From c16a3feabc3d4011ecb151e6c9034ce82b49fb27 Mon Sep 17 00:00:00 2001 From: jsteube Date: Mon, 11 Feb 2019 13:11:51 +0100 Subject: [PATCH] Add -m 16500 module --- OpenCL/inc_types.cl | 2 + include/interface_migrate.h | 10 - src/interface_migrate.c | 282 --------------------------- src/modules/module_16500.c | 379 ++++++++++++++++++++++++++++++++++++ 4 files changed, 381 insertions(+), 292 deletions(-) create mode 100644 src/modules/module_16500.c diff --git a/OpenCL/inc_types.cl b/OpenCL/inc_types.cl index 960cd4d79..0ef79b8a7 100644 --- a/OpenCL/inc_types.cl +++ b/OpenCL/inc_types.cl @@ -1574,6 +1574,8 @@ typedef struct jwt u32 salt_buf[1024]; u32 salt_len; + u32 signature_len; + } jwt_t; typedef struct electrum_wallet diff --git a/include/interface_migrate.h b/include/interface_migrate.h index 79d69e511..cdfc4e3ca 100644 --- a/include/interface_migrate.h +++ b/include/interface_migrate.h @@ -9,13 +9,6 @@ typedef struct pbkdf2_sha256 } pbkdf2_sha256_t; -typedef struct jwt -{ - u32 salt_buf[1024]; - u32 salt_len; - -} jwt_t; - typedef struct electrum_wallet { u32 salt_type; @@ -104,9 +97,6 @@ typedef enum kern_type KERN_TYPE_HMAC_STREEBOG_512_SLT = 11860, KERN_TYPE_OPENCART = 13900, KERN_TYPE_SHA1CX = 14400, - KERN_TYPE_JWT_HS256 = 16511, - KERN_TYPE_JWT_HS384 = 16512, - KERN_TYPE_JWT_HS512 = 16513, KERN_TYPE_ELECTRUM_WALLET13 = 16600, } kern_type_t; diff --git a/src/interface_migrate.c b/src/interface_migrate.c index 843e3cde3..177ce3581 100644 --- a/src/interface_migrate.c +++ b/src/interface_migrate.c @@ -43,7 +43,6 @@ " 10200 | CRAM-MD5 | Network Protocols", " 11100 | PostgreSQL CRAM (MD5) | Network Protocols", " 11200 | MySQL CRAM (SHA1) | Network Protocols", - " 16500 | JWT (JSON Web Token) | Network Protocols", " 121 | SMF (Simple Machines Forum) > v1.1 | Forums, CMS, E-Commerce, Frameworks", " 2611 | vBulletin < v3.8.5 | Forums, CMS, E-Commerce, Frameworks", " 2711 | vBulletin >= v3.8.5 | Forums, CMS, E-Commerce, Frameworks", @@ -72,12 +71,6 @@ " 133 | PeopleSoft | Enterprise Application Software (EAS)", " 16600 | Electrum Wallet (Salt-Type 1-2) | Password Managers", -/** - * Missing self-test hashes: - * - * ST_HASH_16500 multi-hash-mode algorithm, unlikely to match self-test hash settings - */ - static const char *ST_HASH_00021 = "e983672a03adcc9767b24584338eb378:00"; static const char *ST_HASH_00022 = "nKjiFErqK7TPcZdFZsZMNWPtw4Pv8n:26506173"; static const char *ST_HASH_00030 = "1169500a7dfece72e1f7fc9c9410867a:687430237020"; @@ -201,7 +194,6 @@ static const char *HT_11850 = "HMAC-Streebog-512 (key = $pass), big-endian"; static const char *HT_11860 = "HMAC-Streebog-512 (key = $salt), big-endian"; static const char *HT_13900 = "OpenCart"; static const char *HT_14400 = "sha1(CX)"; -static const char *HT_16500 = "JWT (JSON Web Token)"; static const char *HT_16600 = "Electrum Wallet (Salt-Type 1-3)"; static const char *HT_00022 = "Juniper NetScreen/SSG (ScreenOS)"; @@ -3826,196 +3818,6 @@ int sha256b64s_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE return (PARSER_OK); } -int jwt_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig) -{ - // no digest yet - - salt_t *salt = hash_buf->salt; - - jwt_t *jwt = (jwt_t *) hash_buf->esalt; - - token_t token; - - token.token_cnt = 3; - - token.sep[0] = '.'; - token.len_min[0] = 1; - token.len_max[0] = 2047; - token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH - | TOKEN_ATTR_VERIFY_BASE64C; - - token.sep[1] = '.'; - token.len_min[1] = 1; - token.len_max[1] = 2047; - token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH - | TOKEN_ATTR_VERIFY_BASE64C; - - token.sep[2] = '.'; - token.len_min[2] = 43; - token.len_max[2] = 86; - token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH - | TOKEN_ATTR_VERIFY_BASE64C; - - const int rc_tokenizer = input_tokenizer (input_buf, input_len, &token); - - if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); - - // header - - const int header_len = token.len[0]; - - // payload - - const int payload_len = token.len[1]; - - // signature - - const u8 *signature_pos = token.buf[2]; - const int signature_len = token.len[2]; - - // esalt - - const int esalt_len = header_len + 1 + payload_len; - - if (esalt_len > 4096) return (PARSER_SALT_LENGTH); - - memcpy (jwt->salt_buf, input_buf, esalt_len); - - jwt->salt_len = esalt_len; - - /** - * verify some data - */ - - // we need to do this kind of check, otherwise an eventual matching hash from the potfile overwrites the kern_type with an eventual invalid one - - if (hashconfig->kern_type == (u32) -1) - { - // it would be more accurate to base64 decode the header_pos buffer and then to string match HS256 - same goes for the other algorithms - - if (signature_len == 43) - { - hashconfig->kern_type = KERN_TYPE_JWT_HS256; - } - else if (signature_len == 64) - { - hashconfig->kern_type = KERN_TYPE_JWT_HS384; - } - else if (signature_len == 86) - { - hashconfig->kern_type = KERN_TYPE_JWT_HS512; - } - else - { - return (PARSER_HASH_LENGTH); - } - } - else - { - if ((hashconfig->kern_type == KERN_TYPE_JWT_HS256) && (signature_len == 43)) - { - // OK - } - else if ((hashconfig->kern_type == KERN_TYPE_JWT_HS384) && (signature_len == 64)) - { - // OK - } - else if ((hashconfig->kern_type == KERN_TYPE_JWT_HS512) && (signature_len == 86)) - { - // OK - } - else - { - return (PARSER_HASH_LENGTH); - } - } - - // salt - // - // Create a hash of the esalt because esalt buffer can change somewhere behind salt->salt_buf size - // Not a regular MD5 but good enough - - u32 hash[4]; - - hash[0] = 0; - hash[1] = 1; - hash[2] = 2; - hash[3] = 3; - - u32 block[16]; - - memset (block, 0, sizeof (block)); - - for (int i = 0; i < 1024; i += 16) - { - for (int j = 0; j < 16; j++) - { - block[j] = jwt->salt_buf[i + j]; - - md5_64 (block, hash); - } - } - - salt->salt_buf[0] = hash[0]; - salt->salt_buf[1] = hash[1]; - salt->salt_buf[2] = hash[2]; - salt->salt_buf[3] = hash[3]; - - salt->salt_len = 16; - - // hash - - u8 tmp_buf[100] = { 0 }; - - base64_decode (base64url_to_int, signature_pos, signature_len, tmp_buf); - - if (signature_len == 43) - { - memcpy (hash_buf->digest, tmp_buf, 32); - - u32 *digest = (u32 *) hash_buf->digest; - - digest[0] = byte_swap_32 (digest[0]); - digest[1] = byte_swap_32 (digest[1]); - digest[2] = byte_swap_32 (digest[2]); - digest[3] = byte_swap_32 (digest[3]); - digest[4] = byte_swap_32 (digest[4]); - digest[5] = byte_swap_32 (digest[5]); - digest[6] = byte_swap_32 (digest[6]); - digest[7] = byte_swap_32 (digest[7]); - } - else if (signature_len == 64) - { - memcpy (hash_buf->digest, tmp_buf, 48); - - u64 *digest = (u64 *) hash_buf->digest; - - digest[0] = byte_swap_64 (digest[0]); - digest[1] = byte_swap_64 (digest[1]); - digest[2] = byte_swap_64 (digest[2]); - digest[3] = byte_swap_64 (digest[3]); - digest[4] = byte_swap_64 (digest[4]); - digest[5] = byte_swap_64 (digest[5]); - } - else if (signature_len == 86) - { - memcpy (hash_buf->digest, tmp_buf, 64); - - u64 *digest = (u64 *) hash_buf->digest; - - digest[0] = byte_swap_64 (digest[0]); - digest[1] = byte_swap_64 (digest[1]); - digest[2] = byte_swap_64 (digest[2]); - digest[3] = byte_swap_64 (digest[3]); - digest[4] = byte_swap_64 (digest[4]); - digest[5] = byte_swap_64 (digest[5]); - digest[6] = byte_swap_64 (digest[6]); - digest[7] = byte_swap_64 (digest[7]); - } - - return (PARSER_OK); -} - int electrum_wallet13_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED hashconfig_t *hashconfig) { u32 *digest = (u32 *) hash_buf->digest; @@ -4565,72 +4367,6 @@ int ascii_digest (hashcat_ctx_t *hashcat_ctx, char *out_buf, const int out_size, byte_swap_32 (digest_buf[3]), byte_swap_32 (digest_buf[4])); } - else if (hash_mode == 16500) - { - jwt_t *jwts = (jwt_t *) esalts_buf; - - jwt_t *jwt = &jwts[digest_cur]; - - if (hashconfig->kern_type == KERN_TYPE_JWT_HS256) - { - digest_buf[0] = byte_swap_32 (digest_buf[0]); - digest_buf[1] = byte_swap_32 (digest_buf[1]); - digest_buf[2] = byte_swap_32 (digest_buf[2]); - digest_buf[3] = byte_swap_32 (digest_buf[3]); - digest_buf[4] = byte_swap_32 (digest_buf[4]); - digest_buf[5] = byte_swap_32 (digest_buf[5]); - digest_buf[6] = byte_swap_32 (digest_buf[6]); - digest_buf[7] = byte_swap_32 (digest_buf[7]); - - memset (tmp_buf, 0, sizeof (tmp_buf)); - - memcpy (tmp_buf, digest_buf, 32); - - base64_encode (int_to_base64url, (const u8 *) tmp_buf, 32, (u8 *) ptr_plain); - - ptr_plain[43] = 0; - } - else if (hashconfig->kern_type == KERN_TYPE_JWT_HS384) - { - digest_buf64[0] = byte_swap_64 (digest_buf64[0]); - digest_buf64[1] = byte_swap_64 (digest_buf64[1]); - digest_buf64[2] = byte_swap_64 (digest_buf64[2]); - digest_buf64[3] = byte_swap_64 (digest_buf64[3]); - digest_buf64[4] = byte_swap_64 (digest_buf64[4]); - digest_buf64[5] = byte_swap_64 (digest_buf64[5]); - - memset (tmp_buf, 0, sizeof (tmp_buf)); - - memcpy (tmp_buf, digest_buf64, 48); - - base64_encode (int_to_base64url, (const u8 *) tmp_buf, 48, (u8 *) ptr_plain); - - ptr_plain[64] = 0; - } - else if (hashconfig->kern_type == KERN_TYPE_JWT_HS512) - { - digest_buf64[0] = byte_swap_64 (digest_buf64[0]); - digest_buf64[1] = byte_swap_64 (digest_buf64[1]); - digest_buf64[2] = byte_swap_64 (digest_buf64[2]); - digest_buf64[3] = byte_swap_64 (digest_buf64[3]); - digest_buf64[4] = byte_swap_64 (digest_buf64[4]); - digest_buf64[5] = byte_swap_64 (digest_buf64[5]); - digest_buf64[6] = byte_swap_64 (digest_buf64[6]); - digest_buf64[7] = byte_swap_64 (digest_buf64[7]); - - memset (tmp_buf, 0, sizeof (tmp_buf)); - - memcpy (tmp_buf, digest_buf64, 64); - - base64_encode (int_to_base64url, (const u8 *) tmp_buf, 64, (u8 *) ptr_plain); - - ptr_plain[86] = 0; - } - - snprintf (out_buf, out_size, "%s.%s", - (char *) jwt->salt_buf, - (char *) ptr_plain); - } else if (hash_mode == 16600) { electrum_wallet_t *electrum_wallets = (electrum_wallet_t *) esalts_buf; @@ -6300,23 +6036,6 @@ int hashconfig_init (hashcat_ctx_t *hashcat_ctx) hashconfig->st_pass = ST_PASS_HASHCAT_PLAIN; break; - case 16500: hashconfig->hash_type = HASH_TYPE_JWT; - hashconfig->salt_type = SALT_TYPE_EMBEDDED; - hashconfig->attack_exec = ATTACK_EXEC_INSIDE_KERNEL; - hashconfig->opts_type = OPTS_TYPE_PT_GENERATE_BE; - hashconfig->kern_type = (u32) -1; // this gets overwritten from within parser - hashconfig->dgst_size = DGST_SIZE_4_16; - hashconfig->parse_func = jwt_parse_hash; - hashconfig->opti_type = OPTI_TYPE_ZERO_BYTE - | OPTI_TYPE_NOT_ITERATED; - hashconfig->dgst_pos0 = 0; - hashconfig->dgst_pos1 = 1; - hashconfig->dgst_pos2 = 2; - hashconfig->dgst_pos3 = 3; - hashconfig->st_hash = NULL; - hashconfig->st_pass = ST_PASS_HASHCAT_PLAIN; - break; - case 16600: hashconfig->hash_type = HASH_TYPE_ELECTRUM_WALLET; hashconfig->salt_type = SALT_TYPE_EMBEDDED; hashconfig->attack_exec = ATTACK_EXEC_INSIDE_KERNEL; @@ -6344,7 +6063,6 @@ int hashconfig_init (hashcat_ctx_t *hashcat_ctx) switch (hashconfig->hash_mode) { case 10200: hashconfig->esalt_size = sizeof (cram_md5_t); break; - case 16500: hashconfig->esalt_size = sizeof (jwt_t); break; case 16600: hashconfig->esalt_size = sizeof (electrum_wallet_t); break; } diff --git a/src/modules/module_16500.c b/src/modules/module_16500.c new file mode 100644 index 000000000..40c443906 --- /dev/null +++ b/src/modules/module_16500.c @@ -0,0 +1,379 @@ +/** + * Author......: See docs/credits.txt + * License.....: MIT + */ + +#include "common.h" +#include "types.h" +#include "modules.h" +#include "bitops.h" +#include "convert.h" +#include "shared.h" +#include "cpu_md5.h" + +static const u32 ATTACK_EXEC = ATTACK_EXEC_INSIDE_KERNEL; +static const u32 DGST_POS0 = 0; +static const u32 DGST_POS1 = 1; +static const u32 DGST_POS2 = 2; +static const u32 DGST_POS3 = 3; +static const u32 DGST_SIZE = DGST_SIZE_4_16; +static const u32 HASH_CATEGORY = HASH_CATEGORY_NETWORK_PROTOCOL; +static const char *HASH_NAME = "JWT (JSON Web Token)"; +static const u32 HASH_TYPE = HASH_TYPE_GENERIC; +static const u64 KERN_TYPE = 16511; +static const u32 OPTI_TYPE = OPTI_TYPE_ZERO_BYTE + | OPTI_TYPE_NOT_ITERATED; +static const u32 OPTS_TYPE = OPTS_TYPE_PT_GENERATE_BE; +static const u32 SALT_TYPE = SALT_TYPE_EMBEDDED; +static const char *ST_PASS = "hashcat"; +static const char *ST_HASH = NULL; // multi-hash-mode algorithm, unlikely to match self-test hash settings + +u32 module_attack_exec (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ATTACK_EXEC; } +u32 module_dgst_pos0 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS0; } +u32 module_dgst_pos1 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS1; } +u32 module_dgst_pos2 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS2; } +u32 module_dgst_pos3 (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_POS3; } +u32 module_dgst_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return DGST_SIZE; } +u32 module_hash_category (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_CATEGORY; } +const char *module_hash_name (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_NAME; } +u32 module_hash_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return HASH_TYPE; } +u64 module_kern_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return KERN_TYPE; } +u32 module_opti_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTI_TYPE; } +u64 module_opts_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return OPTS_TYPE; } +u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return SALT_TYPE; } +const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } +const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } + +typedef struct jwt +{ + u32 salt_buf[1024]; + u32 salt_len; + + u32 signature_len; + +} jwt_t; + +typedef enum kern_type_jwt +{ + KERN_TYPE_JWT_HS256 = 16511, + KERN_TYPE_JWT_HS384 = 16512, + KERN_TYPE_JWT_HS512 = 16513, + +} kern_type_jwt_t; + +u64 module_esalt_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) +{ + const u64 esalt_size = (const u64) sizeof (jwt_t); + + return esalt_size; +} + +u64 module_kern_type_dynamic (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info) +{ + const jwt_t *jwt = (const jwt_t *) esalt_buf; + + u64 kern_type = -1; + + // it would be more accurate to base64 decode the header_pos buffer and then to string match HS256 - same goes for the other algorithms + + if (jwt->signature_len == 43) + { + kern_type = KERN_TYPE_JWT_HS256; + } + else if (jwt->signature_len == 64) + { + kern_type = KERN_TYPE_JWT_HS384; + } + else if (jwt->signature_len == 86) + { + kern_type = KERN_TYPE_JWT_HS512; + } + else + { + return (PARSER_HASH_LENGTH); + } + + return kern_type; +} + +int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED void *digest_buf, MAYBE_UNUSED salt_t *salt, MAYBE_UNUSED void *esalt_buf, MAYBE_UNUSED void *hook_salt_buf, MAYBE_UNUSED hashinfo_t *hash_info, const char *line_buf, MAYBE_UNUSED const int line_len) +{ + jwt_t *jwt = (jwt_t *) esalt_buf; + + token_t token; + + token.token_cnt = 3; + + token.sep[0] = '.'; + token.len_min[0] = 1; + token.len_max[0] = 2047; + token.attr[0] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_BASE64C; + + token.sep[1] = '.'; + token.len_min[1] = 1; + token.len_max[1] = 2047; + token.attr[1] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_BASE64C; + + token.sep[2] = '.'; + token.len_min[2] = 43; + token.len_max[2] = 86; + token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH + | TOKEN_ATTR_VERIFY_BASE64C; + + const int rc_tokenizer = input_tokenizer ((const u8 *) line_buf, line_len, &token); + + if (rc_tokenizer != PARSER_OK) return (rc_tokenizer); + + // header + + const int header_len = token.len[0]; + + // payload + + const int payload_len = token.len[1]; + + // signature + + const u8 *signature_pos = token.buf[2]; + const int signature_len = token.len[2]; + + jwt->signature_len = signature_len; + + // esalt + + const int esalt_len = header_len + 1 + payload_len; + + if (esalt_len > 4096) return (PARSER_SALT_LENGTH); + + memcpy (jwt->salt_buf, line_buf, esalt_len); + + jwt->salt_len = esalt_len; + + // salt + // + // Create a hash of the esalt because esalt buffer can change somewhere behind salt->salt_buf size + // Not a regular MD5 but good enough + + u32 hash[4]; + + hash[0] = 0; + hash[1] = 1; + hash[2] = 2; + hash[3] = 3; + + u32 block[16]; + + memset (block, 0, sizeof (block)); + + for (int i = 0; i < 1024; i += 16) + { + for (int j = 0; j < 16; j++) + { + block[j] = jwt->salt_buf[i + j]; + + md5_64 (block, hash); + } + } + + salt->salt_buf[0] = hash[0]; + salt->salt_buf[1] = hash[1]; + salt->salt_buf[2] = hash[2]; + salt->salt_buf[3] = hash[3]; + + salt->salt_len = 16; + + // hash + + u8 tmp_buf[100] = { 0 }; + + base64_decode (base64url_to_int, signature_pos, signature_len, tmp_buf); + + if (signature_len == 43) + { + memcpy (digest_buf, tmp_buf, 32); + + u32 *digest = (u32 *) digest_buf; + + digest[0] = byte_swap_32 (digest[0]); + digest[1] = byte_swap_32 (digest[1]); + digest[2] = byte_swap_32 (digest[2]); + digest[3] = byte_swap_32 (digest[3]); + digest[4] = byte_swap_32 (digest[4]); + digest[5] = byte_swap_32 (digest[5]); + digest[6] = byte_swap_32 (digest[6]); + digest[7] = byte_swap_32 (digest[7]); + } + else if (signature_len == 64) + { + memcpy (digest_buf, tmp_buf, 48); + + u64 *digest = (u64 *) digest_buf; + + digest[0] = byte_swap_64 (digest[0]); + digest[1] = byte_swap_64 (digest[1]); + digest[2] = byte_swap_64 (digest[2]); + digest[3] = byte_swap_64 (digest[3]); + digest[4] = byte_swap_64 (digest[4]); + digest[5] = byte_swap_64 (digest[5]); + } + else if (signature_len == 86) + { + memcpy (digest_buf, tmp_buf, 64); + + u64 *digest = (u64 *) digest_buf; + + digest[0] = byte_swap_64 (digest[0]); + digest[1] = byte_swap_64 (digest[1]); + digest[2] = byte_swap_64 (digest[2]); + digest[3] = byte_swap_64 (digest[3]); + digest[4] = byte_swap_64 (digest[4]); + digest[5] = byte_swap_64 (digest[5]); + digest[6] = byte_swap_64 (digest[6]); + digest[7] = byte_swap_64 (digest[7]); + } + + return (PARSER_OK); +} + +int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const void *digest_buf, MAYBE_UNUSED const salt_t *salt, MAYBE_UNUSED const void *esalt_buf, MAYBE_UNUSED const void *hook_salt_buf, MAYBE_UNUSED const hashinfo_t *hash_info, char *line_buf, MAYBE_UNUSED const int line_size) +{ + const jwt_t *jwt = (const jwt_t *) esalt_buf; + + const u32 *digest32 = (const u32 *) digest_buf; + const u64 *digest64 = (const u64 *) digest_buf; + + char tmp_buf[128] = { 0 }; + + char ptr_plain[128]; + + if (hashconfig->kern_type == KERN_TYPE_JWT_HS256) + { + u32 tmp[8]; + + tmp[0] = byte_swap_32 (digest32[0]); + tmp[1] = byte_swap_32 (digest32[1]); + tmp[2] = byte_swap_32 (digest32[2]); + tmp[3] = byte_swap_32 (digest32[3]); + tmp[4] = byte_swap_32 (digest32[4]); + tmp[5] = byte_swap_32 (digest32[5]); + tmp[6] = byte_swap_32 (digest32[6]); + tmp[7] = byte_swap_32 (digest32[7]); + + memcpy (tmp_buf, tmp, 32); + + base64_encode (int_to_base64url, (const u8 *) tmp_buf, 32, (u8 *) ptr_plain); + + ptr_plain[43] = 0; + } + else if (hashconfig->kern_type == KERN_TYPE_JWT_HS384) + { + u64 tmp[6]; + + tmp[0] = byte_swap_64 (digest64[0]); + tmp[1] = byte_swap_64 (digest64[1]); + tmp[2] = byte_swap_64 (digest64[2]); + tmp[3] = byte_swap_64 (digest64[3]); + tmp[4] = byte_swap_64 (digest64[4]); + tmp[5] = byte_swap_64 (digest64[5]); + + memcpy (tmp_buf, tmp, 48); + + base64_encode (int_to_base64url, (const u8 *) tmp_buf, 48, (u8 *) ptr_plain); + + ptr_plain[64] = 0; + } + else if (hashconfig->kern_type == KERN_TYPE_JWT_HS512) + { + u64 tmp[8]; + + tmp[0] = byte_swap_64 (digest64[0]); + tmp[1] = byte_swap_64 (digest64[1]); + tmp[2] = byte_swap_64 (digest64[2]); + tmp[3] = byte_swap_64 (digest64[3]); + tmp[4] = byte_swap_64 (digest64[4]); + tmp[5] = byte_swap_64 (digest64[5]); + tmp[6] = byte_swap_64 (digest64[6]); + tmp[7] = byte_swap_64 (digest64[7]); + + memcpy (tmp_buf, tmp, 64); + + base64_encode (int_to_base64url, (const u8 *) tmp_buf, 64, (u8 *) ptr_plain); + + ptr_plain[86] = 0; + } + + const int line_len = snprintf (line_buf, line_size, "%s.%s", (char *) jwt->salt_buf, (char *) ptr_plain); + + return line_len; +} + +void module_init (module_ctx_t *module_ctx) +{ + module_ctx->module_context_size = MODULE_CONTEXT_SIZE_CURRENT; + module_ctx->module_interface_version = MODULE_INTERFACE_VERSION_CURRENT; + + module_ctx->module_attack_exec = module_attack_exec; + module_ctx->module_benchmark_esalt = MODULE_DEFAULT; + module_ctx->module_benchmark_hook_salt = MODULE_DEFAULT; + module_ctx->module_benchmark_mask = MODULE_DEFAULT; + module_ctx->module_benchmark_salt = MODULE_DEFAULT; + module_ctx->module_build_plain_postprocess = MODULE_DEFAULT; + module_ctx->module_deep_comp_kernel = MODULE_DEFAULT; + module_ctx->module_dgst_pos0 = module_dgst_pos0; + module_ctx->module_dgst_pos1 = module_dgst_pos1; + module_ctx->module_dgst_pos2 = module_dgst_pos2; + module_ctx->module_dgst_pos3 = module_dgst_pos3; + module_ctx->module_dgst_size = module_dgst_size; + module_ctx->module_dictstat_disable = MODULE_DEFAULT; + module_ctx->module_esalt_size = module_esalt_size; + module_ctx->module_extra_buffer_size = MODULE_DEFAULT; + module_ctx->module_extra_tmp_size = MODULE_DEFAULT; + module_ctx->module_forced_outfile_format = MODULE_DEFAULT; + module_ctx->module_hash_binary_count = MODULE_DEFAULT; + module_ctx->module_hash_binary_parse = MODULE_DEFAULT; + module_ctx->module_hash_binary_save = MODULE_DEFAULT; + module_ctx->module_hash_decode_outfile = MODULE_DEFAULT; + module_ctx->module_hash_decode_zero_hash = MODULE_DEFAULT; + module_ctx->module_hash_decode = module_hash_decode; + module_ctx->module_hash_encode_status = MODULE_DEFAULT; + module_ctx->module_hash_encode = module_hash_encode; + module_ctx->module_hash_init_selftest = MODULE_DEFAULT; + module_ctx->module_hash_mode = MODULE_DEFAULT; + module_ctx->module_hash_category = module_hash_category; + module_ctx->module_hash_name = module_hash_name; + module_ctx->module_hash_type = module_hash_type; + module_ctx->module_hlfmt_disable = MODULE_DEFAULT; + module_ctx->module_hook12 = MODULE_DEFAULT; + module_ctx->module_hook23 = MODULE_DEFAULT; + module_ctx->module_hook_salt_size = MODULE_DEFAULT; + module_ctx->module_hook_size = MODULE_DEFAULT; + module_ctx->module_jit_build_options = MODULE_DEFAULT; + module_ctx->module_kernel_accel_max = MODULE_DEFAULT; + module_ctx->module_kernel_accel_min = MODULE_DEFAULT; + module_ctx->module_kernel_loops_max = MODULE_DEFAULT; + module_ctx->module_kernel_loops_min = MODULE_DEFAULT; + module_ctx->module_kernel_threads_max = MODULE_DEFAULT; + module_ctx->module_kernel_threads_min = MODULE_DEFAULT; + module_ctx->module_kern_type = module_kern_type; + module_ctx->module_kern_type_dynamic = module_kern_type_dynamic; + module_ctx->module_opti_type = module_opti_type; + module_ctx->module_opts_type = module_opts_type; + module_ctx->module_outfile_check_disable = MODULE_DEFAULT; + module_ctx->module_outfile_check_nocomp = MODULE_DEFAULT; + module_ctx->module_potfile_disable = MODULE_DEFAULT; + module_ctx->module_potfile_keep_all_hashes = MODULE_DEFAULT; + module_ctx->module_pwdump_column = MODULE_DEFAULT; + module_ctx->module_pw_max = MODULE_DEFAULT; + module_ctx->module_pw_min = MODULE_DEFAULT; + module_ctx->module_salt_max = MODULE_DEFAULT; + module_ctx->module_salt_min = MODULE_DEFAULT; + module_ctx->module_salt_type = module_salt_type; + module_ctx->module_separator = MODULE_DEFAULT; + module_ctx->module_st_hash = module_st_hash; + module_ctx->module_st_pass = module_st_pass; + module_ctx->module_tmp_size = MODULE_DEFAULT; + module_ctx->module_unstable_warning = MODULE_DEFAULT; + module_ctx->module_warmup_disable = MODULE_DEFAULT; +}