From dbbdb7e5ac4f7db2dd503c1820b91fbbcfc37c92 Mon Sep 17 00:00:00 2001
From: Jens Steube <jens.steube@gmail.com>
Date: Sun, 16 Jun 2019 11:41:42 +0200
Subject: [PATCH] WipZip cracking: Added two byte early reject, resulting in
 higher cracking speed

---
 OpenCL/m13600-pure.cl      | 117 +++++++++++++++++++------------------
 docs/changes.txt           |   1 +
 src/modules/module_13600.c |  21 +++++--
 3 files changed, 77 insertions(+), 62 deletions(-)

diff --git a/OpenCL/m13600-pure.cl b/OpenCL/m13600-pure.cl
index 944215e82..915b7a5f6 100644
--- a/OpenCL/m13600-pure.cl
+++ b/OpenCL/m13600-pure.cl
@@ -3,7 +3,7 @@
  * License.....: MIT
  */
 
-#define NEW_SIMD_CODE
+//#define NEW_SIMD_CODE
 
 #ifdef KERNEL_STATIC
 #include "inc_vendor.h"
@@ -43,7 +43,7 @@ typedef struct zip2
 
 } zip2_t;
 
-DECLSPEC void hmac_sha1_run_V (u32x *w0, u32x *w1, u32x *w2, u32x *w3, u32x *ipad, u32x *opad, u32x *digest)
+DECLSPEC void hmac_sha1_run (u32 *w0, u32 *w1, u32 *w2, u32 *w3, u32 *ipad, u32 *opad, u32 *digest)
 {
   digest[0] = ipad[0];
   digest[1] = ipad[1];
@@ -51,7 +51,7 @@ DECLSPEC void hmac_sha1_run_V (u32x *w0, u32x *w1, u32x *w2, u32x *w3, u32x *ipa
   digest[3] = ipad[3];
   digest[4] = ipad[4];
 
-  sha1_transform_vector (w0, w1, w2, w3, digest);
+  sha1_transform (w0, w1, w2, w3, digest);
 
   w0[0] = digest[0];
   w0[1] = digest[1];
@@ -76,7 +76,7 @@ DECLSPEC void hmac_sha1_run_V (u32x *w0, u32x *w1, u32x *w2, u32x *w3, u32x *ipa
   digest[3] = opad[3];
   digest[4] = opad[4];
 
-  sha1_transform_vector (w0, w1, w2, w3, digest);
+  sha1_transform (w0, w1, w2, w3, digest);
 }
 
 KERNEL_FQ void m13600_init (KERN_ATTR_TMPS_ESALT (pbkdf2_sha1_tmp_t, zip2_t))
@@ -131,27 +131,23 @@ KERNEL_FQ void m13600_init (KERN_ATTR_TMPS_ESALT (pbkdf2_sha1_tmp_t, zip2_t))
 
   const u32 mode = esalt_bufs[digests_offset].mode;
 
-  u32 iter_start;
-  u32 iter_stop;
-  u32 count_start;
+  int iter_start;
+  int iter_stop;
 
   switch (mode)
   {
     case 1: iter_start  = 0;
             iter_stop   = 2;
-            count_start = 1;
             break;
     case 2: iter_start  = 1;
             iter_stop   = 3;
-            count_start = 2;
             break;
     case 3: iter_start  = 1;
             iter_stop   = 4;
-            count_start = 2;
             break;
   }
 
-  for (u32 i = iter_start, j = count_start; i < iter_stop; i++, j++)
+  for (int i = iter_stop - 1, j = iter_stop; i >= iter_start; i--, j--)
   {
     sha1_hmac_ctx_t sha1_hmac_ctx2 = sha1_hmac_ctx;
 
@@ -196,70 +192,68 @@ KERNEL_FQ void m13600_loop (KERN_ATTR_TMPS_ESALT (pbkdf2_sha1_tmp_t, zip2_t))
 {
   const u64 gid = get_global_id (0);
 
-  if ((gid * VECT_SIZE) >= gid_max) return;
+  if (gid >= gid_max) return;
 
-  u32x ipad[5];
-  u32x opad[5];
+  u32 ipad[5];
+  u32 opad[5];
 
-  ipad[0] = packv (tmps, ipad, gid, 0);
-  ipad[1] = packv (tmps, ipad, gid, 1);
-  ipad[2] = packv (tmps, ipad, gid, 2);
-  ipad[3] = packv (tmps, ipad, gid, 3);
-  ipad[4] = packv (tmps, ipad, gid, 4);
+  ipad[0] = tmps[gid].ipad[0];
+  ipad[1] = tmps[gid].ipad[1];
+  ipad[2] = tmps[gid].ipad[2];
+  ipad[3] = tmps[gid].ipad[3];
+  ipad[4] = tmps[gid].ipad[4];
 
-  opad[0] = packv (tmps, opad, gid, 0);
-  opad[1] = packv (tmps, opad, gid, 1);
-  opad[2] = packv (tmps, opad, gid, 2);
-  opad[3] = packv (tmps, opad, gid, 3);
-  opad[4] = packv (tmps, opad, gid, 4);
+  opad[0] = tmps[gid].opad[0];
+  opad[1] = tmps[gid].opad[1];
+  opad[2] = tmps[gid].opad[2];
+  opad[3] = tmps[gid].opad[3];
+  opad[4] = tmps[gid].opad[4];
+
+  const u32 verify_bytes = esalt_bufs[digests_offset].verify_bytes;
 
   const u32 mode = esalt_bufs[digests_offset].mode;
 
-  u32 iter_start;
-  u32 iter_stop;
-  u32 count_start;
+  int iter_start;
+  int iter_stop;
 
   switch (mode)
   {
     case 1: iter_start  = 0;
             iter_stop   = 2;
-            count_start = 1;
             break;
     case 2: iter_start  = 1;
             iter_stop   = 3;
-            count_start = 2;
             break;
     case 3: iter_start  = 1;
             iter_stop   = 4;
-            count_start = 2;
             break;
   }
 
-  for (u32 i = iter_start, j = count_start; i < iter_stop; i++, j++)
+  for (int i = iter_stop - 1; i >= iter_start; i--)
   {
     const u32 i5 = i * 5;
 
-    u32x dgst[5];
-    u32x out[5];
+    u32 dgst[5];
+    u32 out[5];
 
-    dgst[0] = packv (tmps, dgst, gid, i5 + 0);
-    dgst[1] = packv (tmps, dgst, gid, i5 + 1);
-    dgst[2] = packv (tmps, dgst, gid, i5 + 2);
-    dgst[3] = packv (tmps, dgst, gid, i5 + 3);
-    dgst[4] = packv (tmps, dgst, gid, i5 + 4);
+    dgst[0] = tmps[gid].dgst[i5 + 0];
+    dgst[1] = tmps[gid].dgst[i5 + 1];
+    dgst[2] = tmps[gid].dgst[i5 + 2];
+    dgst[3] = tmps[gid].dgst[i5 + 3];
+    dgst[4] = tmps[gid].dgst[i5 + 4];
 
-    out[0] = packv (tmps, out, gid, i5 + 0);
-    out[1] = packv (tmps, out, gid, i5 + 1);
-    out[2] = packv (tmps, out, gid, i5 + 2);
-    out[3] = packv (tmps, out, gid, i5 + 3);
-    out[4] = packv (tmps, out, gid, i5 + 4);
+    out[0] = tmps[gid].out[i5 + 0];
+    out[1] = tmps[gid].out[i5 + 1];
+    out[2] = tmps[gid].out[i5 + 2];
+    out[3] = tmps[gid].out[i5 + 3];
+    out[4] = tmps[gid].out[i5 + 4];
 
     for (u32 j = 0; j < loop_cnt; j++)
     {
-      u32x w0[4];
-      u32x w1[4];
-      u32x w2[4];
-      u32x w3[4];
+      u32 w0[4];
+      u32 w1[4];
+      u32 w2[4];
+      u32 w3[4];
 
       w0[0] = dgst[0];
       w0[1] = dgst[1];
@@ -278,7 +272,7 @@ KERNEL_FQ void m13600_loop (KERN_ATTR_TMPS_ESALT (pbkdf2_sha1_tmp_t, zip2_t))
       w3[2] = 0;
       w3[3] = (64 + 20) * 8;
 
-      hmac_sha1_run_V (w0, w1, w2, w3, ipad, opad, dgst);
+      hmac_sha1_run (w0, w1, w2, w3, ipad, opad, dgst);
 
       out[0] ^= dgst[0];
       out[1] ^= dgst[1];
@@ -287,17 +281,24 @@ KERNEL_FQ void m13600_loop (KERN_ATTR_TMPS_ESALT (pbkdf2_sha1_tmp_t, zip2_t))
       out[4] ^= dgst[4];
     }
 
-    unpackv (tmps, dgst, gid, i5 + 0, dgst[0]);
-    unpackv (tmps, dgst, gid, i5 + 1, dgst[1]);
-    unpackv (tmps, dgst, gid, i5 + 2, dgst[2]);
-    unpackv (tmps, dgst, gid, i5 + 3, dgst[3]);
-    unpackv (tmps, dgst, gid, i5 + 4, dgst[4]);
+    if (i == iter_stop - 1) // 2 byte optimization check
+    {
+      if (mode == 1) if ((out[3] >> 16) != verify_bytes) break;
+      if (mode == 2) if ((out[2] >> 16) != verify_bytes) break;
+      if (mode == 3) if ((out[1] >> 16) != verify_bytes) break;
+    }
 
-    unpackv (tmps, out, gid, i5 + 0, out[0]);
-    unpackv (tmps, out, gid, i5 + 1, out[1]);
-    unpackv (tmps, out, gid, i5 + 2, out[2]);
-    unpackv (tmps, out, gid, i5 + 3, out[3]);
-    unpackv (tmps, out, gid, i5 + 4, out[4]);
+    tmps[gid].dgst[i5 + 0] = dgst[0];
+    tmps[gid].dgst[i5 + 1] = dgst[1];
+    tmps[gid].dgst[i5 + 2] = dgst[2];
+    tmps[gid].dgst[i5 + 3] = dgst[3];
+    tmps[gid].dgst[i5 + 4] = dgst[4];
+
+    tmps[gid].out[i5 + 0] = out[0];
+    tmps[gid].out[i5 + 1] = out[1];
+    tmps[gid].out[i5 + 2] = out[2];
+    tmps[gid].out[i5 + 3] = out[3];
+    tmps[gid].out[i5 + 4] = out[4];
   }
 }
 
diff --git a/docs/changes.txt b/docs/changes.txt
index d11b9d156..d28b45430 100644
--- a/docs/changes.txt
+++ b/docs/changes.txt
@@ -72,6 +72,7 @@
 - Startup Screen: Provide an estimate of host memory requirements for the requested attack
 - Tuning Database: Updated hashcat.hctune with new models and refreshed vector width values
 - WPA/WPA2 cracking: In the potfile, replace password with PMK in order to detect already cracked networks across all WPA modes
+- WipZip cracking: Added two byte early reject, resulting in higher cracking speed
 
 ##
 ## Technical
diff --git a/src/modules/module_13600.c b/src/modules/module_13600.c
index 1d048060e..562841524 100644
--- a/src/modules/module_13600.c
+++ b/src/modules/module_13600.c
@@ -19,8 +19,7 @@ static const u32   DGST_SIZE      = DGST_SIZE_4_4;
 static const u32   HASH_CATEGORY  = HASH_CATEGORY_ARCHIVE;
 static const char *HASH_NAME      = "WinZip";
 static const u64   KERN_TYPE      = 13600;
-static const u32   OPTI_TYPE      = OPTI_TYPE_ZERO_BYTE
-                                  | OPTI_TYPE_SLOW_HASH_SIMD_LOOP;
+static const u32   OPTI_TYPE      = OPTI_TYPE_ZERO_BYTE;
 static const u64   OPTS_TYPE      = OPTS_TYPE_PT_GENERATE_LE;
 static const u32   SALT_TYPE      = SALT_TYPE_EMBEDDED;
 static const char *ST_PASS        = "hashcat";
@@ -85,6 +84,20 @@ u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED c
   return tmp_size;
 }
 
+u32 module_kernel_loops_min (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra)
+{
+  const u32 kernel_loops_min = ROUNDS_ZIP2 - 1;
+
+  return kernel_loops_min;
+}
+
+u32 module_kernel_loops_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra)
+{
+  const u32 kernel_loops_max = ROUNDS_ZIP2 - 1;
+
+  return kernel_loops_max;
+}
+
 u32 module_pw_max (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra)
 {
   // this overrides the reductions of PW_MAX in case optimized kernel is selected
@@ -432,8 +445,8 @@ void module_init (module_ctx_t *module_ctx)
   module_ctx->module_jit_cache_disable        = MODULE_DEFAULT;
   module_ctx->module_kernel_accel_max         = MODULE_DEFAULT;
   module_ctx->module_kernel_accel_min         = MODULE_DEFAULT;
-  module_ctx->module_kernel_loops_max         = MODULE_DEFAULT;
-  module_ctx->module_kernel_loops_min         = MODULE_DEFAULT;
+  module_ctx->module_kernel_loops_max         = module_kernel_loops_max;
+  module_ctx->module_kernel_loops_min         = module_kernel_loops_min;
   module_ctx->module_kernel_threads_max       = MODULE_DEFAULT;
   module_ctx->module_kernel_threads_min       = MODULE_DEFAULT;
   module_ctx->module_kern_type                = module_kern_type;