DeforaNetworks/hashcat
3
0
Fork 0
Code Releases Activity

Add additional support for SQLCipher v3 and hashes SHA1 and SHA256 and a unit-test

Browse Source
This commit is contained in:
Jens Steube
2021-03-26 11:36:41 +01:00
parent 71766dab43
commit 524cb20703
9 changed files with 1166 additions and 156 deletions
Download Patch File Download Diff File Expand all files Collapse all files

232
src/modules/module_24600.c
View File

@@ -15,19 +15,18 @@ static const u32 DGST_POS0 = 0;
static const u32 DGST_POS1 = 1;
static const u32 DGST_POS2 = 2;
static const u32 DGST_POS3 = 3;
static const u32 DGST_SIZE = DGST_SIZE_8_16;
static const u32 HASH_CATEGORY = HASH_CATEGORY_GENERIC_KDF;
static const char *HASH_NAME = "SQL-CIPHER-V4";
static const u64 KERN_TYPE = 24600;
static const u32 DGST_SIZE = DGST_SIZE_4_4;
static const u32 HASH_CATEGORY = HASH_CATEGORY_DATABASE_SERVER;
static const char *HASH_NAME = "SQLCipher";
static const u64 KERN_TYPE = 24610;
static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE
| OPTI_TYPE_USES_BITS_64
| OPTI_TYPE_SLOW_HASH_SIMD_LOOP;
static const u64 OPTS_TYPE = OPTS_TYPE_PT_GENERATE_LE
| OPTS_TYPE_ST_BASE64
| OPTS_TYPE_HASH_COPY;
| OPTS_TYPE_SELF_TEST_DISABLE;
static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED;
static const char *ST_PASS = "hashcat";
static const char *ST_HASH = "sqlcipherv4:256000:8pKCwhWlnnMtP+dAsFR2kQ==:hGFfy1rUULCzl7MRgC1CqBv01+hizNb4ERKogdU529ZLc5odh1S203QidBWDxzds1ZjJ51573dnUbEkiHObV63xEtKLaLoP3Bv54REtfOYRb25dfSfb1A5IjKf5yrVTFjTXJrkO40NDybQDsxh/SOQCQcT0gjR7DNprxjv6/N+ZAR8vm8xhSNvm9BRWHu74rvg2hsMroyIZSF8KimsvbwTmAQfpYgy6vcg9MV/QI+BR0Mwmru1NIXTYo3huez37H7Cij1Jchia2pgyNt9rqMX3aBw7ae/i29D3aprO+CYQmisVWsGT1Mljx+rc7ujQG0I0CCB/TF2ycjYlZPmC/vYQ==";
static const char *ST_HASH = "SQLCIPHER*1*64000*25548249195677404156261816261456*85b5e156e1cf1e0be5e9f4217186817b*33435c230bbc7989bbd027630e3f47cd";
u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; }
u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; }
@@ -44,46 +43,65 @@ u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig,
const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; }
const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; }
typedef struct pbkdf2_sha512
typedef struct sqlcipher_sha1_tmp
{
u32 salt_buf[64];
u32 ciphertext[64];
u32 ipad[5];
u32 opad[5];
} pbkdf2_sha512_t;
u32 dgst[10];
u32 out[10];
typedef struct pbkdf2_sha512_tmp
} sqlcipher_sha1_tmp_t;
typedef struct sqlcipher_sha256_tmp
{
u32 ipad[8];
u32 opad[8];
u32 dgst[8];
u32 out[8];
} sqlcipher_sha256_tmp_t;
typedef struct sqlcipher_sha512_tmp
{
u64 ipad[8];
u64 opad[8];
u64 dgst[16];
u64 out[16];
u64 dgst[8];
u64 out[8];
} pbkdf2_sha512_tmp_t;
} sqlcipher_sha512_tmp_t;
static const char *SIGNATURE_PBKDF2_SHA512 = "sqlcipherv4";
bool module_unstable_warning (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra, MAYBE_UNUSED const hc_device_param_t *device_param)
typedef struct sqlcipher
{
// amdgpu-pro-19.30-934563-ubuntu-18.04: password not found
if ((device_param->opencl_device_vendor_id == VENDOR_ID_AMD) && (device_param->has_vperm == false))
{
return true;
}
u32 iv_buf[4];
u32 data_buf[4];
return false;
}
u32 type;
} sqlcipher_t;
typedef enum kern_type_sqlcipher
{
KERN_TYPE_SQLCIPHER_SHA1 = 24610,
KERN_TYPE_SQLCIPHER_SHA256 = 24620,
KERN_TYPE_SQLCIPHER_SHA512 = 24630,
} kern_type_sqlcipher_t;
static const char *SIGNATURE_SQLCIPHER = "SQLCIPHER";
u64 module_esalt_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra)
{
const u64 esalt_size = (const u64) sizeof (pbkdf2_sha512_t);
const u64 esalt_size = (const u64) sizeof (sqlcipher_t);
return esalt_size;
}
u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra)
{
const u64 tmp_size = (const u64) sizeof (pbkdf2_sha512_tmp_t);
const u64 tmp_size = (const u64) sizeof (sqlcipher_sha512_tmp_t); // we just select the largest
return tmp_size;
}
@@ -98,96 +116,166 @@ u32 module_pw_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED con
return pw_max;
}
u64 module_kern_type_dynamic (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info)
{
const sqlcipher_t *sqlcipher = (const sqlcipher_t *) esalt_buf;
u64 kern_type = -1;
if (sqlcipher->type == 1)
{
kern_type = KERN_TYPE_SQLCIPHER_SHA1;
}
else if (sqlcipher->type == 2)
{
kern_type = KERN_TYPE_SQLCIPHER_SHA256;
}
else if (sqlcipher->type == 3)
{
kern_type = KERN_TYPE_SQLCIPHER_SHA512;
}
else
{
return (PARSER_HASH_LENGTH);
}
return kern_type;
}
int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len)
{
u32 *digest = (u32 *) digest_buf;
pbkdf2_sha512_t *pbkdf2_sha512 = (pbkdf2_sha512_t *) esalt_buf;
sqlcipher_t *sqlcipher = (sqlcipher_t *) esalt_buf;
token_t token;
token.token_cnt = 4;
token.token_cnt = 6;
token.signatures_cnt = 1;
token.signatures_buf[0] = SIGNATURE_PBKDF2_SHA512;
token.signatures_buf[0] = SIGNATURE_SQLCIPHER;
token.sep[0] = ':';
token.len_min[0] = 11;
token.len_max[0] = 11;
token.sep[0] = '*';
token.len_min[0] = 9;
token.len_max[0] = 9;
token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_SIGNATURE;
token.sep[1] = ':';
token.sep[1] = '*';
token.len_min[1] = 1;
token.len_max[1] = 6;
token.len_max[1] = 1;
token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_DIGIT;
token.sep[2] = ':';
token.len_min[2] = 0;
token.len_max[2] = 50;
token.sep[2] = '*';
token.len_min[2] = 1;
token.len_max[2] = 6;
token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_BASE64A;
| TOKEN_ATTR_VERIFY_DIGIT;
token.sep[3] = ':';
token.len_min[3] = 0;
token.len_max[3] = 800;
token.sep[3] = '*';
token.len_min[3] = 32;
token.len_max[3] = 32;
token.attr[3] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_BASE64A;
| TOKEN_ATTR_VERIFY_HEX;
token.sep[4] = '*';
token.len_min[4] = 32;
token.len_max[4] = 32;
token.attr[4] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
token.sep[5] = '*';
token.len_min[5] = 32;
token.len_max[5] = 32;
token.attr[5] = TOKEN_ATTR_VERIFY_LENGTH
| TOKEN_ATTR_VERIFY_HEX;
const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token);
if (rc_tokenizer != PARSER_OK) return (rc_tokenizer);
u8 tmp_buf[512];
u8 tmp_buf2[512];
int tmp_len;
int tmp_len2;
// type
// iter
const u8 *type_pos = token.buf[1];
const u8 *iter_pos = token.buf[1];
const int type = hc_strtoul ((const char *) type_pos, NULL, 10);
const u32 iter = hc_strtoul ((const char *) iter_pos, NULL, 10);
if ((type != 1) && (type != 2) && (type != 3)) return (PARSER_SIGNATURE_UNMATCHED);
sqlcipher->type = type;
// cipher
const u8 *iter_pos = token.buf[2];
int iter = hc_strtoul ((const char *) iter_pos, NULL, 10);
salt->salt_iter = iter - 1;
// salt
// salt buffer
const u8 *salt_pos = token.buf[2];
const int salt_len = token.len[2];
const u8 *salt_pos = token.buf[3];
memset (tmp_buf, 0, sizeof (tmp_buf));
salt->salt_buf[0] = hex_to_u32 (salt_pos + 0);
salt->salt_buf[1] = hex_to_u32 (salt_pos + 8);
salt->salt_buf[2] = hex_to_u32 (salt_pos + 16);
salt->salt_buf[3] = hex_to_u32 (salt_pos + 24);
tmp_len = base64_decode (base64_to_int, salt_pos, salt_len, tmp_buf);
salt->salt_len = 16;
if (tmp_len > SALT_MAX) return (PARSER_SALT_LENGTH);
// IV buffer
memcpy (pbkdf2_sha512->salt_buf, tmp_buf, tmp_len);
const u8 *iv_pos = token.buf[4];
salt->salt_len = tmp_len;
sqlcipher->iv_buf[0] = hex_to_u32 (iv_pos + 0);
sqlcipher->iv_buf[1] = hex_to_u32 (iv_pos + 8);
sqlcipher->iv_buf[2] = hex_to_u32 (iv_pos + 16);
sqlcipher->iv_buf[3] = hex_to_u32 (iv_pos + 24);
salt->salt_buf[0] = pbkdf2_sha512->salt_buf[0];
salt->salt_buf[1] = pbkdf2_sha512->salt_buf[1];
salt->salt_buf[2] = pbkdf2_sha512->salt_buf[2];
salt->salt_buf[3] = pbkdf2_sha512->salt_buf[3];
salt->salt_buf[4] = salt->salt_iter;
// data buffer
// ciphertext
const u8 *data_pos = token.buf[5];
const u8 *ciphertext_pos = token.buf[3];
const int ciphertext_len = token.len[3];
memset (tmp_buf2, 0, sizeof (tmp_buf2));
sqlcipher->data_buf[0] = hex_to_u32 (data_pos + 0);
sqlcipher->data_buf[1] = hex_to_u32 (data_pos + 8);
sqlcipher->data_buf[2] = hex_to_u32 (data_pos + 16);
sqlcipher->data_buf[3] = hex_to_u32 (data_pos + 24);
tmp_len2 = base64_decode (base64_to_int, ciphertext_pos, ciphertext_len, tmp_buf2);
// hash
memcpy (pbkdf2_sha512->ciphertext, tmp_buf2, tmp_len2);
digest[0] = sqlcipher->data_buf[0];
digest[1] = sqlcipher->data_buf[1];
digest[2] = sqlcipher->data_buf[2];
digest[3] = sqlcipher->data_buf[3];
return (PARSER_OK);
}
int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size)
{
return snprintf (line_buf, line_size, "%s", hash_info->orighash);
sqlcipher_t *sqlcipher = (sqlcipher_t *) esalt_buf;
u8 *out_buf = (u8 *) line_buf;
const int out_len = snprintf ((char *) out_buf, line_size, "%s*%d*%d*%08x%08x%08x%08x*%08x%08x%08x%08x*%08x%08x%08x%08x",
SIGNATURE_SQLCIPHER,
sqlcipher->type,
salt->salt_iter + 1,
byte_swap_32 (salt->salt_buf[0]),
byte_swap_32 (salt->salt_buf[1]),
byte_swap_32 (salt->salt_buf[2]),
byte_swap_32 (salt->salt_buf[3]),
byte_swap_32 (sqlcipher->iv_buf[0]),
byte_swap_32 (sqlcipher->iv_buf[1]),
byte_swap_32 (sqlcipher->iv_buf[2]),
byte_swap_32 (sqlcipher->iv_buf[3]),
byte_swap_32 (sqlcipher->data_buf[0]),
byte_swap_32 (sqlcipher->data_buf[1]),
byte_swap_32 (sqlcipher->data_buf[2]),
byte_swap_32 (sqlcipher->data_buf[3]));
return out_len;
}
void module_init (module_ctx_t *module_ctx)
@@ -244,7 +332,7 @@ void module_init (module_ctx_t *module_ctx)
module_ctx->module_kernel_threads_max = MODULE_DEFAULT;
module_ctx->module_kernel_threads_min = MODULE_DEFAULT;
module_ctx->module_kern_type = module_kern_type;
module_ctx->module_kern_type_dynamic = MODULE_DEFAULT;
module_ctx->module_kern_type_dynamic = module_kern_type_dynamic;
module_ctx->module_opti_type = module_opti_type;
module_ctx->module_opts_type = module_opts_type;
module_ctx->module_outfile_check_disable = MODULE_DEFAULT;
@@ -262,6 +350,6 @@ void module_init (module_ctx_t *module_ctx)
module_ctx->module_st_hash = module_st_hash;
module_ctx->module_st_pass = module_st_pass;
module_ctx->module_tmp_size = module_tmp_size;
module_ctx->module_unstable_warning = module_unstable_warning;
module_ctx->module_unstable_warning = MODULE_DEFAULT;
module_ctx->module_warmup_disable = MODULE_DEFAULT;
}