4 ## Author......: Jens Steube <jens.steube@gmail.com>
10 use Digest
::MD4 qw
(md4 md4_hex
);
11 use Digest
::MD5 qw
(md5 md5_hex
);
12 use Digest
::SHA qw
(sha1 sha256 sha384 sha512 sha1_hex sha256_hex sha384_hex sha512_hex
);
13 use Digest
::HMAC qw
(hmac hmac_hex
);
14 use Digest
::Keccak qw
(keccak_256_hex
);
15 use Crypt
::MySQL qw
(password41
);
16 use Digest
::GOST qw
(gost gost_hex
);
17 use Digest
::HMAC_MD5 qw
(hmac_md5
);
18 use Digest
::CRC qw
(crc32
);
21 use Crypt
::ECB qw
(encrypt
);
23 use Crypt
::Eksblowfish
::Bcrypt qw
(bcrypt en_base64
);
24 use Crypt
::Digest
::RIPEMD160 qw
(ripemd160_hex
);
25 use Crypt
::Digest
::Whirlpool qw
(whirlpool_hex
);
27 use Crypt
::ScryptKDF qw
(scrypt_hash scrypt_b64
);
31 use Crypt
::UnixCrypt_XS qw
(crypt_rounds fold_password base64_to_int24 block_to_base64 int24_to_base64
);
33 use Authen
::Passphrase
::NTHash
;
34 use Authen
::Passphrase
::MySQL323
;
35 use Authen
::Passphrase
::PHPass
;
36 use Authen
::Passphrase
::LANManager
;
38 use POSIX qw
(strftime
);
40 use Net
::DNS
::RR
::NSEC3
;
41 use Convert
::EBCDIC qw
(ascii2ebcdic
);
42 use Digest
::SipHash qw
/siphash/;
44 my $hashcat = "./hashcat";
48 my @modes = (0, 10, 11, 12, 20, 21, 22, 23, 30, 40, 50, 60, 100, 101, 110, 111, 112, 120, 121, 122, 125, 130, 131, 132, 133, 140, 141, 150, 160, 190, 200, 300, 400, 500, 900, 1000, 1100, 1400, 1410, 1420, 1430, 1440, 1441, 1450, 1460, 1500, 1600, 1700, 1710, 1711, 1720, 1730, 1740, 1722, 1731, 1750, 1760, 1800, 2100, 2400, 2410, 2500, 2600, 2611, 2612, 2711, 2811, 3000, 3100, 3200, 3710, 3711, 3300, 3500, 3610, 3720, 3800, 3910, 4010, 4110, 4210, 4300, 4400, 4500, 4600, 4700, 4800, 4900, 5000, 5100, 5300, 5400, 5500, 5600, 5700, 5800, 6000, 6100, 6300, 6400, 6500, 6600, 6700, 6800, 6900, 7100, 7200, 7300, 7400, 7500, 7600, 7700, 7800, 7900, 8000, 8100, 8200, 8300, 8400, 8500, 8600, 8700, 8900, 9100, 9200, 9300, 9400, 9500, 9600, 9700, 9800, 9900, 10000, 10100, 10200, 10300, 10400, 10500, 10600, 10700, 10800, 10900, 11000, 11100, 11200, 11300, 11400, 11500, 11600, 11900, 12000, 12100, 12200, 12300, 12400, 12600, 12700, 12800, 12900, 13000, 13100, 13200, 13300, 13400, 13500, 13600, 13800);
50 my %is_unicode = map { $_ => 1 } qw(30 40 130 131 132 133 140 141 1000 1100 1430 1440 1441 1730 1740 1731 5500 5600 8000 9400 9500 9600 9700 9800 11600 13500 13800);
51 my %less_fifteen = map { $_ => 1 } qw(500 1600 1800 2400 2410 3200 6300 7400 10500 10700);
52 my %allow_long_salt = map { $_ => 1 } qw(2500 5500 5600 7100 7200 7300 9400 9500 9600 9700 9800 10400 10500 10600 10700 1100 11000 11200 11300 11400 11600 12600 13500 13800);
54 my @lotus_magic_table =
56 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a,
57 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0,
58 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b,
59 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a,
60 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda,
61 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36,
62 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8,
63 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c,
64 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17,
65 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60,
66 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72,
67 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa,
68 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd,
69 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e,
70 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b,
71 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf,
72 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77,
73 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6,
74 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3,
75 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3,
76 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e,
77 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c,
78 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d,
79 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2,
80 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46,
81 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5,
82 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97,
83 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5,
84 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef,
85 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f,
86 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf,
87 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab
92 0x28, 0xbf, 0x4e, 0x5e, 0x4e, 0x75, 0x8a, 0x41,
93 0x64, 0x00, 0x4e, 0x56, 0xff, 0xfa, 0x01, 0x08,
94 0x2e, 0x2e, 0x00, 0xb6, 0xd0, 0x68, 0x3e, 0x80,
95 0x2f, 0x0c, 0xa9, 0xfe, 0x64, 0x53, 0x69, 0x7a
98 my $CISCO_BASE64_MAPPING = {'A', '.', 'B', '/', 'C', '0', 'D', '1', 'E', '2', 'F', '3', 'G', '4', 'H', '5', 'I', '6', 'J', '7', 'K', '8', 'L', '9', 'M', 'A', 'N', 'B', 'O', 'C', 'P', 'D', 'Q', 'E', 'R', 'F', 'S', 'G', 'T', 'H', 'U', 'I', 'V', 'J', 'W', 'K', 'X', 'L', 'Y', 'M', 'Z', 'N', 'a', 'O', 'b', 'P', 'c', 'Q', 'd', 'R', 'e', 'S', 'f', 'T', 'g', 'U', 'h', 'V', 'i', 'W', 'j', 'X', 'k', 'Y', 'l', 'Z', 'm', 'a', 'n', 'b', 'o', 'c', 'p', 'd', 'q', 'e', 'r', 'f', 's', 'g', 't', 'h', 'u', 'i', 'v', 'j', 'w', 'k', 'x', 'l', 'y', 'm', 'z', 'n', '0', 'o', '1', 'p', '2', 'q', '3', 'r', '4', 's', '5', 't', '6', 'u', '7', 'v', '8', 'w', '9', 'x', '+', 'y', '/', 'z'};
100 if (scalar @ARGV < 1)
111 if ($type ne "verify")
113 if (scalar @ARGV > 1)
118 elsif (scalar @ARGV == 1)
128 if ($type eq "single")
132 elsif ($type eq "passthrough")
143 if (scalar @ARGV != 4)
148 my $mode = shift @ARGV;
149 my $hash_file = shift @ARGV;
150 my $in_file = shift @ARGV;
151 my $out_file = shift @ARGV;
155 open (IN
, "<", $hash_file) or die ("$hash_file: $!\n");
157 # clever ? the resulting database could be huge
158 # but we need some way to map lines in hashfile w/ cracks
159 # maybe rli2 way would be more clever (needs sorted input)
161 while (my $line = <IN
>)
163 $line =~ s/[\n\r]*$//;
165 $db->{$line} = undef;
170 verify
($mode, $db, $in_file, $out_file);
178 my $out_file = shift;
197 open (IN
, "<", $in_file) or die ("$in_file: $!\n");
198 open (OUT
, ">", $out_file) or die ("$out_file: $!\n");
202 my $base64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
203 my $itoa64_1 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
204 my $itoa64_2 = "./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
206 while (my $line = <IN
>)
213 # remember always do "exists ($db->{$hash_in})" checks as soon as possible and don't forget it
216 if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 133 || $mode == 190 || $mode == 200 || $mode == 300 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3000 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 5700 || $mode == 6000 || $mode == 6100 || $mode == 6900 || $mode == 8600 || $mode == 9900 || $mode == 10800 || $mode == 11500)
218 my $index = index ($line, ":");
222 $hash_in = substr ($line, 0, $index);
224 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
226 $word = substr ($line, $index + 1);
229 elsif ($mode == 10 || $mode == 11 || $mode == 12 || $mode == 20 || $mode == 21 || $mode == 22 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 112 || $mode == 120 || $mode == 121 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1100 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 2410 || $mode == 2611 || $mode == 2711 || $mode == 2811 || $mode == 3100 || $mode == 3610 || $mode == 3710 || $mode == 3720 || $mode == 3800 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 4900 || $mode == 5800 || $mode == 7600 || $mode == 8400 || $mode == 11000 || $mode == 12600 || $mode == 13500 || $mode == 13800)
232 my $index1 = index ($line, ":");
236 $hash_in = substr ($line, 0, $index1);
238 # identify lenghts of both salt and plain
240 my $salt_plain = substr ($line, $index1 + 1);
242 my $num_cols = () = $salt_plain =~ /:/g;
251 foreach (my $i = 0; $i < $num_cols; $i++)
253 $index2 = index ($salt_plain, ":", $start);
257 $start = $index2 + 1;
259 $salt = substr ($salt_plain, 0, $index2);
260 $word = substr ($salt_plain, $index2 + 1);
262 # can't be true w/ wrong $hash:$salt, otherwise the
263 # algo must have many collisions
265 if (exists ($db->{$hash_in . ":" . $salt}))
267 $hash_in = $hash_in . ":" . $salt;
273 next unless ($matched); # therefore: true == exists ($db->{$hash_in}
274 next unless (! defined ($db->{$hash_in}));
277 elsif ($mode == 2100)
280 my $index1 = index ($line, "\$DCC2\$");
282 next if $index1 != 0;
285 my $index2 = index ($line, "#", $index1 + 1);
289 $iter = substr ($line, $index1 + 6, $index2 - $index1 - 6);
292 $index1 = index ($line, "#");
296 $hash_in = substr ($line, 0, $index1 + 1);
298 # identify lenghts of both salt and plain
300 my $salt_plain = substr ($line, $index2 + 1);
302 my $num_cols = () = $salt_plain =~ /:/g;
312 foreach (my $i = 0; $i < $num_cols; $i++)
314 $index2 = index ($salt_plain, ":", $start);
318 $start = $index2 + 1;
320 $index3 = rindex ($salt_plain, "#", $index2);
322 $raw_hash = substr ($salt_plain, $index3 + 1, $index2 - $index3 - 1);
323 $salt = substr ($salt_plain, 0, $index3);
324 $word = substr ($salt_plain, $index2 + 1);
326 if (exists ($db->{$hash_in . $salt . "#" .$raw_hash}))
328 $hash_in = $hash_in . $salt . "#" . $raw_hash;
334 next unless ($matched); # therefore: true == exists ($db->{$hash_in}
335 next unless (! defined ($db->{$hash_in}));
337 # salt:hash guaranteed only : because of hex salt
338 elsif ($mode == 7300)
340 # split hash and plain
341 my $index1 = index ($line, ":");
345 $salt = substr ($line, 0, $index1);
347 $salt = pack ("H*", $salt);
349 my $rest = substr ($line, $index1 + 1);
351 my $index2 = index ($rest, ":");
355 $hash_in = substr ($rest, 0, $index2);
357 $word = substr ($rest, $index2 + 1);
359 next unless (exists ($db->{$salt . ":" . $hash_in}) and (! defined ($db->{$hash_in})));
362 elsif ($mode == 8100)
364 # split hash and plain
365 $salt = substr ($line, 1, 8);
367 my $rest = substr ($line, 1 + 8);
369 my $index2 = index ($rest, ":");
373 $hash_in = substr ($rest, 0, $index2);
375 $word = substr ($rest, $index2 + 1);
377 next unless (exists ($db->{"1" . $salt . $hash_in}) and (! defined ($db->{$hash_in})));
379 # base64 and salt embedded SSHA1, salt length = total lenght - 20
382 # split hash and plain
383 my $index = index ($line, ":");
387 $hash_in = substr ($line, 0, $index);
388 $word = substr ($line, $index + 1);
390 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
393 my $plain_base64 = substr ($hash_in, 6);
395 # base64 decode to extract salt
396 my $decoded = decode_base64
($plain_base64);
398 $salt = substr ($decoded, 20);
400 # base64 and salt embedded SSHA512, salt length = total length - 64
401 elsif ($mode == 1711)
403 # split hash and plain
404 my $index = index ($line, ":");
408 $hash_in = substr ($line, 0, $index);
409 $word = substr ($line, $index + 1);
411 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
414 my $plain_base64 = substr ($hash_in, 9);
416 # base64 decode to extract salt
417 my $decoded = decode_base64
($plain_base64);
419 $salt = substr ($decoded, 64);
421 # OSX (first 8 hex chars is salt)
422 # ArubaOS (the signature gets added in gen_hash)
423 elsif ($mode == 122 || $mode == 1722 || $mode == 125)
425 my $index = index ($line, ":");
429 $hash_in = substr ($line, 0, $index);
430 $word = substr ($line, $index + 1);
432 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
434 $salt = substr ($hash_in, 0, 8);
436 # MSSQL (2000, 2005 AND 2012), salt after version number
437 elsif ($mode == 131 || $mode == 132 || $mode == 1731)
439 my $index = index ($line, ":");
443 $hash_in = substr ($line, 0, $index);
444 $word = substr ($line, $index + 1);
446 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
448 $salt = substr ($hash_in, 6, 8);
451 elsif ($mode == 8000)
453 my $index = index ($line, ":");
457 $hash_in = substr ($line, 0, $index);
458 $word = substr ($line, $index + 1);
460 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
462 $salt = substr ($hash_in, 6, 16);
465 elsif ($mode == 141 || $mode == 1441)
467 my $index1 = index ($line, ":");
471 $hash_in = substr ($line, 0, $index1);
472 $word = substr ($line, $index1 + 1);
474 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
476 my $index2 = index ($line, "*", 14);
478 #extract salt from base64
479 my $plain_base64 = substr ($hash_in, 14, $index2 - 14);
481 $salt = decode_base64
($plain_base64);
483 # phpass (first 8 after $P$/$H$ -- or $S$ with drupal7)
484 elsif ($mode == 400 || $mode == 7900)
486 my $index = index ($line, ":");
490 $hash_in = substr ($line, 0, $index);
491 $word = substr ($line, $index + 1);
493 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
495 $salt = substr ($hash_in, 4, 8);
497 # iterations = 2 ^ cost (where cost == $iter)
498 $iter = index ($itoa64_1, substr ($hash_in, 3, 1));
500 # $something$[rounds=iter$]salt$ (get last $, then check iter)
501 elsif ($mode == 500 || $mode == 1600 || $mode == 1800 || $mode == 3300 || $mode == 7400)
503 my $index1 = index ($line, ":", 30);
507 $hash_in = substr ($line, 0, $index1);
508 $word = substr ($line, $index1 + 1);
510 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
512 $index1 = index ($hash_in, ",", 1);
513 my $index2 = index ($hash_in, "\$", 1);
517 if ($index1 < $index2)
523 $param = substr ($hash_in, $index2, 1);
527 # rounds= if available
530 if (substr ($hash_in, $index2, 7) eq "rounds=")
532 my $old_index = $index2;
534 $index2 = index ($hash_in, "\$", $index2 + 1);
538 $iter = substr ($hash_in, $old_index + 7, $index2 - $old_index - 7);
544 my $index3 = rindex ($hash_in, "\$");
548 $salt = substr ($hash_in, $index2, $index3 - $index2);
550 # descrypt (salt in first 2 char)
551 elsif ($mode == 1500)
553 my $index = index ($line, ":");
557 $hash_in = substr ($line, 0, $index);
558 $word = substr ($line, $index + 1);
560 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
562 $salt = substr ($hash_in, 0, 2);
564 # bcrypt $something$something$salt.hash
565 elsif ($mode == 3200)
567 my $index1 = index ($line, ":", 33);
571 $hash_in = substr ($line, 0, $index1);
572 $word = substr ($line, $index1 + 1);
574 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
576 my $index2 = index ($hash_in, "\$", 4);
578 $iter = substr ($hash_in, 4, $index2 - 4);
580 my $plain_base64 = substr ($hash_in, $index2 + 1, 22);
585 for (my $i = 0; $i < length ($plain_base64); $i++)
587 my $char = substr ($plain_base64, $i, 1);
588 $encoded .= substr ($base64, index ($itoa64_2, $char), 1);
591 $salt = decode_base64
($encoded);
594 elsif ($mode == 4800)
596 my $index1 = index ($line, ":");
600 my $index2 = index ($line, ":", $index1 + 1);
604 my $index3 = index ($line, ":", $index2 + 1);
608 $salt = substr ($line, $index1 + 1, $index3 - $index1 - 1);
610 $word = substr ($line, $index3 + 1);
612 $hash_in = substr ($line, 0, $index3);
615 elsif ($mode == 5300 || $mode == 5400)
617 my $num_cols = () = $line =~ /:/g;
619 next unless ($num_cols >= 9);
624 for (my $j = 0; $j < 9; $j++)
626 $index1 = index ($line, ":", $index1 + 1);
637 $word = substr ($line, $index1 + 1);
639 $hash_in = substr ($line, 0, $index1);
641 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
643 my $index2 = rindex ($line, ":", $index1 - 1);
645 $salt = substr ($line, 0, $index2);
648 elsif ($mode == 5500)
650 my $index1 = index ($line, "::");
654 my $index2 = index ($line, ":", $index1 + 2);
658 $index2 = index ($line, ":", $index2 + 1);
662 $salt = substr ($line, 0, $index2);
664 $index2 = index ($line, ":", $index2 + 1);
668 $salt .= substr ($line, $index2 + 1, 16);
670 $index2 = index ($line, ":", $index2 + 1);
674 $hash_in = substr ($line, 0, $index2);
676 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
678 $word = substr ($line, $index2 + 1);
681 elsif ($mode == 5600)
683 my $index1 = index ($line, "::");
687 my $index2 = index ($line, ":", $index1 + 2);
691 $index2 = index ($line, ":", $index2 + 1);
695 $salt = substr ($line, 0, $index2);
697 $index1 = index ($line, ":", $index2 + 1);
701 $index2 = index ($line, ":", $index1 + 1);
705 $salt .= substr ($line, $index1 + 1, $index2 - $index1 - 1);
707 $hash_in = substr ($line, 0, $index2);
709 # do it later on for this hash mode:
710 # next unless ((exists ($db->{$hash_in}) and (! defined ($db->{$hash_in}))) or (exists ($db->{$mod}) and (! defined ($db->{$mod}))));
712 $word = substr ($line, $index2 + 1);
714 # AIX smd5 something BRACE salt$
715 elsif ($mode == 6300)
717 my $index1 = index ($line, ":");
721 $hash_in = substr ($line, 0, $index1);
722 $word = substr ($line, $index1 + 1);
724 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
726 my $index2 = index ($hash_in, "}");
727 my $index3 = rindex ($hash_in, "\$");
729 $salt = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
731 # AIX: something$salt$ (no $ at position 1)
732 elsif ($mode == 6400 || $mode == 6500 || $mode == 6700)
734 my $index1 = index ($line, ":");
738 $hash_in = substr ($line, 0, $index1);
739 $word = substr ($line, $index1 + 1);
741 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
743 my $index2 = index ($hash_in, "}");
744 my $index3 = index ($hash_in, "\$");
745 my $index4 = rindex ($hash_in, "\$");
747 $salt = substr ($hash_in, $index3 + 1, $index4 - $index3 - 1);
749 $iter = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
751 # 1Password, agilekeychain
752 elsif ($mode == 6600)
754 my $num_cols = () = $line =~ /:/g;
756 next unless ($num_cols > 2);
758 my $index1 = index ($line, ":");
762 $iter = substr ($line, 0, $index1);
764 my $index2 = index ($line, ":", $index1 + 1);
768 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
770 $index1 = index ($line, ":", $index2 + 1);
774 $salt .= substr ($line, $index2 + 1, $index1 - $index2 - 33);
776 $hash_in = substr ($line, 0, $index1);
778 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
780 $word = substr ($line, $index1 + 1);
782 # 1Password, cloudkeychain
783 elsif ($mode == 8200)
785 my @datas = split (":", $line);
787 next if scalar @datas < 4;
789 my $hash = shift @datas;
790 $salt = shift @datas;
791 $iter = shift @datas;
792 my $data = shift @datas;
794 $hash_in = $hash . ":" . $salt . ":" . $iter . ":" . $data;
798 $word = join (":", @datas);
800 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
802 # lastpass (hash:iter:salt)
803 elsif ($mode == 6800)
805 my $index1 = index ($line, ":", 34);
809 $hash_in = substr ($line, 0, $index1);
811 # identify lenghts of both salt and plain
813 my $salt_plain = substr ($line, $index1 + 1);
815 my $num_cols = () = $salt_plain =~ /:/g;
824 foreach (my $i = 0; $i < $num_cols; $i++)
826 $index2 = index ($salt_plain, ":", $start);
830 $start = $index2 + 1;
832 $salt = substr ($salt_plain, 0, $index2);
833 $word = substr ($salt_plain, $index2 + 1);
835 # can't be true w/ wrong $hash:$salt, otherwise the
836 # algo must have many collisions
838 if (exists ($db->{$hash_in . ":" . $salt}))
840 $hash_in = $hash_in . ":" . $salt;
846 next unless ($matched); # therefore: true == exists ($db->{$hash_in}
847 next unless (! defined ($db->{$hash_in}));
849 $index1 = index ($hash_in, ":");
850 $index2 = index ($hash_in, ":", $index1 + 1);
852 $iter = substr ($hash_in, $index1 + 1, $index2 - $index1 - 1);
853 $salt = substr ($hash_in, $index2 + 1);
855 # OSX 10.* : $something$iter$salt$
856 elsif ($mode == 7100)
858 my $index1 = index ($line, ":");
862 $hash_in = substr ($line, 0, $index1);
863 $word = substr ($line, $index1 + 1);
865 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
867 my $index2 = index ($hash_in, "\$", 5);
871 my $index3 = index ($hash_in, "\$", $index2 + 1);
873 $salt = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
875 $iter = substr ($hash_in, 4, $index2 - 4);
877 next if (int ($iter) < 1);
879 # grub: something1.something2.something3.iter.salt.
880 elsif ($mode == 7200)
882 my $index1 = index ($line, ":");
886 $hash_in = substr ($line, 0, $index1);
887 $word = substr ($line, $index1 + 1);
889 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
891 my $index2 = index ($hash_in, ".", 19);
895 my $index3 = index ($hash_in, ".", $index2 + 1);
897 $salt = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
899 $iter = substr ($hash_in, 19, $index2 - 19);
901 next if (int ($iter) < 1);
903 # $something1$something2$something3$something4$salt$
904 elsif ($mode == 7500 )
906 my $index1 = index ($line, "\$", 11);
910 my $index2 = index ($line, "\$", $index1 + 1);
914 my $index3 = index ($line, "\$", $index2 + 1);
918 $index2 = index ($line, ":", $index3 + 1);
922 $hash_in = substr ($line, 0, $index2);
923 $word = substr ($line, $index2 + 1);
925 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
927 $salt = substr ($hash_in, 11, $index3 - 10);
928 $salt .= substr ($hash_in, $index2 - 32) . "\$\$";
929 $salt .= substr ($hash_in, $index3 + 1, $index2 - $index3 - 32 - 1);
932 elsif ($mode == 7700 || $mode == 7800)
934 my $index1 = index ($line, ":");
938 my @split1 = split (":", $line);
940 my @split2 = split ('\$', $split1[0]);
942 next unless scalar @split2 == 2;
944 $hash_in = $split1[0];
946 if (scalar @split1 > 1)
955 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
960 elsif ($mode == 8300)
962 my @datas = split (":", $line);
964 next if scalar @datas != 5;
969 ($hash, $domain, $salt, $iter, $word) = @datas;
971 $hash_in = $hash . ":" . $domain . ":" . $salt . ":" . $iter;
973 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
975 $salt = $domain . ":" . $salt;
978 elsif ($mode == 8500)
980 my @line_elements = split (":", $line);
982 next if scalar @line_elements < 2;
986 $hash_in = shift @line_elements;
988 $word = join (":", @line_elements);
992 my @hash_elements = split ('\*', $hash_in);
994 next unless ($hash_elements[0] eq '$racf$');
996 $salt = $hash_elements[1];
998 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1001 elsif ($mode == 8700)
1003 # split hash and plain
1004 my $index = index ($line, ":");
1008 $hash_in = substr ($line, 0, $index);
1009 $word = substr ($line, $index + 1);
1011 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1013 my $plain_base64 = substr ($hash_in, 2, -1);
1015 ($_, $salt, $param) = domino_decode
($plain_base64);
1018 elsif ($mode == 2612)
1020 next unless (substr ($line, 0, 6) eq '$PHPS$');
1023 my $index1 = index ($line, "\$", 6);
1025 next if $index1 < 1;
1027 $salt = substr ($line, 6, $index1 - 6);
1029 $salt = pack ("H*", $salt);
1031 my $index2 = index ($line, "\:", $index1 + 1);
1033 next if $index2 < 1;
1035 $word = substr ($line, $index2 + 1);
1037 $hash_in = substr ($line, 0, $index2);
1039 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1042 elsif ($mode == 3711)
1044 next unless (substr ($line, 0, 3) eq '$B$');
1047 my $index1 = index ($line, "\$", 3);
1049 next if $index1 < 1;
1051 $salt = substr ($line, 3, $index1 - 3);
1053 my $index2 = index ($line, ":", $index1 + 1);
1055 next if $index2 < 1;
1057 $word = substr ($line, $index2 + 1);
1059 $hash_in = substr ($line, 0, $index2);
1061 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1064 elsif ($mode == 8900)
1066 next unless (substr ($line, 0, 7) eq 'SCRYPT:');
1069 my $index1 = index ($line, ":", 7);
1071 next if $index1 < 1;
1074 my $N = substr ($line, 7, $index1 - 7);
1076 my $index2 = index ($line, ":", $index1 + 1);
1078 next if $index2 < 1;
1081 my $r = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1083 $index1 = index ($line, ":", $index2 + 1);
1085 next if $index1 < 1;
1088 my $p = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1094 $index2 = index ($line, ":", $index1 + 1);
1096 next if $index2 < 1;
1099 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1101 $salt = decode_base64
($salt);
1103 $index1 = index ($line, ":", $index2 + 1);
1105 next if $index1 < 1;
1109 $word = substr ($line, $index1 + 1);
1110 $hash_in = substr ($line, 0, $index1);
1112 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1115 elsif ($mode == 9100)
1117 # split hash and plain
1118 my $index = index ($line, ":");
1122 $hash_in = substr ($line, 0, $index);
1123 $word = substr ($line, $index + 1);
1125 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1127 my $base64_part = substr ($hash_in, 2, -1);
1129 ($_, $salt, $iter, $param) = domino_85x_decode
($base64_part);
1131 next if ($iter < 1);
1133 # Cisco $8$ - PBKDF2-HMAC-SHA256
1134 elsif ($mode == 9200)
1136 next unless (substr ($line, 0, 3) eq '$8$');
1139 my $index1 = index ($line, "\$", 3);
1141 next if $index1 != 17;
1143 my $index2 = index ($line, "\$", $index1 + 1);
1146 $salt = substr ($line, 3, $index1 - 3);
1148 $index1 = index ($line, ":", $index1 + 1);
1150 next if $index1 < 1;
1154 $word = substr ($line, $index1 + 1);
1155 $hash_in = substr ($line, 0, $index1);
1157 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1159 # Cisco $9$ - scrypt
1160 elsif ($mode == 9300)
1162 next unless (substr ($line, 0, 3) eq '$9$');
1165 my $index1 = index ($line, "\$", 3);
1167 next if $index1 != 17;
1169 my $index2 = index ($line, "\$", $index1 + 1);
1172 $salt = substr ($line, 3, $index1 - 3);
1174 $index1 = index ($line, ":", $index1 + 1);
1176 next if $index1 < 1;
1180 $word = substr ($line, $index1 + 1);
1181 $hash_in = substr ($line, 0, $index1);
1183 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1186 elsif ($mode == 9400)
1188 ($hash_in, $word) = split ":", $line;
1190 next unless defined $hash_in;
1191 next unless defined $word;
1193 my @data = split /\*/, $hash_in;
1195 next unless scalar @data == 8;
1197 next unless (shift @data eq '$office$');
1198 next unless (shift @data eq '2007');
1199 next unless (shift @data eq '20');
1201 my $aes_key_size = shift @data;
1203 next unless (($aes_key_size eq '128') || ($aes_key_size eq '256'));
1204 next unless (shift @data eq '16');
1206 next unless (length $data[0] == 32);
1207 next unless (length $data[1] == 32);
1208 next unless (length $data[2] == 40);
1210 $salt = shift @data;
1211 $param = shift @data;
1212 $param2 = $aes_key_size;
1214 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1217 elsif ($mode == 9500)
1219 ($hash_in, $word) = split ":", $line;
1221 next unless defined $hash_in;
1222 next unless defined $word;
1224 my @data = split /\*/, $hash_in;
1226 next unless scalar @data == 8;
1228 next unless (shift @data eq '$office$');
1229 next unless (shift @data eq '2010');
1230 next unless (shift @data eq '100000');
1231 next unless (shift @data eq '128');
1232 next unless (shift @data eq '16');
1234 next unless (length $data[0] == 32);
1235 next unless (length $data[1] == 32);
1236 next unless (length $data[2] == 64);
1238 $salt = shift @data;
1239 $param = shift @data;
1241 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1244 elsif ($mode == 9600)
1246 ($hash_in, $word) = split ":", $line;
1248 next unless defined $hash_in;
1249 next unless defined $word;
1251 my @data = split /\*/, $hash_in;
1253 next unless scalar @data == 8;
1255 next unless (shift @data eq '$office$');
1256 next unless (shift @data eq '2013');
1257 next unless (shift @data eq '100000');
1258 next unless (shift @data eq '256');
1259 next unless (shift @data eq '16');
1261 next unless (length $data[0] == 32);
1262 next unless (length $data[1] == 32);
1263 next unless (length $data[2] == 64);
1265 $salt = shift @data;
1266 $param = shift @data;
1268 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1271 elsif ($mode == 9700)
1273 ($hash_in, $word) = split ":", $line;
1275 next unless defined $hash_in;
1276 next unless defined $word;
1278 my @data = split /\*/, $hash_in;
1280 next unless scalar @data == 4;
1282 my $signature = shift @data;
1284 next unless (($signature eq '$oldoffice$0') || ($signature eq '$oldoffice$1'));
1286 next unless (length $data[0] == 32);
1287 next unless (length $data[1] == 32);
1288 next unless (length $data[2] == 32);
1290 $salt = shift @data;
1291 $param = shift @data;
1292 $param2 = substr ($signature, 11, 1);
1294 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1297 elsif ($mode == 9800)
1299 ($hash_in, $word) = split ":", $line;
1301 next unless defined $hash_in;
1302 next unless defined $word;
1304 my @data = split /\*/, $hash_in;
1306 next unless scalar @data == 4;
1308 my $signature = shift @data;
1310 next unless (($signature eq '$oldoffice$3') || ($signature eq '$oldoffice$4'));
1312 next unless (length $data[0] == 32);
1313 next unless (length $data[1] == 32);
1314 next unless (length $data[2] == 40);
1316 $salt = shift @data;
1317 $param = shift @data;
1318 $param2 = substr ($signature, 11, 1);
1320 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1322 # Django (PBKDF2-SHA256)
1323 elsif ($mode == 10000)
1325 next unless (substr ($line, 0, 14) eq 'pbkdf2_sha256$');
1328 my $index1 = index ($line, "\$", 14);
1330 next if $index1 < 1;
1332 my $index2 = index ($line, "\$", $index1 + 1);
1336 $iter = substr ($line, 14, $index1 - 14);
1340 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1344 $index1 = index ($line, ":", $index2 + 1);
1346 next if $index1 < 1;
1348 $word = substr ($line, $index1 + 1);
1349 $hash_in = substr ($line, 0, $index1);
1351 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1354 elsif ($mode == 10100)
1358 ($hash, undef, undef, $salt, $word) = split ":", $line;
1360 next unless defined $hash;
1361 next unless defined $salt;
1362 next unless defined $word;
1364 next unless (length $hash == 16);
1365 next unless (length $salt == 32);
1367 my $hash_in = sprintf ("%s:2:4:%s", $hash, $salt);
1369 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1372 elsif ($mode == 10200)
1374 next unless (substr ($line, 0, 10) eq '$cram_md5$');
1377 my $index1 = index ($line, "\$", 10);
1379 next if $index1 < 1;
1383 my $challengeb64 = substr ($line, 10, $index1 - 10);
1384 $salt = decode_base64
($challengeb64);
1388 my $index2 = index ($line, ":", $index1 + 1);
1390 next if $index2 < 1;
1392 my $responseb64 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1393 my $response = decode_base64
($responseb64);
1395 $param = substr ($response, 0, length ($response) - 32 - 1); # -1 is for space
1397 $word = substr ($line, $index2 + 1);
1398 $hash_in = substr ($line, 0, $index2);
1400 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1402 # SAP CODVN H (PWDSALTEDHASH) iSSHA-1
1403 elsif ($mode == 10300)
1405 next unless (substr ($line, 0, 10) eq '{x-issha, ');
1409 my $index1 = index ($line, "}", 10);
1411 next if $index1 < 1;
1413 $iter = substr ($line, 10, $index1 - 10);
1415 $iter = int ($iter);
1419 my $base64_encoded = substr ($line, $index1 + 1);
1420 my $base64_decoded = decode_base64
($base64_encoded);
1422 $salt = substr ($base64_decoded, 20);
1424 my $index2 = index ($line, ":", $index1 + 1);
1426 next if $index2 < 1;
1428 $word = substr ($line, $index2 + 1);
1429 $hash_in = substr ($line, 0, $index2);
1431 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1433 # PDF 1.1 - 1.3 (Acrobat 2 - 4)
1434 elsif ($mode == 10400)
1436 ($hash_in, $word) = split ":", $line;
1438 next unless defined $hash_in;
1439 next unless defined $word;
1441 my @data = split /\*/, $hash_in;
1443 next unless scalar @data == 11;
1445 next unless (shift @data eq '$pdf$1');
1446 next unless (shift @data eq '2');
1447 next unless (shift @data eq '40');
1448 my $P = shift @data;
1449 next unless (shift @data eq '0');
1450 next unless (shift @data eq '16');
1451 my $id = shift @data;
1452 next unless (shift @data eq '32');
1453 my $u = shift @data;
1454 next unless (shift @data eq '32');
1455 my $o = shift @data;
1462 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1464 # PDF 1.4 - 1.6 (Acrobat 5 - 8)
1465 elsif ($mode == 10500)
1467 ($hash_in, $word) = split ":", $line;
1469 next unless defined $hash_in;
1470 next unless defined $word;
1472 my @data = split /\*/, $hash_in;
1474 next unless scalar @data == 11;
1476 my $V = shift @data; $V = substr ($V, 5, 1);
1477 my $R = shift @data;
1478 next unless (shift @data eq '128');
1479 my $P = shift @data;
1480 my $enc = shift @data;
1481 next unless (shift @data eq '16');
1482 my $id = shift @data;
1483 next unless (shift @data eq '32');
1484 my $u = shift @data;
1485 next unless (shift @data eq '32');
1486 my $o = shift @data;
1496 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1498 # PDF 1.7 Level 3 (Acrobat 9)
1499 elsif ($mode == 10600)
1501 ($hash_in, $word) = split ":", $line;
1503 next unless defined $hash_in;
1504 next unless defined $word;
1506 my @data = split /\*/, $hash_in;
1508 next unless scalar @data >= 11;
1510 next unless (shift @data eq '$pdf$5');
1511 next unless (shift @data eq '5');
1512 next unless (shift @data eq '256');
1513 next unless (shift @data eq '-1028');
1514 next unless (shift @data eq '1');
1515 next unless (shift @data eq '16');
1516 my $id = shift @data;
1517 my $rest = join "*", @data;
1522 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1524 # PDF 1.7 Level 8 (Acrobat 10 - 11)
1525 elsif ($mode == 10700)
1527 ($hash_in, $word) = split ":", $line;
1529 next unless defined $hash_in;
1530 next unless defined $word;
1532 my @data = split /\*/, $hash_in;
1534 next unless scalar @data >= 11;
1536 next unless (shift @data eq '$pdf$5');
1537 next unless (shift @data eq '6');
1538 next unless (shift @data eq '256');
1539 next unless (shift @data eq '-1028');
1540 next unless (shift @data eq '1');
1541 next unless (shift @data eq '16');
1542 my $id = shift @data;
1543 my $rest = join "*", @data;
1548 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1550 # PBKDF2-HMAC-SHA256
1551 elsif ($mode == 10900)
1553 next unless (substr ($line, 0, 7) eq 'sha256:');
1556 my $index1 = index ($line, ":", 7);
1558 next if $index1 < 1;
1560 $iter = substr ($line, 7, $index1 - 7);
1564 my $index2 = index ($line, ":", $index1 + 1);
1566 next if $index2 < 1;
1568 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1570 $salt = decode_base64
($salt);
1574 $index1 = index ($line, ":", $index2 + 1);
1576 next if $index1 < 1;
1578 # additional param = output len of pbkdf2
1580 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1582 my $digest = decode_base64
($digest64_encoded);
1584 $param = length ($digest);
1588 $word = substr ($line, $index1 + 1);
1589 $hash_in = substr ($line, 0, $index1);
1591 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1593 # PostgreSQL MD5 Authentication
1594 elsif ($mode == 11100)
1596 next unless (substr ($line, 0, 10) eq '$postgres$');
1598 my $index1 = index ($line, "*", 10);
1600 next if $index1 < 1;
1604 $param = substr ($line, 10, $index1 - 10);
1606 # get the 4 byte salt
1608 my $index2 = index ($line, "*", $index1 + 1);
1610 next if $index2 < 1;
1612 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1616 $index1 = index ($line, ":", $index2 + 1);
1618 next if $index1 < 1;
1620 $word = substr ($line, $index1 + 1);
1621 $hash_in = substr ($line, 0, $index1);
1623 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1625 # MySQL MD5 Authentication
1626 elsif ($mode == 11200)
1628 next unless (substr ($line, 0, 9) eq '$mysqlna$');
1630 my $index1 = index ($line, "*", 9);
1632 next if $index1 < 1;
1636 $salt = substr ($line, 9, $index1 - 9);
1640 $index1 = index ($line, ":", $index1 + 1);
1642 next if $index1 < 1;
1644 $word = substr ($line, $index1 + 1);
1645 $hash_in = substr ($line, 0, $index1);
1647 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1650 elsif ($mode == 2500)
1652 print "ERROR: verify currently not supported for WPA/WPA2 (because of hashcat's output format)\n";
1656 # Bitcoin/Litecoin wallet.dat
1657 elsif ($mode == 11300)
1659 print "ERROR: verify currently not supported for Bitcoin/Litecoin wallet.dat because of unknown crypt data\n";
1663 # SIP digest authentication (MD5)
1664 elsif ($mode == 11400)
1666 next unless (substr ($line, 0, 6) eq '$sip$*');
1670 my $index1 = index ($line, "*", 6);
1672 next if $index1 < 0;
1674 $param10 = substr ($line, 6, $index1 - 6);
1676 next if (length ($param10) > 32);
1680 my $index2 = index ($line, "*", $index1 + 1);
1682 next if $index2 < 0;
1684 $param11 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1686 next if (length ($param11) > 32);
1690 $index1 = index ($line, "*", $index2 + 1);
1692 next if $index1 < 0;
1694 $param = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1696 next if (length ($param) > 12);
1700 $index2 = index ($line, "*", $index1 + 1);
1702 next if $index2 < 0;
1704 $param2 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1706 next if (length ($param2) > 20);
1710 $index1 = index ($line, "*", $index2 + 1);
1712 next if $index1 < 0;
1714 $param6 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1716 next if (length ($param6) > 24);
1720 $index2 = index ($line, "*", $index1 + 1);
1722 next if $index2 < 0;
1724 $param7 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1726 next if (length ($param7) > 10);
1730 $index1 = index ($line, "*", $index2 + 1);
1732 next if $index1 < 0;
1734 $param8 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1736 next if (length ($param8) > 32);
1740 $index2 = index ($line, "*", $index1 + 1);
1742 next if $index2 < 0;
1744 $param9 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1746 next if (length ($param9) > 32);
1750 $index1 = index ($line, "*", $index2 + 1);
1752 next if $index1 < 0;
1754 $salt = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1756 next if (length ($salt) > 34);
1760 $index2 = index ($line, "*", $index1 + 1);
1762 next if $index2 < 0;
1764 $param4 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1766 next if (length ($param4) > 12);
1770 $index1 = index ($line, "*", $index2 + 1);
1772 next if $index1 < 0;
1774 $param3 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1776 next if (length ($param3) > 10);
1780 $index2 = index ($line, "*", $index1 + 1);
1782 next if $index2 < 0;
1784 $param5 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1786 next if (length ($param5) > 8);
1790 $index1 = index ($line, "*", $index2 + 1);
1792 next if $index1 < 0;
1794 my $directive = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1796 next unless ($directive eq "MD5");
1800 $index2 = index ($line, ":", $index1 + 1);
1802 next if $index2 < 0;
1804 my $hex_digest = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1806 next unless (length ($hex_digest) == 32);
1808 $word = substr ($line, $index2 + 1);
1809 $hash_in = substr ($line, 0, $index2);
1811 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1814 elsif ($mode == 11600)
1816 next unless (substr ($line, 0, 4) eq '$7z$');
1820 my $index1 = index ($line, '$', 4);
1822 next if $index1 < 0;
1824 my $p = substr ($line, 4, $index1 - 4);
1826 next unless ($p eq "0");
1830 my $index2 = index ($line, '$', $index1 + 1);
1832 next if $index2 < 0;
1834 $iter = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1836 # seven zip salt length
1838 $index1 = index ($line, '$', $index2 + 1);
1840 next if $index1 < 0;
1842 $param = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1846 $index2 = index ($line, '$', $index1 + 1);
1848 next if $index2 < 0;
1850 $param2 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1854 $index1 = index ($line, '$', $index2 + 1);
1856 next if $index1 < 0;
1858 $param3 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1862 $index2 = index ($line, '$', $index1 + 1);
1864 next if $index2 < 0;
1866 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1868 $salt = pack ("H*", $salt);
1872 $index1 = index ($line, '$', $index2 + 1);
1874 next if $index1 < 0;
1876 my $crc = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1878 # ignore this crc, we don't need to pass it to gen_hash ()
1882 $index2 = index ($line, '$', $index1 + 1);
1884 next if $index2 < 0;
1886 $param4 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1890 $index1 = index ($line, '$', $index2 + 1);
1892 next if $index1 < 0;
1894 $param5 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1898 $index2 = index ($line, ':', $index1 + 1);
1900 next if $index2 < 0;
1902 $param6 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1903 $param6 = pack ("H*", $param6);
1905 $word = substr ($line, $index2 + 1);
1906 $hash_in = substr ($line, 0, $index2);
1908 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1911 elsif ($mode == 11900)
1913 next unless (substr ($line, 0, 4) eq 'md5:');
1916 my $index1 = index ($line, ":", 4);
1918 next if $index1 < 1;
1920 $iter = substr ($line, 4, $index1 - 4);
1924 my $index2 = index ($line, ":", $index1 + 1);
1926 next if $index2 < 1;
1928 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1930 $salt = decode_base64
($salt);
1934 $index1 = index ($line, ":", $index2 + 1);
1936 next if $index1 < 1;
1938 # additional param = output len of pbkdf2
1940 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1942 my $digest = decode_base64
($digest64_encoded);
1944 $param = length ($digest);
1948 $word = substr ($line, $index1 + 1);
1949 $hash_in = substr ($line, 0, $index1);
1951 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1954 elsif ($mode == 12000)
1956 next unless (substr ($line, 0, 5) eq 'sha1:');
1959 my $index1 = index ($line, ":", 5);
1961 next if $index1 < 1;
1963 $iter = substr ($line, 5, $index1 - 5);
1967 my $index2 = index ($line, ":", $index1 + 1);
1969 next if $index2 < 1;
1971 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1973 $salt = decode_base64
($salt);
1977 $index1 = index ($line, ":", $index2 + 1);
1979 next if $index1 < 1;
1981 # additional param = output len of pbkdf2
1983 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1985 my $digest = decode_base64
($digest64_encoded);
1987 $param = length ($digest);
1991 $word = substr ($line, $index1 + 1);
1992 $hash_in = substr ($line, 0, $index1);
1994 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1996 # PBKDF2-HMAC-SHA512
1997 elsif ($mode == 12100)
1999 next unless (substr ($line, 0, 7) eq 'sha512:');
2002 my $index1 = index ($line, ":", 7);
2004 next if $index1 < 1;
2006 $iter = substr ($line, 7, $index1 - 7);
2010 my $index2 = index ($line, ":", $index1 + 1);
2012 next if $index2 < 1;
2014 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
2016 $salt = decode_base64
($salt);
2020 $index1 = index ($line, ":", $index2 + 1);
2022 next if $index1 < 1;
2024 # additional param = output len of pbkdf2
2026 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
2028 my $digest = decode_base64
($digest64_encoded);
2030 $param = length ($digest);
2034 $word = substr ($line, $index1 + 1);
2035 $hash_in = substr ($line, 0, $index1);
2037 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2040 elsif ($mode == 12200)
2042 next unless (substr ($line, 0, 12) eq '$ecryptfs$0$');
2044 # check if default salt
2048 $param = 0 if (substr ($line, 12, 2) eq '1$');
2056 if ($param == 0) # we need to extract the salt
2058 $index1 = index ($line, '$', $index1);
2060 next if $index1 < 1;
2062 my $index2 = index ($line, '$', $index1 + 1);
2064 next if $index2 < 1;
2066 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
2071 $index1 = index ($line, ':', $index1 + 1);
2073 next if $index1 < 1;
2077 $word = substr ($line, $index1 + 1);
2078 $hash_in = substr ($line, 0, $index1);
2080 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2082 # Oracle T: Type (Oracle 12+)
2083 elsif ($mode == 12300)
2085 my $index1 = index ($line, ':');
2087 next if ($index1 != 160);
2091 $salt = substr ($line, 128, 32);
2095 $word = substr ($line, $index1 + 1);
2096 $hash_in = substr ($line, 0, $index1);
2098 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2100 # BSDiCrypt, Extended DES
2101 elsif ($mode == 12400)
2103 next unless (substr ($line, 0, 1) eq '_');
2105 my $index1 = index ($line, ':', 20);
2107 next if ($index1 != 20);
2111 $iter = substr ($line, 1, 4);
2113 $iter = base64_to_int24
($iter);
2117 $salt = substr ($line, 5, 4);
2121 $word = substr ($line, $index1 + 1);
2122 $hash_in = substr ($line, 0, $index1);
2124 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2126 # Blockchain, My Wallet
2127 elsif ($mode == 12700)
2129 my $index1 = index ($line, ':');
2131 next if ($index1 < 0);
2133 $hash_in = substr ($line, 0, $index1);
2134 $word = substr ($line, $index1 + 1);
2136 my (undef, $signature, $data_len, $data_buf) = split '\$', $hash_in;
2138 next unless ($signature eq "blockchain");
2140 next unless (($data_len * 2) == length $data_buf);
2142 $salt = substr ($data_buf, 0, 32);
2143 $param = substr ($data_buf, 32);
2145 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2147 elsif ($mode == 12800)
2149 ($hash_in, $word) = split ":", $line;
2151 next unless defined $hash_in;
2152 next unless defined $word;
2154 my @data = split /\,/, $hash_in;
2156 next unless scalar @data == 4;
2158 next unless (shift @data eq 'v1;PPH1_MD4');
2160 $salt = shift @data;
2161 $iter = shift @data;
2163 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2165 elsif ($mode == 12900)
2167 ($hash_in, $word) = split ":", $line;
2169 next unless defined $hash_in;
2170 next unless defined $word;
2172 next unless length $hash_in == 160;
2174 $param = substr ($hash_in, 0, 64);
2175 $salt = substr ($hash_in, 128, 32);
2178 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2180 elsif ($mode == 13000)
2184 ($hash_line, $word) = split ":", $line;
2186 next unless defined $hash_line;
2187 next unless defined $word;
2189 my @data = split ('\$', $hash_line);
2191 next unless scalar @data == 8;
2195 my $signature = shift @data;
2196 my $salt_len = shift @data;
2197 my $salt_buf = shift @data;
2198 my $iterations = shift @data;
2199 my $iv = shift @data;
2200 my $pswcheck_len = shift @data;
2201 my $pswcheck = shift @data;
2203 next unless ($signature eq "rar5");
2204 next unless ($salt_len == 16);
2205 next unless ($pswcheck_len == 8);
2208 $iter = $iterations;
2209 $hash_in = $pswcheck;
2212 next unless (exists ($db->{$hash_line}) and (! defined ($db->{$hash_line})));
2214 elsif ($mode == 13100 )
2216 ($hash_in, $word) = split ":", $line;
2218 next unless defined $hash_in;
2219 next unless defined $word;
2221 my @data = split ('\$', $hash_in);
2223 next unless scalar @data == 8;
2227 my $signature = shift @data;
2228 my $algorithm = shift @data;
2229 my $user = shift @data;
2230 $user = substr ($user, 1);
2231 my $realm = shift @data;
2232 my $spn = shift @data;
2233 $spn = substr ($spn, 0, length ($spn) - 1);
2234 my $checksum = shift @data;
2235 my $edata2 = shift @data;
2237 next unless ($signature eq "krb5tgs");
2238 next unless (length ($checksum) == 32);
2239 next unless (length ($edata2) >= 64);
2241 $salt = $user . '$' . $realm . '$' . $spn . '$' . substr ($edata2, 0, 16);
2243 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2245 elsif ($mode == 13200)
2247 ($hash_in, $word) = split ":", $line;
2249 next unless defined $hash_in;
2250 next unless defined $word;
2252 my @data = split ('\*', $hash_in);
2254 next unless scalar @data == 5;
2258 my $signature = shift @data;
2259 my $version = shift @data;
2260 my $iteration = shift @data;
2261 my $mysalt = shift @data;
2262 my $digest = shift @data;
2264 next unless ($signature eq '$axcrypt$');
2265 next unless (length ($mysalt) == 32);
2266 next unless (length ($digest) == 48);
2268 $salt = $iteration . '*' . $mysalt;
2270 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2272 elsif ($mode == 13300)
2274 ($hash_in, $word) = split ":", $line;
2276 next unless defined $hash_in;
2277 next unless defined $word;
2279 my @data = split ('\$', $hash_in);
2281 next unless scalar @data == 2;
2285 my $signature = shift @data;
2286 my $digest = shift @data;
2288 next unless ($signature eq '$axcrypt_sha1');
2289 next unless (length ($digest) == 32 || length ($digest) == 40);
2291 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2293 elsif ($mode == 13400)
2295 ($hash_in, $word) = split ":", $line;
2297 next unless defined $hash_in;
2298 next unless defined $word;
2300 my @data = split ('\*', $hash_in);
2302 next unless (scalar @data == 9
2303 || scalar @data == 11
2304 || scalar @data == 12
2305 || scalar @data == 14);
2307 my $signature = shift @data;
2308 next unless ($signature eq '$keepass$');
2310 my $version = shift @data;
2311 next unless ($version == 1 || $version == 2);
2313 my $iteration = shift @data;
2315 my $algorithm = shift @data;
2317 my $final_random_seed = shift @data;
2321 next unless (length ($final_random_seed) == 32);
2323 elsif ($version == 2)
2325 next unless (length ($final_random_seed) == 64);
2328 my $transf_random_seed = shift @data;
2329 next unless (length ($transf_random_seed) == 64);
2331 my $enc_iv = shift @data;
2332 next unless (length ($enc_iv) == 32);
2336 my $contents_hash = shift @data;
2337 next unless (length ($contents_hash) == 64);
2339 my $inline_flags = shift @data;
2340 next unless ($inline_flags == 1);
2342 my $contents_len = shift @data;
2344 my $contents = shift @data;
2345 next unless (length ($contents) == $contents_len * 2);
2347 elsif ($version == 2)
2349 my $expected_bytes = shift @data;
2350 next unless (length ($expected_bytes) == 64);
2352 my $contents_hash = shift @data;
2353 next unless (length ($contents_hash) == 64);
2356 if (scalar @data == 12 || scalar @data == 14)
2358 my $inline_flags = shift @data;
2359 next unless ($inline_flags == 1);
2361 my $keyfile_len = shift @data;
2362 next unless ($keyfile_len == 64);
2364 my $keyfile = shift @data;
2365 next unless (length ($keyfile) == $keyfile_len);
2368 $salt = substr ($hash_in, length ("*keepass*") + 1, length ($hash_in));
2370 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2372 elsif ($mode == 13600)
2374 ($hash_in, $word) = split ":", $line;
2376 next unless defined $hash_in;
2377 next unless defined $word;
2379 my @data = split ('\*', $hash_in);
2381 next unless scalar @data == 10;
2383 my $tag_start = shift @data;
2384 my $type = shift @data;
2385 my $mode = shift @data;
2386 my $magic = shift @data;
2387 my $salt = shift @data;
2388 my $verify_bytes = shift @data;
2389 my $length = shift @data;
2390 my $data = shift @data;
2391 my $auth = shift @data;
2392 my $tag_end = shift @data;
2394 next unless ($tag_start eq '$zip2$');
2395 next unless ($tag_end eq '$/zip2$');
2404 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2408 print "ERROR: hash mode is not supported\n";
2413 if ($word =~ m/^\$HEX\[[0-9a-fA-F]*\]$/)
2415 $word = pack ("H*", substr ($word, 5, -1));
2418 # finally generate the hash
2423 # check both variations
2424 $hash_out = gen_hash
($mode, $word, $salt, $iter, 1);
2426 $len = length $hash_out; # == length $alternative
2428 if (substr ($line, 0, $len) ne $hash_out)
2430 my $alternative = gen_hash
($mode, $word, $salt, $iter, 2);
2432 return unless (substr ($line, 0, $len) eq $alternative);
2435 elsif ($mode == 8700)
2437 $hash_out = gen_hash
($mode, $word, $salt, 0, $param);
2439 $len = length $hash_out;
2441 return unless (substr ($line, 0, $len) eq $hash_out);
2443 elsif ($mode == 8900)
2445 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2, $param3);
2447 $len = length $hash_out;
2449 return unless (substr ($line, 0, $len) eq $hash_out);
2451 elsif ($mode == 9100)
2453 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2455 $len = length $hash_out;
2457 return unless (substr ($line, 0, $len) eq $hash_out);
2459 elsif ($mode == 190)
2461 $hash_out = gen_hash
($mode, $word, $salt, $iter, 0);
2463 $len = length $hash_out; # == length $alternative
2465 if (substr ($line, 0, $len) ne $hash_out)
2467 my $alternative = gen_hash
($mode, $word, $salt, $iter, 1);
2469 return unless (substr ($line, 0, $len) eq $alternative);
2472 elsif ($mode == 3300)
2474 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2476 $len = length $hash_out;
2478 return unless (substr ($line, 0, $len) eq $hash_out);
2480 elsif ($mode == 5100)
2482 # check 3 variants (start, middle, end)
2486 $hash_out = gen_hash
($mode, $word, $salt, $iter, $idx++);
2488 $len = length $hash_out; # == length $alternative
2490 if (substr ($line, 0, $len) ne $hash_out)
2492 my $alternative = gen_hash
($mode, $word, $salt, $iter, $idx++);
2494 if (substr ($line, 0, $len) ne $alternative)
2496 my $alternative = gen_hash
($mode, $word, $salt, $iter, $idx++);
2498 return unless (substr ($line, 0, $len) eq $alternative);
2502 elsif ($mode == 9400)
2504 $hash_out = gen_hash
($mode, $word, $salt, 50000, $param, $param2);
2506 $len = length $hash_out;
2508 return unless (substr ($line, 0, $len) eq $hash_out);
2510 elsif ($mode == 9500)
2512 $hash_out = gen_hash
($mode, $word, $salt, 100000, $param);
2514 $len = length $hash_out;
2516 return unless (substr ($line, 0, $len) eq $hash_out);
2518 elsif ($mode == 9600)
2520 $hash_out = gen_hash
($mode, $word, $salt, 100000, $param);
2522 $len = length $hash_out;
2524 return unless (substr ($line, 0, $len) eq $hash_out);
2526 elsif ($mode == 9700)
2528 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2);
2530 $len = length $hash_out;
2532 return unless (substr ($line, 0, $len) eq $hash_out);
2534 elsif ($mode == 9800)
2536 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2);
2538 $len = length $hash_out;
2540 return unless (substr ($line, 0, $len) eq $hash_out);
2542 elsif ($mode == 10400)
2544 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2, $param3);
2546 $len = length $hash_out;
2548 return unless (substr ($line, 0, $len) eq $hash_out);
2550 elsif ($mode == 10500)
2552 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2, $param3, $param4, $param5, $param6);
2554 $len = length $hash_out;
2556 return unless (substr ($line, 0, $len) eq $hash_out);
2558 elsif ($mode == 10600)
2560 $hash_out = gen_hash
($mode, $word, $salt, 0, $param);
2562 $len = length $hash_out;
2564 return unless (substr ($line, 0, $len) eq $hash_out);
2566 elsif ($mode == 10700)
2568 $hash_out = gen_hash
($mode, $word, $salt, 0, $param);
2570 $len = length $hash_out;
2572 return unless (substr ($line, 0, $len) eq $hash_out);
2574 elsif ($mode == 10900)
2576 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2578 $len = length $hash_out;
2580 return unless (substr ($line, 0, $len) eq $hash_out);
2582 elsif ($mode == 11100)
2584 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2586 $len = length $hash_out;
2588 return unless (substr ($line, 0, $len) eq $hash_out);
2590 elsif ($mode == 11400)
2592 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param, $param2, $param3, $param4, $param5, $param6, $param7, $param8, $param9, $param10, $param11);
2594 $len = length $hash_out;
2596 return unless (substr ($line, 0, $len) eq $hash_out);
2598 elsif ($mode == 11600)
2600 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param, $param2, $param3, $param4, $param5, $param6);
2602 $len = length $hash_out;
2604 return unless (substr ($line, 0, $len) eq $hash_out);
2606 elsif ($mode == 11900)
2608 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2610 $len = length $hash_out;
2612 return unless (substr ($line, 0, $len) eq $hash_out);
2614 elsif ($mode == 12000)
2616 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2618 $len = length $hash_out;
2620 return unless (substr ($line, 0, $len) eq $hash_out);
2622 elsif ($mode == 12100)
2624 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2626 $len = length $hash_out;
2628 return unless (substr ($line, 0, $len) eq $hash_out);
2630 elsif ($mode == 12200)
2632 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2634 $len = length $hash_out;
2636 return unless (substr ($line, 0, $len) eq $hash_out);
2638 elsif ($mode == 12700)
2640 # this is very special, we can't call gen_hash () because the param part is not always the same
2641 # we only know that it should contain the letters "guid" at the beginning of the decryted string
2643 my $pbkdf2 = Crypt
::PBKDF2
->new (
2644 hash_class
=> 'HMACSHA1',
2649 my $salt_bin = pack ("H*", $salt);
2651 my $key = $pbkdf2->PBKDF2 ($salt_bin, $word);
2653 my $cipher = Crypt
::CBC
->new ({
2655 cipher
=> "Crypt::Rijndael",
2662 my $param_bin = pack ("H*", $param);
2664 my $decrypted = $cipher->decrypt ($param_bin);
2666 my $decrypted_part = substr ($decrypted, 1, 16);
2668 return unless ($decrypted_part =~ /"guid"/);
2670 $hash_out = $hash_in;
2672 elsif ($mode == 12900)
2674 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2676 $len = length $hash_out;
2678 return unless (substr ($line, 0, $len) eq $hash_out);
2680 elsif ($mode == 13000)
2682 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2684 $len = length $hash_out;
2686 return unless (substr ($line, 0, $len) eq $hash_out);
2688 elsif ($mode == 13100)
2690 $hash_out = gen_hash
($mode, $word, $salt);
2692 $len = length $hash_out;
2694 return unless (substr ($line, 0, $len) eq $hash_out);
2696 elsif ($mode == 13200)
2698 $hash_out = gen_hash
($mode, $word, $salt);
2700 $len = length $hash_out;
2702 return unless (substr ($line, 0, $len) eq $hash_out);
2704 elsif ($mode == 13400)
2706 $hash_out = gen_hash
($mode, $word, $salt);
2708 $len = length $hash_out;
2710 return unless (substr ($line, 0, $len) eq $hash_out);
2712 elsif ($mode == 13600)
2714 $hash_out = gen_hash
($mode, $word, undef, undef, $param, $param2, $param3, $param4, $param5, $param6);
2716 $len = length $hash_out;
2718 return unless (substr ($line, 0, $len) eq $hash_out);
2722 $hash_out = gen_hash
($mode, $word, $salt, $iter);
2724 $len = length $hash_out;
2729 # allow $P$ and $H$ for -m 400
2730 next unless (substr ($line, 3, $len - 3) eq substr ($hash_out, 3));
2732 elsif ($mode == 5600)
2734 # hashcat outputs the user name always upper-case, we need
2735 next unless (substr ($line, 0, $len) eq $hash_out);
2739 my $hash_out_lower = lc ($hash_out);
2741 for my $key (keys %{$db})
2743 if (lc ($key) eq $hash_out_lower)
2755 next unless (substr ($line, 0, $len) eq $hash_out);
2759 # do not forget "exists ($db->$hash_out)" should be done above!
2760 $db->{$hash_out} = $word;
2761 print OUT
$line . "\n";
2770 my $mode = shift || 0;
2772 while (my $word_buf = <>)
2776 next if length ($word_buf) > 31;
2784 for (my $i = 0; $i < 256; $i++)
2786 my $c = get_random_chr
(0x30, 0x39);
2788 push (@salt_arr, $c);
2791 my $salt_buf = join ("", @salt_arr);
2799 if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 133 || $mode == 190 || $mode == 200 || $mode == 300 || $mode == 600 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 6000 || $mode == 6100 || $mode == 6900 || $mode == 5700 || $mode == 9900 || $mode == 10800 || $mode == 11500 || $mode == 13300)
2801 $tmp_hash = gen_hash
($mode, $word_buf, "");
2803 elsif ($mode == 10 || $mode == 20 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 120 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1711 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 3610 || $mode == 3710 || $mode == 3711 || $mode == 3720 || $mode == 3800 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 4900 || $mode == 8900 || $mode == 10000 || $mode == 10200 || $mode == 10900 || $mode == 11900 || $mode == 12000 || $mode == 12100)
2805 my $salt_len = get_random_num
(1, 15);
2807 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2809 elsif ($mode == 11 || $mode == 12 || $mode == 7600 || $mode == 12300)
2811 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
2815 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 2));
2819 my $salt_len = get_random_num
(1, 11);
2821 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2823 elsif ($mode == 111 || $mode == 122 || $mode == 131 || $mode == 132 || $mode == 400 || $mode == 500 || $mode == 1600 || $mode == 1722 || $mode == 1731 || $mode == 1800 || $mode == 6300 || $mode == 7900 || $mode == 8100 || $mode == 11100)
2825 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 8));
2827 elsif ($mode == 112)
2829 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 20));
2831 elsif ($mode == 121)
2833 my $salt_len = get_random_num
(1, 9);
2835 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2837 elsif ($mode == 125)
2839 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 8));
2841 elsif ($mode == 141 || $mode == 1441)
2843 my $salt_len = get_random_num
(1, 15);
2845 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2847 elsif ($mode == 1100)
2849 my $salt_len = get_random_num
(1, 19);
2851 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2853 elsif ($mode == 1500)
2855 next if length ($word_buf) > 8;
2857 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 2));
2859 elsif ($mode == 2100)
2861 next if length ($word_buf) > 13;
2863 my $salt_len = get_random_num
(1, 19);
2865 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2867 elsif ($mode == 2410)
2869 next if length ($word_buf) > 15;
2871 my $salt_len = get_random_num
(1, 15);
2873 my $word_len = length ($word_buf);
2875 $salt_len = min
($salt_len, 15 - $word_len);
2877 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2879 elsif ($mode == 2500)
2881 next if length ($word_buf) < 8;
2883 my $salt_len = get_random_num
(0, 32);
2885 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2887 elsif ($mode == 2611)
2889 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 3));
2891 elsif ($mode == 2612)
2893 my $salt_len = get_random_num
(1, 22);
2895 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2897 elsif ($mode == 2711)
2899 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 30));
2901 elsif ($mode == 2811)
2903 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 5));
2905 elsif ($mode == 3000)
2907 next if length ($word_buf) > 7;
2909 $tmp_hash = gen_hash
($mode, $word_buf, "");
2911 elsif ($mode == 3100)
2913 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 10));
2915 elsif ($mode == 3200 || $mode == 5800 || $mode == 6400 || $mode == 6500 || $mode == 6700 || $mode == 7400 || $mode == 3300 || $mode == 8000 || $mode == 9100 || $mode == 12200)
2917 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 16));
2919 elsif ($mode == 3800 || $mode == 4900)
2921 my $salt_len = get_random_num
(1, 11);
2923 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2925 elsif ($mode == 4800)
2927 $salt_buf = get_random_md5chap_salt
(substr ($salt_buf, 0, 16));
2929 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2931 elsif ($mode == 5300 || $mode == 5400)
2933 $salt_buf = get_random_ike_salt
();
2935 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2937 elsif ($mode == 5500)
2939 my $user_len = get_random_num
(0, 15);
2940 my $domain_len = get_random_num
(0, 15);
2942 $salt_buf = get_random_netntlmv1_salt
($user_len, $domain_len);
2944 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2946 elsif ($mode == 5600)
2948 my $user_len = get_random_num
(0, 15);
2949 my $domain_len = get_random_num
(0, 15);
2951 $salt_buf = get_random_netntlmv2_salt
($user_len, $domain_len);
2953 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2955 elsif ($mode == 6600)
2957 $salt_buf = get_random_agilekeychain_salt
();
2959 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2961 elsif ($mode == 6800)
2963 my $email_len = get_random_num
(1, 15);
2967 for (my $i = 0; $i < $email_len; $i++)
2969 $email .= get_random_chr
(0x61, 0x7a);
2972 $email .= '@trash-mail.com';
2974 $tmp_hash = gen_hash
($mode, $word_buf, $email);
2976 elsif ($mode == 7100)
2978 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 64));
2980 elsif ($mode == 7200)
2982 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 128));
2984 elsif ($mode == 7300)
2986 my $salt_len = get_random_num
(32, 256);
2988 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2990 elsif ($mode == 7500)
2992 $salt_buf = get_random_kerberos5_salt
(substr ($salt_buf, 0, 16));
2994 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2996 elsif ($mode == 7700)
2998 next if length ($word_buf) > 8;
3000 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 12));
3002 elsif ($mode == 7800)
3004 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 12));
3006 elsif ($mode == 8200)
3008 $salt_buf = get_random_cloudkeychain_salt
();
3010 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
3012 elsif ($mode == 8300)
3014 $salt_buf = get_random_dnssec_salt
();
3016 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
3018 elsif ($mode == 8400 || $mode == 11200)
3020 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 40));
3022 elsif ($mode == 8500)
3024 next if length ($word_buf) > 8;
3026 my $salt_len = get_random_num
(1, 9);
3028 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3030 elsif ($mode == 8600)
3032 next if length ($word_buf) > 16;
3034 $tmp_hash = gen_hash
($mode, $word_buf, "");
3036 elsif ($mode == 8700)
3038 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 5));
3040 elsif ($mode == 9200 || $mode == 9300)
3044 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3046 elsif ($mode == 9400 || $mode == 9500 || $mode == 9600 || $mode == 9700 || $mode == 9800)
3048 next if length ($word_buf) > 19;
3052 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3054 elsif ($mode == 10100)
3056 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
3058 elsif ($mode == 10300)
3060 my $salt_len = get_random_num
(4, 15);
3062 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3064 elsif ($mode == 10400)
3066 next if length ($word_buf) > 31;
3070 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3072 elsif ($mode == 10500)
3074 next if length ($word_buf) > 15;
3078 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3080 elsif ($mode == 10600)
3082 next if length ($word_buf) > 31;
3086 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3088 elsif ($mode == 10700)
3090 next if length ($word_buf) > 15;
3094 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3096 elsif ($mode == 11000)
3098 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 56));
3100 elsif ($mode == 11300)
3102 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 16));
3104 elsif ($mode == 11400)
3106 next if length ($word_buf) > 24;
3108 my $salt_len = get_random_num
(1, 15);
3110 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3112 elsif ($mode == 11600)
3114 my $salt_len = get_random_num
(0, 16);
3116 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3118 elsif ($mode == 12400)
3120 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 4));
3122 elsif ($mode == 12600)
3124 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 64));
3126 elsif ($mode == 12700)
3128 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
3130 elsif ($mode == 12800)
3132 next if length ($word_buf) > 24;
3134 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 20));
3136 elsif ($mode == 12900)
3138 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
3140 elsif ($mode == 13000)
3142 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
3144 elsif ($mode == 13100)
3146 $salt_buf = get_random_kerberos5_tgs_salt
();
3148 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
3150 elsif ($mode == 13200)
3152 $salt_buf = get_random_axcrypt_salt
();
3154 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
3156 elsif ($mode == 13400)
3158 $salt_buf = get_random_keepass_salt
();
3160 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
3162 elsif ($mode == 13500)
3164 $salt_buf = get_pstoken_salt
();
3166 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
3168 elsif ($mode == 13600)
3170 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
3172 elsif ($mode == 13800)
3174 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 256));
3178 print "ERROR: Unsupported hash type\n";
3183 print $tmp_hash, "\n";
3196 for (my $j = 0; $j < scalar @modes; $j++)
3198 my $mode = $modes[$j];
3200 if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 133 || $mode == 190 || $mode == 200 || $mode == 300 || $mode == 600 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 5300 || $mode == 5400 || $mode == 6000 || $mode == 6100 || $mode == 6600 || $mode == 6900 || $mode == 5700 || $mode == 8200 || $mode == 8300 || $mode == 9900 || $mode == 10800 || $mode == 11500 || $mode == 13300)
3202 for (my $i = 1; $i < 32; $i++)
3206 rnd
($mode, $len, 0);
3214 elsif ($mode == 10 || $mode == 20 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 120 || $mode == 121 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1711 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 2410 || $mode == 3610 || $mode == 3710 || $mode == 3711 || $mode == 3720 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 8900 || $mode == 10000 || $mode == 10200 || $mode == 10900 || $mode == 11900 || $mode == 12000 || $mode == 12100)
3216 my $salt_len = get_random_num
(1, 15);
3218 for (my $i = 1; $i < 32; $i++)
3222 rnd
($mode, $len, $salt_len);
3226 rnd
($mode, $i, $salt_len);
3230 elsif ($mode == 11 || $mode == 12 || $mode == 7600 || $mode == 12300)
3232 for (my $i = 1; $i < 32; $i++)
3236 rnd
($mode, $len, 32);
3240 rnd
($mode, $i, 32);
3244 elsif ($mode == 21 || $mode == 22)
3246 for (my $i = 1; $i < 32; $i++)
3250 rnd
($mode, $len, 2);
3258 elsif ($mode == 111 || $mode == 122 || $mode == 125 || $mode == 131 || $mode == 132 || $mode == 400 || $mode == 500 || $mode == 1600 || $mode == 1722 || $mode == 1731 || $mode == 6300 || $mode == 7900 || $mode == 8100 || $mode == 11100)
3260 for (my $i = 1; $i < 32; $i++)
3264 rnd
($mode, $len, 8);
3272 elsif ($mode == 112)
3274 for (my $i = 1; $i < 32; $i++)
3278 rnd
($mode, $len, 20);
3282 rnd
($mode, $i, 20);
3286 elsif ($mode == 141 || $mode == 3300 || $mode == 1441 || $mode == 1800 || $mode == 3200 || $mode == 4800 || $mode == 6400 || $mode == 6500 || $mode == 6700 || $mode == 7400 || $mode == 8000 || $mode == 9100 || $mode == 12200)
3288 for (my $i = 1; $i < 32; $i++)
3292 rnd
($mode, $len, 16);
3296 rnd
($mode, $i, 16);
3302 my $salt_len = get_random_num
(1, 19);
3304 for (my $i = 1; $i < 32; $i++)
3308 rnd
($mode, $len, $salt_len);
3312 rnd
($mode, $i, $salt_len);
3316 elsif ($mode == 1500)
3318 for (my $i = 1; $i < 9; $i++)
3322 rnd
($mode, $len, 2);
3330 elsif ($mode == 2100)
3332 my $salt_len = get_random_num
(1, 19);
3334 for (my $i = 1; $i < 13; $i++)
3338 rnd
($mode, $len, $salt_len);
3342 rnd
($mode, $i, $salt_len);
3346 elsif ($mode == 2500)
3348 my $salt_len = get_random_num
(0, 32);
3350 for (my $i = 8; $i < 16; $i++)
3352 my $generate_from_len = 0;
3361 rnd
($mode, $len, $salt_len);
3365 rnd
($mode, $i, $salt_len);
3369 elsif ($mode == 2611)
3371 for (my $i = 1; $i < 32; $i++)
3375 rnd
($mode, $len, 3);
3383 elsif ($mode == 2612)
3385 my $salt_len = get_random_num
(1, 22);
3387 for (my $i = 1; $i < 32; $i++)
3391 rnd
($mode, $len, $salt_len);
3395 rnd
($mode, $i, $salt_len);
3399 elsif ($mode == 2711)
3401 for (my $i = 1; $i < 32; $i++)
3405 rnd
($mode, $len, 30);
3409 rnd
($mode, $i, 30);
3413 elsif ($mode == 2811)
3415 for (my $i = 1; $i < 32; $i++)
3419 rnd
($mode, $len, 5);
3427 elsif ($mode == 3000)
3429 for (my $i = 1; $i < 8; $i++)
3433 rnd
($mode, $len, 0);
3441 elsif ($mode == 3100)
3443 for (my $i = 1; $i < 32; $i++)
3447 rnd
($mode, $len, 10);
3451 rnd
($mode, $i, 10);
3455 elsif ($mode == 3800 || $mode == 4900)
3457 my $salt_len = get_random_num
(1, 11);
3459 for (my $i = 1; $i < 32; $i++)
3463 rnd
($mode, $len, $salt_len);
3467 rnd
($mode, $i, $salt_len);
3471 elsif ($mode == 5500 || $mode == 5600)
3475 for (my $i = 1; $i < 27; $i++)
3477 $salt_len = get_random_num
(1, 15);
3481 rnd
($mode, $len, $salt_len);
3485 rnd
($mode, $i, $salt_len);
3489 elsif ($mode == 5800)
3491 for (my $i = 1; $i < 14; $i++)
3495 rnd
($mode, $len, 16);
3499 rnd
($mode, $i, 16);
3503 elsif ($mode == 6800)
3505 my $salt_len = get_random_num
(8, 25);
3507 for (my $i = 1; $i < 32; $i++)
3511 rnd
($mode, $len, $salt_len);
3515 rnd
($mode, $i, $salt_len);
3519 elsif ($mode == 7100)
3521 for (my $i = 1; $i < 32; $i++)
3525 rnd
($mode, $len, 64);
3529 rnd
($mode, $i, 64);
3533 elsif ($mode == 7200)
3535 for (my $i = 1; $i < 32; $i++)
3539 rnd
($mode, $len, 128);
3543 rnd
($mode, $i, 128);
3547 elsif ($mode == 7300)
3549 my $salt_len = get_random_num
(32, 255);
3551 for (my $i = 1; $i < 32; $i++)
3555 rnd
($mode, $len, $salt_len);
3559 rnd
($mode, $i, $salt_len);
3563 elsif ($mode == 7500)
3565 for (my $i = 1; $i < 27; $i++)
3569 rnd
($mode, $len, 16);
3573 rnd
($mode, $i, 16);
3577 elsif ($mode == 7700)
3579 my $salt_len = get_random_num
(1, 12);
3581 for (my $i = 1; $i < 9; $i++)
3585 rnd
($mode, $len, $salt_len);
3589 rnd
($mode, $i, $salt_len);
3593 elsif ($mode == 7800)
3595 my $salt_len = get_random_num
(1, 12);
3597 for (my $i = 1; $i < 32; $i++)
3601 rnd
($mode, $len, $salt_len);
3605 rnd
($mode, $i, $salt_len);
3609 elsif ($mode == 8400 || $mode == 11200)
3611 for (my $i = 1; $i < 32; $i++)
3615 rnd
($mode, $len, 40);
3619 rnd
($mode, $i, 40);
3623 elsif ($mode == 8500)
3625 my $salt_len = get_random_num
(1, 8);
3627 for (my $i = 1; $i < 9; $i++)
3631 rnd
($mode, $len, $salt_len);
3635 rnd
($mode, $i, $salt_len);
3639 elsif ($mode == 8600)
3641 for (my $i = 1; $i < 17; $i++)
3645 rnd
($mode, $len, 0);
3653 elsif ($mode == 8700)
3655 for (my $i = 1; $i < 32; $i++)
3659 rnd
($mode, $len, 5);
3667 elsif ($mode == 9200 || $mode == 9300)
3671 for (my $i = 1; $i < 32; $i++)
3675 rnd
($mode, $len, $salt_len);
3679 rnd
($mode, $i, $salt_len);
3683 elsif ($mode == 9400 || $mode == 9500 || $mode == 9600 || $mode == 9700 || $mode == 9800)
3687 for (my $i = 1; $i < 20; $i++)
3691 rnd
($mode, $len, $salt_len);
3695 rnd
($mode, $i, $salt_len);
3699 elsif ($mode == 10100)
3701 for (my $i = 1; $i < 32; $i++)
3705 rnd
($mode, $len, 32);
3709 rnd
($mode, $i, 32);
3713 elsif ($mode == 10300)
3715 my $salt_len = get_random_num
(4, 15);
3717 for (my $i = 1; $i < 32; $i++)
3721 rnd
($mode, $len, $salt_len);
3725 rnd
($mode, $i, $salt_len);
3729 elsif ($mode == 10400 || $mode == 10600)
3733 for (my $i = 1; $i < 32; $i++)
3737 rnd
($mode, $len, $salt_len);
3741 rnd
($mode, $i, $salt_len);
3745 elsif ($mode == 10500 || $mode == 10700)
3749 for (my $i = 1; $i < 16; $i++)
3753 rnd
($mode, $len, $salt_len);
3757 rnd
($mode, $i, $salt_len);
3761 elsif ($mode == 11000)
3763 for (my $i = 1; $i < 32; $i++)
3767 rnd
($mode, $len, 56);
3771 rnd
($mode, $i, 56);
3775 elsif ($mode == 11300)
3777 for (my $i = 1; $i < 32; $i++)
3781 rnd
($mode, $len, 16);
3785 rnd
($mode, $i, 16);
3789 elsif ($mode == 11400)
3791 for (my $i = 1; $i < 24; $i++)
3795 rnd
($mode, $len, 16);
3799 rnd
($mode, $i, 16);
3803 elsif ($mode == 11600)
3805 my $salt_len = get_random_num
(0, 16);
3807 for (my $i = 1; $i < 32; $i++)
3811 rnd
($mode, $len, $salt_len);
3815 rnd
($mode, $i, $salt_len);
3819 elsif ($mode == 12400)
3821 for (my $i = 1; $i < 32; $i++)
3825 rnd
($mode, $len, 4);
3833 elsif ($mode == 12600)
3835 for (my $i = 1; $i < 32; $i++)
3839 rnd
($mode, $len, 64);
3843 rnd
($mode, $i, 64);
3847 elsif ($mode == 12700)
3849 for (my $i = 1; $i < 32; $i++)
3853 rnd
($mode, $len, 32);
3857 rnd
($mode, $i, 32);
3861 elsif ($mode == 12800)
3863 for (my $i = 1; $i < 25; $i++)
3867 rnd
($mode, $len, 20);
3871 rnd
($mode, $i, 20);
3875 elsif ($mode == 12900)
3877 for (my $i = 1; $i < 32; $i++)
3881 rnd
($mode, $len, 32);
3885 rnd
($mode, $i, 32);
3889 elsif ($mode == 13000)
3891 for (my $i = 1; $i < 32; $i++)
3895 rnd
($mode, $len, 32);
3899 rnd
($mode, $i, 32);
3903 elsif ($mode == 13100)
3905 for (my $i = 1; $i < 27; $i++)
3909 rnd
($mode, $len, 16);
3913 rnd
($mode, $i, 16);
3917 elsif ($mode == 13200)
3919 for (my $i = 1; $i < 32; $i++)
3923 rnd
($mode, $len, 32);
3927 rnd
($mode, $i, 32);
3931 elsif ($mode == 13400)
3933 for (my $i = 1; $i < 16; $i++)
3937 rnd
($mode, $len, 16);
3941 rnd
($mode, $i, 16);
3945 elsif ($mode == 13500)
3947 for (my $i = 1; $i < 16; $i++)
3951 rnd
($mode, $len, 16);
3955 rnd
($mode, $i, 16);
3959 elsif ($mode == 13600)
3961 for (my $i = 1; $i < 16; $i++)
3965 rnd
($mode, $len, 32);
3969 rnd
($mode, $i, 32);
3973 elsif ($mode == 13800)
3975 for (my $i = 1; $i < 32; $i++)
3979 rnd
($mode, $len, 256);
3983 rnd
($mode, $i, 256);
3996 my $word_buf = shift;
3998 my $salt_buf = shift;
4002 my $additional_param = shift;
4004 my $additional_param2 = shift;
4006 my $additional_param3 = shift;
4008 my $additional_param4 = shift;
4010 my $additional_param5 = shift;
4012 my $additional_param6 = shift;
4014 my $additional_param7 = shift;
4016 my $additional_param8 = shift;
4018 my $additional_param9 = shift;
4020 my $additional_param10 = shift;
4022 my $additional_param11 = shift;
4034 $hash_buf = md5_hex
($word_buf);
4036 $tmp_hash = sprintf ("%s", $hash_buf);
4040 $hash_buf = md5_hex
($word_buf . $salt_buf);
4042 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4046 $hash_buf = md5_hex
($word_buf . $salt_buf);
4048 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4052 $hash_buf = md5_hex
($word_buf . $salt_buf);
4054 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4058 $hash_buf = md5_hex
($salt_buf . $word_buf);
4060 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4064 $hash_buf = md5_hex
($salt_buf . $word_buf);
4066 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4070 my $itoa64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
4071 my $salt_suffix = "Administration Tools";
4073 my $pass = sprintf ("%s:%s:%s", $salt_buf, $salt_suffix, $word_buf);
4075 $hash_buf = md5
($pass);
4079 for (my $pos = 0; $pos < 16; $pos += 2)
4081 my $octet1 = ord (substr ($hash_buf, $pos + 0, 1));
4082 my $octet2 = ord (substr ($hash_buf, $pos + 1, 1));
4084 my $num = ($octet1 <<8 & 0xff00) | ($octet2 & 0xff);
4086 my $idx1 = $num >> 12 & 0x0f;
4087 my $idx2 = $num >> 6 & 0x3f;
4088 my $idx3 = $num & 0x3f;
4090 $res = $res . substr ($itoa64, $idx1, 1) . substr ($itoa64, $idx2, 1) . substr ($itoa64, $idx3, 1);
4093 my $obfuscate_str = "nrcstn";
4094 my @obfuscate_pos = (0, 6, 12, 17, 23, 29);
4096 foreach my $pos (keys @obfuscate_pos)
4098 my $idx = $obfuscate_pos[$pos];
4099 my $before = substr ($res, 0, $idx);
4100 my $char = substr ($obfuscate_str, $pos, 1);
4101 my $after = substr ($res, $idx);
4103 $res = sprintf ("%s%s%s", $before, $char, $after);
4106 $tmp_hash = sprintf ("%s:%s", $res, $salt_buf);
4110 $hash_buf = md5_hex
($salt_buf . "\nskyper\n" . $word_buf);
4112 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4116 $hash_buf = md5_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
4118 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4122 $hash_buf = md5_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
4124 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4128 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&md5
, 64);
4130 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4134 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&md5
, 64);
4136 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4138 elsif ($mode == 100)
4140 $hash_buf = sha1_hex
($word_buf);
4142 $tmp_hash = sprintf ("%s", $hash_buf);
4144 elsif ($mode == 101)
4146 $hash_buf = sha1
($word_buf);
4148 my $base64_buf = encode_base64
($hash_buf);
4150 chomp ($base64_buf);
4152 $tmp_hash = sprintf ("{SHA}%s", $base64_buf);
4154 elsif ($mode == 110)
4156 $hash_buf = sha1_hex
($word_buf . $salt_buf);
4158 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4160 elsif ($mode == 111)
4162 $hash_buf = sha1
($word_buf . $salt_buf);
4164 my $base64_buf = encode_base64
($hash_buf . $salt_buf);
4166 chomp ($base64_buf);
4168 $tmp_hash = sprintf ("{SSHA}%s", $base64_buf);
4170 elsif ($mode == 112)
4172 my $salt_buf_bin = pack ("H*", $salt_buf);
4174 $hash_buf = sha1_hex
($word_buf . $salt_buf_bin);
4176 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4178 elsif ($mode == 120)
4180 $hash_buf = sha1_hex
($salt_buf . $word_buf);
4182 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4184 elsif ($mode == 121)
4186 $hash_buf = sha1_hex
(lc ($salt_buf) . $word_buf);
4188 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4190 elsif ($mode == 122)
4192 my $salt_buf_bin = pack ("H*", $salt_buf);
4194 $hash_buf = sha1_hex
($salt_buf_bin . $word_buf);
4196 $tmp_hash = sprintf ("%s%s", $salt_buf, $hash_buf);
4198 elsif ($mode == 125)
4200 my $signature = "01";
4202 my $salt_buf_bin = pack ("H*", $salt_buf . $signature);
4204 $hash_buf = sha1_hex
($salt_buf_bin . $word_buf);
4206 $tmp_hash = sprintf ("%s%s%s", $salt_buf, $signature, $hash_buf);
4208 elsif ($mode == 130)
4210 $hash_buf = sha1_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
4212 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4214 elsif ($mode == 131)
4216 my $salt_buf_bin = pack ("H*", $salt_buf);
4218 $hash_buf = sha1_hex
(encode
("UTF-16LE", uc ($word_buf)) . $salt_buf_bin);
4220 $tmp_hash = sprintf ("0x0100%s%s%s", $salt_buf, "0" x
40, $hash_buf);
4222 elsif ($mode == 132)
4224 my $salt_buf_bin = pack ("H*", $salt_buf);
4226 $hash_buf = sha1_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf_bin);
4228 $tmp_hash = sprintf ("0x0100%s%s", $salt_buf, $hash_buf);
4230 elsif ($mode == 133)
4232 $hash_buf = sha1
(encode
("UTF-16LE", $word_buf));
4234 $hash_buf = encode_base64
($hash_buf);
4235 $hash_buf =~ s/[\r\n]//g;
4237 $tmp_hash = sprintf ("%s", $hash_buf);
4239 elsif ($mode == 140)
4241 $hash_buf = sha1_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
4243 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4245 elsif ($mode == 141)
4247 $hash_buf = sha1
($salt_buf . encode
("UTF-16LE", $word_buf));
4249 my $base64_salt_buf = encode_base64
($salt_buf);
4251 chomp ($base64_salt_buf);
4253 my $base64_hash_buf = encode_base64
($hash_buf);
4255 $base64_hash_buf = substr ($base64_hash_buf, 0, 27);
4257 $tmp_hash = sprintf ("\$episerver\$*0*%s*%s", $base64_salt_buf, $base64_hash_buf);
4259 elsif ($mode == 150)
4261 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha1
, 64);
4263 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4265 elsif ($mode == 160)
4267 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&sha1
, 64);
4269 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4271 elsif ($mode == 190)
4273 $hash_buf = sha1_hex
($word_buf);
4275 my $variant = int (rand (2));
4277 if (defined ($additional_param))
4279 $variant = $additional_param;
4284 substr ($hash_buf, 0, 5) = "00000";
4287 $tmp_hash = sprintf ("%s", $hash_buf);
4289 elsif ($mode == 200)
4291 my $ppr = Authen
::Passphrase
::MySQL323
->new (passphrase
=> $word_buf);
4293 $hash_buf = $ppr->hash_hex;
4295 $tmp_hash = sprintf ("%s", $hash_buf);
4297 elsif ($mode == 300)
4299 $hash_buf = substr (password41
($word_buf), 1);
4301 $hash_buf = lc ($hash_buf); # useful for 'not matched' check only
4303 $tmp_hash = sprintf ("%s", $hash_buf);
4305 elsif ($mode == 400)
4314 my $ppr = Authen
::Passphrase
::PHPass
->new
4318 passphrase
=> $word_buf,
4321 $hash_buf = $ppr->as_rfc2307;
4323 $tmp_hash = sprintf ("%s", substr ($hash_buf, 7));
4325 elsif ($mode == 500)
4327 my $iterations = 1000;
4329 if (defined ($iter))
4333 $iterations = int ($iter);
4337 $hash_buf = md5_crypt
('$1$', $iterations, $word_buf, $salt_buf);
4339 $tmp_hash = sprintf ("%s", $hash_buf);
4341 elsif ($mode == 900)
4343 $hash_buf = md4_hex
($word_buf);
4345 $tmp_hash = sprintf ("%s", $hash_buf);
4347 elsif ($mode == 1000)
4349 $hash_buf = md4_hex
(encode
("UTF-16LE", $word_buf));
4351 $tmp_hash = sprintf ("%s", $hash_buf);
4353 elsif ($mode == 1100)
4355 $hash_buf = md4_hex
(md4
(encode
("UTF-16LE", $word_buf)) . encode
("UTF-16LE", lc ($salt_buf)));
4357 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4359 elsif ($mode == 1400)
4361 $hash_buf = sha256_hex
($word_buf);
4363 $tmp_hash = sprintf ("%s", $hash_buf);
4365 elsif ($mode == 1410)
4367 $hash_buf = sha256_hex
($word_buf . $salt_buf);
4369 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4371 elsif ($mode == 1420)
4373 $hash_buf = sha256_hex
($salt_buf . $word_buf);
4375 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4377 elsif ($mode == 1430)
4379 $hash_buf = sha256_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
4381 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4383 elsif ($mode == 1440)
4385 $hash_buf = sha256_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
4387 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4389 elsif ($mode == 1441)
4391 $hash_buf = sha256
($salt_buf . encode
("UTF-16LE", $word_buf));
4393 my $base64_salt_buf = encode_base64
($salt_buf);
4395 chomp ($base64_salt_buf);
4397 my $base64_hash_buf = encode_base64
($hash_buf);
4399 chomp ($base64_hash_buf);
4401 $base64_hash_buf = substr ($base64_hash_buf, 0, 43);
4403 $tmp_hash = sprintf ("\$episerver\$*1*%s*%s", $base64_salt_buf, $base64_hash_buf);
4405 elsif ($mode == 1450)
4407 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha256
, 64);
4409 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4411 elsif ($mode == 1460)
4413 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&sha256
, 64);
4415 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4417 elsif ($mode == 1500)
4419 $hash_buf = crypt ($word_buf, $salt_buf);
4421 $tmp_hash = sprintf ("%s", $hash_buf);
4423 elsif ($mode == 1600)
4425 my $iterations = 1000;
4427 if (defined ($iter))
4431 $iterations = int ($iter);
4435 $hash_buf = md5_crypt
('$apr1$', $iterations, $word_buf, $salt_buf);
4437 $tmp_hash = sprintf ("%s", $hash_buf);
4439 elsif ($mode == 1700)
4441 $hash_buf = sha512_hex
($word_buf);
4443 $tmp_hash = sprintf ("%s", $hash_buf);
4445 elsif ($mode == 1710)
4447 $hash_buf = sha512_hex
($word_buf . $salt_buf);
4449 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4451 elsif ($mode == 1711)
4453 $hash_buf = sha512_hex
($word_buf . $salt_buf);
4455 my $base64_buf = encode_base64
(pack ("H*", $hash_buf) . $salt_buf);
4457 $base64_buf =~ s/[ \n]//g;
4459 $tmp_hash = sprintf ("{SSHA512}%s", $base64_buf);
4461 elsif ($mode == 1720)
4463 $hash_buf = sha512_hex
($salt_buf . $word_buf);
4465 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4467 elsif ($mode == 1730)
4469 $hash_buf = sha512_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
4471 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4473 elsif ($mode == 1740)
4475 $hash_buf = sha512_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
4477 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4479 elsif ($mode == 1722)
4481 my $salt_buf_bin = pack ("H*", $salt_buf);
4483 $hash_buf = sha512_hex
($salt_buf_bin . $word_buf);
4485 $tmp_hash = sprintf ("%s%s", $salt_buf, $hash_buf);
4487 elsif ($mode == 1731)
4489 my $salt_buf_bin = pack ("H*", $salt_buf);
4491 $hash_buf = sha512_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf_bin);
4493 $tmp_hash = sprintf ("0x0200%s%s", $salt_buf, $hash_buf);
4495 elsif ($mode == 1750)
4497 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha512
, 128);
4499 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4501 elsif ($mode == 1760)
4503 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&sha512
, 128);
4505 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4507 elsif ($mode == 1800)
4509 my $iterations = 5000;
4511 if (defined ($iter))
4515 $iterations = int ($iter);
4519 $hash_buf = sha512_crypt
($iterations, $word_buf, $salt_buf);
4521 $tmp_hash = sprintf ("%s", $hash_buf);
4523 elsif ($mode == 2100)
4525 my $iterations = 10240;
4529 $iterations = int ($iter);
4532 my $salt = encode
("UTF-16LE", lc ($salt_buf));
4534 my $pbkdf2 = Crypt
::PBKDF2
->new
4536 hash_class
=> 'HMACSHA1',
4537 iterations
=> $iterations,
4539 salt_len
=> length ($salt),
4542 $hash_buf = unpack ("H*", $pbkdf2->PBKDF2 ($salt, md4
(md4
(encode
("UTF-16LE", $word_buf)) . $salt)));
4544 $tmp_hash = sprintf ("\$DCC2\$%i#%s#%s", $iterations, $salt_buf, $hash_buf);
4546 elsif ($mode == 2400)
4548 $tmp_hash = sprintf ("%s", pseudo_base64
(Digest
::MD5
::md5
($word_buf . "\0" x
(16 - length ($word_buf)))));
4550 elsif ($mode == 2410)
4552 my $salt_len = length ($salt_buf);
4554 my $salt_len_max4 = ($salt_len < 4) ?
$salt_len : 4;
4556 my $hash_buf = pseudo_base64
(Digest
::MD5
::md5
($word_buf . substr ($salt_buf, 0, $salt_len_max4) . "\0" x
(16 - length ($word_buf) - $salt_len_max4)));
4558 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4560 elsif ($mode == 2500)
4562 my ($bssid, $stmac, $snonce, $anonce, $eapol, $keyver, $eapol_size);
4564 if (! defined ($additional_param))
4568 $bssid = randbytes
(6);
4569 $stmac = randbytes
(6);
4570 $snonce = randbytes
(32);
4571 $anonce = randbytes
(32);
4573 $keyver = get_random_num
(1, 3); # 1 or 2
4576 # should be "validly" generated, but in theory could be anything for us also:
4577 # $eapol = "\x00" x 121; # works too, but let's generate it correctly
4579 $eapol = gen_random_wpa_eapol
($keyver, $snonce);
4583 $bssid = $additional_param;
4584 $stmac = $additional_param2;
4585 $snonce = $additional_param3;
4586 $anonce = $additional_param4;
4587 $keyver = $additional_param5;
4588 $eapol = $additional_param6;
4591 $eapol_size = length ($eapol);
4595 my $iterations = 4096;
4601 # generate the Pairwise Master Key (PMK)
4603 my $pbkdf2 = Crypt
::PBKDF2
->new
4605 hash_class
=> 'HMACSHA1',
4606 iterations
=> $iterations,
4610 my $pmk = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
4612 # Pairwise Transient Key (PTK) transformation
4614 my $ptk = wpa_prf_512
($pmk, $stmac, $bssid, $snonce, $anonce);
4616 # generate the Message Integrity Code (MIC)
4620 if ($keyver == 1) # WPA1 => MD5
4622 $mic = hmac
($eapol, $ptk, \
&md5
);
4626 $mic = hmac
($eapol, $ptk, \
&sha1
);
4629 $mic = substr ($mic, 0, 16);
4632 # format the binary output
4637 # first the essid (NULL-padded up to the first 36 bytes)
4639 $hash_buf .= $salt_buf;
4640 $hash_buf .= "\x00" x
(36 - length ($salt_buf));
4642 # the 2 MAC addresses
4644 $hash_buf .= $bssid;
4645 $hash_buf .= $stmac;
4649 $hash_buf .= $snonce;
4650 $hash_buf .= $anonce;
4654 $hash_buf .= $eapol;
4655 $hash_buf .= "\x00" x
(256 - $eapol_size);
4659 $hash_buf .= pack ("L*", $eapol_size);
4663 $hash_buf .= pack ("L*", $keyver);
4665 # and finally: the key mic
4669 # base64 encode the output
4671 $tmp_hash = encode_base64
($hash_buf, '');
4673 elsif ($mode == 2600)
4675 $hash_buf = md5_hex
(md5_hex
($word_buf));
4677 $tmp_hash = sprintf ("%s", $hash_buf);
4679 elsif ($mode == 2611)
4681 $hash_buf = md5_hex
(md5_hex
($word_buf) . $salt_buf);
4683 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4685 elsif ($mode == 2612)
4687 my $salt_buf_hex = unpack ("H*", $salt_buf);
4689 $hash_buf = md5_hex
(md5_hex
($word_buf) . $salt_buf);
4691 $tmp_hash = sprintf ("\$PHPS\$%s\$%s", $salt_buf_hex, $hash_buf);
4693 elsif ($mode == 2711)
4695 $hash_buf = md5_hex
(md5_hex
($word_buf) . $salt_buf);
4697 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4699 elsif ($mode == 2811)
4701 $hash_buf = md5_hex
(md5_hex
($salt_buf) . md5_hex
($word_buf));
4703 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4705 elsif ($mode == 3000)
4707 my $ppr = Authen
::Passphrase
::LANManager
->new ("passphrase" => $word_buf);
4709 $hash_buf = $ppr->hash_hex;
4711 $tmp_hash = sprintf ("%s", substr ($hash_buf, 0, 16));
4713 elsif ($mode == 3100)
4715 $hash_buf = oracle_hash
($salt_buf, $word_buf);
4717 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4719 elsif ($mode == 3200)
4728 $tmp_hash = bcrypt
($word_buf, sprintf ('$2a$%s$%s$', $cost, en_base64
($salt_buf)));
4730 elsif ($mode == 3300)
4732 my $iterations = 904;
4736 $iterations = int ($iter);
4741 if (defined ($additional_param))
4743 $variant = $additional_param;
4746 my $prefix = sprintf ("\$md5%srounds=%i\$%s", $variant, $iterations, $salt_buf);
4748 $iterations += 4096;
4750 $hash_buf = sun_md5
($word_buf, $prefix, $iterations);
4752 $tmp_hash = sprintf ("%s\$%s", $prefix, $hash_buf);
4754 elsif ($mode == 3500)
4756 $hash_buf = md5_hex
(md5_hex
(md5_hex
($word_buf)));
4758 $tmp_hash = sprintf ("%s", $hash_buf);
4760 elsif ($mode == 3610)
4762 $hash_buf = md5_hex
(md5_hex
($salt_buf) . $word_buf);
4764 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4766 elsif ($mode == 3710)
4768 $hash_buf = md5_hex
($salt_buf . md5_hex
($word_buf));
4770 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4772 elsif ($mode == 3711)
4774 $hash_buf = md5_hex
($salt_buf . "-" . md5_hex
($word_buf));
4776 $tmp_hash = sprintf ("\$B\$%s\$%s", $salt_buf, $hash_buf);
4778 elsif ($mode == 3720)
4780 $hash_buf = md5_hex
($word_buf . md5_hex
($salt_buf));
4782 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4784 elsif ($mode == 3800)
4786 $hash_buf = md5_hex
($salt_buf . $word_buf . $salt_buf);
4788 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4790 elsif ($mode == 3910)
4792 $hash_buf = md5_hex
(md5_hex
($word_buf) . md5_hex
($salt_buf));
4794 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4796 elsif ($mode == 4010)
4798 $hash_buf = md5_hex
($salt_buf . md5_hex
($salt_buf . $word_buf));
4800 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4802 elsif ($mode == 4110)
4804 $hash_buf = md5_hex
($salt_buf . md5_hex
($word_buf . $salt_buf));
4806 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4808 elsif ($mode == 4210)
4810 $hash_buf = md5_hex
($salt_buf . "\x00" . $word_buf);
4812 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4814 elsif ($mode == 4300)
4816 $hash_buf = md5_hex
(uc (md5_hex
($word_buf)));
4818 $tmp_hash = sprintf ("%s", $hash_buf);
4820 elsif ($mode == 4400)
4822 $hash_buf = md5_hex
(sha1_hex
($word_buf));
4824 $tmp_hash = sprintf ("%s", $hash_buf);
4826 elsif ($mode == 4500)
4828 $hash_buf = sha1_hex
(sha1_hex
($word_buf));
4830 $tmp_hash = sprintf ("%s", $hash_buf);
4832 elsif ($mode == 4600)
4834 $hash_buf = sha1_hex
(sha1_hex
(sha1_hex
($word_buf)));
4836 $tmp_hash = sprintf ("%s", $hash_buf);
4838 elsif ($mode == 4700)
4840 $hash_buf = sha1_hex
(md5_hex
($word_buf));
4842 $tmp_hash = sprintf ("%s", $hash_buf);
4844 elsif ($mode == 4800)
4846 my $index = rindex ($salt_buf, ":");
4848 my $salt = substr ($salt_buf, 0, $index);
4849 my $salt_bin = pack ("H*", $salt);
4850 my $chap_sign = substr ($salt_buf, $index + 1);
4851 my $chap_sign_bin = pack ("H*", $chap_sign);
4853 $hash_buf = md5_hex
($chap_sign_bin . $word_buf . $salt_bin);
4855 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4857 elsif ($mode == 4900)
4859 $hash_buf = sha1_hex
($salt_buf . $word_buf . $salt_buf);
4861 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4863 elsif ($mode == 5000)
4865 $hash_buf = keccak_256_hex
($word_buf);
4867 $tmp_hash = sprintf ("%s", $hash_buf);
4869 elsif ($mode == 5100)
4873 if (! defined ($additional_param))
4879 $pos = $additional_param * 8 unless ($additional_param > 2);
4882 $hash_buf = md5_hex
($word_buf);
4884 $tmp_hash = sprintf ("%s", substr ($hash_buf, $pos, 16));
4886 elsif ($mode == 5300)
4888 my @salt_arr = split (":", $salt_buf);
4890 my $msg_buf = pack ("H*", $salt_arr[0] . $salt_arr[1] . $salt_arr[2] . $salt_arr[3] . $salt_arr[4] . $salt_arr[5]);
4891 my $nr_buf = pack ("H*", $salt_arr[6] . $salt_arr[7]);
4893 my $hash_buf = hmac
($nr_buf , $word_buf, \
&md5
, 64);
4894 $hash_buf = hmac_hex
($msg_buf, $hash_buf, \
&md5
, 64);
4896 $tmp_hash = sprintf ("%s:%s", $salt_buf, $hash_buf);
4898 elsif ($mode == 5400)
4900 my @salt_arr = split (":", $salt_buf);
4902 my $msg_buf = pack ("H*", $salt_arr[0] . $salt_arr[1] . $salt_arr[2] . $salt_arr[3] . $salt_arr[4] . $salt_arr[5]);
4903 my $nr_buf = pack ("H*", $salt_arr[6] . $salt_arr[7]);
4905 my $hash_buf = hmac
($nr_buf , $word_buf, \
&sha1
, 64);
4906 $hash_buf = hmac_hex
($msg_buf, $hash_buf, \
&sha1
, 64);
4908 $tmp_hash = sprintf ("%s:%s", $salt_buf, $hash_buf);
4910 elsif ($mode == 5500)
4912 my $index1 = index ($salt_buf, "::");
4913 my $user = substr ($salt_buf, 0, $index1);
4915 my $index2 = index ($salt_buf, ":", $index1 + 2);
4916 my $domain = substr ($salt_buf, $index1 + 2, $index2 - $index1 - 2);
4918 my $len = length (substr ($salt_buf, $index2 + 1));
4920 my $c_challenge_hex;
4924 $c_challenge_hex = substr ($salt_buf, $index2 + 1, 48);
4929 $c_challenge_hex = substr ($salt_buf, $index2 + 1, 16);
4930 $c_challenge_hex .= 00 x
32;
4933 my $c_challenge = pack ("H*", substr ($c_challenge_hex, 0, 16));
4934 my $s_challenge_hex = substr ($salt_buf, $index2 + 17, 16);
4935 my $s_challenge = pack ("H*", $s_challenge_hex);
4937 my $challenge = substr (md5
($s_challenge . $c_challenge), 0, 8);
4941 my $nthash = Authen
::Passphrase
::NTHash
->new (passphrase
=> $word_buf)->hash . "\x00" x
5;
4943 $ntresp .= Crypt
::ECB
::encrypt
(setup_des_key
(substr ($nthash, 0, 7)), "DES", $challenge, "none");
4944 $ntresp .= Crypt
::ECB
::encrypt
(setup_des_key
(substr ($nthash, 7, 7)), "DES", $challenge, "none");
4945 $ntresp .= Crypt
::ECB
::encrypt
(setup_des_key
(substr ($nthash, 14, 7)), "DES", $challenge, "none");
4947 $tmp_hash = sprintf ("%s::%s:%s:%s:%s", $user, $domain, $c_challenge_hex, unpack ("H*", $ntresp), $s_challenge_hex);
4949 elsif ($mode == 5600)
4951 my $index1 = index ($salt_buf, "::");
4952 my $user = substr ($salt_buf, 0, $index1);
4954 my $index2 = index ($salt_buf, ":", $index1 + 2);
4955 my $domain = substr ($salt_buf, $index1 + 2, $index2 - $index1 - 2);
4957 my $s_challenge_hex = substr ($salt_buf, $index2 + 1, 16);
4958 my $s_challenge = pack ("H*", $s_challenge_hex);
4960 my $temp_hex = substr ($salt_buf, $index2 + 17);
4961 my $temp = pack ("H*", $temp_hex);
4963 my $nthash = Authen
::Passphrase
::NTHash
->new (passphrase
=> $word_buf)->hash;
4964 my $identity = Encode
::encode
("UTF-16LE", uc ($user) . $domain);
4966 $hash_buf = hmac_hex
($s_challenge . $temp, hmac
($identity, $nthash, \
&md5
, 64), \
&md5
, 64);
4968 $tmp_hash = sprintf ("%s::%s:%s:%s:%s", $user, $domain, $s_challenge_hex, $hash_buf, $temp_hex);
4970 elsif ($mode == 5700)
4972 $hash_buf = sha256
($word_buf);
4974 my $base64_buf = encode_base64
($hash_buf);
4978 for (my $i = 0; $i < 43; $i++)
4980 $tmp_hash .= $CISCO_BASE64_MAPPING->{substr ($base64_buf, $i, 1)};
4983 elsif ($mode == 5800)
4985 $hash_buf = androidpin_hash
($word_buf, $salt_buf);
4987 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4989 elsif ($mode == 6000)
4991 $hash_buf = ripemd160_hex
($word_buf);
4993 $tmp_hash = sprintf ("%s", $hash_buf);
4995 elsif ($mode == 6100)
4997 $hash_buf = whirlpool_hex
($word_buf);
4999 $tmp_hash = sprintf ("%s", $hash_buf);
5001 elsif ($mode == 6300)
5003 my $iterations = 1000; # hard coded by the AIX format
5005 $hash_buf = md5_crypt
('', $iterations, $word_buf, $salt_buf);
5007 $tmp_hash = sprintf ("{smd5}%s", $hash_buf);
5009 elsif ($mode == 6400)
5011 my $iterations = 64;
5015 $iterations = 1 << int ($iter);
5018 $hash_buf = aix_ssha256_pbkdf2
($word_buf, $salt_buf, $iterations);
5020 $tmp_hash = sprintf ("{ssha256}%02i\$%s\$%s", log ($iterations) / log (2), $salt_buf, $hash_buf);
5022 elsif ($mode == 6500)
5024 my $iterations = 64;
5028 $iterations = 1 << int ($iter);
5031 $hash_buf = aix_ssha512_pbkdf2
($word_buf, $salt_buf, $iterations);
5033 $tmp_hash = sprintf ("{ssha512}%02i\$%s\$%s", log ($iterations) / log (2), $salt_buf, $hash_buf);
5035 elsif ($mode == 6600)
5037 my $iterations = 1000;
5041 $iterations = int ($iter);
5044 my $salt_hex = substr ($salt_buf, 0, 16);
5045 my $salt = pack ("H*", $salt_hex);
5047 my $prefix = substr ($salt_buf, 16, 2016);
5049 my $iv_hex = substr ($salt_buf, 2032);
5050 my $iv = pack ("H*", $iv_hex);
5052 my $data = pack ("H*", "10101010101010101010101010101010");
5054 my $hasher = Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA1');
5056 my $pbkdf2 = Crypt
::PBKDF2
->new (
5058 iterations
=> $iterations,
5062 my $key = $pbkdf2->PBKDF2 ($salt, $word_buf);
5064 my $cipher = Crypt
::CBC
->new ({
5066 cipher
=> "Crypt::Rijndael",
5073 my $encrypted = unpack ("H*", $cipher->encrypt ($data));
5075 $hash_buf = substr ($encrypted, 0, 32);
5077 $tmp_hash = sprintf ("%i:%s:%s%s%s", $iterations, $salt_hex, $prefix, $iv_hex, $hash_buf);
5079 elsif ($mode == 6700)
5081 my $iterations = 64;
5085 $iterations = 1 << int ($iter);
5088 $hash_buf = aix_ssha1_pbkdf2
($word_buf, $salt_buf, $iterations);
5090 $tmp_hash = sprintf ("{ssha1}%02i\$%s\$%s", log ($iterations) / log (2), $salt_buf, $hash_buf);
5092 elsif ($mode == 6800)
5094 my $variant = $additional_param;
5096 if (! defined ($variant))
5098 $variant = int (rand (2));
5101 my $iterations = 500;
5105 $iterations = int ($iter);
5108 my $iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
5110 my $hasher = Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256);
5112 my $pbkdf2 = Crypt
::PBKDF2
->new (
5114 iterations
=> $iterations,
5118 my $key = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
5120 my $cipher = Crypt
::CBC
->new ({
5122 cipher
=> "Crypt::Rijndael",
5131 my $encrypt = $cipher->encrypt (substr ($salt_buf, 0, 16));
5133 $hash_buf = substr (unpack ("H*", $encrypt), 0, 32);
5137 my $verifier = "lastpass rocks\x02\x02";
5139 $hash_buf = unpack ("H*", substr ($cipher->encrypt ($verifier), 0, 16));
5142 $tmp_hash = sprintf ("%s:%i:%s", $hash_buf, $iterations, $salt_buf);
5144 elsif ($mode == 6900)
5146 $hash_buf = gost_hex
($word_buf);
5148 $tmp_hash = sprintf ("%s", $hash_buf);
5150 elsif ($mode == 7100)
5152 my $iterations = 1024;
5156 $iterations = int ($iter);
5159 my $pbkdf2 = Crypt
::PBKDF2
->new
5161 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 512),
5162 iterations
=> $iterations
5165 $hash_buf = unpack ("H*", $pbkdf2->PBKDF2 (pack ("H*", $salt_buf), $word_buf));
5167 $tmp_hash = sprintf ("\$ml\$%i\$%s\$%0128s", $iterations, $salt_buf, $hash_buf);
5169 elsif ($mode == 7200)
5171 my $iterations = 1024;
5175 $iterations = int ($iter);
5178 my $pbkdf2 = Crypt
::PBKDF2
->new (
5179 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 512),
5180 iterations
=> $iterations
5183 $hash_buf = unpack ("H*", $pbkdf2->PBKDF2 (pack ("H*", $salt_buf), $word_buf));
5185 $tmp_hash = sprintf ("grub.pbkdf2.sha512.%i.%s.%0128s", $iterations, $salt_buf, $hash_buf);
5187 elsif ($mode == 7300)
5189 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha1
);
5191 $tmp_hash = sprintf ("%s:%s", unpack ("H*", $salt_buf), $hash_buf);
5193 elsif ($mode == 7400)
5195 my $iterations = 5000;
5197 if (defined ($iter))
5201 $iterations = int ($iter);
5205 $hash_buf = sha256_crypt
($iterations, $word_buf, $salt_buf);
5207 $tmp_hash = sprintf ("%s", $hash_buf);
5209 elsif ($mode == 7500)
5211 my @salt_arr = split ("\\\$", $salt_buf);
5213 my $user = $salt_arr[0];
5215 my $realm = $salt_arr[1];
5217 my $salt = $salt_arr[2];
5219 my $hmac_salt = $salt_arr[3];
5220 my $hmac_salt_bin = pack ("H*", $hmac_salt);
5222 my $clear_data = $salt_arr[4];
5224 my $k = md4
(encode
("UTF-16LE", $word_buf));
5226 my $k1 = hmac_md5
("\x01\x00\x00\x00", $k);
5228 my $k3 = hmac_md5
($hmac_salt_bin, $k1);
5230 if (length ($clear_data) > 1)
5232 my $clear_data_bin = pack ("H*", $clear_data);
5234 $hash_buf = RC4
($k3, $clear_data_bin);
5238 my $hash = $salt_arr[5];
5240 my $hash_bin = pack ("H*", $hash);
5242 my $clear_data = RC4
($k3, $hash_bin);
5244 my $timestamp = substr ($clear_data, 14, 14);
5249 if ($timestamp !~ /^[[:digit:]]{14}$/)
5256 $hash_buf = "\x00" x
36;
5258 if ($hash_buf eq $hash_bin)
5260 $hash_buf = "\x01" x
36;
5265 $hash_buf = $hash_bin;
5269 $tmp_hash = sprintf ("\$krb5pa\$23\$%s\$%s\$%s\$%s%s", $user, $realm, $salt, unpack ("H*", $hash_buf), $hmac_salt);
5271 elsif ($mode == 7600)
5273 $hash_buf = sha1_hex
($salt_buf . sha1_hex
($word_buf));
5275 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
5277 elsif ($mode == 7700)
5279 $word_buf = uc $word_buf;
5280 $salt_buf = uc $salt_buf;
5282 my $word_buf_t = sapb_transcode
($word_buf);
5283 my $salt_buf_t = sapb_transcode
($salt_buf);
5285 my $digest1 = md5
($word_buf_t . $salt_buf_t);
5287 my $data = sapb_waldorf
($digest1, $word_buf_t, $salt_buf_t);
5289 my $digest2 = md5
($data);
5291 my ($a, $b, $c, $d) = unpack ("N4", $digest2);
5296 $tmp_hash = sprintf ("%s\$%08X%08X", $salt_buf, $a, $b);
5298 elsif ($mode == 7800)
5300 my $theMagicArray_s =
5301 "\x91\xac\x51\x14\x9f\x67\x54\x43\x24\xe7\x3b\xe0\x28\x74\x7b\xc2" .
5302 "\x86\x33\x13\xeb\x5a\x4f\xcb\x5c\x08\x0a\x73\x37\x0e\x5d\x1c\x2f" .
5303 "\x33\x8f\xe6\xe5\xf8\x9b\xae\xdd\x16\xf2\x4b\x8d\x2c\xe1\xd4\xdc" .
5304 "\xb0\xcb\xdf\x9d\xd4\x70\x6d\x17\xf9\x4d\x42\x3f\x9b\x1b\x11\x94" .
5305 "\x9f\x5b\xc1\x9b\x06\x05\x9d\x03\x9d\x5e\x13\x8a\x1e\x9a\x6a\xe8" .
5306 "\xd9\x7c\x14\x17\x58\xc7\x2a\xf6\xa1\x99\x63\x0a\xd7\xfd\x70\xc3" .
5307 "\xf6\x5e\x74\x13\x03\xc9\x0b\x04\x26\x98\xf7\x26\x8a\x92\x93\x25" .
5308 "\xb0\xa2\x0d\x23\xed\x63\x79\x6d\x13\x32\xfa\x3c\x35\x02\x9a\xa3" .
5309 "\xb3\xdd\x8e\x0a\x24\xbf\x51\xc3\x7c\xcd\x55\x9f\x37\xaf\x94\x4c" .
5310 "\x29\x08\x52\x82\xb2\x3b\x4e\x37\x9f\x17\x07\x91\x11\x3b\xfd\xcd";
5312 $salt_buf = uc $salt_buf;
5314 my $digest = sha1
($word_buf . $salt_buf);
5316 my ($a, $b, $c, $d, $e) = unpack ("I*", $digest);
5318 my $lengthMagicArray = 0x20;
5319 my $offsetMagicArray = 0;
5321 $lengthMagicArray += (($a >> 0) & 0xff) % 6;
5322 $lengthMagicArray += (($a >> 8) & 0xff) % 6;
5323 $lengthMagicArray += (($a >> 16) & 0xff) % 6;
5324 $lengthMagicArray += (($a >> 24) & 0xff) % 6;
5325 $lengthMagicArray += (($b >> 0) & 0xff) % 6;
5326 $lengthMagicArray += (($b >> 8) & 0xff) % 6;
5327 $lengthMagicArray += (($b >> 16) & 0xff) % 6;
5328 $lengthMagicArray += (($b >> 24) & 0xff) % 6;
5329 $lengthMagicArray += (($c >> 0) & 0xff) % 6;
5330 $lengthMagicArray += (($c >> 8) & 0xff) % 6;
5331 $offsetMagicArray += (($c >> 16) & 0xff) % 8;
5332 $offsetMagicArray += (($c >> 24) & 0xff) % 8;
5333 $offsetMagicArray += (($d >> 0) & 0xff) % 8;
5334 $offsetMagicArray += (($d >> 8) & 0xff) % 8;
5335 $offsetMagicArray += (($d >> 16) & 0xff) % 8;
5336 $offsetMagicArray += (($d >> 24) & 0xff) % 8;
5337 $offsetMagicArray += (($e >> 0) & 0xff) % 8;
5338 $offsetMagicArray += (($e >> 8) & 0xff) % 8;
5339 $offsetMagicArray += (($e >> 16) & 0xff) % 8;
5340 $offsetMagicArray += (($e >> 24) & 0xff) % 8;
5342 my $hash_buf = sha1_hex
($word_buf . substr ($theMagicArray_s, $offsetMagicArray, $lengthMagicArray) . $salt_buf);
5344 $tmp_hash = sprintf ("%s\$%s", $salt_buf, uc $hash_buf);
5346 elsif ($mode == 7900)
5355 my $phpass_it = 1 << $cost;
5357 $hash_buf = sha512
($salt_buf . $word_buf);
5359 for (my $i = 0; $i < $phpass_it; $i++)
5361 $hash_buf = sha512
($hash_buf . $word_buf);
5364 my $base64_buf = substr (Authen
::Passphrase
::PHPass
::_en_base64
($hash_buf), 0, 43);
5366 my $base64_digits = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
5368 my $cost_str = substr ($base64_digits , $cost, 1);
5370 $tmp_hash = sprintf ('$S$%s%s%s', $cost_str, $salt_buf, $base64_buf);
5372 elsif ($mode == 8000)
5374 my $salt_buf_bin = pack ("H*", $salt_buf);
5376 my $word_buf_utf = encode
("UTF-16BE", $word_buf);
5378 $hash_buf = sha256_hex
($word_buf_utf . "\x00" x
(510 - (length ($word_buf) * 2)) . $salt_buf_bin);
5380 $tmp_hash = sprintf ("0xc007%s%s", $salt_buf, $hash_buf);
5382 elsif ($mode == 8100)
5384 $hash_buf = sha1_hex
($salt_buf . $word_buf . "\x00");
5386 $tmp_hash = sprintf ("1%s%s", $salt_buf, $hash_buf);
5388 elsif ($mode == 8200)
5390 my $iterations = 40000;
5392 if (defined ($iter))
5394 $iterations = $iter;
5397 my $salt_hex = substr ($salt_buf, 0, 32);
5398 my $salt = pack ("H*", $salt_hex);
5400 my $data_hex = substr ($salt_buf, 32);
5401 my $data = pack ("H*", $data_hex);
5403 my $pbkdf2 = Crypt
::PBKDF2
->new
5405 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 512),
5406 iterations
=> int $iterations
5409 my $key = $pbkdf2->PBKDF2 ($salt, $word_buf);
5411 $hash_buf = hmac_hex
($data, substr ($key, 32, 32), \
&sha256
, 64);
5413 $tmp_hash = sprintf ("%s:%s:%d:%s", $hash_buf, $salt_hex, $iterations, $data_hex);
5415 elsif ($mode == 8300)
5417 my ($domain, $salt_hex) = split (":", $salt_buf);
5419 my $hashalg = Net
::DNS
::SEC
->digtype ("SHA1");
5421 my $salt = pack ("H*", $salt_hex);
5425 if (defined ($iter))
5427 $iterations = $iter;
5430 my $name = lc ($word_buf . $domain);
5432 my $hash_buf = Net
::DNS
::RR
::NSEC3
::name2hash
($hashalg, $name, $iterations, $salt);
5434 $tmp_hash = sprintf ("%s:%s:%s:%d", $hash_buf, $domain, $salt_hex, $iterations);
5436 elsif ($mode == 8400)
5438 $hash_buf = sha1_hex
($salt_buf . sha1_hex
($salt_buf . sha1_hex
($word_buf)));
5440 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
5442 elsif ($mode == 8500)
5444 $hash_buf = racf_hash
(uc $salt_buf, $word_buf);
5446 $tmp_hash = sprintf ('$racf$*%s*%s', uc $salt_buf, uc $hash_buf);
5448 elsif ($mode == 8600)
5450 my @saved_key = map { ord $_; } split "", $word_buf;
5452 my $len = scalar @saved_key;
5454 my @state = domino_big_md
(\
@saved_key, $len);
5456 $tmp_hash = sprintf ('%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x',
5475 elsif ($mode == 8700)
5477 my $domino_char = undef;
5479 if (defined ($additional_param))
5481 $domino_char = $additional_param;
5484 my @saved_key = map { ord $_; } split "", $word_buf;
5486 my $len = scalar @saved_key;
5488 my @state = domino_big_md
(\
@saved_key, $len);
5490 my $str = "(" . unpack ("H*", join ("", (map { chr $_; } @state))) . ")";
5492 @saved_key = map { ord $_; } split "", $salt_buf . uc $str;
5494 @state = domino_big_md
(\
@saved_key, 34);
5496 $hash_buf = join ("", (map { chr $_; } @state));
5498 $tmp_hash = sprintf ('(G%s)', domino_encode
($salt_buf . $hash_buf, $domino_char));
5500 elsif ($mode == 8900)
5506 if (defined ($additional_param))
5508 $N = $additional_param;
5509 $r = $additional_param2;
5510 $p = $additional_param3;
5513 $hash_buf = scrypt_hash
($word_buf, $salt_buf, $N, $r, $p, 32);
5515 $tmp_hash = sprintf ('%s', $hash_buf);
5517 elsif ($mode == 9100)
5519 my $iterations = 5000;
5521 if (defined ($iter))
5523 $iterations = $iter;
5526 my $domino_char = undef;
5528 # domino 5 hash - SEC_pwddigest_V1 - -m 8600
5530 my @saved_key = map { ord $_; } split "", $word_buf;
5532 my $len = scalar @saved_key;
5534 my @state = domino_big_md
(\
@saved_key, $len);
5537 # domino 6 hash - SEC_pwddigest_V2 - -m 8700
5539 my $salt_part = substr ($salt_buf, 0, 5);
5541 my $str = "(" . unpack ("H*", join ("", (map { chr $_; } @state))) . ")";
5543 @saved_key = map { ord $_; } split "", $salt_part . uc $str;
5545 @state = domino_big_md
(\
@saved_key, 34);
5547 $hash_buf = join ("", (map { chr $_; } @state));
5549 $tmp_hash = sprintf ('(G%s)', domino_encode
($salt_part . $hash_buf, $domino_char));
5552 # domino 8(.5.x) hash - SEC_pwddigest_V3 - -m 9100
5554 my $pbkdf2 = Crypt
::PBKDF2
->new
5556 hash_class
=> 'HMACSHA1',
5557 iterations
=> $iterations,
5564 if (defined ($additional_param))
5566 $chars = $additional_param;
5569 my $digest_new = $pbkdf2->PBKDF2 ($salt_buf, $tmp_hash);
5571 my $iteration_str = "" . $iterations;
5573 for (my $i = length ($iterations); $i < 10; $i++)
5575 $iterations = "0" . $iterations;
5578 $tmp_hash = sprintf ('(H%s)', domino_85x_encode
($salt_buf . $iterations . $chars . $digest_new, $domino_char));
5580 elsif ($mode == 9200)
5582 my $iterations = 20000;
5584 my $pbkdf2 = Crypt
::PBKDF2
->new
5586 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256),
5587 iterations
=> $iterations
5590 $hash_buf = encode_base64
($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
5594 for (my $i = 0; $i < 43; $i++)
5596 $tmp_hash .= $CISCO_BASE64_MAPPING->{substr ($hash_buf, $i, 1)};
5599 $tmp_hash = sprintf ("\$8\$%s\$%s", $salt_buf, $tmp_hash);
5601 elsif ($mode == 9300)
5607 $hash_buf = scrypt_b64
($word_buf, $salt_buf, $N, $r, $p, 32);
5611 for (my $i = 0; $i < 43; $i++)
5613 $tmp_hash .= $CISCO_BASE64_MAPPING->{substr ($hash_buf, $i, 1)};
5616 $tmp_hash = sprintf ('$9$%s$%s', $salt_buf, $tmp_hash);
5618 elsif ($mode == 9400)
5620 my $iterations = 50000;
5624 $iterations = int ($iter);
5627 my $aes_key_size = 128; # or 256
5629 if (defined ($additional_param2))
5631 $aes_key_size = $additional_param2;
5634 $salt_buf = pack ("H*", $salt_buf);
5636 my $tmp = sha1
($salt_buf . encode
("UTF-16LE", $word_buf));
5638 for (my $i = 0; $i < $iterations; $i++)
5640 my $num32 = pack ("L", $i);
5642 $tmp = sha1
($num32 . $tmp);
5645 my $zero32 = pack ("L", 0x00);
5647 my $derivation_array1 = pack ("C", 0x36) x
64;
5648 my $derivation_array2 = pack ("C", 0x5C) x
64;
5650 $tmp = sha1
($tmp . $zero32);
5652 my $tmp2 = sha1
($derivation_array1 ^ $tmp);
5653 my $tmp3 = sha1
($derivation_array2 ^ $tmp);
5655 my $key = substr ($tmp2 . $tmp3, 0, $aes_key_size / 8);
5657 my $m = Crypt
::Mode
::ECB
->new ('AES', 0);
5661 if (defined $additional_param)
5663 $encdata = $m->decrypt (pack ("H*", $additional_param), $key);
5667 $encdata = "A" x
16; ## can be anything
5670 my $data1_buf = $encdata;
5671 my $data2_buf = sha1
(substr ($data1_buf, 0, 16));
5673 $data1_buf = substr ($data1_buf . ("\x00" x
16), 0, 16);
5674 $data2_buf = substr ($data2_buf . ("\x00" x
16), 0, 32);
5676 my $encrypted1 = unpack ("H*", $m->encrypt ($data1_buf, $key));
5677 my $encrypted2 = unpack ("H*", $m->encrypt ($data2_buf, $key));
5679 $encrypted1 = substr ($encrypted1, 0, 32);
5680 $encrypted2 = substr ($encrypted2, 0, 40);
5682 $tmp_hash = sprintf ("\$office\$*%d*%d*%d*%d*%s*%s*%s", 2007, 20, $aes_key_size, 16, unpack ("H*", $salt_buf), $encrypted1, $encrypted2);
5684 elsif ($mode == 9500)
5686 my $iterations = 100000;
5690 $iterations = int ($iter);
5693 $salt_buf = pack ("H*", $salt_buf);
5695 my $tmp = sha1
($salt_buf . encode
("UTF-16LE", $word_buf));
5697 for (my $i = 0; $i < $iterations; $i++)
5699 my $num32 = pack ("L", $i);
5701 $tmp = sha1
($num32 . $tmp);
5704 my $encryptedVerifierHashInputBlockKey = "\xfe\xa7\xd2\x76\x3b\x4b\x9e\x79";
5705 my $encryptedVerifierHashValueBlockKey = "\xd7\xaa\x0f\x6d\x30\x61\x34\x4e";
5707 my $final1 = sha1
($tmp . $encryptedVerifierHashInputBlockKey);
5708 my $final2 = sha1
($tmp . $encryptedVerifierHashValueBlockKey);
5710 my $key1 = substr ($final1, 0, 16);
5711 my $key2 = substr ($final2, 0, 16);
5713 my $cipher1 = Crypt
::CBC
->new ({
5715 cipher
=> "Crypt::Rijndael",
5723 my $cipher2 = Crypt
::CBC
->new ({
5725 cipher
=> "Crypt::Rijndael",
5735 if (defined $additional_param)
5737 $encdata = $cipher1->decrypt (pack ("H*", $additional_param));
5741 $encdata = "A" x
16; ## can be anything
5744 my $data1_buf = $encdata;
5745 my $data2_buf = sha1
(substr ($data1_buf, 0, 16));
5747 my $encrypted1 = unpack ("H*", $cipher1->encrypt ($data1_buf));
5748 my $encrypted2 = unpack ("H*", $cipher2->encrypt ($data2_buf));
5750 $encrypted2 = substr ($encrypted2, 0, 64);
5752 $tmp_hash = sprintf ("\$office\$*%d*%d*%d*%d*%s*%s*%s", 2010, 100000, 128, 16, unpack ("H*", $salt_buf), $encrypted1, $encrypted2);
5754 elsif ($mode == 9600)
5756 my $iterations = 100000;
5760 $iterations = int ($iter);
5763 $salt_buf = pack ("H*", $salt_buf);
5765 my $tmp = sha512
($salt_buf . encode
("UTF-16LE", $word_buf));
5767 for (my $i = 0; $i < $iterations; $i++)
5769 my $num32 = pack ("L", $i);
5771 $tmp = sha512
($num32 . $tmp);
5774 my $encryptedVerifierHashInputBlockKey = "\xfe\xa7\xd2\x76\x3b\x4b\x9e\x79";
5775 my $encryptedVerifierHashValueBlockKey = "\xd7\xaa\x0f\x6d\x30\x61\x34\x4e";
5777 my $final1 = sha512
($tmp . $encryptedVerifierHashInputBlockKey);
5778 my $final2 = sha512
($tmp . $encryptedVerifierHashValueBlockKey);
5780 my $key1 = substr ($final1, 0, 32);
5781 my $key2 = substr ($final2, 0, 32);
5783 my $cipher1 = Crypt
::CBC
->new ({
5785 cipher
=> "Crypt::Rijndael",
5793 my $cipher2 = Crypt
::CBC
->new ({
5795 cipher
=> "Crypt::Rijndael",
5805 if (defined $additional_param)
5807 $encdata = $cipher1->decrypt (pack ("H*", $additional_param));
5811 $encdata = "A" x
16; ## can be anything
5814 my $data1_buf = $encdata;
5815 my $data2_buf = sha512
(substr ($data1_buf, 0, 16));
5817 my $encrypted1 = unpack ("H*", $cipher1->encrypt ($data1_buf));
5818 my $encrypted2 = unpack ("H*", $cipher2->encrypt ($data2_buf));
5820 $encrypted2 = substr ($encrypted2, 0, 64);
5822 $tmp_hash = sprintf ("\$office\$*%d*%d*%d*%d*%s*%s*%s", 2013, 100000, 256, 16, unpack ("H*", $salt_buf), $encrypted1, $encrypted2);
5824 elsif ($mode == 9700)
5826 $salt_buf = pack ("H*", $salt_buf);
5828 my $tmp = md5
(encode
("UTF-16LE", $word_buf));
5830 $tmp = substr ($tmp, 0, 5);
5834 for (my $i = 0; $i < 16; $i++)
5842 $tmp = substr ($tmp, 0, 5);
5846 if (defined $additional_param2)
5848 $version = $additional_param2;
5852 $version = (unpack ("L", $tmp) & 1) ?
0 : 1;
5855 my $rc4_key = md5
($tmp . "\x00\x00\x00\x00");
5857 my $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5861 if (defined $additional_param)
5863 $encdata = $m->RC4 (pack ("H*", $additional_param));
5867 $encdata = "A" x
16; ## can be anything
5870 my $data1_buf = $encdata;
5871 my $data2_buf = md5
(substr ($data1_buf, 0, 16));
5873 $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5875 my $encrypted1 = $m->RC4 ($data1_buf);
5876 my $encrypted2 = $m->RC4 ($data2_buf);
5878 $tmp_hash = sprintf ("\$oldoffice\$%d*%s*%s*%s", $version, unpack ("H*", $salt_buf), unpack ("H*", $encrypted1), unpack ("H*", $encrypted2));
5880 elsif ($mode == 9800)
5882 $salt_buf = pack ("H*", $salt_buf);
5884 my $tmp = sha1
($salt_buf. encode
("UTF-16LE", $word_buf));
5888 if (defined $additional_param2)
5890 $version = $additional_param2;
5894 $version = (unpack ("L", $tmp) & 1) ?
3 : 4;
5897 my $rc4_key = sha1
($tmp . "\x00\x00\x00\x00");
5901 $rc4_key = substr ($rc4_key, 0, 5) . "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
5904 my $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5908 if (defined $additional_param)
5910 $encdata = $m->RC4 (pack ("H*", $additional_param));
5914 $encdata = "A" x
16; ## can be anything
5917 my $data1_buf = $encdata;
5918 my $data2_buf = sha1
(substr ($data1_buf, 0, 16));
5920 $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5922 my $encrypted1 = $m->RC4 ($data1_buf);
5923 my $encrypted2 = $m->RC4 ($data2_buf);
5925 $tmp_hash = sprintf ("\$oldoffice\$%d*%s*%s*%s", $version, unpack ("H*", $salt_buf), unpack ("H*", $encrypted1), unpack ("H*", $encrypted2));
5927 elsif ($mode == 9900)
5929 $tmp_hash = sprintf ("%s", md5_hex
($word_buf . "\0" x
(100 - length ($word_buf))));
5931 elsif ($mode == 10000)
5933 my $iterations = 10000;
5937 $iterations = int ($iter);
5940 my $pbkdf2 = Crypt
::PBKDF2
->new
5942 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256),
5943 iterations
=> $iterations
5946 $hash_buf = encode_base64
($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
5947 $hash_buf =~ s/[\r\n]//g;
5949 $tmp_hash = sprintf ("pbkdf2_sha256\$%i\$%s\$%s", $iterations, $salt_buf, $hash_buf);
5951 elsif ($mode == 10100)
5953 my $seed = pack ("H*", $salt_buf);
5955 my ($hi, $lo) = siphash
($word_buf, $seed);
5957 my $hi_s = sprintf ("%08x", $hi);
5958 my $lo_s = sprintf ("%08x", $lo);
5960 $hi_s =~ s/^(..)(..)(..)(..)$/$4$3$2$1/;
5961 $lo_s =~ s/^(..)(..)(..)(..)$/$4$3$2$1/;
5963 $tmp_hash = sprintf ("%s%s:2:4:%s", $hi_s, $lo_s, $salt_buf);
5965 elsif ($mode == 10200)
5967 my $challengeb64 = encode_base64
($salt_buf);
5968 $challengeb64 =~ s/[\r\n]//g;
5972 if (defined $additional_param)
5974 $username = $additional_param;
5981 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&md5
);
5983 my $responseb64 = encode_base64
($username . " " . $hash_buf);
5984 $responseb64 =~ s/[\r\n]//g;
5986 $tmp_hash = sprintf ('$cram_md5$%s$%s', $challengeb64, $responseb64);
5988 elsif ($mode == 10300)
5990 my $iterations = 1024;
5994 $iterations = int ($iter);
5997 my $hash_buf = $salt_buf;
5999 for (my $pos = 0; $pos < $iterations; $pos++)
6001 $hash_buf = sha1
($word_buf . $hash_buf);
6004 $hash_buf = encode_base64
($hash_buf . $salt_buf);
6005 $hash_buf =~ s/[\r\n]//g;
6007 $tmp_hash = sprintf ("{x-issha, %i}%s", $iterations, $hash_buf);
6009 elsif ($mode == 10400)
6012 my $u = $additional_param;
6013 my $o = $additional_param2;
6014 my $P = $additional_param3;
6016 if (defined $u == 0)
6021 if (defined $o == 0)
6026 if (defined $P == 0)
6033 for (my $i = 0; $i < 32; $i++)
6035 $padding .= pack ("C", $pdf_padding[$i]);
6038 my $res = pdf_compute_encryption_key
($word_buf, $padding, $id, $u, $o, $P, 1, 2, 0);
6040 my $m = Crypt
::RC4
->new (substr ($res, 0, 5));
6042 $u = $m->RC4 ($padding);
6044 $tmp_hash = sprintf ('$pdf$%d*%d*40*%d*%d*16*%s*32*%s*32*%s', 1, 2, $P, 0, $id, unpack ("H*", $u), $o);
6046 elsif ($mode == 10500)
6049 my $u = $additional_param;
6050 my $o = $additional_param2;
6051 my $P = $additional_param3;
6052 my $V = $additional_param4;
6053 my $R = $additional_param5;
6054 my $enc = $additional_param6;
6056 if (defined $u == 0)
6063 if (defined $o == 0)
6068 if (defined $R == 0)
6070 $R = get_random_num
(3, 5);
6073 if (defined $V == 0)
6075 $V = ($R == 3) ?
2 : 4;
6078 if (defined $P == 0)
6080 $P = ($R == 3) ?
-4 : -1028;
6083 if (defined $enc == 0)
6085 $enc = ($R == 3) ?
1 : get_random_num
(0, 2);
6090 for (my $i = 0; $i < 32; $i++)
6092 $padding .= pack ("C", $pdf_padding[$i]);
6095 my $res = pdf_compute_encryption_key
($word_buf, $padding, $id, $u, $o, $P, $V, $R, $enc);
6097 my $digest = md5
($padding . pack ("H*", $id));
6099 my $m = Crypt
::RC4
->new ($res);
6101 $u = $m->RC4 ($digest);
6103 my @ress = split "", $res;
6105 for (my $x = 1; $x <= 19; $x++)
6109 for (my $i = 0; $i < 16; $i++)
6111 $xor[$i] = chr (ord ($ress[$i]) ^ $x);
6114 my $s = join ("", @xor);
6116 my $m2 = Crypt
::RC4
->new ($s);
6121 $u .= substr (pack ("H*", $u_save), 16, 16);
6123 $tmp_hash = sprintf ('$pdf$%d*%d*128*%d*%d*16*%s*32*%s*32*%s', $V, $R, $P, $enc, $id, unpack ("H*", $u), $o);
6125 elsif ($mode == 10600)
6128 my $rest = $additional_param;
6130 if (defined $id == 0)
6135 if (defined $rest == 0)
6141 $rest .= "*127*00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000";
6144 my @data = split /\*/, $rest;
6146 my $u = pack ("H*", $data[1]);
6148 my $h = sha256
($word_buf . substr ($u, 32, 8));
6150 $data[1] = unpack ("H*", $h . substr ($u, 32));
6152 $rest = join ("*", @data);
6154 $tmp_hash = sprintf ('$pdf$5*5*256*-1028*1*16*%s*%s', $id, $rest);
6156 elsif ($mode == 10700)
6159 my $rest = $additional_param;
6161 if (defined $id == 0)
6166 if (defined $rest == 0)
6172 $rest .= "*127*00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000";
6175 my @datax = split /\*/, $rest;
6177 my $u = pack ("H*", $datax[1]);
6179 my $block = sha256
($word_buf . substr ($u, 32, 8));
6181 my $block_size = 32;
6183 my $data = 0x00 x
64;
6189 for (my $i = 0; $i < 64 || $i < $data63 + 32; $i++)
6191 $data = $word_buf . $block;
6193 $data_len = length ($data);
6195 for (my $k = 1; $k < 64; $k++)
6197 $data .= $word_buf . $block;
6200 my $aes = Crypt
::CBC
->new ({
6201 key
=> substr ($block, 0, 16),
6202 cipher
=> "Crypt::Rijndael",
6203 iv
=> substr ($block, 16, 16),
6210 my $data = $aes->encrypt ($data);
6214 for (my $j = 0; $j < 16; $j++)
6216 $sum += ord (substr ($data, $j, 1));
6219 $block_size = 32 + ($sum % 3) * 16;
6221 if ($block_size == 32)
6223 $block = sha256
(substr ($data, 0, $data_len * 64));
6225 elsif ($block_size == 48)
6227 $block = sha384
(substr ($data, 0, $data_len * 64));
6229 elsif ($block_size == 64)
6231 $block = sha512
(substr ($data, 0, $data_len * 64));
6234 $data63 = ord (substr ($data, $data_len * 64 - 1, 1));
6237 $datax[1] = unpack ("H*", substr ($block, 0, 32) . substr ($u, 32));
6239 $rest = join ("*", @datax);
6241 $tmp_hash = sprintf ('$pdf$5*6*256*-1028*1*16*%s*%s', $id, $rest);
6243 elsif ($mode == 10800)
6245 $hash_buf = sha384_hex
($word_buf);
6247 $tmp_hash = sprintf ("%s", $hash_buf);
6249 elsif ($mode == 10900)
6251 my $iterations = 1000;
6255 $iterations = int ($iter);
6260 if (defined $additional_param)
6262 $out_len = $additional_param;
6265 my $pbkdf2 = Crypt
::PBKDF2
->new
6267 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256),
6268 iterations
=> $iterations,
6269 output_len
=> $out_len
6272 $hash_buf = encode_base64
($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
6273 $hash_buf =~ s/[\r\n]//g;
6275 my $base64_salt_buf = encode_base64
($salt_buf);
6277 chomp ($base64_salt_buf);
6279 $tmp_hash = sprintf ("sha256:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6281 elsif ($mode == 11000)
6283 $hash_buf = md5_hex
($salt_buf . $word_buf);
6285 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
6287 elsif ($mode == 11100)
6289 my $user = "postgres";
6291 if (defined $additional_param)
6293 $user = $additional_param;
6296 $hash_buf = md5_hex
(md5_hex
($word_buf . $user) . pack ("H*", $salt_buf));
6298 $tmp_hash = sprintf ("\$postgres\$%s*%s*%s", $user, $salt_buf, $hash_buf);
6300 elsif ($mode == 11200)
6302 my $sha1_pass = sha1
($word_buf);
6303 my $double_sha1 = sha1
($sha1_pass);
6305 my $xor_part1 = $sha1_pass;
6306 my $xor_part2 = sha1
(pack ("H*", $salt_buf) . $double_sha1);
6310 for (my $i = 0; $i < 20; $i++)
6312 my $first_byte = substr ($xor_part1, $i, 1);
6313 my $second_byte = substr ($xor_part2, $i, 1);
6315 my $xor_result = $first_byte ^ $second_byte;
6317 $hash_buf .= unpack ("H*", $xor_result);
6320 $tmp_hash = sprintf ("\$mysqlna\$%s*%s", $salt_buf, $hash_buf);
6322 elsif ($mode == 11300)
6324 my $ckey_buf = get_random_string
(96);
6326 if (length ($additional_param))
6328 $ckey_buf = $additional_param;
6331 my $public_key_buf = get_random_string
(66);
6333 if (length ($additional_param2))
6335 $public_key_buf = $additional_param2;
6338 my $salt_iter = get_random_num
(150000, 250000);
6342 $salt_iter = int ($iter);
6345 my $hash_buf = sha512
($word_buf . pack ("H*", $salt_buf));
6347 for (my $i = 1; $i < $salt_iter; $i++)
6349 $hash_buf = sha512
($hash_buf);
6352 my $data = get_random_string
(32);
6354 my $aes = Crypt
::CBC
->new ({
6355 key
=> substr ($hash_buf, 0, 32),
6356 cipher
=> "Crypt::Rijndael",
6357 iv
=> substr ($hash_buf, 32, 16),
6361 padding
=> "standard",
6364 my $cry_master_buf = (unpack ("H*", $aes->encrypt ($data)));
6366 $tmp_hash = sprintf ('$bitcoin$%d$%s$%d$%s$%d$%d$%s$%d$%s',
6367 length ($cry_master_buf),
6374 length ($public_key_buf),
6377 elsif ($mode == 11400)
6379 my ($directive, $URI_server, $URI_client, $user, $realm, $nonce, $nonce_count, $nonce_client, $qop, $method, $URI, $URI_prefix, $URI_resource, $URI_suffix);
6381 $directive = "MD5"; # only directive currently supported
6383 if (defined ($additional_param))
6385 $user = $additional_param;
6386 $realm = $additional_param2;
6388 $nonce_count = $additional_param3;
6389 $nonce_client = $additional_param4;
6390 $qop = $additional_param5;
6391 $method = $additional_param6;
6393 $URI_prefix = $additional_param7;
6394 $URI_resource = $additional_param8;
6395 $URI_suffix = $additional_param9;
6397 # not needed information
6399 $URI_server = $additional_param10;
6400 $URI_client = $additional_param11;
6404 $user = get_random_string
(get_random_num
(0, 12 + 1));
6406 # special limit: (user_len + 1 + realm_len + 1 + word_buf_len) < 56
6407 my $realm_max_len = 55 - length ($user) - 1 - length ($word_buf) - 1;
6409 if ($realm_max_len < 1) # should never happen
6414 $realm_max_len = min
(20, $realm_max_len);
6416 $realm = get_random_string
(get_random_num
(0, $realm_max_len + 1));
6420 if (get_random_num
(0, 1 + 1) == 1)
6424 $nonce_count = get_random_string
(get_random_num
(0, 10 + 1));
6425 $nonce_client = get_random_string
(get_random_num
(0, 12 + 1));
6435 $method = get_random_string
(get_random_num
(0, 24 + 1));
6437 $URI_prefix = get_random_string
(get_random_num
(0, 10 + 1));
6438 $URI_resource = get_random_string
(get_random_num
(1, 32 + 1));
6439 $URI_suffix = get_random_string
(get_random_num
(0, 32 + 1));
6441 # not needed information
6443 $URI_server = get_random_string
(get_random_num
(0, 32 + 1));
6444 $URI_client = $URI_resource; # simplification
6451 if (length ($URI_prefix) > 0)
6453 $URI = $URI_prefix . ":";
6456 $URI .= $URI_resource;
6458 if (length ($URI_suffix) > 0)
6460 $URI .= ":" . $URI_suffix;
6463 my $HA2 = md5_hex
($method . ":" . $URI);
6465 my $HA1 = md5_hex
($user . ":" . $realm . ":" . $word_buf);
6469 if (($qop eq "auth") || ($qop eq "auth-int"))
6471 $tmp_buf = $nonce . ":" . $nonce_count . ":" . $nonce_client . ":" . $qop;
6478 my $hash_buf = md5_hex
($HA1 . ":" . $tmp_buf . ":" . $HA2);
6480 $tmp_hash = sprintf ("\$sip\$*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s", $URI_server, $URI_resource, $user, $realm, $method, $URI_prefix, $URI_resource, $URI_suffix, $nonce, $nonce_client, $nonce_count, $qop, $directive, $hash_buf);
6482 elsif ($mode == 11500)
6484 $hash_buf = crc32
($word_buf);
6486 $tmp_hash = sprintf ("%08x:00000000", $hash_buf);
6488 elsif ($mode == 11600)
6490 my ($p, $num_cycle_power, $seven_zip_salt_len, $seven_zip_salt_buf, $salt_len, $data_len, $unpack_size, $data_buf);
6494 my $validation_only = 0;
6496 $validation_only = 1 if (defined ($additional_param));
6498 if ($validation_only == 1)
6500 $num_cycle_power = int ($iter);
6501 $seven_zip_salt_len = $additional_param;
6502 $seven_zip_salt_buf = $additional_param2;
6503 $salt_len = $additional_param3;
6504 # $salt_buf set in parser
6505 # $hash_buf (resulting crc)
6506 $data_len = $additional_param4;
6507 $unpack_size = $additional_param5;
6508 $data_buf = $additional_param6;
6512 $num_cycle_power = 14; # by default it is 19
6513 $seven_zip_salt_len = 0;
6514 $seven_zip_salt_buf = "";
6515 $salt_len = length ($salt_buf);
6516 # $salt_buf set automatically
6517 # $hash_buf (resulting crc)
6518 # $data_len will be set when encrypting
6519 $unpack_size = get_random_num
(1, 32 + 1);
6520 $data_buf = get_random_string
($unpack_size);
6524 # 2 ^ NumCyclesPower "iterations" of SHA256 (only one final SHA256)
6527 $word_buf = encode
("UTF-16LE", $word_buf);
6529 my $rounds = 1 << $num_cycle_power;
6533 for (my $i = 0; $i < $rounds; $i++)
6537 $num_buf .= pack ("V", $i);
6538 $num_buf .= "\x00" x
4;
6540 # this would be better but only works on 64-bit systems:
6541 # $num_buf = pack ("q", $i);
6543 $pass_buf .= sprintf ("%s%s", $word_buf, $num_buf);
6546 my $key = sha256
($pass_buf);
6548 # the salt_buf is our IV for AES CBC
6551 my $salt_buf_len = length ($salt_buf);
6552 my $salt_padding_len = 0;
6554 if ($salt_buf_len < 16)
6556 $salt_padding_len = 16 - $salt_buf_len;
6559 $salt_buf .= "\x00" x
$salt_padding_len;
6561 my $aes = Crypt
::CBC
->new ({
6562 cipher
=> "Crypt::Rijndael",
6570 if ($validation_only == 1)
6574 my $decrypted_data = $aes->decrypt ($data_buf);
6576 $decrypted_data = substr ($decrypted_data, 0, $unpack_size);
6578 $hash_buf = crc32
($decrypted_data);
6584 $hash_buf = crc32
($data_buf);
6586 $data_buf = $aes->encrypt ($data_buf);
6588 $data_len = length ($data_buf);
6591 $tmp_hash = sprintf ("\$7z\$%i\$%i\$%i\$%s\$%i\$%08s\$%u\$%u\$%u\$%s", $p, $num_cycle_power, $seven_zip_salt_len, $seven_zip_salt_buf, $salt_len, unpack ("H*", $salt_buf), $hash_buf, $data_len, $unpack_size, unpack ("H*", $data_buf));
6593 elsif ($mode == 11900)
6595 my $iterations = 1000;
6599 $iterations = int ($iter);
6604 if (defined $additional_param)
6606 $out_len = $additional_param;
6610 # call PHP here - WTF
6613 # sanitize $word_buf and $salt_buf:
6615 my $word_buf_base64 = encode_base64
($word_buf);
6616 $word_buf_base64 =~ s/[\r\n]//g;
6618 my $salt_buf_base64 = encode_base64
($salt_buf);
6619 $salt_buf_base64 =~ s/[\r\n]//g;
6623 $out_len = int ($out_len);
6625 # output is in hex encoding, otherwise it could be screwed (but shouldn't)
6627 my $php_code = <<'END_CODE';
6629 function pbkdf2 ($algorithm, $password, $salt, $count, $key_length, $raw_output = false)
6631 $algorithm = strtolower ($algorithm);
6633 if (! in_array ($algorithm, hash_algos (), true))
6635 trigger_error ("PBKDF2 ERROR: Invalid hash algorithm.", E_USER_ERROR);
6638 if ($count <= 0 || $key_length <= 0)
6640 trigger_error ("PBKDF2 ERROR: Invalid parameters.", E_USER_ERROR);
6643 if (function_exists ("hash_pbkdf2"))
6647 $key_length = $key_length * 2;
6650 return hash_pbkdf2 ($algorithm, $password, $salt, $count, $key_length, $raw_output);
6653 $hash_length = strlen (hash ($algorithm, "", true));
6654 $block_count = ceil ($key_length / $hash_length);
6658 for ($i = 1; $i <= $block_count; $i++)
6660 $last = $salt . pack ("N", $i);
6662 $last = $xorsum = hash_hmac ($algorithm, $last, $password, true);
6664 for ($j = 1; $j < $count; $j++)
6666 $xorsum ^= ($last = hash_hmac ($algorithm, $last, $password, true));
6674 return substr ($output, 0, $key_length);
6678 return bin2hex (substr ($output, 0, $key_length));
6682 print pbkdf2 ("md5", base64_decode ("$word_buf_base64"), base64_decode ("$salt_buf_base64"), $iterations, $out_len, False);
6686 # replace with these command line arguments
6688 $php_code =~ s/\$word_buf_base64/$word_buf_base64/;
6689 $php_code =~ s/\$salt_buf_base64/$salt_buf_base64/;
6690 $php_code =~ s/\$iterations/$iterations/;
6691 $php_code =~ s/\$out_len/$out_len/;
6693 my $php_output = `php -r '$php_code'`;
6695 $hash_buf = pack ("H*", $php_output);
6697 $hash_buf = encode_base64 ($hash_buf);
6698 $hash_buf =~ s/[\r\n]//g;
6700 my $base64_salt_buf = encode_base64 ($salt_buf);
6702 chomp ($base64_salt_buf);
6704 $tmp_hash = sprintf ("md5:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6706 elsif ($mode == 12000)
6708 my $iterations = 1000;
6712 $iterations = int ($iter);
6717 if (defined $additional_param)
6719 $out_len = $additional_param;
6722 my $pbkdf2 = Crypt::PBKDF2->new
6724 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1'),
6725 iterations => $iterations,
6726 output_len => $out_len
6729 $hash_buf = encode_base64 ($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
6730 $hash_buf =~ s/[\r\n]//g;
6732 my $base64_salt_buf = encode_base64 ($salt_buf);
6734 chomp ($base64_salt_buf);
6736 $tmp_hash = sprintf ("sha1:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6738 elsif ($mode == 12100)
6740 my $iterations = 1000;
6744 $iterations = int ($iter);
6749 if (defined $additional_param)
6751 $out_len = $additional_param;
6754 my $pbkdf2 = Crypt::PBKDF2->new
6756 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 512),
6757 iterations => $iterations,
6758 output_len => $out_len
6761 $hash_buf = encode_base64 ($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
6762 $hash_buf =~ s/[\r\n]//g;
6764 my $base64_salt_buf = encode_base64 ($salt_buf);
6766 chomp ($base64_salt_buf);
6768 $tmp_hash = sprintf ("sha512:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6770 elsif ($mode == 12200)
6772 my $iterations = 65536;
6774 my $default_salt = 0;
6776 if (defined $additional_param)
6778 $default_salt = int ($additional_param);
6781 if ($default_salt == 1)
6783 $salt_buf = "0011223344556677";
6786 $hash_buf = sha512 (pack ("H*", $salt_buf) . $word_buf);
6788 for (my $i = 0; $i < $iterations; $i++)
6790 $hash_buf = sha512 ($hash_buf);
6793 $hash_buf = unpack ("H*", $hash_buf);
6794 $hash_buf = substr ($hash_buf, 0, 16);
6796 if ($default_salt == 0)
6798 $tmp_hash = sprintf ("\$ecryptfs\$0\$1\$%s\$%s", $salt_buf, $hash_buf);
6802 $tmp_hash = sprintf ("\$ecryptfs\$0\$%s", $hash_buf);
6805 elsif ($mode == 12300)
6807 my $iterations = 4096;
6809 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 512);
6811 my $pbkdf2 = Crypt::PBKDF2->new (
6813 iterations => $iterations,
6817 my $salt_bin = pack ("H*", $salt_buf);
6819 my $key = $pbkdf2->PBKDF2 ($salt_bin. "AUTH_PBKDF2_SPEEDY_KEY", $word_buf);
6821 $hash_buf = sha512_hex ($key . $salt_bin);
6823 $tmp_hash = sprintf ("%s%s", uc ($hash_buf), uc ($salt_buf));
6825 elsif ($mode == 12400)
6831 $iterations = int ($iter);
6835 $iterations = get_random_num (1, 5001 + 1);
6838 my $key_value = fold_password ($word_buf);
6840 my $data = "\x00\x00\x00\x00\x00\x00\x00\x00";
6841 my $salt_value = base64_to_int24 ($salt_buf);
6843 $hash_buf = crypt_rounds ($key_value, $iterations, $salt_value, $data);
6845 $tmp_hash = sprintf ("_%s%s%s", int24_to_base64 ($iterations), $salt_buf, block_to_base64 ($hash_buf));
6847 elsif ($mode == 12600)
6849 $hash_buf = sha1_hex ($word_buf);
6851 $hash_buf = sha256_hex ($salt_buf . uc $hash_buf);
6853 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
6855 elsif ($mode == 12700)
6857 my $iterations = 10;
6860 "guid" : "00000000-0000-0000-0000-000000000000",
6861 "sharedKey" : "00000000-0000-0000-0000-000000000000",
6862 "options" : {"pbkdf2_iterations":10,"fee_policy":0,"html5_notifications":false,"logout_time":600000,"tx_display":0,"always_keep_local_backup":false}|;
6864 my $salt_buf_bin = pack ("H*", $salt_buf);
6866 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1');
6868 my $pbkdf2 = Crypt::PBKDF2->new (
6870 iterations => $iterations,
6874 my $key = $pbkdf2->PBKDF2 ($salt_buf_bin, $word_buf);
6876 my $cipher = Crypt::CBC->new ({
6878 cipher => "Crypt::Rijndael",
6879 iv => $salt_buf_bin,
6885 my $encrypted = unpack ("H*", $cipher->encrypt ($data));
6887 $tmp_hash = sprintf ("\$blockchain\$%s\$%s", length ($salt_buf . $encrypted) / 2, $salt_buf . $encrypted);
6889 elsif ($mode == 12800)
6891 my $iterations = 100;
6895 $iterations = int ($iter);
6898 my $nt = md4_hex (encode ("UTF-16LE", $word_buf));
6900 my $pbkdf2 = Crypt::PBKDF2->new
6902 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
6903 iterations => $iterations,
6907 my $salt_buf_bin = pack ("H*", $salt_buf);
6909 my $hash = $pbkdf2->PBKDF2 ($salt_buf_bin, uc (encode ("UTF-16LE", $nt)));
6911 $tmp_hash = sprintf ("v1;PPH1_MD4,%s,%d,%s", $salt_buf, $iterations, unpack ("H*", $hash));
6913 elsif ($mode == 12900)
6915 my $iterations = 4096;
6919 $iterations = int ($iter);
6922 my $salt2 = $salt_buf . $salt_buf;
6924 if (defined $additional_param)
6926 $salt2 = $additional_param;
6929 my $pbkdf2 = Crypt::PBKDF2->new
6931 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
6932 iterations => $iterations,
6936 my $salt_buf_bin = pack ("H*", $salt_buf);
6938 my $hash = $pbkdf2->PBKDF2 ($salt_buf_bin, $word_buf);
6940 my $salt2_bin = pack ("H*", $salt2);
6942 my $hash_hmac = hmac_hex ($salt2_bin, $hash, \&sha256, 64);
6944 $tmp_hash = sprintf ("%s%s%s", $salt2, $hash_hmac, $salt_buf);
6946 elsif ($mode == 13000)
6948 my $iterations = 15;
6952 $iterations = int ($iter);
6957 if (defined $additional_param)
6959 $iv = $additional_param;
6962 my $pbkdf2 = Crypt::PBKDF2->new
6964 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
6965 iterations => (1 << $iterations) + 32,
6969 my $salt_buf_bin = pack ("H*", $salt_buf);
6971 my $hash = $pbkdf2->PBKDF2 ($salt_buf_bin, $word_buf);
6973 my $hash_final = substr ($hash, 0, 8)
6974 ^ substr ($hash, 8, 8)
6975 ^ substr ($hash, 16, 8)
6976 ^ substr ($hash, 24, 8);
6978 $tmp_hash = sprintf ('$rar5$16$%s$%d$%s$8$%s', $salt_buf, $iterations, $iv, unpack ("H*", $hash_final));
6980 elsif ($mode == 13100)
6982 my @salt_arr = split ('\$', $salt_buf);
6984 my $user = $salt_arr[0];
6986 my $realm = $salt_arr[1];
6988 my $spn = $salt_arr[2];
6990 my $nonce = $salt_arr[3];
6992 my $cleartext_ticket = '6381b03081ada00703050050a00000a11b3019a003020117a1'.
6993 '12041058e0d77776e8b8e03991f2966939222aa2171b154d594b5242544553542e434f4e5'.
6994 '44f534f2e434f4da3133011a003020102a10a30081b067472616e6365a40b3009a0030201'.
6995 '01a1020400a511180f32303136303231353134343735305aa611180f32303136303231353'.
6996 '134343735305aa711180f32303136303231363030343735305aa811180f32303136303232'.
6999 $cleartext_ticket = $nonce . $cleartext_ticket;
7001 my $k = md4 (encode ("UTF-16LE", $word_buf));
7003 my $k1 = hmac_md5 ("\x02\x00\x00\x00", $k);
7005 my $checksum = hmac_md5 (pack ("H*", $cleartext_ticket), $k1);
7007 my $k3 = hmac_md5 ($checksum, $k1);
7009 my $cipher = Crypt::RC4->new ($k3);
7011 my $edata2 = $cipher->RC4 (pack ("H*", $cleartext_ticket));
7013 $tmp_hash = sprintf ('$krb5tgs$23$*%s$%s$%s*$%s$%s', $user, $realm, $spn, unpack ("H*", $checksum), unpack ("H*", $edata2));
7015 elsif ($mode == 13200)
7017 my @salt_arr = split ('\*', $salt_buf);
7019 my $iteration = $salt_arr[0];
7021 my $mysalt = $salt_arr[1];
7023 $mysalt = pack ("H*", $mysalt);
7025 my $DEK = randbytes (16);
7027 my $iv = "a6a6a6a6a6a6a6a6";
7029 my $KEK = sha1($word_buf);
7031 $KEK = substr ($KEK ^ $mysalt, 0, 16);
7033 my $aes = Crypt::Mode::ECB->new ('AES');
7035 my @R = ('', substr(pack ("H*",$DEK),0,8), substr(pack ("H*",$DEK),8,16));
7039 my $A = pack ("H*", $iv);
7041 for (my $j = 0; $j < $iteration; $j++)
7043 $B = $aes->encrypt ($A . $R[1], $KEK);
7045 $A = substr ($B, 0, 8) ^ pack ("q", (2 * $j + 1));
7047 $R[1] = substr ($B, 8, 16);
7049 $B = $aes->encrypt ($A . $R[2], $KEK);
7051 $A = substr ($B, 0, 8) ^ pack ("q", (2 * $j + 2));
7053 $R[2] = substr ($B, 8, 16);
7056 my $wrapped_key = unpack ("H*", $A . substr ($R[1], 0 ,8) . substr ($R[2], 0 ,8));
7058 $mysalt = unpack ("H*", $mysalt);
7060 $tmp_hash = sprintf ('$axcrypt$*1*%s*%s*%s', $iteration, $mysalt, $wrapped_key);
7062 elsif ($mode == 13300)
7064 $hash_buf = sha1_hex ($word_buf);
7066 $tmp_hash = sprintf ('$axcrypt_sha1$%s', substr ($hash_buf, 0, 32));
7068 elsif ($mode == 13400)
7070 my @salt_arr = split ('\*', $salt_buf);
7072 my $version = $salt_arr[0];
7074 my $iteration = $salt_arr[1];
7076 my $algorithm = $salt_arr[2];
7078 my $final_random_seed = $salt_arr[3];
7080 my $transf_random_seed = $salt_arr[4];
7082 my $enc_iv = $salt_arr[5];
7086 # specific to version 1
7091 # specific to version 2
7094 # specific to keyfile handling
7095 my $inline_keyfile_flag;
7097 my $keyfile_content;
7098 my $keyfile_attributes = "";
7100 $final_random_seed = pack ("H*", $final_random_seed);
7102 $transf_random_seed = pack ("H*", $transf_random_seed);
7104 $enc_iv = pack ("H*", $enc_iv);
7106 my $intermediate_hash = sha256 ($word_buf);
7110 $contents_hash = $salt_arr[6];
7111 $contents_hash = pack ("H*", $contents_hash);
7113 $inline_flag = $salt_arr[7];
7115 $contents_len = $salt_arr[8];
7117 $contents = $salt_arr[9];
7118 $contents = pack ("H*", $contents);
7121 if (scalar @salt_arr == 13)
7123 $inline_keyfile_flag = $salt_arr[10];
7125 $keyfile_len = $salt_arr[11];
7127 $keyfile_content = $salt_arr[12];
7129 $keyfile_attributes = $keyfile_attributes
7130 . "*" . $inline_keyfile_flag
7131 . "*" . $keyfile_len
7132 . "*" . $keyfile_content;
7134 $intermediate_hash = $intermediate_hash . pack ("H*", $keyfile_content);
7135 $intermediate_hash = sha256 ($intermediate_hash);
7138 elsif ($version == 2)
7141 if (scalar @salt_arr == 11)
7143 $inline_keyfile_flag = $salt_arr[8];
7145 $keyfile_len = $salt_arr[9];
7147 $keyfile_content = $salt_arr[10];
7149 $intermediate_hash = $intermediate_hash . pack ("H*", $keyfile_content);
7151 $keyfile_attributes = $keyfile_attributes
7152 . "*" . $inline_keyfile_flag
7153 . "*" . $keyfile_len
7154 . "*" . $keyfile_content;
7157 $intermediate_hash = sha256 ($intermediate_hash);
7160 my $aes = Crypt::Mode::ECB->new ('AES', 1);
7162 for (my $j = 0; $j < $iteration; $j++)
7164 $intermediate_hash = $aes->encrypt ($intermediate_hash, $transf_random_seed);
7166 $intermediate_hash = substr ($intermediate_hash, 0, 32);
7169 $intermediate_hash = sha256 ($intermediate_hash);
7171 my $final_key = sha256 ($final_random_seed . $intermediate_hash);
7173 my $final_algorithm;
7175 if ($version == 1 && $algorithm == 1)
7177 $final_algorithm = "Crypt::Twofish";
7181 $final_algorithm = "Crypt::Rijndael";
7184 my $cipher = Crypt::CBC->new ({
7186 cipher => $final_algorithm,
7195 $contents_hash = sha256 ($contents);
7197 $contents = $cipher->encrypt($contents);
7199 $tmp_hash = sprintf ('$keepass$*%d*%d*%d*%s*%s*%s*%s*%d*%d*%s%s',
7203 unpack ("H*", $final_random_seed),
7204 unpack ("H*", $transf_random_seed),
7205 unpack ("H*", $enc_iv),
7206 unpack ("H*", $contents_hash),
7209 unpack ("H*", $contents),
7210 $keyfile_attributes);
7214 $expected_bytes = $salt_arr[6];
7216 $contents_hash = $salt_arr[7];
7217 $contents_hash = pack ("H*", $contents_hash);
7219 $expected_bytes = $cipher->decrypt($contents_hash);
7221 $tmp_hash = sprintf ('$keepass$*%d*%d*%d*%s*%s*%s*%s*%s%s',
7225 unpack ("H*", $final_random_seed),
7226 unpack ("H*", $transf_random_seed),
7227 unpack ("H*", $enc_iv),
7228 unpack ("H*", $expected_bytes),
7229 unpack ("H*", $contents_hash),
7230 $keyfile_attributes);
7233 elsif ($mode == 13500)
7235 $hash_buf = sha1_hex (pack ("H*", $salt_buf) . encode ("UTF-16LE", $word_buf));
7237 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
7239 elsif ($mode == 13600)
7241 my $iterations = 1000;
7245 if (defined $additional_param)
7247 $type = $additional_param;
7250 my $mode = 1 + int rand (3);
7252 if (defined $additional_param2)
7254 $mode = $additional_param2;
7259 if (defined $additional_param3)
7261 $magic = $additional_param3;
7264 if (defined $additional_param4)
7266 $salt_buf = $additional_param4;
7269 $salt_buf = substr ($salt_buf, 0, 8 + ($mode * 8));
7271 my $compress_length = 0;
7273 if (defined $additional_param5)
7275 $compress_length = $additional_param5;
7280 if (defined $additional_param6)
7282 $data = $additional_param6;
7285 my $key_len = (8 * ($mode & 3) + 8) * 2;
7287 my $out_len = $key_len + 2;
7289 my $salt_buf_bin = pack ("H*", $salt_buf);
7291 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1');
7293 my $pbkdf2 = Crypt::PBKDF2->new
7296 iterations => $iterations,
7297 output_len => $out_len
7300 my $key = $pbkdf2->PBKDF2_hex ($salt_buf_bin, $word_buf);
7302 my $verify_bytes = substr ($key, -4); $verify_bytes =~ s/^0+//; #lol
7304 $key = substr ($key, $key_len, $key_len);
7306 my $key_bin = pack ("H*", $key);
7308 my $auth = hmac_hex ($data, $key_bin, \&sha1, 64);
7310 $tmp_hash = sprintf ('$zip2$*%u*%u*%u*%s*%s*%u*%s*%s*$/zip2$', $type, $mode, $magic, $salt_buf, $verify_bytes, $compress_length, $data, substr ($auth, 0, 20));
7312 elsif ($mode == 13800)
7314 my $word_buf_unicode = encode ("UTF-16LE", $word_buf);
7316 my $salt_buf_bin = pack ("H*", $salt_buf);
7318 $hash_buf = sha256_hex ($word_buf_unicode . $salt_buf_bin);
7320 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
7330 my $word_len = shift;
7332 my $salt_len = shift;
7336 $max = 15 if ($mode == 2410);
7338 if ($is_unicode{$mode})
7340 if (! $allow_long_salt{$mode})
7342 $word_len = min ($word_len, int ($max / 2) - $salt_len);
7346 $word_len = min ($word_len, int ($max / 2));
7349 elsif ($less_fifteen{$mode})
7351 $word_len = min ($word_len, 15);
7355 $salt_len = min ($salt_len, 15 - $word_len);
7360 if (! $allow_long_salt{$mode})
7362 $word_len = min ($word_len, $max - $salt_len);
7381 for (my $i = 0; $i < $salt_len; $i++)
7383 my $c = get_random_chr (0x30, 0x39);
7385 push (@salt_arr, $c);
7388 $salt_buf = join ("", @salt_arr);
7390 $salt_buf = get_random_md5chap_salt ($salt_buf);
7392 elsif ($mode == 5300 || $mode == 5400)
7394 $salt_buf = get_random_ike_salt ();
7396 elsif ($mode == 5500)
7398 $salt_buf = get_random_netntlmv1_salt ($salt_len, $salt_len);
7400 elsif ($mode == 5600)
7402 $salt_buf = get_random_netntlmv2_salt ($salt_len, $salt_len);
7404 elsif ($mode == 6600)
7406 $salt_buf = get_random_agilekeychain_salt ();
7408 elsif ($mode == 8200)
7410 $salt_buf = get_random_cloudkeychain_salt ();
7412 elsif ($mode == 8300)
7414 $salt_buf = get_random_dnssec_salt ();
7416 elsif ($mode == 13100)
7418 $salt_buf = get_random_kerberos5_tgs_salt ();
7420 elsif ($mode == 13200)
7422 $salt_buf = get_random_axcrypt_salt ();
7424 elsif ($mode == 13400)
7426 $salt_buf = get_random_keepass_salt ();
7428 elsif ($mode == 13500)
7430 $salt_buf = get_pstoken_salt ();
7436 for (my $i = 0; $i < $salt_len; $i++)
7438 my $c = get_random_chr (0x30, 0x39);
7440 push (@salt_arr, $c);
7443 $salt_buf = join ("", @salt_arr);
7447 $salt_buf = get_random_kerberos5_salt ($salt_buf);
7457 for (my $i = 0; $i < $word_len; $i++)
7459 my $c = get_random_chr (0x30, 0x39);
7461 push (@word_arr, $c);
7464 my $word_buf = join ("", @word_arr);
7470 my $tmp_hash = gen_hash ($mode, $word_buf, $salt_buf);
7483 print sprintf ("echo -n %-20s | %s \${OPTS} %s %4d '%s'\n", $word_buf, @cmd);
7495 sub get_random_string
7501 for (my $i = 0; $i < $len; $i++)
7503 my $c = get_random_chr (0x30, 0x39);
7508 my $buf = join ("", @arr);
7518 return int ((rand ($max - $min)) + $min);
7523 return chr get_random_num (@_);
7532 for (my $i = 0; $i < length ($str); $i += 4)
7534 my $num = domino_base64_decode (substr ($str, $i, 4), 4);
7536 $decoded .= chr (($num >> 16) & 0xff) . chr (($num >> 8) & 0xff) . chr ($num & 0xff);
7543 $salt = substr ($decoded, 0, 5);
7545 my $byte10 = (ord (substr ($salt, 3, 1)) - 4);
7549 $byte10 = 256 + $byte10;
7552 substr ($salt, 3, 1) = chr ($byte10);
7554 $digest = substr ($decoded, 5, 9);
7555 $char = substr ($str, 18, 1);
7557 return ($digest, $salt, $char);
7560 sub domino_85x_decode
7566 for (my $i = 0; $i < length ($str); $i += 4)
7568 my $num = domino_base64_decode (substr ($str, $i, 4), 4);
7570 $decoded .= chr (($num >> 16) & 0xff) . chr (($num >> 8) & 0xff) . chr ($num & 0xff);
7575 my $iterations = -1;
7578 $salt = substr ($decoded, 0, 16); # longer than -m 8700 (5 vs 16 <- new)
7580 my $byte10 = (ord (substr ($salt, 3, 1)) - 4);
7584 $byte10 = 256 + $byte10;
7587 substr ($salt, 3, 1) = chr ($byte10);
7589 $iterations = substr ($decoded, 16, 10);
7591 if ($iterations =~ /^?d*$/)
7595 $iterations = $iterations + 0; # hack: make sure it is an int now (atoi ())
7596 $chars = substr ($decoded, 26, 2); # in my example it is "02"
7597 $digest = substr ($decoded, 28, 8); # only of length of 8 vs 20 SHA1 bytes
7600 return ($digest, $salt, $iterations, $chars);
7603 sub domino_base64_decode
7608 my $itoa64 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
7616 my $idx = (index ($itoa64, substr ($v, $n - $i, 1))) & 0x3f;
7618 $ret += ($idx << (6 * ($i - 1)));
7631 my $byte10 = (ord (substr ($final, 3, 1)) + 4);
7635 $byte10 = $byte10 - 256;
7638 substr ($final, 3, 1) = chr ($byte10);
7642 $passwd .= domino_base64_encode ((int (ord (substr ($final, 0, 1))) << 16) | (int (ord (substr ($final, 1, 1))) << 8) | (int (ord (substr ($final, 2, 1)))), 4);
7643 $passwd .= domino_base64_encode ((int (ord (substr ($final, 3, 1))) << 16) | (int (ord (substr ($final, 4, 1))) << 8) | (int (ord (substr ($final, 5, 1)))), 4);
7644 $passwd .= domino_base64_encode ((int (ord (substr ($final, 6, 1))) << 16) | (int (ord (substr ($final, 7, 1))) << 8) | (int (ord (substr ($final, 8, 1)))), 4);
7645 $passwd .= domino_base64_encode ((int (ord (substr ($final, 9, 1))) << 16) | (int (ord (substr ($final, 10, 1))) << 8) | (int (ord (substr ($final, 11, 1)))), 4);
7646 $passwd .= domino_base64_encode ((int (ord (substr ($final, 12, 1))) << 16) | (int (ord (substr ($final, 13, 1))) << 8) | (int (ord (substr ($final, 14, 1)))), 4);
7648 if (defined ($char))
7650 substr ($passwd, 18, 1) = $char;
7652 substr ($passwd, 19, 1) = "";
7657 sub domino_85x_encode
7662 my $byte10 = (ord (substr ($final, 3, 1)) + 4);
7666 $byte10 = $byte10 - 256;
7669 substr ($final, 3, 1) = chr ($byte10);
7673 $passwd .= domino_base64_encode ((int (ord (substr ($final, 0, 1))) << 16) | (int (ord (substr ($final, 1, 1))) << 8) | (int (ord (substr ($final, 2, 1)))), 4);
7674 $passwd .= domino_base64_encode ((int (ord (substr ($final, 3, 1))) << 16) | (int (ord (substr ($final, 4, 1))) << 8) | (int (ord (substr ($final, 5, 1)))), 4);
7675 $passwd .= domino_base64_encode ((int (ord (substr ($final, 6, 1))) << 16) | (int (ord (substr ($final, 7, 1))) << 8) | (int (ord (substr ($final, 8, 1)))), 4);
7676 $passwd .= domino_base64_encode ((int (ord (substr ($final, 9, 1))) << 16) | (int (ord (substr ($final, 10, 1))) << 8) | (int (ord (substr ($final, 11, 1)))), 4);
7677 $passwd .= domino_base64_encode ((int (ord (substr ($final, 12, 1))) << 16) | (int (ord (substr ($final, 13, 1))) << 8) | (int (ord (substr ($final, 14, 1)))), 4);
7678 $passwd .= domino_base64_encode ((int (ord (substr ($final, 15, 1))) << 16) | (int (ord (substr ($final, 16, 1))) << 8) | (int (ord (substr ($final, 17, 1)))), 4);
7679 $passwd .= domino_base64_encode ((int (ord (substr ($final, 18, 1))) << 16) | (int (ord (substr ($final, 19, 1))) << 8) | (int (ord (substr ($final, 20, 1)))), 4);
7680 $passwd .= domino_base64_encode ((int (ord (substr ($final, 21, 1))) << 16) | (int (ord (substr ($final, 22, 1))) << 8) | (int (ord (substr ($final, 23, 1)))), 4);
7681 $passwd .= domino_base64_encode ((int (ord (substr ($final, 24, 1))) << 16) | (int (ord (substr ($final, 25, 1))) << 8) | (int (ord (substr ($final, 26, 1)))), 4);
7682 $passwd .= domino_base64_encode ((int (ord (substr ($final, 27, 1))) << 16) | (int (ord (substr ($final, 28, 1))) << 8) | (int (ord (substr ($final, 29, 1)))), 4);
7683 $passwd .= domino_base64_encode ((int (ord (substr ($final, 30, 1))) << 16) | (int (ord (substr ($final, 31, 1))) << 8) | (int (ord (substr ($final, 32, 1)))), 4);
7684 $passwd .= domino_base64_encode ((int (ord (substr ($final, 33, 1))) << 16) | (int (ord (substr ($final, 34, 1))) << 8) | (int (ord (substr ($final, 35, 1)))), 4);
7686 if (defined ($char))
7688 substr ($passwd, 18, 1) = $char;
7694 sub domino_base64_encode
7699 my $itoa64 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
7703 while (($n - 1) >= 0)
7707 $ret = substr ($itoa64, $v & 0x3f, 1) . $ret;
7717 my $itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
7722 my $v = unpack "V", substr($md5, $i*4, 4);
7724 $s64 .= substr($itoa64, $v & 0x3f, 1);
7733 my ($username, $password) = @_;
7735 $username = substr ($username . " " x 8, 0, 8);
7736 $password = substr ($password . " " x 8, 0, 8);
7738 my $username_ebc = ascii2ebcdic ($username);
7739 my $password_ebc = ascii2ebcdic ($password);
7741 my @pw = split ("", $password_ebc);
7743 for (my $i = 0; $i < 8; $i++)
7745 $pw[$i] = unpack ("C", $pw[$i]);
7748 $pw[$i] = pack ("C", $pw[$i] & 0xff);
7751 my $key = join ("", @pw);
7753 my $cipher = new Crypt::DES $key;
7755 my $ciphertext = $cipher->encrypt ($username_ebc);
7757 my $ct = unpack ("H16", $ciphertext);
7764 my ($username, $password) = @_;
7766 my $userpass = pack('n*', unpack('C*', uc($username.$password)));
7767 $userpass .= pack('C', 0) while (length($userpass) % 8);
7769 my $key = pack('H*', "0123456789ABCDEF");
7770 my $iv = pack('H*', "0000000000000000");
7772 my $c = new Crypt::CBC(
7779 my $key2 = substr($c->encrypt($userpass), length($userpass)-8, 8);
7781 my $c2 = new Crypt::CBC(
7788 my $hash = substr($c2->encrypt($userpass), length($userpass)-8, 8);
7790 return uc(unpack('H*', $hash));
7795 my $word_buf = shift;
7797 my $salt_buf = shift;
7799 my $w = sprintf ("%d%s%s", 0, $word_buf, $salt_buf);
7801 my $digest = sha1 ($w);
7803 for (my $i = 1; $i < 1024; $i++)
7805 $w = $digest . sprintf ("%d%s%s", $i, $word_buf, $salt_buf);
7807 $digest = sha1 ($w);
7810 my ($A, $B, $C, $D, $E) = unpack ("N5", $digest);
7812 return sprintf ("%08x%08x%08x%08x%08x", $A, $B, $C, $D, $E);
7820 my $itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
7824 while (($n - 1) >= 0)
7828 $ret .= substr ($itoa64, $v & 0x3f, 1);
7844 my $hash = ""; # hash to be returned by this function
7846 my $final = md5 ($pass . $salt . $pass);
7848 $salt = substr ($salt, 0, 8);
7850 my $tmp = $pass . $magic . $salt;
7852 my $pass_len = length ($pass);
7856 for ($i = $pass_len; $i > 0; $i -= 16)
7865 $tmp .= substr ($final, 0, $len);
7878 $tmp .= substr ($pass, 0, 1);
7884 $final = md5 ($tmp);
7886 for ($i = 0; $i < $iter; $i++)
7918 $final = md5 ($tmp);
7922 # now format the output sting ("hash")
7926 $hash = to64 ((ord (substr ($final, 0, 1)) << 16) | (ord (substr ($final, 6, 1)) << 8) | (ord (substr ($final, 12, 1))), 4);
7927 $hash .= to64 ((ord (substr ($final, 1, 1)) << 16) | (ord (substr ($final, 7, 1)) << 8) | (ord (substr ($final, 13, 1))), 4);
7928 $hash .= to64 ((ord (substr ($final, 2, 1)) << 16) | (ord (substr ($final, 8, 1)) << 8) | (ord (substr ($final, 14, 1))), 4);
7929 $hash .= to64 ((ord (substr ($final, 3, 1)) << 16) | (ord (substr ($final, 9, 1)) << 8) | (ord (substr ($final, 15, 1))), 4);
7930 $hash .= to64 ((ord (substr ($final, 4, 1)) << 16) | (ord (substr ($final, 10, 1)) << 8) | (ord (substr ($final, 5, 1))), 4);
7931 $hash .= to64 (ord (substr ($final, 11, 1)), 2);
7933 if ($iter == 1000) # default
7935 $hash_buf = sprintf ("%s%s\$%s", $magic , $salt , $hash);
7939 $hash_buf = sprintf ("%srounds=%i\$%s\$%s", $magic, $iter, $salt , $hash);
7951 my $hash = ""; # hash to be returned by this function
7953 my $final = sha512 ($pass . $salt . $pass);
7955 $salt = substr ($salt, 0, 16);
7957 my $tmp = $pass . $salt;
7959 my $pass_len = length ($pass);
7960 my $salt_len = length ($salt);
7964 for ($i = $pass_len; $i > 0; $i -= 16)
7973 $tmp .= substr ($final, 0, $len);
7992 $final = sha512 ($tmp);
7998 for ($i = 0; $i < $pass_len; $i++)
8003 $p_bytes = sha512 ($p_bytes);
8004 $p_bytes = substr ($p_bytes, 0, $pass_len);
8008 my $final_first_byte = ord (substr ($final, 0, 1));
8012 for ($i = 0; $i < (16 + $final_first_byte); $i++)
8017 $s_bytes = sha512 ($s_bytes);
8018 $s_bytes = substr ($s_bytes, 0, $salt_len);
8020 for ($i = 0; $i < $iter; $i++)
8052 $final = sha512 ($tmp);
8056 # now format the output string ("hash")
8060 $hash .= to64 ((ord (substr ($final, 0, 1)) << 16) | (ord (substr ($final, 21, 1)) << 8) | (ord (substr ($final, 42, 1))), 4);
8061 $hash .= to64 ((ord (substr ($final, 22, 1)) << 16) | (ord (substr ($final, 43, 1)) << 8) | (ord (substr ($final, 1, 1))), 4);
8062 $hash .= to64 ((ord (substr ($final, 44, 1)) << 16) | (ord (substr ($final, 2, 1)) << 8) | (ord (substr ($final, 23, 1))), 4);
8063 $hash .= to64 ((ord (substr ($final, 3, 1)) << 16) | (ord (substr ($final, 24, 1)) << 8) | (ord (substr ($final, 45, 1))), 4);
8064 $hash .= to64 ((ord (substr ($final, 25, 1)) << 16) | (ord (substr ($final, 46, 1)) << 8) | (ord (substr ($final, 4, 1))), 4);
8065 $hash .= to64 ((ord (substr ($final, 47, 1)) << 16) | (ord (substr ($final, 5, 1)) << 8) | (ord (substr ($final, 26, 1))), 4);
8066 $hash .= to64 ((ord (substr ($final, 6, 1)) << 16) | (ord (substr ($final, 27, 1)) << 8) | (ord (substr ($final, 48, 1))), 4);
8067 $hash .= to64 ((ord (substr ($final, 28, 1)) << 16) | (ord (substr ($final, 49, 1)) << 8) | (ord (substr ($final, 7, 1))), 4);
8068 $hash .= to64 ((ord (substr ($final, 50, 1)) << 16) | (ord (substr ($final, 8, 1)) << 8) | (ord (substr ($final, 29, 1))), 4);
8069 $hash .= to64 ((ord (substr ($final, 9, 1)) << 16) | (ord (substr ($final, 30, 1)) << 8) | (ord (substr ($final, 51, 1))), 4);
8070 $hash .= to64 ((ord (substr ($final, 31, 1)) << 16) | (ord (substr ($final, 52, 1)) << 8) | (ord (substr ($final, 10, 1))), 4);
8071 $hash .= to64 ((ord (substr ($final, 53, 1)) << 16) | (ord (substr ($final, 11, 1)) << 8) | (ord (substr ($final, 32, 1))), 4);
8072 $hash .= to64 ((ord (substr ($final, 12, 1)) << 16) | (ord (substr ($final, 33, 1)) << 8) | (ord (substr ($final, 54, 1))), 4);
8073 $hash .= to64 ((ord (substr ($final, 34, 1)) << 16) | (ord (substr ($final, 55, 1)) << 8) | (ord (substr ($final, 13, 1))), 4);
8074 $hash .= to64 ((ord (substr ($final, 56, 1)) << 16) | (ord (substr ($final, 14, 1)) << 8) | (ord (substr ($final, 35, 1))), 4);
8075 $hash .= to64 ((ord (substr ($final, 15, 1)) << 16) | (ord (substr ($final, 36, 1)) << 8) | (ord (substr ($final, 57, 1))), 4);
8076 $hash .= to64 ((ord (substr ($final, 37, 1)) << 16) | (ord (substr ($final, 58, 1)) << 8) | (ord (substr ($final, 16, 1))), 4);
8077 $hash .= to64 ((ord (substr ($final, 59, 1)) << 16) | (ord (substr ($final, 17, 1)) << 8) | (ord (substr ($final, 38, 1))), 4);
8078 $hash .= to64 ((ord (substr ($final, 18, 1)) << 16) | (ord (substr ($final, 39, 1)) << 8) | (ord (substr ($final, 60, 1))), 4);
8079 $hash .= to64 ((ord (substr ($final, 40, 1)) << 16) | (ord (substr ($final, 61, 1)) << 8) | (ord (substr ($final, 19, 1))), 4);
8080 $hash .= to64 ((ord (substr ($final, 62, 1)) << 16) | (ord (substr ($final, 20, 1)) << 8) | (ord (substr ($final, 41, 1))), 4);
8081 $hash .= to64 (ord (substr ($final, 63, 1)), 2);
8085 if ($iter == 5000) # default
8087 $hash_buf = sprintf ("%s%s\$%s", $magic, $salt , $hash);
8091 $hash_buf = sprintf ("%srounds=%i\$%s\$%s", $magic, $iter, $salt , $hash);
8103 my $hash = ""; # hash to be returned by this function
8105 my $final = sha256 ($pass . $salt . $pass);
8107 $salt = substr ($salt, 0, 16);
8109 my $tmp = $pass . $salt;
8111 my $pass_len = length ($pass);
8112 my $salt_len = length ($salt);
8116 for ($i = $pass_len; $i > 0; $i -= 16)
8125 $tmp .= substr ($final, 0, $len);
8144 $final = sha256 ($tmp);
8150 for ($i = 0; $i < $pass_len; $i++)
8155 $p_bytes = sha256 ($p_bytes);
8156 $p_bytes = substr ($p_bytes, 0, $pass_len);
8160 my $final_first_byte = ord (substr ($final, 0, 1));
8164 for ($i = 0; $i < (16 + $final_first_byte); $i++)
8169 $s_bytes = sha256 ($s_bytes);
8170 $s_bytes = substr ($s_bytes, 0, $salt_len);
8172 for ($i = 0; $i < $iter; $i++)
8204 $final = sha256 ($tmp);
8208 # now format the output string ("hash")
8212 $hash .= to64 ((ord (substr ($final, 0, 1)) << 16) | (ord (substr ($final, 10, 1)) << 8) | (ord (substr ($final, 20, 1))), 4);
8213 $hash .= to64 ((ord (substr ($final, 21, 1)) << 16) | (ord (substr ($final, 1, 1)) << 8) | (ord (substr ($final, 11, 1))), 4);
8214 $hash .= to64 ((ord (substr ($final, 12, 1)) << 16) | (ord (substr ($final, 22, 1)) << 8) | (ord (substr ($final, 2, 1))), 4);
8215 $hash .= to64 ((ord (substr ($final, 3, 1)) << 16) | (ord (substr ($final, 13, 1)) << 8) | (ord (substr ($final, 23, 1))), 4);
8216 $hash .= to64 ((ord (substr ($final, 24, 1)) << 16) | (ord (substr ($final, 4, 1)) << 8) | (ord (substr ($final, 14, 1))), 4);
8217 $hash .= to64 ((ord (substr ($final, 15, 1)) << 16) | (ord (substr ($final, 25, 1)) << 8) | (ord (substr ($final, 5, 1))), 4);
8218 $hash .= to64 ((ord (substr ($final, 6, 1)) << 16) | (ord (substr ($final, 16, 1)) << 8) | (ord (substr ($final, 26, 1))), 4);
8219 $hash .= to64 ((ord (substr ($final, 27, 1)) << 16) | (ord (substr ($final, 7, 1)) << 8) | (ord (substr ($final, 17, 1))), 4);
8220 $hash .= to64 ((ord (substr ($final, 18, 1)) << 16) | (ord (substr ($final, 28, 1)) << 8) | (ord (substr ($final, 8, 1))), 4);
8221 $hash .= to64 ((ord (substr ($final, 9, 1)) << 16) | (ord (substr ($final, 19, 1)) << 8) | (ord (substr ($final, 29, 1))), 4);
8222 $hash .= to64 ((ord (substr ($final, 31, 1)) << 8) | (ord (substr ($final, 30, 1))), 3);
8226 if ($iter == 5000) # default
8228 $hash_buf = sprintf ("%s%s\$%s", $magic, $salt , $hash);
8232 $hash_buf = sprintf ("%srounds=%i\$%s\$%s", $magic, $iter, $salt , $hash);
8238 sub aix_ssha256_pbkdf2
8240 my $word_buf = shift;
8241 my $salt_buf = shift;
8242 my $iterations = shift;
8244 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256);
8246 my $pbkdf2 = Crypt::PBKDF2->new (
8248 iterations => $iterations,
8252 my $hash_buf = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
8256 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 1, 1))) << 8) | (int (ord (substr ($hash_buf, 2, 1)))), 4);
8257 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 4, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
8258 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 6, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 8, 1)))), 4);
8259 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 9, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 11, 1)))), 4);
8260 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 12, 1))) << 16) | (int (ord (substr ($hash_buf, 13, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
8261 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 15, 1))) << 16) | (int (ord (substr ($hash_buf, 16, 1))) << 8) | (int (ord (substr ($hash_buf, 17, 1)))), 4);
8262 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 18, 1))) << 16) | (int (ord (substr ($hash_buf, 19, 1))) << 8) | (int (ord (substr ($hash_buf, 20, 1)))), 4);
8263 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 21, 1))) << 16) | (int (ord (substr ($hash_buf, 22, 1))) << 8) | (int (ord (substr ($hash_buf, 23, 1)))), 4);
8264 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 24, 1))) << 16) | (int (ord (substr ($hash_buf, 25, 1))) << 8) | (int (ord (substr ($hash_buf, 26, 1)))), 4);
8265 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 27, 1))) << 16) | (int (ord (substr ($hash_buf, 28, 1))) << 8) | (int (ord (substr ($hash_buf, 29, 1)))), 4);
8266 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 30, 1))) << 16) | (int (ord (substr ($hash_buf, 31, 1))) << 8) , 3);
8271 sub aix_ssha512_pbkdf2
8273 my $word_buf = shift;
8274 my $salt_buf = shift;
8275 my $iterations = shift;
8277 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 512);
8279 my $pbkdf2 = Crypt::PBKDF2->new (
8281 iterations => $iterations,
8284 my $hash_buf = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
8288 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 1, 1))) << 8) | (int (ord (substr ($hash_buf, 2, 1)))), 4);
8289 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 4, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
8290 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 6, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 8, 1)))), 4);
8291 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 9, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 11, 1)))), 4);
8292 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 12, 1))) << 16) | (int (ord (substr ($hash_buf, 13, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
8293 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 15, 1))) << 16) | (int (ord (substr ($hash_buf, 16, 1))) << 8) | (int (ord (substr ($hash_buf, 17, 1)))), 4);
8294 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 18, 1))) << 16) | (int (ord (substr ($hash_buf, 19, 1))) << 8) | (int (ord (substr ($hash_buf, 20, 1)))), 4);
8295 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 21, 1))) << 16) | (int (ord (substr ($hash_buf, 22, 1))) << 8) | (int (ord (substr ($hash_buf, 23, 1)))), 4);
8296 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 24, 1))) << 16) | (int (ord (substr ($hash_buf, 25, 1))) << 8) | (int (ord (substr ($hash_buf, 26, 1)))), 4);
8297 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 27, 1))) << 16) | (int (ord (substr ($hash_buf, 28, 1))) << 8) | (int (ord (substr ($hash_buf, 29, 1)))), 4);
8298 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 30, 1))) << 16) | (int (ord (substr ($hash_buf, 31, 1))) << 8) | (int (ord (substr ($hash_buf, 32, 1)))), 4);
8299 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 33, 1))) << 16) | (int (ord (substr ($hash_buf, 34, 1))) << 8) | (int (ord (substr ($hash_buf, 35, 1)))), 4);
8300 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 36, 1))) << 16) | (int (ord (substr ($hash_buf, 37, 1))) << 8) | (int (ord (substr ($hash_buf, 38, 1)))), 4);
8301 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 39, 1))) << 16) | (int (ord (substr ($hash_buf, 40, 1))) << 8) | (int (ord (substr ($hash_buf, 41, 1)))), 4);
8302 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 42, 1))) << 16) | (int (ord (substr ($hash_buf, 43, 1))) << 8) | (int (ord (substr ($hash_buf, 44, 1)))), 4);
8303 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 45, 1))) << 16) | (int (ord (substr ($hash_buf, 46, 1))) << 8) | (int (ord (substr ($hash_buf, 47, 1)))), 4);
8304 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 48, 1))) << 16) | (int (ord (substr ($hash_buf, 49, 1))) << 8) | (int (ord (substr ($hash_buf, 50, 1)))), 4);
8305 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 51, 1))) << 16) | (int (ord (substr ($hash_buf, 52, 1))) << 8) | (int (ord (substr ($hash_buf, 53, 1)))), 4);
8306 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 54, 1))) << 16) | (int (ord (substr ($hash_buf, 55, 1))) << 8) | (int (ord (substr ($hash_buf, 56, 1)))), 4);
8307 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 57, 1))) << 16) | (int (ord (substr ($hash_buf, 58, 1))) << 8) | (int (ord (substr ($hash_buf, 59, 1)))), 4);
8308 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 60, 1))) << 16) | (int (ord (substr ($hash_buf, 61, 1))) << 8) | (int (ord (substr ($hash_buf, 62, 1)))), 4);
8309 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 63, 1))) << 16) , 2);
8314 sub aix_ssha1_pbkdf2
8316 my $word_buf = shift;
8317 my $salt_buf = shift;
8318 my $iterations = shift;
8320 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1');
8322 my $pbkdf2 = Crypt::PBKDF2->new (
8324 iterations => $iterations,
8327 my $hash_buf = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
8331 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 1, 1))) << 8) | (int (ord (substr ($hash_buf, 2, 1)))), 4);
8332 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 4, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
8333 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 6, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 8, 1)))), 4);
8334 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 9, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 11, 1)))), 4);
8335 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 12, 1))) << 16) | (int (ord (substr ($hash_buf, 13, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
8336 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 15, 1))) << 16) | (int (ord (substr ($hash_buf, 16, 1))) << 8) | (int (ord (substr ($hash_buf, 17, 1)))), 4);
8337 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 18, 1))) << 16) | (int (ord (substr ($hash_buf, 19, 1))) << 8) , 3);
8346 my @data = split "", $data_s;
8349 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8350 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8351 "\x3f\x40\x41\x50\x43\x44\x45\x4b\x47\x48\x4d\x4e\x54\x51\x53\x46" .
8352 "\x35\x36\x37\x38\x39\x3a\x3b\x3c\x3d\x3e\x56\x55\x5c\x49\x5d\x4a" .
8353 "\x42\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" .
8354 "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x58\x5b\x59\xff\x52" .
8355 "\x4c\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" .
8356 "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x57\x5e\x5a\x4f\xff" .
8357 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8358 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8359 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8360 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8361 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8362 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8363 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8364 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff";
8366 my @transTable = unpack ("C256", $transTable_s);
8370 for (my $i = 0; $i < scalar @data; $i++)
8372 $out[$i] = $transTable[int (ord ($data[$i]))];
8375 return pack ("C*", @out);
8380 my $digest_s = shift;
8385 my @w = unpack "C*", $w_s;
8386 my @s = unpack "C*", $s_s;
8389 "\x14\x77\xf3\xd4\xbb\x71\x23\xd0\x03\xff\x47\x93\x55\xaa\x66\x91" .
8390 "\xf2\x88\x6b\x99\xbf\xcb\x32\x1a\x19\xd9\xa7\x82\x22\x49\xa2\x51" .
8391 "\xe2\xb7\x33\x71\x8b\x9f\x5d\x01\x44\x70\xae\x11\xef\x28\xf0\x0d";
8393 my @bcodeTable = unpack ("C48", $bcodeTable_s);
8395 my @abcd = unpack ("C16", $digest_s);
8397 my $sum20 = ($abcd[0] & 3)
8407 for (my $i2 = 0; $i2 < $sum20; $i2++)
8412 for (my $i1 = 0, my $i2 = 0, my $i3 = 0; $i2 < $sum20; $i2++, $i2++)
8414 if ($i1 < length $w_s)
8416 if ($abcd[15 - $i1] & 1)
8418 $out[$i2] = $bcodeTable[48 - 1 - $i1];
8423 $out[$i2] = $w[$i1];
8429 if ($i3 < length $s_s)
8431 $out[$i2] = $s[$i3];
8437 $out[$i2] = $bcodeTable[$i2 - $i1 - $i3];
8440 return substr (pack ("C*", @out), 0, $sum20);
8445 my @key_56 = split (//, shift);
8451 $key .= chr(((ord($key_56[0]) << 7) | (ord($key_56[1]) >> 1)) & 255);
8452 $key .= chr(((ord($key_56[1]) << 6) | (ord($key_56[2]) >> 2)) & 255);
8453 $key .= chr(((ord($key_56[2]) << 5) | (ord($key_56[3]) >> 3)) & 255);
8454 $key .= chr(((ord($key_56[3]) << 4) | (ord($key_56[4]) >> 4)) & 255);
8455 $key .= chr(((ord($key_56[4]) << 3) | (ord($key_56[5]) >> 5)) & 255);
8456 $key .= chr(((ord($key_56[5]) << 2) | (ord($key_56[6]) >> 6)) & 255);
8457 $key .= chr(( ord($key_56[6]) << 1) & 255);
8468 for (my $i = 0; $i < $len; $i++)
8470 my $c = get_random_chr (0, 255);
8475 return join ("", @arr);
8478 sub get_random_netntlmv1_salt
8480 my $len_user = shift;
8481 my $len_domain = shift;
8487 for (my $i = 0; $i < $len_user; $i++)
8489 $type = get_random_num (1, 3);
8493 $char = get_random_chr (0x30, 0x39);
8497 $char = get_random_chr (0x41, 0x5A);
8501 $char = get_random_chr (0x61, 0x7A);
8509 for (my $i = 0; $i < $len_domain; $i++)
8511 $type = get_random_num (1, 3);
8515 $char = get_random_chr (0x30, 0x39);
8519 $char = get_random_chr (0x41, 0x5A);
8523 $char = get_random_chr (0x61, 0x7A);
8529 my $c_challenge = randbytes (8);
8530 my $s_challenge = randbytes (8);
8532 my $salt_buf = $user . "::" . $domain . ":" . unpack ("H*", $c_challenge) . unpack ("H*", $s_challenge);
8537 sub get_random_netntlmv2_salt
8539 my $len_user = shift;
8540 my $len_domain = shift;
8546 if ($len_user + $len_domain > 27)
8548 if ($len_user > $len_domain)
8550 $len_user = 27 - $len_domain;
8554 $len_domain = 27 - $len_user;
8558 for (my $i = 0; $i < $len_user; $i++)
8560 $type = get_random_num (1, 3);
8564 $char = get_random_chr (0x30, 0x39);
8568 $char = get_random_chr (0x41, 0x5A);
8572 $char = get_random_chr (0x61, 0x7A);
8580 for (my $i = 0; $i < $len_domain; $i++)
8582 $type = get_random_num (1, 3);
8586 $char = get_random_chr (0x30, 0x39);
8590 $char = get_random_chr (0x41, 0x5A);
8594 $char = get_random_chr (0x61, 0x7A);
8600 my $c_challenge = randbytes (8);
8601 my $s_challenge = randbytes (8);
8603 my $temp = "\x01\x01" .
8608 randbytes (20 * rand () + 1) .
8611 my $salt_buf = $user . "::" . $domain . ":" . unpack ("H*", $s_challenge) . unpack ("H*", $temp);
8616 sub get_random_ike_salt
8620 for (my $i = 0; $i < 40; $i++)
8622 $nr_buf .= get_random_chr (0, 0xff);
8627 for (my $i = 0; $i < 440; $i++)
8629 $msg_buf .= get_random_chr (0, 0xff);
8632 my $nr_buf_hex = unpack ("H*", $nr_buf);
8633 my $msg_buf_hex = unpack ("H*", $msg_buf);
8635 my $salt_buf = sprintf ("%s:%s:%s:%s:%s:%s:%s:%s", substr ($msg_buf_hex, 0, 256), substr ($msg_buf_hex, 256, 256), substr ($msg_buf_hex, 512, 16), substr ($msg_buf_hex, 528, 16), substr ($msg_buf_hex, 544, 320), substr ($msg_buf_hex, 864, 16), substr ($nr_buf_hex, 0, 40), substr ($nr_buf_hex, 40, 40));
8640 sub get_random_agilekeychain_salt
8644 for (my $i = 0; $i < 8; $i++)
8646 $salt_buf .= get_random_chr (0x0, 0xff);
8651 for (my $i = 0; $i < 16; $i++)
8653 $iv .= get_random_chr (0x0, 0xff);
8656 my $prefix = "\x00" x 1008;
8658 my $ret = unpack ("H*", $salt_buf . $prefix . $iv);
8663 sub get_random_cloudkeychain_salt
8667 for (my $i = 0; $i < 16; $i++)
8669 $salt_buf .= get_random_chr (0x0, 0xff);
8672 for (my $i = 0; $i < 304; $i++)
8674 $salt_buf .= get_random_chr (0x0, 0xff);
8677 my $ret = unpack ("H*", $salt_buf);
8682 sub get_random_kerberos5_salt
8684 my $custom_salt = shift;
8686 my $clear_data = randbytes (14) .
8687 strftime ("%Y%m%d%H%M%S", localtime) .
8691 my $realm = "realm";
8694 my $salt_buf = $user . "\$" . $realm . "\$" . $salt . "\$" . unpack ("H*", $custom_salt) . "\$" . unpack ("H*", $clear_data) . "\$";
8699 sub get_random_kerberos5_tgs_salt
8701 my $nonce = randbytes (8);
8704 my $realm = "realm";
8705 my $spn = "test/spn";
8707 my $salt_buf = $user . "\$" . $realm . "\$" . $spn . "\$" . unpack ("H*",$nonce);
8712 sub get_random_axcrypt_salt
8714 my $mysalt = randbytes (16);
8716 $mysalt = unpack ("H*", $mysalt);
8718 my $iteration = get_random_num (6, 100000);
8720 my $salt_buf = $iteration . '*' . $mysalt;
8725 sub get_random_keepass_salt
8727 my $version = get_random_num (1, 3);
8733 my $final_random_seed;
8737 $algorithm = get_random_num (0, 2);
8739 $iteration = get_random_num (50000, 100000);
8741 $final_random_seed = randbytes (16);
8742 $final_random_seed = unpack ("H*", $final_random_seed);
8744 elsif ($version == 2)
8748 $iteration = get_random_num (6000, 100000);
8750 $final_random_seed = randbytes (32);
8751 $final_random_seed = unpack ("H*", $final_random_seed);
8754 my $transf_random_seed = randbytes (32);
8755 $transf_random_seed = unpack ("H*", $transf_random_seed);
8757 my $enc_iv = randbytes (16);
8758 $enc_iv = unpack ("H*", $enc_iv);
8760 my $contents_hash = randbytes (32);
8761 $contents_hash = unpack ("H*", $contents_hash);
8763 my $inline_flag = 1;
8765 my $contents_len = get_random_num (128, 500);
8767 my $contents = randbytes ($contents_len);
8769 $contents_len += 16 - $contents_len % 16;
8771 $contents = unpack ("H*", $contents);
8775 my $is_keyfile = get_random_num (0, 2);
8777 my $keyfile_attributes = "";
8779 if ($is_keyfile == 1)
8781 $keyfile_attributes = $keyfile_attributes
8783 . unpack ("H*", randbytes (32));
8788 $salt_buf = $version . '*' .
8791 $final_random_seed . '*' .
8792 $transf_random_seed . '*' .
8794 $contents_hash . '*' .
8795 $inline_flag . '*' .
8796 $contents_len . '*' .
8798 $keyfile_attributes;
8800 elsif ($version == 2)
8802 $contents = randbytes (32);
8803 $contents = unpack ("H*", $contents);
8805 $salt_buf = $version . '*' .
8808 $final_random_seed . '*' .
8809 $transf_random_seed . '*' .
8811 $contents_hash . '*' .
8813 $keyfile_attributes;
8819 sub get_pstoken_salt
8821 my $pstoken_length = get_random_num (16, 256);
8823 ## not a valid pstoken but a better test
8824 ## because of random length
8826 my $pstoken_const = randbytes ($pstoken_length);
8828 return unpack ("H*", $pstoken_const);
8831 sub get_random_md5chap_salt
8833 my $salt_buf = shift;
8835 my $salt = unpack ("H*", $salt_buf);
8839 $salt .= unpack ("H*", randbytes (1));
8844 sub get_random_dnssec_salt
8850 for (my $i = 0; $i < 8; $i++)
8852 $salt_buf .= get_random_chr (0x61, 0x7a);
8855 $salt_buf .= ".net";
8859 for (my $i = 0; $i < 8; $i++)
8861 $salt_buf .= get_random_chr (0x30, 0x39);
8874 my $byte_off = int ($bit / 8);
8875 my $bit_off = int ($bit % 8);
8877 my $char = substr ($digest, $byte_off, 1);
8878 my $num = ord ($char);
8880 return (($num & (1 << $bit_off)) ? 1 : 0);
8889 my $constant_phrase =
8890 "To be, or not to be,--that is the question:--\n" .
8891 "Whether 'tis nobler in the mind to suffer\n" .
8892 "The slings and arrows of outrageous fortune\n" .
8893 "Or to take arms against a sea of troubles,\n" .
8894 "And by opposing end them?--To die,--to sleep,--\n" .
8895 "No more; and by a sleep to say we end\n" .
8896 "The heartache, and the thousand natural shocks\n" .
8897 "That flesh is heir to,--'tis a consummation\n" .
8898 "Devoutly to be wish'd. To die,--to sleep;--\n" .
8899 "To sleep! perchance to dream:--ay, there's the rub;\n" .
8900 "For in that sleep of death what dreams may come,\n" .
8901 "When we have shuffled off this mortal coil,\n" .
8902 "Must give us pause: there's the respect\n" .
8903 "That makes calamity of so long life;\n" .
8904 "For who would bear the whips and scorns of time,\n" .
8905 "The oppressor's wrong, the proud man's contumely,\n" .
8906 "The pangs of despis'd love, the law's delay,\n" .
8907 "The insolence of office, and the spurns\n" .
8908 "That patient merit of the unworthy takes,\n" .
8909 "When he himself might his quietus make\n" .
8910 "With a bare bodkin? who would these fardels bear,\n" .
8911 "To grunt and sweat under a weary life,\n" .
8912 "But that the dread of something after death,--\n" .
8913 "The undiscover'd country, from whose bourn\n" .
8914 "No traveller returns,--puzzles the will,\n" .
8915 "And makes us rather bear those ills we have\n" .
8916 "Than fly to others that we know not of?\n" .
8917 "Thus conscience does make cowards of us all;\n" .
8918 "And thus the native hue of resolution\n" .
8919 "Is sicklied o'er with the pale cast of thought;\n" .
8920 "And enterprises of great pith and moment,\n" .
8921 "With this regard, their currents turn awry,\n" .
8922 "And lose the name of action.--Soft you now!\n" .
8923 "The fair Ophelia!--Nymph, in thy orisons\n" .
8924 "Be all my sins remember'd.\n\x00";
8926 my $constant_len = length ($constant_phrase);
8928 my $hash_buf = md5 ($pw . $salt);
8934 for (my $round = 0; $round < $iter; $round++)
8936 my $shift_a = md5bit ($hash_buf, $round + 0);
8937 my $shift_b = md5bit ($hash_buf, $round + 64);
8942 for (my $k = 0; $k < 16; $k++)
8944 my $s7shift = ord (substr ($hash_buf, $k, 1)) % 8;
8946 my $l = ($k + 3) % 16;
8948 my $num = ord (substr ($hash_buf, $l, 1));
8950 $shift_4[$k] = $num % 5;
8952 $shift_7[$k] = ($num >> $s7shift) & 1;
8957 for (my $k = 0; $k < 16; $k++)
8959 $indirect_4[$k] = (ord (substr ($hash_buf, $k, 1)) >> $shift_4[$k]) & 0xf;
8964 for (my $k = 0; $k < 16; $k++)
8966 $indirect_7[$k] = (ord (substr ($hash_buf, $indirect_4[$k], 1)) >> $shift_7[$k]) & 0x7f;
8972 for (my $k = 0; $k < 8; $k++)
8974 $indirect_a |= md5bit ($hash_buf, $indirect_7[$k + 0]) << $k;
8976 $indirect_b |= md5bit ($hash_buf, $indirect_7[$k + 8]) << $k;
8979 $indirect_a = ($indirect_a >> $shift_a) & 0x7f;
8980 $indirect_b = ($indirect_b >> $shift_b) & 0x7f;
8982 my $bit_a = md5bit ($hash_buf, $indirect_a);
8983 my $bit_b = md5bit ($hash_buf, $indirect_b);
8993 if ($bit_a ^ $bit_b)
8995 substr ($W, 16, 48) = substr ($constant_phrase, 0, 48);
8999 $to_hash .= substr ($W, 0, 64);
9003 for ($constant_off = 48; $constant_off < $constant_len - 64; $constant_off += 64)
9005 substr ($W, 0, 64) = substr ($constant_phrase, $constant_off, 64);
9009 $to_hash .= substr ($W, 0, 64);
9012 $pos = $constant_len - $constant_off;
9016 substr ($W, 0, $pos) = substr ($constant_phrase, $constant_off, $pos);
9031 my $round_div = int ($tmp / 10);
9032 my $round_mod = int ($tmp % 10);
9036 $a_buf[int ($a_len / 4)] = (($round_mod + 0x30) | ($a_buf[int ($a_len / 4)] << 8));
9046 for ($g = 0; $g < $a_len; $g++)
9048 my $remainder = $a_buf[$g];
9054 while ($remainder > 0)
9056 $sub = $remainder >> (8 * $factor);
9058 if ($started != 1 || $sub > 0)
9062 $tmp_str = chr ($sub) . $tmp_str;
9064 $remainder -= ($sub << (8 * $factor));
9072 substr ($W, $pos, $a_len) = $tmp_str;
9078 $to_hash .= substr ($W, 0, $pos);
9080 $to_hash = substr ($to_hash, 0, $total);
9082 $hash_buf = md5 ($to_hash);
9087 $passwd .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 6, 1))) << 8) | (int (ord (substr ($hash_buf, 12, 1)))), 4);
9088 $passwd .= to64 ((int (ord (substr ($hash_buf, 1, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 13, 1)))), 4);
9089 $passwd .= to64 ((int (ord (substr ($hash_buf, 2, 1))) << 16) | (int (ord (substr ($hash_buf, 8, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
9090 $passwd .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 9, 1))) << 8) | (int (ord (substr ($hash_buf, 15, 1)))), 4);
9091 $passwd .= to64 ((int (ord (substr ($hash_buf, 4, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
9092 $passwd .= to64 ((int (ord (substr ($hash_buf, 11, 1)))), 2);
9099 die ("usage: $0 single|passthrough| [mode] [len]\n" .
9101 " $0 verify [mode] [hashfile] [cracks] [outfile]\n");
9106 my $block_ref = shift;
9110 my $value = 16 - $offset;
9112 for (my $i = $offset; $i < 16; $i++)
9114 push @{$block_ref}, $value;
9124 for (my $i = 0; $i < 18; $i++)
9126 for (my $j = 0; $j < 48; $j++)
9128 $p = ($p + 48 - $j) & 0xff;
9130 my $c = $lotus_magic_table[$p];
9132 $p = $in_ref->[$j] ^ $c;
9139 sub lotus_transform_password
9142 my $out_ref = shift;
9144 my $t = $out_ref->[15];
9146 for (my $i = 0; $i < 16; $i++)
9148 $t ^= $in_ref->[$i];
9150 my $c = $lotus_magic_table[$t];
9152 $out_ref->[$i] ^= $c;
9154 $t = $out_ref->[$i];
9158 sub mdtransform_norecalc
9160 my $state_ref = shift;
9161 my $block_ref = shift;
9165 push (@x, @{$state_ref});
9166 push (@x, @{$block_ref});
9168 for (my $i = 0; $i < 16; $i++)
9170 push (@x, $x[0 + $i] ^ $x[16 + $i]);
9175 for (my $i = 0; $i < 16; $i++)
9177 $state_ref->[$i] = $x[$i];
9183 my $state_ref = shift;
9184 my $checksum_ref = shift;
9185 my $block_ref = shift;
9187 mdtransform_norecalc ($state_ref, $block_ref);
9189 lotus_transform_password ($block_ref, $checksum_ref);
9194 my $saved_key_ref = shift;
9198 @{$saved_key_ref} = splice (@{$saved_key_ref}, 0, $size);
9200 my @state = (0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
9206 for ($curpos = 0; $curpos + 16 < $size; $curpos += 16)
9208 my $curpos16 = $curpos + 16;
9210 my @block = splice (@{$saved_key_ref}, 0, 16);
9212 mdtransform (\@state, \@checksum, \@block);
9215 my $left = $size - $curpos;
9217 my @block = splice (@{$saved_key_ref}, 0, 16);
9219 pad16 (\@block, $left);
9221 mdtransform (\@state, \@checksum, \@block);
9223 mdtransform_norecalc (\@state, \@checksum);
9228 sub pdf_compute_encryption_key
9230 my $word_buf = shift;
9231 my $padding = shift;
9246 $data .= substr ($padding, 0, 32 - length $word_buf);
9248 $data .= pack ("H*", $o);
9250 $data .= pack ("I", $P);
9252 $data .= pack ("H*", $id);
9258 $data .= pack ("I", -1);
9262 my $res = md5 ($data);
9266 for (my $i = 0; $i < 50; $i++)
9275 sub gen_random_wpa_eapol
9284 my $version = 1; # 802.1X-2001
9286 $ret .= pack ("C*", $version);
9288 my $type = 3; # means that this EAPOL frame is used to transfer key information
9290 $ret .= pack ("C*", $type);
9292 my $length; # length of remaining data
9303 $ret .= pack ("n*", $length);
9305 my $descriptor_type;
9309 $descriptor_type = 254; # EAPOL WPA key
9313 $descriptor_type = 1; # EAPOL RSN key
9316 $ret .= pack ("C*", $descriptor_type);
9318 # key_info is a bit vector:
9319 # generated from these 13 bits: encrypted key data, request, error, secure, key mic, key ack, install, key index (2), key type, key descriptor (3)
9323 $key_info |= 1 << 8; # set key MIC
9324 $key_info |= 1 << 3; # set if it is a pairwise key
9328 $key_info |= 1 << 0; # RC4 Cipher, HMAC-MD5 MIC
9332 $key_info |= 1 << 1; # AES Cipher, HMAC-SHA1 MIC
9335 $ret .= pack ("n*", $key_info);
9348 $ret .= pack ("n*", $key_length);
9350 my $replay_counter = 1;
9352 $ret .= pack ("Q>*", $replay_counter);
9356 my $key_iv = "\x00" x 16;
9360 my $key_rsc = "\x00" x 8;
9364 my $key_id = "\x00" x 8;
9368 my $key_mic = "\x00" x 16;
9376 $key_data_len = 24; # length of the key_data (== WPA info)
9380 $key_data_len = 22; # length of the key_data (== RSN info)
9383 $ret .= pack ("n*", $key_data_len);
9393 my $vendor_specific_data = "";
9395 my $tag_number = 221; # means it is a vendor specific tag
9397 $vendor_specific_data .= pack ("C*", $tag_number);
9399 my $tag_len = 22; # length of the remaining "tag data"
9401 $vendor_specific_data .= pack ("C*", $tag_len);
9403 my $vendor_specific_oui = pack ("H*", "0050f2"); # microsoft
9405 $vendor_specific_data .= $vendor_specific_oui;
9407 my $vendor_specific_oui_type = 1; # WPA Information Element
9409 $vendor_specific_data .= pack ("C*", $vendor_specific_oui_type);
9411 my $vendor_specific_wpa_version = 1;
9413 $vendor_specific_data .= pack ("v*", $vendor_specific_wpa_version);
9417 my $vendor_specific_multicast_oui = pack ("H*", "0050f2");
9419 $vendor_specific_data .= $vendor_specific_multicast_oui;
9421 my $vendor_specific_multicast_type = 2; # TKIP
9423 $vendor_specific_data .= pack ("C*", $vendor_specific_multicast_type);
9427 my $vendor_specific_unicast_count = 1;
9429 $vendor_specific_data .= pack ("v*", $vendor_specific_unicast_count);
9431 my $vendor_specific_unicast_oui = pack ("H*", "0050f2");
9433 $vendor_specific_data .= $vendor_specific_multicast_oui;
9435 my $vendor_specific_unicast_type = 2; # TKIP
9437 $vendor_specific_data .= pack ("C*", $vendor_specific_unicast_type);
9439 # Auth Key Management (AKM)
9441 my $auth_key_management_count = 1;
9443 $vendor_specific_data .= pack ("v*", $auth_key_management_count);
9445 my $auth_key_management_oui = pack ("H*", "0050f2");
9447 $vendor_specific_data .= $auth_key_management_oui;
9449 my $auth_key_management_type = 2; # Pre-Shared Key (PSK)
9451 $vendor_specific_data .= pack ("C*", $auth_key_management_type);
9453 $wpa_info = $vendor_specific_data;
9455 $key_data = $wpa_info;
9463 my $tag_number = 48; # RSN info
9465 $rsn_info .= pack ("C*", $tag_number);
9467 my $tag_len = 20; # length of the remaining "tag_data"
9469 $rsn_info .= pack ("C*", $tag_len);
9471 my $rsn_version = 1;
9473 $rsn_info .= pack ("v*", $rsn_version);
9475 # group cipher suite
9477 my $group_cipher_suite_oui = pack ("H*", "000fac"); # Ieee8021
9479 $rsn_info .= $group_cipher_suite_oui;
9481 my $group_cipher_suite_type = 4; # AES (CCM)
9483 $rsn_info .= pack ("C*", $group_cipher_suite_type);
9485 # pairwise cipher suite
9487 my $pairwise_cipher_suite_count = 1;
9489 $rsn_info .= pack ("v*", $pairwise_cipher_suite_count);
9491 my $pairwise_cipher_suite_oui = pack ("H*", "000fac"); # Ieee8021
9493 $rsn_info .= $pairwise_cipher_suite_oui;
9495 my $pairwise_cipher_suite_type = 4; # AES (CCM)
9497 $rsn_info .= pack ("C*", $pairwise_cipher_suite_type);
9499 # Auth Key Management (AKM)
9501 my $auth_key_management_count = 1;
9503 $rsn_info .= pack ("v*", $auth_key_management_count);
9505 my $auth_key_management_oui = pack ("H*", "000fac"); # Ieee8021
9507 $rsn_info .= $auth_key_management_oui;
9509 my $auth_key_management_type = 2; # Pre-Shared Key (PSK)
9511 $rsn_info .= pack ("C*", $auth_key_management_type);
9515 # bit vector of these 9 bits: peerkey enabled, management frame protection (MFP) capable, MFP required,
9516 # RSN GTKSA Capabilities (2), RSN PTKSA Capabilities (2), no pairwise Capabilities, Pre-Auth Capabilities
9518 my $rsn_capabilities = pack ("H*", "0000");
9520 $rsn_info .= $rsn_capabilities;
9522 $key_data = $rsn_info;
9538 my $data = "Pairwise key expansion";
9543 # Min(AA, SPA) || Max(AA, SPA)
9546 # compare if greater: Min()/Max() on the MACs (6 bytes)
9548 if (memcmp ($stmac, $bssid, 6) < 0)
9560 # Min(ANonce,SNonce) || Max(ANonce,SNonce)
9563 # compare if greater: Min()/Max() on the nonces (32 bytes)
9565 if (memcmp ($snonce, $anonce, 32) < 0)
9578 my $prf_buf = hmac ($data, $pmk, \&sha1);
9580 $prf_buf = substr ($prf_buf, 0, 16);
9591 my $len_str1 = length ($str1);
9592 my $len_str2 = length ($str2);
9594 if (($len > $len_str1) || ($len > $len_str2))
9596 print "ERROR: memcmp () lengths wrong";
9601 for (my $i = 0; $i < $len; $i++)
9603 my $c_1 = ord (substr ($str1, $i, 1));
9604 my $c_2 = ord (substr ($str2, $i, 1));
9606 return -1 if ($c_1 < $c_2);
9607 return 1 if ($c_1 > $c_2);