2 * Authors.....: Jens Steube <jens.steube@gmail.com>
3 * Gabriele Gristina <matrix@hashcat.net>
10 #include "include/constants.h"
11 #include "include/kernel_vendor.h"
18 #include "include/kernel_functions.c"
19 #include "OpenCL/types_ocl.c"
20 #include "OpenCL/common.c"
21 #include "OpenCL/simd.c"
31 static void swap (__local RC4_KEY *rc4_key, const u8 i, const u8 j)
36 rc4_key->S[i] = rc4_key->S[j];
40 static void rc4_init_16 (__local RC4_KEY *rc4_key, const u32 data[4])
45 __local u32 *ptr = (__local u32 *) rc4_key->S;
48 for (u32 i = 0; i < 64; i++)
55 for (u32 i = 0; i < 16; i++)
63 j += rc4_key->S[idx] + (v >> 0); swap (rc4_key, idx, j); idx++;
64 j += rc4_key->S[idx] + (v >> 8); swap (rc4_key, idx, j); idx++;
65 j += rc4_key->S[idx] + (v >> 16); swap (rc4_key, idx, j); idx++;
66 j += rc4_key->S[idx] + (v >> 24); swap (rc4_key, idx, j); idx++;
70 j += rc4_key->S[idx] + (v >> 0); swap (rc4_key, idx, j); idx++;
71 j += rc4_key->S[idx] + (v >> 8); swap (rc4_key, idx, j); idx++;
72 j += rc4_key->S[idx] + (v >> 16); swap (rc4_key, idx, j); idx++;
73 j += rc4_key->S[idx] + (v >> 24); swap (rc4_key, idx, j); idx++;
77 j += rc4_key->S[idx] + (v >> 0); swap (rc4_key, idx, j); idx++;
78 j += rc4_key->S[idx] + (v >> 8); swap (rc4_key, idx, j); idx++;
79 j += rc4_key->S[idx] + (v >> 16); swap (rc4_key, idx, j); idx++;
80 j += rc4_key->S[idx] + (v >> 24); swap (rc4_key, idx, j); idx++;
84 j += rc4_key->S[idx] + (v >> 0); swap (rc4_key, idx, j); idx++;
85 j += rc4_key->S[idx] + (v >> 8); swap (rc4_key, idx, j); idx++;
86 j += rc4_key->S[idx] + (v >> 16); swap (rc4_key, idx, j); idx++;
87 j += rc4_key->S[idx] + (v >> 24); swap (rc4_key, idx, j); idx++;
91 static u8 rc4_next_16 (__local RC4_KEY *rc4_key, u8 i, u8 j, const u32 in[4], u32 out[4])
94 for (u32 k = 0; k < 4; k++)
103 swap (rc4_key, i, j);
105 idx = rc4_key->S[i] + rc4_key->S[j];
107 xor4 |= rc4_key->S[idx] << 0;
112 swap (rc4_key, i, j);
114 idx = rc4_key->S[i] + rc4_key->S[j];
116 xor4 |= rc4_key->S[idx] << 8;
121 swap (rc4_key, i, j);
123 idx = rc4_key->S[i] + rc4_key->S[j];
125 xor4 |= rc4_key->S[idx] << 16;
130 swap (rc4_key, i, j);
132 idx = rc4_key->S[i] + rc4_key->S[j];
134 xor4 |= rc4_key->S[idx] << 24;
136 out[k] = in[k] ^ xor4;
142 static void md5_transform (const u32 w0[4], const u32 w1[4], const u32 w2[4], const u32 w3[4], u32 digest[4])
166 MD5_STEP (MD5_Fo, a, b, c, d, w0_t, MD5C00, MD5S00);
167 MD5_STEP (MD5_Fo, d, a, b, c, w1_t, MD5C01, MD5S01);
168 MD5_STEP (MD5_Fo, c, d, a, b, w2_t, MD5C02, MD5S02);
169 MD5_STEP (MD5_Fo, b, c, d, a, w3_t, MD5C03, MD5S03);
170 MD5_STEP (MD5_Fo, a, b, c, d, w4_t, MD5C04, MD5S00);
171 MD5_STEP (MD5_Fo, d, a, b, c, w5_t, MD5C05, MD5S01);
172 MD5_STEP (MD5_Fo, c, d, a, b, w6_t, MD5C06, MD5S02);
173 MD5_STEP (MD5_Fo, b, c, d, a, w7_t, MD5C07, MD5S03);
174 MD5_STEP (MD5_Fo, a, b, c, d, w8_t, MD5C08, MD5S00);
175 MD5_STEP (MD5_Fo, d, a, b, c, w9_t, MD5C09, MD5S01);
176 MD5_STEP (MD5_Fo, c, d, a, b, wa_t, MD5C0a, MD5S02);
177 MD5_STEP (MD5_Fo, b, c, d, a, wb_t, MD5C0b, MD5S03);
178 MD5_STEP (MD5_Fo, a, b, c, d, wc_t, MD5C0c, MD5S00);
179 MD5_STEP (MD5_Fo, d, a, b, c, wd_t, MD5C0d, MD5S01);
180 MD5_STEP (MD5_Fo, c, d, a, b, we_t, MD5C0e, MD5S02);
181 MD5_STEP (MD5_Fo, b, c, d, a, wf_t, MD5C0f, MD5S03);
183 MD5_STEP (MD5_Go, a, b, c, d, w1_t, MD5C10, MD5S10);
184 MD5_STEP (MD5_Go, d, a, b, c, w6_t, MD5C11, MD5S11);
185 MD5_STEP (MD5_Go, c, d, a, b, wb_t, MD5C12, MD5S12);
186 MD5_STEP (MD5_Go, b, c, d, a, w0_t, MD5C13, MD5S13);
187 MD5_STEP (MD5_Go, a, b, c, d, w5_t, MD5C14, MD5S10);
188 MD5_STEP (MD5_Go, d, a, b, c, wa_t, MD5C15, MD5S11);
189 MD5_STEP (MD5_Go, c, d, a, b, wf_t, MD5C16, MD5S12);
190 MD5_STEP (MD5_Go, b, c, d, a, w4_t, MD5C17, MD5S13);
191 MD5_STEP (MD5_Go, a, b, c, d, w9_t, MD5C18, MD5S10);
192 MD5_STEP (MD5_Go, d, a, b, c, we_t, MD5C19, MD5S11);
193 MD5_STEP (MD5_Go, c, d, a, b, w3_t, MD5C1a, MD5S12);
194 MD5_STEP (MD5_Go, b, c, d, a, w8_t, MD5C1b, MD5S13);
195 MD5_STEP (MD5_Go, a, b, c, d, wd_t, MD5C1c, MD5S10);
196 MD5_STEP (MD5_Go, d, a, b, c, w2_t, MD5C1d, MD5S11);
197 MD5_STEP (MD5_Go, c, d, a, b, w7_t, MD5C1e, MD5S12);
198 MD5_STEP (MD5_Go, b, c, d, a, wc_t, MD5C1f, MD5S13);
200 MD5_STEP (MD5_H , a, b, c, d, w5_t, MD5C20, MD5S20);
201 MD5_STEP (MD5_H , d, a, b, c, w8_t, MD5C21, MD5S21);
202 MD5_STEP (MD5_H , c, d, a, b, wb_t, MD5C22, MD5S22);
203 MD5_STEP (MD5_H , b, c, d, a, we_t, MD5C23, MD5S23);
204 MD5_STEP (MD5_H , a, b, c, d, w1_t, MD5C24, MD5S20);
205 MD5_STEP (MD5_H , d, a, b, c, w4_t, MD5C25, MD5S21);
206 MD5_STEP (MD5_H , c, d, a, b, w7_t, MD5C26, MD5S22);
207 MD5_STEP (MD5_H , b, c, d, a, wa_t, MD5C27, MD5S23);
208 MD5_STEP (MD5_H , a, b, c, d, wd_t, MD5C28, MD5S20);
209 MD5_STEP (MD5_H , d, a, b, c, w0_t, MD5C29, MD5S21);
210 MD5_STEP (MD5_H , c, d, a, b, w3_t, MD5C2a, MD5S22);
211 MD5_STEP (MD5_H , b, c, d, a, w6_t, MD5C2b, MD5S23);
212 MD5_STEP (MD5_H , a, b, c, d, w9_t, MD5C2c, MD5S20);
213 MD5_STEP (MD5_H , d, a, b, c, wc_t, MD5C2d, MD5S21);
214 MD5_STEP (MD5_H , c, d, a, b, wf_t, MD5C2e, MD5S22);
215 MD5_STEP (MD5_H , b, c, d, a, w2_t, MD5C2f, MD5S23);
217 MD5_STEP (MD5_I , a, b, c, d, w0_t, MD5C30, MD5S30);
218 MD5_STEP (MD5_I , d, a, b, c, w7_t, MD5C31, MD5S31);
219 MD5_STEP (MD5_I , c, d, a, b, we_t, MD5C32, MD5S32);
220 MD5_STEP (MD5_I , b, c, d, a, w5_t, MD5C33, MD5S33);
221 MD5_STEP (MD5_I , a, b, c, d, wc_t, MD5C34, MD5S30);
222 MD5_STEP (MD5_I , d, a, b, c, w3_t, MD5C35, MD5S31);
223 MD5_STEP (MD5_I , c, d, a, b, wa_t, MD5C36, MD5S32);
224 MD5_STEP (MD5_I , b, c, d, a, w1_t, MD5C37, MD5S33);
225 MD5_STEP (MD5_I , a, b, c, d, w8_t, MD5C38, MD5S30);
226 MD5_STEP (MD5_I , d, a, b, c, wf_t, MD5C39, MD5S31);
227 MD5_STEP (MD5_I , c, d, a, b, w6_t, MD5C3a, MD5S32);
228 MD5_STEP (MD5_I , b, c, d, a, wd_t, MD5C3b, MD5S33);
229 MD5_STEP (MD5_I , a, b, c, d, w4_t, MD5C3c, MD5S30);
230 MD5_STEP (MD5_I , d, a, b, c, wb_t, MD5C3d, MD5S31);
231 MD5_STEP (MD5_I , c, d, a, b, w2_t, MD5C3e, MD5S32);
232 MD5_STEP (MD5_I , b, c, d, a, w9_t, MD5C3f, MD5S33);
240 static void m09700m (__local RC4_KEY *rc4_keys, u32 w0[4], u32 w1[4], u32 w2[4], u32 w3[4], const u32 pw_len, __global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global void *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global oldoffice01_t *oldoffice01_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset)
246 const u32 gid = get_global_id (0);
247 const u32 lid = get_local_id (0);
253 __local RC4_KEY *rc4_key = &rc4_keys[lid];
261 salt_buf_t0[0] = salt_bufs[salt_pos].salt_buf[0];
262 salt_buf_t0[1] = salt_bufs[salt_pos].salt_buf[1];
263 salt_buf_t0[2] = salt_bufs[salt_pos].salt_buf[2];
264 salt_buf_t0[3] = salt_bufs[salt_pos].salt_buf[3];
268 salt_buf_t1[0] = salt_buf_t0[0] << 8;
269 salt_buf_t1[1] = salt_buf_t0[0] >> 24 | salt_buf_t0[1] << 8;
270 salt_buf_t1[2] = salt_buf_t0[1] >> 24 | salt_buf_t0[2] << 8;
271 salt_buf_t1[3] = salt_buf_t0[2] >> 24 | salt_buf_t0[3] << 8;
272 salt_buf_t1[4] = salt_buf_t0[3] >> 24;
276 salt_buf_t2[0] = salt_buf_t0[0] << 16;
277 salt_buf_t2[1] = salt_buf_t0[0] >> 16 | salt_buf_t0[1] << 16;
278 salt_buf_t2[2] = salt_buf_t0[1] >> 16 | salt_buf_t0[2] << 16;
279 salt_buf_t2[3] = salt_buf_t0[2] >> 16 | salt_buf_t0[3] << 16;
280 salt_buf_t2[4] = salt_buf_t0[3] >> 16;
284 salt_buf_t3[0] = salt_buf_t0[0] << 24;
285 salt_buf_t3[1] = salt_buf_t0[0] >> 8 | salt_buf_t0[1] << 24;
286 salt_buf_t3[2] = salt_buf_t0[1] >> 8 | salt_buf_t0[2] << 24;
287 salt_buf_t3[3] = salt_buf_t0[2] >> 8 | salt_buf_t0[3] << 24;
288 salt_buf_t3[4] = salt_buf_t0[3] >> 8;
290 const u32 salt_len = 16;
296 const u32 version = oldoffice01_bufs[salt_pos].version;
298 u32 encryptedVerifier[4];
300 encryptedVerifier[0] = oldoffice01_bufs[salt_pos].encryptedVerifier[0];
301 encryptedVerifier[1] = oldoffice01_bufs[salt_pos].encryptedVerifier[1];
302 encryptedVerifier[2] = oldoffice01_bufs[salt_pos].encryptedVerifier[2];
303 encryptedVerifier[3] = oldoffice01_bufs[salt_pos].encryptedVerifier[3];
311 for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE)
313 const u32 w0r = ix_create_bft (bfs_buf, il_pos);
315 const u32 w0lr = w0l | w0r;
340 w3_t[2] = pw_len * 8;
344 u32 digest_t1[2]; // need only first 5 byte
348 digest_t0[0] = MD5M_A;
349 digest_t0[1] = MD5M_B;
350 digest_t0[2] = MD5M_C;
351 digest_t0[3] = MD5M_D;
353 md5_transform (w0_t, w1_t, w2_t, w3_t, digest_t0);
355 // prepare 16 * 21 buffer stuff
366 digest_t0[0] &= 0xffffffff;
367 digest_t0[1] &= 0x000000ff;
368 digest_t0[2] &= 0x00000000;
369 digest_t0[3] &= 0x00000000;
371 digest_t1[0] = digest_t0[0] << 8;
372 digest_t1[1] = digest_t0[0] >> 24 | digest_t0[1] << 8;
374 digest_t2[0] = digest_t0[0] << 16;
375 digest_t2[1] = digest_t0[0] >> 16 | digest_t0[1] << 16;
377 digest_t3[0] = digest_t0[0] << 24;
378 digest_t3[1] = digest_t0[0] >> 8 | digest_t0[1] << 24;
380 // generate the 16 * 21 buffer
383 w0_t[0] = digest_t0[0];
384 w0_t[1] = digest_t0[1];
387 w0_t[1] |= salt_buf_t1[0];
388 w0_t[2] = salt_buf_t1[1];
389 w0_t[3] = salt_buf_t1[2];
390 w1_t[0] = salt_buf_t1[3];
391 w1_t[1] = salt_buf_t1[4];
394 w1_t[1] |= digest_t1[0];
395 w1_t[2] = digest_t1[1];
398 w1_t[2] |= salt_buf_t2[0];
399 w1_t[3] = salt_buf_t2[1];
400 w2_t[0] = salt_buf_t2[2];
401 w2_t[1] = salt_buf_t2[3];
402 w2_t[2] = salt_buf_t2[4];
405 w2_t[2] |= digest_t2[0];
406 w2_t[3] = digest_t2[1];
409 w2_t[3] |= salt_buf_t3[0];
410 w3_t[0] = salt_buf_t3[1];
411 w3_t[1] = salt_buf_t3[2];
412 w3_t[2] = salt_buf_t3[3];
413 w3_t[3] = salt_buf_t3[4];
417 w3_t[3] |= digest_t3[0];
419 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
422 w0_t[0] = digest_t3[1];
425 w0_t[1] = salt_buf_t0[0];
426 w0_t[2] = salt_buf_t0[1];
427 w0_t[3] = salt_buf_t0[2];
428 w1_t[0] = salt_buf_t0[3];
431 w1_t[1] = digest_t0[0];
432 w1_t[2] = digest_t0[1];
435 w1_t[2] |= salt_buf_t1[0];
436 w1_t[3] = salt_buf_t1[1];
437 w2_t[0] = salt_buf_t1[2];
438 w2_t[1] = salt_buf_t1[3];
439 w2_t[2] = salt_buf_t1[4];
442 w2_t[2] |= digest_t1[0];
443 w2_t[3] = digest_t1[1];
446 w2_t[3] |= salt_buf_t2[0];
447 w3_t[0] = salt_buf_t2[1];
448 w3_t[1] = salt_buf_t2[2];
449 w3_t[2] = salt_buf_t2[3];
450 w3_t[3] = salt_buf_t2[4];
453 w3_t[3] |= digest_t2[0];
455 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
458 w0_t[0] = digest_t2[1];
461 w0_t[0] |= salt_buf_t3[0];
462 w0_t[1] = salt_buf_t3[1];
463 w0_t[2] = salt_buf_t3[2];
464 w0_t[3] = salt_buf_t3[3];
465 w1_t[0] = salt_buf_t3[4];
468 w1_t[0] |= digest_t3[0];
469 w1_t[1] = digest_t3[1];
472 w1_t[2] = salt_buf_t0[0];
473 w1_t[3] = salt_buf_t0[1];
474 w2_t[0] = salt_buf_t0[2];
475 w2_t[1] = salt_buf_t0[3];
478 w2_t[2] = digest_t0[0];
479 w2_t[3] = digest_t0[1];
482 w2_t[3] |= salt_buf_t1[0];
483 w3_t[0] = salt_buf_t1[1];
484 w3_t[1] = salt_buf_t1[2];
485 w3_t[2] = salt_buf_t1[3];
486 w3_t[3] = salt_buf_t1[4];
489 w3_t[3] |= digest_t1[0];
491 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
494 w0_t[0] = digest_t1[1];
497 w0_t[0] |= salt_buf_t2[0];
498 w0_t[1] = salt_buf_t2[1];
499 w0_t[2] = salt_buf_t2[2];
500 w0_t[3] = salt_buf_t2[3];
501 w1_t[0] = salt_buf_t2[4];
504 w1_t[0] |= digest_t2[0];
505 w1_t[1] = digest_t2[1];
508 w1_t[1] |= salt_buf_t3[0];
509 w1_t[2] = salt_buf_t3[1];
510 w1_t[3] = salt_buf_t3[2];
511 w2_t[0] = salt_buf_t3[3];
512 w2_t[1] = salt_buf_t3[4];
515 w2_t[1] |= digest_t3[0];
516 w2_t[2] = digest_t3[1];
519 w2_t[3] = salt_buf_t0[0];
520 w3_t[0] = salt_buf_t0[1];
521 w3_t[1] = salt_buf_t0[2];
522 w3_t[2] = salt_buf_t0[3];
525 w3_t[3] = digest_t0[0];
527 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
530 w0_t[0] = digest_t0[1];
533 w0_t[0] |= salt_buf_t1[0];
534 w0_t[1] = salt_buf_t1[1];
535 w0_t[2] = salt_buf_t1[2];
536 w0_t[3] = salt_buf_t1[3];
537 w1_t[0] = salt_buf_t1[4];
540 w1_t[0] |= digest_t1[0];
541 w1_t[1] = digest_t1[1];
544 w1_t[1] |= salt_buf_t2[0];
545 w1_t[2] = salt_buf_t2[1];
546 w1_t[3] = salt_buf_t2[2];
547 w2_t[0] = salt_buf_t2[3];
548 w2_t[1] = salt_buf_t2[4];
551 w2_t[1] |= digest_t2[0];
552 w2_t[2] = digest_t2[1];
555 w2_t[2] |= salt_buf_t3[0];
556 w2_t[3] = salt_buf_t3[1];
557 w3_t[0] = salt_buf_t3[2];
558 w3_t[1] = salt_buf_t3[3];
559 w3_t[2] = salt_buf_t3[4];
562 w3_t[2] |= digest_t3[0];
563 w3_t[3] = digest_t3[1];
565 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
567 w0_t[0] = salt_buf_t0[0];
568 w0_t[1] = salt_buf_t0[1];
569 w0_t[2] = salt_buf_t0[2];
570 w0_t[3] = salt_buf_t0[3];
581 w3_t[2] = 21 * 16 * 8;
584 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
586 // now the 40 bit input for the MD5 which then will generate the RC4 key, so it's precomputable!
589 w0_t[1] = digest[1] & 0xff;
610 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
614 rc4_init_16 (rc4_key, digest);
618 u8 j = rc4_next_16 (rc4_key, 0, 0, encryptedVerifier, out);
642 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
644 rc4_next_16 (rc4_key, 16, j, digest, out);
646 COMPARE_M_SIMD (out[0], out[1], out[2], out[3]);
650 static void m09700s (__local RC4_KEY *rc4_keys, u32 w0[4], u32 w1[4], u32 w2[4], u32 w3[4], const u32 pw_len, __global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global void *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global oldoffice01_t *oldoffice01_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset)
656 const u32 gid = get_global_id (0);
657 const u32 lid = get_local_id (0);
663 __local RC4_KEY *rc4_key = &rc4_keys[lid];
671 salt_buf_t0[0] = salt_bufs[salt_pos].salt_buf[0];
672 salt_buf_t0[1] = salt_bufs[salt_pos].salt_buf[1];
673 salt_buf_t0[2] = salt_bufs[salt_pos].salt_buf[2];
674 salt_buf_t0[3] = salt_bufs[salt_pos].salt_buf[3];
678 salt_buf_t1[0] = salt_buf_t0[0] << 8;
679 salt_buf_t1[1] = salt_buf_t0[0] >> 24 | salt_buf_t0[1] << 8;
680 salt_buf_t1[2] = salt_buf_t0[1] >> 24 | salt_buf_t0[2] << 8;
681 salt_buf_t1[3] = salt_buf_t0[2] >> 24 | salt_buf_t0[3] << 8;
682 salt_buf_t1[4] = salt_buf_t0[3] >> 24;
686 salt_buf_t2[0] = salt_buf_t0[0] << 16;
687 salt_buf_t2[1] = salt_buf_t0[0] >> 16 | salt_buf_t0[1] << 16;
688 salt_buf_t2[2] = salt_buf_t0[1] >> 16 | salt_buf_t0[2] << 16;
689 salt_buf_t2[3] = salt_buf_t0[2] >> 16 | salt_buf_t0[3] << 16;
690 salt_buf_t2[4] = salt_buf_t0[3] >> 16;
694 salt_buf_t3[0] = salt_buf_t0[0] << 24;
695 salt_buf_t3[1] = salt_buf_t0[0] >> 8 | salt_buf_t0[1] << 24;
696 salt_buf_t3[2] = salt_buf_t0[1] >> 8 | salt_buf_t0[2] << 24;
697 salt_buf_t3[3] = salt_buf_t0[2] >> 8 | salt_buf_t0[3] << 24;
698 salt_buf_t3[4] = salt_buf_t0[3] >> 8;
700 const u32 salt_len = 16;
706 const u32 version = oldoffice01_bufs[salt_pos].version;
708 u32 encryptedVerifier[4];
710 encryptedVerifier[0] = oldoffice01_bufs[salt_pos].encryptedVerifier[0];
711 encryptedVerifier[1] = oldoffice01_bufs[salt_pos].encryptedVerifier[1];
712 encryptedVerifier[2] = oldoffice01_bufs[salt_pos].encryptedVerifier[2];
713 encryptedVerifier[3] = oldoffice01_bufs[salt_pos].encryptedVerifier[3];
719 const u32 search[4] =
721 digests_buf[digests_offset].digest_buf[DGST_R0],
722 digests_buf[digests_offset].digest_buf[DGST_R1],
723 digests_buf[digests_offset].digest_buf[DGST_R2],
724 digests_buf[digests_offset].digest_buf[DGST_R3]
733 for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE)
735 const u32 w0r = ix_create_bft (bfs_buf, il_pos);
737 const u32 w0lr = w0l | w0r;
762 w3_t[2] = pw_len * 8;
766 u32 digest_t1[2]; // need only first 5 byte
770 digest_t0[0] = MD5M_A;
771 digest_t0[1] = MD5M_B;
772 digest_t0[2] = MD5M_C;
773 digest_t0[3] = MD5M_D;
775 md5_transform (w0_t, w1_t, w2_t, w3_t, digest_t0);
777 // prepare 16 * 21 buffer stuff
788 digest_t0[0] &= 0xffffffff;
789 digest_t0[1] &= 0x000000ff;
790 digest_t0[2] &= 0x00000000;
791 digest_t0[3] &= 0x00000000;
793 digest_t1[0] = digest_t0[0] << 8;
794 digest_t1[1] = digest_t0[0] >> 24 | digest_t0[1] << 8;
796 digest_t2[0] = digest_t0[0] << 16;
797 digest_t2[1] = digest_t0[0] >> 16 | digest_t0[1] << 16;
799 digest_t3[0] = digest_t0[0] << 24;
800 digest_t3[1] = digest_t0[0] >> 8 | digest_t0[1] << 24;
802 // generate the 16 * 21 buffer
805 w0_t[0] = digest_t0[0];
806 w0_t[1] = digest_t0[1];
809 w0_t[1] |= salt_buf_t1[0];
810 w0_t[2] = salt_buf_t1[1];
811 w0_t[3] = salt_buf_t1[2];
812 w1_t[0] = salt_buf_t1[3];
813 w1_t[1] = salt_buf_t1[4];
816 w1_t[1] |= digest_t1[0];
817 w1_t[2] = digest_t1[1];
820 w1_t[2] |= salt_buf_t2[0];
821 w1_t[3] = salt_buf_t2[1];
822 w2_t[0] = salt_buf_t2[2];
823 w2_t[1] = salt_buf_t2[3];
824 w2_t[2] = salt_buf_t2[4];
827 w2_t[2] |= digest_t2[0];
828 w2_t[3] = digest_t2[1];
831 w2_t[3] |= salt_buf_t3[0];
832 w3_t[0] = salt_buf_t3[1];
833 w3_t[1] = salt_buf_t3[2];
834 w3_t[2] = salt_buf_t3[3];
835 w3_t[3] = salt_buf_t3[4];
839 w3_t[3] |= digest_t3[0];
841 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
844 w0_t[0] = digest_t3[1];
847 w0_t[1] = salt_buf_t0[0];
848 w0_t[2] = salt_buf_t0[1];
849 w0_t[3] = salt_buf_t0[2];
850 w1_t[0] = salt_buf_t0[3];
853 w1_t[1] = digest_t0[0];
854 w1_t[2] = digest_t0[1];
857 w1_t[2] |= salt_buf_t1[0];
858 w1_t[3] = salt_buf_t1[1];
859 w2_t[0] = salt_buf_t1[2];
860 w2_t[1] = salt_buf_t1[3];
861 w2_t[2] = salt_buf_t1[4];
864 w2_t[2] |= digest_t1[0];
865 w2_t[3] = digest_t1[1];
868 w2_t[3] |= salt_buf_t2[0];
869 w3_t[0] = salt_buf_t2[1];
870 w3_t[1] = salt_buf_t2[2];
871 w3_t[2] = salt_buf_t2[3];
872 w3_t[3] = salt_buf_t2[4];
875 w3_t[3] |= digest_t2[0];
877 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
880 w0_t[0] = digest_t2[1];
883 w0_t[0] |= salt_buf_t3[0];
884 w0_t[1] = salt_buf_t3[1];
885 w0_t[2] = salt_buf_t3[2];
886 w0_t[3] = salt_buf_t3[3];
887 w1_t[0] = salt_buf_t3[4];
890 w1_t[0] |= digest_t3[0];
891 w1_t[1] = digest_t3[1];
894 w1_t[2] = salt_buf_t0[0];
895 w1_t[3] = salt_buf_t0[1];
896 w2_t[0] = salt_buf_t0[2];
897 w2_t[1] = salt_buf_t0[3];
900 w2_t[2] = digest_t0[0];
901 w2_t[3] = digest_t0[1];
904 w2_t[3] |= salt_buf_t1[0];
905 w3_t[0] = salt_buf_t1[1];
906 w3_t[1] = salt_buf_t1[2];
907 w3_t[2] = salt_buf_t1[3];
908 w3_t[3] = salt_buf_t1[4];
911 w3_t[3] |= digest_t1[0];
913 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
916 w0_t[0] = digest_t1[1];
919 w0_t[0] |= salt_buf_t2[0];
920 w0_t[1] = salt_buf_t2[1];
921 w0_t[2] = salt_buf_t2[2];
922 w0_t[3] = salt_buf_t2[3];
923 w1_t[0] = salt_buf_t2[4];
926 w1_t[0] |= digest_t2[0];
927 w1_t[1] = digest_t2[1];
930 w1_t[1] |= salt_buf_t3[0];
931 w1_t[2] = salt_buf_t3[1];
932 w1_t[3] = salt_buf_t3[2];
933 w2_t[0] = salt_buf_t3[3];
934 w2_t[1] = salt_buf_t3[4];
937 w2_t[1] |= digest_t3[0];
938 w2_t[2] = digest_t3[1];
941 w2_t[3] = salt_buf_t0[0];
942 w3_t[0] = salt_buf_t0[1];
943 w3_t[1] = salt_buf_t0[2];
944 w3_t[2] = salt_buf_t0[3];
947 w3_t[3] = digest_t0[0];
949 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
952 w0_t[0] = digest_t0[1];
955 w0_t[0] |= salt_buf_t1[0];
956 w0_t[1] = salt_buf_t1[1];
957 w0_t[2] = salt_buf_t1[2];
958 w0_t[3] = salt_buf_t1[3];
959 w1_t[0] = salt_buf_t1[4];
962 w1_t[0] |= digest_t1[0];
963 w1_t[1] = digest_t1[1];
966 w1_t[1] |= salt_buf_t2[0];
967 w1_t[2] = salt_buf_t2[1];
968 w1_t[3] = salt_buf_t2[2];
969 w2_t[0] = salt_buf_t2[3];
970 w2_t[1] = salt_buf_t2[4];
973 w2_t[1] |= digest_t2[0];
974 w2_t[2] = digest_t2[1];
977 w2_t[2] |= salt_buf_t3[0];
978 w2_t[3] = salt_buf_t3[1];
979 w3_t[0] = salt_buf_t3[2];
980 w3_t[1] = salt_buf_t3[3];
981 w3_t[2] = salt_buf_t3[4];
984 w3_t[2] |= digest_t3[0];
985 w3_t[3] = digest_t3[1];
987 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
989 w0_t[0] = salt_buf_t0[0];
990 w0_t[1] = salt_buf_t0[1];
991 w0_t[2] = salt_buf_t0[2];
992 w0_t[3] = salt_buf_t0[3];
1003 w3_t[2] = 21 * 16 * 8;
1006 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
1008 // now the 40 bit input for the MD5 which then will generate the RC4 key, so it's precomputable!
1010 w0_t[0] = digest[0];
1011 w0_t[1] = digest[1] & 0xff;
1032 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
1036 rc4_init_16 (rc4_key, digest);
1040 u8 j = rc4_next_16 (rc4_key, 0, 0, encryptedVerifier, out);
1064 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
1066 rc4_next_16 (rc4_key, 16, j, digest, out);
1068 COMPARE_S_SIMD (out[0], out[1], out[2], out[3]);
1072 __kernel void m09700_m04 (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global void *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global oldoffice01_t *oldoffice01_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
1078 const u32 gid = get_global_id (0);
1080 if (gid >= gid_max) return;
1084 w0[0] = pws[gid].i[ 0];
1085 w0[1] = pws[gid].i[ 1];
1086 w0[2] = pws[gid].i[ 2];
1087 w0[3] = pws[gid].i[ 3];
1110 const u32 pw_len = pws[gid].pw_len;
1116 __local RC4_KEY rc4_keys[64];
1118 m09700m (rc4_keys, w0, w1, w2, w3, pw_len, pws, rules_buf, combs_buf, bfs_buf, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, oldoffice01_bufs, d_return_buf, d_scryptV_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset);
1121 __kernel void m09700_m08 (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global void *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global oldoffice01_t *oldoffice01_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
1127 const u32 gid = get_global_id (0);
1129 if (gid >= gid_max) return;
1133 w0[0] = pws[gid].i[ 0];
1134 w0[1] = pws[gid].i[ 1];
1135 w0[2] = pws[gid].i[ 2];
1136 w0[3] = pws[gid].i[ 3];
1140 w1[0] = pws[gid].i[ 4];
1141 w1[1] = pws[gid].i[ 5];
1142 w1[2] = pws[gid].i[ 6];
1143 w1[3] = pws[gid].i[ 7];
1159 const u32 pw_len = pws[gid].pw_len;
1165 __local RC4_KEY rc4_keys[64];
1167 m09700m (rc4_keys, w0, w1, w2, w3, pw_len, pws, rules_buf, combs_buf, bfs_buf, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, oldoffice01_bufs, d_return_buf, d_scryptV_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset);
1170 __kernel void m09700_m16 (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global void *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global oldoffice01_t *oldoffice01_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
1176 const u32 gid = get_global_id (0);
1178 if (gid >= gid_max) return;
1182 w0[0] = pws[gid].i[ 0];
1183 w0[1] = pws[gid].i[ 1];
1184 w0[2] = pws[gid].i[ 2];
1185 w0[3] = pws[gid].i[ 3];
1189 w1[0] = pws[gid].i[ 4];
1190 w1[1] = pws[gid].i[ 5];
1191 w1[2] = pws[gid].i[ 6];
1192 w1[3] = pws[gid].i[ 7];
1196 w2[0] = pws[gid].i[ 8];
1197 w2[1] = pws[gid].i[ 9];
1198 w2[2] = pws[gid].i[10];
1199 w2[3] = pws[gid].i[11];
1203 w3[0] = pws[gid].i[12];
1204 w3[1] = pws[gid].i[13];
1208 const u32 pw_len = pws[gid].pw_len;
1214 __local RC4_KEY rc4_keys[64];
1216 m09700m (rc4_keys, w0, w1, w2, w3, pw_len, pws, rules_buf, combs_buf, bfs_buf, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, oldoffice01_bufs, d_return_buf, d_scryptV_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset);
1219 __kernel void m09700_s04 (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global void *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global oldoffice01_t *oldoffice01_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
1225 const u32 gid = get_global_id (0);
1227 if (gid >= gid_max) return;
1231 w0[0] = pws[gid].i[ 0];
1232 w0[1] = pws[gid].i[ 1];
1233 w0[2] = pws[gid].i[ 2];
1234 w0[3] = pws[gid].i[ 3];
1257 const u32 pw_len = pws[gid].pw_len;
1263 __local RC4_KEY rc4_keys[64];
1265 m09700s (rc4_keys, w0, w1, w2, w3, pw_len, pws, rules_buf, combs_buf, bfs_buf, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, oldoffice01_bufs, d_return_buf, d_scryptV_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset);
1268 __kernel void m09700_s08 (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global void *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global oldoffice01_t *oldoffice01_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
1274 const u32 gid = get_global_id (0);
1276 if (gid >= gid_max) return;
1280 w0[0] = pws[gid].i[ 0];
1281 w0[1] = pws[gid].i[ 1];
1282 w0[2] = pws[gid].i[ 2];
1283 w0[3] = pws[gid].i[ 3];
1287 w1[0] = pws[gid].i[ 4];
1288 w1[1] = pws[gid].i[ 5];
1289 w1[2] = pws[gid].i[ 6];
1290 w1[3] = pws[gid].i[ 7];
1306 const u32 pw_len = pws[gid].pw_len;
1312 __local RC4_KEY rc4_keys[64];
1314 m09700s (rc4_keys, w0, w1, w2, w3, pw_len, pws, rules_buf, combs_buf, bfs_buf, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, oldoffice01_bufs, d_return_buf, d_scryptV_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset);
1317 __kernel void m09700_s16 (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global void *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global oldoffice01_t *oldoffice01_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
1323 const u32 gid = get_global_id (0);
1325 if (gid >= gid_max) return;
1329 w0[0] = pws[gid].i[ 0];
1330 w0[1] = pws[gid].i[ 1];
1331 w0[2] = pws[gid].i[ 2];
1332 w0[3] = pws[gid].i[ 3];
1336 w1[0] = pws[gid].i[ 4];
1337 w1[1] = pws[gid].i[ 5];
1338 w1[2] = pws[gid].i[ 6];
1339 w1[3] = pws[gid].i[ 7];
1343 w2[0] = pws[gid].i[ 8];
1344 w2[1] = pws[gid].i[ 9];
1345 w2[2] = pws[gid].i[10];
1346 w2[3] = pws[gid].i[11];
1350 w3[0] = pws[gid].i[12];
1351 w3[1] = pws[gid].i[13];
1355 const u32 pw_len = pws[gid].pw_len;
1361 __local RC4_KEY rc4_keys[64];
1363 m09700s (rc4_keys, w0, w1, w2, w3, pw_len, pws, rules_buf, combs_buf, bfs_buf, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, oldoffice01_bufs, d_return_buf, d_scryptV_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset);