1
mirror of https://github.com/hashcat/hashcat synced 2024-11-24 14:27:14 +01:00
hashcat/tools/test_modules/m09800.pm

183 lines
3.7 KiB
Perl

#!/usr/bin/env perl
##
## Author......: See docs/credits.txt
## License.....: MIT
##
use strict;
use warnings;
use Crypt::RC4;
use Digest::SHA qw (sha1);
use Encode;
sub module_constraints { [[-1, -1], [-1, -1], [0, 15], [32, 32], [-1, -1]] }
sub module_generate_hash
{
my $word = shift;
my $salt = shift;
my $param = shift;
my $param2 = shift;
my $param3 = shift;
my $salt_bin = pack ("H*", $salt);
my $tmp = sha1 ($salt_bin. encode ("UTF-16LE", $word));
my $version;
if (defined $param2)
{
$version = $param2;
}
else
{
$version = (unpack ("L", $tmp) & 1) ? 3 : 4;
}
my $rc4_key = sha1 ($tmp . "\x00\x00\x00\x00");
if ($version == 3)
{
$rc4_key = substr ($rc4_key, 0, 5) . "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
}
my $m = Crypt::RC4->new (substr ($rc4_key, 0, 16));
my $encdata;
if (defined $param)
{
$encdata = $m->RC4 (pack ("H*", $param));
}
else
{
$encdata = "A" x 16; ## can be anything
}
my $data1_buf = $encdata;
my $data2_buf = sha1 (substr ($data1_buf, 0, 16));
$m = Crypt::RC4->new (substr ($rc4_key, 0, 16));
my $encrypted1 = $m->RC4 ($data1_buf);
my $encrypted2 = $m->RC4 ($data2_buf);
my $secblock = "";
if ($version == 3)
{
my $key2 = substr (sha1 ($tmp . "\x01\x00\x00\x00"), 0, 5) . "\x00" x 11;
my $rc4 = Crypt::RC4->new ($key2);
if (defined $param3) # verify/decrypt:
{
if (length ($param3) > 0)
{
my $decrypted = $rc4->RC4 (pack ("H*", $param3));
# count the number of NUL (\x00) bytes:
my $num_nul_bytes = 0;
for (my $i = 0; $i < 32; $i++)
{
$num_nul_bytes++ if (substr ($decrypted, $i, 1) eq "\x00");
}
if ($num_nul_bytes < 10)
{
$secblock = "*"; # incorrect/fake/empty result
}
else
{
$secblock = "*$param3";
}
}
}
else
{
if (random_number (0, 1) == 1) # the second block data is optional
{
my $num_zeros = random_number (10, 32); # at least 10 NUL bytes
$secblock = "\x00" x $num_zeros;
# fill the buffer with some random bytes (up to 32 bytes total):
for (my $i = 0; $i < 32 - $num_zeros; $i++)
{
my $idx = random_number (0, $num_zeros + $i); # insert at random position
my $c = random_bytes (1); # 0x00-0xff
$secblock = substr ($secblock, 0, $idx) . $c . substr ($secblock, $idx);
}
$secblock = $rc4->RC4 ($secblock);
$secblock = "*" . unpack ("H*", $secblock);
}
}
}
my $hash = sprintf ("\$oldoffice\$%d*%s*%s*%s%s", $version, $salt, unpack ("H*", $encrypted1), unpack ("H*", $encrypted2), $secblock);
return $hash;
}
sub module_verify_hash
{
my $line = shift;
# Office Old $3 $4
my ($hash_in, $word) = split ":", $line;
return unless defined $hash_in;
return unless defined $word;
my @data = split /\*/, $hash_in;
my $num_fields = scalar @data;
return unless (($num_fields == 4) || ($num_fields == 5));
my $signature = shift @data;
return unless (($signature eq '$oldoffice$3') || ($signature eq '$oldoffice$4'));
return unless (length $data[0] == 32);
return unless (length $data[1] == 32);
return unless (length $data[2] == 40);
my $salt = shift @data;
my $param = shift @data;
my $param2 = substr ($signature, 11, 1);
my $param3 = "";
if ($num_fields == 5)
{
shift @data; # ignore the "digest"
$param3 = shift @data;
}
return unless defined $salt;
return unless defined $word;
return unless defined $param;
return unless defined $param2;
$word = pack_if_HEX_notation ($word);
my $new_hash = module_generate_hash ($word, $salt, $param, $param2, $param3);
return ($new_hash, $word);
}
1;