1
mirror of https://github.com/hashcat/hashcat synced 2024-11-28 05:21:38 +01:00

fix to crack real hashes

This commit is contained in:
Gabriele Gristina 2021-07-26 22:45:02 +02:00
parent 7683ca19a3
commit d62fa617fb
3 changed files with 24 additions and 17 deletions

View File

@ -18,7 +18,7 @@
#define COMPARE_M "inc_comp_multi.cl" #define COMPARE_M "inc_comp_multi.cl"
#define SNMPV3_SALT_MAX 1500 #define SNMPV3_SALT_MAX 1500
#define SNMPV3_ENGINEID_MAX 32 #define SNMPV3_ENGINEID_MAX 34
#define SNMPV3_MSG_AUTH_PARAMS_MAX 16 #define SNMPV3_MSG_AUTH_PARAMS_MAX 16
#define SNMPV3_ROUNDS 1048576 #define SNMPV3_ROUNDS 1048576
#define SNMPV3_MAX_PW_LENGTH 64 #define SNMPV3_MAX_PW_LENGTH 64
@ -158,10 +158,10 @@ KERNEL_FQ void m26700_loop (KERN_ATTR_TMPS_ESALT (hmac_sha224_tmp_t, snmpv3_t))
#define SNMPV3_TMP_ELEMS_OPT 1024 // 1024 = (64 max pw length * 64) / sizeof (u32) #define SNMPV3_TMP_ELEMS_OPT 1024 // 1024 = (64 max pw length * 64) / sizeof (u32)
// for pw length > 64 we use global memory reads // for pw length > 64 we use global memory reads
u32 tmp[SNMPV3_TMP_ELEMS_OPT];
if (pw_len < 64) if (pw_len < 64)
{ {
u32 tmp[SNMPV3_TMP_ELEMS_OPT];
for (int i = 0; i < pw_len64 / 4; i++) for (int i = 0; i < pw_len64 / 4; i++)
{ {
tmp[i] = tmps[gid].tmp[i]; tmp[i] = tmps[gid].tmp[i];

View File

@ -24,8 +24,8 @@ static const u64 KERN_TYPE = 26700;
static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE; static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE;
static const u64 OPTS_TYPE = OPTS_TYPE_PT_GENERATE_LE; static const u64 OPTS_TYPE = OPTS_TYPE_PT_GENERATE_LE;
static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED;
static const char *ST_PASS = "hashcat"; static const char *ST_PASS = "hashcat1";
static const char *ST_HASH = "$SNMPv3$3$93139992$221741464175523704413635982825760096118979556553098267101930601704853783146704303603164898517490303649758413279881023268227639264274559738208032094697403441579675568418814746064423158072029964334558571907882883041105245436623239742039483870313304031171307046174561938247029298397351679655253476035738973220651902635644891207741346383906360172060617958001549207150418505701978225626879116088671275359841611906258964723020692629233701447389366763685772212471681367034365005843875040967496437639996409692554570118676609568987002911124689769902674963799843406930141309408517459025165858554235820857416473466773963181853809212740450911140184957236422993171860303971025966646341351680880393147830452957802708608458538439866404321876100995381875117293904251031322241811475664324823327065168205689694742596451920374170034310748505203093091474865128628752667403895211365282260392475024320221767588855410235114859725219681974195474606697679001625416351117081484601569226697700302476076379$1759ce$cb8436f8e5b49d52a60d0ee076a79a97"; static const char *ST_HASH = "$SNMPv3$3$45889431$308197020103301102047aa1a79e020300ffe30401010201030440303e041180001f88808106d566db57fd600000000002011002020118040e6d61747269785f5348412d3232340410000000000000000000000000000000000400303d041180001f88808106d566db57fd60000000000400a2260204272f76620201000201003018301606082b06010201010200060a2b06010401bf0803020a$80001f88808106d566db57fd6000000000$2f7a3891dd2e27d3f567e4d6d0257962";
u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; }
u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; }
@ -45,8 +45,8 @@ const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig,
static const char *SIGNATURE_SNMPV3 = "$SNMPv3$3$"; static const char *SIGNATURE_SNMPV3 = "$SNMPv3$3$";
#define SNMPV3_SALT_MAX 1500 #define SNMPV3_SALT_MAX 1500
#define SNMPV3_ENGINEID_MAX 32 #define SNMPV3_ENGINEID_MAX 34
#define SNMPV3_MSG_AUTH_PARAMS_MAX 16 #define SNMPV3_MSG_AUTH_PARAMS_LEN 16
#define SNMPV3_ROUNDS 1048576 #define SNMPV3_ROUNDS 1048576
#define SNMPV3_MAX_PW_LENGTH 64 #define SNMPV3_MAX_PW_LENGTH 64
@ -76,6 +76,13 @@ typedef struct snmpv3
} snmpv3_t; } snmpv3_t;
u32 module_pw_min (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra)
{
const u32 pw_min = 8;
return pw_min;
}
u64 module_esalt_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) u64 module_esalt_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra)
{ {
const u64 esalt_size = (const u64) sizeof (snmpv3_t); const u64 esalt_size = (const u64) sizeof (snmpv3_t);
@ -130,23 +137,23 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_DIGIT; | TOKEN_ATTR_VERIFY_DIGIT;
// salt // salt
token.len_min[2] = 16 * 2; token.len_min[2] = SNMPV3_MSG_AUTH_PARAMS_LEN * 2;
token.len_max[2] = SNMPV3_SALT_MAX * 2; token.len_max[2] = SNMPV3_SALT_MAX * 2;
token.sep[2] = '$'; token.sep[2] = '$';
token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX; | TOKEN_ATTR_VERIFY_HEX;
// engineid // engineid
token.len_min[3] = 5; token.len_min[3] = 26;
token.len_max[3] = SNMPV3_ENGINEID_MAX; token.len_max[3] = SNMPV3_ENGINEID_MAX;
token.sep[3] = '$'; token.sep[3] = '$';
token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH; token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
// digest // digest
token.len_min[4] = SNMPV3_MSG_AUTH_PARAMS_MAX * 2; token.len[4] = SNMPV3_MSG_AUTH_PARAMS_LEN * 2;
token.len_max[4] = SNMPV3_MSG_AUTH_PARAMS_MAX * 2;
token.sep[4] = '$'; token.sep[4] = '$';
token.attr[4] = TOKEN_ATTR_VERIFY_LENGTH token.attr[4] = TOKEN_ATTR_FIXED_LENGTH
| TOKEN_ATTR_VERIFY_HEX; | TOKEN_ATTR_VERIFY_HEX;
const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token);
@ -316,7 +323,7 @@ void module_init (module_ctx_t *module_ctx)
module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT;
module_ctx->module_pwdump_column = MODULE_DEFAULT; module_ctx->module_pwdump_column = MODULE_DEFAULT;
module_ctx->module_pw_max = MODULE_DEFAULT; module_ctx->module_pw_max = MODULE_DEFAULT;
module_ctx->module_pw_min = MODULE_DEFAULT; module_ctx->module_pw_min = module_pw_min;
module_ctx->module_salt_max = MODULE_DEFAULT; module_ctx->module_salt_max = MODULE_DEFAULT;
module_ctx->module_salt_min = MODULE_DEFAULT; module_ctx->module_salt_min = MODULE_DEFAULT;
module_ctx->module_salt_type = module_salt_type; module_ctx->module_salt_type = module_salt_type;

View File

@ -11,14 +11,14 @@ use warnings;
use Digest::SHA qw (sha224 sha224_hex); use Digest::SHA qw (sha224 sha224_hex);
use Digest::HMAC qw (hmac hmac_hex); use Digest::HMAC qw (hmac hmac_hex);
sub module_constraints { [[1, 256], [32, 3000], [-1, -1], [-1, -1], [-1, -1]] } sub module_constraints { [[8, 256], [32, 3000], [-1, -1], [-1, -1], [-1, -1]] }
sub module_generate_hash sub module_generate_hash
{ {
my $word = shift; my $word = shift;
my $salt = shift; my $salt = shift;
my $pkt_num = shift // int(rand(99999999)); my $pkt_num = shift // int(rand(100000000));
my $engineID = shift // random_hex_string(6); my $engineID = shift // random_hex_string(26, 34);
# make even if needed # make even if needed