN_VECT (5)
+ REPLACE_DOT_BY_LEN_VECT (6)
+ REPLACE_DOT_BY_LEN_VECT (7)
+ #endif
+ #if VECT_SIZE >= 16
+ REPLACE_DOT_BY_LEN_VECT (8)
+ REPLACE_DOT_BY_LEN_VECT (9)
+ REPLACE_DOT_BY_LEN_VECT (a)
+ REPLACE_DOT_BY_LEN_VECT (b)
+ REPLACE_DOT_BY_LEN_VECT (c)
+ REPLACE_DOT_BY_LEN_VECT (d)
+ REPLACE_DOT_BY_LEN_VECT (e)
+ REPLACE_DOT_BY_LEN_VECT (f)
+ #endif
u32x s0[4];
u32x s1[4];
@@ -414,7 +591,7 @@ KERNEL_FQ void m08300_s04 (KERN_ATTR_RULES ())
s3[2] = 0;
s3[3] = 0;
- switch_buffer_by_offset_le_VV (s0, s1, s2, s3, 1 + out_len);
+ switch_buffer_by_offset_le_VV (s0, s1, s2, s3, out_len);
w0_t[0] |= s0[0];
w0_t[1] |= s0[1];
@@ -450,7 +627,7 @@ KERNEL_FQ void m08300_s04 (KERN_ATTR_RULES ())
s3[2] = 0;
s3[3] = 0;
- switch_buffer_by_offset_le_VV (s0, s1, s2, s3, 1 + out_len + domain_len + 1);
+ switch_buffer_by_offset_le_VV (s0, s1, s2, s3, out_len + domain_len + 1);
w0_t[0] |= s0[0];
w0_t[1] |= s0[1];
@@ -488,7 +665,7 @@ KERNEL_FQ void m08300_s04 (KERN_ATTR_RULES ())
w3_t[0] = hc_swap32 (w3_t[0]);
w3_t[1] = hc_swap32 (w3_t[1]);
w3_t[2] = 0;
- w3_t[3] = (1 + out_len + domain_len + 1 + salt_len) * 8;
+ w3_t[3] = (out_len + domain_len + 1 + salt_len) * 8;
u32x digest[5];
diff --git a/OpenCL/m08300_a0-pure.cl b/OpenCL/m08300_a0-pure.cl
index 7bf1156fd..66d4cea99 100644
--- a/OpenCL/m08300_a0-pure.cl
+++ b/OpenCL/m08300_a0-pure.cl
@@ -67,11 +67,36 @@ KERNEL_FQ void m08300_mxx (KERN_ATTR_RULES ())
sha1_init (&ctx1);
- ctx1.w0[0] = (tmp.pw_len & 0xff) << 24;
+ // replace "." with the length:
- ctx1.len = 1;
+ if (tmp.pw_len > 0)
+ {
+ u32 len = 0;
- sha1_update_swap (&ctx1, tmp.i, tmp.pw_len);
+ for (int pos = tmp.pw_len - 1; pos >= 0; pos--)
+ {
+ const u32 div = pos / 4;
+ const u32 mod = pos & 3;
+ const u32 sht = mod << 3;
+
+ if (((tmp.i[div] >> sht) & 0xff) == 0x2e) // '.'
+ {
+ tmp.i[div] += (len - 0x2e) << sht;
+
+ len = 0;
+
+ continue;
+ }
+
+ len++;
+ }
+
+ ctx1.w0[0] = (len & 0xff) << 24;
+
+ ctx1.len = 1;
+
+ sha1_update_swap (&ctx1, tmp.i, tmp.pw_len);
+ }
sha1_update (&ctx1, s_pc, salt_len_pc + 1);
@@ -186,11 +211,36 @@ KERNEL_FQ void m08300_sxx (KERN_ATTR_RULES ())
sha1_init (&ctx1);
- ctx1.w0[0] = (tmp.pw_len & 0xff) << 24;
+ // replace "." with the length:
- ctx1.len = 1;
+ if (tmp.pw_len > 0)
+ {
+ u32 len = 0;
- sha1_update_swap (&ctx1, tmp.i, tmp.pw_len);
+ for (int pos = tmp.pw_len - 1; pos >= 0; pos--)
+ {
+ const u32 div = pos / 4;
+ const u32 mod = pos & 3;
+ const u32 sht = mod << 3;
+
+ if (((tmp.i[div] >> sht) & 0xff) == 0x2e) // '.'
+ {
+ tmp.i[div] += (len - 0x2e) << sht;
+
+ len = 0;
+
+ continue;
+ }
+
+ len++;
+ }
+
+ ctx1.w0[0] = (len & 0xff) << 24;
+
+ ctx1.len = 1;
+
+ sha1_update_swap (&ctx1, tmp.i, tmp.pw_len);
+ }
sha1_update (&ctx1, s_pc, salt_len_pc + 1);
diff --git a/OpenCL/m08300_a1-optimized.cl b/OpenCL/m08300_a1-optimized.cl
index a669c739d..a5e3df1e4 100644
--- a/OpenCL/m08300_a1-optimized.cl
+++ b/OpenCL/m08300_a1-optimized.cl
@@ -14,6 +14,113 @@
#include "inc_hash_sha1.cl"
#endif
+const u32 replace_dots (u32 *w, const u32 idx, const u32 old_len, const u32 pw_len)
+{
+ const u32 min_len = idx << 4; // 2 ^ 4 = 16 for each u32 w[4]
+
+ if (pw_len <= min_len) return 0;
+
+ const u32 max_len = pw_len - min_len - 1;
+
+ const u32 start_pos = (max_len < 15) ? max_len : 15;
+
+ u32 cur_len = old_len;
+
+ for (int pos = (int) start_pos; pos >= 0; pos--)
+ {
+ const u32 div = pos / 4;
+ const u32 mod = pos & 3;
+ const u32 sht = mod << 3;
+
+ if (((w[div] >> sht) & 0xff) == 0x2e) // '.'
+ {
+ w[div] += (cur_len - 0x2e) << sht;
+
+ cur_len = 0;
+ }
+ else
+ {
+ cur_len++;
+ }
+ }
+
+ return cur_len;
+}
+
+const u32 replace_dot_by_len (u32 *w0, u32 *w1, u32 *w2, u32 *w3, const u32 pw_len)
+{
+ u32 cur_len = 0;
+
+ // loop over w3...w0 (4 * 16 = 64 bytes):
+
+ cur_len = replace_dots (w3, 3, cur_len, pw_len);
+ cur_len = replace_dots (w2, 2, cur_len, pw_len);
+ cur_len = replace_dots (w1, 1, cur_len, pw_len);
+ cur_len = replace_dots (w0, 0, cur_len, pw_len);
+
+ return cur_len;
+}
+
+#define REPLACE_DOT_BY_LEN_VECT(n) \
+ if (pw_len.s##n > 0) \
+ { \
+ u32 tmp0[4]; \
+ \
+ tmp0[0] = w0_t[0].s##n; \
+ tmp0[1] = w0_t[1].s##n; \
+ tmp0[2] = w0_t[2].s##n; \
+ tmp0[3] = w0_t[3].s##n; \
+ \
+ u32 tmp1[4]; \
+ \
+ tmp1[0] = w1_t[0].s##n; \
+ tmp1[1] = w1_t[1].s##n; \
+ tmp1[2] = w1_t[2].s##n; \
+ tmp1[3] = w1_t[3].s##n; \
+ \
+ u32 tmp2[4]; \
+ \
+ tmp2[0] = w2_t[0].s##n; \
+ tmp2[1] = w2_t[1].s##n; \
+ tmp2[2] = w2_t[2].s##n; \
+ tmp2[3] = w2_t[3].s##n; \
+ \
+ u32 tmp3[4]; \
+ \
+ tmp3[0] = w3_t[0].s##n; \
+ tmp3[1] = w3_t[1].s##n; \
+ tmp3[2] = w3_t[2].s##n; \
+ tmp3[3] = w3_t[3].s##n; \
+ \
+ const u32 len = replace_dot_by_len (tmp0, tmp1, tmp2, tmp3, pw_len.s##n); \
+ \
+ switch_buffer_by_offset_le_S (tmp0, tmp1, tmp2, tmp3, 1); \
+ \
+ tmp0[0] |= len & 0xff; \
+ \
+ w0_t[0].s##n = tmp0[0]; \
+ w0_t[1].s##n = tmp0[1]; \
+ w0_t[2].s##n = tmp0[2]; \
+ w0_t[3].s##n = tmp0[3]; \
+ \
+ w1_t[0].s##n = tmp1[0]; \
+ w1_t[1].s##n = tmp1[1]; \
+ w1_t[2].s##n = tmp1[2]; \
+ w1_t[3].s##n = tmp1[3]; \
+ \
+ w2_t[0].s##n = tmp2[0]; \
+ w2_t[1].s##n = tmp2[1]; \
+ w2_t[2].s##n = tmp2[2]; \
+ w2_t[3].s##n = tmp2[3]; \
+ \
+ w3_t[0].s##n = tmp3[0]; \
+ w3_t[1].s##n = tmp3[1]; \
+ w3_t[2].s##n = tmp3[2]; \
+ w3_t[3].s##n = tmp3[3]; \
+ \
+ pw_len.s##n++; \
+ }
+
KERNEL_FQ void m08300_m04 (KERN_ATTR_BASIC ())
{
/**
@@ -86,7 +193,7 @@ KERNEL_FQ void m08300_m04 (KERN_ATTR_BASIC ())
{
const u32x pw_r_len = pwlenx_create_combt (combs_buf, il_pos) & 63;
- const u32x pw_len = (pw_l_len + pw_r_len) & 63;
+ u32x pw_len = (pw_l_len + pw_r_len) & 63;
/**
* concat password candidate
@@ -177,9 +284,44 @@ KERNEL_FQ void m08300_m04 (KERN_ATTR_BASIC ())
w3_t[2] = w3[2];
w3_t[3] = w3[3];
- switch_buffer_by_offset_le (w0_t, w1_t, w2_t, w3_t, 1);
+ // replace "." with the length:
- w0_t[0] |= pw_len & 0xff;
+ #if VECT_SIZE == 1
+ if (pw_len > 0)
+ {
+ const u32 len = replace_dot_by_len (w0_t, w1_t, w2_t, w3_t, pw_len);
+
+ switch_buffer_by_offset_le (w0_t, w1_t, w2_t, w3_t, 1);
+
+ w0_t[0] |= len & 0xff;
+
+ pw_len++;
+ }
+ #endif
+ #if VECT_SIZE >= 2
+ REPLACE_DOT_BY_LEN_VECT (0)
+ REPLACE_DOT_BY_LEN_VECT (1)
+ #endif
+ #if VECT_SIZE >= 4
+ REPLACE_DOT_BY_LEN_VECT (2)
+ REPLACE_DOT_BY_LEN_VECT (3)
+ #endif
+ #if VECT_SIZE >= 8
+ REPLACE_DOT_BY_LEN_VECT (4)
+ REPLACE_DOT_BY_LEN_VECT (5)
+ REPLACE_DOT_BY_LEN_VECT (6)
+ REPLACE_DOT_BY_LEN_VECT (7)
+ #endif
+ #if VECT_SIZE >= 16
+ REPLACE_DOT_BY_LEN_VECT (8)
+ REPLACE_DOT_BY_LEN_VECT (9)
+ REPLACE_DOT_BY_LEN_VECT (a)
+ REPLACE_DOT_BY_LEN_VECT (b)
+ REPLACE_DOT_BY_LEN_VECT (c)
+ REPLACE_DOT_BY_LEN_VECT (d)
+ REPLACE_DOT_BY_LEN_VECT (e)
+ REPLACE_DOT_BY_LEN_VECT (f)
+ #endif
u32x s0[4];
u32x s1[4];
@@ -203,7 +345,7 @@ KERNEL_FQ void m08300_m04 (KERN_ATTR_BASIC ())
s3[2] = 0;
s3[3] = 0;
- switch_buffer_by_offset_le_VV (s0, s1, s2, s3, 1 + pw_len);
+ switch_buffer_by_offset_le_VV (s0, s1, s2, s3, pw_len);
w0_t[0] |= s0[0];
w0_t[1] |= s0[1];
@@ -239,7 +381,7 @@ KERNEL_FQ void m08300_m04 (KERN_ATTR_BASIC ())
s3[2] = 0;
s3[3] = 0;
- switch_buffer_by_offset_le_VV (s0, s1, s2, s3, 1 + pw_len + domain_len + 1);
+ switch_buffer_by_offset_le_VV (s0, s1, s2, s3, pw_len + domain_len + 1);
w0_t[0] |= s0[0];
w0_t[1] |= s0[1];
@@ -277,7 +419,7 @@ KERNEL_FQ void m08300_m04 (KERN_ATTR_BASIC ())
w3_t[0] = hc_swap32 (w3_t[0]);
w3_t[1] = hc_swap32 (w3_t[1]);
w3_t[2] = 0;
- w3_t[3] = (1 + pw_len + domain_len + 1 + salt_len) * 8;
+ w3_t[3] = (pw_len + domain_len + 1 + salt_len) * 8;
u32x digest[5];
@@ -415,7 +557,7 @@ KERNEL_FQ void m08300_s04 (KERN_ATTR_BASIC ())
{
const u32x pw_r_len = pwlenx_create_combt (combs_buf, il_pos) & 63;
- const u32x pw_len = (pw_l_len + pw_r_len) & 63;
+ u32x pw_len = (pw_l_len + pw_r_len) & 63;
/**
* concat password candidate
@@ -506,9 +648,44 @@ KERNEL_FQ void m08300_s04 (KERN_ATTR_BASIC ())
w3_t[2] = w3[2];
w3_t[3] = w3[3];
- switch_buffer_by_offset_le (w0_t, w1_t, w2_t, w3_t, 1);
+ // replace "." with the length:
- w0_t[0] |= pw_len & 0xff;
+ #if VECT_SIZE == 1
+ if (pw_len > 0)
+ {
+ const u32 len = replace_dot_by_len (w0_t, w1_t, w2_t, w3_t, pw_len);
+
+ switch_buffer_by_offset_le (w0_t, w1_t, w2_t, w3_t, 1);
+
+ w0_t[0] |= len & 0xff;
+
+ pw_len++;
+ }
+ #endif
+ #if VECT_SIZE >= 2
+ REPLACE_DOT_BY_LEN_VECT (0)
+ REPLACE_DOT_BY_LEN_VECT (1)
+ #endif
+ #if VECT_SIZE >= 4
+ REPLACE_DOT_BY_LEN_VECT (2)
+ REPLACE_DOT_BY_LEN_VECT (3)
+ #endif
+ #if VECT_SIZE >= 8
+ REPLACE_DOT_BY_LEN_VECT (4)
+ REPLACE_DOT_BY_LEN_VECT (5)
+ REPLACE_DOT_BY_LEN_VECT (6)
+ REPLACE_DOT_BY_LEN_VECT (7)
+ #endif
+ #if VECT_SIZE >= 16
+ REPLACE_DOT_BY_LEN_VECT (8)
+ REPLACE_DOT_BY_LEN_VECT (9)
+ REPLACE_DOT_BY_LEN_VECT (a)
+ REPLACE_DOT_BY_LEN_VECT (b)
+ REPLACE_DOT_BY_LEN_VECT (c)
+ REPLACE_DOT_BY_LEN_VECT (d)
+ REPLACE_DOT_BY_LEN_VECT (e)
+ REPLACE_DOT_BY_LEN_VECT (f)
+ #endif
u32x s0[4];
u32x s1[4];
@@ -532,7 +709,7 @@ KERNEL_FQ void m08300_s04 (KERN_ATTR_BASIC ())
s3[2] = 0;
s3[3] = 0;
- switch_buffer_by_offset_le_VV (s0, s1, s2, s3, 1 + pw_len);
+ switch_buffer_by_offset_le_VV (s0, s1, s2, s3, pw_len);
w0_t[0] |= s0[0];
w0_t[1] |= s0[1];
@@ -568,7 +745,7 @@ KERNEL_FQ void m08300_s04 (KERN_ATTR_BASIC ())
s3[2] = 0;
s3[3] = 0;
- switch_buffer_by_offset_le_VV (s0, s1, s2, s3, 1 + pw_len + domain_len + 1);
+ switch_buffer_by_offset_le_VV (s0, s1, s2, s3, pw_len + domain_len + 1);
w0_t[0] |= s0[0];
w0_t[1] |= s0[1];
@@ -606,7 +783,7 @@ KERNEL_FQ void m08300_s04 (KERN_ATTR_BASIC ())
w3_t[0] = hc_swap32 (w3_t[0]);
w3_t[1] = hc_swap32 (w3_t[1]);
w3_t[2] = 0;
- w3_t[3] = (1 + pw_len + domain_len + 1 + salt_len) * 8;
+ w3_t[3] = (pw_len + domain_len + 1 + salt_len) * 8;
u32x digest[5];
diff --git a/OpenCL/m08300_a1-pure.cl b/OpenCL/m08300_a1-pure.cl
index 42135dec1..28e356148 100644
--- a/OpenCL/m08300_a1-pure.cl
+++ b/OpenCL/m08300_a1-pure.cl
@@ -14,6 +14,42 @@
#include "inc_hash_sha1.cl"
#endif
+DECLSPEC const u32 replace_dot_by_len (pw_t *out, GLOBAL_AS const pw_t *in, const u32 old_len)
+{
+ // first make out a copy of in:
+
+ out->pw_len = in->pw_len;
+
+ for (int i = 0; i < 64; i++)
+ {
+ out->i[i] = in->i[i];
+ }
+
+ // replace "." with the length:
+
+ u32 cur_len = old_len;
+
+ for (int pos = out->pw_len - 1; pos >= 0; pos--)
+ {
+ const u32 div = pos / 4;
+ const u32 mod = pos & 3;
+ const u32 sht = mod << 3;
+
+ if (((out->i[div] >> sht) & 0xff) == 0x2e) // '.'
+ {
+ out->i[div] += (cur_len - 0x2e) << sht;
+
+ cur_len = 0;
+
+ continue;
+ }
+
+ cur_len++;
+ }
+
+ return cur_len;
+}
+
KERNEL_FQ void m08300_mxx (KERN_ATTR_BASIC ())
{
/**
@@ -59,13 +95,27 @@ KERNEL_FQ void m08300_mxx (KERN_ATTR_BASIC ())
sha1_init (&ctx1);
- ctx1.w0[0] = ((pws[gid].pw_len + combs_buf[il_pos].pw_len) & 0xff) << 24;
+ const u32 pw_len = pws[gid].pw_len + combs_buf[il_pos].pw_len;
- ctx1.len = 1;
+ // replace "." with the length:
- sha1_update_global_swap (&ctx1, pws[gid].i, pws[gid].pw_len);
+ if (pw_len > 0)
+ {
+ pw_t combs;
- sha1_update_global_swap (&ctx1, combs_buf[il_pos].i, combs_buf[il_pos].pw_len);
+ const u32 first_len_combs = replace_dot_by_len (&combs, &combs_buf[il_pos], 0);
+
+ pw_t pw;
+
+ const u32 first_len_pw = replace_dot_by_len (&pw, &pws[gid], first_len_combs);
+
+ ctx1.w0[0] = (first_len_pw & 0xff) << 24;
+
+ ctx1.len = 1;
+
+ sha1_update_swap (&ctx1, pw.i, pw.pw_len);
+ sha1_update_swap (&ctx1, combs.i, combs.pw_len);
+ }
sha1_update (&ctx1, s_pc, salt_len_pc + 1);
@@ -174,13 +224,27 @@ KERNEL_FQ void m08300_sxx (KERN_ATTR_BASIC ())
sha1_init (&ctx1);
- ctx1.w0[0] = ((pws[gid].pw_len + combs_buf[il_pos].pw_len) & 0xff) << 24;
+ const u32 pw_len = pws[gid].pw_len + combs_buf[il_pos].pw_len;
- ctx1.len = 1;
+ // replace "." with the length:
- sha1_update_global_swap (&ctx1, pws[gid].i, pws[gid].pw_len);
+ if (pw_len > 0)
+ {
+ pw_t combs;
- sha1_update_global_swap (&ctx1, combs_buf[il_pos].i, combs_buf[il_pos].pw_len);
+ const u32 first_len_combs = replace_dot_by_len (&combs, &combs_buf[il_pos], 0);
+
+ pw_t pw;
+
+ const u32 first_len_pw = replace_dot_by_len (&pw, &pws[gid], first_len_combs);
+
+ ctx1.w0[0] = (first_len_pw & 0xff) << 24;
+
+ ctx1.len = 1;
+
+ sha1_update_swap (&ctx1, pw.i, pw.pw_len);
+ sha1_update_swap (&ctx1, combs.i, combs.pw_len);
+ }
sha1_update (&ctx1, s_pc, salt_len_pc + 1);
diff --git a/OpenCL/m08300_a3-optimized.cl b/OpenCL/m08300_a3-optimized.cl
index 0e9ad838f..f62267127 100644
--- a/OpenCL/m08300_a3-optimized.cl
+++ b/OpenCL/m08300_a3-optimized.cl
@@ -14,6 +14,110 @@
#include "inc_hash_sha1.cl"
#endif
+const u32 replace_dots (u32 *w, const u32 idx, const u32 old_len, const u32 pw_len)
+{
+ const u32 min_len = idx << 4; // 2 ^ 4 = 16 for each u32 w[4]
+
+ if (pw_len <= min_len) return 0;
+
+ const u32 max_len = pw_len - min_len - 1;
+
+ const u32 start_pos = (max_len < 15) ? max_len : 15;
+
+ u32 cur_len = old_len;
+
+ for (int pos = (int) start_pos; pos >= 0; pos--)
+ {
+ const u32 div = pos / 4;
+ const u32 mod = pos & 3;
+ const u32 sht = (3 - mod) << 3;
+
+ if (((w[div] >> sht) & 0xff) == 0x2e) // '.'
+ {
+ w[div] += (cur_len - 0x2e) << sht;
+
+ cur_len = 0;
+ }
+ else
+ {
+ cur_len++;
+ }
+ }
+
+ return cur_len;
+}
+
+const u32 replace_dot_by_len (u32 *w0, u32 *w1, u32 *w2, u32 *w3, const u32 pw_len)
+{
+ u32 cur_len = 0;
+
+ // loop over w3...w0 (4 * 16 = 64 bytes):
+
+ cur_len = replace_dots (w3, 3, cur_len, pw_len);
+ cur_len = replace_dots (w2, 2, cur_len, pw_len);
+ cur_len = replace_dots (w1, 1, cur_len, pw_len);
+ cur_len = replace_dots (w0, 0, cur_len, pw_len);
+
+ return cur_len;
+}
+
+#define REPLACE_DOT_BY_LEN_VECT(n) \
+ { \
+ u32 tmp0[4]; \
+ \
+ tmp0[0] = w0_t[0].s##n; \
+ tmp0[1] = w0_t[1].s##n; \
+ tmp0[2] = w0_t[2].s##n; \
+ tmp0[3] = w0_t[3].s##n; \
+ \
+ u32 tmp1[4]; \
+ \
+ tmp1[0] = w1_t[0].s##n; \
+ tmp1[1] = w1_t[1].s##n; \
+ tmp1[2] = w1_t[2].s##n; \
+ tmp1[3] = w1_t[3].s##n; \
+ \
+ u32 tmp2[4]; \
+ \
+ tmp2[0] = w2_t[0].s##n; \
+ tmp2[1] = w2_t[1].s##n; \
+ tmp2[2] = w2_t[2].s##n; \
+ tmp2[3] = w2_t[3].s##n; \
+ \
+ u32 tmp3[4]; \
+ \
+ tmp3[0] = w3_t[0].s##n; \
+ tmp3[1] = w3_t[1].s##n; \
+ tmp3[2] = w3_t[2].s##n; \
+ tmp3[3] = w3_t[3].s##n; \
+ \
+ const u32 len = replace_dot_by_len (tmp0, tmp1, tmp2, tmp3, pw_len); \
+ \
+ switch_buffer_by_offset_be_S (tmp0, tmp1, tmp2, tmp3, 1); \
+ \
+ tmp0[0] |= (len & 0xff) << 24; \
+ \
+ w0_t[0].s##n = tmp0[0]; \
+ w0_t[1].s##n = tmp0[1]; \
+ w0_t[2].s##n = tmp0[2]; \
+ w0_t[3].s##n = tmp0[3]; \
+ \
+ w1_t[0].s##n = tmp1[0]; \
+ w1_t[1].s##n = tmp1[1]; \
+ w1_t[2].s##n = tmp1[2]; \
+ w1_t[3].s##n = tmp1[3]; \
+ \
+ w2_t[0].s##n = tmp2[0]; \
+ w2_t[1].s##n = tmp2[1]; \
+ w2_t[2].s##n = tmp2[2]; \
+ w2_t[3].s##n = tmp2[3]; \
+ \
+ w3_t[0].s##n = tmp3[0]; \
+ w3_t[1].s##n = tmp3[1]; \
+ w3_t[2].s##n = tmp3[2]; \
+ w3_t[3].s##n = tmp3[3]; \
+ }
+
DECLSPEC void m08300m (u32 *w0, u32 *w1, u32 *w2, u32 *w3, const u32 pw_len, KERN_ATTR_BASIC ())
{
/**
@@ -168,9 +272,40 @@ DECLSPEC void m08300m (u32 *w0, u32 *w1, u32 *w2, u32 *w3, const u32 pw_len, KER
w3_t[2] = w3[2];
w3_t[3] = w3[3];
- switch_buffer_by_offset_be (w0_t, w1_t, w2_t, w3_t, 1);
+ // replace "." with the length:
+
+ #if VECT_SIZE == 1
+ const u32 len = replace_dot_by_len (w0_t, w1_t, w2_t, w3_t, pw_len);
+
+ switch_buffer_by_offset_be (w0_t, w1_t, w2_t, w3_t, 1);
+
+ w0_t[0] |= (len & 0xff) << 24;
+ #endif
+ #if VECT_SIZE >= 2
+ REPLACE_DOT_BY_LEN_VECT (0)
+ REPLACE_DOT_BY_LEN_VECT (1)
+ #endif
+ #if VECT_SIZE >= 4
+ REPLACE_DOT_BY_LEN_VECT (2)
+ REPLACE_DOT_BY_LEN_VECT (3)
+ #endif
+ #if VECT_SIZE >= 8
+ REPLACE_DOT_BY_LEN_VECT (4)
+ REPLACE_DOT_BY_LEN_VECT (5)
+ REPLACE_DOT_BY_LEN_VECT (6)
+ REPLACE_DOT_BY_LEN_VECT (7)
+ #endif
+ #if VECT_SIZE >= 16
+ REPLACE_DOT_BY_LEN_VECT (8)
+ REPLACE_DOT_BY_LEN_VECT (9)
+ REPLACE_DOT_BY_LEN_VECT (a)
+ REPLACE_DOT_BY_LEN_VECT (b)
+ REPLACE_DOT_BY_LEN_VECT (c)
+ REPLACE_DOT_BY_LEN_VECT (d)
+ REPLACE_DOT_BY_LEN_VECT (e)
+ REPLACE_DOT_BY_LEN_VECT (f)
+ #endif
- w0_t[0] |= (pw_len & 0xff) << 24;
w3_t[2] = 0;
w3_t[3] = (1 + pw_len + domain_len + 1 + salt_len) * 8;
@@ -388,9 +523,40 @@ DECLSPEC void m08300s (u32 *w0, u32 *w1, u32 *w2, u32 *w3, const u32 pw_len, KER
w3_t[2] = w3[2];
w3_t[3] = w3[3];
- switch_buffer_by_offset_be (w0_t, w1_t, w2_t, w3_t, 1);
+ // replace "." with the length:
+
+ #if VECT_SIZE == 1
+ const u32 len = replace_dot_by_len (w0_t, w1_t, w2_t, w3_t, pw_len);
+
+ switch_buffer_by_offset_be (w0_t, w1_t, w2_t, w3_t, 1);
+
+ w0_t[0] |= (len & 0xff) << 24;
+ #endif
+ #if VECT_SIZE >= 2
+ REPLACE_DOT_BY_LEN_VECT (0)
+ REPLACE_DOT_BY_LEN_VECT (1)
+ #endif
+ #if VECT_SIZE >= 4
+ REPLACE_DOT_BY_LEN_VECT (2)
+ REPLACE_DOT_BY_LEN_VECT (3)
+ #endif
+ #if VECT_SIZE >= 8
+ REPLACE_DOT_BY_LEN_VECT (4)
+ REPLACE_DOT_BY_LEN_VECT (5)
+ REPLACE_DOT_BY_LEN_VECT (6)
+ REPLACE_DOT_BY_LEN_VECT (7)
+ #endif
+ #if VECT_SIZE >= 16
+ REPLACE_DOT_BY_LEN_VECT (8)
+ REPLACE_DOT_BY_LEN_VECT (9)
+ REPLACE_DOT_BY_LEN_VECT (a)
+ REPLACE_DOT_BY_LEN_VECT (b)
+ REPLACE_DOT_BY_LEN_VECT (c)
+ REPLACE_DOT_BY_LEN_VECT (d)
+ REPLACE_DOT_BY_LEN_VECT (e)
+ REPLACE_DOT_BY_LEN_VECT (f)
+ #endif
- w0_t[0] |= (pw_len & 0xff) << 24;
w3_t[2] = 0;
w3_t[3] = (1 + pw_len + domain_len + 1 + salt_len) * 8;
diff --git a/OpenCL/m08300_a3-pure.cl b/OpenCL/m08300_a3-pure.cl
index 4215d42a0..b9ed4525c 100644
--- a/OpenCL/m08300_a3-pure.cl
+++ b/OpenCL/m08300_a3-pure.cl
@@ -14,6 +14,17 @@
#include "inc_hash_sha1.cl"
#endif
+#define REPLACE_DOT_BY_LEN(n) \
+ if (((tmp[div].s##n >> sht) & 0xff) == 0x2e) \
+ { \
+ tmp[div].s##n += (len.s##n - 0x2e) << sht; \
+ len.s##n = 0; \
+ } \
+ else \
+ { \
+ len.s##n++; \
+ }
+
KERNEL_FQ void m08300_mxx (KERN_ATTR_VECTOR ())
{
/**
@@ -76,11 +87,66 @@ KERNEL_FQ void m08300_mxx (KERN_ATTR_VECTOR ())
sha1_init_vector (&ctx1);
- ctx1.w0[0] = (pw_len & 0xff) << 24;
+ // replace "." with the length:
+
+ u32x tmp[64] = { 0 };
+
+ for (u32 i = 0, idx = 0; i < pw_len; i += 4, idx += 1)
+ {
+ tmp[idx] = w[idx];
+ }
+
+ u32x len = 0;
+
+ for (int pos = pw_len - 1; pos >= 0; pos--)
+ {
+ const u32 div = pos / 4;
+ const u32 mod = pos & 3;
+ const u32 sht = (3 - mod) << 3;
+
+ #if VECT_SIZE == 1
+ if (((tmp[div] >> sht) & 0xff) == 0x2e) // '.'
+ {
+ tmp[div] += (len - 0x2e) << sht;
+
+ len = 0;
+ }
+ else
+ {
+ len++;
+ }
+ #endif
+ #if VECT_SIZE >= 2
+ REPLACE_DOT_BY_LEN (0)
+ REPLACE_DOT_BY_LEN (1)
+ #endif
+ #if VECT_SIZE >= 4
+ REPLACE_DOT_BY_LEN (2)
+ REPLACE_DOT_BY_LEN (3)
+ #endif
+ #if VECT_SIZE >= 8
+ REPLACE_DOT_BY_LEN (4)
+ REPLACE_DOT_BY_LEN (5)
+ REPLACE_DOT_BY_LEN (6)
+ REPLACE_DOT_BY_LEN (7)
+ #endif
+ #if VECT_SIZE >= 16
+ REPLACE_DOT_BY_LEN (8)
+ REPLACE_DOT_BY_LEN (9)
+ REPLACE_DOT_BY_LEN (a)
+ REPLACE_DOT_BY_LEN (b)
+ REPLACE_DOT_BY_LEN (c)
+ REPLACE_DOT_BY_LEN (d)
+ REPLACE_DOT_BY_LEN (e)
+ REPLACE_DOT_BY_LEN (f)
+ #endif
+ }
+
+ ctx1.w0[0] = (len & 0xff) << 24;
ctx1.len = 1;
- sha1_update_vector (&ctx1, w, pw_len);
+ sha1_update_vector (&ctx1, tmp, pw_len);
sha1_update_vector (&ctx1, s_pc, salt_len_pc + 1);
@@ -206,11 +272,66 @@ KERNEL_FQ void m08300_sxx (KERN_ATTR_VECTOR ())
sha1_init_vector (&ctx1);
- ctx1.w0[0] = (pw_len & 0xff) << 24;
+ // replace "." with the length:
+
+ u32x tmp[64];
+
+ for (int i = 0; i < 64; i++)
+ {
+ tmp[i] = w[i];
+ }
+
+ u32x len = 0;
+
+ for (int pos = pw_len - 1; pos >= 0; pos--)
+ {
+ const u32 div = pos / 4;
+ const u32 mod = pos & 3;
+ const u32 sht = (3 - mod) << 3;
+
+ #if VECT_SIZE == 1
+ if (((tmp[div] >> sht) & 0xff) == 0x2e) // '.'
+ {
+ tmp[div] += (len - 0x2e) << sht;
+
+ len = 0;
+ }
+ else
+ {
+ len++;
+ }
+ #endif
+ #if VECT_SIZE >= 2
+ REPLACE_DOT_BY_LEN (0)
+ REPLACE_DOT_BY_LEN (1)
+ #endif
+ #if VECT_SIZE >= 4
+ REPLACE_DOT_BY_LEN (2)
+ REPLACE_DOT_BY_LEN (3)
+ #endif
+ #if VECT_SIZE >= 8
+ REPLACE_DOT_BY_LEN (4)
+ REPLACE_DOT_BY_LEN (5)
+ REPLACE_DOT_BY_LEN (6)
+ REPLACE_DOT_BY_LEN (7)
+ #endif
+ #if VECT_SIZE >= 16
+ REPLACE_DOT_BY_LEN (8)
+ REPLACE_DOT_BY_LEN (9)
+ REPLACE_DOT_BY_LEN (a)
+ REPLACE_DOT_BY_LEN (b)
+ REPLACE_DOT_BY_LEN (c)
+ REPLACE_DOT_BY_LEN (d)
+ REPLACE_DOT_BY_LEN (e)
+ REPLACE_DOT_BY_LEN (f)
+ #endif
+ }
+
+ ctx1.w0[0] = (len & 0xff) << 24;
ctx1.len = 1;
- sha1_update_vector (&ctx1, w, pw_len);
+ sha1_update_vector (&ctx1, tmp, pw_len);
sha1_update_vector (&ctx1, s_pc, salt_len_pc + 1);
diff --git a/docs/changes.txt b/docs/changes.txt
index afdd8b716..97eed9ae2 100644
--- a/docs/changes.txt
+++ b/docs/changes.txt
@@ -83,6 +83,7 @@
- Fixed cracking multiple Office hashes (modes 9500, 9600) with the same salt
- Fixed cracking of Blockchain, My Wallet (V1 and V2) hashes with unexpected decrypted data
- Fixed cracking of Cisco-PIX and Cisco-ASA MD5 passwords in mask-attack mode if mask > length 16
+- Fixed cracking of DNSSEC (NSEC3) hashes by replacing all dots in the passwords with lengths
- Fixed cracking of Electrum Wallet Salt-Type 2 hashes
- Fixed cracking of NetNTLMv1 passwords in mask-attack mode if mask > length 16 (optimized kernels only)
- Fixed cracking of VeraCrypt Streebog-512 hashes (CPU only)
diff --git a/src/modules/module_08300.c b/src/modules/module_08300.c
index c5fc7f352..fe7f7e169 100644
--- a/src/modules/module_08300.c
+++ b/src/modules/module_08300.c
@@ -56,7 +56,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH;
token.sep[1] = ':';
- token.len_min[1] = 1;
+ token.len_min[1] = 0;
token.len_max[1] = 32;
token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH;
@@ -104,9 +104,12 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
u8 *salt_buf_pc_ptr = (u8 *) salt->salt_buf_pc;
- memcpy (salt_buf_pc_ptr, domain_pos, domain_len);
+ if (domain_len > 0)
+ {
+ if (domain_pos[0] != '.') return (PARSER_SALT_VALUE);
- if (salt_buf_pc_ptr[0] != '.') return (PARSER_SALT_VALUE);
+ memcpy (salt_buf_pc_ptr, domain_pos, domain_len);
+ }
u8 *len_ptr = salt_buf_pc_ptr;
diff --git a/tools/test_modules/m08300.pm b/tools/test_modules/m08300.pm
index b3b163a62..34a3cacb1 100644
--- a/tools/test_modules/m08300.pm
+++ b/tools/test_modules/m08300.pm
@@ -11,7 +11,11 @@ use warnings;
use Net::DNS::RR::NSEC3;
use Net::DNS::SEC;
-sub module_constraints { [[1, 256], [-1, -1], [1, 55], [-1, -1], [-1, -1]] }
+# we need to restict the pure password length for the test module to 63 bytes,
+# because we can't have any string (including the pass) of over 63 bytes without "."
+
+# sub module_constraints { [[1, 256], [-1, -1], [1, 55], [-1, -1], [-1, -1]] }
+sub module_constraints { [[1, 63], [-1, -1], [1, 55], [-1, -1], [-1, -1]] }
sub get_random_dnssec_salt
{
@@ -38,7 +42,14 @@ sub module_generate_hash
if (length $salt == 0)
{
- $salt = get_random_dnssec_salt ();
+ if (int (rand (10)) == 0)
+ {
+ $salt = ":";
+ }
+ else
+ {
+ $salt = get_random_dnssec_salt ();
+ }
}
my ($domain, $salt_hex) = split (":", $salt);
From 077da392f0b8039f5e00ccd446f1154be92b603f Mon Sep 17 00:00:00 2001
From: Your Name <you@example.com>
Date: Wed, 27 May 2020 21:15:36 +0200
Subject: [PATCH 05/12] added WSL build documentation
---
BUILD.md | 7 ++++++-
BUILD_WSL.md | 31 +++++++++++++++++++++++++++++++
2 files changed, 37 insertions(+), 1 deletion(-)
create mode 100644 BUILD_WSL.md
diff --git a/BUILD.md b/BUILD.md
index 6cca7149e..9a71eb9be 100644
--- a/BUILD.md
+++ b/BUILD.md
@@ -3,7 +3,7 @@ hashcat build documentation
### Revision ###
-* 1.4
+* 1.5
### Author ###
@@ -33,6 +33,11 @@ $ make install
If you install it, cached kernels, session files, restore- and pot-files etc. will go to $HOME/.hashcat/
+
+### Building hashcat for Windows (using Windows Subsystem for Linux) ###
+
+Refer to [BUILD_WSL.md](BUILD_WSL.md)
+
### Building hashcat for Windows (using Cygwin) ###
Refer to [BUILD_CYGWIN.md](BUILD_CYGWIN.md)
diff --git a/BUILD_WSL.md b/BUILD_WSL.md
new file mode 100644
index 000000000..6d059b792
--- /dev/null
+++ b/BUILD_WSL.md
@@ -0,0 +1,31 @@
+# Compiling hashcat for Windows with Windows Subsystem for Linux.
+
+Tested on a Windows 10 (x64 build 18363), should also work to build hashcat for Windows on Linux.
+
+### Installation ###
+
+Enable WSL.
+
+Run bash (win+r bash) and make sure to install additional dependencies necessary for hashcat compilation
+```
+sudo apt install gcc-mingw-w64-x86-64 make git
+git clone https://github.com/hashcat/hashcat
+git clone https://github.com/win-iconv/win-iconv
+cp hashcat/tools/win-iconv-64.diff win-iconv/
+cd win-iconv/
+sudo make install
+```
+
+### Building ###
+
+You've already cloned the latest master revision of hashcat repository above, so switch to the folder and type "make win" to start compiling hashcat
+```
+cd ../hashcat
+make win
+```
+
+The process may take a while, please be patient. Once it's finished, run a Windows command prompt (win+r cmd) and start hashcat by typing "hashcat.exe"
+
+```
+hashcat.exe
+```
\ No newline at end of file
From c46abd519ff6815fd994f0f75fbe1c7ee443f200 Mon Sep 17 00:00:00 2001
From: Your Name <you@example.com>
Date: Thu, 4 Jun 2020 20:10:53 +0200
Subject: [PATCH 06/12] resolved comments
---
BUILD_WSL.md | 19 ++++++++++++-------
1 file changed, 12 insertions(+), 7 deletions(-)
diff --git a/BUILD_WSL.md b/BUILD_WSL.md
index 6d059b792..814eaa326 100644
--- a/BUILD_WSL.md
+++ b/BUILD_WSL.md
@@ -1,31 +1,36 @@
# Compiling hashcat for Windows with Windows Subsystem for Linux.
-Tested on a Windows 10 (x64 build 18363), should also work to build hashcat for Windows on Linux.
+Tested on Windows 10 x64, should also work to build hashcat for Windows on Linux.
### Installation ###
Enable WSL.
-Run bash (win+r bash) and make sure to install additional dependencies necessary for hashcat compilation
+Press the win + r key on your keyboard simultaneously and in the "Run" popup window type bash and make sure to install additional dependencies necessary for hashcat compilation
```
sudo apt install gcc-mingw-w64-x86-64 make git
git clone https://github.com/hashcat/hashcat
-git clone https://github.com/win-iconv/win-iconv
-cp hashcat/tools/win-iconv-64.diff win-iconv/
+git clone https://github.com/win-iconv/win-iconv
cd win-iconv/
+patch < ../hashcat/tools/win-iconv-64.diff
sudo make install
+cd ../
```
### Building ###
You've already cloned the latest master revision of hashcat repository above, so switch to the folder and type "make win" to start compiling hashcat
```
-cd ../hashcat
+cd hashcat/
make win
```
-The process may take a while, please be patient. Once it's finished, run a Windows command prompt (win+r cmd) and start hashcat by typing "hashcat.exe"
-
+The process may take a while, please be patient. Once it's finished, close WSL.
+Press the win + r keys together and (in the "Run" popup window) type cmd, using cd navigate to the hashcat folder e.g.
+```
+cd "C:\Users\user\hashcat"
+```
+and start hashcat by typing
```
hashcat.exe
```
\ No newline at end of file
From ca35d8113fcb13ad6899d630bae21bafa3e510b1 Mon Sep 17 00:00:00 2001
From: philsmd <philsmd@hashcat.net>
Date: Fri, 5 Jun 2020 08:50:16 +0200
Subject: [PATCH 07/12] fixes #2430: documentation of rules z/Z was incorrect
Signed-off-by: philsmd <philsmd@hashcat.net>
---
docs/rules.txt | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/docs/rules.txt b/docs/rules.txt
index 52fba68ca..b2621bba4 100644
--- a/docs/rules.txt
+++ b/docs/rules.txt
@@ -23,8 +23,8 @@
#define RULE_OP_MANGLE_TRUNCATE_AT '\''// cut the word at pos N
#define RULE_OP_MANGLE_REPLACE 's' // replace all chars X with char Y
#define RULE_OP_MANGLE_PURGECHAR '@' // purge all instances of char X
-#define RULE_OP_MANGLE_DUPECHAR_FIRST 'z' // prepend first char of word to itself. ex: hello -> hhello
-#define RULE_OP_MANGLE_DUPECHAR_LAST 'Z' // append last char of word to itself. ex: hello -> helloo
+#define RULE_OP_MANGLE_DUPECHAR_FIRST 'z' // prepend first char of word to itself N times. ex: hello -> hhhello
+#define RULE_OP_MANGLE_DUPECHAR_LAST 'Z' // append last char of word to itself N times. ex: hello -> hellooo
#define RULE_OP_MANGLE_DUPECHAR_ALL 'q' // duplicate all chars. ex: hello -> hheelllloo
#define RULE_OP_MANGLE_SWITCH_FIRST 'k' // switches the first 2 chars. ex: hello -> ehllo
#define RULE_OP_MANGLE_SWITCH_LAST 'K' // switches the last 2 chars. ex: hello -> helol
@@ -33,10 +33,10 @@
#define RULE_OP_MANGLE_CHR_SHIFTR 'R' // bitwise shift right char at pos N. ex: hello` -> hello0
#define RULE_OP_MANGLE_CHR_INCR '+' // bytewise increase at pos N. ex: hello0 -> hello1
#define RULE_OP_MANGLE_CHR_DECR '-' // bytewise decreate at pos N. ex: hello1 -> hello0
-#define RULE_OP_MANGLE_REPLACE_NP1 '.' // replaces character @ n with value at @ n plus 1
-#define RULE_OP_MANGLE_REPLACE_NM1 ',' // replaces character @ n with value at @ n minus 1
-#define RULE_OP_MANGLE_DUPEBLOCK_FIRST 'y' // duplicates first n characters
-#define RULE_OP_MANGLE_DUPEBLOCK_LAST 'Y' // duplicates last n characters
+#define RULE_OP_MANGLE_REPLACE_NP1 '.' // replaces char @ n with value at @ n plus 1
+#define RULE_OP_MANGLE_REPLACE_NM1 ',' // replaces char @ n with value at @ n minus 1
+#define RULE_OP_MANGLE_DUPEBLOCK_FIRST 'y' // duplicates first N chars
+#define RULE_OP_MANGLE_DUPEBLOCK_LAST 'Y' // duplicates last N chars
#define RULE_OP_MANGLE_TITLE 'E' // lowercase everything then upper case the first letter and every letter after a space
#define RULE_OP_MANGLE_TITLE_SEP 'e' // lowercase everything then upper case the first letter and every letter after char X
@@ -57,4 +57,4 @@
#define RULE_OP_REJECT_EQUAL_AT '=' // reject plains that do not contain char X at pos N
#define RULE_OP_REJECT_CONTAINS '%' // reject plains that contain char X less than N times
#define RULE_OP_REJECT_MEMORY 'Q' // reject plains that match the plain saved (see M), i.e. if unchanged
-#define RULE_LAST_REJECTED_SAVED_POS 'p' // pos of the character last found with '/' or '%'
+#define RULE_LAST_REJECTED_SAVED_POS 'p' // pos of the char last found with '/' or '%'
From df5564eee2e11fb1be8fd34574116df88d36d118 Mon Sep 17 00:00:00 2001
From: philsmd <philsmd@hashcat.net>
Date: Fri, 5 Jun 2020 08:59:20 +0200
Subject: [PATCH 08/12] cosmetic: make pure kernel of rar3-hp easier to read
---
OpenCL/m12500-pure.cl | 18 +++++++++---------
1 file changed, 9 insertions(+), 9 deletions(-)
diff --git a/OpenCL/m12500-pure.cl b/OpenCL/m12500-pure.cl
index eefd4b30d..afd5f3cd2 100644
--- a/OpenCL/m12500-pure.cl
+++ b/OpenCL/m12500-pure.cl
@@ -700,15 +700,15 @@ DECLSPEC void sha1_update_rar29 (sha1_ctx_t *ctx, u32 *w, const int len)
t[14] = hc_swap32_S (t[14]);
t[15] = hc_swap32_S (t[15]);
- const u32 n_idx = diff >> 2;
- const u32 n_off = diff & 3;
+ const u32 n_idx = diff / 4;
+ const u32 n_off = diff % 4;
if (n_off)
{
- const u32 off_mul = n_off << 3;
+ const u32 off_mul = n_off * 8;
const u32 off_sub = 32 - off_mul;
- t[16] = (t[15] << off_sub);
+ t[16] = (t[15] << off_sub);
t[15] = (t[15] >> off_mul) | (t[14] << off_sub);
t[14] = (t[14] >> off_mul) | (t[13] << off_sub);
t[13] = (t[13] >> off_mul) | (t[12] << off_sub);
@@ -727,7 +727,7 @@ DECLSPEC void sha1_update_rar29 (sha1_ctx_t *ctx, u32 *w, const int len)
t[ 0] = (t[ 0] >> off_mul);
}
- w[n_idx] &= 0xffffff00 << ((3 - n_off) << 3);
+ w[n_idx] &= 0xffffff00 << ((3 - n_off) * 8);
w[n_idx] |= t[0];
@@ -749,7 +749,7 @@ DECLSPEC void sha1_update_rar29 (sha1_ctx_t *ctx, u32 *w, const int len)
// the final set is only meaningful: if (n_off)
- w[n_idx + 16] &= 0xffffffff >> (n_off << 3);
+ w[n_idx + 16] &= 0xffffffff >> (n_off * 8);
w[n_idx + 16] |= t[16];
}
@@ -818,7 +818,7 @@ KERNEL_FQ void m12500_init (KERN_ATTR_TMPS_ESALT (rar3_tmp_t, pbkdf2_sha1_t))
if (salt_off == 2) // or just: if (salt_off)
{
- salt_buf[2] = (salt_buf[1] << 16);
+ salt_buf[2] = (salt_buf[1] << 16);
salt_buf[1] = (salt_buf[1] >> 16) | (salt_buf[0] << 16);
salt_buf[0] = (salt_buf[0] >> 16);
}
@@ -928,9 +928,9 @@ KERNEL_FQ void m12500_loop (KERN_ATTR_TMPS_ESALT (rar3_tmp_t, pbkdf2_sha1_t))
sha1_final (&ctx_iv);
const u32 iv_idx = init_pos / 4;
- const u32 iv_off = init_pos & 3;
+ const u32 iv_off = init_pos % 4;
- tmps[gid].iv[iv_idx] |= (ctx_iv.h[4] & 0xff) << (iv_off << 3);
+ tmps[gid].iv[iv_idx] |= (ctx_iv.h[4] & 0xff) << (iv_off * 8);
// main loop:
From b5544c385a8c68ea7a83ed2336beab6899331696 Mon Sep 17 00:00:00 2001
From: philsmd <philsmd@hashcat.net>
Date: Fri, 5 Jun 2020 09:07:23 +0200
Subject: [PATCH 09/12] docs: add ROCm to supported runtimes list
---
docs/readme.txt | 1 +
1 file changed, 1 insertion(+)
diff --git a/docs/readme.txt b/docs/readme.txt
index c04fa8da3..d34e46212 100644
--- a/docs/readme.txt
+++ b/docs/readme.txt
@@ -347,6 +347,7 @@ NVIDIA GPUs require "NVIDIA Driver" (440.64 or later) and "CUDA Toolkit" (9.0 or
- Intel
- NVidia
- POCL
+- ROCm
##
## Supported OpenCL device types
From c0753f361c9c61d2e67d2eca71dbcdb275f0bacb Mon Sep 17 00:00:00 2001
From: Jens Steube <jens.steube@gmail.com>
Date: Tue, 9 Jun 2020 10:47:18 +0200
Subject: [PATCH 10/12] Removed branches in replace_dot_by_len() function of
optimized -m 8300 kernels
---
OpenCL/m08300_a0-optimized.cl | 106 +++++++++++++++++++++++++---------
OpenCL/m08300_a1-optimized.cl | 106 +++++++++++++++++++++++++---------
OpenCL/m08300_a3-optimized.cl | 105 ++++++++++++++++++++++++---------
3 files changed, 233 insertions(+), 84 deletions(-)
diff --git a/OpenCL/m08300_a0-optimized.cl b/OpenCL/m08300_a0-optimized.cl
index 62d964fe2..63765710a 100644
--- a/OpenCL/m08300_a0-optimized.cl
+++ b/OpenCL/m08300_a0-optimized.cl
@@ -16,49 +16,99 @@
#include "inc_hash_sha1.cl"
#endif
-const u32 replace_dots (u32 *w, const u32 idx, const u32 old_len, const u32 pw_len)
+DECLSPEC u64 u32_to_u64 (const u32 in)
{
- const u32 min_len = idx << 4; // 2 ^ 4 = 16 for each u32 w[4]
+ const u64 t0 = (u64) ((in >> 0) & 0xff);
+ const u64 t1 = (u64) ((in >> 8) & 0xff);
+ const u64 t2 = (u64) ((in >> 16) & 0xff);
+ const u64 t3 = (u64) ((in >> 24) & 0xff);
- if (pw_len <= min_len) return 0;
+ const u64 out = (t0 << 0)
+ | (t1 << 16)
+ | (t2 << 32)
+ | (t3 << 48);
- const u32 max_len = pw_len - min_len - 1;
+ return out;
+}
- const u32 start_pos = (max_len < 15) ? max_len : 15;
+DECLSPEC u32 u64_to_u32 (const u64 in)
+{
+ const u32 t0 = (u32) ((in >> 0) & 0xff);
+ const u32 t1 = (u32) ((in >> 16) & 0xff);
+ const u32 t2 = (u32) ((in >> 32) & 0xff);
+ const u32 t3 = (u32) ((in >> 48) & 0xff);
- u32 cur_len = old_len;
+ const u32 out = (t0 << 0)
+ | (t1 << 8)
+ | (t2 << 16)
+ | (t3 << 24);
- for (int pos = (int) start_pos; pos >= 0; pos--)
- {
- const u32 div = pos / 4;
- const u32 mod = pos & 3;
- const u32 sht = mod << 3;
+ return out;
+}
- if (((w[div] >> sht) & 0xff) == 0x2e) // '.'
- {
- w[div] += (cur_len - 0x2e) << sht;
+DECLSPEC int replace_u32_le (const u32 input, u32 *output, int cur_len)
+{
+ // expand to keep 9th bit consistent
- cur_len = 0;
- }
- else
- {
- cur_len++;
- }
- }
+ u64 input64 = u32_to_u64 (input);
+
+ u64 m64 = input64;
+
+ m64 ^= 0x002e002e002e002e; // convert 0x2e to 0x00
+ m64 ^= 0x00ff00ff00ff00ff; // convert 0x00 to 0xff (jit will optimize this to one instruction)
+ m64 += 0x0001000100010001; // only 0xff can set 9th bit
+ m64 &= 0x0100010001000100; // only 9th bit survives
+
+ m64 |= m64 << 1; // converts 0x0100 to 0xff00
+ m64 |= m64 << 2;
+ m64 |= m64 << 4;
+
+ m64 >>= 8; // back to original positions (in 64 bit)
+
+ u32 m = u64_to_u32 (m64);
+
+ u32 r = 0;
+
+ const u32 mn = ~m;
+
+ const u32 r0 = mn & 0x000000ff;
+ const u32 r1 = mn & 0x0000ff00;
+ const u32 r2 = mn & 0x00ff0000;
+ const u32 r3 = mn & 0xff000000;
+
+ cur_len <<= 24;
+ r |= cur_len; cur_len = (cur_len + 0x01000000) & r3; cur_len >>= 8;
+ r |= cur_len; cur_len = (cur_len + 0x00010000) & r2; cur_len >>= 8;
+ r |= cur_len; cur_len = (cur_len + 0x00000100) & r1; cur_len >>= 8;
+ r |= cur_len; cur_len = (cur_len + 0x00000001) & r0;
+
+ *output = (input & mn) | (r & m);
return cur_len;
}
-const u32 replace_dot_by_len (u32 *w0, u32 *w1, u32 *w2, u32 *w3, const u32 pw_len)
+DECLSPEC u32 replace_dot_by_len (u32 *w0, u32 *w1, u32 *w2, u32 *w3, const u32 pw_len)
{
- u32 cur_len = 0;
-
// loop over w3...w0 (4 * 16 = 64 bytes):
- cur_len = replace_dots (w3, 3, cur_len, pw_len);
- cur_len = replace_dots (w2, 2, cur_len, pw_len);
- cur_len = replace_dots (w1, 1, cur_len, pw_len);
- cur_len = replace_dots (w0, 0, cur_len, pw_len);
+ int cur_len = 0 - (64 - pw_len); // number of padding bytes relative to buffer size
+
+ cur_len = replace_u32_le (w3[3], &w3[3], cur_len);
+ cur_len = replace_u32_le (w3[2], &w3[2], cur_len);
+ cur_len = replace_u32_le (w3[1], &w3[1], cur_len);
+ cur_len = replace_u32_le (w3[0], &w3[0], cur_len);
+ cur_len = replace_u32_le (w2[3], &w2[3], cur_len);
+ cur_len = replace_u32_le (w2[2], &w2[2], cur_len);
+ cur_len = replace_u32_le (w2[1], &w2[1], cur_len);
+ cur_len = replace_u32_le (w2[0], &w2[0], cur_len);
+ cur_len = replace_u32_le (w1[3], &w1[3], cur_len);
+ cur_len = replace_u32_le (w1[2], &w1[2], cur_len);
+ cur_len = replace_u32_le (w1[1], &w1[1], cur_len);
+ cur_len = replace_u32_le (w1[0], &w1[0], cur_len);
+ cur_len = replace_u32_le (w0[3], &w0[3], cur_len);
+ cur_len = replace_u32_le (w0[2], &w0[2], cur_len);
+ cur_len = replace_u32_le (w0[1], &w0[1], cur_len);
+ cur_len = replace_u32_le (w0[0], &w0[0], cur_len);
return cur_len;
}
diff --git a/OpenCL/m08300_a1-optimized.cl b/OpenCL/m08300_a1-optimized.cl
index a5e3df1e4..9a70e5765 100644
--- a/OpenCL/m08300_a1-optimized.cl
+++ b/OpenCL/m08300_a1-optimized.cl
@@ -14,49 +14,99 @@
#include "inc_hash_sha1.cl"
#endif
-const u32 replace_dots (u32 *w, const u32 idx, const u32 old_len, const u32 pw_len)
+DECLSPEC u64 u32_to_u64 (const u32 in)
{
- const u32 min_len = idx << 4; // 2 ^ 4 = 16 for each u32 w[4]
+ const u64 t0 = (u64) ((in >> 0) & 0xff);
+ const u64 t1 = (u64) ((in >> 8) & 0xff);
+ const u64 t2 = (u64) ((in >> 16) & 0xff);
+ const u64 t3 = (u64) ((in >> 24) & 0xff);
- if (pw_len <= min_len) return 0;
+ const u64 out = (t0 << 0)
+ | (t1 << 16)
+ | (t2 << 32)
+ | (t3 << 48);
- const u32 max_len = pw_len - min_len - 1;
+ return out;
+}
- const u32 start_pos = (max_len < 15) ? max_len : 15;
+DECLSPEC u32 u64_to_u32 (const u64 in)
+{
+ const u32 t0 = (u32) ((in >> 0) & 0xff);
+ const u32 t1 = (u32) ((in >> 16) & 0xff);
+ const u32 t2 = (u32) ((in >> 32) & 0xff);
+ const u32 t3 = (u32) ((in >> 48) & 0xff);
- u32 cur_len = old_len;
+ const u32 out = (t0 << 0)
+ | (t1 << 8)
+ | (t2 << 16)
+ | (t3 << 24);
- for (int pos = (int) start_pos; pos >= 0; pos--)
- {
- const u32 div = pos / 4;
- const u32 mod = pos & 3;
- const u32 sht = mod << 3;
+ return out;
+}
- if (((w[div] >> sht) & 0xff) == 0x2e) // '.'
- {
- w[div] += (cur_len - 0x2e) << sht;
+DECLSPEC int replace_u32_le (const u32 input, u32 *output, int cur_len)
+{
+ // expand to keep 9th bit consistent
- cur_len = 0;
- }
- else
- {
- cur_len++;
- }
- }
+ u64 input64 = u32_to_u64 (input);
+
+ u64 m64 = input64;
+
+ m64 ^= 0x002e002e002e002e; // convert 0x2e to 0x00
+ m64 ^= 0x00ff00ff00ff00ff; // convert 0x00 to 0xff (jit will optimize this to one instruction)
+ m64 += 0x0001000100010001; // only 0xff can set 9th bit
+ m64 &= 0x0100010001000100; // only 9th bit survives
+
+ m64 |= m64 << 1; // converts 0x0100 to 0xff00
+ m64 |= m64 << 2;
+ m64 |= m64 << 4;
+
+ m64 >>= 8; // back to original positions (in 64 bit)
+
+ u32 m = u64_to_u32 (m64);
+
+ u32 r = 0;
+
+ const u32 mn = ~m;
+
+ const u32 r0 = mn & 0x000000ff;
+ const u32 r1 = mn & 0x0000ff00;
+ const u32 r2 = mn & 0x00ff0000;
+ const u32 r3 = mn & 0xff000000;
+
+ cur_len <<= 24;
+ r |= cur_len; cur_len = (cur_len + 0x01000000) & r3; cur_len >>= 8;
+ r |= cur_len; cur_len = (cur_len + 0x00010000) & r2; cur_len >>= 8;
+ r |= cur_len; cur_len = (cur_len + 0x00000100) & r1; cur_len >>= 8;
+ r |= cur_len; cur_len = (cur_len + 0x00000001) & r0;
+
+ *output = (input & mn) | (r & m);
return cur_len;
}
-const u32 replace_dot_by_len (u32 *w0, u32 *w1, u32 *w2, u32 *w3, const u32 pw_len)
+DECLSPEC u32 replace_dot_by_len (u32 *w0, u32 *w1, u32 *w2, u32 *w3, const u32 pw_len)
{
- u32 cur_len = 0;
-
// loop over w3...w0 (4 * 16 = 64 bytes):
- cur_len = replace_dots (w3, 3, cur_len, pw_len);
- cur_len = replace_dots (w2, 2, cur_len, pw_len);
- cur_len = replace_dots (w1, 1, cur_len, pw_len);
- cur_len = replace_dots (w0, 0, cur_len, pw_len);
+ int cur_len = 0 - (64 - pw_len); // number of padding bytes relative to buffer size
+
+ cur_len = replace_u32_le (w3[3], &w3[3], cur_len);
+ cur_len = replace_u32_le (w3[2], &w3[2], cur_len);
+ cur_len = replace_u32_le (w3[1], &w3[1], cur_len);
+ cur_len = replace_u32_le (w3[0], &w3[0], cur_len);
+ cur_len = replace_u32_le (w2[3], &w2[3], cur_len);
+ cur_len = replace_u32_le (w2[2], &w2[2], cur_len);
+ cur_len = replace_u32_le (w2[1], &w2[1], cur_len);
+ cur_len = replace_u32_le (w2[0], &w2[0], cur_len);
+ cur_len = replace_u32_le (w1[3], &w1[3], cur_len);
+ cur_len = replace_u32_le (w1[2], &w1[2], cur_len);
+ cur_len = replace_u32_le (w1[1], &w1[1], cur_len);
+ cur_len = replace_u32_le (w1[0], &w1[0], cur_len);
+ cur_len = replace_u32_le (w0[3], &w0[3], cur_len);
+ cur_len = replace_u32_le (w0[2], &w0[2], cur_len);
+ cur_len = replace_u32_le (w0[1], &w0[1], cur_len);
+ cur_len = replace_u32_le (w0[0], &w0[0], cur_len);
return cur_len;
}
diff --git a/OpenCL/m08300_a3-optimized.cl b/OpenCL/m08300_a3-optimized.cl
index f62267127..29e7bd409 100644
--- a/OpenCL/m08300_a3-optimized.cl
+++ b/OpenCL/m08300_a3-optimized.cl
@@ -14,49 +14,98 @@
#include "inc_hash_sha1.cl"
#endif
-const u32 replace_dots (u32 *w, const u32 idx, const u32 old_len, const u32 pw_len)
+DECLSPEC u64 u32_to_u64 (const u32 in)
{
- const u32 min_len = idx << 4; // 2 ^ 4 = 16 for each u32 w[4]
+ const u64 t0 = (u64) ((in >> 24) & 0xff);
+ const u64 t1 = (u64) ((in >> 16) & 0xff);
+ const u64 t2 = (u64) ((in >> 8) & 0xff);
+ const u64 t3 = (u64) ((in >> 0) & 0xff);
- if (pw_len <= min_len) return 0;
+ const u64 out = (t0 << 48)
+ | (t1 << 32)
+ | (t2 << 16)
+ | (t3 << 0);
- const u32 max_len = pw_len - min_len - 1;
+ return out;
+}
- const u32 start_pos = (max_len < 15) ? max_len : 15;
+DECLSPEC u32 u64_to_u32 (const u64 in)
+{
+ const u32 t0 = (u32) ((in >> 48) & 0xff);
+ const u32 t1 = (u32) ((in >> 32) & 0xff);
+ const u32 t2 = (u32) ((in >> 16) & 0xff);
+ const u32 t3 = (u32) ((in >> 0) & 0xff);
- u32 cur_len = old_len;
+ const u32 out = (t0 << 24)
+ | (t1 << 16)
+ | (t2 << 8)
+ | (t3 << 0);
- for (int pos = (int) start_pos; pos >= 0; pos--)
- {
- const u32 div = pos / 4;
- const u32 mod = pos & 3;
- const u32 sht = (3 - mod) << 3;
+ return out;
+}
- if (((w[div] >> sht) & 0xff) == 0x2e) // '.'
- {
- w[div] += (cur_len - 0x2e) << sht;
+DECLSPEC int replace_u32_be (const u32 input, u32 *output, int cur_len)
+{
+ // expand to keep 9th bit consistent
- cur_len = 0;
- }
- else
- {
- cur_len++;
- }
- }
+ u64 input64 = u32_to_u64 (input);
+
+ u64 m64 = input64;
+
+ m64 ^= 0x002e002e002e002e; // convert 0x2e to 0x00
+ m64 ^= 0x00ff00ff00ff00ff; // convert 0x00 to 0xff (jit will optimize this to one instruction)
+ m64 += 0x0001000100010001; // only 0xff can set 9th bit
+ m64 &= 0x0100010001000100; // only 9th bit survives
+
+ m64 |= m64 << 1; // converts 0x0100 to 0xff00
+ m64 |= m64 << 2;
+ m64 |= m64 << 4;
+
+ m64 >>= 8; // back to original positions (in 64 bit)
+
+ u32 m = u64_to_u32 (m64);
+
+ u32 r = 0;
+
+ const u32 mn = ~m;
+
+ const u32 r0 = mn & 0xff000000;
+ const u32 r1 = mn & 0x00ff0000;
+ const u32 r2 = mn & 0x0000ff00;
+ const u32 r3 = mn & 0x000000ff;
+
+ r |= cur_len; cur_len = (cur_len + 0x00000001) & r3; cur_len <<= 8;
+ r |= cur_len; cur_len = (cur_len + 0x00000100) & r2; cur_len <<= 8;
+ r |= cur_len; cur_len = (cur_len + 0x00010000) & r1; cur_len <<= 8;
+ r |= cur_len; cur_len = (cur_len + 0x01000000) & r0; cur_len >>= 24;
+
+ *output = (input & mn) | (r & m);
return cur_len;
}
-const u32 replace_dot_by_len (u32 *w0, u32 *w1, u32 *w2, u32 *w3, const u32 pw_len)
+DECLSPEC u32 replace_dot_by_len (u32 *w0, u32 *w1, u32 *w2, u32 *w3, const u32 pw_len)
{
- u32 cur_len = 0;
-
// loop over w3...w0 (4 * 16 = 64 bytes):
- cur_len = replace_dots (w3, 3, cur_len, pw_len);
- cur_len = replace_dots (w2, 2, cur_len, pw_len);
- cur_len = replace_dots (w1, 1, cur_len, pw_len);
- cur_len = replace_dots (w0, 0, cur_len, pw_len);
+ int cur_len = 0 - (64 - pw_len); // number of padding bytes relative to buffer size
+
+ cur_len = replace_u32_be (w3[3], &w3[3], cur_len);
+ cur_len = replace_u32_be (w3[2], &w3[2], cur_len);
+ cur_len = replace_u32_be (w3[1], &w3[1], cur_len);
+ cur_len = replace_u32_be (w3[0], &w3[0], cur_len);
+ cur_len = replace_u32_be (w2[3], &w2[3], cur_len);
+ cur_len = replace_u32_be (w2[2], &w2[2], cur_len);
+ cur_len = replace_u32_be (w2[1], &w2[1], cur_len);
+ cur_len = replace_u32_be (w2[0], &w2[0], cur_len);
+ cur_len = replace_u32_be (w1[3], &w1[3], cur_len);
+ cur_len = replace_u32_be (w1[2], &w1[2], cur_len);
+ cur_len = replace_u32_be (w1[1], &w1[1], cur_len);
+ cur_len = replace_u32_be (w1[0], &w1[0], cur_len);
+ cur_len = replace_u32_be (w0[3], &w0[3], cur_len);
+ cur_len = replace_u32_be (w0[2], &w0[2], cur_len);
+ cur_len = replace_u32_be (w0[1], &w0[1], cur_len);
+ cur_len = replace_u32_be (w0[0], &w0[0], cur_len);
return cur_len;
}
From cafb3bde0b6599ba793a5acea8ab31dde0bb664f Mon Sep 17 00:00:00 2001
From: Royce Williams <royce@techsolvency.com>
Date: Tue, 9 Jun 2020 11:56:20 -0800
Subject: [PATCH 11/12] wrap kernel optimization warning
---
src/interface.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/interface.c b/src/interface.c
index 3ac86aedd..81611eab8 100644
--- a/src/interface.c
+++ b/src/interface.c
@@ -354,7 +354,12 @@ int hashconfig_init (hashcat_ctx_t *hashcat_ctx)
{
if (hashconfig->has_optimized_kernel == false)
{
- if (user_options->quiet == false) event_log_warning (hashcat_ctx, "%s: Optimized kernel requested but not needed - falling back to pure kernel", source_file);
+ if (user_options->quiet == false)
+ {
+ event_log_warning (hashcat_ctx, "Kernel %s:", source_file);
+ event_log_warning (hashcat_ctx, "Optimized kernel requested but not needed - falling back to pure kernel");
+ event_log_warning (hashcat_ctx, NULL);
+ }
}
else
{
From 0279572ab32e889978ba6c0555a219776060161a Mon Sep 17 00:00:00 2001
From: Jens Steube <jens.steube@gmail.com>
Date: Wed, 10 Jun 2020 10:43:37 +0200
Subject: [PATCH 12/12] Updated docs/changes.txt
---
docs/changes.txt | 66 +++++++++++++++++++++++++-----------------------
1 file changed, 34 insertions(+), 32 deletions(-)
diff --git a/docs/changes.txt b/docs/changes.txt
index 1e5cfc3fb..bd25f4746 100644
--- a/docs/changes.txt
+++ b/docs/changes.txt
@@ -1,22 +1,21 @@
* changes v5.1.0 -> v6.0.0
##
-## Feature
+## Features
##
-- Fully modularized hash-mode integration via plugin interface and conversion of all existing hash-modes
-- Refactor hashcat backend interface to allow adding compute API other than OpenCL
-- Added CUDA as a new compute API to hashcat backend (enables hashcat to run on NVIDIA Jetson, IBM POWER9 w/ Nvidia V100, etc.)
-- Added new options --backend-ignore-cuda and --backend-ingore-opencl to ignore CUDA and/or OpenCL interface from being load on startup
-- Added new parameter --brain-server-timer to specify the seconds for the next scheduled backup
-- Added new way to specify the outfile format, the new --outfile-format now also supports timestamps
-- Support use of all available GPU memory using CUDA backend
-- Support use of all available CPU cores for hash-mode specific hooks
+- Refactor hash-mode integration and replaced it with a fully modularized plugin interface
+- Converted all existing hardwired hash-modes into hashcat plugins
+- Added comprehensive plugin developer guide on how to add new/custom hash-modes to hashcat
+- Refactor compute backend interface to allow adding compute API other than OpenCL
+- Added CUDA as a new compute backend (enables hashcat to run on NVIDIA Jetson, IBM POWER9 w/ Nvidia V100, etc.)
+- Support automatic use of all available GPU memory using CUDA backend
+- Support automatic use of all available CPU cores for hash-mode specific hooks
- Support on-the-fly loading of compressed wordlists in zip and gzip format
-- Support for inline VeraCrypt PIM brute-force
- Support deflate decompression for the 7-Zip hash-mode using zlib hook
-- Added documentation on hashcat brain, slow-candidate and keyboard-layout mapping features
+- Added additional documentation on hashcat brain, slow-candidate interface and keyboard-layout mapping features
- Keep output of --show and --left in the original ordering of the input hash file
+- Improved performance of many hash-modes
##
## Algorithms
@@ -37,9 +36,6 @@
- Added hash-mode: Kerberos 5 Pre-Auth etype 18 (AES256-CTS-HMAC-SHA1-96)
- Added hash-mode: Kerberos 5 TGS-REP etype 17 (AES128-CTS-HMAC-SHA1-96)
- Added hash-mode: Kerberos 5 TGS-REP etype 18 (AES256-CTS-HMAC-SHA1-96)
-- Added hash-mode: md5($salt.sha1($salt.$pass))
-- Added hash-mode: md5(sha1($pass).md5($pass).sha1($pass))
-- Added hash-mode: md5(sha1($salt).md5($pass))
- Added hash-mode: MultiBit Classic .key (MD5)
- Added hash-mode: MultiBit HD (scrypt)
- Added hash-mode: MySQL $A$ (sha256crypt)
@@ -56,14 +52,6 @@
- Added hash-mode: QNX /etc/shadow (SHA512)
- Added hash-mode: RedHat 389-DS LDAP (PBKDF2-HMAC-SHA256)
- Added hash-mode: Ruby on Rails Restful-Authentication
-- Added hash-mode: sha1(md5(md5($pass)))
-- Added hash-mode: sha1(md5($pass.$salt))
-- Added hash-mode: sha1(md5($pass).$salt)
-- Added hash-mode: sha1($salt1.$pass.$salt2)
-- Added hash-mode: sha256(md5($pass))
-- Added hash-mode: sha256($salt.$pass.$salt)
-- Added hash-mode: sha256(sha256_bin($pass))
-- Added hash-mode: sha256(sha256($pass).$salt)
- Added hash-mode: SecureZIP AES-128
- Added hash-mode: SecureZIP AES-192
- Added hash-mode: SecureZIP AES-256
@@ -73,6 +61,17 @@
- Added hash-mode: Web2py pbkdf2-sha512
- Added hash-mode: WPA-PBKDF2-PMKID+EAPOL
- Added hash-mode: WPA-PMK-PMKID+EAPOL
+- Added hash-mode: md5($salt.sha1($salt.$pass))
+- Added hash-mode: md5(sha1($pass).md5($pass).sha1($pass))
+- Added hash-mode: md5(sha1($salt).md5($pass))
+- Added hash-mode: sha1(md5(md5($pass)))
+- Added hash-mode: sha1(md5($pass.$salt))
+- Added hash-mode: sha1(md5($pass).$salt)
+- Added hash-mode: sha1($salt1.$pass.$salt2)
+- Added hash-mode: sha256(md5($pass))
+- Added hash-mode: sha256($salt.$pass.$salt)
+- Added hash-mode: sha256(sha256_bin($pass))
+- Added hash-mode: sha256(sha256($pass).$salt)
##
## Bugs
@@ -81,10 +80,10 @@
- Fixed buffer overflow in build_plain() function
- Fixed buffer overflow in mp_add_cs_buf() function
- Fixed calculation of brain-session ID, only the first hash of the hashset was taken into account
-- Fixed cleanup of password candidate buffers on GPU set from autotune in case -n was used
+- Fixed cleanup of password candidate buffers on GPU set from autotune in case -n parameter was used
- Fixed copy/paste error leading to invalid "Integer overflow detected in keyspace of mask" in attack-mode 6 and 7
-- Fixed cracking multiple Office hashes (modes 9500, 9600) with the same salt
-- Fixed cracking of Blockchain, My Wallet (V1 and V2) hashes with unexpected decrypted data
+- Fixed cracking multiple Office hashes (modes 9500, 9600) if hashes shared the same salt
+- Fixed cracking of Blockchain, My Wallet (V1 and V2) hashes when testing decrypted data of unexpected format
- Fixed cracking of Cisco-PIX and Cisco-ASA MD5 passwords in mask-attack mode if mask > length 16
- Fixed cracking of DNSSEC (NSEC3) hashes by replacing all dots in the passwords with lengths
- Fixed cracking of Electrum Wallet Salt-Type 2 hashes
@@ -115,15 +114,16 @@
##
- Bitcoin Wallet: Be more user friendly by allowing a larger data range for ckey and public_key
+- Brain: Added new parameter --brain-server-timer to specify the seconds for the next scheduled backup
- Building: Fix for library compilation failure due to multiple defenition of sbob_xx64()
-- Building: Updated BUILD.md
- Cracking bcrypt and Password Safe v2: Use a feedback from the compute API backend to dynamically find out optimal thread count
- Dictstat: On Windows, the st_ino attribute in the stat struct is not set which can lead to invalid cache hits. Added the filename to the database entry.
-- Documents: Added README on how to build hashcat on MSYS2
+- Documents: Added README on how to build hashcat on Cygwin, MSYS2 and WSL
- File handling: Print a truncation warning when an oversized line is detected
- My Wallet: Added additional plaintext pattern used in newer versions
- Office cracking: Support hash format with second block data for 40-bit oldoffice files (eliminates false positives)
- OpenCL Runtime: Added a warning if OpenCL runtime NEO, Beignet, POCL (v1.4 or older) or MESA is detected and skip associated devices (override with --force)
+- OpenCL Runtime: Allow the kernel to access post-48k shared memory region on CUDA. Requires both module and kernel preparation
- OpenCL Runtime: Disable OpenCL kernel cache on Apple for Intel CPU (throws CL_BUILD_PROGRAM_FAILURE for no reason)
- OpenCL Runtime: Do not run shared- and constant-memory size checks if their memory type is of type global memory (typically CPU)
- OpenCL Runtime: Improve ROCm detection and make sure to not confuse with recent AMDGPU drivers
@@ -133,18 +133,19 @@
- OpenCL Runtime: Workaround JiT compiler error on AMDGPU driver compiling WPA-EAPOL-PBKDF2 OpenCL kernel
- OpenCL Runtime: Workaround JiT compiler error on ROCm 2.3 driver if the 'inline' keyword is used in function declaration
- OpenCL Runtime: Workaround memory allocation error on AMD driver on Windows leading to CL_MEM_OBJECT_ALLOCATION_FAILURE
-- OpenCL Runtime: Workaround ROCm OpenCL driver problem trying to write temporary file into readonly folder by setting TMPDIR
-- OpenCL Runtime: Allow the kernel to access post-48k shared memory region on CUDA. Requires both module and kernel preparation
+- OpenCL Runtime: Removed some workarounds by calling chdir() to specific folders on startup
+- Outfile: Added new systematic to specify the outfile format, the new --outfile-format now also supports timestamps
- Startup Checks: Improved the pidfile check: Do not just check for existing PID but also check executable filename
- Startup Checks: Prevent the user to modify options which are overwritten automatically in benchmark mode
- Startup Screen: Add extra warning when using --force
- Startup Screen: Add extra warning when using --keep-guessing
- Startup Screen: Provide an estimate of host memory requirements for the requested attack
-- Status Screen: Added brain status for all devices
+- Status Screen: Added brain status for all compute devices
- Status Screen: Added remaining counts and changed recovered count logic
- Status Screen: Added --status-json flag for easier machine reading of hashcat status output
- Tab Completion: Allow using "make install" version of hashcat
- Tuning Database: Updated hashcat.hctune with new models and refreshed vector width values
+- VeraCrypt: Added support for VeraCrypt PIM brute-force, replaced --veracrypt-pim with --veracrypt-pim-start and --veracrypt-pim-stop
- WipZip cracking: Added two byte early reject, resulting in higher cracking speed
- WPA/WPA2 cracking: In the potfile, replace password with PMK in order to detect already cracked networks across all WPA modes
@@ -152,6 +153,7 @@
## Technical
##
+- Backend Interface: Added new options --backend-ignore-cuda and --backend-ingore-opencl to ignore CUDA and/or OpenCL API from being used
- Binary Distribution: Removed 32-bit binary executables
- Building: On macOS, switch from ar to /usr/bin/ar to improve building compatibility
- Building: Skipping Travis/Appveyor build for non-code changes
@@ -163,18 +165,18 @@
- Codebase: Remove redundant calls to fclose()
- Dependencies: Updated LZMA-Headers from 18.05 to 19.00
- Dependencies: Updated OpenCL-Headers to latest version from GitHub master repository
+- Hash-Mode 12500 (RAR3-hp): Allow cracking of passwords up to length 64
- Hash-mode 1460 (HMAC-SHA256 (key = $salt)): Allow up to 64 byte of salt
- Hash-Mode 1680x (WPA-PMKID) specific: Changed separator character from '*' to ':'
- Hash-Mode 8300 (DNSSEC (NSEC3)) specific: Allow empty salt
-- Hash-Mode 12500 (RAR3-hp): Allow cracking of passwords up to length 64
- Keep Guessing: No longer automatically activate --keep-guessing for modes 9720, 9820, 14900 and 18100
- Keep Guessing: No longer mark hashes as cracked/removed when in potfile
- Kernel Cache: Reactivate OpenCL runtime specific kernel caches
- Kernel Compile: Removed -cl-std= from all kernel build options since we're compatible to all OpenCL versions
- OpenCL Kernels: Fix OpenCL compiler warning on double precision constants
- OpenCL Kernels: Moved "gpu_decompress", "gpu_memset" and "gpu_atinit" into shared.cl in order to reduce compile time
-- OpenCL Options: Set --spin-damp to 0 (disabled) by default. With the CUDA backend this workaround became deprecated
- OpenCL Options: Removed --opencl-platforms filter in order to force backend device numbers to stay constant
+- OpenCL Options: Set --spin-damp to 0 (disabled) by default. With the CUDA backend this workaround became deprecated
- Parsers: switched from strtok() to strtok_r() for thread safety
- Requirements: Add new requirement for NVIDIA GPU: CUDA Toolkit (9.0 or later)
- Requirements: Update runtime check for minimum NVIDIA driver version from 367.x to 440.64 or later