From 423217e4cf84da2034f9cc0e61496258942dc330 Mon Sep 17 00:00:00 2001 From: philsmd Date: Tue, 21 Jul 2020 10:11:14 +0200 Subject: [PATCH 1/3] tests: added verify code for -m 11300 = bitcoin/litecoin --- docs/changes.txt | 1 + tools/test_modules/m11300.pm | 134 +++++++++++++++++++++++++++++++++-- 2 files changed, 131 insertions(+), 4 deletions(-) diff --git a/docs/changes.txt b/docs/changes.txt index 120524bf9..435de7981 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -30,6 +30,7 @@ ## - Backend: Changed the maximum number of compute devices from 64 to 128 +- Tests: Improved tests for hash-mode 11300 (Bitcoin/Litecoin wallet.dat) * changes v5.1.0 -> v6.0.0 diff --git a/tools/test_modules/m11300.pm b/tools/test_modules/m11300.pm index ae558a066..2afb66ad7 100644 --- a/tools/test_modules/m11300.pm +++ b/tools/test_modules/m11300.pm @@ -20,6 +20,7 @@ sub module_generate_hash my $ckey = shift // random_hex_string (96); my $public_key = shift // random_hex_string (66); my $salt_iter = shift // random_number (150000, 250000); + my $cry_master = shift; my $digest = sha512 ($word . pack ("H*", $salt)); @@ -28,7 +29,43 @@ sub module_generate_hash $digest = sha512 ($digest); } - my $data = random_hex_string (32); + my $data = ""; + + if (! defined ($cry_master)) + { + $data = random_hex_string (32); + } + else + { + my $aes = Crypt::CBC->new ({ + key => substr ($digest, 0, 32), + cipher => "Crypt::Rijndael", + iv => substr ($digest, 32, 16), + literal_key => 1, + header => "none", + keysize => 32, + padding => "none", + }); + + $data = $aes->decrypt (pack ("H*", $cry_master)); + + if ($data =~ m/\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10$/) + { + # remove padding: + + $data = substr ($data, 0, -16); + } + elsif ($data =~ m/\x08\x08\x08\x08\x08\x08\x08\x08$/) + { + # remove padding: + + $data = substr ($data, 0, -8); + } + else + { + $data = "WRONG"; # fake + } + } my $aes = Crypt::CBC->new ({ key => substr ($digest, 0, 32), @@ -40,7 +77,7 @@ sub module_generate_hash padding => "standard", }); - my $cry_master = (unpack ("H*", $aes->encrypt ($data))); + $cry_master = unpack ("H*", $aes->encrypt ($data)); my $hash = sprintf ('$bitcoin$%d$%s$%d$%s$%d$%d$%s$%d$%s', length ($cry_master), @@ -58,9 +95,98 @@ sub module_generate_hash sub module_verify_hash { - print "ERROR: verify currently not supported for Bitcoin/Litecoin wallet.dat because of unknown crypt data\n"; + my $line = shift; - exit (1); + return unless (substr ($line, 0, 9) eq "\$bitcoin\$"); + + my $split_idx = index ($line, ":"); + + return if ($split_idx < 1); + + my $hash = substr ($line, 0, $split_idx); + my $word = substr ($line, $split_idx + 1); + + # cry_master length + + my $idx1 = index ($hash, "\$", 9); + + return if ($idx1 < 1); + + my $cry_master_len = substr ($hash, 9, $idx1 - 9); + + # cry_master + + my $idx2 = index ($hash, "\$", $idx1 + 1); + + return if ($idx2 < 1); + + my $cry_master = substr ($hash, $idx1 + 1, $idx2 - $idx1 - 1); + + return unless ($cry_master =~ m/^[0-9a-fA-F]+$/); + + # salt length + + $idx1 = index ($hash, "\$", $idx2 + 1); + + return if ($idx1 < 1); + + my $salt_len = substr ($hash, $idx2 + 1, $idx1 - $idx2 - 1); + + # salt + + $idx2 = index ($hash, "\$", $idx1 + 1); + + return if ($idx2 < 1); + + my $salt = substr ($hash, $idx1 + 1, $idx2 - $idx1 - 1); + + return unless ($salt =~ m/^[0-9a-fA-F]+$/); + + # salt iter + + $idx1 = index ($hash, "\$", $idx2 + 1); + + return if ($idx1 < 1); + + my $salt_iter = substr ($hash, $idx2 + 1, $idx1 - $idx2 - 1); + + # ckey length + + $idx2 = index ($hash, "\$", $idx1 + 1); + + return if ($idx2 < 1); + + my $ckey_len = substr ($hash, $idx1 + 1, $idx2 - $idx1 - 1); + + # ckey + + $idx1 = index ($hash, "\$", $idx2 + 1); + + return if ($idx1 < 1); + + my $ckey = substr ($hash, $idx2 + 1, $idx1 - $idx2 - 1); + + return unless ($ckey =~ m/^[0-9a-fA-F]+$/); + + # public key length + + $idx2 = index ($hash, "\$", $idx1 + 1); + + return if ($idx2 < 1); + + my $public_key_len = substr ($hash, $idx1 + 1, $idx2 - $idx1 - 1); + + # public key + + my $public_key = substr ($hash, $idx2 + 1); + + return unless ($public_key =~ m/^[0-9a-fA-F]+$/); + + my $word_packed = pack_if_HEX_notation ($word); + + my $new_hash = module_generate_hash ($word_packed, $salt, $ckey, $public_key, $salt_iter, $cry_master); + + return ($new_hash, $word); } 1; From 89b9d4aaeb71a4c5bc8ccd056f793a8be7e623c8 Mon Sep 17 00:00:00 2001 From: philsmd Date: Tue, 21 Jul 2020 10:39:38 +0200 Subject: [PATCH 2/3] tests: improve install_modules.sh python dependencies --- tools/install_modules.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/tools/install_modules.sh b/tools/install_modules.sh index 33d907aeb..b8c578a3f 100755 --- a/tools/install_modules.sh +++ b/tools/install_modules.sh @@ -63,9 +63,13 @@ cpan install Authen::Passphrase::LANManager \ ERRORS=$((ERRORS+$?)) -pip2 install pygost pycryptoplus +pip2 install pygost +# pip2 uninstall -y pycryptoplus pycrypto pycryptodome + +pip2 install pycryptoplus pip2 uninstall -y pycryptodome +pip2 install pycrypto ERRORS=$((ERRORS+$?)) From 077083c6c5e1ac8b2dac225831a4378de533bd31 Mon Sep 17 00:00:00 2001 From: philsmd Date: Tue, 21 Jul 2020 10:49:42 +0200 Subject: [PATCH 3/3] tests: remove verify code for -m 16800 = WPA-PMKID-PBKDF2 --- docs/changes.txt | 1 + tools/test_modules/m16800.pm | 19 ++----------------- 2 files changed, 3 insertions(+), 17 deletions(-) diff --git a/docs/changes.txt b/docs/changes.txt index 120524bf9..4d84c8bf6 100644 --- a/docs/changes.txt +++ b/docs/changes.txt @@ -30,6 +30,7 @@ ## - Backend: Changed the maximum number of compute devices from 64 to 128 +- Tests: Improved tests for hash-mode 16800 (WPA-PMKID-PBKDF2) * changes v5.1.0 -> v6.0.0 diff --git a/tools/test_modules/m16800.pm b/tools/test_modules/m16800.pm index b3ea939a9..94ea882b4 100644 --- a/tools/test_modules/m16800.pm +++ b/tools/test_modules/m16800.pm @@ -62,24 +62,9 @@ sub module_generate_hash sub module_verify_hash { - my $line = shift; + print "ERROR: verify currently not supported for WPA-PMKID-PBKDF2 (because of hashcat's output format)\n"; - my ($hash, $word) = split (':', $line); - - return unless defined $hash; - return unless defined $word; - - my @data = split (/\:/, $hash); - - return unless scalar @data == 4; - - my (undef, $macap, $macsta, $essid) = @data; - - my $word_packed = pack_if_HEX_notation ($word); - - my $new_hash = module_generate_hash ($word_packed, undef, $macap, $macsta, $essid); - - return ($new_hash, $word); + exit (1); } 1;