Merge branch 'master' into hash-mode-26000

This commit is contained in:
Jens Steube
2021-06-09 13:20:35 +02:00
committed by GitHub
999 changed files with 110307 additions and 15248 deletions

View File

@@ -1,56 +1,209 @@
* changes v6.1.1 -> v6.x.x
* changes v6.2.1 -> v6.x.x
##
## Algorithms
##
- Added hash-mode: Bitwarden
- Added hash-mode: BestCrypt v3 Volume Encryption
- Added hash-mode: Apple iWork
- Added hash-mode: AxCrypt 2 AES-128
- Added hash-mode: AxCrypt 2 AES-256
- Added hash-mode: PKCS#8 Private Keys
- Added hash-mode: RAR3-p (Compressed)
- Added hash-mode: RAR3-p (Uncompressed)
- Added hash-mode: RSA/DSA/EC/OPENSSH Private Keys
- Added hash-mode: sha1(sha1($pass).$salt)
- Added hash-mode: OpenEdge Progress Encode
- Added hash-mode: bcrypt(md5($pass)) / bcryptmd5
- Added hash-mode: bcrypt(sha1($pass)) / bcryptsha1
- Added hash-mode: FortiGate256 (FortiOS256)
- Added hash-mode: Linux Kernel Crypto API (2.4)
- Added hash-mode: MurmurHash
- Added hash-mode: md5(utf16le($pass))
- Added hash-mode: sha1(utf16le($pass))
- Added hash-mode: sha256(utf16le($pass))
- Added hash-mode: sha384(utf16le($pass))
- Added hash-mode: sha512(utf16le($pass))
- Added hash-mode: md5(md5(md5($pass)))
- Added hash-mode: sha1(sha1($salt.$pass.$salt))
- Added hash-mode: sha256($salt.sha256($pass))
- Added hash-mode: sha384($pass.$salt)
- Added hash-mode: sha384($salt.$pass)
- Added hash-mode: sha384($salt.utf16le($pass))
- Added hash-mode: sha384(utf16le($pass).$salt)
##
## Features
##
- Autodetect hash-type: performs an automatic analysis of the input hash(es), associating compatible algorithms, or executing the attack if only one compatible format is found.
##
## Bugs
##
- Fixed too early execution of some module functions which could make use of non-final values opts_type and opti_type
- Fixed internal access on module option attribute OPTS_TYPE_SUGGEST_KG with the result that it was unused
- Fixed race condition resulting in out of memory error on startup if multiple hashcat instances are started at the same time
- Fixed unexpected non-unique salts in multi-hash cracking in Bitcoin/Litecoin wallet.dat module which lead to false negatives
- Fixed rare case of misalignment of the status prompt when other user warnings are shown within the hashcat output
- Fixed password reassembling for cracked hashes on host for slow hashes in optimized mode that are longer than 32 characters
- Fixed error message in -a 9 mode with rules in case number of words from wordlist are not in sync with number of unique salts
- Fixed error handling logic in monitor thread to not return in case of error (disc full, permission error, ...) but to retry instead
- Fixed false negatives with TrueCrypt/VeraCrypt in case zip or gzip compressed files were used as keyfiles
- Fixed free memory size output for skipped GPU (both automatic and manual) of --backend-info information screen
##
## Improvements
##
- AES Crypt Plugin: Reduced max password length from 256 to 128 which improved performance by 22%
- CUDA Backend: Do not warn about missing CUDA SDK installation if --stdout is used
- Folder Management: Add support for XDG Base Directory specification if hashcat was installed using make install
- Hardware Monitor: Add support for GPU device utilization readings from sysfs (AMD on Linux)
- OpenCL Backend: Use CL_DEVICE_BOARD_NAME_AMD instead of CL_DEVICE_NAME for device name in case OpenCL runtime supports this query
- Performance Monitor: Add -S as a user suggestion to improve cracking performance in specific attack configurations
- RAR3-p (Compressed): Fix workaround in unrar library in AES constant table generation to enable multi-threading support
- RC4 Kernels: Improved performance by 20%+ for hash-modes Kerberos 5 (etype 23), MS Office (<= 2003) and PDF (<= 1.6) by using new RC4 code
- Status Screen: Show currently running kernel type (pure, optimized) and generator type (host, device)
- UTF8-to-UTF16: Replaced naive UTF8 to UTF16 conversion with true conversion for RAR3, AES Crypt, MultiBit HD (scrypt) and Umbraco HMAC-SHA1
##
## Technical
##
- Dependencies: Updated LZMA SDK from 19.00 to 21.02 alpha
- Dependencies: Updated xxHash from 0.1.0 to v0.8.0 - Stable XXH3
- Documentation: Update missing documentation in plugin developer guide for OPTS_TYPE_MP_MULTI_DISABLE and OPTS_TYPE_NATIVE_THREADS
- Kernels: Add RC4 cipher to crypto library with optimized shared memory access pattern which will not cause any bank conflicts if -u <= 32
- Kernels: Add standalone true UTF8 to UTF16 converter kernel that runs after amplifier. Use OPTS_TYPE_POST_AMP_UTF16LE from plugin
- Modules: Recategorized HASH_CATEGORY option in various modules
- Modules: Added hash categories HASH_CATEGORY_IMS and HASH_CATEGORY_CRYPTOCURRENCY_WALLET
- Modules: Changed hash category of Python passlib from HASH_CATEGORY_GENERIC_KDF to HASH_CATEGORY_FRAMEWORK
* changes v6.2.0 -> v6.2.1
##
## Technical
##
- Dependencies: Updated unrar source from 5.9.4 to 6.0.5
- Dependencies: Make unrar dependencies optional and disable hash-mode 23800 if dependency is disabled
* changes v6.1.1 -> v6.2.0
##
## Algorithms
##
- Added hash-mode: Apple iWork
- Added hash-mode: AxCrypt 2 AES-128
- Added hash-mode: AxCrypt 2 AES-256
- Added hash-mode: BestCrypt v3 Volume Encryption
- Added hash-mode: Bitwarden
- Added hash-mode: Dahua Authentication MD5
- Added hash-mode: KNX IP Secure - Device Authentication Code
- Added hash-mode: MongoDB ServerKey SCRAM-SHA-1
- Added hash-mode: MongoDB ServerKey SCRAM-SHA-256
- Added hash-mode: Mozilla key3.db
- Added hash-mode: Mozilla key4.db
- Added hash-mode: MS Office 2016 - SheetProtection
- Added hash-mode: PDF 1.4 - 1.6 (Acrobat 5 - 8) - edit password
- Added hash-mode: PKCS#8 Private Keys
- Added hash-mode: RAR3-p (Compressed)
- Added hash-mode: RAR3-p (Uncompressed)
- Added hash-mode: RSA/DSA/EC/OPENSSH Private Keys
- Added hash-mode: SolarWinds Orion v2
- Added hash-mode: SolarWinds Serv-U
- Added hash-mode: SQLCipher
- Added hash-mode: Stargazer Stellar Wallet XLM
- Added hash-mode: Stuffit5
- Added hash-mode: Telegram Desktop >= v2.1.14 (PBKDF2-HMAC-SHA512)
- Added hash-mode: Umbraco HMAC-SHA1
- Added hash-mode: sha1($salt.sha1($pass.$salt))
- Added hash-mode: sha1(sha1($pass).$salt)
- Added hash-mode: OpenEdge Progress Encode
##
## Features
##
- Added new attack-mode: Association Attack (aka "Context Attack") to attack hashes from a hashlist with associated "hints"
- Added support for true UTF-8 to UTF-16 conversion in kernel crypto library
- Added option --hash-info to show generic information for each hash-mode
- Added command prompt [f]inish to tell hashcat to quit after finishing the current attack
##
## Bugs
##
- Fixed access to filename which is a null-pointer in benchmark mode
- Fixed both false negative and false positive results in -m 3000 in -a 3 (affecting only NVIDIA GPU)
- Fixed buffer overflow in -m 1800 in -O mode which is optimized to handle only password candidates up to length 15
- Fixed buffer overflow in -m 4710 in -P mode and only in single hash mode if salt length is larger than 32 bytes
- Fixed hardware management sysfs readings in status screen (typically ROCm controlled GPUs)
- Fixed include guards in several header files
- Fixed incorrect maximum password length support for -m 400 in optimized mode (reduced from 55 to 39)
- Fixed internal access on module option attribute OPTS_TYPE_SUGGEST_KG with the result that it was unused
- Fixed invalid handling of outfile folder entries for -m 22000
- Fixed memory leak causing problems in sessions with many iterations - for instance, --benchmark-all or large mask files
- Fixed memory leaks in several cases of errors with access to temporary files
- Fixed NVML initialization in WSL2 environments
- Fixed out-of-boundary reads in cases where user activates -S for fast but pure hashes in -a 1 or -a 3 mode
- Fixed out-of-boundary reads in kernels using module_extra_buffer_size() if -n is set to 1
- Fixed password reassembling for cracked hashes on host for slow hashes in optimized mode that are longer than 32 characters
- Fixed race condition in potfile check during removal of empty hashes
- Fixed race condition resulting in out of memory error on startup if multiple hashcat instances are started at the same time
- Fixed rare case of misalignment of the status prompt when other user warnings are shown in the hashcat output
- Fixed search of tuning database - if a device was not assigned an alias, it couldn't be found in general
- Fixed test on gzip header in wordlists and hashlists
- Fixed too-early execution of some module functions that use non-final values opts_type and opti_type
- Fixed unexpected non-unique salts in multi-hash cracking in Bitcoin/Litecoin wallet.dat module which led to false negatives
- Fixed unit test for -m 3000 by preventing it to generate zero hashes
- Fixed unit tests using 'null' as padding method in Crypt::CBC but actually want to use 'none'
- Fixed unterminated salt buffer in -m 23400 module_hash_encode() in case salt was of length 256
- Fixed vector datatype support in -m 21100 only -P mode and only -a 3 mode were affected
##
## Improvements
##
- Apple Keychain: Notify the user about the risk of collisions / false positives
- CUDA Backend: Give detailed warning if either the NVIDIA CUDA or the NVIDIA RTC library cannot be initialized
- CUDA Backend: Do not warn about missing CUDA SDK installation if --backend-ignore-cuda is used
- CUDA Backend: Give detailed warning if either the NVIDIA CUDA or the NVIDIA RTC library cannot be initialized
- CUDA Backend: Use blocking events to avoid 100% CPU core usage (per GPU)
- OpenCL Runtime: Workaround JiT compiler deadlock on NVIDIA driver >= 465.89
- OpenCL Runtime: Workaround JiT compiler segfault on legacy AMDGPU driver compiling RAR3 OpenCL kernel
- RAR3 Kernels: Improved loop code, improving performance by 23%
- Startup time: Improved the startup time by avoiding some time intensive operations for skipped devices
- Scrypt Kernels: Added a number of GPU specific optimizations per hash modes to hashcat.hctune
- Scrypt Kernels: Added detailed documentation on device specific tunings in hashcat.hctune
- Scrypt Kernels: Optimized Salsa code portion by reducing register copies and removed unnecessary byte swaps
- Scrypt Kernels: Reduced kernel wait times by making it a true split kernel where iteration count = N value
- Scrypt Kernels: Refactored workload configuration strategy based on available resources
- Startup time: Improved startup time by avoiding some time-intensive operations for skipped devices
##
## Technical
##
- Bcrypt: Make BCRYPT entry for CPU in hashcat.hctune after switch to OPTS_TYPE_MP_MULTI_DISABLE (basically set -n to 1)
- Benchmark: Update benchmark_deep.pl with new hash modes added (also new hash modes which were added with v6.1.0)
- Building: Declare phony targets in Makefile to avoid conflicts of a target name with a file of the same name
- Building: Fixed build warnings on macOS for unrar sources
- Building: Fixed test for DARWIN_VERSION in Makefile
- Commandline Options: Removed option --example-hashes, now an alias of --hash-info
- Compute API: Skipping devices instead of stop if error occured in initialization
- Documentation: Added 3rd party licenses to docs/license_libs
- Module Structure: Add 3rd party library hook management functions. This also requires an update to all existing module_init()
- Hash-Mode 8900 (Scrypt): Changed default benchmark scrypt parameters from 1k:1:1 to 16k:8:1 (default)
- Hash-Mode 11600 (7-Zip): Improved memory handling (alloc and free) for the hook function
- Hash-Mode 13200 (AxCrypt): Changed the name to AxCrypt 1 to avoid confusion
- Hash-Mode 13300 (AxCrypt in-memory SHA1): Changed the name to AxCrypt 1 in-memory SHA1
- OpenCL Runtime: Switched default OpenCL device type on macOS from GPU to CPU. Use -D 2 to enable GPU devices.
- Hash-Mode 16300 (Ethereum Pre-Sale Wallet, PBKDF2-HMAC-SHA256): Use correct buffer size allocation for AES key
- Hash-Mode 20710 (sha256(sha256($pass).$salt)): Removed unused code and fixed module_constraints
- Hash-Mode 22000 (WPA-PBKDF2-PMKID+EAPOL): Support loading a hash from command line
- Hash-Mode 23300 (Apple iWork): Use correct buffer size allocation for AES key
- Hash Parser: Output support for machine-readable hash lines in --show and --left and in error messages
- Kernel Development: Kernel cache is disabled automatically when hashcat is compiled with DEBUG=1
- Kernel Functions: Added generic AES-GCM interface see OpenCL/inc_cipher_aes-gcm.h
- Kernel Functions: Refactored OpenCL/inc_ecc_secp256k1.cl many functions, add constants and documentation
- Kernel Functions: Refactored OpenCL/inc_ecc_secp256k1.cl to improve usage in external programs
- Kernel Functions: Wrap atomic functions with hc_ prefix. Custom kernels need to rename "atomic_inc()" to "hc_atomic_inc()"
- Kernel Parameters: Added new parameter 'salt_repeat' to improve large buffer management
- Module Parameters: Add OPTS_TYPE_MP_MULTI_DISABLE for use by plugin developers to prevent multiply -n with the MCU count
- Module Parameters: Add OPTS_TYPE_NATIVE_THREADS for use by plugin developers to enforce native thread count
- Module Structure: Add 3rd party library hook management functions. This also requires an update to all existing module_init()
- OpenCL Runtime: Add support for clUnloadPlatformCompiler() to release some resources after JiT compilation
- OpenCL Runtime: Switched default OpenCL device type on macOS from GPU to CPU. Use -D 2 to enable GPU devices
- OpenCL Runtime: Update module_unstable_warnings() for all hash modes based on most recent versions of many OpenCL runtimes
- Unit tests: Added 'potthrough' (like passthrough, but hash:plain) to tools/test.pl
- Unit tests: Added Python 3 support for all of the Python code in our test framework
- Unit tests: Fixed the packaging of test (-p) feature
- Unit tests: Updated test.sh to show kernel type (pure or optimized) in output
- Unit tests: Use python3/pip3 instead of just python/pip in tools/install_modules.sh
* changes v6.1.0 -> v6.1.1

View File

@@ -485,6 +485,9 @@ This configuration item is a bitmask field and is very similar to the module_opt
* OPTS_TYPE_POTFILE_NOPASS: This option simply prevents the hashcat host binary from adding a cracked hash to the potfile. For instance, if a specific hashing algorithm is implemented with several hash formats and therefore your plugins hash format shares the same format with a different plugin hash format (think of it like a format clash where the potfile parser could not really decide if it is the correct hash format to accept). A good example is the WPA PMK, which cannot be used to login to a specific WPA network directly. There could be other reasons for not printing the cracked hashes to the potfile.
* OPTS_TYPE_DYNAMIC_SHARED: This is a very special option which tells the hashcat host binary to query the real available shared memory on a device for a particular kernel. In addition it will also register the queried amount of shared memory from the host. On NVIDIA, this allows us to use the full available shared memory (regions in the post 48k range), though we still need to prepare the kernel in order to make use of the dynamic allocated shared memory. A good example is the bcrypt kernel `OpenCL/m03200-pure.cl`.
* OPTS_TYPE_SELF_TEST_DISABLE: This option can be used if you want to disable the self-test functionality for your hash-mode. Valid reasons to disable this feature are: Your OpenCL kernel is using compile time optimizations such as fixed salts (like in DESCrypt), the hash primitive to be used has to be derived first from the target hash (like in JWT) or the hash-mode is so slow that it hurts startup time of hashcat (like in Ethereum Wallet SCRYPT). For the first two cases the problem is that hashcat would create a cached optimized OpenCL kernel with a configuration which is valid only for the self-test hash, but very likely the wrong ones for the real target hash. The real target hash would never crack.
* OPTS_TYPE_MP_MULTI_DISABLE: Do not multiply the kernel-accel with the multiprocessor count per device to allow more fine-tuned workload settings.
* OPTS_TYPE_NATIVE_THREADS: Forces "native" thread count: CPU=1, GPU-Intel=8, GPU-AMD=64 (wavefront), GPU-NV=32 (warps). Does not override user-defined -u value.
* OPTS_TYPE_POST_AMP_UTF16LE: Run the true UTF8 to UTF16LE conversion kernel after they have been processed from amplifiers. Works only for slow-hash kernels.
### module_salt_type() ###

View File

@@ -1,6 +1,6 @@
The MIT License (MIT)
Copyright (c) 2015-2020 Jens Steube
Copyright (c) 2015-2021 Jens Steube
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal

View File

@@ -1,4 +1,4 @@
Copyright (c) 1999-2018 Igor Pavlov
Copyright (c) 1999-2021 Igor Pavlov
LZMA SDK is written and placed in the public domain by Igor Pavlov.

View File

@@ -7,7 +7,7 @@
|_____| /___________/ |_____| /_____/ /_______|
: : :
hashcat v6.0.0
hashcat v6.2.1
==============
AMD GPUs on Linux require "RadeonOpenCompute (ROCm)" Software Platform (3.1 or later)
@@ -62,14 +62,17 @@ NVIDIA GPUs require "NVIDIA Driver" (440.64 or later) and "CUDA Toolkit" (9.0 or
- GOST R 34.11-2012 (Streebog) 512-bit, big-endian
- GOST R 34.11-94
- Half MD5
- Java Object hashCode()
- Keccak-224
- Keccak-256
- Keccak-384
- Keccak-512
- Whirlpool
- SipHash
- BitShares v0.x - sha512(sha512_bin(pass))
- md5(utf16le($pass))
- sha1(utf16le($pass))
- sha256(utf16le($pass))
- sha384(utf16le($pass))
- sha512(utf16le($pass))
- md5($pass.$salt)
- md5($salt.$pass)
- md5($salt.$pass.$salt)
@@ -80,6 +83,7 @@ NVIDIA GPUs require "NVIDIA Driver" (440.64 or later) and "CUDA Toolkit" (9.0 or
- md5($salt.utf16le($pass))
- md5(md5($pass))
- md5(md5($pass).md5($salt))
- md5(md5(md5($pass)))
- md5(sha1($pass))
- md5(sha1($pass).md5($pass).sha1($pass))
- md5(sha1($salt).md5($pass))
@@ -89,6 +93,7 @@ NVIDIA GPUs require "NVIDIA Driver" (440.64 or later) and "CUDA Toolkit" (9.0 or
- sha1($salt.$pass)
- sha1($salt.$pass.$salt)
- sha1($salt.sha1($pass))
- sha1($salt.sha1($pass.$salt))
- sha1($salt.utf16le($pass))
- sha1($salt1.$pass.$salt2)
- sha1(CX)
@@ -98,20 +103,25 @@ NVIDIA GPUs require "NVIDIA Driver" (440.64 or later) and "CUDA Toolkit" (9.0 or
- sha1(md5(md5($pass)))
- sha1(sha1($pass))
- sha1(sha1($pass).$salt)
- sha1(sha1($salt.$pass.$salt))
- sha1(utf16le($pass).$salt)
- sha256($pass.$salt)
- sha256($salt.$pass)
- sha256($salt.$pass.$salt)
- sha256($salt.sha256($pass))
- sha256($salt.utf16le($pass))
- sha256(md5($pass))
- sha256(sha256($pass).$salt)
- sha256(sha256_bin($pass))
- sha256(utf16le($pass).$salt)
- sha384($pass.$salt)
- sha384($salt.$pass)
- sha384($salt.utf16le($pass))
- sha384(utf16le($pass).$salt)
- sha512($pass.$salt)
- sha512($salt.$pass)
- sha512($salt.utf16le($pass))
- sha512(utf16le($pass).$salt)
- Ruby on Rails Restful-Authentication
- HMAC-MD5 (key = $pass)
- HMAC-MD5 (key = $salt)
- HMAC-SHA1 (key = $pass)
@@ -125,9 +135,12 @@ NVIDIA GPUs require "NVIDIA Driver" (440.64 or later) and "CUDA Toolkit" (9.0 or
- HMAC-Streebog-512 (key = $pass), big-endian
- HMAC-Streebog-512 (key = $salt), big-endian
- CRC32
- Java Object hashCode()
- MurmurHash
- 3DES (PT = $salt, key = $pass)
- DES (PT = $salt, key = $pass)
- ChaCha20
- Linux Kernel Crypto API (2.4)
- Skip32 (PT = $salt, key = $pass)
- PBKDF2-HMAC-MD5
- PBKDF2-HMAC-SHA1
@@ -135,36 +148,29 @@ NVIDIA GPUs require "NVIDIA Driver" (440.64 or later) and "CUDA Toolkit" (9.0 or
- PBKDF2-HMAC-SHA512
- scrypt
- phpass
- Ansible Vault
- Atlassian (PBKDF2-HMAC-SHA1)
- Python passlib pbkdf2-sha512
- Python passlib pbkdf2-sha256
- Python passlib pbkdf2-sha1
- TACACS+
- SIP digest authentication (MD5)
- IKE-PSK MD5
- IKE-PSK SHA1
- WPA-EAPOL-PBKDF2
- WPA-EAPOL-PMK
- WPA-PBKDF2-PMKID+EAPOL
- WPA-PMK-PMKID+EAPOL
- WPA-PMKID-PBKDF2
- WPA-PMKID-PMK
- IPMI2 RAKP HMAC-SHA1
- CRAM-MD5
- iSCSI CHAP authentication, MD5(CHAP)
- JWT (JSON Web Token)
- Kerberos 5, etype 17, TGS-REP
- Kerberos 5, etype 17, Pre-Auth
- Kerberos 5, etype 18, TGS-REP
- Kerberos 5, etype 18, Pre-Auth
- Kerberos 5, etype 23, AS-REQ Pre-Auth
- Kerberos 5, etype 23, TGS-REP
- Kerberos 5, etype 23, AS-REP
- Kerberos 5, etype 17, TGS-REP
- Kerberos 5, etype 18, TGS-REP
- Kerberos 5, etype 17, Pre-Auth
- Kerberos 5, etype 18, Pre-Auth
- NetNTLMv1 / NetNTLMv1+ESS
- NetNTLMv2
- Skype
- Telegram Desktop App Passcode (PBKDF2-HMAC-SHA1)
- Telegram Mobile App Passcode (SHA256)
- PostgreSQL CRAM (MD5)
- MySQL CRAM (SHA1)
- XMPP SCRAM
- iSCSI CHAP authentication, MD5(CHAP)
- RACF
- AIX {smd5}
- AIX {ssha1}
@@ -180,16 +186,8 @@ NVIDIA GPUs require "NVIDIA Driver" (440.64 or later) and "CUDA Toolkit" (9.0 or
- MS-AzureSync PBKDF2-HMAC-SHA256
- BSDi Crypt, Extended DES
- NTLM
- macOS v10.4, macOS v10.5, MacOS v10.6
- macOS v10.7
- macOS v10.8+ (PBKDF2-SHA512)
- Radmin2
- Samsung Android Password/PIN
- bcrypt $2*$, Blowfish (Unix)
- md5crypt, MD5 (Unix), Cisco-IOS $1$ (MD5)
- descrypt, DES (Unix), Traditional DES
- sha256crypt $5$, SHA256 (Unix)
- sha512crypt $6$, SHA512 (Unix)
- Windows Phone 8+ PIN/password
- Cisco-ASA MD5
- Cisco-IOS $8$ (PBKDF2-SHA256)
@@ -201,32 +199,48 @@ NVIDIA GPUs require "NVIDIA Driver" (440.64 or later) and "CUDA Toolkit" (9.0 or
- Domain Cached Credentials (DCC), MS Cache
- Domain Cached Credentials 2 (DCC2), MS Cache 2
- FortiGate (FortiOS)
- FortiGate256 (FortiOS256)
- ArubaOS
- Juniper IVE
- Juniper NetScreen/SSG (ScreenOS)
- Juniper/NetBSD sha1crypt
- macOS v10.4, macOS v10.5, MacOS v10.6
- macOS v10.7
- macOS v10.8+ (PBKDF2-SHA512)
- bcrypt $2*$, Blowfish (Unix)
- md5crypt, MD5 (Unix), Cisco-IOS $1$ (MD5)
- descrypt, DES (Unix), Traditional DES
- sha256crypt $5$, SHA256 (Unix)
- sha512crypt $6$, SHA512 (Unix)
- SQLCipher
- MSSQL (2000)
- MSSQL (2005)
- MSSQL (2012, 2014)
- MongoDB ServerKey SCRAM-SHA-1
- MongoDB ServerKey SCRAM-SHA-256
- PostgreSQL
- PostgreSQL CRAM (MD5)
- Oracle H: Type (Oracle 7+)
- Oracle S: Type (Oracle 11+)
- Oracle T: Type (Oracle 12+)
- MySQL $A$ (sha256crypt)
- MySQL CRAM (SHA1)
- MySQL323
- MySQL4.1/MySQL5
- MySQL $A$ (sha256crypt)
- Sybase ASE
- hMailServer
- DNSSEC (NSEC3)
- KNX IP Secure - Device Authentication Code
- CRAM-MD5 Dovecot
- SSHA-256(Base64), LDAP {SSHA256}
- SSHA-512(Base64), LDAP {SSHA512}
- Dahua Authentication MD5
- RedHat 389-DS LDAP (PBKDF2-HMAC-SHA256)
- FileZilla Server >= 0.9.55
- ColdFusion 10+
- Apache $apr1$ MD5, md5apr1, MD5 (APR)
- Episerver 6.x < .NET 4
- Episerver 6.x >= .NET 4
- hMailServer
- nsldap, SHA-1(Base64), Netscape LDAP SHA
- nsldaps, SSHA-1(Base64), Netscape LDAP SSHA
- SAP CODVN B (BCODE)
@@ -237,6 +251,8 @@ NVIDIA GPUs require "NVIDIA Driver" (440.64 or later) and "CUDA Toolkit" (9.0 or
- PeopleSoft
- PeopleSoft PS_TOKEN
- SolarWinds Orion
- SolarWinds Orion v2
- SolarWinds Serv-U
- Lotus Notes/Domino 5
- Lotus Notes/Domino 6
- Lotus Notes/Domino 8
@@ -244,63 +260,56 @@ NVIDIA GPUs require "NVIDIA Driver" (440.64 or later) and "CUDA Toolkit" (9.0 or
- Huawei sha1(md5($pass).$salt)
- AuthMe sha256
- AES Crypt (SHA256)
- BitLocker
- eCryptfs
- LUKS
- VeraCrypt
- BestCrypt v3 Volume Encryption
- FileVault 2
- DiskCryptor
- BitLocker
- Android FDE (Samsung DEK)
- Android FDE <= 4.3
- Apple File System (APFS)
- BestCrypt v3 Volume Encryption
- TrueCrypt
- eCryptfs
- PDF 1.1 - 1.3 (Acrobat 2 - 4)
- PDF 1.1 - 1.3 (Acrobat 2 - 4), collider #1
- PDF 1.1 - 1.3 (Acrobat 2 - 4), collider #2
- PDF 1.4 - 1.6 (Acrobat 5 - 8)
- PDF 1.4 - 1.6 (Acrobat 5 - 8) - edit password
- PDF 1.7 Level 3 (Acrobat 9)
- PDF 1.7 Level 8 (Acrobat 10 - 11)
- Apple iWork
- MS Office 2007
- MS Office 2010
- MS Office 2013
- MS Office 2016 - SheetProtection
- MS Office <= 2003 $0/$1, MD5 + RC4
- MS Office <= 2003 $0/$1, MD5 + RC4, collider #1
- MS Office <= 2003 $0/$1, MD5 + RC4, collider #2
- MS Office <= 2003 $3/$4, SHA1 + RC4
- MS Office <= 2003 $3, SHA1 + RC4, collider #1
- MS Office <= 2003 $3, SHA1 + RC4, collider #2
- MS Office <= 2003 $3/$4, SHA1 + RC4
- Open Document Format (ODF) 1.2 (SHA-256, AES)
- Open Document Format (ODF) 1.1 (SHA-1, Blowfish)
- Apple Keychain
- Apple Secure Notes
- JKS Java Key Store Private Keys (SHA1)
- PKCS#8 Private Keys
- RSA/DSA/EC/OpenSSH Private Keys
- Apple iWork
- 1Password, agilekeychain
- 1Password, cloudkeychain
- Bitwarden
- Password Safe v2
- Password Safe v3
- LastPass + LastPass sniffed
- KeePass 1 (AES/Twofish) and KeePass 2 (AES)
- Bitcoin/Litecoin wallet.dat
- Electrum Wallet (Salt-Type 1-5)
- Blockchain, My Wallet
- Blockchain, My Wallet, V2
- Blockchain, My Wallet, Second Password (SHA256)
- Ethereum Pre-Sale Wallet, PBKDF2-HMAC-SHA256
- Ethereum Wallet, PBKDF2-HMAC-SHA256
- Ethereum Wallet, SCRYPT
- MultiBit Classic .key (MD5)
- MultiBit HD (scrypt)
- Bitwarden
- Ansible Vault
- Mozilla key3.db
- Mozilla key4.db
- Apple Keychain
- 7-Zip
- RAR3-hp
- RAR3-p
- RAR3-p (Compressed)
- RAR3-p (Uncompressed)
- RAR5
- PKZIP (Compressed)
- PKZIP (Compressed Multi-File)
- PKZIP (Compressed)
- PKZIP (Mixed Multi-File)
- PKZIP (Mixed Multi-File Checksum-Only)
- PKZIP (Uncompressed)
@@ -309,34 +318,72 @@ NVIDIA GPUs require "NVIDIA Driver" (440.64 or later) and "CUDA Toolkit" (9.0 or
- SecureZIP AES-128
- SecureZIP AES-192
- SecureZIP AES-256
- iTunes backup < 10.0
- iTunes backup >= 10.0
- WinZip
- Android Backup
- Stuffit5
- AxCrypt 1
- AxCrypt 1 in-memory SHA1
- AxCrypt 2 AES-128
- AxCrypt 2 AES-256
- iTunes backup < 10.0
- iTunes backup >= 10.0
- WBB3 (Woltlab Burning Board)
- vBulletin < v3.8.5
- vBulletin >= v3.8.5
- PHPS
- SMF (Simple Machines Forum) > v1.1
- MediaWiki B type
- Redmine
- Umbraco HMAC-SHA1
- Joomla < 2.5.18
- OpenCart
- PrestaShop
- Tripcode
- Drupal7
- osCommerce, xt:Commerce
- PunBB
- MyBB 1.2+, IPB2+ (Invision Power Board)
- vBulletin < v3.8.5
- vBulletin >= v3.8.5
- bcrypt(md5($pass)) / bcryptmd5
- bcrypt(sha1($pass)) / bcryptsha1
- osCommerce, xt:Commerce
- TOTP (HMAC-SHA1)
- STDOUT
- Plaintext
- Web2py pbkdf2-sha512
- Django (PBKDF2-SHA256)
- Django (SHA-1)
- Web2py pbkdf2-sha512
- TOTP (HMAC-SHA1)
- OpenEdge Progress Encode
- Atlassian (PBKDF2-HMAC-SHA1)
- Ruby on Rails Restful-Authentication
- Python passlib pbkdf2-sha512
- Python passlib pbkdf2-sha256
- Python passlib pbkdf2-sha1
- PKCS#8 Private Keys (PBKDF2-HMAC-SHA1 + 3DES/AES)
- PKCS#8 Private Keys (PBKDF2-HMAC-SHA256 + 3DES/AES)
- JKS Java Key Store Private Keys (SHA1)
- RSA/DSA/EC/OpenSSH Private Keys ($0$)
- RSA/DSA/EC/OpenSSH Private Keys ($6$)
- RSA/DSA/EC/OpenSSH Private Keys ($1, $3$)
- RSA/DSA/EC/OpenSSH Private Keys ($4$)
- RSA/DSA/EC/OpenSSH Private Keys ($5$)
- XMPP SCRAM PBKDF2-SHA1
- Telegram Desktop < v2.1.14 (PBKDF2-HMAC-SHA1)
- Telegram Desktop >= v2.1.14 (PBKDF2-HMAC-SHA512)
- Telegram Mobile App Passcode (SHA256)
- Skype
- BitShares v0.x - sha512(sha512_bin(pass))
- Bitcoin/Litecoin wallet.dat
- Electrum Wallet (Salt-Type 1-3)
- Electrum Wallet (Salt-Type 4)
- Electrum Wallet (Salt-Type 5)
- Blockchain, My Wallet
- Blockchain, My Wallet, V2
- Blockchain, My Wallet, Second Password (SHA256)
- Stargazer Stellar Wallet XLM
- Ethereum Pre-Sale Wallet, PBKDF2-HMAC-SHA256
- Ethereum Wallet, PBKDF2-HMAC-SHA256
- Ethereum Wallet, SCRYPT
- MultiBit Classic .key (MD5)
- MultiBit HD (scrypt)
##
## Attack-Modes