2 * Authors.....: Jens Steube <jens.steube@gmail.com>
3 * Gabriele Gristina <matrix@hashcat.net>
10 #include "include/constants.h"
11 #include "include/kernel_vendor.h"
18 #include "include/kernel_functions.c"
19 #include "OpenCL/types_ocl.c"
20 #include "OpenCL/common.c"
21 #include "OpenCL/simd.c"
31 static void swap (__local RC4_KEY *rc4_key, const u8 i, const u8 j)
36 rc4_key->S[i] = rc4_key->S[j];
40 static void rc4_init_16 (__local RC4_KEY *rc4_key, const u32 data[4])
45 __local u32 *ptr = (__local u32 *) rc4_key->S;
48 for (u32 i = 0; i < 64; i++)
55 for (u32 i = 0; i < 16; i++)
63 j += rc4_key->S[idx] + (v >> 0); swap (rc4_key, idx, j); idx++;
64 j += rc4_key->S[idx] + (v >> 8); swap (rc4_key, idx, j); idx++;
65 j += rc4_key->S[idx] + (v >> 16); swap (rc4_key, idx, j); idx++;
66 j += rc4_key->S[idx] + (v >> 24); swap (rc4_key, idx, j); idx++;
70 j += rc4_key->S[idx] + (v >> 0); swap (rc4_key, idx, j); idx++;
71 j += rc4_key->S[idx] + (v >> 8); swap (rc4_key, idx, j); idx++;
72 j += rc4_key->S[idx] + (v >> 16); swap (rc4_key, idx, j); idx++;
73 j += rc4_key->S[idx] + (v >> 24); swap (rc4_key, idx, j); idx++;
77 j += rc4_key->S[idx] + (v >> 0); swap (rc4_key, idx, j); idx++;
78 j += rc4_key->S[idx] + (v >> 8); swap (rc4_key, idx, j); idx++;
79 j += rc4_key->S[idx] + (v >> 16); swap (rc4_key, idx, j); idx++;
80 j += rc4_key->S[idx] + (v >> 24); swap (rc4_key, idx, j); idx++;
84 j += rc4_key->S[idx] + (v >> 0); swap (rc4_key, idx, j); idx++;
85 j += rc4_key->S[idx] + (v >> 8); swap (rc4_key, idx, j); idx++;
86 j += rc4_key->S[idx] + (v >> 16); swap (rc4_key, idx, j); idx++;
87 j += rc4_key->S[idx] + (v >> 24); swap (rc4_key, idx, j); idx++;
91 static u8 rc4_next_16 (__local RC4_KEY *rc4_key, u8 i, u8 j, const u32 in[4], u32 out[4])
94 for (u32 k = 0; k < 4; k++)
103 swap (rc4_key, i, j);
105 idx = rc4_key->S[i] + rc4_key->S[j];
107 xor4 |= rc4_key->S[idx] << 0;
112 swap (rc4_key, i, j);
114 idx = rc4_key->S[i] + rc4_key->S[j];
116 xor4 |= rc4_key->S[idx] << 8;
121 swap (rc4_key, i, j);
123 idx = rc4_key->S[i] + rc4_key->S[j];
125 xor4 |= rc4_key->S[idx] << 16;
130 swap (rc4_key, i, j);
132 idx = rc4_key->S[i] + rc4_key->S[j];
134 xor4 |= rc4_key->S[idx] << 24;
136 out[k] = in[k] ^ xor4;
142 static void md5_transform (const u32 w0[4], const u32 w1[4], const u32 w2[4], const u32 w3[4], u32 digest[4])
166 MD5_STEP (MD5_Fo, a, b, c, d, w0_t, MD5C00, MD5S00);
167 MD5_STEP (MD5_Fo, d, a, b, c, w1_t, MD5C01, MD5S01);
168 MD5_STEP (MD5_Fo, c, d, a, b, w2_t, MD5C02, MD5S02);
169 MD5_STEP (MD5_Fo, b, c, d, a, w3_t, MD5C03, MD5S03);
170 MD5_STEP (MD5_Fo, a, b, c, d, w4_t, MD5C04, MD5S00);
171 MD5_STEP (MD5_Fo, d, a, b, c, w5_t, MD5C05, MD5S01);
172 MD5_STEP (MD5_Fo, c, d, a, b, w6_t, MD5C06, MD5S02);
173 MD5_STEP (MD5_Fo, b, c, d, a, w7_t, MD5C07, MD5S03);
174 MD5_STEP (MD5_Fo, a, b, c, d, w8_t, MD5C08, MD5S00);
175 MD5_STEP (MD5_Fo, d, a, b, c, w9_t, MD5C09, MD5S01);
176 MD5_STEP (MD5_Fo, c, d, a, b, wa_t, MD5C0a, MD5S02);
177 MD5_STEP (MD5_Fo, b, c, d, a, wb_t, MD5C0b, MD5S03);
178 MD5_STEP (MD5_Fo, a, b, c, d, wc_t, MD5C0c, MD5S00);
179 MD5_STEP (MD5_Fo, d, a, b, c, wd_t, MD5C0d, MD5S01);
180 MD5_STEP (MD5_Fo, c, d, a, b, we_t, MD5C0e, MD5S02);
181 MD5_STEP (MD5_Fo, b, c, d, a, wf_t, MD5C0f, MD5S03);
183 MD5_STEP (MD5_Go, a, b, c, d, w1_t, MD5C10, MD5S10);
184 MD5_STEP (MD5_Go, d, a, b, c, w6_t, MD5C11, MD5S11);
185 MD5_STEP (MD5_Go, c, d, a, b, wb_t, MD5C12, MD5S12);
186 MD5_STEP (MD5_Go, b, c, d, a, w0_t, MD5C13, MD5S13);
187 MD5_STEP (MD5_Go, a, b, c, d, w5_t, MD5C14, MD5S10);
188 MD5_STEP (MD5_Go, d, a, b, c, wa_t, MD5C15, MD5S11);
189 MD5_STEP (MD5_Go, c, d, a, b, wf_t, MD5C16, MD5S12);
190 MD5_STEP (MD5_Go, b, c, d, a, w4_t, MD5C17, MD5S13);
191 MD5_STEP (MD5_Go, a, b, c, d, w9_t, MD5C18, MD5S10);
192 MD5_STEP (MD5_Go, d, a, b, c, we_t, MD5C19, MD5S11);
193 MD5_STEP (MD5_Go, c, d, a, b, w3_t, MD5C1a, MD5S12);
194 MD5_STEP (MD5_Go, b, c, d, a, w8_t, MD5C1b, MD5S13);
195 MD5_STEP (MD5_Go, a, b, c, d, wd_t, MD5C1c, MD5S10);
196 MD5_STEP (MD5_Go, d, a, b, c, w2_t, MD5C1d, MD5S11);
197 MD5_STEP (MD5_Go, c, d, a, b, w7_t, MD5C1e, MD5S12);
198 MD5_STEP (MD5_Go, b, c, d, a, wc_t, MD5C1f, MD5S13);
200 MD5_STEP (MD5_H , a, b, c, d, w5_t, MD5C20, MD5S20);
201 MD5_STEP (MD5_H , d, a, b, c, w8_t, MD5C21, MD5S21);
202 MD5_STEP (MD5_H , c, d, a, b, wb_t, MD5C22, MD5S22);
203 MD5_STEP (MD5_H , b, c, d, a, we_t, MD5C23, MD5S23);
204 MD5_STEP (MD5_H , a, b, c, d, w1_t, MD5C24, MD5S20);
205 MD5_STEP (MD5_H , d, a, b, c, w4_t, MD5C25, MD5S21);
206 MD5_STEP (MD5_H , c, d, a, b, w7_t, MD5C26, MD5S22);
207 MD5_STEP (MD5_H , b, c, d, a, wa_t, MD5C27, MD5S23);
208 MD5_STEP (MD5_H , a, b, c, d, wd_t, MD5C28, MD5S20);
209 MD5_STEP (MD5_H , d, a, b, c, w0_t, MD5C29, MD5S21);
210 MD5_STEP (MD5_H , c, d, a, b, w3_t, MD5C2a, MD5S22);
211 MD5_STEP (MD5_H , b, c, d, a, w6_t, MD5C2b, MD5S23);
212 MD5_STEP (MD5_H , a, b, c, d, w9_t, MD5C2c, MD5S20);
213 MD5_STEP (MD5_H , d, a, b, c, wc_t, MD5C2d, MD5S21);
214 MD5_STEP (MD5_H , c, d, a, b, wf_t, MD5C2e, MD5S22);
215 MD5_STEP (MD5_H , b, c, d, a, w2_t, MD5C2f, MD5S23);
217 MD5_STEP (MD5_I , a, b, c, d, w0_t, MD5C30, MD5S30);
218 MD5_STEP (MD5_I , d, a, b, c, w7_t, MD5C31, MD5S31);
219 MD5_STEP (MD5_I , c, d, a, b, we_t, MD5C32, MD5S32);
220 MD5_STEP (MD5_I , b, c, d, a, w5_t, MD5C33, MD5S33);
221 MD5_STEP (MD5_I , a, b, c, d, wc_t, MD5C34, MD5S30);
222 MD5_STEP (MD5_I , d, a, b, c, w3_t, MD5C35, MD5S31);
223 MD5_STEP (MD5_I , c, d, a, b, wa_t, MD5C36, MD5S32);
224 MD5_STEP (MD5_I , b, c, d, a, w1_t, MD5C37, MD5S33);
225 MD5_STEP (MD5_I , a, b, c, d, w8_t, MD5C38, MD5S30);
226 MD5_STEP (MD5_I , d, a, b, c, wf_t, MD5C39, MD5S31);
227 MD5_STEP (MD5_I , c, d, a, b, w6_t, MD5C3a, MD5S32);
228 MD5_STEP (MD5_I , b, c, d, a, wd_t, MD5C3b, MD5S33);
229 MD5_STEP (MD5_I , a, b, c, d, w4_t, MD5C3c, MD5S30);
230 MD5_STEP (MD5_I , d, a, b, c, wb_t, MD5C3d, MD5S31);
231 MD5_STEP (MD5_I , c, d, a, b, w2_t, MD5C3e, MD5S32);
232 MD5_STEP (MD5_I , b, c, d, a, w9_t, MD5C3f, MD5S33);
240 static void m09700m (__local RC4_KEY *rc4_keys, u32 w0[4], u32 w1[4], u32 w2[4], u32 w3[4], const u32 pw_len, __global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global void *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global oldoffice01_t *oldoffice01_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset)
246 const u32 gid = get_global_id (0);
247 const u32 lid = get_local_id (0);
253 __local RC4_KEY *rc4_key = &rc4_keys[lid];
261 salt_buf_t0[0] = salt_bufs[salt_pos].salt_buf[0];
262 salt_buf_t0[1] = salt_bufs[salt_pos].salt_buf[1];
263 salt_buf_t0[2] = salt_bufs[salt_pos].salt_buf[2];
264 salt_buf_t0[3] = salt_bufs[salt_pos].salt_buf[3];
268 salt_buf_t1[0] = salt_buf_t0[0] << 8;
269 salt_buf_t1[1] = salt_buf_t0[0] >> 24 | salt_buf_t0[1] << 8;
270 salt_buf_t1[2] = salt_buf_t0[1] >> 24 | salt_buf_t0[2] << 8;
271 salt_buf_t1[3] = salt_buf_t0[2] >> 24 | salt_buf_t0[3] << 8;
272 salt_buf_t1[4] = salt_buf_t0[3] >> 24;
276 salt_buf_t2[0] = salt_buf_t0[0] << 16;
277 salt_buf_t2[1] = salt_buf_t0[0] >> 16 | salt_buf_t0[1] << 16;
278 salt_buf_t2[2] = salt_buf_t0[1] >> 16 | salt_buf_t0[2] << 16;
279 salt_buf_t2[3] = salt_buf_t0[2] >> 16 | salt_buf_t0[3] << 16;
280 salt_buf_t2[4] = salt_buf_t0[3] >> 16;
284 salt_buf_t3[0] = salt_buf_t0[0] << 24;
285 salt_buf_t3[1] = salt_buf_t0[0] >> 8 | salt_buf_t0[1] << 24;
286 salt_buf_t3[2] = salt_buf_t0[1] >> 8 | salt_buf_t0[2] << 24;
287 salt_buf_t3[3] = salt_buf_t0[2] >> 8 | salt_buf_t0[3] << 24;
288 salt_buf_t3[4] = salt_buf_t0[3] >> 8;
290 const u32 salt_len = 16;
296 const u32 version = oldoffice01_bufs[salt_pos].version;
298 u32 encryptedVerifier[4];
300 encryptedVerifier[0] = oldoffice01_bufs[salt_pos].encryptedVerifier[0];
301 encryptedVerifier[1] = oldoffice01_bufs[salt_pos].encryptedVerifier[1];
302 encryptedVerifier[2] = oldoffice01_bufs[salt_pos].encryptedVerifier[2];
303 encryptedVerifier[3] = oldoffice01_bufs[salt_pos].encryptedVerifier[3];
311 for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE)
313 const u32 w0r = ix_create_bft (bfs_buf, il_pos);
315 const u32 w0lr = w0l | w0r;
340 w3_t[2] = pw_len * 8;
344 u32 digest_t1[2]; // need only first 5 byte
348 digest_t0[0] = MD5M_A;
349 digest_t0[1] = MD5M_B;
350 digest_t0[2] = MD5M_C;
351 digest_t0[3] = MD5M_D;
353 md5_transform (w0_t, w1_t, w2_t, w3_t, digest_t0);
355 // prepare 16 * 21 buffer stuff
366 digest_t0[0] &= 0xffffffff;
367 digest_t0[1] &= 0x000000ff;
368 digest_t0[2] &= 0x00000000;
369 digest_t0[3] &= 0x00000000;
371 digest_t1[0] = digest_t0[0] << 8;
372 digest_t1[1] = digest_t0[0] >> 24 | digest_t0[1] << 8;
374 digest_t2[0] = digest_t0[0] << 16;
375 digest_t2[1] = digest_t0[0] >> 16 | digest_t0[1] << 16;
377 digest_t3[0] = digest_t0[0] << 24;
378 digest_t3[1] = digest_t0[0] >> 8 | digest_t0[1] << 24;
380 // generate the 16 * 21 buffer
383 w0_t[0] = digest_t0[0];
384 w0_t[1] = digest_t0[1];
387 w0_t[1] |= salt_buf_t1[0];
388 w0_t[2] = salt_buf_t1[1];
389 w0_t[3] = salt_buf_t1[2];
390 w1_t[0] = salt_buf_t1[3];
391 w1_t[1] = salt_buf_t1[4];
394 w1_t[1] |= digest_t1[0];
395 w1_t[2] = digest_t1[1];
398 w1_t[2] |= salt_buf_t2[0];
399 w1_t[3] = salt_buf_t2[1];
400 w2_t[0] = salt_buf_t2[2];
401 w2_t[1] = salt_buf_t2[3];
402 w2_t[2] = salt_buf_t2[4];
405 w2_t[2] |= digest_t2[0];
406 w2_t[3] = digest_t2[1];
409 w2_t[3] |= salt_buf_t3[0];
410 w3_t[0] = salt_buf_t3[1];
411 w3_t[1] = salt_buf_t3[2];
412 w3_t[2] = salt_buf_t3[3];
413 w3_t[3] = salt_buf_t3[4];
417 w3_t[3] |= digest_t3[0];
419 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
422 w0_t[0] = digest_t3[1];
425 w0_t[1] = salt_buf_t0[0];
426 w0_t[2] = salt_buf_t0[1];
427 w0_t[3] = salt_buf_t0[2];
428 w1_t[0] = salt_buf_t0[3];
431 w1_t[1] = digest_t0[0];
432 w1_t[2] = digest_t0[1];
435 w1_t[2] |= salt_buf_t1[0];
436 w1_t[3] = salt_buf_t1[1];
437 w2_t[0] = salt_buf_t1[2];
438 w2_t[1] = salt_buf_t1[3];
439 w2_t[2] = salt_buf_t1[4];
442 w2_t[2] |= digest_t1[0];
443 w2_t[3] = digest_t1[1];
446 w2_t[3] |= salt_buf_t2[0];
447 w3_t[0] = salt_buf_t2[1];
448 w3_t[1] = salt_buf_t2[2];
449 w3_t[2] = salt_buf_t2[3];
450 w3_t[3] = salt_buf_t2[4];
453 w3_t[3] |= digest_t2[0];
455 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
458 w0_t[0] = digest_t2[1];
461 w0_t[0] |= salt_buf_t3[0];
462 w0_t[1] = salt_buf_t3[1];
463 w0_t[2] = salt_buf_t3[2];
464 w0_t[3] = salt_buf_t3[3];
465 w1_t[0] = salt_buf_t3[4];
468 w1_t[0] |= digest_t3[0];
469 w1_t[1] = digest_t3[1];
472 w1_t[2] = salt_buf_t0[0];
473 w1_t[3] = salt_buf_t0[1];
474 w2_t[0] = salt_buf_t0[2];
475 w2_t[1] = salt_buf_t0[3];
478 w2_t[2] = digest_t0[0];
479 w2_t[3] = digest_t0[1];
482 w2_t[3] |= salt_buf_t1[0];
483 w3_t[0] = salt_buf_t1[1];
484 w3_t[1] = salt_buf_t1[2];
485 w3_t[2] = salt_buf_t1[3];
486 w3_t[3] = salt_buf_t1[4];
489 w3_t[3] |= digest_t1[0];
491 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
494 w0_t[0] = digest_t1[1];
497 w0_t[0] |= salt_buf_t2[0];
498 w0_t[1] = salt_buf_t2[1];
499 w0_t[2] = salt_buf_t2[2];
500 w0_t[3] = salt_buf_t2[3];
501 w1_t[0] = salt_buf_t2[4];
504 w1_t[0] |= digest_t2[0];
505 w1_t[1] = digest_t2[1];
508 w1_t[1] |= salt_buf_t3[0];
509 w1_t[2] = salt_buf_t3[1];
510 w1_t[3] = salt_buf_t3[2];
511 w2_t[0] = salt_buf_t3[3];
512 w2_t[1] = salt_buf_t3[4];
515 w2_t[1] |= digest_t3[0];
516 w2_t[2] = digest_t3[1];
519 w2_t[3] = salt_buf_t0[0];
520 w3_t[0] = salt_buf_t0[1];
521 w3_t[1] = salt_buf_t0[2];
522 w3_t[2] = salt_buf_t0[3];
525 w3_t[3] = digest_t0[0];
527 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
530 w0_t[0] = digest_t0[1];
533 w0_t[0] |= salt_buf_t1[0];
534 w0_t[1] = salt_buf_t1[1];
535 w0_t[2] = salt_buf_t1[2];
536 w0_t[3] = salt_buf_t1[3];
537 w1_t[0] = salt_buf_t1[4];
540 w1_t[0] |= digest_t1[0];
541 w1_t[1] = digest_t1[1];
544 w1_t[1] |= salt_buf_t2[0];
545 w1_t[2] = salt_buf_t2[1];
546 w1_t[3] = salt_buf_t2[2];
547 w2_t[0] = salt_buf_t2[3];
548 w2_t[1] = salt_buf_t2[4];
551 w2_t[1] |= digest_t2[0];
552 w2_t[2] = digest_t2[1];
555 w2_t[2] |= salt_buf_t3[0];
556 w2_t[3] = salt_buf_t3[1];
557 w3_t[0] = salt_buf_t3[2];
558 w3_t[1] = salt_buf_t3[3];
559 w3_t[2] = salt_buf_t3[4];
562 w3_t[2] |= digest_t3[0];
563 w3_t[3] = digest_t3[1];
565 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
567 w0_t[0] = salt_buf_t0[0];
568 w0_t[1] = salt_buf_t0[1];
569 w0_t[2] = salt_buf_t0[2];
570 w0_t[3] = salt_buf_t0[3];
581 w3_t[2] = 21 * 16 * 8;
584 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
586 // now the 40 bit input for the MD5 which then will generate the RC4 key, so it's precomputable!
589 w0_t[1] = digest[1] & 0xff;
610 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
621 rc4_init_16 (rc4_key, key);
625 u8 j = rc4_next_16 (rc4_key, 0, 0, encryptedVerifier, out);
649 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
651 rc4_next_16 (rc4_key, 16, j, digest, out);
653 COMPARE_M_SIMD (out[0], out[1], out[2], out[3]);
657 static void m09700s (__local RC4_KEY *rc4_keys, u32 w0[4], u32 w1[4], u32 w2[4], u32 w3[4], const u32 pw_len, __global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global void *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global oldoffice01_t *oldoffice01_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset)
663 const u32 gid = get_global_id (0);
664 const u32 lid = get_local_id (0);
670 __local RC4_KEY *rc4_key = &rc4_keys[lid];
678 salt_buf_t0[0] = salt_bufs[salt_pos].salt_buf[0];
679 salt_buf_t0[1] = salt_bufs[salt_pos].salt_buf[1];
680 salt_buf_t0[2] = salt_bufs[salt_pos].salt_buf[2];
681 salt_buf_t0[3] = salt_bufs[salt_pos].salt_buf[3];
685 salt_buf_t1[0] = salt_buf_t0[0] << 8;
686 salt_buf_t1[1] = salt_buf_t0[0] >> 24 | salt_buf_t0[1] << 8;
687 salt_buf_t1[2] = salt_buf_t0[1] >> 24 | salt_buf_t0[2] << 8;
688 salt_buf_t1[3] = salt_buf_t0[2] >> 24 | salt_buf_t0[3] << 8;
689 salt_buf_t1[4] = salt_buf_t0[3] >> 24;
693 salt_buf_t2[0] = salt_buf_t0[0] << 16;
694 salt_buf_t2[1] = salt_buf_t0[0] >> 16 | salt_buf_t0[1] << 16;
695 salt_buf_t2[2] = salt_buf_t0[1] >> 16 | salt_buf_t0[2] << 16;
696 salt_buf_t2[3] = salt_buf_t0[2] >> 16 | salt_buf_t0[3] << 16;
697 salt_buf_t2[4] = salt_buf_t0[3] >> 16;
701 salt_buf_t3[0] = salt_buf_t0[0] << 24;
702 salt_buf_t3[1] = salt_buf_t0[0] >> 8 | salt_buf_t0[1] << 24;
703 salt_buf_t3[2] = salt_buf_t0[1] >> 8 | salt_buf_t0[2] << 24;
704 salt_buf_t3[3] = salt_buf_t0[2] >> 8 | salt_buf_t0[3] << 24;
705 salt_buf_t3[4] = salt_buf_t0[3] >> 8;
707 const u32 salt_len = 16;
713 const u32 version = oldoffice01_bufs[salt_pos].version;
715 u32 encryptedVerifier[4];
717 encryptedVerifier[0] = oldoffice01_bufs[salt_pos].encryptedVerifier[0];
718 encryptedVerifier[1] = oldoffice01_bufs[salt_pos].encryptedVerifier[1];
719 encryptedVerifier[2] = oldoffice01_bufs[salt_pos].encryptedVerifier[2];
720 encryptedVerifier[3] = oldoffice01_bufs[salt_pos].encryptedVerifier[3];
726 const u32 search[4] =
728 digests_buf[digests_offset].digest_buf[DGST_R0],
729 digests_buf[digests_offset].digest_buf[DGST_R1],
730 digests_buf[digests_offset].digest_buf[DGST_R2],
731 digests_buf[digests_offset].digest_buf[DGST_R3]
740 for (u32 il_pos = 0; il_pos < il_cnt; il_pos += VECT_SIZE)
742 const u32 w0r = ix_create_bft (bfs_buf, il_pos);
744 const u32 w0lr = w0l | w0r;
769 w3_t[2] = pw_len * 8;
773 u32 digest_t1[2]; // need only first 5 byte
777 digest_t0[0] = MD5M_A;
778 digest_t0[1] = MD5M_B;
779 digest_t0[2] = MD5M_C;
780 digest_t0[3] = MD5M_D;
782 md5_transform (w0_t, w1_t, w2_t, w3_t, digest_t0);
784 // prepare 16 * 21 buffer stuff
795 digest_t0[0] &= 0xffffffff;
796 digest_t0[1] &= 0x000000ff;
797 digest_t0[2] &= 0x00000000;
798 digest_t0[3] &= 0x00000000;
800 digest_t1[0] = digest_t0[0] << 8;
801 digest_t1[1] = digest_t0[0] >> 24 | digest_t0[1] << 8;
803 digest_t2[0] = digest_t0[0] << 16;
804 digest_t2[1] = digest_t0[0] >> 16 | digest_t0[1] << 16;
806 digest_t3[0] = digest_t0[0] << 24;
807 digest_t3[1] = digest_t0[0] >> 8 | digest_t0[1] << 24;
809 // generate the 16 * 21 buffer
812 w0_t[0] = digest_t0[0];
813 w0_t[1] = digest_t0[1];
816 w0_t[1] |= salt_buf_t1[0];
817 w0_t[2] = salt_buf_t1[1];
818 w0_t[3] = salt_buf_t1[2];
819 w1_t[0] = salt_buf_t1[3];
820 w1_t[1] = salt_buf_t1[4];
823 w1_t[1] |= digest_t1[0];
824 w1_t[2] = digest_t1[1];
827 w1_t[2] |= salt_buf_t2[0];
828 w1_t[3] = salt_buf_t2[1];
829 w2_t[0] = salt_buf_t2[2];
830 w2_t[1] = salt_buf_t2[3];
831 w2_t[2] = salt_buf_t2[4];
834 w2_t[2] |= digest_t2[0];
835 w2_t[3] = digest_t2[1];
838 w2_t[3] |= salt_buf_t3[0];
839 w3_t[0] = salt_buf_t3[1];
840 w3_t[1] = salt_buf_t3[2];
841 w3_t[2] = salt_buf_t3[3];
842 w3_t[3] = salt_buf_t3[4];
846 w3_t[3] |= digest_t3[0];
848 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
851 w0_t[0] = digest_t3[1];
854 w0_t[1] = salt_buf_t0[0];
855 w0_t[2] = salt_buf_t0[1];
856 w0_t[3] = salt_buf_t0[2];
857 w1_t[0] = salt_buf_t0[3];
860 w1_t[1] = digest_t0[0];
861 w1_t[2] = digest_t0[1];
864 w1_t[2] |= salt_buf_t1[0];
865 w1_t[3] = salt_buf_t1[1];
866 w2_t[0] = salt_buf_t1[2];
867 w2_t[1] = salt_buf_t1[3];
868 w2_t[2] = salt_buf_t1[4];
871 w2_t[2] |= digest_t1[0];
872 w2_t[3] = digest_t1[1];
875 w2_t[3] |= salt_buf_t2[0];
876 w3_t[0] = salt_buf_t2[1];
877 w3_t[1] = salt_buf_t2[2];
878 w3_t[2] = salt_buf_t2[3];
879 w3_t[3] = salt_buf_t2[4];
882 w3_t[3] |= digest_t2[0];
884 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
887 w0_t[0] = digest_t2[1];
890 w0_t[0] |= salt_buf_t3[0];
891 w0_t[1] = salt_buf_t3[1];
892 w0_t[2] = salt_buf_t3[2];
893 w0_t[3] = salt_buf_t3[3];
894 w1_t[0] = salt_buf_t3[4];
897 w1_t[0] |= digest_t3[0];
898 w1_t[1] = digest_t3[1];
901 w1_t[2] = salt_buf_t0[0];
902 w1_t[3] = salt_buf_t0[1];
903 w2_t[0] = salt_buf_t0[2];
904 w2_t[1] = salt_buf_t0[3];
907 w2_t[2] = digest_t0[0];
908 w2_t[3] = digest_t0[1];
911 w2_t[3] |= salt_buf_t1[0];
912 w3_t[0] = salt_buf_t1[1];
913 w3_t[1] = salt_buf_t1[2];
914 w3_t[2] = salt_buf_t1[3];
915 w3_t[3] = salt_buf_t1[4];
918 w3_t[3] |= digest_t1[0];
920 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
923 w0_t[0] = digest_t1[1];
926 w0_t[0] |= salt_buf_t2[0];
927 w0_t[1] = salt_buf_t2[1];
928 w0_t[2] = salt_buf_t2[2];
929 w0_t[3] = salt_buf_t2[3];
930 w1_t[0] = salt_buf_t2[4];
933 w1_t[0] |= digest_t2[0];
934 w1_t[1] = digest_t2[1];
937 w1_t[1] |= salt_buf_t3[0];
938 w1_t[2] = salt_buf_t3[1];
939 w1_t[3] = salt_buf_t3[2];
940 w2_t[0] = salt_buf_t3[3];
941 w2_t[1] = salt_buf_t3[4];
944 w2_t[1] |= digest_t3[0];
945 w2_t[2] = digest_t3[1];
948 w2_t[3] = salt_buf_t0[0];
949 w3_t[0] = salt_buf_t0[1];
950 w3_t[1] = salt_buf_t0[2];
951 w3_t[2] = salt_buf_t0[3];
954 w3_t[3] = digest_t0[0];
956 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
959 w0_t[0] = digest_t0[1];
962 w0_t[0] |= salt_buf_t1[0];
963 w0_t[1] = salt_buf_t1[1];
964 w0_t[2] = salt_buf_t1[2];
965 w0_t[3] = salt_buf_t1[3];
966 w1_t[0] = salt_buf_t1[4];
969 w1_t[0] |= digest_t1[0];
970 w1_t[1] = digest_t1[1];
973 w1_t[1] |= salt_buf_t2[0];
974 w1_t[2] = salt_buf_t2[1];
975 w1_t[3] = salt_buf_t2[2];
976 w2_t[0] = salt_buf_t2[3];
977 w2_t[1] = salt_buf_t2[4];
980 w2_t[1] |= digest_t2[0];
981 w2_t[2] = digest_t2[1];
984 w2_t[2] |= salt_buf_t3[0];
985 w2_t[3] = salt_buf_t3[1];
986 w3_t[0] = salt_buf_t3[2];
987 w3_t[1] = salt_buf_t3[3];
988 w3_t[2] = salt_buf_t3[4];
991 w3_t[2] |= digest_t3[0];
992 w3_t[3] = digest_t3[1];
994 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
996 w0_t[0] = salt_buf_t0[0];
997 w0_t[1] = salt_buf_t0[1];
998 w0_t[2] = salt_buf_t0[2];
999 w0_t[3] = salt_buf_t0[3];
1010 w3_t[2] = 21 * 16 * 8;
1013 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
1015 // now the 40 bit input for the MD5 which then will generate the RC4 key, so it's precomputable!
1017 w0_t[0] = digest[0];
1018 w0_t[1] = digest[1] & 0xff;
1039 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
1050 rc4_init_16 (rc4_key, key);
1054 u8 j = rc4_next_16 (rc4_key, 0, 0, encryptedVerifier, out);
1078 md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
1080 rc4_next_16 (rc4_key, 16, j, digest, out);
1082 COMPARE_S_SIMD (out[0], out[1], out[2], out[3]);
1086 __kernel void m09700_m04 (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global void *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global oldoffice01_t *oldoffice01_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
1092 const u32 gid = get_global_id (0);
1094 if (gid >= gid_max) return;
1098 w0[0] = pws[gid].i[ 0];
1099 w0[1] = pws[gid].i[ 1];
1100 w0[2] = pws[gid].i[ 2];
1101 w0[3] = pws[gid].i[ 3];
1124 const u32 pw_len = pws[gid].pw_len;
1130 __local RC4_KEY rc4_keys[64];
1132 m09700m (rc4_keys, w0, w1, w2, w3, pw_len, pws, rules_buf, combs_buf, bfs_buf, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, oldoffice01_bufs, d_return_buf, d_scryptV_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset);
1135 __kernel void m09700_m08 (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global void *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global oldoffice01_t *oldoffice01_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
1141 const u32 gid = get_global_id (0);
1143 if (gid >= gid_max) return;
1147 w0[0] = pws[gid].i[ 0];
1148 w0[1] = pws[gid].i[ 1];
1149 w0[2] = pws[gid].i[ 2];
1150 w0[3] = pws[gid].i[ 3];
1154 w1[0] = pws[gid].i[ 4];
1155 w1[1] = pws[gid].i[ 5];
1156 w1[2] = pws[gid].i[ 6];
1157 w1[3] = pws[gid].i[ 7];
1173 const u32 pw_len = pws[gid].pw_len;
1179 __local RC4_KEY rc4_keys[64];
1181 m09700m (rc4_keys, w0, w1, w2, w3, pw_len, pws, rules_buf, combs_buf, bfs_buf, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, oldoffice01_bufs, d_return_buf, d_scryptV_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset);
1184 __kernel void m09700_m16 (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global void *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global oldoffice01_t *oldoffice01_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
1190 const u32 gid = get_global_id (0);
1192 if (gid >= gid_max) return;
1196 w0[0] = pws[gid].i[ 0];
1197 w0[1] = pws[gid].i[ 1];
1198 w0[2] = pws[gid].i[ 2];
1199 w0[3] = pws[gid].i[ 3];
1203 w1[0] = pws[gid].i[ 4];
1204 w1[1] = pws[gid].i[ 5];
1205 w1[2] = pws[gid].i[ 6];
1206 w1[3] = pws[gid].i[ 7];
1210 w2[0] = pws[gid].i[ 8];
1211 w2[1] = pws[gid].i[ 9];
1212 w2[2] = pws[gid].i[10];
1213 w2[3] = pws[gid].i[11];
1217 w3[0] = pws[gid].i[12];
1218 w3[1] = pws[gid].i[13];
1222 const u32 pw_len = pws[gid].pw_len;
1228 __local RC4_KEY rc4_keys[64];
1230 m09700m (rc4_keys, w0, w1, w2, w3, pw_len, pws, rules_buf, combs_buf, bfs_buf, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, oldoffice01_bufs, d_return_buf, d_scryptV_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset);
1233 __kernel void m09700_s04 (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global void *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global oldoffice01_t *oldoffice01_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
1239 const u32 gid = get_global_id (0);
1241 if (gid >= gid_max) return;
1245 w0[0] = pws[gid].i[ 0];
1246 w0[1] = pws[gid].i[ 1];
1247 w0[2] = pws[gid].i[ 2];
1248 w0[3] = pws[gid].i[ 3];
1271 const u32 pw_len = pws[gid].pw_len;
1277 __local RC4_KEY rc4_keys[64];
1279 m09700s (rc4_keys, w0, w1, w2, w3, pw_len, pws, rules_buf, combs_buf, bfs_buf, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, oldoffice01_bufs, d_return_buf, d_scryptV_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset);
1282 __kernel void m09700_s08 (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global void *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global oldoffice01_t *oldoffice01_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
1288 const u32 gid = get_global_id (0);
1290 if (gid >= gid_max) return;
1294 w0[0] = pws[gid].i[ 0];
1295 w0[1] = pws[gid].i[ 1];
1296 w0[2] = pws[gid].i[ 2];
1297 w0[3] = pws[gid].i[ 3];
1301 w1[0] = pws[gid].i[ 4];
1302 w1[1] = pws[gid].i[ 5];
1303 w1[2] = pws[gid].i[ 6];
1304 w1[3] = pws[gid].i[ 7];
1320 const u32 pw_len = pws[gid].pw_len;
1326 __local RC4_KEY rc4_keys[64];
1328 m09700s (rc4_keys, w0, w1, w2, w3, pw_len, pws, rules_buf, combs_buf, bfs_buf, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, oldoffice01_bufs, d_return_buf, d_scryptV_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset);
1331 __kernel void m09700_s16 (__global pw_t *pws, __global kernel_rule_t *rules_buf, __global comb_t *combs_buf, __global bf_t *bfs_buf, __global void *tmps, __global void *hooks, __global u32 *bitmaps_buf_s1_a, __global u32 *bitmaps_buf_s1_b, __global u32 *bitmaps_buf_s1_c, __global u32 *bitmaps_buf_s1_d, __global u32 *bitmaps_buf_s2_a, __global u32 *bitmaps_buf_s2_b, __global u32 *bitmaps_buf_s2_c, __global u32 *bitmaps_buf_s2_d, __global plain_t *plains_buf, __global digest_t *digests_buf, __global u32 *hashes_shown, __global salt_t *salt_bufs, __global oldoffice01_t *oldoffice01_bufs, __global u32 *d_return_buf, __global u32 *d_scryptV_buf, const u32 bitmap_mask, const u32 bitmap_shift1, const u32 bitmap_shift2, const u32 salt_pos, const u32 loop_pos, const u32 loop_cnt, const u32 il_cnt, const u32 digests_cnt, const u32 digests_offset, const u32 combs_mode, const u32 gid_max)
1337 const u32 gid = get_global_id (0);
1339 if (gid >= gid_max) return;
1343 w0[0] = pws[gid].i[ 0];
1344 w0[1] = pws[gid].i[ 1];
1345 w0[2] = pws[gid].i[ 2];
1346 w0[3] = pws[gid].i[ 3];
1350 w1[0] = pws[gid].i[ 4];
1351 w1[1] = pws[gid].i[ 5];
1352 w1[2] = pws[gid].i[ 6];
1353 w1[3] = pws[gid].i[ 7];
1357 w2[0] = pws[gid].i[ 8];
1358 w2[1] = pws[gid].i[ 9];
1359 w2[2] = pws[gid].i[10];
1360 w2[3] = pws[gid].i[11];
1364 w3[0] = pws[gid].i[12];
1365 w3[1] = pws[gid].i[13];
1369 const u32 pw_len = pws[gid].pw_len;
1375 __local RC4_KEY rc4_keys[64];
1377 m09700s (rc4_keys, w0, w1, w2, w3, pw_len, pws, rules_buf, combs_buf, bfs_buf, tmps, hooks, bitmaps_buf_s1_a, bitmaps_buf_s1_b, bitmaps_buf_s1_c, bitmaps_buf_s1_d, bitmaps_buf_s2_a, bitmaps_buf_s2_b, bitmaps_buf_s2_c, bitmaps_buf_s2_d, plains_buf, digests_buf, hashes_shown, salt_bufs, oldoffice01_bufs, d_return_buf, d_scryptV_buf, bitmap_mask, bitmap_shift1, bitmap_shift2, salt_pos, loop_pos, loop_cnt, il_cnt, digests_cnt, digests_offset);