github/hashcat
1
Fork 0
mirror of https://github.com/hashcat/hashcat synced 2025-01-03 11:16:23 +01:00
Code Releases Activity

Add -m 8300 module

Browse Source
This commit is contained in:
jsteube 2019-02-09 23:50:11 +01:00
parent fde470b315
commit d5fae7670c
3 changed files with 268 additions and 166 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
include/interface_migrate.h
View File

@ -340,7 +340,6 @@ typedef enum kern_type
KERN_TYPE_SHA1_SLT_PW_SLT = 4900,
KERN_TYPE_RIPEMD160 = 6000,
KERN_TYPE_WHIRLPOOL = 6100,
KERN_TYPE_NSEC3 = 8300,
KERN_TYPE_WBB3 = 8400,
KERN_TYPE_LOTUS5 = 8600,
KERN_TYPE_LOTUS6 = 8700,
@ -395,7 +394,6 @@ typedef enum kern_type
typedef enum rounds_count
{
ROUNDS_NSEC3 = 1,
ROUNDS_ANDROIDFDE = 2000,
ROUNDS_LOTUS8 = 5000,
ROUNDS_CISCO8 = 20000,

164
src/interface_migrate.c
View File

@ -43,7 +43,6 @@
" 11900 | PBKDF2-HMAC-MD5 | Generic KDF",
" 10900 | PBKDF2-HMAC-SHA256 | Generic KDF",
" 12100 | PBKDF2-HMAC-SHA512 | Generic KDF",
" 8300 | DNSSEC (NSEC3) | Network Protocols",
" 10200 | CRAM-MD5 | Network Protocols",
" 11100 | PostgreSQL CRAM (MD5) | Network Protocols",
" 11200 | MySQL CRAM (SHA1) | Network Protocols",
@ -173,7 +172,6 @@ static const char *ST_HASH_04700 = "92d85978d884eb1d99a51652b1139c8279fa8663";
static const char *ST_HASH_04900 = "75d280ca9a0c2ee18729603104ead576d9ca6285:347070";
static const char *ST_HASH_06000 = "012cb9b334ec1aeb71a9c8ce85586082467f7eb6";
static const char *ST_HASH_06100 = "7ca8eaaaa15eaa4c038b4c47b9313e92da827c06940e69947f85bc0fbef3eb8fd254da220ad9e208b6b28f6bb9be31dd760f1fdb26112d83f87d96b416a4d258";
static const char *ST_HASH_08300 = "pi6a89u8tca930h8mvolklmesefc5gmn:.fnmlbsik.net:35537886:1";
static const char *ST_HASH_08400 = "7f8d1951fe48ae3266980c2979c141f60e4415e5:5037864764153886517871426607441768004150";
static const char *ST_HASH_08600 = "3dd2e1e5ac03e230243d58b8c5ada076";
static const char *ST_HASH_08700 = "(GDJ0nDZI8l8RJzlRbemg)";
@ -261,7 +259,6 @@ static const char *HT_04700 = "sha1(md5($pass))";
static const char *HT_04900 = "sha1($salt.$pass.$salt)";
static const char *HT_06000 = "RIPEMD-160";
static const char *HT_06100 = "Whirlpool";
static const char *HT_08300 = "DNSSEC (NSEC3)";
static const char *HT_08400 = "WBB3 (Woltlab Burning Board)";
static const char *HT_08600 = "Lotus Notes/Domino 5";
static const char *HT_08700 = "Lotus Notes/Domino 6";
@ -2544,112 +2541,6 @@ int mysql323_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_U
return (PARSER_OK);
}
int nsec3_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig)
{
u32 *digest = (u32 *) hash_buf->digest;
salt_t *salt = hash_buf->salt;
token_t token;
token.token_cnt = 4;
token.sep[0] = ':';
token.len_min[0] = 32;
token.len_max[0] = 32;
token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH;
token.sep[1] = ':';
token.len_min[1] = 1;
token.len_max[1] = 32;
token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH;
token.sep[2] = ':';
token.len_min[2] = 1;
token.len_max[2] = 32;
token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH;
token.sep[3] = ':';
token.len_min[3] = 1;
token.len_max[3] = 6;
token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH;
const int rc_tokenizer = input_tokenizer (input_buf, input_len, &token);
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
// ok, the plan for this algorithm is the following:
// we have 2 salts here, the domain-name and a random salt
// while both are used in the initial transformation,
// only the random salt is used in the following iterations
// so we create two buffer, one that includes domain-name (stored into salt_buf_pc[])
// and one that includes only the real salt (stored into salt_buf[]).
// the domain-name length is put into array position 7 of salt_buf_pc[] since there is not salt_pc_len
const u8 *hash_pos = token.buf[0];
const int hash_len = token.len[0];
u8 tmp_buf[100] = { 0 };
base32_decode (itoa32_to_int, hash_pos, hash_len, tmp_buf);
memcpy (digest, tmp_buf, 20);
digest[0] = byte_swap_32 (digest[0]);
digest[1] = byte_swap_32 (digest[1]);
digest[2] = byte_swap_32 (digest[2]);
digest[3] = byte_swap_32 (digest[3]);
digest[4] = byte_swap_32 (digest[4]);
// domain
const u8 *domain_pos = token.buf[1];
const int domain_len = token.len[1];
u8 *salt_buf_pc_ptr = (u8 *) salt->salt_buf_pc;
memcpy (salt_buf_pc_ptr, domain_pos, domain_len);
if (salt_buf_pc_ptr[0] != '.') return (PARSER_SALT_VALUE);
u8 *len_ptr = salt_buf_pc_ptr;
*len_ptr = 0;
for (int i = 1; i < domain_len; i++)
{
if (salt_buf_pc_ptr[i] == '.')
{
len_ptr = salt_buf_pc_ptr + i;
*len_ptr = 0;
}
else
{
*len_ptr += 1;
}
}
salt->salt_len_pc = domain_len;
// "real" salt
const u8 *salt_pos = token.buf[2];
const int salt_len = token.len[2];
const bool parse_rc = parse_and_store_generic_salt ((u8 *) salt->salt_buf, (int *) &salt->salt_len, salt_pos, salt_len, hashconfig);
if (parse_rc == false) return (PARSER_SALT_LENGTH);
// iteration
const u8 *iter_pos = token.buf[3];
salt->salt_iter = hc_strtoul ((const char *) iter_pos, NULL, 10);
return (PARSER_OK);
}
int wbb3_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig)
{
u32 *digest = (u32 *) hash_buf->digest;
@ -8166,43 +8057,6 @@ int ascii_digest (hashcat_ctx_t *hashcat_ctx, char *out_buf, const int out_size,
byte_swap_32 (digest_buf[3]),
byte_swap_32 (digest_buf[4]));
}
else if (hash_mode == 8300)
{
char digest_buf_c[34] = { 0 };
digest_buf[0] = byte_swap_32 (digest_buf[0]);
digest_buf[1] = byte_swap_32 (digest_buf[1]);
digest_buf[2] = byte_swap_32 (digest_buf[2]);
digest_buf[3] = byte_swap_32 (digest_buf[3]);
digest_buf[4] = byte_swap_32 (digest_buf[4]);
base32_encode (int_to_itoa32, (const u8 *) digest_buf, 20, (u8 *) digest_buf_c);
digest_buf_c[32] = 0;
// domain
const u32 salt_pc_len = salt.salt_len_pc;
char domain_buf_c[33] = { 0 };
memcpy (domain_buf_c, (char *) salt.salt_buf_pc, salt_pc_len);
for (u32 i = 0; i < salt_pc_len; i++)
{
const char next = domain_buf_c[i];
domain_buf_c[i] = '.';
i += next;
}
domain_buf_c[salt_pc_len] = 0;
// final
snprintf (out_buf, out_size, "%s:%s:%s:%u", digest_buf_c, domain_buf_c, (char *) salt.salt_buf, salt.salt_iter);
}
else if (hash_mode == 2612)
{
snprintf (out_buf, out_size, "%s%s$%08x%08x%08x%08x",
@ -10566,24 +10420,6 @@ int hashconfig_init (hashcat_ctx_t *hashcat_ctx)
hashconfig->st_pass = ST_PASS_HASHCAT_PLAIN;
break;
case 8300: hashconfig->hash_type = HASH_TYPE_SHA1;
hashconfig->salt_type = SALT_TYPE_EMBEDDED;
hashconfig->attack_exec = ATTACK_EXEC_INSIDE_KERNEL;
hashconfig->opts_type = OPTS_TYPE_PT_GENERATE_BE
| OPTS_TYPE_ST_HEX
| OPTS_TYPE_ST_ADD80;
hashconfig->kern_type = KERN_TYPE_NSEC3;
hashconfig->dgst_size = DGST_SIZE_4_5;
hashconfig->parse_func = nsec3_parse_hash;
hashconfig->opti_type = OPTI_TYPE_ZERO_BYTE;
hashconfig->dgst_pos0 = 3;
hashconfig->dgst_pos1 = 4;
hashconfig->dgst_pos2 = 2;
hashconfig->dgst_pos3 = 1;
hashconfig->st_hash = ST_HASH_08300;
hashconfig->st_pass = ST_PASS_HASHCAT_PLAIN;
break;
case 8400: hashconfig->hash_type = HASH_TYPE_SHA1;
hashconfig->salt_type = SALT_TYPE_GENERIC;
hashconfig->attack_exec = ATTACK_EXEC_INSIDE_KERNEL;

268
src/modules/module_08300.c Normal file
View File

@ -0,0 +1,268 @@
/**
* Author......: See docs/credits.txt
* License.....: MIT
*/
#include "common.h"
#include "types.h"
#include "modules.h"
#include "bitops.h"
#include "convert.h"
#include "shared.h"
static const u32 ATTACK_EXEC = ATTACK_EXEC_INSIDE_KERNEL;
static const u32 DGST_POS0 = 3;
static const u32 DGST_POS1 = 4;
static const u32 DGST_POS2 = 2;
static const u32 DGST_POS3 = 1;
static const u32 DGST_SIZE = DGST_SIZE_4_5;
static const u32 HASH_CATEGORY = HASH_CATEGORY_NETWORK_SERVER;
static const char *HASH_NAME = "DNSSEC (NSEC3)";
static const u32 HASH_TYPE = HASH_TYPE_GENERIC;
static const u64 KERN_TYPE = 8300;
static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE;
static const u32 OPTS_TYPE = OPTS_TYPE_PT_GENERATE_BE
| OPTS_TYPE_ST_HEX
| OPTS_TYPE_ST_ADD80;
static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED;
static const char *ST_PASS = "hashcat";
static const char *ST_HASH = "pi6a89u8tca930h8mvolklmesefc5gmn:.fnmlbsik.net:35537886:1";
u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; }
u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; }
u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; }
u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; }
u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; }
u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; }
u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; }
const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; }
u32 module_hash_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_TYPE; }
u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; }
u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; }
u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; }
u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; }
const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; }
const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; }
int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len)
{
u32 *digest = (u32 *) digest_buf;
token_t token;
token.token_cnt = 4;
token.sep[0] = ':';
token.len_min[0] = 32;
token.len_max[0] = 32;
token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH;
token.sep[1] = ':';
token.len_min[1] = 1;
token.len_max[1] = 32;
token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH;
token.sep[2] = ':';
token.len_min[2] = 1;
token.len_max[2] = 32;
token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH;
token.sep[3] = ':';
token.len_min[3] = 1;
token.len_max[3] = 6;
token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH;
const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token);
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
// ok, the plan for this algorithm is the following:
// we have 2 salts here, the domain-name and a random salt
// while both are used in the initial transformation,
// only the random salt is used in the following iterations
// so we create two buffer, one that includes domain-name (stored into salt_buf_pc[])
// and one that includes only the real salt (stored into salt_buf[]).
// the domain-name length is put into array position 7 of salt_buf_pc[] since there is not salt_pc_len
const u8 *hash_pos = token.buf[0];
const int hash_len = token.len[0];
u8 tmp_buf[100] = { 0 };
base32_decode (itoa32_to_int, hash_pos, hash_len, tmp_buf);
memcpy (digest, tmp_buf, 20);
digest[0] = byte_swap_32 (digest[0]);
digest[1] = byte_swap_32 (digest[1]);
digest[2] = byte_swap_32 (digest[2]);
digest[3] = byte_swap_32 (digest[3]);
digest[4] = byte_swap_32 (digest[4]);
// domain
const u8 *domain_pos = token.buf[1];
const int domain_len = token.len[1];
u8 *salt_buf_pc_ptr = (u8 *) salt->salt_buf_pc;
memcpy (salt_buf_pc_ptr, domain_pos, domain_len);
if (salt_buf_pc_ptr[0] != '.') return (PARSER_SALT_VALUE);
u8 *len_ptr = salt_buf_pc_ptr;
*len_ptr = 0;
for (int i = 1; i < domain_len; i++)
{
if (salt_buf_pc_ptr[i] == '.')
{
len_ptr = salt_buf_pc_ptr + i;
*len_ptr = 0;
}
else
{
*len_ptr += 1;
}
}
salt->salt_len_pc = domain_len;
// "real" salt
const u8 *salt_pos = token.buf[2];
const int salt_len = token.len[2];
const bool parse_rc = parse_and_store_generic_salt ((u8 *) salt->salt_buf, (int *) &salt->salt_len, salt_pos, salt_len, hashconfig);
if (parse_rc == false) return (PARSER_SALT_LENGTH);
// iteration
const u8 *iter_pos = token.buf[3];
salt->salt_iter = hc_strtoul ((const char *) iter_pos, NULL, 10);
return (PARSER_OK);
}
int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size)
{
const u32 *digest = (const u32 *) digest_buf;
u32 tmp[5];
tmp[0] = byte_swap_32 (digest[0]);
tmp[1] = byte_swap_32 (digest[1]);
tmp[2] = byte_swap_32 (digest[2]);
tmp[3] = byte_swap_32 (digest[3]);
tmp[4] = byte_swap_32 (digest[4]);
char digest_buf_c[34];
base32_encode (int_to_itoa32, (const u8 *) tmp, 20, (u8 *) digest_buf_c);
digest_buf_c[32] = 0;
// domain
const u32 salt_pc_len = salt->salt_len_pc;
char domain_buf_c[33] = { 0 };
memcpy (domain_buf_c, (char *) salt->salt_buf_pc, salt_pc_len);
for (u32 i = 0; i < salt_pc_len; i++)
{
const char next = domain_buf_c[i];
domain_buf_c[i] = '.';
i += next;
}
domain_buf_c[salt_pc_len] = 0;
// final
char tmp_salt[128];
exec_hexify ((const u8 *) salt->salt_buf, salt->salt_len, (u8 *) tmp_salt);
tmp_salt[salt->salt_len * 2] = 0;
const int line_len = snprintf (line_buf, line_size, "%s:%s:%s:%u", digest_buf_c, domain_buf_c, tmp_salt, salt->salt_iter);
return line_len;
}
void module_init (module_ctx_t *module_ctx)
{
module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT;
module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT;
module_ctx->module_attack_exec = module_attack_exec;
module_ctx->module_benchmark_esalt = MODULE_DEFAULT;
module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT;
module_ctx->module_benchmark_mask = MODULE_DEFAULT;
module_ctx->module_benchmark_salt = MODULE_DEFAULT;
module_ctx->module_build_plain_postprocess = MODULE_DEFAULT;
module_ctx->module_deep_comp_kernel = MODULE_DEFAULT;
module_ctx->module_dgst_pos0 = module_dgst_pos0;
module_ctx->module_dgst_pos1 = module_dgst_pos1;
module_ctx->module_dgst_pos2 = module_dgst_pos2;
module_ctx->module_dgst_pos3 = module_dgst_pos3;
module_ctx->module_dgst_size = module_dgst_size;
module_ctx->module_dictstat_disable = MODULE_DEFAULT;
module_ctx->module_esalt_size = MODULE_DEFAULT;
module_ctx->module_extra_buffer_size = MODULE_DEFAULT;
module_ctx->module_extra_tmp_size = MODULE_DEFAULT;
module_ctx->module_forced_outfile_format = MODULE_DEFAULT;
module_ctx->module_hash_binary_count = MODULE_DEFAULT;
module_ctx->module_hash_binary_parse = MODULE_DEFAULT;
module_ctx->module_hash_binary_save = MODULE_DEFAULT;
module_ctx->module_hash_decode_outfile = MODULE_DEFAULT;
module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT;
module_ctx->module_hash_decode = module_hash_decode;
module_ctx->module_hash_encode_status = MODULE_DEFAULT;
module_ctx->module_hash_encode = module_hash_encode;
module_ctx->module_hash_init_selftest = MODULE_DEFAULT;
module_ctx->module_hash_mode = MODULE_DEFAULT;
module_ctx->module_hash_category = module_hash_category;
module_ctx->module_hash_name = module_hash_name;
module_ctx->module_hash_type = module_hash_type;
module_ctx->module_hlfmt_disable = MODULE_DEFAULT;
module_ctx->module_hook12 = MODULE_DEFAULT;
module_ctx->module_hook23 = MODULE_DEFAULT;
module_ctx->module_hook_salt_size = MODULE_DEFAULT;
module_ctx->module_hook_size = MODULE_DEFAULT;
module_ctx->module_jit_build_options = MODULE_DEFAULT;
module_ctx->module_kernel_accel_max = MODULE_DEFAULT;
module_ctx->module_kernel_accel_min = MODULE_DEFAULT;
module_ctx->module_kernel_loops_max = MODULE_DEFAULT;
module_ctx->module_kernel_loops_min = MODULE_DEFAULT;
module_ctx->module_kernel_threads_max = MODULE_DEFAULT;
module_ctx->module_kernel_threads_min = MODULE_DEFAULT;
module_ctx->module_kern_type = module_kern_type;
module_ctx->module_kern_type_dynamic = MODULE_DEFAULT;
module_ctx->module_opti_type = module_opti_type;
module_ctx->module_opts_type = module_opts_type;
module_ctx->module_outfile_check_disable = MODULE_DEFAULT;
module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT;
module_ctx->module_potfile_disable = MODULE_DEFAULT;
module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT;
module_ctx->module_pwdump_column = MODULE_DEFAULT;
module_ctx->module_pw_max = MODULE_DEFAULT;
module_ctx->module_pw_min = MODULE_DEFAULT;
module_ctx->module_salt_max = MODULE_DEFAULT;
module_ctx->module_salt_min = MODULE_DEFAULT;
module_ctx->module_salt_type = module_salt_type;
module_ctx->module_separator = MODULE_DEFAULT;
module_ctx->module_st_hash = module_st_hash;
module_ctx->module_st_pass = module_st_pass;
module_ctx->module_tmp_size = MODULE_DEFAULT;
module_ctx->module_unstable_warning = MODULE_DEFAULT;
module_ctx->module_warmup_disable = MODULE_DEFAULT;
}