4 ## Author......: Jens Steube <jens.steube@gmail.com>
10 use Digest
::MD4 qw
(md4 md4_hex
);
11 use Digest
::MD5 qw
(md5 md5_hex
);
12 use Digest
::SHA qw
(sha1 sha256 sha384 sha512 sha1_hex sha256_hex sha384_hex sha512_hex
);
13 use Digest
::HMAC qw
(hmac hmac_hex
);
14 use Digest
::Keccak qw
(keccak_256_hex
);
15 use Crypt
::MySQL qw
(password41
);
16 use Digest
::GOST qw
(gost gost_hex
);
17 use Digest
::HMAC_MD5 qw
(hmac_md5
);
18 use Digest
::CRC qw
(crc32
);
21 use Crypt
::ECB qw
(encrypt PADDING_AUTO PADDING_NONE
);
23 use Crypt
::Eksblowfish
::Bcrypt qw
(bcrypt en_base64
);
24 use Crypt
::Digest
::RIPEMD160 qw
(ripemd160_hex
);
25 use Crypt
::Digest
::Whirlpool qw
(whirlpool_hex
);
27 use Crypt
::ScryptKDF qw
(scrypt_hash scrypt_b64
);
31 use Crypt
::UnixCrypt_XS qw
(crypt_rounds fold_password base64_to_int24 block_to_base64 int24_to_base64
);
33 use Authen
::Passphrase
::NTHash
;
34 use Authen
::Passphrase
::MySQL323
;
35 use Authen
::Passphrase
::PHPass
;
36 use Authen
::Passphrase
::LANManager
;
38 use POSIX qw
(strftime
);
40 use Net
::DNS
::RR
::NSEC3
;
41 use Convert
::EBCDIC qw
(ascii2ebcdic
);
42 use Digest
::SipHash qw
/siphash/;
44 my $hashcat = "./oclHashcat";
48 my @modes = (0, 10, 11, 12, 20, 21, 22, 23, 30, 40, 50, 60, 100, 101, 110, 111, 112, 120, 121, 122, 130, 131, 132, 140, 141, 150, 160, 190, 200, 300, 400, 500, 900, 1000, 1100, 1400, 1410, 1420, 1430, 1440, 1441, 1450, 1460, 1500, 1600, 1700, 1710, 1711, 1720, 1730, 1740, 1722, 1731, 1750, 1760, 1800, 2100, 2400, 2410, 2500, 2600, 2611, 2612, 2711, 2811, 3000, 3100, 3200, 3710, 3711, 3300, 3500, 3610, 3720, 3800, 3910, 4010, 4110, 4210, 4300, 4400, 4500, 4600, 4700, 4800, 4900, 5000, 5100, 5300, 5400, 5500, 5600, 5700, 5800, 6000, 6100, 6300, 6400, 6500, 6600, 6700, 6800, 6900, 7100, 7200, 7300, 7400, 7500, 7600, 7700, 7800, 7900, 8000, 8100, 8200, 8300, 8400, 8500, 8600, 8700, 8900, 9100, 9200, 9300, 9400, 9500, 9600, 9700, 9800, 9900, 10000, 10100, 10200, 10300, 10400, 10500, 10600, 10700, 10800, 10900, 11000, 11100, 11200, 11300, 11400, 11500, 11600, 11900, 12000, 12100, 12200, 12300, 12400, 12600, 12700, 12800, 12900, 13000, 13100, 13200, 13300, 13400);
50 my %is_unicode = map { $_ => 1 } qw(30 40 130 131 132 133 140 141 1000 1100 1430 1440 1441 1730 1740 1731 5500 5600 8000 9400 9500 9600 9700 9800);
51 my %less_fifteen = map { $_ => 1 } qw(500 1600 1800 2400 2410 3200 6300 7400 10500 10700);
52 my %allow_long_salt = map { $_ => 1 } qw(2500 5500 5600 7100 7200 7300 9400 9500 9600 9700 9800 10400 10500 10600 10700 1100 11000 11200 11300 11400 11600 12600);
54 my @lotus_magic_table =
56 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a,
57 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0,
58 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b,
59 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a,
60 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda,
61 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36,
62 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8,
63 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c,
64 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17,
65 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60,
66 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72,
67 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa,
68 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd,
69 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e,
70 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b,
71 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf,
72 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77,
73 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6,
74 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3,
75 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3,
76 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e,
77 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c,
78 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d,
79 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2,
80 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46,
81 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5,
82 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97,
83 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5,
84 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef,
85 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f,
86 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf,
87 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab
92 0x28, 0xbf, 0x4e, 0x5e, 0x4e, 0x75, 0x8a, 0x41,
93 0x64, 0x00, 0x4e, 0x56, 0xff, 0xfa, 0x01, 0x08,
94 0x2e, 0x2e, 0x00, 0xb6, 0xd0, 0x68, 0x3e, 0x80,
95 0x2f, 0x0c, 0xa9, 0xfe, 0x64, 0x53, 0x69, 0x7a
98 my $CISCO_BASE64_MAPPING = {'A', '.', 'B', '/', 'C', '0', 'D', '1', 'E', '2', 'F', '3', 'G', '4', 'H', '5', 'I', '6', 'J', '7', 'K', '8', 'L', '9', 'M', 'A', 'N', 'B', 'O', 'C', 'P', 'D', 'Q', 'E', 'R', 'F', 'S', 'G', 'T', 'H', 'U', 'I', 'V', 'J', 'W', 'K', 'X', 'L', 'Y', 'M', 'Z', 'N', 'a', 'O', 'b', 'P', 'c', 'Q', 'd', 'R', 'e', 'S', 'f', 'T', 'g', 'U', 'h', 'V', 'i', 'W', 'j', 'X', 'k', 'Y', 'l', 'Z', 'm', 'a', 'n', 'b', 'o', 'c', 'p', 'd', 'q', 'e', 'r', 'f', 's', 'g', 't', 'h', 'u', 'i', 'v', 'j', 'w', 'k', 'x', 'l', 'y', 'm', 'z', 'n', '0', 'o', '1', 'p', '2', 'q', '3', 'r', '4', 's', '5', 't', '6', 'u', '7', 'v', '8', 'w', '9', 'x', '+', 'y', '/', 'z'};
100 if (scalar @ARGV < 1)
111 if ($type ne "verify")
113 if (scalar @ARGV > 1)
118 elsif (scalar @ARGV == 1)
128 if ($type eq "single")
132 elsif ($type eq "passthrough")
143 if (scalar @ARGV != 4)
148 my $mode = shift @ARGV;
149 my $hash_file = shift @ARGV;
150 my $in_file = shift @ARGV;
151 my $out_file = shift @ARGV;
155 open (IN
, "<", $hash_file) or die ("$hash_file: $!\n");
157 # clever ? the resulting database could be huge
158 # but we need some way to map lines in hashfile w/ cracks
159 # maybe rli2 way would be more clever (needs sorted input)
161 while (my $line = <IN
>)
163 $line =~ s/[\n\r]*$//;
165 $db->{$line} = undef;
170 verify
($mode, $db, $in_file, $out_file);
178 my $out_file = shift;
197 open (IN
, "<", $in_file) or die ("$in_file: $!\n");
198 open (OUT
, ">", $out_file) or die ("$out_file: $!\n");
202 my $base64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
203 my $itoa64_1 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
204 my $itoa64_2 = "./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
206 while (my $line = <IN
>)
213 # remember always do "exists ($db->{$hash_in})" checks as soon as possible and don't forget it
216 if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 133 || $mode == 190 || $mode == 200 || $mode == 300 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3000 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 5700 || $mode == 6000 || $mode == 6100 || $mode == 6900 || $mode == 8600 || $mode == 9900 || $mode == 10800 || $mode == 11500)
218 my $index = index ($line, ":");
222 $hash_in = substr ($line, 0, $index);
224 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
226 $word = substr ($line, $index + 1);
229 elsif ($mode == 10 || $mode == 11 || $mode == 12 || $mode == 20 || $mode == 21 || $mode == 22 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 112 || $mode == 120 || $mode == 121 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1100 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 2410 || $mode == 2611 || $mode == 2711 || $mode == 2811 || $mode == 3100 || $mode == 3610 || $mode == 3710 || $mode == 3720 || $mode == 3800 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 4900 || $mode == 5800 || $mode == 7600 || $mode == 8400 || $mode == 11000 || $mode == 12600)
232 my $index1 = index ($line, ":");
236 $hash_in = substr ($line, 0, $index1);
238 # identify lenghts of both salt and plain
240 my $salt_plain = substr ($line, $index1 + 1);
242 my $num_cols = () = $salt_plain =~ /:/g;
251 foreach (my $i = 0; $i < $num_cols; $i++)
253 $index2 = index ($salt_plain, ":", $start);
257 $start = $index2 + 1;
259 $salt = substr ($salt_plain, 0, $index2);
260 $word = substr ($salt_plain, $index2 + 1);
262 # can't be true w/ wrong $hash:$salt, otherwise the
263 # algo must have many collisions
265 if (exists ($db->{$hash_in . ":" . $salt}))
267 $hash_in = $hash_in . ":" . $salt;
273 next unless ($matched); # therefore: true == exists ($db->{$hash_in}
274 next unless (! defined ($db->{$hash_in}));
277 elsif ($mode == 2100)
280 my $index1 = index ($line, "\$DCC2\$");
282 next if $index1 != 0;
285 my $index2 = index ($line, "#", $index1 + 1);
289 $iter = substr ($line, $index1 + 6, $index2 - $index1 - 6);
292 $index1 = index ($line, "#");
296 $hash_in = substr ($line, 0, $index1 + 1);
298 # identify lenghts of both salt and plain
300 my $salt_plain = substr ($line, $index2 + 1);
302 my $num_cols = () = $salt_plain =~ /:/g;
312 foreach (my $i = 0; $i < $num_cols; $i++)
314 $index2 = index ($salt_plain, ":", $start);
318 $start = $index2 + 1;
320 $index3 = rindex ($salt_plain, "#", $index2);
322 $raw_hash = substr ($salt_plain, $index3 + 1, $index2 - $index3 - 1);
323 $salt = substr ($salt_plain, 0, $index3);
324 $word = substr ($salt_plain, $index2 + 1);
326 if (exists ($db->{$hash_in . $salt . "#" .$raw_hash}))
328 $hash_in = $hash_in . $salt . "#" . $raw_hash;
334 next unless ($matched); # therefore: true == exists ($db->{$hash_in}
335 next unless (! defined ($db->{$hash_in}));
337 # salt:hash guaranteed only : because of hex salt
338 elsif ($mode == 7300)
340 # split hash and plain
341 my $index1 = index ($line, ":");
345 $salt = substr ($line, 0, $index1);
347 $salt = pack ("H*", $salt);
349 my $rest = substr ($line, $index1 + 1);
351 my $index2 = index ($rest, ":");
355 $hash_in = substr ($rest, 0, $index2);
357 $word = substr ($rest, $index2 + 1);
359 next unless (exists ($db->{$salt . ":" . $hash_in}) and (! defined ($db->{$hash_in})));
362 elsif ($mode == 8100)
364 # split hash and plain
365 $salt = substr ($line, 1, 8);
367 my $rest = substr ($line, 1 + 8);
369 my $index2 = index ($rest, ":");
373 $hash_in = substr ($rest, 0, $index2);
375 $word = substr ($rest, $index2 + 1);
377 next unless (exists ($db->{"1" . $salt . $hash_in}) and (! defined ($db->{$hash_in})));
379 # base64 and salt embedded SSHA1, salt length = total lenght - 20
382 # split hash and plain
383 my $index = index ($line, ":");
387 $hash_in = substr ($line, 0, $index);
388 $word = substr ($line, $index + 1);
390 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
393 my $plain_base64 = substr ($hash_in, 6);
395 # base64 decode to extract salt
396 my $decoded = decode_base64
($plain_base64);
398 $salt = substr ($decoded, 20);
400 # base64 and salt embedded SSHA512, salt length = total length - 64
401 elsif ($mode == 1711)
403 # split hash and plain
404 my $index = index ($line, ":");
408 $hash_in = substr ($line, 0, $index);
409 $word = substr ($line, $index + 1);
411 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
414 my $plain_base64 = substr ($hash_in, 9);
416 # base64 decode to extract salt
417 my $decoded = decode_base64
($plain_base64);
419 $salt = substr ($decoded, 64);
421 # OSX (first 8 hex chars is salt)
422 elsif ($mode == 122 || $mode == 1722)
424 my $index = index ($line, ":");
428 $hash_in = substr ($line, 0, $index);
429 $word = substr ($line, $index + 1);
431 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
433 $salt = substr ($hash_in, 0, 8);
435 # MSSQL (2000, 2005 AND 2012), salt after version number
436 elsif ($mode == 131 || $mode == 132 || $mode == 1731)
438 my $index = index ($line, ":");
442 $hash_in = substr ($line, 0, $index);
443 $word = substr ($line, $index + 1);
445 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
447 $salt = substr ($hash_in, 6, 8);
450 elsif ($mode == 8000)
452 my $index = index ($line, ":");
456 $hash_in = substr ($line, 0, $index);
457 $word = substr ($line, $index + 1);
459 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
461 $salt = substr ($hash_in, 6, 16);
464 elsif ($mode == 141 || $mode == 1441)
466 my $index1 = index ($line, ":");
470 $hash_in = substr ($line, 0, $index1);
471 $word = substr ($line, $index1 + 1);
473 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
475 my $index2 = index ($line, "*", 14);
477 #extract salt from base64
478 my $plain_base64 = substr ($hash_in, 14, $index2 - 14);
480 $salt = decode_base64
($plain_base64);
482 # phpass (first 8 after $P$/$H$ -- or $S$ with drupal7)
483 elsif ($mode == 400 || $mode == 7900)
485 my $index = index ($line, ":");
489 $hash_in = substr ($line, 0, $index);
490 $word = substr ($line, $index + 1);
492 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
494 $salt = substr ($hash_in, 4, 8);
496 # iterations = 2 ^ cost (where cost == $iter)
497 $iter = index ($itoa64_1, substr ($hash_in, 3, 1));
499 # $something$[rounds=iter$]salt$ (get last $, then check iter)
500 elsif ($mode == 500 || $mode == 1600 || $mode == 1800 || $mode == 3300 || $mode == 7400)
502 my $index1 = index ($line, ":", 30);
506 $hash_in = substr ($line, 0, $index1);
507 $word = substr ($line, $index1 + 1);
509 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
511 $index1 = index ($hash_in, ",", 1);
512 my $index2 = index ($hash_in, "\$", 1);
516 if ($index1 < $index2)
522 $param = substr ($hash_in, $index2, 1);
526 # rounds= if available
529 if (substr ($hash_in, $index2, 7) eq "rounds=")
531 my $old_index = $index2;
533 $index2 = index ($hash_in, "\$", $index2 + 1);
537 $iter = substr ($hash_in, $old_index + 7, $index2 - $old_index - 7);
543 my $index3 = rindex ($hash_in, "\$");
547 $salt = substr ($hash_in, $index2, $index3 - $index2);
549 # descrypt (salt in first 2 char)
550 elsif ($mode == 1500)
552 my $index = index ($line, ":");
556 $hash_in = substr ($line, 0, $index);
557 $word = substr ($line, $index + 1);
559 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
561 $salt = substr ($hash_in, 0, 2);
563 # bcrypt $something$something$salt.hash
564 elsif ($mode == 3200)
566 my $index1 = index ($line, ":", 33);
570 $hash_in = substr ($line, 0, $index1);
571 $word = substr ($line, $index1 + 1);
573 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
575 my $index2 = index ($hash_in, "\$", 4);
577 $iter = substr ($hash_in, 4, $index2 - 4);
579 my $plain_base64 = substr ($hash_in, $index2 + 1, 22);
584 for (my $i = 0; $i < length ($plain_base64); $i++)
586 my $char = substr ($plain_base64, $i, 1);
587 $encoded .= substr ($base64, index ($itoa64_2, $char), 1);
590 $salt = decode_base64
($encoded);
593 elsif ($mode == 4800)
595 my $index1 = index ($line, ":");
599 my $index2 = index ($line, ":", $index1 + 1);
603 my $index3 = index ($line, ":", $index2 + 1);
607 $salt = substr ($line, $index1 + 1, $index3 - $index1 - 1);
609 $word = substr ($line, $index3 + 1);
611 $hash_in = substr ($line, 0, $index3);
614 elsif ($mode == 5300 || $mode == 5400)
616 my $num_cols = () = $line =~ /:/g;
618 next unless ($num_cols >= 9);
623 for (my $j = 0; $j < 9; $j++)
625 $index1 = index ($line, ":", $index1 + 1);
636 $word = substr ($line, $index1 + 1);
638 $hash_in = substr ($line, 0, $index1);
640 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
642 my $index2 = rindex ($line, ":", $index1 - 1);
644 $salt = substr ($line, 0, $index2);
647 elsif ($mode == 5500)
649 my $index1 = index ($line, "::");
653 my $index2 = index ($line, ":", $index1 + 2);
657 $index2 = index ($line, ":", $index2 + 1);
661 $salt = substr ($line, 0, $index2);
663 $index2 = index ($line, ":", $index2 + 1);
667 $salt .= substr ($line, $index2 + 1, 16);
669 $index2 = index ($line, ":", $index2 + 1);
673 $hash_in = substr ($line, 0, $index2);
675 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
677 $word = substr ($line, $index2 + 1);
680 elsif ($mode == 5600)
682 my $index1 = index ($line, "::");
686 my $index2 = index ($line, ":", $index1 + 2);
690 $index2 = index ($line, ":", $index2 + 1);
694 $salt = substr ($line, 0, $index2);
696 $index1 = index ($line, ":", $index2 + 1);
700 $index2 = index ($line, ":", $index1 + 1);
704 $salt .= substr ($line, $index1 + 1, $index2 - $index1 - 1);
706 $hash_in = substr ($line, 0, $index2);
708 # do it later on for this hash mode:
709 # next unless ((exists ($db->{$hash_in}) and (! defined ($db->{$hash_in}))) or (exists ($db->{$mod}) and (! defined ($db->{$mod}))));
711 $word = substr ($line, $index2 + 1);
713 # AIX smd5 something BRACE salt$
714 elsif ($mode == 6300)
716 my $index1 = index ($line, ":");
720 $hash_in = substr ($line, 0, $index1);
721 $word = substr ($line, $index1 + 1);
723 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
725 my $index2 = index ($hash_in, "}");
726 my $index3 = rindex ($hash_in, "\$");
728 $salt = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
730 # AIX: something$salt$ (no $ at position 1)
731 elsif ($mode == 6400 || $mode == 6500 || $mode == 6700)
733 my $index1 = index ($line, ":");
737 $hash_in = substr ($line, 0, $index1);
738 $word = substr ($line, $index1 + 1);
740 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
742 my $index2 = index ($hash_in, "}");
743 my $index3 = index ($hash_in, "\$");
744 my $index4 = rindex ($hash_in, "\$");
746 $salt = substr ($hash_in, $index3 + 1, $index4 - $index3 - 1);
748 $iter = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
750 # 1Password, agilekeychain
751 elsif ($mode == 6600)
753 my $num_cols = () = $line =~ /:/g;
755 next unless ($num_cols > 2);
757 my $index1 = index ($line, ":");
761 $iter = substr ($line, 0, $index1);
763 my $index2 = index ($line, ":", $index1 + 1);
767 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
769 $index1 = index ($line, ":", $index2 + 1);
773 $salt .= substr ($line, $index2 + 1, $index1 - $index2 - 33);
775 $hash_in = substr ($line, 0, $index1);
777 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
779 $word = substr ($line, $index1 + 1);
781 # 1Password, cloudkeychain
782 elsif ($mode == 8200)
784 my @datas = split (":", $line);
786 next if scalar @datas < 4;
788 my $hash = shift @datas;
789 $salt = shift @datas;
790 $iter = shift @datas;
791 my $data = shift @datas;
793 $hash_in = $hash . ":" . $salt . ":" . $iter . ":" . $data;
797 $word = join (":", @datas);
799 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
801 # lastpass (hash:iter:salt)
802 elsif ($mode == 6800)
804 my $index1 = index ($line, ":", 34);
808 $hash_in = substr ($line, 0, $index1);
810 # identify lenghts of both salt and plain
812 my $salt_plain = substr ($line, $index1 + 1);
814 my $num_cols = () = $salt_plain =~ /:/g;
823 foreach (my $i = 0; $i < $num_cols; $i++)
825 $index2 = index ($salt_plain, ":", $start);
829 $start = $index2 + 1;
831 $salt = substr ($salt_plain, 0, $index2);
832 $word = substr ($salt_plain, $index2 + 1);
834 # can't be true w/ wrong $hash:$salt, otherwise the
835 # algo must have many collisions
837 if (exists ($db->{$hash_in . ":" . $salt}))
839 $hash_in = $hash_in . ":" . $salt;
845 next unless ($matched); # therefore: true == exists ($db->{$hash_in}
846 next unless (! defined ($db->{$hash_in}));
848 $index1 = index ($hash_in, ":");
849 $index2 = index ($hash_in, ":", $index1 + 1);
851 $iter = substr ($hash_in, $index1 + 1, $index2 - $index1 - 1);
852 $salt = substr ($hash_in, $index2 + 1);
854 # OSX 10.* : $something$iter$salt$
855 elsif ($mode == 7100)
857 my $index1 = index ($line, ":");
861 $hash_in = substr ($line, 0, $index1);
862 $word = substr ($line, $index1 + 1);
864 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
866 my $index2 = index ($hash_in, "\$", 5);
870 my $index3 = index ($hash_in, "\$", $index2 + 1);
872 $salt = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
874 $iter = substr ($hash_in, 4, $index2 - 4);
876 next if (int ($iter) < 1);
878 # grub: something1.something2.something3.iter.salt.
879 elsif ($mode == 7200)
881 my $index1 = index ($line, ":");
885 $hash_in = substr ($line, 0, $index1);
886 $word = substr ($line, $index1 + 1);
888 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
890 my $index2 = index ($hash_in, ".", 19);
894 my $index3 = index ($hash_in, ".", $index2 + 1);
896 $salt = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
898 $iter = substr ($hash_in, 19, $index2 - 19);
900 next if (int ($iter) < 1);
902 # $something1$something2$something3$something4$salt$
903 elsif ($mode == 7500 )
905 my $index1 = index ($line, "\$", 11);
909 my $index2 = index ($line, "\$", $index1 + 1);
913 my $index3 = index ($line, "\$", $index2 + 1);
917 $index2 = index ($line, ":", $index3 + 1);
921 $hash_in = substr ($line, 0, $index2);
922 $word = substr ($line, $index2 + 1);
924 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
926 $salt = substr ($hash_in, 11, $index3 - 10);
927 $salt .= substr ($hash_in, $index2 - 32) . "\$\$";
928 $salt .= substr ($hash_in, $index3 + 1, $index2 - $index3 - 32 - 1);
931 elsif ($mode == 7700 || $mode == 7800)
933 my $index1 = index ($line, ":");
937 my @split1 = split (":", $line);
939 my @split2 = split ('\$', $split1[0]);
941 next unless scalar @split2 == 2;
943 $hash_in = $split1[0];
945 if (scalar @split1 > 1)
954 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
959 elsif ($mode == 8300)
961 my @datas = split (":", $line);
963 next if scalar @datas != 5;
968 ($hash, $domain, $salt, $iter, $word) = @datas;
970 $hash_in = $hash . ":" . $domain . ":" . $salt . ":" . $iter;
972 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
974 $salt = $domain . ":" . $salt;
977 elsif ($mode == 8500)
979 my @line_elements = split (":", $line);
981 next if scalar @line_elements < 2;
985 $hash_in = shift @line_elements;
987 $word = join (":", @line_elements);
991 my @hash_elements = split ('\*', $hash_in);
993 next unless ($hash_elements[0] eq '$racf$');
995 $salt = $hash_elements[1];
997 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1000 elsif ($mode == 8700)
1002 # split hash and plain
1003 my $index = index ($line, ":");
1007 $hash_in = substr ($line, 0, $index);
1008 $word = substr ($line, $index + 1);
1010 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1012 my $plain_base64 = substr ($hash_in, 2, -1);
1014 ($_, $salt, $param) = domino_decode
($plain_base64);
1017 elsif ($mode == 2612)
1019 next unless (substr ($line, 0, 6) eq '$PHPS$');
1022 my $index1 = index ($line, "\$", 6);
1024 next if $index1 < 1;
1026 $salt = substr ($line, 6, $index1 - 6);
1028 $salt = pack ("H*", $salt);
1030 my $index2 = index ($line, "\:", $index1 + 1);
1032 next if $index2 < 1;
1034 $word = substr ($line, $index2 + 1);
1036 $hash_in = substr ($line, 0, $index2);
1038 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1041 elsif ($mode == 3711)
1043 next unless (substr ($line, 0, 3) eq '$B$');
1046 my $index1 = index ($line, "\$", 3);
1048 next if $index1 < 1;
1050 $salt = substr ($line, 3, $index1 - 3);
1052 my $index2 = index ($line, ":", $index1 + 1);
1054 next if $index2 < 1;
1056 $word = substr ($line, $index2 + 1);
1058 $hash_in = substr ($line, 0, $index2);
1060 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1063 elsif ($mode == 8900)
1065 next unless (substr ($line, 0, 7) eq 'SCRYPT:');
1068 my $index1 = index ($line, ":", 7);
1070 next if $index1 < 1;
1073 my $N = substr ($line, 7, $index1 - 7);
1075 my $index2 = index ($line, ":", $index1 + 1);
1077 next if $index2 < 1;
1080 my $r = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1082 $index1 = index ($line, ":", $index2 + 1);
1084 next if $index1 < 1;
1087 my $p = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1093 $index2 = index ($line, ":", $index1 + 1);
1095 next if $index2 < 1;
1098 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1100 $salt = decode_base64
($salt);
1102 $index1 = index ($line, ":", $index2 + 1);
1104 next if $index1 < 1;
1108 $word = substr ($line, $index1 + 1);
1109 $hash_in = substr ($line, 0, $index1);
1111 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1114 elsif ($mode == 9100)
1116 # split hash and plain
1117 my $index = index ($line, ":");
1121 $hash_in = substr ($line, 0, $index);
1122 $word = substr ($line, $index + 1);
1124 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1126 my $base64_part = substr ($hash_in, 2, -1);
1128 ($_, $salt, $iter, $param) = domino_85x_decode
($base64_part);
1130 next if ($iter < 1);
1132 # Cisco $8$ - PBKDF2-HMAC-SHA256
1133 elsif ($mode == 9200)
1135 next unless (substr ($line, 0, 3) eq '$8$');
1138 my $index1 = index ($line, "\$", 3);
1140 next if $index1 != 17;
1142 my $index2 = index ($line, "\$", $index1 + 1);
1145 $salt = substr ($line, 3, $index1 - 3);
1147 $index1 = index ($line, ":", $index1 + 1);
1149 next if $index1 < 1;
1153 $word = substr ($line, $index1 + 1);
1154 $hash_in = substr ($line, 0, $index1);
1156 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1158 # Cisco $9$ - scrypt
1159 elsif ($mode == 9300)
1161 next unless (substr ($line, 0, 3) eq '$9$');
1164 my $index1 = index ($line, "\$", 3);
1166 next if $index1 != 17;
1168 my $index2 = index ($line, "\$", $index1 + 1);
1171 $salt = substr ($line, 3, $index1 - 3);
1173 $index1 = index ($line, ":", $index1 + 1);
1175 next if $index1 < 1;
1179 $word = substr ($line, $index1 + 1);
1180 $hash_in = substr ($line, 0, $index1);
1182 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1185 elsif ($mode == 9400)
1187 ($hash_in, $word) = split ":", $line;
1189 next unless defined $hash_in;
1190 next unless defined $word;
1192 my @data = split /\*/, $hash_in;
1194 next unless scalar @data == 8;
1196 next unless (shift @data eq '$office$');
1197 next unless (shift @data eq '2007');
1198 next unless (shift @data eq '20');
1200 my $aes_key_size = shift @data;
1202 next unless (($aes_key_size eq '128') || ($aes_key_size eq '256'));
1203 next unless (shift @data eq '16');
1205 next unless (length $data[0] == 32);
1206 next unless (length $data[1] == 32);
1207 next unless (length $data[2] == 40);
1209 $salt = shift @data;
1210 $param = shift @data;
1211 $param2 = $aes_key_size;
1213 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1216 elsif ($mode == 9500)
1218 ($hash_in, $word) = split ":", $line;
1220 next unless defined $hash_in;
1221 next unless defined $word;
1223 my @data = split /\*/, $hash_in;
1225 next unless scalar @data == 8;
1227 next unless (shift @data eq '$office$');
1228 next unless (shift @data eq '2010');
1229 next unless (shift @data eq '100000');
1230 next unless (shift @data eq '128');
1231 next unless (shift @data eq '16');
1233 next unless (length $data[0] == 32);
1234 next unless (length $data[1] == 32);
1235 next unless (length $data[2] == 64);
1237 $salt = shift @data;
1238 $param = shift @data;
1240 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1243 elsif ($mode == 9600)
1245 ($hash_in, $word) = split ":", $line;
1247 next unless defined $hash_in;
1248 next unless defined $word;
1250 my @data = split /\*/, $hash_in;
1252 next unless scalar @data == 8;
1254 next unless (shift @data eq '$office$');
1255 next unless (shift @data eq '2013');
1256 next unless (shift @data eq '100000');
1257 next unless (shift @data eq '256');
1258 next unless (shift @data eq '16');
1260 next unless (length $data[0] == 32);
1261 next unless (length $data[1] == 32);
1262 next unless (length $data[2] == 64);
1264 $salt = shift @data;
1265 $param = shift @data;
1267 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1270 elsif ($mode == 9700)
1272 ($hash_in, $word) = split ":", $line;
1274 next unless defined $hash_in;
1275 next unless defined $word;
1277 my @data = split /\*/, $hash_in;
1279 next unless scalar @data == 4;
1281 my $signature = shift @data;
1283 next unless (($signature eq '$oldoffice$0') || ($signature eq '$oldoffice$1'));
1285 next unless (length $data[0] == 32);
1286 next unless (length $data[1] == 32);
1287 next unless (length $data[2] == 32);
1289 $salt = shift @data;
1290 $param = shift @data;
1291 $param2 = substr ($signature, 11, 1);
1293 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1296 elsif ($mode == 9800)
1298 ($hash_in, $word) = split ":", $line;
1300 next unless defined $hash_in;
1301 next unless defined $word;
1303 my @data = split /\*/, $hash_in;
1305 next unless scalar @data == 4;
1307 my $signature = shift @data;
1309 next unless (($signature eq '$oldoffice$3') || ($signature eq '$oldoffice$4'));
1311 next unless (length $data[0] == 32);
1312 next unless (length $data[1] == 32);
1313 next unless (length $data[2] == 40);
1315 $salt = shift @data;
1316 $param = shift @data;
1317 $param2 = substr ($signature, 11, 1);
1319 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1321 # Django (PBKDF2-SHA256)
1322 elsif ($mode == 10000)
1324 next unless (substr ($line, 0, 14) eq 'pbkdf2_sha256$');
1327 my $index1 = index ($line, "\$", 14);
1329 next if $index1 < 1;
1331 my $index2 = index ($line, "\$", $index1 + 1);
1335 $iter = substr ($line, 14, $index1 - 14);
1339 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1343 $index1 = index ($line, ":", $index2 + 1);
1345 next if $index1 < 1;
1347 $word = substr ($line, $index1 + 1);
1348 $hash_in = substr ($line, 0, $index1);
1350 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1353 elsif ($mode == 10100)
1357 ($hash, undef, undef, $salt, $word) = split ":", $line;
1359 next unless defined $hash;
1360 next unless defined $salt;
1361 next unless defined $word;
1363 next unless (length $hash == 16);
1364 next unless (length $salt == 32);
1366 my $hash_in = sprintf ("%s:2:4:%s", $hash, $salt);
1368 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1371 elsif ($mode == 10200)
1373 next unless (substr ($line, 0, 10) eq '$cram_md5$');
1376 my $index1 = index ($line, "\$", 10);
1378 next if $index1 < 1;
1382 my $challengeb64 = substr ($line, 10, $index1 - 10);
1383 $salt = decode_base64
($challengeb64);
1387 my $index2 = index ($line, ":", $index1 + 1);
1389 next if $index2 < 1;
1391 my $responseb64 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1392 my $response = decode_base64
($responseb64);
1394 $param = substr ($response, 0, length ($response) - 32 - 1); # -1 is for space
1396 $word = substr ($line, $index2 + 1);
1397 $hash_in = substr ($line, 0, $index2);
1399 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1401 # SAP CODVN H (PWDSALTEDHASH) iSSHA-1
1402 elsif ($mode == 10300)
1404 next unless (substr ($line, 0, 10) eq '{x-issha, ');
1408 my $index1 = index ($line, "}", 10);
1410 next if $index1 < 1;
1412 $iter = substr ($line, 10, $index1 - 10);
1414 $iter = int ($iter);
1418 my $base64_encoded = substr ($line, $index1 + 1);
1419 my $base64_decoded = decode_base64
($base64_encoded);
1421 $salt = substr ($base64_decoded, 20);
1423 my $index2 = index ($line, ":", $index1 + 1);
1425 next if $index2 < 1;
1427 $word = substr ($line, $index2 + 1);
1428 $hash_in = substr ($line, 0, $index2);
1430 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1432 # PDF 1.1 - 1.3 (Acrobat 2 - 4)
1433 elsif ($mode == 10400)
1435 ($hash_in, $word) = split ":", $line;
1437 next unless defined $hash_in;
1438 next unless defined $word;
1440 my @data = split /\*/, $hash_in;
1442 next unless scalar @data == 11;
1444 next unless (shift @data eq '$pdf$1');
1445 next unless (shift @data eq '2');
1446 next unless (shift @data eq '40');
1447 my $P = shift @data;
1448 next unless (shift @data eq '0');
1449 next unless (shift @data eq '16');
1450 my $id = shift @data;
1451 next unless (shift @data eq '32');
1452 my $u = shift @data;
1453 next unless (shift @data eq '32');
1454 my $o = shift @data;
1461 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1463 # PDF 1.4 - 1.6 (Acrobat 5 - 8)
1464 elsif ($mode == 10500)
1466 ($hash_in, $word) = split ":", $line;
1468 next unless defined $hash_in;
1469 next unless defined $word;
1471 my @data = split /\*/, $hash_in;
1473 next unless scalar @data == 11;
1475 my $V = shift @data; $V = substr ($V, 5, 1);
1476 my $R = shift @data;
1477 next unless (shift @data eq '128');
1478 my $P = shift @data;
1479 my $enc = shift @data;
1480 next unless (shift @data eq '16');
1481 my $id = shift @data;
1482 next unless (shift @data eq '32');
1483 my $u = shift @data;
1484 next unless (shift @data eq '32');
1485 my $o = shift @data;
1495 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1497 # PDF 1.7 Level 3 (Acrobat 9)
1498 elsif ($mode == 10600)
1500 ($hash_in, $word) = split ":", $line;
1502 next unless defined $hash_in;
1503 next unless defined $word;
1505 my @data = split /\*/, $hash_in;
1507 next unless scalar @data >= 11;
1509 next unless (shift @data eq '$pdf$5');
1510 next unless (shift @data eq '5');
1511 next unless (shift @data eq '256');
1512 next unless (shift @data eq '-1028');
1513 next unless (shift @data eq '1');
1514 next unless (shift @data eq '16');
1515 my $id = shift @data;
1516 my $rest = join "*", @data;
1521 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1523 # PDF 1.7 Level 8 (Acrobat 10 - 11)
1524 elsif ($mode == 10700)
1526 ($hash_in, $word) = split ":", $line;
1528 next unless defined $hash_in;
1529 next unless defined $word;
1531 my @data = split /\*/, $hash_in;
1533 next unless scalar @data >= 11;
1535 next unless (shift @data eq '$pdf$5');
1536 next unless (shift @data eq '6');
1537 next unless (shift @data eq '256');
1538 next unless (shift @data eq '-1028');
1539 next unless (shift @data eq '1');
1540 next unless (shift @data eq '16');
1541 my $id = shift @data;
1542 my $rest = join "*", @data;
1547 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1549 # PBKDF2-HMAC-SHA256
1550 elsif ($mode == 10900)
1552 next unless (substr ($line, 0, 7) eq 'sha256:');
1555 my $index1 = index ($line, ":", 7);
1557 next if $index1 < 1;
1559 $iter = substr ($line, 7, $index1 - 7);
1563 my $index2 = index ($line, ":", $index1 + 1);
1565 next if $index2 < 1;
1567 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1569 $salt = decode_base64
($salt);
1573 $index1 = index ($line, ":", $index2 + 1);
1575 next if $index1 < 1;
1577 # additional param = output len of pbkdf2
1579 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1581 my $digest = decode_base64
($digest64_encoded);
1583 $param = length ($digest);
1587 $word = substr ($line, $index1 + 1);
1588 $hash_in = substr ($line, 0, $index1);
1590 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1592 # PostgreSQL MD5 Authentication
1593 elsif ($mode == 11100)
1595 next unless (substr ($line, 0, 10) eq '$postgres$');
1597 my $index1 = index ($line, "*", 10);
1599 next if $index1 < 1;
1603 $param = substr ($line, 10, $index1 - 10);
1605 # get the 4 byte salt
1607 my $index2 = index ($line, "*", $index1 + 1);
1609 next if $index2 < 1;
1611 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1615 $index1 = index ($line, ":", $index2 + 1);
1617 next if $index1 < 1;
1619 $word = substr ($line, $index1 + 1);
1620 $hash_in = substr ($line, 0, $index1);
1622 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1624 # MySQL MD5 Authentication
1625 elsif ($mode == 11200)
1627 next unless (substr ($line, 0, 9) eq '$mysqlna$');
1629 my $index1 = index ($line, "*", 9);
1631 next if $index1 < 1;
1635 $salt = substr ($line, 9, $index1 - 9);
1639 $index1 = index ($line, ":", $index1 + 1);
1641 next if $index1 < 1;
1643 $word = substr ($line, $index1 + 1);
1644 $hash_in = substr ($line, 0, $index1);
1646 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1649 elsif ($mode == 2500)
1651 print "ERROR: verify currently not supported for WPA/WPA2 (because of oclHashcat's output format)\n";
1655 # Bitcoin/Litecoin wallet.dat
1656 elsif ($mode == 11300)
1658 print "ERROR: verify currently not supported for Bitcoin/Litecoin wallet.dat because of unknown crypt data\n";
1662 # SIP digest authentication (MD5)
1663 elsif ($mode == 11400)
1665 next unless (substr ($line, 0, 6) eq '$sip$*');
1669 my $index1 = index ($line, "*", 6);
1671 next if $index1 < 0;
1673 $param10 = substr ($line, 6, $index1 - 6);
1675 next if (length ($param10) > 32);
1679 my $index2 = index ($line, "*", $index1 + 1);
1681 next if $index2 < 0;
1683 $param11 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1685 next if (length ($param11) > 32);
1689 $index1 = index ($line, "*", $index2 + 1);
1691 next if $index1 < 0;
1693 $param = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1695 next if (length ($param) > 12);
1699 $index2 = index ($line, "*", $index1 + 1);
1701 next if $index2 < 0;
1703 $param2 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1705 next if (length ($param2) > 20);
1709 $index1 = index ($line, "*", $index2 + 1);
1711 next if $index1 < 0;
1713 $param6 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1715 next if (length ($param6) > 24);
1719 $index2 = index ($line, "*", $index1 + 1);
1721 next if $index2 < 0;
1723 $param7 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1725 next if (length ($param7) > 10);
1729 $index1 = index ($line, "*", $index2 + 1);
1731 next if $index1 < 0;
1733 $param8 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1735 next if (length ($param8) > 32);
1739 $index2 = index ($line, "*", $index1 + 1);
1741 next if $index2 < 0;
1743 $param9 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1745 next if (length ($param9) > 32);
1749 $index1 = index ($line, "*", $index2 + 1);
1751 next if $index1 < 0;
1753 $salt = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1755 next if (length ($salt) > 34);
1759 $index2 = index ($line, "*", $index1 + 1);
1761 next if $index2 < 0;
1763 $param4 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1765 next if (length ($param4) > 12);
1769 $index1 = index ($line, "*", $index2 + 1);
1771 next if $index1 < 0;
1773 $param3 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1775 next if (length ($param3) > 10);
1779 $index2 = index ($line, "*", $index1 + 1);
1781 next if $index2 < 0;
1783 $param5 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1785 next if (length ($param5) > 8);
1789 $index1 = index ($line, "*", $index2 + 1);
1791 next if $index1 < 0;
1793 my $directive = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1795 next unless ($directive eq "MD5");
1799 $index2 = index ($line, ":", $index1 + 1);
1801 next if $index2 < 0;
1803 my $hex_digest = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1805 next unless (length ($hex_digest) == 32);
1807 $word = substr ($line, $index2 + 1);
1808 $hash_in = substr ($line, 0, $index2);
1810 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1813 elsif ($mode == 11600)
1815 next unless (substr ($line, 0, 4) eq '$7z$');
1819 my $index1 = index ($line, '$', 4);
1821 next if $index1 < 0;
1823 my $p = substr ($line, 4, $index1 - 4);
1825 next unless ($p eq "0");
1829 my $index2 = index ($line, '$', $index1 + 1);
1831 next if $index2 < 0;
1833 $iter = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1835 # seven zip salt length
1837 $index1 = index ($line, '$', $index2 + 1);
1839 next if $index1 < 0;
1841 $param = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1845 $index2 = index ($line, '$', $index1 + 1);
1847 next if $index2 < 0;
1849 $param2 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1853 $index1 = index ($line, '$', $index2 + 1);
1855 next if $index1 < 0;
1857 $param3 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1861 $index2 = index ($line, '$', $index1 + 1);
1863 next if $index2 < 0;
1865 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1867 $salt = pack ("H*", $salt);
1871 $index1 = index ($line, '$', $index2 + 1);
1873 next if $index1 < 0;
1875 my $crc = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1877 # ignore this crc, we don't need to pass it to gen_hash ()
1881 $index2 = index ($line, '$', $index1 + 1);
1883 next if $index2 < 0;
1885 $param4 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1889 $index1 = index ($line, '$', $index2 + 1);
1891 next if $index1 < 0;
1893 $param5 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1897 $index2 = index ($line, ':', $index1 + 1);
1899 next if $index2 < 0;
1901 $param6 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1902 $param6 = pack ("H*", $param6);
1904 $word = substr ($line, $index2 + 1);
1905 $hash_in = substr ($line, 0, $index2);
1907 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1910 elsif ($mode == 11900)
1912 next unless (substr ($line, 0, 4) eq 'md5:');
1915 my $index1 = index ($line, ":", 4);
1917 next if $index1 < 1;
1919 $iter = substr ($line, 4, $index1 - 4);
1923 my $index2 = index ($line, ":", $index1 + 1);
1925 next if $index2 < 1;
1927 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1929 $salt = decode_base64
($salt);
1933 $index1 = index ($line, ":", $index2 + 1);
1935 next if $index1 < 1;
1937 # additional param = output len of pbkdf2
1939 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1941 my $digest = decode_base64
($digest64_encoded);
1943 $param = length ($digest);
1947 $word = substr ($line, $index1 + 1);
1948 $hash_in = substr ($line, 0, $index1);
1950 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1953 elsif ($mode == 12000)
1955 next unless (substr ($line, 0, 5) eq 'sha1:');
1958 my $index1 = index ($line, ":", 5);
1960 next if $index1 < 1;
1962 $iter = substr ($line, 5, $index1 - 5);
1966 my $index2 = index ($line, ":", $index1 + 1);
1968 next if $index2 < 1;
1970 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1972 $salt = decode_base64
($salt);
1976 $index1 = index ($line, ":", $index2 + 1);
1978 next if $index1 < 1;
1980 # additional param = output len of pbkdf2
1982 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1984 my $digest = decode_base64
($digest64_encoded);
1986 $param = length ($digest);
1990 $word = substr ($line, $index1 + 1);
1991 $hash_in = substr ($line, 0, $index1);
1993 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1995 # PBKDF2-HMAC-SHA512
1996 elsif ($mode == 12100)
1998 next unless (substr ($line, 0, 7) eq 'sha512:');
2001 my $index1 = index ($line, ":", 7);
2003 next if $index1 < 1;
2005 $iter = substr ($line, 7, $index1 - 7);
2009 my $index2 = index ($line, ":", $index1 + 1);
2011 next if $index2 < 1;
2013 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
2015 $salt = decode_base64
($salt);
2019 $index1 = index ($line, ":", $index2 + 1);
2021 next if $index1 < 1;
2023 # additional param = output len of pbkdf2
2025 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
2027 my $digest = decode_base64
($digest64_encoded);
2029 $param = length ($digest);
2033 $word = substr ($line, $index1 + 1);
2034 $hash_in = substr ($line, 0, $index1);
2036 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2039 elsif ($mode == 12200)
2041 next unless (substr ($line, 0, 12) eq '$ecryptfs$0$');
2043 # check if default salt
2047 $param = 0 if (substr ($line, 12, 2) eq '1$');
2055 if ($param == 0) # we need to extract the salt
2057 $index1 = index ($line, '$', $index1);
2059 next if $index1 < 1;
2061 my $index2 = index ($line, '$', $index1 + 1);
2063 next if $index2 < 1;
2065 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
2070 $index1 = index ($line, ':', $index1 + 1);
2072 next if $index1 < 1;
2076 $word = substr ($line, $index1 + 1);
2077 $hash_in = substr ($line, 0, $index1);
2079 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2081 # Oracle T: Type (Oracle 12+)
2082 elsif ($mode == 12300)
2084 my $index1 = index ($line, ':');
2086 next if ($index1 != 160);
2090 $salt = substr ($line, 128, 32);
2094 $word = substr ($line, $index1 + 1);
2095 $hash_in = substr ($line, 0, $index1);
2097 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2099 # BSDiCrypt, Extended DES
2100 elsif ($mode == 12400)
2102 next unless (substr ($line, 0, 1) eq '_');
2104 my $index1 = index ($line, ':', 20);
2106 next if ($index1 != 20);
2110 $iter = substr ($line, 1, 4);
2112 $iter = base64_to_int24
($iter);
2116 $salt = substr ($line, 5, 4);
2120 $word = substr ($line, $index1 + 1);
2121 $hash_in = substr ($line, 0, $index1);
2123 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2125 # Blockchain, My Wallet
2126 elsif ($mode == 12700)
2128 my $index1 = index ($line, ':');
2130 next if ($index1 < 0);
2132 $hash_in = substr ($line, 0, $index1);
2133 $word = substr ($line, $index1 + 1);
2135 my (undef, $signature, $data_len, $data_buf) = split '\$', $hash_in;
2137 next unless ($signature eq "blockchain");
2139 next unless (($data_len * 2) == length $data_buf);
2141 $salt = substr ($data_buf, 0, 32);
2142 $param = substr ($data_buf, 32);
2144 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2146 elsif ($mode == 12800)
2148 ($hash_in, $word) = split ":", $line;
2150 next unless defined $hash_in;
2151 next unless defined $word;
2153 my @data = split /\,/, $hash_in;
2155 next unless scalar @data == 4;
2157 next unless (shift @data eq 'v1;PPH1_MD4');
2159 $salt = shift @data;
2160 $iter = shift @data;
2162 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2164 elsif ($mode == 12900)
2166 ($hash_in, $word) = split ":", $line;
2168 next unless defined $hash_in;
2169 next unless defined $word;
2171 next unless length $hash_in == 160;
2173 $param = substr ($hash_in, 0, 64);
2174 $salt = substr ($hash_in, 128, 32);
2177 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2179 elsif ($mode == 13000)
2183 ($hash_line, $word) = split ":", $line;
2185 next unless defined $hash_line;
2186 next unless defined $word;
2188 my @data = split ('\$', $hash_line);
2190 next unless scalar @data == 8;
2194 my $signature = shift @data;
2195 my $salt_len = shift @data;
2196 my $salt_buf = shift @data;
2197 my $iterations = shift @data;
2198 my $iv = shift @data;
2199 my $pswcheck_len = shift @data;
2200 my $pswcheck = shift @data;
2202 next unless ($signature eq "rar5");
2203 next unless ($salt_len == 16);
2204 next unless ($pswcheck_len == 8);
2207 $iter = $iterations;
2208 $hash_in = $pswcheck;
2211 next unless (exists ($db->{$hash_line}) and (! defined ($db->{$hash_line})));
2213 elsif ($mode == 13100 )
2215 ($hash_in, $word) = split ":", $line;
2217 next unless defined $hash_in;
2218 next unless defined $word;
2220 my @data = split ('\$', $hash_in);
2222 next unless scalar @data == 8;
2226 my $signature = shift @data;
2227 my $algorithm = shift @data;
2228 my $user = shift @data;
2229 $user = substr ($user, 1);
2230 my $realm = shift @data;
2231 my $spn = shift @data;
2232 $spn = substr ($spn, 0, length ($spn) - 1);
2233 my $checksum = shift @data;
2234 my $edata2 = shift @data;
2236 next unless ($signature eq "krb5tgs");
2237 next unless (length ($checksum) == 32);
2238 next unless (length ($edata2) >= 64);
2240 $salt = $user . '$' . $realm . '$' . $spn . '$' . substr ($edata2, 0, 16);
2242 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2244 elsif ($mode == 13200)
2246 ($hash_in, $word) = split ":", $line;
2248 next unless defined $hash_in;
2249 next unless defined $word;
2251 my @data = split ('\*', $hash_in);
2253 next unless scalar @data == 5;
2257 my $signature = shift @data;
2258 my $version = shift @data;
2259 my $iteration = shift @data;
2260 my $mysalt = shift @data;
2261 my $digest = shift @data;
2263 next unless ($signature eq '$axcrypt$');
2264 next unless (length ($mysalt) == 32);
2265 next unless (length ($digest) == 48);
2267 $salt = $iteration . '*' . $mysalt;
2269 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2271 elsif ($mode == 13300)
2273 ($hash_in, $word) = split ":", $line;
2275 next unless defined $hash_in;
2276 next unless defined $word;
2278 my @data = split ('\$', $hash_in);
2280 next unless scalar @data == 2;
2284 my $signature = shift @data;
2285 my $digest = shift @data;
2287 next unless ($signature eq '$axcrypt_sha1');
2288 next unless (length ($digest) == 32 || length ($digest) == 40);
2290 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2292 elsif ($mode == 13400)
2294 ($hash_in, $word) = split ":", $line;
2296 next unless defined $hash_in;
2297 next unless defined $word;
2299 my @data = split ('\*', $hash_in);
2301 next unless (scalar @data == 9 || scalar @data == 11);
2303 my $signature = shift @data;
2304 next unless ($signature eq '$keepass$');
2306 my $version = shift @data;
2307 next unless ($version == 1 || $version == 2);
2309 my $iteration = shift @data;
2311 my $algorithm = shift @data;
2313 my $final_random_seed = shift @data;
2317 next unless (length ($final_random_seed) == 32);
2319 elsif ($version == 2)
2321 next unless (length ($final_random_seed) == 64);
2324 my $transf_random_seed = shift @data;
2325 next unless (length ($transf_random_seed) == 64);
2327 my $enc_iv = shift @data;
2328 next unless (length ($enc_iv) == 32);
2332 my $contents_hash = shift @data;
2333 next unless (length ($contents_hash) == 64);
2335 my $inline_flags = shift @data;
2336 next unless ($inline_flags == 1);
2338 my $contents_len = shift @data;
2340 my $contents = shift @data;
2341 next unless (length ($contents) == $contents_len * 2);
2343 elsif ($version == 2)
2345 my $expected_bytes = shift @data;
2346 next unless (length ($expected_bytes) == 64);
2348 my $contents_hash = shift @data;
2349 next unless (length ($contents_hash) == 64);
2352 $salt = substr ($hash_in, length ("*keepass*") + 1, length ($hash_in));
2354 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2358 print "ERROR: hash mode is not supported\n";
2363 if ($word =~ m/^\$HEX\[[0-9a-fA-F]*\]$/)
2365 $word = pack ("H*", substr ($word, 5, -1));
2368 # finally generate the hash
2373 # check both variations
2374 $hash_out = gen_hash
($mode, $word, $salt, $iter, 1);
2376 $len = length $hash_out; # == length $alternative
2378 if (substr ($line, 0, $len) ne $hash_out)
2380 my $alternative = gen_hash
($mode, $word, $salt, $iter, 2);
2382 return unless (substr ($line, 0, $len) eq $alternative);
2385 elsif ($mode == 8700)
2387 $hash_out = gen_hash
($mode, $word, $salt, 0, $param);
2389 $len = length $hash_out;
2391 return unless (substr ($line, 0, $len) eq $hash_out);
2393 elsif ($mode == 8900)
2395 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2, $param3);
2397 $len = length $hash_out;
2399 return unless (substr ($line, 0, $len) eq $hash_out);
2401 elsif ($mode == 9100)
2403 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2405 $len = length $hash_out;
2407 return unless (substr ($line, 0, $len) eq $hash_out);
2409 elsif ($mode == 190)
2411 $hash_out = gen_hash
($mode, $word, $salt, $iter, 0);
2413 $len = length $hash_out; # == length $alternative
2415 if (substr ($line, 0, $len) ne $hash_out)
2417 my $alternative = gen_hash
($mode, $word, $salt, $iter, 1);
2419 return unless (substr ($line, 0, $len) eq $alternative);
2422 elsif ($mode == 3300)
2424 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2426 $len = length $hash_out;
2428 return unless (substr ($line, 0, $len) eq $hash_out);
2430 elsif ($mode == 5100)
2432 # check 3 variants (start, middle, end)
2436 $hash_out = gen_hash
($mode, $word, $salt, $iter, $idx++);
2438 $len = length $hash_out; # == length $alternative
2440 if (substr ($line, 0, $len) ne $hash_out)
2442 my $alternative = gen_hash
($mode, $word, $salt, $iter, $idx++);
2444 if (substr ($line, 0, $len) ne $alternative)
2446 my $alternative = gen_hash
($mode, $word, $salt, $iter, $idx++);
2448 return unless (substr ($line, 0, $len) eq $alternative);
2452 elsif ($mode == 9400)
2454 $hash_out = gen_hash
($mode, $word, $salt, 50000, $param, $param2);
2456 $len = length $hash_out;
2458 return unless (substr ($line, 0, $len) eq $hash_out);
2460 elsif ($mode == 9500)
2462 $hash_out = gen_hash
($mode, $word, $salt, 100000, $param);
2464 $len = length $hash_out;
2466 return unless (substr ($line, 0, $len) eq $hash_out);
2468 elsif ($mode == 9600)
2470 $hash_out = gen_hash
($mode, $word, $salt, 100000, $param);
2472 $len = length $hash_out;
2474 return unless (substr ($line, 0, $len) eq $hash_out);
2476 elsif ($mode == 9700)
2478 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2);
2480 $len = length $hash_out;
2482 return unless (substr ($line, 0, $len) eq $hash_out);
2484 elsif ($mode == 9800)
2486 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2);
2488 $len = length $hash_out;
2490 return unless (substr ($line, 0, $len) eq $hash_out);
2492 elsif ($mode == 10400)
2494 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2, $param3);
2496 $len = length $hash_out;
2498 return unless (substr ($line, 0, $len) eq $hash_out);
2500 elsif ($mode == 10500)
2502 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2, $param3, $param4, $param5, $param6);
2504 $len = length $hash_out;
2506 return unless (substr ($line, 0, $len) eq $hash_out);
2508 elsif ($mode == 10600)
2510 $hash_out = gen_hash
($mode, $word, $salt, 0, $param);
2512 $len = length $hash_out;
2514 return unless (substr ($line, 0, $len) eq $hash_out);
2516 elsif ($mode == 10700)
2518 $hash_out = gen_hash
($mode, $word, $salt, 0, $param);
2520 $len = length $hash_out;
2522 return unless (substr ($line, 0, $len) eq $hash_out);
2524 elsif ($mode == 10900)
2526 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2528 $len = length $hash_out;
2530 return unless (substr ($line, 0, $len) eq $hash_out);
2532 elsif ($mode == 11100)
2534 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2536 $len = length $hash_out;
2538 return unless (substr ($line, 0, $len) eq $hash_out);
2540 elsif ($mode == 11400)
2542 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param, $param2, $param3, $param4, $param5, $param6, $param7, $param8, $param9, $param10, $param11);
2544 $len = length $hash_out;
2546 return unless (substr ($line, 0, $len) eq $hash_out);
2548 elsif ($mode == 11600)
2550 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param, $param2, $param3, $param4, $param5, $param6);
2552 $len = length $hash_out;
2554 return unless (substr ($line, 0, $len) eq $hash_out);
2556 elsif ($mode == 11900)
2558 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2560 $len = length $hash_out;
2562 return unless (substr ($line, 0, $len) eq $hash_out);
2564 elsif ($mode == 12000)
2566 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2568 $len = length $hash_out;
2570 return unless (substr ($line, 0, $len) eq $hash_out);
2572 elsif ($mode == 12100)
2574 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2576 $len = length $hash_out;
2578 return unless (substr ($line, 0, $len) eq $hash_out);
2580 elsif ($mode == 12200)
2582 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2584 $len = length $hash_out;
2586 return unless (substr ($line, 0, $len) eq $hash_out);
2588 elsif ($mode == 12700)
2590 # this is very special, we can't call gen_hash () because the param part is not always the same
2591 # we only know that it should contain the letters "guid" at the beginning of the decryted string
2593 my $pbkdf2 = Crypt
::PBKDF2
->new (
2594 hash_class
=> 'HMACSHA1',
2599 my $salt_bin = pack ("H*", $salt);
2601 my $key = $pbkdf2->PBKDF2 ($salt_bin, $word);
2603 my $cipher = Crypt
::CBC
->new ({
2605 cipher
=> "Crypt::Rijndael",
2612 my $param_bin = pack ("H*", $param);
2614 my $decrypted = $cipher->decrypt ($param_bin);
2616 my $decrypted_part = substr ($decrypted, 1, 16);
2618 return unless ($decrypted_part =~ /"guid"/);
2620 $hash_out = $hash_in;
2622 elsif ($mode == 12900)
2624 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2626 $len = length $hash_out;
2628 return unless (substr ($line, 0, $len) eq $hash_out);
2630 elsif ($mode == 13000)
2632 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2634 $len = length $hash_out;
2636 return unless (substr ($line, 0, $len) eq $hash_out);
2638 elsif ($mode == 13100)
2640 $hash_out = gen_hash
($mode, $word, $salt);
2642 $len = length $hash_out;
2644 return unless (substr ($line, 0, $len) eq $hash_out);
2646 elsif ($mode == 13200)
2648 $hash_out = gen_hash
($mode, $word, $salt);
2650 $len = length $hash_out;
2652 return unless (substr ($line, 0, $len) eq $hash_out);
2654 elsif ($mode == 13400)
2656 $hash_out = gen_hash
($mode, $word, $salt);
2658 $len = length $hash_out;
2660 return unless (substr ($line, 0, $len) eq $hash_out);
2664 $hash_out = gen_hash
($mode, $word, $salt, $iter);
2666 $len = length $hash_out;
2671 # allow $P$ and $H$ for -m 400
2672 next unless (substr ($line, 3, $len - 3) eq substr ($hash_out, 3));
2674 elsif ($mode == 5600)
2676 # oclHashcat outputs the user name always upper-case, we need
2677 next unless (substr ($line, 0, $len) eq $hash_out);
2681 my $hash_out_lower = lc ($hash_out);
2683 for my $key (keys %{$db})
2685 if (lc ($key) eq $hash_out_lower)
2697 next unless (substr ($line, 0, $len) eq $hash_out);
2701 # do not forget "exists ($db->$hash_out)" should be done above!
2702 $db->{$hash_out} = $word;
2703 print OUT
$line . "\n";
2712 my $mode = shift || 0;
2714 while (my $word_buf = <>)
2718 next if length ($word_buf) > 31;
2726 for (my $i = 0; $i < 256; $i++)
2728 my $c = get_random_chr
(0x30, 0x39);
2730 push (@salt_arr, $c);
2733 my $salt_buf = join ("", @salt_arr);
2741 if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 133 || $mode == 190 || $mode == 200 || $mode == 300 || $mode == 600 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 6000 || $mode == 6100 || $mode == 6900 || $mode == 5700 || $mode == 9900 || $mode == 10800 || $mode == 11500 || $mode == 13300)
2743 $tmp_hash = gen_hash
($mode, $word_buf, "");
2745 elsif ($mode == 10 || $mode == 20 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 120 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1711 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 3610 || $mode == 3710 || $mode == 3711 || $mode == 3720 || $mode == 3800 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 4900 || $mode == 8900 || $mode == 10000 || $mode == 10200 || $mode == 10900 || $mode == 11900 || $mode == 12000 || $mode == 12100)
2747 my $salt_len = get_random_num
(1, 15);
2749 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2751 elsif ($mode == 11 || $mode == 12 || $mode == 7600 || $mode == 12300)
2753 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
2757 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 2));
2761 my $salt_len = get_random_num
(1, 11);
2763 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2765 elsif ($mode == 111 || $mode == 122 || $mode == 131 || $mode == 132 || $mode == 400 || $mode == 500 || $mode == 1600 || $mode == 1722 || $mode == 1731 || $mode == 1800 || $mode == 6300 || $mode == 7900 || $mode == 8100 || $mode == 11100)
2767 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 8));
2769 elsif ($mode == 112)
2771 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 20));
2773 elsif ($mode == 121)
2775 my $salt_len = get_random_num
(1, 9);
2777 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2779 elsif ($mode == 141 || $mode == 1441)
2781 my $salt_len = get_random_num
(1, 15);
2783 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2785 elsif ($mode == 1100)
2787 my $salt_len = get_random_num
(1, 19);
2789 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2791 elsif ($mode == 1500)
2793 next if length ($word_buf) > 8;
2795 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 2));
2797 elsif ($mode == 2100)
2799 next if length ($word_buf) > 13;
2801 my $salt_len = get_random_num
(1, 19);
2803 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2805 elsif ($mode == 2410)
2807 next if length ($word_buf) > 15;
2809 my $salt_len = get_random_num
(1, 15);
2811 my $word_len = length ($word_buf);
2813 $salt_len = min
($salt_len, 15 - $word_len);
2815 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2817 elsif ($mode == 2500)
2819 next if length ($word_buf) < 8;
2821 my $salt_len = get_random_num
(0, 32);
2823 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2825 elsif ($mode == 2611)
2827 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 3));
2829 elsif ($mode == 2612)
2831 my $salt_len = get_random_num
(1, 22);
2833 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2835 elsif ($mode == 2711)
2837 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 30));
2839 elsif ($mode == 2811)
2841 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 5));
2843 elsif ($mode == 3000)
2845 next if length ($word_buf) > 7;
2847 $tmp_hash = gen_hash
($mode, $word_buf, "");
2849 elsif ($mode == 3100)
2851 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 10));
2853 elsif ($mode == 3200 || $mode == 5800 || $mode == 6400 || $mode == 6500 || $mode == 6700 || $mode == 7400 || $mode == 3300 || $mode == 8000 || $mode == 9100 || $mode == 12200)
2855 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 16));
2857 elsif ($mode == 3800 || $mode == 4900)
2859 my $salt_len = get_random_num
(1, 11);
2861 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2863 elsif ($mode == 4800)
2865 $salt_buf = get_random_md5chap_salt
(substr ($salt_buf, 0, 16));
2867 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2869 elsif ($mode == 5300 || $mode == 5400)
2871 $salt_buf = get_random_ike_salt
();
2873 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2875 elsif ($mode == 5500)
2877 my $user_len = get_random_num
(0, 15);
2878 my $domain_len = get_random_num
(0, 15);
2880 $salt_buf = get_random_netntlmv1_salt
($user_len, $domain_len);
2882 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2884 elsif ($mode == 5600)
2886 my $user_len = get_random_num
(0, 15);
2887 my $domain_len = get_random_num
(0, 15);
2889 $salt_buf = get_random_netntlmv2_salt
($user_len, $domain_len);
2891 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2893 elsif ($mode == 6600)
2895 $salt_buf = get_random_agilekeychain_salt
();
2897 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2899 elsif ($mode == 6800)
2901 my $email_len = get_random_num
(1, 15);
2905 for (my $i = 0; $i < $email_len; $i++)
2907 $email .= get_random_chr
(0x61, 0x7a);
2910 $email .= '@trash-mail.com';
2912 $tmp_hash = gen_hash
($mode, $word_buf, $email);
2914 elsif ($mode == 7100)
2916 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 64));
2918 elsif ($mode == 7200)
2920 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 128));
2922 elsif ($mode == 7300)
2924 my $salt_len = get_random_num
(32, 256);
2926 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2928 elsif ($mode == 7500)
2930 $salt_buf = get_random_kerberos5_salt
(substr ($salt_buf, 0, 16));
2932 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2934 elsif ($mode == 7700)
2936 next if length ($word_buf) > 8;
2938 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 12));
2940 elsif ($mode == 7800)
2942 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 12));
2944 elsif ($mode == 8200)
2946 $salt_buf = get_random_cloudkeychain_salt
();
2948 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2950 elsif ($mode == 8300)
2952 $salt_buf = get_random_dnssec_salt
();
2954 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2956 elsif ($mode == 8400 || $mode == 11200)
2958 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 40));
2960 elsif ($mode == 8500)
2962 next if length ($word_buf) > 8;
2964 my $salt_len = get_random_num
(1, 9);
2966 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2968 elsif ($mode == 8600)
2970 next if length ($word_buf) > 16;
2972 $tmp_hash = gen_hash
($mode, $word_buf, "");
2974 elsif ($mode == 8700)
2976 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 5));
2978 elsif ($mode == 9200 || $mode == 9300)
2982 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2984 elsif ($mode == 9400 || $mode == 9500 || $mode == 9600 || $mode == 9700 || $mode == 9800)
2986 next if length ($word_buf) > 19;
2990 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2992 elsif ($mode == 10100)
2994 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
2996 elsif ($mode == 10300)
2998 my $salt_len = get_random_num
(4, 15);
3000 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3002 elsif ($mode == 10400)
3004 next if length ($word_buf) > 31;
3008 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3010 elsif ($mode == 10500)
3012 next if length ($word_buf) > 15;
3016 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3018 elsif ($mode == 10600)
3020 next if length ($word_buf) > 31;
3024 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3026 elsif ($mode == 10700)
3028 next if length ($word_buf) > 15;
3032 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3034 elsif ($mode == 11000)
3036 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 56));
3038 elsif ($mode == 11300)
3040 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 16));
3042 elsif ($mode == 11400)
3044 next if length ($word_buf) > 24;
3046 my $salt_len = get_random_num
(1, 15);
3048 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3050 elsif ($mode == 11600)
3052 my $salt_len = get_random_num
(0, 16);
3054 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3056 elsif ($mode == 12400)
3058 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 4));
3060 elsif ($mode == 12600)
3062 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 64));
3064 elsif ($mode == 12700)
3066 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
3068 elsif ($mode == 12800)
3070 next if length ($word_buf) > 24;
3072 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 20));
3074 elsif ($mode == 12900)
3076 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
3078 elsif ($mode == 13000)
3080 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
3082 elsif ($mode == 13100)
3084 $salt_buf = get_random_kerberos5_tgs_salt
();
3086 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
3088 elsif ($mode == 13200)
3090 $salt_buf = get_random_axcrypt_salt
();
3092 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
3094 elsif ($mode == 13400)
3096 $salt_buf = get_random_keepass_salt
();
3098 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
3102 print "ERROR: Unsupported hash type\n";
3107 print $tmp_hash, "\n";
3120 for (my $j = 0; $j < scalar @modes; $j++)
3122 my $mode = $modes[$j];
3124 if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 133 || $mode == 190 || $mode == 200 || $mode == 300 || $mode == 600 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 5300 || $mode == 5400 || $mode == 6000 || $mode == 6100 || $mode == 6600 || $mode == 6900 || $mode == 5700 || $mode == 8200 || $mode == 8300 || $mode == 9900 || $mode == 10800 || $mode == 11500 || $mode == 13300)
3126 for (my $i = 1; $i < 32; $i++)
3130 rnd
($mode, $len, 0);
3138 elsif ($mode == 10 || $mode == 20 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 120 || $mode == 121 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1711 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 2410 || $mode == 3610 || $mode == 3710 || $mode == 3711 || $mode == 3720 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 8900 || $mode == 10000 || $mode == 10200 || $mode == 10900 || $mode == 11900 || $mode == 12000 || $mode == 12100)
3140 my $salt_len = get_random_num
(1, 15);
3142 for (my $i = 1; $i < 32; $i++)
3146 rnd
($mode, $len, $salt_len);
3150 rnd
($mode, $i, $salt_len);
3154 elsif ($mode == 11 || $mode == 12 || $mode == 7600 || $mode == 12300)
3156 for (my $i = 1; $i < 32; $i++)
3160 rnd
($mode, $len, 32);
3164 rnd
($mode, $i, 32);
3168 elsif ($mode == 21 || $mode == 22)
3170 for (my $i = 1; $i < 32; $i++)
3174 rnd
($mode, $len, 2);
3182 elsif ($mode == 111 || $mode == 122 || $mode == 131 || $mode == 132 || $mode == 400 || $mode == 500 || $mode == 1600 || $mode == 1722 || $mode == 1731 || $mode == 6300 || $mode == 7900 || $mode == 8100 || $mode == 11100)
3184 for (my $i = 1; $i < 32; $i++)
3188 rnd
($mode, $len, 8);
3196 elsif ($mode == 112)
3198 for (my $i = 1; $i < 32; $i++)
3202 rnd
($mode, $len, 20);
3206 rnd
($mode, $i, 20);
3210 elsif ($mode == 141 || $mode == 3300 || $mode == 1441 || $mode == 1800 || $mode == 3200 || $mode == 4800 || $mode == 6400 || $mode == 6500 || $mode == 6700 || $mode == 7400 || $mode == 8000 || $mode == 9100 || $mode == 12200)
3212 for (my $i = 1; $i < 32; $i++)
3216 rnd
($mode, $len, 16);
3220 rnd
($mode, $i, 16);
3226 my $salt_len = get_random_num
(1, 19);
3228 for (my $i = 1; $i < 32; $i++)
3232 rnd
($mode, $len, $salt_len);
3236 rnd
($mode, $i, $salt_len);
3240 elsif ($mode == 1500)
3242 for (my $i = 1; $i < 9; $i++)
3246 rnd
($mode, $len, 2);
3254 elsif ($mode == 2100)
3256 my $salt_len = get_random_num
(1, 19);
3258 for (my $i = 1; $i < 13; $i++)
3262 rnd
($mode, $len, $salt_len);
3266 rnd
($mode, $i, $salt_len);
3270 elsif ($mode == 2500)
3272 my $salt_len = get_random_num
(0, 32);
3274 for (my $i = 8; $i < 16; $i++)
3276 my $generate_from_len = 0;
3285 rnd
($mode, $len, $salt_len);
3289 rnd
($mode, $i, $salt_len);
3293 elsif ($mode == 2611)
3295 for (my $i = 1; $i < 32; $i++)
3299 rnd
($mode, $len, 3);
3307 elsif ($mode == 2612)
3309 my $salt_len = get_random_num
(1, 22);
3311 for (my $i = 1; $i < 32; $i++)
3315 rnd
($mode, $len, $salt_len);
3319 rnd
($mode, $i, $salt_len);
3323 elsif ($mode == 2711)
3325 for (my $i = 1; $i < 32; $i++)
3329 rnd
($mode, $len, 30);
3333 rnd
($mode, $i, 30);
3337 elsif ($mode == 2811)
3339 for (my $i = 1; $i < 32; $i++)
3343 rnd
($mode, $len, 5);
3351 elsif ($mode == 3000)
3353 for (my $i = 1; $i < 8; $i++)
3357 rnd
($mode, $len, 0);
3365 elsif ($mode == 3100)
3367 for (my $i = 1; $i < 32; $i++)
3371 rnd
($mode, $len, 10);
3375 rnd
($mode, $i, 10);
3379 elsif ($mode == 3800 || $mode == 4900)
3381 my $salt_len = get_random_num
(1, 11);
3383 for (my $i = 1; $i < 32; $i++)
3387 rnd
($mode, $len, $salt_len);
3391 rnd
($mode, $i, $salt_len);
3395 elsif ($mode == 5500 || $mode == 5600)
3399 for (my $i = 1; $i < 27; $i++)
3401 $salt_len = get_random_num
(1, 15);
3405 rnd
($mode, $len, $salt_len);
3409 rnd
($mode, $i, $salt_len);
3413 elsif ($mode == 5800)
3415 for (my $i = 1; $i < 14; $i++)
3419 rnd
($mode, $len, 16);
3423 rnd
($mode, $i, 16);
3427 elsif ($mode == 6800)
3429 my $salt_len = get_random_num
(8, 25);
3431 for (my $i = 1; $i < 32; $i++)
3435 rnd
($mode, $len, $salt_len);
3439 rnd
($mode, $i, $salt_len);
3443 elsif ($mode == 7100)
3445 for (my $i = 1; $i < 32; $i++)
3449 rnd
($mode, $len, 64);
3453 rnd
($mode, $i, 64);
3457 elsif ($mode == 7200)
3459 for (my $i = 1; $i < 32; $i++)
3463 rnd
($mode, $len, 128);
3467 rnd
($mode, $i, 128);
3471 elsif ($mode == 7300)
3473 my $salt_len = get_random_num
(32, 255);
3475 for (my $i = 1; $i < 32; $i++)
3479 rnd
($mode, $len, $salt_len);
3483 rnd
($mode, $i, $salt_len);
3487 elsif ($mode == 7500)
3489 for (my $i = 1; $i < 27; $i++)
3493 rnd
($mode, $len, 16);
3497 rnd
($mode, $i, 16);
3501 elsif ($mode == 7700)
3503 my $salt_len = get_random_num
(1, 12);
3505 for (my $i = 1; $i < 9; $i++)
3509 rnd
($mode, $len, $salt_len);
3513 rnd
($mode, $i, $salt_len);
3517 elsif ($mode == 7800)
3519 my $salt_len = get_random_num
(1, 12);
3521 for (my $i = 1; $i < 32; $i++)
3525 rnd
($mode, $len, $salt_len);
3529 rnd
($mode, $i, $salt_len);
3533 elsif ($mode == 8400 || $mode == 11200)
3535 for (my $i = 1; $i < 32; $i++)
3539 rnd
($mode, $len, 40);
3543 rnd
($mode, $i, 40);
3547 elsif ($mode == 8500)
3549 my $salt_len = get_random_num
(1, 8);
3551 for (my $i = 1; $i < 9; $i++)
3555 rnd
($mode, $len, $salt_len);
3559 rnd
($mode, $i, $salt_len);
3563 elsif ($mode == 8600)
3565 for (my $i = 1; $i < 17; $i++)
3569 rnd
($mode, $len, 0);
3577 elsif ($mode == 8700)
3579 for (my $i = 1; $i < 32; $i++)
3583 rnd
($mode, $len, 5);
3591 elsif ($mode == 9200 || $mode == 9300)
3595 for (my $i = 1; $i < 32; $i++)
3599 rnd
($mode, $len, $salt_len);
3603 rnd
($mode, $i, $salt_len);
3607 elsif ($mode == 9400 || $mode == 9500 || $mode == 9600 || $mode == 9700 || $mode == 9800)
3611 for (my $i = 1; $i < 20; $i++)
3615 rnd
($mode, $len, $salt_len);
3619 rnd
($mode, $i, $salt_len);
3623 elsif ($mode == 10100)
3625 for (my $i = 1; $i < 32; $i++)
3629 rnd
($mode, $len, 32);
3633 rnd
($mode, $i, 32);
3637 elsif ($mode == 10300)
3639 my $salt_len = get_random_num
(4, 15);
3641 for (my $i = 1; $i < 32; $i++)
3645 rnd
($mode, $len, $salt_len);
3649 rnd
($mode, $i, $salt_len);
3653 elsif ($mode == 10400 || $mode == 10600)
3657 for (my $i = 1; $i < 32; $i++)
3661 rnd
($mode, $len, $salt_len);
3665 rnd
($mode, $i, $salt_len);
3669 elsif ($mode == 10500 || $mode == 10700)
3673 for (my $i = 1; $i < 16; $i++)
3677 rnd
($mode, $len, $salt_len);
3681 rnd
($mode, $i, $salt_len);
3685 elsif ($mode == 11000)
3687 for (my $i = 1; $i < 32; $i++)
3691 rnd
($mode, $len, 56);
3695 rnd
($mode, $i, 56);
3699 elsif ($mode == 11300)
3701 for (my $i = 1; $i < 32; $i++)
3705 rnd
($mode, $len, 16);
3709 rnd
($mode, $i, 16);
3713 elsif ($mode == 11400)
3715 for (my $i = 1; $i < 24; $i++)
3719 rnd
($mode, $len, 16);
3723 rnd
($mode, $i, 16);
3727 elsif ($mode == 11600)
3729 my $salt_len = get_random_num
(0, 16);
3731 for (my $i = 1; $i < 32; $i++)
3735 rnd
($mode, $len, $salt_len);
3739 rnd
($mode, $i, $salt_len);
3743 elsif ($mode == 12400)
3745 for (my $i = 1; $i < 32; $i++)
3749 rnd
($mode, $len, 4);
3757 elsif ($mode == 12600)
3759 for (my $i = 1; $i < 32; $i++)
3763 rnd
($mode, $len, 64);
3767 rnd
($mode, $i, 64);
3771 elsif ($mode == 12700)
3773 for (my $i = 1; $i < 32; $i++)
3777 rnd
($mode, $len, 32);
3781 rnd
($mode, $i, 32);
3785 elsif ($mode == 12800)
3787 for (my $i = 1; $i < 25; $i++)
3791 rnd
($mode, $len, 20);
3795 rnd
($mode, $i, 20);
3799 elsif ($mode == 12900)
3801 for (my $i = 1; $i < 32; $i++)
3805 rnd
($mode, $len, 32);
3809 rnd
($mode, $i, 32);
3813 elsif ($mode == 13000)
3815 for (my $i = 1; $i < 32; $i++)
3819 rnd
($mode, $len, 32);
3823 rnd
($mode, $i, 32);
3827 elsif ($mode == 13100)
3829 for (my $i = 1; $i < 27; $i++)
3833 rnd
($mode, $len, 16);
3837 rnd
($mode, $i, 16);
3841 elsif ($mode == 13200)
3843 for (my $i = 1; $i < 32; $i++)
3847 rnd
($mode, $len, 32);
3851 rnd
($mode, $i, 32);
3855 elsif ($mode == 13400)
3857 for (my $i = 1; $i < 16; $i++)
3861 rnd
($mode, $len, 16);
3865 rnd
($mode, $i, 16);
3878 my $word_buf = shift;
3880 my $salt_buf = shift;
3884 my $additional_param = shift;
3886 my $additional_param2 = shift;
3888 my $additional_param3 = shift;
3890 my $additional_param4 = shift;
3892 my $additional_param5 = shift;
3894 my $additional_param6 = shift;
3896 my $additional_param7 = shift;
3898 my $additional_param8 = shift;
3900 my $additional_param9 = shift;
3902 my $additional_param10 = shift;
3904 my $additional_param11 = shift;
3916 $hash_buf = md5_hex
($word_buf);
3918 $tmp_hash = sprintf ("%s", $hash_buf);
3922 $hash_buf = md5_hex
($word_buf . $salt_buf);
3924 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3928 $hash_buf = md5_hex
($word_buf . $salt_buf);
3930 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3934 $hash_buf = md5_hex
($word_buf . $salt_buf);
3936 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3940 $hash_buf = md5_hex
($salt_buf . $word_buf);
3942 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3946 $hash_buf = md5_hex
($salt_buf . $word_buf);
3948 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3952 my $itoa64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
3953 my $salt_suffix = "Administration Tools";
3955 my $pass = sprintf ("%s:%s:%s", $salt_buf, $salt_suffix, $word_buf);
3957 $hash_buf = md5
($pass);
3961 for (my $pos = 0; $pos < 16; $pos += 2)
3963 my $octet1 = ord (substr ($hash_buf, $pos + 0, 1));
3964 my $octet2 = ord (substr ($hash_buf, $pos + 1, 1));
3966 my $num = ($octet1 <<8 & 0xff00) | ($octet2 & 0xff);
3968 my $idx1 = $num >> 12 & 0x0f;
3969 my $idx2 = $num >> 6 & 0x3f;
3970 my $idx3 = $num & 0x3f;
3972 $res = $res . substr ($itoa64, $idx1, 1) . substr ($itoa64, $idx2, 1) . substr ($itoa64, $idx3, 1);
3975 my $obfuscate_str = "nrcstn";
3976 my @obfuscate_pos = (0, 6, 12, 17, 23, 29);
3978 foreach my $pos (keys @obfuscate_pos)
3980 my $idx = $obfuscate_pos[$pos];
3981 my $before = substr ($res, 0, $idx);
3982 my $char = substr ($obfuscate_str, $pos, 1);
3983 my $after = substr ($res, $idx);
3985 $res = sprintf ("%s%s%s", $before, $char, $after);
3988 $tmp_hash = sprintf ("%s:%s", $res, $salt_buf);
3992 $hash_buf = md5_hex
($salt_buf . "\nskyper\n" . $word_buf);
3994 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3998 $hash_buf = md5_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
4000 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4004 $hash_buf = md5_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
4006 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4010 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&md5
, 64);
4012 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4016 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&md5
, 64);
4018 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4020 elsif ($mode == 100)
4022 $hash_buf = sha1_hex
($word_buf);
4024 $tmp_hash = sprintf ("%s", $hash_buf);
4026 elsif ($mode == 101)
4028 $hash_buf = sha1
($word_buf);
4030 my $base64_buf = encode_base64
($hash_buf);
4032 chomp ($base64_buf);
4034 $tmp_hash = sprintf ("{SHA}%s", $base64_buf);
4036 elsif ($mode == 110)
4038 $hash_buf = sha1_hex
($word_buf . $salt_buf);
4040 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4042 elsif ($mode == 111)
4044 $hash_buf = sha1
($word_buf . $salt_buf);
4046 my $base64_buf = encode_base64
($hash_buf . $salt_buf);
4048 chomp ($base64_buf);
4050 $tmp_hash = sprintf ("{SSHA}%s", $base64_buf);
4052 elsif ($mode == 112)
4054 my $salt_buf_bin = pack ("H*", $salt_buf);
4056 $hash_buf = sha1_hex
($word_buf . $salt_buf_bin);
4058 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4060 elsif ($mode == 120)
4062 $hash_buf = sha1_hex
($salt_buf . $word_buf);
4064 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4066 elsif ($mode == 121)
4068 $hash_buf = sha1_hex
(lc ($salt_buf) . $word_buf);
4070 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4072 elsif ($mode == 122)
4074 my $salt_buf_bin = pack ("H*", $salt_buf);
4076 $hash_buf = sha1_hex
($salt_buf_bin . $word_buf);
4078 $tmp_hash = sprintf ("%s%s", $salt_buf, $hash_buf);
4080 elsif ($mode == 130)
4082 $hash_buf = sha1_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
4084 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4086 elsif ($mode == 131)
4088 my $salt_buf_bin = pack ("H*", $salt_buf);
4090 $hash_buf = sha1_hex
(encode
("UTF-16LE", uc ($word_buf)) . $salt_buf_bin);
4092 $tmp_hash = sprintf ("0x0100%s%s%s", $salt_buf, "0" x
40, $hash_buf);
4094 elsif ($mode == 132)
4096 my $salt_buf_bin = pack ("H*", $salt_buf);
4098 $hash_buf = sha1_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf_bin);
4100 $tmp_hash = sprintf ("0x0100%s%s", $salt_buf, $hash_buf);
4102 elsif ($mode == 133)
4104 $hash_buf = sha1
(encode
("UTF-16LE", $word_buf));
4106 $hash_buf = encode_base64
($hash_buf);
4107 $hash_buf =~ s/[\r\n]//g;
4109 $tmp_hash = sprintf ("%s", $hash_buf);
4111 elsif ($mode == 140)
4113 $hash_buf = sha1_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
4115 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4117 elsif ($mode == 141)
4119 $hash_buf = sha1
($salt_buf . encode
("UTF-16LE", $word_buf));
4121 my $base64_salt_buf = encode_base64
($salt_buf);
4123 chomp ($base64_salt_buf);
4125 my $base64_hash_buf = encode_base64
($hash_buf);
4127 $base64_hash_buf = substr ($base64_hash_buf, 0, 27);
4129 $tmp_hash = sprintf ("\$episerver\$*0*%s*%s", $base64_salt_buf, $base64_hash_buf);
4131 elsif ($mode == 150)
4133 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha1
, 64);
4135 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4137 elsif ($mode == 160)
4139 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&sha1
, 64);
4141 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4143 elsif ($mode == 190)
4145 $hash_buf = sha1_hex
($word_buf);
4147 my $variant = int (rand (2));
4149 if (defined ($additional_param))
4151 $variant = $additional_param;
4156 substr ($hash_buf, 0, 5) = "00000";
4159 $tmp_hash = sprintf ("%s", $hash_buf);
4161 elsif ($mode == 200)
4163 my $ppr = Authen
::Passphrase
::MySQL323
->new (passphrase
=> $word_buf);
4165 $hash_buf = $ppr->hash_hex;
4167 $tmp_hash = sprintf ("%s", $hash_buf);
4169 elsif ($mode == 300)
4171 $hash_buf = substr (password41
($word_buf), 1);
4173 $hash_buf = lc ($hash_buf); # useful for 'not matched' check only
4175 $tmp_hash = sprintf ("%s", $hash_buf);
4177 elsif ($mode == 400)
4186 my $ppr = Authen
::Passphrase
::PHPass
->new
4190 passphrase
=> $word_buf,
4193 $hash_buf = $ppr->as_rfc2307;
4195 $tmp_hash = sprintf ("%s", substr ($hash_buf, 7));
4197 elsif ($mode == 500)
4199 my $iterations = 1000;
4201 if (defined ($iter))
4205 $iterations = int ($iter);
4209 $hash_buf = md5_crypt
('$1$', $iterations, $word_buf, $salt_buf);
4211 $tmp_hash = sprintf ("%s", $hash_buf);
4213 elsif ($mode == 900)
4215 $hash_buf = md4_hex
($word_buf);
4217 $tmp_hash = sprintf ("%s", $hash_buf);
4219 elsif ($mode == 1000)
4221 $hash_buf = md4_hex
(encode
("UTF-16LE", $word_buf));
4223 $tmp_hash = sprintf ("%s", $hash_buf);
4225 elsif ($mode == 1100)
4227 $hash_buf = md4_hex
(md4
(encode
("UTF-16LE", $word_buf)) . encode
("UTF-16LE", lc ($salt_buf)));
4229 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4231 elsif ($mode == 1400)
4233 $hash_buf = sha256_hex
($word_buf);
4235 $tmp_hash = sprintf ("%s", $hash_buf);
4237 elsif ($mode == 1410)
4239 $hash_buf = sha256_hex
($word_buf . $salt_buf);
4241 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4243 elsif ($mode == 1420)
4245 $hash_buf = sha256_hex
($salt_buf . $word_buf);
4247 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4249 elsif ($mode == 1430)
4251 $hash_buf = sha256_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
4253 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4255 elsif ($mode == 1440)
4257 $hash_buf = sha256_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
4259 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4261 elsif ($mode == 1441)
4263 $hash_buf = sha256
($salt_buf . encode
("UTF-16LE", $word_buf));
4265 my $base64_salt_buf = encode_base64
($salt_buf);
4267 chomp ($base64_salt_buf);
4269 my $base64_hash_buf = encode_base64
($hash_buf);
4271 chomp ($base64_hash_buf);
4273 $base64_hash_buf = substr ($base64_hash_buf, 0, 43);
4275 $tmp_hash = sprintf ("\$episerver\$*1*%s*%s", $base64_salt_buf, $base64_hash_buf);
4277 elsif ($mode == 1450)
4279 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha256
, 64);
4281 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4283 elsif ($mode == 1460)
4285 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&sha256
, 64);
4287 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4289 elsif ($mode == 1500)
4291 $hash_buf = crypt ($word_buf, $salt_buf);
4293 $tmp_hash = sprintf ("%s", $hash_buf);
4295 elsif ($mode == 1600)
4297 my $iterations = 1000;
4299 if (defined ($iter))
4303 $iterations = int ($iter);
4307 $hash_buf = md5_crypt
('$apr1$', $iterations, $word_buf, $salt_buf);
4309 $tmp_hash = sprintf ("%s", $hash_buf);
4311 elsif ($mode == 1700)
4313 $hash_buf = sha512_hex
($word_buf);
4315 $tmp_hash = sprintf ("%s", $hash_buf);
4317 elsif ($mode == 1710)
4319 $hash_buf = sha512_hex
($word_buf . $salt_buf);
4321 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4323 elsif ($mode == 1711)
4325 $hash_buf = sha512_hex
($word_buf . $salt_buf);
4327 my $base64_buf = encode_base64
(pack ("H*", $hash_buf) . $salt_buf);
4329 $base64_buf =~ s/[ \n]//g;
4331 $tmp_hash = sprintf ("{SSHA512}%s", $base64_buf);
4333 elsif ($mode == 1720)
4335 $hash_buf = sha512_hex
($salt_buf . $word_buf);
4337 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4339 elsif ($mode == 1730)
4341 $hash_buf = sha512_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
4343 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4345 elsif ($mode == 1740)
4347 $hash_buf = sha512_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
4349 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4351 elsif ($mode == 1722)
4353 my $salt_buf_bin = pack ("H*", $salt_buf);
4355 $hash_buf = sha512_hex
($salt_buf_bin . $word_buf);
4357 $tmp_hash = sprintf ("%s%s", $salt_buf, $hash_buf);
4359 elsif ($mode == 1731)
4361 my $salt_buf_bin = pack ("H*", $salt_buf);
4363 $hash_buf = sha512_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf_bin);
4365 $tmp_hash = sprintf ("0x0200%s%s", $salt_buf, $hash_buf);
4367 elsif ($mode == 1750)
4369 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha512
, 128);
4371 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4373 elsif ($mode == 1760)
4375 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&sha512
, 128);
4377 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4379 elsif ($mode == 1800)
4381 my $iterations = 5000;
4383 if (defined ($iter))
4387 $iterations = int ($iter);
4391 $hash_buf = sha512_crypt
($iterations, $word_buf, $salt_buf);
4393 $tmp_hash = sprintf ("%s", $hash_buf);
4395 elsif ($mode == 2100)
4397 my $iterations = 10240;
4401 $iterations = int ($iter);
4404 my $salt = encode
("UTF-16LE", lc ($salt_buf));
4406 my $pbkdf2 = Crypt
::PBKDF2
->new
4408 hash_class
=> 'HMACSHA1',
4409 iterations
=> $iterations,
4411 salt_len
=> length ($salt),
4414 $hash_buf = unpack ("H*", $pbkdf2->PBKDF2 ($salt, md4
(md4
(encode
("UTF-16LE", $word_buf)) . $salt)));
4416 $tmp_hash = sprintf ("\$DCC2\$%i#%s#%s", $iterations, $salt_buf, $hash_buf);
4418 elsif ($mode == 2400)
4420 $tmp_hash = sprintf ("%s", pseudo_base64
(Digest
::MD5
::md5
($word_buf . "\0" x
(16 - length ($word_buf)))));
4422 elsif ($mode == 2410)
4424 my $salt_len = length ($salt_buf);
4426 my $salt_len_max4 = ($salt_len < 4) ?
$salt_len : 4;
4428 my $hash_buf = pseudo_base64
(Digest
::MD5
::md5
($word_buf . substr ($salt_buf, 0, $salt_len_max4) . "\0" x
(16 - length ($word_buf) - $salt_len_max4)));
4430 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4432 elsif ($mode == 2500)
4434 my ($bssid, $stmac, $snonce, $anonce, $eapol, $keyver, $eapol_size);
4436 if (! defined ($additional_param))
4440 $bssid = randbytes
(6);
4441 $stmac = randbytes
(6);
4442 $snonce = randbytes
(32);
4443 $anonce = randbytes
(32);
4445 $keyver = get_random_num
(1, 3); # 1 or 2
4448 # should be "validly" generated, but in theory could be anything for us also:
4449 # $eapol = "\x00" x 121; # works too, but let's generate it correctly
4451 $eapol = gen_random_wpa_eapol
($keyver, $snonce);
4455 $bssid = $additional_param;
4456 $stmac = $additional_param2;
4457 $snonce = $additional_param3;
4458 $anonce = $additional_param4;
4459 $keyver = $additional_param5;
4460 $eapol = $additional_param6;
4463 $eapol_size = length ($eapol);
4467 my $iterations = 4096;
4473 # generate the Pairwise Master Key (PMK)
4475 my $pbkdf2 = Crypt
::PBKDF2
->new
4477 hash_class
=> 'HMACSHA1',
4478 iterations
=> $iterations,
4482 my $pmk = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
4484 # Pairwise Transient Key (PTK) transformation
4486 my $ptk = wpa_prf_512
($pmk, $stmac, $bssid, $snonce, $anonce);
4488 # generate the Message Integrity Code (MIC)
4492 if ($keyver == 1) # WPA1 => MD5
4494 $mic = hmac
($eapol, $ptk, \
&md5
);
4498 $mic = hmac
($eapol, $ptk, \
&sha1
);
4501 $mic = substr ($mic, 0, 16);
4504 # format the binary output
4509 # first the essid (NULL-padded up to the first 36 bytes)
4511 $hash_buf .= $salt_buf;
4512 $hash_buf .= "\x00" x
(36 - length ($salt_buf));
4514 # the 2 MAC addresses
4516 $hash_buf .= $bssid;
4517 $hash_buf .= $stmac;
4521 $hash_buf .= $snonce;
4522 $hash_buf .= $anonce;
4526 $hash_buf .= $eapol;
4527 $hash_buf .= "\x00" x
(256 - $eapol_size);
4531 $hash_buf .= pack ("L*", $eapol_size);
4535 $hash_buf .= pack ("L*", $keyver);
4537 # and finally: the key mic
4541 # base64 encode the output
4543 $tmp_hash = encode_base64
($hash_buf, '');
4545 elsif ($mode == 2600)
4547 $hash_buf = md5_hex
(md5_hex
($word_buf));
4549 $tmp_hash = sprintf ("%s", $hash_buf);
4551 elsif ($mode == 2611)
4553 $hash_buf = md5_hex
(md5_hex
($word_buf) . $salt_buf);
4555 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4557 elsif ($mode == 2612)
4559 my $salt_buf_hex = unpack ("H*", $salt_buf);
4561 $hash_buf = md5_hex
(md5_hex
($word_buf) . $salt_buf);
4563 $tmp_hash = sprintf ("\$PHPS\$%s\$%s", $salt_buf_hex, $hash_buf);
4565 elsif ($mode == 2711)
4567 $hash_buf = md5_hex
(md5_hex
($word_buf) . $salt_buf);
4569 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4571 elsif ($mode == 2811)
4573 $hash_buf = md5_hex
(md5_hex
($salt_buf) . md5_hex
($word_buf));
4575 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4577 elsif ($mode == 3000)
4579 my $ppr = Authen
::Passphrase
::LANManager
->new ("passphrase" => $word_buf);
4581 $hash_buf = $ppr->hash_hex;
4583 $tmp_hash = sprintf ("%s", substr ($hash_buf, 0, 16));
4585 elsif ($mode == 3100)
4587 $hash_buf = oracle_hash
($salt_buf, $word_buf);
4589 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4591 elsif ($mode == 3200)
4600 $tmp_hash = bcrypt
($word_buf, sprintf ('$2a$%s$%s$', $cost, en_base64
($salt_buf)));
4602 elsif ($mode == 3300)
4604 my $iterations = 904;
4608 $iterations = int ($iter);
4613 if (defined ($additional_param))
4615 $variant = $additional_param;
4618 my $prefix = sprintf ("\$md5%srounds=%i\$%s", $variant, $iterations, $salt_buf);
4620 $iterations += 4096;
4622 $hash_buf = sun_md5
($word_buf, $prefix, $iterations);
4624 $tmp_hash = sprintf ("%s\$%s", $prefix, $hash_buf);
4626 elsif ($mode == 3500)
4628 $hash_buf = md5_hex
(md5_hex
(md5_hex
($word_buf)));
4630 $tmp_hash = sprintf ("%s", $hash_buf);
4632 elsif ($mode == 3610)
4634 $hash_buf = md5_hex
(md5_hex
($salt_buf) . $word_buf);
4636 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4638 elsif ($mode == 3710)
4640 $hash_buf = md5_hex
($salt_buf . md5_hex
($word_buf));
4642 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4644 elsif ($mode == 3711)
4646 $hash_buf = md5_hex
($salt_buf . "-" . md5_hex
($word_buf));
4648 $tmp_hash = sprintf ("\$B\$%s\$%s", $salt_buf, $hash_buf);
4650 elsif ($mode == 3720)
4652 $hash_buf = md5_hex
($word_buf . md5_hex
($salt_buf));
4654 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4656 elsif ($mode == 3800)
4658 $hash_buf = md5_hex
($salt_buf . $word_buf . $salt_buf);
4660 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4662 elsif ($mode == 3910)
4664 $hash_buf = md5_hex
(md5_hex
($word_buf) . md5_hex
($salt_buf));
4666 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4668 elsif ($mode == 4010)
4670 $hash_buf = md5_hex
($salt_buf . md5_hex
($salt_buf . $word_buf));
4672 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4674 elsif ($mode == 4110)
4676 $hash_buf = md5_hex
($salt_buf . md5_hex
($word_buf . $salt_buf));
4678 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4680 elsif ($mode == 4210)
4682 $hash_buf = md5_hex
($salt_buf . "\x00" . $word_buf);
4684 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4686 elsif ($mode == 4300)
4688 $hash_buf = md5_hex
(uc (md5_hex
($word_buf)));
4690 $tmp_hash = sprintf ("%s", $hash_buf);
4692 elsif ($mode == 4400)
4694 $hash_buf = md5_hex
(sha1_hex
($word_buf));
4696 $tmp_hash = sprintf ("%s", $hash_buf);
4698 elsif ($mode == 4500)
4700 $hash_buf = sha1_hex
(sha1_hex
($word_buf));
4702 $tmp_hash = sprintf ("%s", $hash_buf);
4704 elsif ($mode == 4600)
4706 $hash_buf = sha1_hex
(sha1_hex
(sha1_hex
($word_buf)));
4708 $tmp_hash = sprintf ("%s", $hash_buf);
4710 elsif ($mode == 4700)
4712 $hash_buf = sha1_hex
(md5_hex
($word_buf));
4714 $tmp_hash = sprintf ("%s", $hash_buf);
4716 elsif ($mode == 4800)
4718 my $index = rindex ($salt_buf, ":");
4720 my $salt = substr ($salt_buf, 0, $index);
4721 my $salt_bin = pack ("H*", $salt);
4722 my $chap_sign = substr ($salt_buf, $index + 1);
4723 my $chap_sign_bin = pack ("H*", $chap_sign);
4725 $hash_buf = md5_hex
($chap_sign_bin . $word_buf . $salt_bin);
4727 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4729 elsif ($mode == 4900)
4731 $hash_buf = sha1_hex
($salt_buf . $word_buf . $salt_buf);
4733 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4735 elsif ($mode == 5000)
4737 $hash_buf = keccak_256_hex
($word_buf);
4739 $tmp_hash = sprintf ("%s", $hash_buf);
4741 elsif ($mode == 5100)
4745 if (! defined ($additional_param))
4751 $pos = $additional_param * 8 unless ($additional_param > 2);
4754 $hash_buf = md5_hex
($word_buf);
4756 $tmp_hash = sprintf ("%s", substr ($hash_buf, $pos, 16));
4758 elsif ($mode == 5300)
4760 my @salt_arr = split (":", $salt_buf);
4762 my $msg_buf = pack ("H*", $salt_arr[0] . $salt_arr[1] . $salt_arr[2] . $salt_arr[3] . $salt_arr[4] . $salt_arr[5]);
4763 my $nr_buf = pack ("H*", $salt_arr[6] . $salt_arr[7]);
4765 my $hash_buf = hmac
($nr_buf , $word_buf, \
&md5
, 64);
4766 $hash_buf = hmac_hex
($msg_buf, $hash_buf, \
&md5
, 64);
4768 $tmp_hash = sprintf ("%s:%s", $salt_buf, $hash_buf);
4770 elsif ($mode == 5400)
4772 my @salt_arr = split (":", $salt_buf);
4774 my $msg_buf = pack ("H*", $salt_arr[0] . $salt_arr[1] . $salt_arr[2] . $salt_arr[3] . $salt_arr[4] . $salt_arr[5]);
4775 my $nr_buf = pack ("H*", $salt_arr[6] . $salt_arr[7]);
4777 my $hash_buf = hmac
($nr_buf , $word_buf, \
&sha1
, 64);
4778 $hash_buf = hmac_hex
($msg_buf, $hash_buf, \
&sha1
, 64);
4780 $tmp_hash = sprintf ("%s:%s", $salt_buf, $hash_buf);
4782 elsif ($mode == 5500)
4784 my $index1 = index ($salt_buf, "::");
4785 my $user = substr ($salt_buf, 0, $index1);
4787 my $index2 = index ($salt_buf, ":", $index1 + 2);
4788 my $domain = substr ($salt_buf, $index1 + 2, $index2 - $index1 - 2);
4790 my $len = length (substr ($salt_buf, $index2 + 1));
4792 my $c_challenge_hex;
4796 $c_challenge_hex = substr ($salt_buf, $index2 + 1, 48);
4801 $c_challenge_hex = substr ($salt_buf, $index2 + 1, 16);
4802 $c_challenge_hex .= 00 x
32;
4805 my $c_challenge = pack ("H*", substr ($c_challenge_hex, 0, 16));
4806 my $s_challenge_hex = substr ($salt_buf, $index2 + 17, 16);
4807 my $s_challenge = pack ("H*", $s_challenge_hex);
4809 my $challenge = substr (md5
($s_challenge . $c_challenge), 0, 8);
4813 my $nthash = Authen
::Passphrase
::NTHash
->new (passphrase
=> $word_buf)->hash . "\x00" x
5;
4815 $ntresp .= Crypt
::ECB
::encrypt
(setup_des_key
(substr ($nthash, 0, 7)), "DES", $challenge, PADDING_NONE
);
4816 $ntresp .= Crypt
::ECB
::encrypt
(setup_des_key
(substr ($nthash, 7, 7)), "DES", $challenge, PADDING_NONE
);
4817 $ntresp .= Crypt
::ECB
::encrypt
(setup_des_key
(substr ($nthash, 14, 7)), "DES", $challenge, PADDING_NONE
);
4819 $tmp_hash = sprintf ("%s::%s:%s:%s:%s", $user, $domain, $c_challenge_hex, unpack ("H*", $ntresp), $s_challenge_hex);
4821 elsif ($mode == 5600)
4823 my $index1 = index ($salt_buf, "::");
4824 my $user = substr ($salt_buf, 0, $index1);
4826 my $index2 = index ($salt_buf, ":", $index1 + 2);
4827 my $domain = substr ($salt_buf, $index1 + 2, $index2 - $index1 - 2);
4829 my $s_challenge_hex = substr ($salt_buf, $index2 + 1, 16);
4830 my $s_challenge = pack ("H*", $s_challenge_hex);
4832 my $temp_hex = substr ($salt_buf, $index2 + 17);
4833 my $temp = pack ("H*", $temp_hex);
4835 my $nthash = Authen
::Passphrase
::NTHash
->new (passphrase
=> $word_buf)->hash;
4836 my $identity = Encode
::encode
("UTF-16LE", uc ($user) . $domain);
4838 $hash_buf = hmac_hex
($s_challenge . $temp, hmac
($identity, $nthash, \
&md5
, 64), \
&md5
, 64);
4840 $tmp_hash = sprintf ("%s::%s:%s:%s:%s", $user, $domain, $s_challenge_hex, $hash_buf, $temp_hex);
4842 elsif ($mode == 5700)
4844 $hash_buf = sha256
($word_buf);
4846 my $base64_buf = encode_base64
($hash_buf);
4850 for (my $i = 0; $i < 43; $i++)
4852 $tmp_hash .= $CISCO_BASE64_MAPPING->{substr ($base64_buf, $i, 1)};
4855 elsif ($mode == 5800)
4857 $hash_buf = androidpin_hash
($word_buf, $salt_buf);
4859 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4861 elsif ($mode == 6000)
4863 $hash_buf = ripemd160_hex
($word_buf);
4865 $tmp_hash = sprintf ("%s", $hash_buf);
4867 elsif ($mode == 6100)
4869 $hash_buf = whirlpool_hex
($word_buf);
4871 $tmp_hash = sprintf ("%s", $hash_buf);
4873 elsif ($mode == 6300)
4875 my $iterations = 1000; # hard coded by the AIX format
4877 $hash_buf = md5_crypt
('', $iterations, $word_buf, $salt_buf);
4879 $tmp_hash = sprintf ("{smd5}%s", $hash_buf);
4881 elsif ($mode == 6400)
4883 my $iterations = 64;
4887 $iterations = 1 << int ($iter);
4890 $hash_buf = aix_ssha256_pbkdf2
($word_buf, $salt_buf, $iterations);
4892 $tmp_hash = sprintf ("{ssha256}%02i\$%s\$%s", log ($iterations) / log (2), $salt_buf, $hash_buf);
4894 elsif ($mode == 6500)
4896 my $iterations = 64;
4900 $iterations = 1 << int ($iter);
4903 $hash_buf = aix_ssha512_pbkdf2
($word_buf, $salt_buf, $iterations);
4905 $tmp_hash = sprintf ("{ssha512}%02i\$%s\$%s", log ($iterations) / log (2), $salt_buf, $hash_buf);
4907 elsif ($mode == 6600)
4909 my $iterations = 1000;
4913 $iterations = int ($iter);
4916 my $salt_hex = substr ($salt_buf, 0, 16);
4917 my $salt = pack ("H*", $salt_hex);
4919 my $prefix = substr ($salt_buf, 16, 2016);
4921 my $iv_hex = substr ($salt_buf, 2032);
4922 my $iv = pack ("H*", $iv_hex);
4924 my $data = pack ("H*", "10101010101010101010101010101010");
4926 my $hasher = Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA1');
4928 my $pbkdf2 = Crypt
::PBKDF2
->new (
4930 iterations
=> $iterations,
4934 my $key = $pbkdf2->PBKDF2 ($salt, $word_buf);
4936 my $cipher = Crypt
::CBC
->new ({
4938 cipher
=> "Crypt::Rijndael",
4945 my $encrypted = unpack ("H*", $cipher->encrypt ($data));
4947 $hash_buf = substr ($encrypted, 0, 32);
4949 $tmp_hash = sprintf ("%i:%s:%s%s%s", $iterations, $salt_hex, $prefix, $iv_hex, $hash_buf);
4951 elsif ($mode == 6700)
4953 my $iterations = 64;
4957 $iterations = 1 << int ($iter);
4960 $hash_buf = aix_ssha1_pbkdf2
($word_buf, $salt_buf, $iterations);
4962 $tmp_hash = sprintf ("{ssha1}%02i\$%s\$%s", log ($iterations) / log (2), $salt_buf, $hash_buf);
4964 elsif ($mode == 6800)
4966 my $variant = $additional_param;
4968 if (! defined ($variant))
4970 $variant = int (rand (2));
4973 my $iterations = 500;
4977 $iterations = int ($iter);
4980 my $iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
4982 my $hasher = Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256);
4984 my $pbkdf2 = Crypt
::PBKDF2
->new (
4986 iterations
=> $iterations,
4990 my $key = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
4992 my $cipher = Crypt
::CBC
->new ({
4994 cipher
=> "Crypt::Rijndael",
5003 my $encrypt = $cipher->encrypt (substr ($salt_buf, 0, 16));
5005 $hash_buf = substr (unpack ("H*", $encrypt), 0, 32);
5009 my $verifier = "lastpass rocks\x02\x02";
5011 $hash_buf = unpack ("H*", substr ($cipher->encrypt ($verifier), 0, 16));
5014 $tmp_hash = sprintf ("%s:%i:%s", $hash_buf, $iterations, $salt_buf);
5016 elsif ($mode == 6900)
5018 $hash_buf = gost_hex
($word_buf);
5020 $tmp_hash = sprintf ("%s", $hash_buf);
5022 elsif ($mode == 7100)
5024 my $iterations = 1024;
5028 $iterations = int ($iter);
5031 my $pbkdf2 = Crypt
::PBKDF2
->new
5033 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 512),
5034 iterations
=> $iterations
5037 $hash_buf = unpack ("H*", $pbkdf2->PBKDF2 (pack ("H*", $salt_buf), $word_buf));
5039 $tmp_hash = sprintf ("\$ml\$%i\$%s\$%0128s", $iterations, $salt_buf, $hash_buf);
5041 elsif ($mode == 7200)
5043 my $iterations = 1024;
5047 $iterations = int ($iter);
5050 my $pbkdf2 = Crypt
::PBKDF2
->new (
5051 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 512),
5052 iterations
=> $iterations
5055 $hash_buf = unpack ("H*", $pbkdf2->PBKDF2 (pack ("H*", $salt_buf), $word_buf));
5057 $tmp_hash = sprintf ("grub.pbkdf2.sha512.%i.%s.%0128s", $iterations, $salt_buf, $hash_buf);
5059 elsif ($mode == 7300)
5061 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha1
);
5063 $tmp_hash = sprintf ("%s:%s", unpack ("H*", $salt_buf), $hash_buf);
5065 elsif ($mode == 7400)
5067 my $iterations = 5000;
5069 if (defined ($iter))
5073 $iterations = int ($iter);
5077 $hash_buf = sha256_crypt
($iterations, $word_buf, $salt_buf);
5079 $tmp_hash = sprintf ("%s", $hash_buf);
5081 elsif ($mode == 7500)
5083 my @salt_arr = split ("\\\$", $salt_buf);
5085 my $user = $salt_arr[0];
5087 my $realm = $salt_arr[1];
5089 my $salt = $salt_arr[2];
5091 my $hmac_salt = $salt_arr[3];
5092 my $hmac_salt_bin = pack ("H*", $hmac_salt);
5094 my $clear_data = $salt_arr[4];
5096 my $k = md4
(encode
("UTF-16LE", $word_buf));
5098 my $k1 = hmac_md5
("\x01\x00\x00\x00", $k);
5100 my $k3 = hmac_md5
($hmac_salt_bin, $k1);
5102 if (length ($clear_data) > 1)
5104 my $clear_data_bin = pack ("H*", $clear_data);
5106 $hash_buf = RC4
($k3, $clear_data_bin);
5110 my $hash = $salt_arr[5];
5112 my $hash_bin = pack ("H*", $hash);
5114 my $clear_data = RC4
($k3, $hash_bin);
5116 my $timestamp = substr ($clear_data, 14, 14);
5121 if ($timestamp !~ /^[[:digit:]]{14}$/)
5128 $hash_buf = "\x00" x
36;
5130 if ($hash_buf eq $hash_bin)
5132 $hash_buf = "\x01" x
36;
5137 $hash_buf = $hash_bin;
5141 $tmp_hash = sprintf ("\$krb5pa\$23\$%s\$%s\$%s\$%s%s", $user, $realm, $salt, unpack ("H*", $hash_buf), $hmac_salt);
5143 elsif ($mode == 7600)
5145 $hash_buf = sha1_hex
($salt_buf . sha1_hex
($word_buf));
5147 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
5149 elsif ($mode == 7700)
5151 $word_buf = uc $word_buf;
5152 $salt_buf = uc $salt_buf;
5154 my $word_buf_t = sapb_transcode
($word_buf);
5155 my $salt_buf_t = sapb_transcode
($salt_buf);
5157 my $digest1 = md5
($word_buf_t . $salt_buf_t);
5159 my $data = sapb_waldorf
($digest1, $word_buf_t, $salt_buf_t);
5161 my $digest2 = md5
($data);
5163 my ($a, $b, $c, $d) = unpack ("N4", $digest2);
5168 $tmp_hash = sprintf ("%s\$%08X%08X", $salt_buf, $a, $b);
5170 elsif ($mode == 7800)
5172 my $theMagicArray_s =
5173 "\x91\xac\x51\x14\x9f\x67\x54\x43\x24\xe7\x3b\xe0\x28\x74\x7b\xc2" .
5174 "\x86\x33\x13\xeb\x5a\x4f\xcb\x5c\x08\x0a\x73\x37\x0e\x5d\x1c\x2f" .
5175 "\x33\x8f\xe6\xe5\xf8\x9b\xae\xdd\x16\xf2\x4b\x8d\x2c\xe1\xd4\xdc" .
5176 "\xb0\xcb\xdf\x9d\xd4\x70\x6d\x17\xf9\x4d\x42\x3f\x9b\x1b\x11\x94" .
5177 "\x9f\x5b\xc1\x9b\x06\x05\x9d\x03\x9d\x5e\x13\x8a\x1e\x9a\x6a\xe8" .
5178 "\xd9\x7c\x14\x17\x58\xc7\x2a\xf6\xa1\x99\x63\x0a\xd7\xfd\x70\xc3" .
5179 "\xf6\x5e\x74\x13\x03\xc9\x0b\x04\x26\x98\xf7\x26\x8a\x92\x93\x25" .
5180 "\xb0\xa2\x0d\x23\xed\x63\x79\x6d\x13\x32\xfa\x3c\x35\x02\x9a\xa3" .
5181 "\xb3\xdd\x8e\x0a\x24\xbf\x51\xc3\x7c\xcd\x55\x9f\x37\xaf\x94\x4c" .
5182 "\x29\x08\x52\x82\xb2\x3b\x4e\x37\x9f\x17\x07\x91\x11\x3b\xfd\xcd";
5184 $salt_buf = uc $salt_buf;
5186 my $digest = sha1
($word_buf . $salt_buf);
5188 my ($a, $b, $c, $d, $e) = unpack ("I*", $digest);
5190 my $lengthMagicArray = 0x20;
5191 my $offsetMagicArray = 0;
5193 $lengthMagicArray += (($a >> 0) & 0xff) % 6;
5194 $lengthMagicArray += (($a >> 8) & 0xff) % 6;
5195 $lengthMagicArray += (($a >> 16) & 0xff) % 6;
5196 $lengthMagicArray += (($a >> 24) & 0xff) % 6;
5197 $lengthMagicArray += (($b >> 0) & 0xff) % 6;
5198 $lengthMagicArray += (($b >> 8) & 0xff) % 6;
5199 $lengthMagicArray += (($b >> 16) & 0xff) % 6;
5200 $lengthMagicArray += (($b >> 24) & 0xff) % 6;
5201 $lengthMagicArray += (($c >> 0) & 0xff) % 6;
5202 $lengthMagicArray += (($c >> 8) & 0xff) % 6;
5203 $offsetMagicArray += (($c >> 16) & 0xff) % 8;
5204 $offsetMagicArray += (($c >> 24) & 0xff) % 8;
5205 $offsetMagicArray += (($d >> 0) & 0xff) % 8;
5206 $offsetMagicArray += (($d >> 8) & 0xff) % 8;
5207 $offsetMagicArray += (($d >> 16) & 0xff) % 8;
5208 $offsetMagicArray += (($d >> 24) & 0xff) % 8;
5209 $offsetMagicArray += (($e >> 0) & 0xff) % 8;
5210 $offsetMagicArray += (($e >> 8) & 0xff) % 8;
5211 $offsetMagicArray += (($e >> 16) & 0xff) % 8;
5212 $offsetMagicArray += (($e >> 24) & 0xff) % 8;
5214 my $hash_buf = sha1_hex
($word_buf . substr ($theMagicArray_s, $offsetMagicArray, $lengthMagicArray) . $salt_buf);
5216 $tmp_hash = sprintf ("%s\$%s", $salt_buf, uc $hash_buf);
5218 elsif ($mode == 7900)
5227 my $phpass_it = 1 << $cost;
5229 $hash_buf = sha512
($salt_buf . $word_buf);
5231 for (my $i = 0; $i < $phpass_it; $i++)
5233 $hash_buf = sha512
($hash_buf . $word_buf);
5236 my $base64_buf = substr (Authen
::Passphrase
::PHPass
::_en_base64
($hash_buf), 0, 43);
5238 my $base64_digits = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
5240 my $cost_str = substr ($base64_digits , $cost, 1);
5242 $tmp_hash = sprintf ('$S$%s%s%s', $cost_str, $salt_buf, $base64_buf);
5244 elsif ($mode == 8000)
5246 my $salt_buf_bin = pack ("H*", $salt_buf);
5248 my $word_buf_utf = encode
("UTF-16BE", $word_buf);
5250 $hash_buf = sha256_hex
($word_buf_utf . "\x00" x
(510 - (length ($word_buf) * 2)) . $salt_buf_bin);
5252 $tmp_hash = sprintf ("0xc007%s%s", $salt_buf, $hash_buf);
5254 elsif ($mode == 8100)
5256 $hash_buf = sha1_hex
($salt_buf . $word_buf . "\x00");
5258 $tmp_hash = sprintf ("1%s%s", $salt_buf, $hash_buf);
5260 elsif ($mode == 8200)
5262 my $iterations = 40000;
5264 if (defined ($iter))
5266 $iterations = $iter;
5269 my $salt_hex = substr ($salt_buf, 0, 32);
5270 my $salt = pack ("H*", $salt_hex);
5272 my $data_hex = substr ($salt_buf, 32);
5273 my $data = pack ("H*", $data_hex);
5275 my $pbkdf2 = Crypt
::PBKDF2
->new
5277 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 512),
5278 iterations
=> int $iterations
5281 my $key = $pbkdf2->PBKDF2 ($salt, $word_buf);
5283 $hash_buf = hmac_hex
($data, substr ($key, 32, 32), \
&sha256
, 64);
5285 $tmp_hash = sprintf ("%s:%s:%d:%s", $hash_buf, $salt_hex, $iterations, $data_hex);
5287 elsif ($mode == 8300)
5289 my ($domain, $salt_hex) = split (":", $salt_buf);
5291 my $hashalg = Net
::DNS
::SEC
->digtype ("SHA1");
5293 my $salt = pack ("H*", $salt_hex);
5297 if (defined ($iter))
5299 $iterations = $iter;
5302 my $name = lc ($word_buf . $domain);
5304 my $hash_buf = Net
::DNS
::RR
::NSEC3
::name2hash
($hashalg, $name, $iterations, $salt);
5306 $tmp_hash = sprintf ("%s:%s:%s:%d", $hash_buf, $domain, $salt_hex, $iterations);
5308 elsif ($mode == 8400)
5310 $hash_buf = sha1_hex
($salt_buf . sha1_hex
($salt_buf . sha1_hex
($word_buf)));
5312 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
5314 elsif ($mode == 8500)
5316 $hash_buf = racf_hash
(uc $salt_buf, $word_buf);
5318 $tmp_hash = sprintf ('$racf$*%s*%s', uc $salt_buf, uc $hash_buf);
5320 elsif ($mode == 8600)
5322 my @saved_key = map { ord $_; } split "", $word_buf;
5324 my $len = scalar @saved_key;
5326 my @state = domino_big_md
(\
@saved_key, $len);
5328 $tmp_hash = sprintf ('%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x',
5347 elsif ($mode == 8700)
5349 my $domino_char = undef;
5351 if (defined ($additional_param))
5353 $domino_char = $additional_param;
5356 my @saved_key = map { ord $_; } split "", $word_buf;
5358 my $len = scalar @saved_key;
5360 my @state = domino_big_md
(\
@saved_key, $len);
5362 my $str = "(" . unpack ("H*", join ("", (map { chr $_; } @state))) . ")";
5364 @saved_key = map { ord $_; } split "", $salt_buf . uc $str;
5366 @state = domino_big_md
(\
@saved_key, 34);
5368 $hash_buf = join ("", (map { chr $_; } @state));
5370 $tmp_hash = sprintf ('(G%s)', domino_encode
($salt_buf . $hash_buf, $domino_char));
5372 elsif ($mode == 8900)
5378 if (defined ($additional_param))
5380 $N = $additional_param;
5381 $r = $additional_param2;
5382 $p = $additional_param3;
5385 $hash_buf = scrypt_hash
($word_buf, $salt_buf, $N, $r, $p, 32);
5387 $tmp_hash = sprintf ('%s', $hash_buf);
5389 elsif ($mode == 9100)
5391 my $iterations = 5000;
5393 if (defined ($iter))
5395 $iterations = $iter;
5398 my $domino_char = undef;
5400 # domino 5 hash - SEC_pwddigest_V1 - -m 8600
5402 my @saved_key = map { ord $_; } split "", $word_buf;
5404 my $len = scalar @saved_key;
5406 my @state = domino_big_md
(\
@saved_key, $len);
5409 # domino 6 hash - SEC_pwddigest_V2 - -m 8700
5411 my $salt_part = substr ($salt_buf, 0, 5);
5413 my $str = "(" . unpack ("H*", join ("", (map { chr $_; } @state))) . ")";
5415 @saved_key = map { ord $_; } split "", $salt_part . uc $str;
5417 @state = domino_big_md
(\
@saved_key, 34);
5419 $hash_buf = join ("", (map { chr $_; } @state));
5421 $tmp_hash = sprintf ('(G%s)', domino_encode
($salt_part . $hash_buf, $domino_char));
5424 # domino 8(.5.x) hash - SEC_pwddigest_V3 - -m 9100
5426 my $pbkdf2 = Crypt
::PBKDF2
->new
5428 hash_class
=> 'HMACSHA1',
5429 iterations
=> $iterations,
5436 if (defined ($additional_param))
5438 $chars = $additional_param;
5441 my $digest_new = $pbkdf2->PBKDF2 ($salt_buf, $tmp_hash);
5443 my $iteration_str = "" . $iterations;
5445 for (my $i = length ($iterations); $i < 10; $i++)
5447 $iterations = "0" . $iterations;
5450 $tmp_hash = sprintf ('(H%s)', domino_85x_encode
($salt_buf . $iterations . $chars . $digest_new, $domino_char));
5452 elsif ($mode == 9200)
5454 my $iterations = 20000;
5456 my $pbkdf2 = Crypt
::PBKDF2
->new
5458 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256),
5459 iterations
=> $iterations
5462 $hash_buf = encode_base64
($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
5466 for (my $i = 0; $i < 43; $i++)
5468 $tmp_hash .= $CISCO_BASE64_MAPPING->{substr ($hash_buf, $i, 1)};
5471 $tmp_hash = sprintf ("\$8\$%s\$%s", $salt_buf, $tmp_hash);
5473 elsif ($mode == 9300)
5479 $hash_buf = scrypt_b64
($word_buf, $salt_buf, $N, $r, $p, 32);
5483 for (my $i = 0; $i < 43; $i++)
5485 $tmp_hash .= $CISCO_BASE64_MAPPING->{substr ($hash_buf, $i, 1)};
5488 $tmp_hash = sprintf ('$9$%s$%s', $salt_buf, $tmp_hash);
5490 elsif ($mode == 9400)
5492 my $iterations = 50000;
5496 $iterations = int ($iter);
5499 my $aes_key_size = 128; # or 256
5501 if (defined ($additional_param2))
5503 $aes_key_size = $additional_param2;
5506 $salt_buf = pack ("H*", $salt_buf);
5508 my $tmp = sha1
($salt_buf . encode
("UTF-16LE", $word_buf));
5510 for (my $i = 0; $i < $iterations; $i++)
5512 my $num32 = pack ("L", $i);
5514 $tmp = sha1
($num32 . $tmp);
5517 my $zero32 = pack ("L", 0x00);
5519 my $derivation_array1 = pack ("C", 0x36) x
64;
5520 my $derivation_array2 = pack ("C", 0x5C) x
64;
5522 $tmp = sha1
($tmp . $zero32);
5524 my $tmp2 = sha1
($derivation_array1 ^ $tmp);
5525 my $tmp3 = sha1
($derivation_array2 ^ $tmp);
5527 my $key = substr ($tmp2 . $tmp3, 0, $aes_key_size / 8);
5529 my $m = Crypt
::Mode
::ECB
->new ('AES', 0);
5533 if (defined $additional_param)
5535 $encdata = $m->decrypt (pack ("H*", $additional_param), $key);
5539 $encdata = "A" x
16; ## can be anything
5542 my $data1_buf = $encdata;
5543 my $data2_buf = sha1
(substr ($data1_buf, 0, 16));
5545 $data1_buf = substr ($data1_buf . ("\x00" x
16), 0, 16);
5546 $data2_buf = substr ($data2_buf . ("\x00" x
16), 0, 32);
5548 my $encrypted1 = unpack ("H*", $m->encrypt ($data1_buf, $key));
5549 my $encrypted2 = unpack ("H*", $m->encrypt ($data2_buf, $key));
5551 $encrypted1 = substr ($encrypted1, 0, 32);
5552 $encrypted2 = substr ($encrypted2, 0, 40);
5554 $tmp_hash = sprintf ("\$office\$*%d*%d*%d*%d*%s*%s*%s", 2007, 20, $aes_key_size, 16, unpack ("H*", $salt_buf), $encrypted1, $encrypted2);
5556 elsif ($mode == 9500)
5558 my $iterations = 100000;
5562 $iterations = int ($iter);
5565 $salt_buf = pack ("H*", $salt_buf);
5567 my $tmp = sha1
($salt_buf . encode
("UTF-16LE", $word_buf));
5569 for (my $i = 0; $i < $iterations; $i++)
5571 my $num32 = pack ("L", $i);
5573 $tmp = sha1
($num32 . $tmp);
5576 my $encryptedVerifierHashInputBlockKey = "\xfe\xa7\xd2\x76\x3b\x4b\x9e\x79";
5577 my $encryptedVerifierHashValueBlockKey = "\xd7\xaa\x0f\x6d\x30\x61\x34\x4e";
5579 my $final1 = sha1
($tmp . $encryptedVerifierHashInputBlockKey);
5580 my $final2 = sha1
($tmp . $encryptedVerifierHashValueBlockKey);
5582 my $key1 = substr ($final1, 0, 16);
5583 my $key2 = substr ($final2, 0, 16);
5585 my $cipher1 = Crypt
::CBC
->new ({
5587 cipher
=> "Crypt::Rijndael",
5595 my $cipher2 = Crypt
::CBC
->new ({
5597 cipher
=> "Crypt::Rijndael",
5607 if (defined $additional_param)
5609 $encdata = $cipher1->decrypt (pack ("H*", $additional_param));
5613 $encdata = "A" x
16; ## can be anything
5616 my $data1_buf = $encdata;
5617 my $data2_buf = sha1
(substr ($data1_buf, 0, 16));
5619 my $encrypted1 = unpack ("H*", $cipher1->encrypt ($data1_buf));
5620 my $encrypted2 = unpack ("H*", $cipher2->encrypt ($data2_buf));
5622 $encrypted2 = substr ($encrypted2, 0, 64);
5624 $tmp_hash = sprintf ("\$office\$*%d*%d*%d*%d*%s*%s*%s", 2010, 100000, 128, 16, unpack ("H*", $salt_buf), $encrypted1, $encrypted2);
5626 elsif ($mode == 9600)
5628 my $iterations = 100000;
5632 $iterations = int ($iter);
5635 $salt_buf = pack ("H*", $salt_buf);
5637 my $tmp = sha512
($salt_buf . encode
("UTF-16LE", $word_buf));
5639 for (my $i = 0; $i < $iterations; $i++)
5641 my $num32 = pack ("L", $i);
5643 $tmp = sha512
($num32 . $tmp);
5646 my $encryptedVerifierHashInputBlockKey = "\xfe\xa7\xd2\x76\x3b\x4b\x9e\x79";
5647 my $encryptedVerifierHashValueBlockKey = "\xd7\xaa\x0f\x6d\x30\x61\x34\x4e";
5649 my $final1 = sha512
($tmp . $encryptedVerifierHashInputBlockKey);
5650 my $final2 = sha512
($tmp . $encryptedVerifierHashValueBlockKey);
5652 my $key1 = substr ($final1, 0, 32);
5653 my $key2 = substr ($final2, 0, 32);
5655 my $cipher1 = Crypt
::CBC
->new ({
5657 cipher
=> "Crypt::Rijndael",
5665 my $cipher2 = Crypt
::CBC
->new ({
5667 cipher
=> "Crypt::Rijndael",
5677 if (defined $additional_param)
5679 $encdata = $cipher1->decrypt (pack ("H*", $additional_param));
5683 $encdata = "A" x
16; ## can be anything
5686 my $data1_buf = $encdata;
5687 my $data2_buf = sha512
(substr ($data1_buf, 0, 16));
5689 my $encrypted1 = unpack ("H*", $cipher1->encrypt ($data1_buf));
5690 my $encrypted2 = unpack ("H*", $cipher2->encrypt ($data2_buf));
5692 $encrypted2 = substr ($encrypted2, 0, 64);
5694 $tmp_hash = sprintf ("\$office\$*%d*%d*%d*%d*%s*%s*%s", 2013, 100000, 256, 16, unpack ("H*", $salt_buf), $encrypted1, $encrypted2);
5696 elsif ($mode == 9700)
5698 $salt_buf = pack ("H*", $salt_buf);
5700 my $tmp = md5
(encode
("UTF-16LE", $word_buf));
5702 $tmp = substr ($tmp, 0, 5);
5706 for (my $i = 0; $i < 16; $i++)
5714 $tmp = substr ($tmp, 0, 5);
5718 if (defined $additional_param2)
5720 $version = $additional_param2;
5724 $version = (unpack ("L", $tmp) & 1) ?
0 : 1;
5727 my $rc4_key = md5
($tmp . "\x00\x00\x00\x00");
5729 my $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5733 if (defined $additional_param)
5735 $encdata = $m->RC4 (pack ("H*", $additional_param));
5739 $encdata = "A" x
16; ## can be anything
5742 my $data1_buf = $encdata;
5743 my $data2_buf = md5
(substr ($data1_buf, 0, 16));
5745 $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5747 my $encrypted1 = $m->RC4 ($data1_buf);
5748 my $encrypted2 = $m->RC4 ($data2_buf);
5750 $tmp_hash = sprintf ("\$oldoffice\$%d*%s*%s*%s", $version, unpack ("H*", $salt_buf), unpack ("H*", $encrypted1), unpack ("H*", $encrypted2));
5752 elsif ($mode == 9800)
5754 $salt_buf = pack ("H*", $salt_buf);
5756 my $tmp = sha1
($salt_buf. encode
("UTF-16LE", $word_buf));
5760 if (defined $additional_param2)
5762 $version = $additional_param2;
5766 $version = (unpack ("L", $tmp) & 1) ?
3 : 4;
5769 my $rc4_key = sha1
($tmp . "\x00\x00\x00\x00");
5773 $rc4_key = substr ($rc4_key, 0, 5) . "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
5776 my $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5780 if (defined $additional_param)
5782 $encdata = $m->RC4 (pack ("H*", $additional_param));
5786 $encdata = "A" x
16; ## can be anything
5789 my $data1_buf = $encdata;
5790 my $data2_buf = sha1
(substr ($data1_buf, 0, 16));
5792 $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5794 my $encrypted1 = $m->RC4 ($data1_buf);
5795 my $encrypted2 = $m->RC4 ($data2_buf);
5797 $tmp_hash = sprintf ("\$oldoffice\$%d*%s*%s*%s", $version, unpack ("H*", $salt_buf), unpack ("H*", $encrypted1), unpack ("H*", $encrypted2));
5799 elsif ($mode == 9900)
5801 $tmp_hash = sprintf ("%s", md5_hex
($word_buf . "\0" x
(100 - length ($word_buf))));
5803 elsif ($mode == 10000)
5805 my $iterations = 10000;
5809 $iterations = int ($iter);
5812 my $pbkdf2 = Crypt
::PBKDF2
->new
5814 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256),
5815 iterations
=> $iterations
5818 $hash_buf = encode_base64
($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
5819 $hash_buf =~ s/[\r\n]//g;
5821 $tmp_hash = sprintf ("pbkdf2_sha256\$%i\$%s\$%s", $iterations, $salt_buf, $hash_buf);
5823 elsif ($mode == 10100)
5825 my $seed = pack ("H*", $salt_buf);
5827 my ($hi, $lo) = siphash
($word_buf, $seed);
5829 my $hi_s = sprintf ("%08x", $hi);
5830 my $lo_s = sprintf ("%08x", $lo);
5832 $hi_s =~ s/^(..)(..)(..)(..)$/$4$3$2$1/;
5833 $lo_s =~ s/^(..)(..)(..)(..)$/$4$3$2$1/;
5835 $tmp_hash = sprintf ("%s%s:2:4:%s", $hi_s, $lo_s, $salt_buf);
5837 elsif ($mode == 10200)
5839 my $challengeb64 = encode_base64
($salt_buf);
5840 $challengeb64 =~ s/[\r\n]//g;
5844 if (defined $additional_param)
5846 $username = $additional_param;
5853 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&md5
);
5855 my $responseb64 = encode_base64
($username . " " . $hash_buf);
5856 $responseb64 =~ s/[\r\n]//g;
5858 $tmp_hash = sprintf ('$cram_md5$%s$%s', $challengeb64, $responseb64);
5860 elsif ($mode == 10300)
5862 my $iterations = 1024;
5866 $iterations = int ($iter);
5869 my $hash_buf = $salt_buf;
5871 for (my $pos = 0; $pos < $iterations; $pos++)
5873 $hash_buf = sha1
($word_buf . $hash_buf);
5876 $hash_buf = encode_base64
($hash_buf . $salt_buf);
5877 $hash_buf =~ s/[\r\n]//g;
5879 $tmp_hash = sprintf ("{x-issha, %i}%s", $iterations, $hash_buf);
5881 elsif ($mode == 10400)
5884 my $u = $additional_param;
5885 my $o = $additional_param2;
5886 my $P = $additional_param3;
5888 if (defined $u == 0)
5893 if (defined $o == 0)
5898 if (defined $P == 0)
5905 for (my $i = 0; $i < 32; $i++)
5907 $padding .= pack ("C", $pdf_padding[$i]);
5910 my $res = pdf_compute_encryption_key
($word_buf, $padding, $id, $u, $o, $P, 1, 2, 0);
5912 my $m = Crypt
::RC4
->new (substr ($res, 0, 5));
5914 $u = $m->RC4 ($padding);
5916 $tmp_hash = sprintf ('$pdf$%d*%d*40*%d*%d*16*%s*32*%s*32*%s', 1, 2, $P, 0, $id, unpack ("H*", $u), $o);
5918 elsif ($mode == 10500)
5921 my $u = $additional_param;
5922 my $o = $additional_param2;
5923 my $P = $additional_param3;
5924 my $V = $additional_param4;
5925 my $R = $additional_param5;
5926 my $enc = $additional_param6;
5928 if (defined $u == 0)
5935 if (defined $o == 0)
5940 if (defined $R == 0)
5942 $R = get_random_num
(3, 5);
5945 if (defined $V == 0)
5947 $V = ($R == 3) ?
2 : 4;
5950 if (defined $P == 0)
5952 $P = ($R == 3) ?
-4 : -1028;
5955 if (defined $enc == 0)
5957 $enc = ($R == 3) ?
1 : get_random_num
(0, 2);
5962 for (my $i = 0; $i < 32; $i++)
5964 $padding .= pack ("C", $pdf_padding[$i]);
5967 my $res = pdf_compute_encryption_key
($word_buf, $padding, $id, $u, $o, $P, $V, $R, $enc);
5969 my $digest = md5
($padding . pack ("H*", $id));
5971 my $m = Crypt
::RC4
->new ($res);
5973 $u = $m->RC4 ($digest);
5975 my @ress = split "", $res;
5977 for (my $x = 1; $x <= 19; $x++)
5981 for (my $i = 0; $i < 16; $i++)
5983 $xor[$i] = chr (ord ($ress[$i]) ^ $x);
5986 my $s = join ("", @xor);
5988 my $m2 = Crypt
::RC4
->new ($s);
5993 $u .= substr (pack ("H*", $u_save), 16, 16);
5995 $tmp_hash = sprintf ('$pdf$%d*%d*128*%d*%d*16*%s*32*%s*32*%s', $V, $R, $P, $enc, $id, unpack ("H*", $u), $o);
5997 elsif ($mode == 10600)
6000 my $rest = $additional_param;
6002 if (defined $id == 0)
6007 if (defined $rest == 0)
6013 $rest .= "*127*00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000";
6016 my @data = split /\*/, $rest;
6018 my $u = pack ("H*", $data[1]);
6020 my $h = sha256
($word_buf . substr ($u, 32, 8));
6022 $data[1] = unpack ("H*", $h . substr ($u, 32));
6024 $rest = join ("*", @data);
6026 $tmp_hash = sprintf ('$pdf$5*5*256*-1028*1*16*%s*%s', $id, $rest);
6028 elsif ($mode == 10700)
6031 my $rest = $additional_param;
6033 if (defined $id == 0)
6038 if (defined $rest == 0)
6044 $rest .= "*127*00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000";
6047 my @datax = split /\*/, $rest;
6049 my $u = pack ("H*", $datax[1]);
6051 my $block = sha256
($word_buf . substr ($u, 32, 8));
6053 my $block_size = 32;
6055 my $data = 0x00 x
64;
6061 for (my $i = 0; $i < 64 || $i < $data63 + 32; $i++)
6063 $data = $word_buf . $block;
6065 $data_len = length ($data);
6067 for (my $k = 1; $k < 64; $k++)
6069 $data .= $word_buf . $block;
6072 my $aes = Crypt
::CBC
->new ({
6073 key
=> substr ($block, 0, 16),
6074 cipher
=> "Crypt::Rijndael",
6075 iv
=> substr ($block, 16, 16),
6082 my $data = $aes->encrypt ($data);
6086 for (my $j = 0; $j < 16; $j++)
6088 $sum += ord (substr ($data, $j, 1));
6091 $block_size = 32 + ($sum % 3) * 16;
6093 if ($block_size == 32)
6095 $block = sha256
(substr ($data, 0, $data_len * 64));
6097 elsif ($block_size == 48)
6099 $block = sha384
(substr ($data, 0, $data_len * 64));
6101 elsif ($block_size == 64)
6103 $block = sha512
(substr ($data, 0, $data_len * 64));
6106 $data63 = ord (substr ($data, $data_len * 64 - 1, 1));
6109 $datax[1] = unpack ("H*", substr ($block, 0, 32) . substr ($u, 32));
6111 $rest = join ("*", @datax);
6113 $tmp_hash = sprintf ('$pdf$5*6*256*-1028*1*16*%s*%s', $id, $rest);
6115 elsif ($mode == 10800)
6117 $hash_buf = sha384_hex
($word_buf);
6119 $tmp_hash = sprintf ("%s", $hash_buf);
6121 elsif ($mode == 10900)
6123 my $iterations = 1000;
6127 $iterations = int ($iter);
6132 if (defined $additional_param)
6134 $out_len = $additional_param;
6137 my $pbkdf2 = Crypt
::PBKDF2
->new
6139 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256),
6140 iterations
=> $iterations,
6141 output_len
=> $out_len
6144 $hash_buf = encode_base64
($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
6145 $hash_buf =~ s/[\r\n]//g;
6147 my $base64_salt_buf = encode_base64
($salt_buf);
6149 chomp ($base64_salt_buf);
6151 $tmp_hash = sprintf ("sha256:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6153 elsif ($mode == 11000)
6155 $hash_buf = md5_hex
($salt_buf . $word_buf);
6157 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
6159 elsif ($mode == 11100)
6161 my $user = "postgres";
6163 if (defined $additional_param)
6165 $user = $additional_param;
6168 $hash_buf = md5_hex
(md5_hex
($word_buf . $user) . pack ("H*", $salt_buf));
6170 $tmp_hash = sprintf ("\$postgres\$%s*%s*%s", $user, $salt_buf, $hash_buf);
6172 elsif ($mode == 11200)
6174 my $sha1_pass = sha1
($word_buf);
6175 my $double_sha1 = sha1
($sha1_pass);
6177 my $xor_part1 = $sha1_pass;
6178 my $xor_part2 = sha1
(pack ("H*", $salt_buf) . $double_sha1);
6182 for (my $i = 0; $i < 20; $i++)
6184 my $first_byte = substr ($xor_part1, $i, 1);
6185 my $second_byte = substr ($xor_part2, $i, 1);
6187 my $xor_result = $first_byte ^ $second_byte;
6189 $hash_buf .= unpack ("H*", $xor_result);
6192 $tmp_hash = sprintf ("\$mysqlna\$%s*%s", $salt_buf, $hash_buf);
6194 elsif ($mode == 11300)
6196 my $ckey_buf = get_random_string
(96);
6198 if (length ($additional_param))
6200 $ckey_buf = $additional_param;
6203 my $public_key_buf = get_random_string
(66);
6205 if (length ($additional_param2))
6207 $public_key_buf = $additional_param2;
6210 my $salt_iter = get_random_num
(150000, 250000);
6214 $salt_iter = int ($iter);
6217 my $hash_buf = sha512
($word_buf . pack ("H*", $salt_buf));
6219 for (my $i = 1; $i < $salt_iter; $i++)
6221 $hash_buf = sha512
($hash_buf);
6224 my $data = get_random_string
(32);
6226 my $aes = Crypt
::CBC
->new ({
6227 key
=> substr ($hash_buf, 0, 32),
6228 cipher
=> "Crypt::Rijndael",
6229 iv
=> substr ($hash_buf, 32, 16),
6233 padding
=> "standard",
6236 my $cry_master_buf = (unpack ("H*", $aes->encrypt ($data)));
6238 $tmp_hash = sprintf ('$bitcoin$%d$%s$%d$%s$%d$%d$%s$%d$%s',
6239 length ($cry_master_buf),
6246 length ($public_key_buf),
6249 elsif ($mode == 11400)
6251 my ($directive, $URI_server, $URI_client, $user, $realm, $nonce, $nonce_count, $nonce_client, $qop, $method, $URI, $URI_prefix, $URI_resource, $URI_suffix);
6253 $directive = "MD5"; # only directive currently supported
6255 if (defined ($additional_param))
6257 $user = $additional_param;
6258 $realm = $additional_param2;
6260 $nonce_count = $additional_param3;
6261 $nonce_client = $additional_param4;
6262 $qop = $additional_param5;
6263 $method = $additional_param6;
6265 $URI_prefix = $additional_param7;
6266 $URI_resource = $additional_param8;
6267 $URI_suffix = $additional_param9;
6269 # not needed information
6271 $URI_server = $additional_param10;
6272 $URI_client = $additional_param11;
6276 $user = get_random_string
(get_random_num
(0, 12 + 1));
6278 # special limit: (user_len + 1 + realm_len + 1 + word_buf_len) < 56
6279 my $realm_max_len = 55 - length ($user) - 1 - length ($word_buf) - 1;
6281 if ($realm_max_len < 1) # should never happen
6286 $realm_max_len = min
(20, $realm_max_len);
6288 $realm = get_random_string
(get_random_num
(0, $realm_max_len + 1));
6292 if (get_random_num
(0, 1 + 1) == 1)
6296 $nonce_count = get_random_string
(get_random_num
(0, 10 + 1));
6297 $nonce_client = get_random_string
(get_random_num
(0, 12 + 1));
6307 $method = get_random_string
(get_random_num
(0, 24 + 1));
6309 $URI_prefix = get_random_string
(get_random_num
(0, 10 + 1));
6310 $URI_resource = get_random_string
(get_random_num
(1, 32 + 1));
6311 $URI_suffix = get_random_string
(get_random_num
(0, 32 + 1));
6313 # not needed information
6315 $URI_server = get_random_string
(get_random_num
(0, 32 + 1));
6316 $URI_client = $URI_resource; # simplification
6323 if (length ($URI_prefix) > 0)
6325 $URI = $URI_prefix . ":";
6328 $URI .= $URI_resource;
6330 if (length ($URI_suffix) > 0)
6332 $URI .= ":" . $URI_suffix;
6335 my $HA2 = md5_hex
($method . ":" . $URI);
6337 my $HA1 = md5_hex
($user . ":" . $realm . ":" . $word_buf);
6341 if (($qop eq "auth") || ($qop eq "auth-int"))
6343 $tmp_buf = $nonce . ":" . $nonce_count . ":" . $nonce_client . ":" . $qop;
6350 my $hash_buf = md5_hex
($HA1 . ":" . $tmp_buf . ":" . $HA2);
6352 $tmp_hash = sprintf ("\$sip\$*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s", $URI_server, $URI_resource, $user, $realm, $method, $URI_prefix, $URI_resource, $URI_suffix, $nonce, $nonce_client, $nonce_count, $qop, $directive, $hash_buf);
6354 elsif ($mode == 11500)
6356 $hash_buf = crc32
($word_buf);
6358 $tmp_hash = sprintf ("%08x:00000000", $hash_buf);
6360 elsif ($mode == 11600)
6362 my ($p, $num_cycle_power, $seven_zip_salt_len, $seven_zip_salt_buf, $salt_len, $data_len, $unpack_size, $data_buf);
6366 my $validation_only = 0;
6368 $validation_only = 1 if (defined ($additional_param));
6370 if ($validation_only == 1)
6372 $num_cycle_power = int ($iter);
6373 $seven_zip_salt_len = $additional_param;
6374 $seven_zip_salt_buf = $additional_param2;
6375 $salt_len = $additional_param3;
6376 # $salt_buf set in parser
6377 # $hash_buf (resulting crc)
6378 $data_len = $additional_param4;
6379 $unpack_size = $additional_param5;
6380 $data_buf = $additional_param6;
6384 $num_cycle_power = 14; # by default it is 19
6385 $seven_zip_salt_len = 0;
6386 $seven_zip_salt_buf = "";
6387 $salt_len = length ($salt_buf);
6388 # $salt_buf set automatically
6389 # $hash_buf (resulting crc)
6390 # $data_len will be set when encrypting
6391 $unpack_size = get_random_num
(1, 32 + 1);
6392 $data_buf = get_random_string
($unpack_size);
6396 # 2 ^ NumCyclesPower "iterations" of SHA256 (only one final SHA256)
6399 $word_buf = encode
("UTF-16LE", $word_buf);
6401 my $rounds = 1 << $num_cycle_power;
6405 for (my $i = 0; $i < $rounds; $i++)
6409 $num_buf .= pack ("V", $i);
6410 $num_buf .= "\x00" x
4;
6412 # this would be better but only works on 64-bit systems:
6413 # $num_buf = pack ("q", $i);
6415 $pass_buf .= sprintf ("%s%s", $word_buf, $num_buf);
6418 my $key = sha256
($pass_buf);
6420 # the salt_buf is our IV for AES CBC
6423 my $salt_buf_len = length ($salt_buf);
6424 my $salt_padding_len = 0;
6426 if ($salt_buf_len < 16)
6428 $salt_padding_len = 16 - $salt_buf_len;
6431 $salt_buf .= "\x00" x
$salt_padding_len;
6433 my $aes = Crypt
::CBC
->new ({
6434 cipher
=> "Crypt::Rijndael",
6442 if ($validation_only == 1)
6446 my $decrypted_data = $aes->decrypt ($data_buf);
6448 $decrypted_data = substr ($decrypted_data, 0, $unpack_size);
6450 $hash_buf = crc32
($decrypted_data);
6456 $hash_buf = crc32
($data_buf);
6458 $data_buf = $aes->encrypt ($data_buf);
6460 $data_len = length ($data_buf);
6463 $tmp_hash = sprintf ("\$7z\$%i\$%i\$%i\$%s\$%i\$%08s\$%u\$%u\$%u\$%s", $p, $num_cycle_power, $seven_zip_salt_len, $seven_zip_salt_buf, $salt_len, unpack ("H*", $salt_buf), $hash_buf, $data_len, $unpack_size, unpack ("H*", $data_buf));
6465 elsif ($mode == 11900)
6467 my $iterations = 1000;
6471 $iterations = int ($iter);
6476 if (defined $additional_param)
6478 $out_len = $additional_param;
6482 # call PHP here - WTF
6485 # sanitize $word_buf and $salt_buf:
6487 my $word_buf_base64 = encode_base64
($word_buf);
6488 $word_buf_base64 =~ s/[\r\n]//g;
6490 my $salt_buf_base64 = encode_base64
($salt_buf);
6491 $salt_buf_base64 =~ s/[\r\n]//g;
6495 $out_len = int ($out_len);
6497 # output is in hex encoding, otherwise it could be screwed (but shouldn't)
6499 my $php_code = <<'END_CODE';
6501 function pbkdf2 ($algorithm, $password, $salt, $count, $key_length, $raw_output = false)
6503 $algorithm = strtolower ($algorithm);
6505 if (! in_array ($algorithm, hash_algos (), true))
6507 trigger_error ("PBKDF2 ERROR: Invalid hash algorithm.", E_USER_ERROR);
6510 if ($count <= 0 || $key_length <= 0)
6512 trigger_error ("PBKDF2 ERROR: Invalid parameters.", E_USER_ERROR);
6515 if (function_exists ("hash_pbkdf2"))
6519 $key_length = $key_length * 2;
6522 return hash_pbkdf2 ($algorithm, $password, $salt, $count, $key_length, $raw_output);
6525 $hash_length = strlen (hash ($algorithm, "", true));
6526 $block_count = ceil ($key_length / $hash_length);
6530 for ($i = 1; $i <= $block_count; $i++)
6532 $last = $salt . pack ("N", $i);
6534 $last = $xorsum = hash_hmac ($algorithm, $last, $password, true);
6536 for ($j = 1; $j < $count; $j++)
6538 $xorsum ^= ($last = hash_hmac ($algorithm, $last, $password, true));
6546 return substr ($output, 0, $key_length);
6550 return bin2hex (substr ($output, 0, $key_length));
6554 print pbkdf2 ("md5", base64_decode ("$word_buf_base64"), base64_decode ("$salt_buf_base64"), $iterations, $out_len, False);
6558 # replace with these command line arguments
6560 $php_code =~ s/\$word_buf_base64/$word_buf_base64/;
6561 $php_code =~ s/\$salt_buf_base64/$salt_buf_base64/;
6562 $php_code =~ s/\$iterations/$iterations/;
6563 $php_code =~ s/\$out_len/$out_len/;
6565 my $php_output = `php -r '$php_code'`;
6567 $hash_buf = pack ("H*", $php_output);
6569 $hash_buf = encode_base64 ($hash_buf);
6570 $hash_buf =~ s/[\r\n]//g;
6572 my $base64_salt_buf = encode_base64 ($salt_buf);
6574 chomp ($base64_salt_buf);
6576 $tmp_hash = sprintf ("md5:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6578 elsif ($mode == 12000)
6580 my $iterations = 1000;
6584 $iterations = int ($iter);
6589 if (defined $additional_param)
6591 $out_len = $additional_param;
6594 my $pbkdf2 = Crypt::PBKDF2->new
6596 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1'),
6597 iterations => $iterations,
6598 output_len => $out_len
6601 $hash_buf = encode_base64 ($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
6602 $hash_buf =~ s/[\r\n]//g;
6604 my $base64_salt_buf = encode_base64 ($salt_buf);
6606 chomp ($base64_salt_buf);
6608 $tmp_hash = sprintf ("sha1:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6610 elsif ($mode == 12100)
6612 my $iterations = 1000;
6616 $iterations = int ($iter);
6621 if (defined $additional_param)
6623 $out_len = $additional_param;
6626 my $pbkdf2 = Crypt::PBKDF2->new
6628 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 512),
6629 iterations => $iterations,
6630 output_len => $out_len
6633 $hash_buf = encode_base64 ($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
6634 $hash_buf =~ s/[\r\n]//g;
6636 my $base64_salt_buf = encode_base64 ($salt_buf);
6638 chomp ($base64_salt_buf);
6640 $tmp_hash = sprintf ("sha512:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6642 elsif ($mode == 12200)
6644 my $iterations = 65536;
6646 my $default_salt = 0;
6648 if (defined $additional_param)
6650 $default_salt = int ($additional_param);
6653 if ($default_salt == 1)
6655 $salt_buf = "0011223344556677";
6658 $hash_buf = sha512 (pack ("H*", $salt_buf) . $word_buf);
6660 for (my $i = 0; $i < $iterations; $i++)
6662 $hash_buf = sha512 ($hash_buf);
6665 $hash_buf = unpack ("H*", $hash_buf);
6666 $hash_buf = substr ($hash_buf, 0, 16);
6668 if ($default_salt == 0)
6670 $tmp_hash = sprintf ("\$ecryptfs\$0\$1\$%s\$%s", $salt_buf, $hash_buf);
6674 $tmp_hash = sprintf ("\$ecryptfs\$0\$%s", $hash_buf);
6677 elsif ($mode == 12300)
6679 my $iterations = 4096;
6681 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 512);
6683 my $pbkdf2 = Crypt::PBKDF2->new (
6685 iterations => $iterations,
6689 my $salt_bin = pack ("H*", $salt_buf);
6691 my $key = $pbkdf2->PBKDF2 ($salt_bin. "AUTH_PBKDF2_SPEEDY_KEY", $word_buf);
6693 $hash_buf = sha512_hex ($key . $salt_bin);
6695 $tmp_hash = sprintf ("%s%s", uc ($hash_buf), uc ($salt_buf));
6697 elsif ($mode == 12400)
6703 $iterations = int ($iter);
6707 $iterations = get_random_num (1, 5001 + 1);
6710 my $key_value = fold_password ($word_buf);
6712 my $data = "\x00\x00\x00\x00\x00\x00\x00\x00";
6713 my $salt_value = base64_to_int24 ($salt_buf);
6715 $hash_buf = crypt_rounds ($key_value, $iterations, $salt_value, $data);
6717 $tmp_hash = sprintf ("_%s%s%s", int24_to_base64 ($iterations), $salt_buf, block_to_base64 ($hash_buf));
6719 elsif ($mode == 12600)
6721 $hash_buf = sha1_hex ($word_buf);
6723 $hash_buf = sha256_hex ($salt_buf . uc $hash_buf);
6725 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
6727 elsif ($mode == 12700)
6729 my $iterations = 10;
6732 "guid" : "00000000-0000-0000-0000-000000000000",
6733 "sharedKey" : "00000000-0000-0000-0000-000000000000",
6734 "options" : {"pbkdf2_iterations":10,"fee_policy":0,"html5_notifications":false,"logout_time":600000,"tx_display":0,"always_keep_local_backup":false}|;
6736 my $salt_buf_bin = pack ("H*", $salt_buf);
6738 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1');
6740 my $pbkdf2 = Crypt::PBKDF2->new (
6742 iterations => $iterations,
6746 my $key = $pbkdf2->PBKDF2 ($salt_buf_bin, $word_buf);
6748 my $cipher = Crypt::CBC->new ({
6750 cipher => "Crypt::Rijndael",
6751 iv => $salt_buf_bin,
6757 my $encrypted = unpack ("H*", $cipher->encrypt ($data));
6759 $tmp_hash = sprintf ("\$blockchain\$%s\$%s", length ($salt_buf . $encrypted) / 2, $salt_buf . $encrypted);
6761 elsif ($mode == 12800)
6763 my $iterations = 100;
6767 $iterations = int ($iter);
6770 my $nt = md4_hex (encode ("UTF-16LE", $word_buf));
6772 my $pbkdf2 = Crypt::PBKDF2->new
6774 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
6775 iterations => $iterations,
6779 my $salt_buf_bin = pack ("H*", $salt_buf);
6781 my $hash = $pbkdf2->PBKDF2 ($salt_buf_bin, uc (encode ("UTF-16LE", $nt)));
6783 $tmp_hash = sprintf ("v1;PPH1_MD4,%s,%d,%s", $salt_buf, $iterations, unpack ("H*", $hash));
6785 elsif ($mode == 12900)
6787 my $iterations = 4096;
6791 $iterations = int ($iter);
6794 my $salt2 = $salt_buf . $salt_buf;
6796 if (defined $additional_param)
6798 $salt2 = $additional_param;
6801 my $pbkdf2 = Crypt::PBKDF2->new
6803 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
6804 iterations => $iterations,
6808 my $salt_buf_bin = pack ("H*", $salt_buf);
6810 my $hash = $pbkdf2->PBKDF2 ($salt_buf_bin, $word_buf);
6812 my $salt2_bin = pack ("H*", $salt2);
6814 my $hash_hmac = hmac_hex ($salt2_bin, $hash, \&sha256, 64);
6816 $tmp_hash = sprintf ("%s%s%s", $salt2, $hash_hmac, $salt_buf);
6818 elsif ($mode == 13000)
6820 my $iterations = 15;
6824 $iterations = int ($iter);
6829 if (defined $additional_param)
6831 $iv = $additional_param;
6834 my $pbkdf2 = Crypt::PBKDF2->new
6836 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
6837 iterations => (1 << $iterations) + 32,
6841 my $salt_buf_bin = pack ("H*", $salt_buf);
6843 my $hash = $pbkdf2->PBKDF2 ($salt_buf_bin, $word_buf);
6845 my $hash_final = substr ($hash, 0, 8)
6846 ^ substr ($hash, 8, 8)
6847 ^ substr ($hash, 16, 8)
6848 ^ substr ($hash, 24, 8);
6850 $tmp_hash = sprintf ('$rar5$16$%s$%d$%s$8$%s', $salt_buf, $iterations, $iv, unpack ("H*", $hash_final));
6852 elsif ($mode == 13100)
6854 my @salt_arr = split ('\$', $salt_buf);
6856 my $user = $salt_arr[0];
6858 my $realm = $salt_arr[1];
6860 my $spn = $salt_arr[2];
6862 my $nonce = $salt_arr[3];
6864 my $cleartext_ticket = '6381b03081ada00703050050a00000a11b3019a003020117a1'.
6865 '12041058e0d77776e8b8e03991f2966939222aa2171b154d594b5242544553542e434f4e5'.
6866 '44f534f2e434f4da3133011a003020102a10a30081b067472616e6365a40b3009a0030201'.
6867 '01a1020400a511180f32303136303231353134343735305aa611180f32303136303231353'.
6868 '134343735305aa711180f32303136303231363030343735305aa811180f32303136303232'.
6871 $cleartext_ticket = $nonce . $cleartext_ticket;
6873 my $k = md4 (encode ("UTF-16LE", $word_buf));
6875 my $k1 = hmac_md5 ("\x02\x00\x00\x00", $k);
6877 my $checksum = hmac_md5 (pack ("H*", $cleartext_ticket), $k1);
6879 my $k3 = hmac_md5 ($checksum, $k1);
6881 my $cipher = Crypt::RC4->new ($k3);
6883 my $edata2 = $cipher->RC4 (pack ("H*", $cleartext_ticket));
6885 $tmp_hash = sprintf ('$krb5tgs$23$*%s$%s$%s*$%s$%s', $user, $realm, $spn, unpack ("H*", $checksum), unpack ("H*", $edata2));
6887 elsif ($mode == 13200)
6889 my @salt_arr = split ('\*', $salt_buf);
6891 my $iteration = $salt_arr[0];
6893 my $mysalt = $salt_arr[1];
6895 $mysalt = pack ("H*", $mysalt);
6897 my $DEK = randbytes (16);
6899 my $iv = "a6a6a6a6a6a6a6a6";
6901 my $KEK = sha1($word_buf);
6903 $KEK = substr ($KEK ^ $mysalt, 0, 16);
6905 my $aes = Crypt::Mode::ECB->new ('AES');
6907 my @R = ('', substr(pack ("H*",$DEK),0,8), substr(pack ("H*",$DEK),8,16));
6911 my $A = pack ("H*", $iv);
6913 for (my $j = 0; $j < $iteration; $j++)
6915 $B = $aes->encrypt ($A . $R[1], $KEK);
6917 $A = substr ($B, 0, 8) ^ pack ("q", (2 * $j + 1));
6919 $R[1] = substr ($B, 8, 16);
6921 $B = $aes->encrypt ($A . $R[2], $KEK);
6923 $A = substr ($B, 0, 8) ^ pack ("q", (2 * $j + 2));
6925 $R[2] = substr ($B, 8, 16);
6928 my $wrapped_key = unpack ("H*", $A . substr ($R[1], 0 ,8) . substr ($R[2], 0 ,8));
6930 $mysalt = unpack ("H*", $mysalt);
6932 $tmp_hash = sprintf ('$axcrypt$*1*%s*%s*%s', $iteration, $mysalt, $wrapped_key);
6934 elsif ($mode == 13300)
6936 $hash_buf = sha1_hex ($word_buf);
6938 $tmp_hash = sprintf ('$axcrypt_sha1$%s', substr ($hash_buf, 0, 32));
6942 elsif ($mode == 13400)
6944 my @salt_arr = split ('\*', $salt_buf);
6946 my $version = $salt_arr[0];
6948 my $iteration = $salt_arr[1];
6950 my $algorithm = $salt_arr[2];
6952 my $final_random_seed = $salt_arr[3];
6954 my $transf_random_seed = $salt_arr[4];
6956 my $enc_iv = $salt_arr[5];
6960 # specific to version 1
6965 # specific to version 2
6968 $final_random_seed = pack ("H*", $final_random_seed);
6970 $transf_random_seed = pack ("H*", $transf_random_seed);
6972 $enc_iv = pack ("H*", $enc_iv);
6974 my $intermediate_hash = sha256 ($word_buf);
6978 $contents_hash = $salt_arr[6];
6979 $contents_hash = pack ("H*", $contents_hash);
6981 $inline_flag = $salt_arr[7];
6983 $contents_len = $salt_arr[8];
6985 $contents = $salt_arr[9];
6986 $contents = pack ("H*", $contents);
6988 elsif ($version == 2)
6990 $intermediate_hash = sha256 ($intermediate_hash);
6993 my $aes = Crypt::Mode::ECB->new ('AES', 1);
6995 for (my $j = 0; $j < $iteration; $j++)
6997 $intermediate_hash = $aes->encrypt ($intermediate_hash, $transf_random_seed);
6999 $intermediate_hash = substr ($intermediate_hash, 0, 32);
7002 $intermediate_hash = sha256 ($intermediate_hash);
7004 my $final_key = sha256 ($final_random_seed . $intermediate_hash);
7006 my $final_algorithm;
7008 if ($version == 1 && $algorithm == 1)
7010 $final_algorithm = "Crypt::Twofish";
7014 $final_algorithm = "Crypt::Rijndael";
7017 my $cipher = Crypt::CBC->new ({
7019 cipher => $final_algorithm,
7028 $contents_hash = sha256 ($contents);
7030 $contents = $cipher->encrypt($contents);
7032 $tmp_hash = sprintf ('$keepass$*%d*%d*%d*%s*%s*%s*%s*%d*%d*%s',
7036 unpack ("H*", $final_random_seed),
7037 unpack ("H*", $transf_random_seed),
7038 unpack ("H*", $enc_iv),
7039 unpack ("H*", $contents_hash),
7042 unpack ("H*", $contents));
7046 $expected_bytes = $salt_arr[6];
7048 $contents_hash = $salt_arr[7];
7049 $contents_hash = pack ("H*", $contents_hash);
7051 $expected_bytes = $cipher->decrypt($contents_hash);
7053 $tmp_hash = sprintf ('$keepass$*%d*%d*%d*%s*%s*%s*%s*%s',
7057 unpack ("H*", $final_random_seed),
7058 unpack ("H*", $transf_random_seed),
7059 unpack ("H*", $enc_iv),
7060 unpack ("H*", $expected_bytes),
7061 unpack ("H*", $contents_hash));
7072 my $word_len = shift;
7074 my $salt_len = shift;
7078 $max = 15 if ($mode == 2410);
7080 if ($is_unicode{$mode})
7082 if (! $allow_long_salt{$mode})
7084 $word_len = min ($word_len, int ($max / 2) - $salt_len);
7088 $word_len = min ($word_len, int ($max / 2));
7091 elsif ($less_fifteen{$mode})
7093 $word_len = min ($word_len, 15);
7097 $salt_len = min ($salt_len, 15 - $word_len);
7102 if (! $allow_long_salt{$mode})
7104 $word_len = min ($word_len, $max - $salt_len);
7123 for (my $i = 0; $i < $salt_len; $i++)
7125 my $c = get_random_chr (0x30, 0x39);
7127 push (@salt_arr, $c);
7130 $salt_buf = join ("", @salt_arr);
7132 $salt_buf = get_random_md5chap_salt ($salt_buf);
7134 elsif ($mode == 5300 || $mode == 5400)
7136 $salt_buf = get_random_ike_salt ();
7138 elsif ($mode == 5500)
7140 $salt_buf = get_random_netntlmv1_salt ($salt_len, $salt_len);
7142 elsif ($mode == 5600)
7144 $salt_buf = get_random_netntlmv2_salt ($salt_len, $salt_len);
7146 elsif ($mode == 6600)
7148 $salt_buf = get_random_agilekeychain_salt ();
7150 elsif ($mode == 8200)
7152 $salt_buf = get_random_cloudkeychain_salt ();
7154 elsif ($mode == 8300)
7156 $salt_buf = get_random_dnssec_salt ();
7158 elsif ($mode == 13100)
7160 $salt_buf = get_random_kerberos5_tgs_salt ();
7162 elsif ($mode == 13200)
7164 $salt_buf = get_random_axcrypt_salt ();
7166 elsif ($mode == 13400)
7168 $salt_buf = get_random_keepass_salt ();
7174 for (my $i = 0; $i < $salt_len; $i++)
7176 my $c = get_random_chr (0x30, 0x39);
7178 push (@salt_arr, $c);
7181 $salt_buf = join ("", @salt_arr);
7185 $salt_buf = get_random_kerberos5_salt ($salt_buf);
7195 for (my $i = 0; $i < $word_len; $i++)
7197 my $c = get_random_chr (0x30, 0x39);
7199 push (@word_arr, $c);
7202 my $word_buf = join ("", @word_arr);
7208 my $tmp_hash = gen_hash ($mode, $word_buf, $salt_buf);
7221 print sprintf ("echo -n %-20s | %s \${OPTS} %s %4d '%s'\n", $word_buf, @cmd);
7233 sub get_random_string
7239 for (my $i = 0; $i < $len; $i++)
7241 my $c = get_random_chr (0x30, 0x39);
7246 my $buf = join ("", @arr);
7256 return int ((rand ($max - $min)) + $min);
7261 return chr get_random_num (@_);
7270 for (my $i = 0; $i < length ($str); $i += 4)
7272 my $num = domino_base64_decode (substr ($str, $i, 4), 4);
7274 $decoded .= chr (($num >> 16) & 0xff) . chr (($num >> 8) & 0xff) . chr ($num & 0xff);
7281 $salt = substr ($decoded, 0, 5);
7283 my $byte10 = (ord (substr ($salt, 3, 1)) - 4);
7287 $byte10 = 256 + $byte10;
7290 substr ($salt, 3, 1) = chr ($byte10);
7292 $digest = substr ($decoded, 5, 9);
7293 $char = substr ($str, 18, 1);
7295 return ($digest, $salt, $char);
7298 sub domino_85x_decode
7304 for (my $i = 0; $i < length ($str); $i += 4)
7306 my $num = domino_base64_decode (substr ($str, $i, 4), 4);
7308 $decoded .= chr (($num >> 16) & 0xff) . chr (($num >> 8) & 0xff) . chr ($num & 0xff);
7313 my $iterations = -1;
7316 $salt = substr ($decoded, 0, 16); # longer than -m 8700 (5 vs 16 <- new)
7318 my $byte10 = (ord (substr ($salt, 3, 1)) - 4);
7322 $byte10 = 256 + $byte10;
7325 substr ($salt, 3, 1) = chr ($byte10);
7327 $iterations = substr ($decoded, 16, 10);
7329 if ($iterations =~ /^?d*$/)
7333 $iterations = $iterations + 0; # hack: make sure it is an int now (atoi ())
7334 $chars = substr ($decoded, 26, 2); # in my example it is "02"
7335 $digest = substr ($decoded, 28, 8); # only of length of 8 vs 20 SHA1 bytes
7338 return ($digest, $salt, $iterations, $chars);
7341 sub domino_base64_decode
7346 my $itoa64 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
7354 my $idx = (index ($itoa64, substr ($v, $n - $i, 1))) & 0x3f;
7356 $ret += ($idx << (6 * ($i - 1)));
7369 my $byte10 = (ord (substr ($final, 3, 1)) + 4);
7373 $byte10 = $byte10 - 256;
7376 substr ($final, 3, 1) = chr ($byte10);
7380 $passwd .= domino_base64_encode ((int (ord (substr ($final, 0, 1))) << 16) | (int (ord (substr ($final, 1, 1))) << 8) | (int (ord (substr ($final, 2, 1)))), 4);
7381 $passwd .= domino_base64_encode ((int (ord (substr ($final, 3, 1))) << 16) | (int (ord (substr ($final, 4, 1))) << 8) | (int (ord (substr ($final, 5, 1)))), 4);
7382 $passwd .= domino_base64_encode ((int (ord (substr ($final, 6, 1))) << 16) | (int (ord (substr ($final, 7, 1))) << 8) | (int (ord (substr ($final, 8, 1)))), 4);
7383 $passwd .= domino_base64_encode ((int (ord (substr ($final, 9, 1))) << 16) | (int (ord (substr ($final, 10, 1))) << 8) | (int (ord (substr ($final, 11, 1)))), 4);
7384 $passwd .= domino_base64_encode ((int (ord (substr ($final, 12, 1))) << 16) | (int (ord (substr ($final, 13, 1))) << 8) | (int (ord (substr ($final, 14, 1)))), 4);
7386 if (defined ($char))
7388 substr ($passwd, 18, 1) = $char;
7390 substr ($passwd, 19, 1) = "";
7395 sub domino_85x_encode
7400 my $byte10 = (ord (substr ($final, 3, 1)) + 4);
7404 $byte10 = $byte10 - 256;
7407 substr ($final, 3, 1) = chr ($byte10);
7411 $passwd .= domino_base64_encode ((int (ord (substr ($final, 0, 1))) << 16) | (int (ord (substr ($final, 1, 1))) << 8) | (int (ord (substr ($final, 2, 1)))), 4);
7412 $passwd .= domino_base64_encode ((int (ord (substr ($final, 3, 1))) << 16) | (int (ord (substr ($final, 4, 1))) << 8) | (int (ord (substr ($final, 5, 1)))), 4);
7413 $passwd .= domino_base64_encode ((int (ord (substr ($final, 6, 1))) << 16) | (int (ord (substr ($final, 7, 1))) << 8) | (int (ord (substr ($final, 8, 1)))), 4);
7414 $passwd .= domino_base64_encode ((int (ord (substr ($final, 9, 1))) << 16) | (int (ord (substr ($final, 10, 1))) << 8) | (int (ord (substr ($final, 11, 1)))), 4);
7415 $passwd .= domino_base64_encode ((int (ord (substr ($final, 12, 1))) << 16) | (int (ord (substr ($final, 13, 1))) << 8) | (int (ord (substr ($final, 14, 1)))), 4);
7416 $passwd .= domino_base64_encode ((int (ord (substr ($final, 15, 1))) << 16) | (int (ord (substr ($final, 16, 1))) << 8) | (int (ord (substr ($final, 17, 1)))), 4);
7417 $passwd .= domino_base64_encode ((int (ord (substr ($final, 18, 1))) << 16) | (int (ord (substr ($final, 19, 1))) << 8) | (int (ord (substr ($final, 20, 1)))), 4);
7418 $passwd .= domino_base64_encode ((int (ord (substr ($final, 21, 1))) << 16) | (int (ord (substr ($final, 22, 1))) << 8) | (int (ord (substr ($final, 23, 1)))), 4);
7419 $passwd .= domino_base64_encode ((int (ord (substr ($final, 24, 1))) << 16) | (int (ord (substr ($final, 25, 1))) << 8) | (int (ord (substr ($final, 26, 1)))), 4);
7420 $passwd .= domino_base64_encode ((int (ord (substr ($final, 27, 1))) << 16) | (int (ord (substr ($final, 28, 1))) << 8) | (int (ord (substr ($final, 29, 1)))), 4);
7421 $passwd .= domino_base64_encode ((int (ord (substr ($final, 30, 1))) << 16) | (int (ord (substr ($final, 31, 1))) << 8) | (int (ord (substr ($final, 32, 1)))), 4);
7422 $passwd .= domino_base64_encode ((int (ord (substr ($final, 33, 1))) << 16) | (int (ord (substr ($final, 34, 1))) << 8) | (int (ord (substr ($final, 35, 1)))), 4);
7424 if (defined ($char))
7426 substr ($passwd, 18, 1) = $char;
7432 sub domino_base64_encode
7437 my $itoa64 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
7441 while (($n - 1) >= 0)
7445 $ret = substr ($itoa64, $v & 0x3f, 1) . $ret;
7455 my $itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
7460 my $v = unpack "V", substr($md5, $i*4, 4);
7462 $s64 .= substr($itoa64, $v & 0x3f, 1);
7471 my ($username, $password) = @_;
7473 $username = substr ($username . " " x 8, 0, 8);
7474 $password = substr ($password . " " x 8, 0, 8);
7476 my $username_ebc = ascii2ebcdic ($username);
7477 my $password_ebc = ascii2ebcdic ($password);
7479 my @pw = split ("", $password_ebc);
7481 for (my $i = 0; $i < 8; $i++)
7483 $pw[$i] = unpack ("C", $pw[$i]);
7486 $pw[$i] = pack ("C", $pw[$i] & 0xff);
7489 my $key = join ("", @pw);
7491 my $cipher = new Crypt::DES $key;
7493 my $ciphertext = $cipher->encrypt ($username_ebc);
7495 my $ct = unpack ("H16", $ciphertext);
7502 my ($username, $password) = @_;
7504 my $userpass = pack('n*', unpack('C*', uc($username.$password)));
7505 $userpass .= pack('C', 0) while (length($userpass) % 8);
7507 my $key = pack('H*', "0123456789ABCDEF");
7508 my $iv = pack('H*', "0000000000000000");
7510 my $c = new Crypt::CBC(
7517 my $key2 = substr($c->encrypt($userpass), length($userpass)-8, 8);
7519 my $c2 = new Crypt::CBC(
7526 my $hash = substr($c2->encrypt($userpass), length($userpass)-8, 8);
7528 return uc(unpack('H*', $hash));
7533 my $word_buf = shift;
7535 my $salt_buf = shift;
7537 my $w = sprintf ("%d%s%s", 0, $word_buf, $salt_buf);
7539 my $digest = sha1 ($w);
7541 for (my $i = 1; $i < 1024; $i++)
7543 $w = $digest . sprintf ("%d%s%s", $i, $word_buf, $salt_buf);
7545 $digest = sha1 ($w);
7548 my ($A, $B, $C, $D, $E) = unpack ("N5", $digest);
7550 return sprintf ("%08x%08x%08x%08x%08x", $A, $B, $C, $D, $E);
7558 my $itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
7562 while (($n - 1) >= 0)
7566 $ret .= substr ($itoa64, $v & 0x3f, 1);
7582 my $hash = ""; # hash to be returned by this function
7584 my $final = md5 ($pass . $salt . $pass);
7586 $salt = substr ($salt, 0, 8);
7588 my $tmp = $pass . $magic . $salt;
7590 my $pass_len = length ($pass);
7594 for ($i = $pass_len; $i > 0; $i -= 16)
7603 $tmp .= substr ($final, 0, $len);
7616 $tmp .= substr ($pass, 0, 1);
7622 $final = md5 ($tmp);
7624 for ($i = 0; $i < $iter; $i++)
7656 $final = md5 ($tmp);
7660 # now format the output sting ("hash")
7664 $hash = to64 ((ord (substr ($final, 0, 1)) << 16) | (ord (substr ($final, 6, 1)) << 8) | (ord (substr ($final, 12, 1))), 4);
7665 $hash .= to64 ((ord (substr ($final, 1, 1)) << 16) | (ord (substr ($final, 7, 1)) << 8) | (ord (substr ($final, 13, 1))), 4);
7666 $hash .= to64 ((ord (substr ($final, 2, 1)) << 16) | (ord (substr ($final, 8, 1)) << 8) | (ord (substr ($final, 14, 1))), 4);
7667 $hash .= to64 ((ord (substr ($final, 3, 1)) << 16) | (ord (substr ($final, 9, 1)) << 8) | (ord (substr ($final, 15, 1))), 4);
7668 $hash .= to64 ((ord (substr ($final, 4, 1)) << 16) | (ord (substr ($final, 10, 1)) << 8) | (ord (substr ($final, 5, 1))), 4);
7669 $hash .= to64 (ord (substr ($final, 11, 1)), 2);
7671 if ($iter == 1000) # default
7673 $hash_buf = sprintf ("%s%s\$%s", $magic , $salt , $hash);
7677 $hash_buf = sprintf ("%srounds=%i\$%s\$%s", $magic, $iter, $salt , $hash);
7689 my $hash = ""; # hash to be returned by this function
7691 my $final = sha512 ($pass . $salt . $pass);
7693 $salt = substr ($salt, 0, 16);
7695 my $tmp = $pass . $salt;
7697 my $pass_len = length ($pass);
7698 my $salt_len = length ($salt);
7702 for ($i = $pass_len; $i > 0; $i -= 16)
7711 $tmp .= substr ($final, 0, $len);
7730 $final = sha512 ($tmp);
7736 for ($i = 0; $i < $pass_len; $i++)
7741 $p_bytes = sha512 ($p_bytes);
7742 $p_bytes = substr ($p_bytes, 0, $pass_len);
7746 my $final_first_byte = ord (substr ($final, 0, 1));
7750 for ($i = 0; $i < (16 + $final_first_byte); $i++)
7755 $s_bytes = sha512 ($s_bytes);
7756 $s_bytes = substr ($s_bytes, 0, $salt_len);
7758 for ($i = 0; $i < $iter; $i++)
7790 $final = sha512 ($tmp);
7794 # now format the output string ("hash")
7798 $hash .= to64 ((ord (substr ($final, 0, 1)) << 16) | (ord (substr ($final, 21, 1)) << 8) | (ord (substr ($final, 42, 1))), 4);
7799 $hash .= to64 ((ord (substr ($final, 22, 1)) << 16) | (ord (substr ($final, 43, 1)) << 8) | (ord (substr ($final, 1, 1))), 4);
7800 $hash .= to64 ((ord (substr ($final, 44, 1)) << 16) | (ord (substr ($final, 2, 1)) << 8) | (ord (substr ($final, 23, 1))), 4);
7801 $hash .= to64 ((ord (substr ($final, 3, 1)) << 16) | (ord (substr ($final, 24, 1)) << 8) | (ord (substr ($final, 45, 1))), 4);
7802 $hash .= to64 ((ord (substr ($final, 25, 1)) << 16) | (ord (substr ($final, 46, 1)) << 8) | (ord (substr ($final, 4, 1))), 4);
7803 $hash .= to64 ((ord (substr ($final, 47, 1)) << 16) | (ord (substr ($final, 5, 1)) << 8) | (ord (substr ($final, 26, 1))), 4);
7804 $hash .= to64 ((ord (substr ($final, 6, 1)) << 16) | (ord (substr ($final, 27, 1)) << 8) | (ord (substr ($final, 48, 1))), 4);
7805 $hash .= to64 ((ord (substr ($final, 28, 1)) << 16) | (ord (substr ($final, 49, 1)) << 8) | (ord (substr ($final, 7, 1))), 4);
7806 $hash .= to64 ((ord (substr ($final, 50, 1)) << 16) | (ord (substr ($final, 8, 1)) << 8) | (ord (substr ($final, 29, 1))), 4);
7807 $hash .= to64 ((ord (substr ($final, 9, 1)) << 16) | (ord (substr ($final, 30, 1)) << 8) | (ord (substr ($final, 51, 1))), 4);
7808 $hash .= to64 ((ord (substr ($final, 31, 1)) << 16) | (ord (substr ($final, 52, 1)) << 8) | (ord (substr ($final, 10, 1))), 4);
7809 $hash .= to64 ((ord (substr ($final, 53, 1)) << 16) | (ord (substr ($final, 11, 1)) << 8) | (ord (substr ($final, 32, 1))), 4);
7810 $hash .= to64 ((ord (substr ($final, 12, 1)) << 16) | (ord (substr ($final, 33, 1)) << 8) | (ord (substr ($final, 54, 1))), 4);
7811 $hash .= to64 ((ord (substr ($final, 34, 1)) << 16) | (ord (substr ($final, 55, 1)) << 8) | (ord (substr ($final, 13, 1))), 4);
7812 $hash .= to64 ((ord (substr ($final, 56, 1)) << 16) | (ord (substr ($final, 14, 1)) << 8) | (ord (substr ($final, 35, 1))), 4);
7813 $hash .= to64 ((ord (substr ($final, 15, 1)) << 16) | (ord (substr ($final, 36, 1)) << 8) | (ord (substr ($final, 57, 1))), 4);
7814 $hash .= to64 ((ord (substr ($final, 37, 1)) << 16) | (ord (substr ($final, 58, 1)) << 8) | (ord (substr ($final, 16, 1))), 4);
7815 $hash .= to64 ((ord (substr ($final, 59, 1)) << 16) | (ord (substr ($final, 17, 1)) << 8) | (ord (substr ($final, 38, 1))), 4);
7816 $hash .= to64 ((ord (substr ($final, 18, 1)) << 16) | (ord (substr ($final, 39, 1)) << 8) | (ord (substr ($final, 60, 1))), 4);
7817 $hash .= to64 ((ord (substr ($final, 40, 1)) << 16) | (ord (substr ($final, 61, 1)) << 8) | (ord (substr ($final, 19, 1))), 4);
7818 $hash .= to64 ((ord (substr ($final, 62, 1)) << 16) | (ord (substr ($final, 20, 1)) << 8) | (ord (substr ($final, 41, 1))), 4);
7819 $hash .= to64 (ord (substr ($final, 63, 1)), 2);
7823 if ($iter == 5000) # default
7825 $hash_buf = sprintf ("%s%s\$%s", $magic, $salt , $hash);
7829 $hash_buf = sprintf ("%srounds=%i\$%s\$%s", $magic, $iter, $salt , $hash);
7841 my $hash = ""; # hash to be returned by this function
7843 my $final = sha256 ($pass . $salt . $pass);
7845 $salt = substr ($salt, 0, 16);
7847 my $tmp = $pass . $salt;
7849 my $pass_len = length ($pass);
7850 my $salt_len = length ($salt);
7854 for ($i = $pass_len; $i > 0; $i -= 16)
7863 $tmp .= substr ($final, 0, $len);
7882 $final = sha256 ($tmp);
7888 for ($i = 0; $i < $pass_len; $i++)
7893 $p_bytes = sha256 ($p_bytes);
7894 $p_bytes = substr ($p_bytes, 0, $pass_len);
7898 my $final_first_byte = ord (substr ($final, 0, 1));
7902 for ($i = 0; $i < (16 + $final_first_byte); $i++)
7907 $s_bytes = sha256 ($s_bytes);
7908 $s_bytes = substr ($s_bytes, 0, $salt_len);
7910 for ($i = 0; $i < $iter; $i++)
7942 $final = sha256 ($tmp);
7946 # now format the output string ("hash")
7950 $hash .= to64 ((ord (substr ($final, 0, 1)) << 16) | (ord (substr ($final, 10, 1)) << 8) | (ord (substr ($final, 20, 1))), 4);
7951 $hash .= to64 ((ord (substr ($final, 21, 1)) << 16) | (ord (substr ($final, 1, 1)) << 8) | (ord (substr ($final, 11, 1))), 4);
7952 $hash .= to64 ((ord (substr ($final, 12, 1)) << 16) | (ord (substr ($final, 22, 1)) << 8) | (ord (substr ($final, 2, 1))), 4);
7953 $hash .= to64 ((ord (substr ($final, 3, 1)) << 16) | (ord (substr ($final, 13, 1)) << 8) | (ord (substr ($final, 23, 1))), 4);
7954 $hash .= to64 ((ord (substr ($final, 24, 1)) << 16) | (ord (substr ($final, 4, 1)) << 8) | (ord (substr ($final, 14, 1))), 4);
7955 $hash .= to64 ((ord (substr ($final, 15, 1)) << 16) | (ord (substr ($final, 25, 1)) << 8) | (ord (substr ($final, 5, 1))), 4);
7956 $hash .= to64 ((ord (substr ($final, 6, 1)) << 16) | (ord (substr ($final, 16, 1)) << 8) | (ord (substr ($final, 26, 1))), 4);
7957 $hash .= to64 ((ord (substr ($final, 27, 1)) << 16) | (ord (substr ($final, 7, 1)) << 8) | (ord (substr ($final, 17, 1))), 4);
7958 $hash .= to64 ((ord (substr ($final, 18, 1)) << 16) | (ord (substr ($final, 28, 1)) << 8) | (ord (substr ($final, 8, 1))), 4);
7959 $hash .= to64 ((ord (substr ($final, 9, 1)) << 16) | (ord (substr ($final, 19, 1)) << 8) | (ord (substr ($final, 29, 1))), 4);
7960 $hash .= to64 ((ord (substr ($final, 31, 1)) << 8) | (ord (substr ($final, 30, 1))), 3);
7964 if ($iter == 5000) # default
7966 $hash_buf = sprintf ("%s%s\$%s", $magic, $salt , $hash);
7970 $hash_buf = sprintf ("%srounds=%i\$%s\$%s", $magic, $iter, $salt , $hash);
7976 sub aix_ssha256_pbkdf2
7978 my $word_buf = shift;
7979 my $salt_buf = shift;
7980 my $iterations = shift;
7982 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256);
7984 my $pbkdf2 = Crypt::PBKDF2->new (
7986 iterations => $iterations,
7990 my $hash_buf = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
7994 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 1, 1))) << 8) | (int (ord (substr ($hash_buf, 2, 1)))), 4);
7995 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 4, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
7996 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 6, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 8, 1)))), 4);
7997 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 9, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 11, 1)))), 4);
7998 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 12, 1))) << 16) | (int (ord (substr ($hash_buf, 13, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
7999 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 15, 1))) << 16) | (int (ord (substr ($hash_buf, 16, 1))) << 8) | (int (ord (substr ($hash_buf, 17, 1)))), 4);
8000 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 18, 1))) << 16) | (int (ord (substr ($hash_buf, 19, 1))) << 8) | (int (ord (substr ($hash_buf, 20, 1)))), 4);
8001 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 21, 1))) << 16) | (int (ord (substr ($hash_buf, 22, 1))) << 8) | (int (ord (substr ($hash_buf, 23, 1)))), 4);
8002 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 24, 1))) << 16) | (int (ord (substr ($hash_buf, 25, 1))) << 8) | (int (ord (substr ($hash_buf, 26, 1)))), 4);
8003 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 27, 1))) << 16) | (int (ord (substr ($hash_buf, 28, 1))) << 8) | (int (ord (substr ($hash_buf, 29, 1)))), 4);
8004 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 30, 1))) << 16) | (int (ord (substr ($hash_buf, 31, 1))) << 8) , 3);
8009 sub aix_ssha512_pbkdf2
8011 my $word_buf = shift;
8012 my $salt_buf = shift;
8013 my $iterations = shift;
8015 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 512);
8017 my $pbkdf2 = Crypt::PBKDF2->new (
8019 iterations => $iterations,
8022 my $hash_buf = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
8026 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 1, 1))) << 8) | (int (ord (substr ($hash_buf, 2, 1)))), 4);
8027 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 4, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
8028 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 6, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 8, 1)))), 4);
8029 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 9, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 11, 1)))), 4);
8030 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 12, 1))) << 16) | (int (ord (substr ($hash_buf, 13, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
8031 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 15, 1))) << 16) | (int (ord (substr ($hash_buf, 16, 1))) << 8) | (int (ord (substr ($hash_buf, 17, 1)))), 4);
8032 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 18, 1))) << 16) | (int (ord (substr ($hash_buf, 19, 1))) << 8) | (int (ord (substr ($hash_buf, 20, 1)))), 4);
8033 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 21, 1))) << 16) | (int (ord (substr ($hash_buf, 22, 1))) << 8) | (int (ord (substr ($hash_buf, 23, 1)))), 4);
8034 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 24, 1))) << 16) | (int (ord (substr ($hash_buf, 25, 1))) << 8) | (int (ord (substr ($hash_buf, 26, 1)))), 4);
8035 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 27, 1))) << 16) | (int (ord (substr ($hash_buf, 28, 1))) << 8) | (int (ord (substr ($hash_buf, 29, 1)))), 4);
8036 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 30, 1))) << 16) | (int (ord (substr ($hash_buf, 31, 1))) << 8) | (int (ord (substr ($hash_buf, 32, 1)))), 4);
8037 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 33, 1))) << 16) | (int (ord (substr ($hash_buf, 34, 1))) << 8) | (int (ord (substr ($hash_buf, 35, 1)))), 4);
8038 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 36, 1))) << 16) | (int (ord (substr ($hash_buf, 37, 1))) << 8) | (int (ord (substr ($hash_buf, 38, 1)))), 4);
8039 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 39, 1))) << 16) | (int (ord (substr ($hash_buf, 40, 1))) << 8) | (int (ord (substr ($hash_buf, 41, 1)))), 4);
8040 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 42, 1))) << 16) | (int (ord (substr ($hash_buf, 43, 1))) << 8) | (int (ord (substr ($hash_buf, 44, 1)))), 4);
8041 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 45, 1))) << 16) | (int (ord (substr ($hash_buf, 46, 1))) << 8) | (int (ord (substr ($hash_buf, 47, 1)))), 4);
8042 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 48, 1))) << 16) | (int (ord (substr ($hash_buf, 49, 1))) << 8) | (int (ord (substr ($hash_buf, 50, 1)))), 4);
8043 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 51, 1))) << 16) | (int (ord (substr ($hash_buf, 52, 1))) << 8) | (int (ord (substr ($hash_buf, 53, 1)))), 4);
8044 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 54, 1))) << 16) | (int (ord (substr ($hash_buf, 55, 1))) << 8) | (int (ord (substr ($hash_buf, 56, 1)))), 4);
8045 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 57, 1))) << 16) | (int (ord (substr ($hash_buf, 58, 1))) << 8) | (int (ord (substr ($hash_buf, 59, 1)))), 4);
8046 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 60, 1))) << 16) | (int (ord (substr ($hash_buf, 61, 1))) << 8) | (int (ord (substr ($hash_buf, 62, 1)))), 4);
8047 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 63, 1))) << 16) , 2);
8052 sub aix_ssha1_pbkdf2
8054 my $word_buf = shift;
8055 my $salt_buf = shift;
8056 my $iterations = shift;
8058 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1');
8060 my $pbkdf2 = Crypt::PBKDF2->new (
8062 iterations => $iterations,
8065 my $hash_buf = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
8069 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 1, 1))) << 8) | (int (ord (substr ($hash_buf, 2, 1)))), 4);
8070 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 4, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
8071 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 6, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 8, 1)))), 4);
8072 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 9, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 11, 1)))), 4);
8073 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 12, 1))) << 16) | (int (ord (substr ($hash_buf, 13, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
8074 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 15, 1))) << 16) | (int (ord (substr ($hash_buf, 16, 1))) << 8) | (int (ord (substr ($hash_buf, 17, 1)))), 4);
8075 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 18, 1))) << 16) | (int (ord (substr ($hash_buf, 19, 1))) << 8) , 3);
8084 my @data = split "", $data_s;
8087 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8088 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8089 "\x3f\x40\x41\x50\x43\x44\x45\x4b\x47\x48\x4d\x4e\x54\x51\x53\x46" .
8090 "\x35\x36\x37\x38\x39\x3a\x3b\x3c\x3d\x3e\x56\x55\x5c\x49\x5d\x4a" .
8091 "\x42\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" .
8092 "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x58\x5b\x59\xff\x52" .
8093 "\x4c\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" .
8094 "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x57\x5e\x5a\x4f\xff" .
8095 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8096 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8097 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8098 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8099 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8100 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8101 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8102 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff";
8104 my @transTable = unpack ("C256", $transTable_s);
8108 for (my $i = 0; $i < scalar @data; $i++)
8110 $out[$i] = $transTable[int (ord ($data[$i]))];
8113 return pack ("C*", @out);
8118 my $digest_s = shift;
8123 my @w = unpack "C*", $w_s;
8124 my @s = unpack "C*", $s_s;
8127 "\x14\x77\xf3\xd4\xbb\x71\x23\xd0\x03\xff\x47\x93\x55\xaa\x66\x91" .
8128 "\xf2\x88\x6b\x99\xbf\xcb\x32\x1a\x19\xd9\xa7\x82\x22\x49\xa2\x51" .
8129 "\xe2\xb7\x33\x71\x8b\x9f\x5d\x01\x44\x70\xae\x11\xef\x28\xf0\x0d";
8131 my @bcodeTable = unpack ("C48", $bcodeTable_s);
8133 my @abcd = unpack ("C16", $digest_s);
8135 my $sum20 = ($abcd[0] & 3)
8145 for (my $i2 = 0; $i2 < $sum20; $i2++)
8150 for (my $i1 = 0, my $i2 = 0, my $i3 = 0; $i2 < $sum20; $i2++, $i2++)
8152 if ($i1 < length $w_s)
8154 if ($abcd[15 - $i1] & 1)
8156 $out[$i2] = $bcodeTable[48 - 1 - $i1];
8161 $out[$i2] = $w[$i1];
8167 if ($i3 < length $s_s)
8169 $out[$i2] = $s[$i3];
8175 $out[$i2] = $bcodeTable[$i2 - $i1 - $i3];
8178 return substr (pack ("C*", @out), 0, $sum20);
8183 my @key_56 = split (//, shift);
8189 $key .= chr(((ord($key_56[0]) << 7) | (ord($key_56[1]) >> 1)) & 255);
8190 $key .= chr(((ord($key_56[1]) << 6) | (ord($key_56[2]) >> 2)) & 255);
8191 $key .= chr(((ord($key_56[2]) << 5) | (ord($key_56[3]) >> 3)) & 255);
8192 $key .= chr(((ord($key_56[3]) << 4) | (ord($key_56[4]) >> 4)) & 255);
8193 $key .= chr(((ord($key_56[4]) << 3) | (ord($key_56[5]) >> 5)) & 255);
8194 $key .= chr(((ord($key_56[5]) << 2) | (ord($key_56[6]) >> 6)) & 255);
8195 $key .= chr(( ord($key_56[6]) << 1) & 255);
8206 for (my $i = 0; $i < $len; $i++)
8208 my $c = get_random_chr (0, 255);
8213 return join ("", @arr);
8216 sub get_random_netntlmv1_salt
8218 my $len_user = shift;
8219 my $len_domain = shift;
8225 for (my $i = 0; $i < $len_user; $i++)
8227 $type = get_random_num (1, 3);
8231 $char = get_random_chr (0x30, 0x39);
8235 $char = get_random_chr (0x41, 0x5A);
8239 $char = get_random_chr (0x61, 0x7A);
8247 for (my $i = 0; $i < $len_domain; $i++)
8249 $type = get_random_num (1, 3);
8253 $char = get_random_chr (0x30, 0x39);
8257 $char = get_random_chr (0x41, 0x5A);
8261 $char = get_random_chr (0x61, 0x7A);
8267 my $c_challenge = randbytes (8);
8268 my $s_challenge = randbytes (8);
8270 my $salt_buf = $user . "::" . $domain . ":" . unpack ("H*", $c_challenge) . unpack ("H*", $s_challenge);
8275 sub get_random_netntlmv2_salt
8277 my $len_user = shift;
8278 my $len_domain = shift;
8284 if ($len_user + $len_domain > 27)
8286 if ($len_user > $len_domain)
8288 $len_user = 27 - $len_domain;
8292 $len_domain = 27 - $len_user;
8296 for (my $i = 0; $i < $len_user; $i++)
8298 $type = get_random_num (1, 3);
8302 $char = get_random_chr (0x30, 0x39);
8306 $char = get_random_chr (0x41, 0x5A);
8310 $char = get_random_chr (0x61, 0x7A);
8318 for (my $i = 0; $i < $len_domain; $i++)
8320 $type = get_random_num (1, 3);
8324 $char = get_random_chr (0x30, 0x39);
8328 $char = get_random_chr (0x41, 0x5A);
8332 $char = get_random_chr (0x61, 0x7A);
8338 my $c_challenge = randbytes (8);
8339 my $s_challenge = randbytes (8);
8341 my $temp = "\x01\x01" .
8346 randbytes (20 * rand () + 1) .
8349 my $salt_buf = $user . "::" . $domain . ":" . unpack ("H*", $s_challenge) . unpack ("H*", $temp);
8354 sub get_random_ike_salt
8358 for (my $i = 0; $i < 40; $i++)
8360 $nr_buf .= get_random_chr (0, 0xff);
8365 for (my $i = 0; $i < 440; $i++)
8367 $msg_buf .= get_random_chr (0, 0xff);
8370 my $nr_buf_hex = unpack ("H*", $nr_buf);
8371 my $msg_buf_hex = unpack ("H*", $msg_buf);
8373 my $salt_buf = sprintf ("%s:%s:%s:%s:%s:%s:%s:%s", substr ($msg_buf_hex, 0, 256), substr ($msg_buf_hex, 256, 256), substr ($msg_buf_hex, 512, 16), substr ($msg_buf_hex, 528, 16), substr ($msg_buf_hex, 544, 320), substr ($msg_buf_hex, 864, 16), substr ($nr_buf_hex, 0, 40), substr ($nr_buf_hex, 40, 40));
8378 sub get_random_agilekeychain_salt
8382 for (my $i = 0; $i < 8; $i++)
8384 $salt_buf .= get_random_chr (0x0, 0xff);
8389 for (my $i = 0; $i < 16; $i++)
8391 $iv .= get_random_chr (0x0, 0xff);
8394 my $prefix = "\x00" x 1008;
8396 my $ret = unpack ("H*", $salt_buf . $prefix . $iv);
8401 sub get_random_cloudkeychain_salt
8405 for (my $i = 0; $i < 16; $i++)
8407 $salt_buf .= get_random_chr (0x0, 0xff);
8410 for (my $i = 0; $i < 304; $i++)
8412 $salt_buf .= get_random_chr (0x0, 0xff);
8415 my $ret = unpack ("H*", $salt_buf);
8420 sub get_random_kerberos5_salt
8422 my $custom_salt = shift;
8424 my $clear_data = randbytes (14) .
8425 strftime ("%Y%m%d%H%M%S", localtime) .
8429 my $realm = "realm";
8432 my $salt_buf = $user . "\$" . $realm . "\$" . $salt . "\$" . unpack ("H*", $custom_salt) . "\$" . unpack ("H*", $clear_data) . "\$";
8437 sub get_random_kerberos5_tgs_salt
8439 my $nonce = randbytes (8);
8442 my $realm = "realm";
8443 my $spn = "test/spn";
8445 my $salt_buf = $user . "\$" . $realm . "\$" . $spn . "\$" . unpack ("H*",$nonce);
8450 sub get_random_axcrypt_salt
8452 my $mysalt = randbytes (16);
8454 $mysalt = unpack ("H*", $mysalt);
8456 my $iteration = get_random_num (6, 100000);
8458 my $salt_buf = $iteration . '*' . $mysalt;
8463 sub get_random_keepass_salt
8465 my $version = 1;# get_random_num (1, 3);
8471 my $final_random_seed;
8475 $algorithm = 1;#get_random_num (0, 2);
8477 $iteration = get_random_num (50000, 100000);
8479 $final_random_seed = randbytes (16);
8480 $final_random_seed = unpack ("H*", $final_random_seed);
8482 elsif ($version == 2)
8486 $iteration = get_random_num (6000, 100000);
8488 $final_random_seed = randbytes (32);
8489 $final_random_seed = unpack ("H*", $final_random_seed);
8492 my $transf_random_seed = randbytes (32);
8493 $transf_random_seed = unpack ("H*", $transf_random_seed);
8495 my $enc_iv = randbytes (16);
8496 $enc_iv = unpack ("H*", $enc_iv);
8498 my $contents_hash = randbytes (32);
8499 $contents_hash = unpack ("H*", $contents_hash);
8501 my $inline_flag = 1;
8503 my $contents_len = get_random_num (128, 500);
8505 my $contents = randbytes ($contents_len);
8507 $contents_len += 16 - $contents_len % 16;
8509 $contents = unpack ("H*", $contents);
8515 $salt_buf = $version . '*' .
8518 $final_random_seed . '*' .
8519 $transf_random_seed . '*' .
8521 $contents_hash . '*' .
8522 $inline_flag . '*' .
8523 $contents_len . '*' .
8526 elsif ($version == 2)
8528 $contents = randbytes (32);
8529 $contents = unpack ("H*", $contents);
8531 $salt_buf = $version . '*' .
8534 $final_random_seed . '*' .
8535 $transf_random_seed . '*' .
8537 $contents_hash . '*' .
8544 sub get_random_md5chap_salt
8546 my $salt_buf = shift;
8548 my $salt = unpack ("H*", $salt_buf);
8552 $salt .= unpack ("H*", randbytes (1));
8557 sub get_random_dnssec_salt
8563 for (my $i = 0; $i < 8; $i++)
8565 $salt_buf .= get_random_chr (0x61, 0x7a);
8568 $salt_buf .= ".net";
8572 for (my $i = 0; $i < 8; $i++)
8574 $salt_buf .= get_random_chr (0x30, 0x39);
8587 my $byte_off = int ($bit / 8);
8588 my $bit_off = int ($bit % 8);
8590 my $char = substr ($digest, $byte_off, 1);
8591 my $num = ord ($char);
8593 return (($num & (1 << $bit_off)) ? 1 : 0);
8602 my $constant_phrase =
8603 "To be, or not to be,--that is the question:--\n" .
8604 "Whether 'tis nobler in the mind to suffer\n" .
8605 "The slings and arrows of outrageous fortune\n" .
8606 "Or to take arms against a sea of troubles,\n" .
8607 "And by opposing end them?--To die,--to sleep,--\n" .
8608 "No more; and by a sleep to say we end\n" .
8609 "The heartache, and the thousand natural shocks\n" .
8610 "That flesh is heir to,--'tis a consummation\n" .
8611 "Devoutly to be wish'd. To die,--to sleep;--\n" .
8612 "To sleep! perchance to dream:--ay, there's the rub;\n" .
8613 "For in that sleep of death what dreams may come,\n" .
8614 "When we have shuffled off this mortal coil,\n" .
8615 "Must give us pause: there's the respect\n" .
8616 "That makes calamity of so long life;\n" .
8617 "For who would bear the whips and scorns of time,\n" .
8618 "The oppressor's wrong, the proud man's contumely,\n" .
8619 "The pangs of despis'd love, the law's delay,\n" .
8620 "The insolence of office, and the spurns\n" .
8621 "That patient merit of the unworthy takes,\n" .
8622 "When he himself might his quietus make\n" .
8623 "With a bare bodkin? who would these fardels bear,\n" .
8624 "To grunt and sweat under a weary life,\n" .
8625 "But that the dread of something after death,--\n" .
8626 "The undiscover'd country, from whose bourn\n" .
8627 "No traveller returns,--puzzles the will,\n" .
8628 "And makes us rather bear those ills we have\n" .
8629 "Than fly to others that we know not of?\n" .
8630 "Thus conscience does make cowards of us all;\n" .
8631 "And thus the native hue of resolution\n" .
8632 "Is sicklied o'er with the pale cast of thought;\n" .
8633 "And enterprises of great pith and moment,\n" .
8634 "With this regard, their currents turn awry,\n" .
8635 "And lose the name of action.--Soft you now!\n" .
8636 "The fair Ophelia!--Nymph, in thy orisons\n" .
8637 "Be all my sins remember'd.\n\x00";
8639 my $constant_len = length ($constant_phrase);
8641 my $hash_buf = md5 ($pw . $salt);
8647 for (my $round = 0; $round < $iter; $round++)
8649 my $shift_a = md5bit ($hash_buf, $round + 0);
8650 my $shift_b = md5bit ($hash_buf, $round + 64);
8655 for (my $k = 0; $k < 16; $k++)
8657 my $s7shift = ord (substr ($hash_buf, $k, 1)) % 8;
8659 my $l = ($k + 3) % 16;
8661 my $num = ord (substr ($hash_buf, $l, 1));
8663 $shift_4[$k] = $num % 5;
8665 $shift_7[$k] = ($num >> $s7shift) & 1;
8670 for (my $k = 0; $k < 16; $k++)
8672 $indirect_4[$k] = (ord (substr ($hash_buf, $k, 1)) >> $shift_4[$k]) & 0xf;
8677 for (my $k = 0; $k < 16; $k++)
8679 $indirect_7[$k] = (ord (substr ($hash_buf, $indirect_4[$k], 1)) >> $shift_7[$k]) & 0x7f;
8685 for (my $k = 0; $k < 8; $k++)
8687 $indirect_a |= md5bit ($hash_buf, $indirect_7[$k + 0]) << $k;
8689 $indirect_b |= md5bit ($hash_buf, $indirect_7[$k + 8]) << $k;
8692 $indirect_a = ($indirect_a >> $shift_a) & 0x7f;
8693 $indirect_b = ($indirect_b >> $shift_b) & 0x7f;
8695 my $bit_a = md5bit ($hash_buf, $indirect_a);
8696 my $bit_b = md5bit ($hash_buf, $indirect_b);
8706 if ($bit_a ^ $bit_b)
8708 substr ($W, 16, 48) = substr ($constant_phrase, 0, 48);
8712 $to_hash .= substr ($W, 0, 64);
8716 for ($constant_off = 48; $constant_off < $constant_len - 64; $constant_off += 64)
8718 substr ($W, 0, 64) = substr ($constant_phrase, $constant_off, 64);
8722 $to_hash .= substr ($W, 0, 64);
8725 $pos = $constant_len - $constant_off;
8729 substr ($W, 0, $pos) = substr ($constant_phrase, $constant_off, $pos);
8744 my $round_div = int ($tmp / 10);
8745 my $round_mod = int ($tmp % 10);
8749 $a_buf[int ($a_len / 4)] = (($round_mod + 0x30) | ($a_buf[int ($a_len / 4)] << 8));
8759 for ($g = 0; $g < $a_len; $g++)
8761 my $remainder = $a_buf[$g];
8767 while ($remainder > 0)
8769 $sub = $remainder >> (8 * $factor);
8771 if ($started != 1 || $sub > 0)
8775 $tmp_str = chr ($sub) . $tmp_str;
8777 $remainder -= ($sub << (8 * $factor));
8785 substr ($W, $pos, $a_len) = $tmp_str;
8791 $to_hash .= substr ($W, 0, $pos);
8793 $to_hash = substr ($to_hash, 0, $total);
8795 $hash_buf = md5 ($to_hash);
8800 $passwd .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 6, 1))) << 8) | (int (ord (substr ($hash_buf, 12, 1)))), 4);
8801 $passwd .= to64 ((int (ord (substr ($hash_buf, 1, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 13, 1)))), 4);
8802 $passwd .= to64 ((int (ord (substr ($hash_buf, 2, 1))) << 16) | (int (ord (substr ($hash_buf, 8, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
8803 $passwd .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 9, 1))) << 8) | (int (ord (substr ($hash_buf, 15, 1)))), 4);
8804 $passwd .= to64 ((int (ord (substr ($hash_buf, 4, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
8805 $passwd .= to64 ((int (ord (substr ($hash_buf, 11, 1)))), 2);
8812 die ("usage: $0 single|passthrough| [mode] [len]\n" .
8814 " $0 verify [mode] [hashfile] [cracks] [outfile]\n");
8819 my $block_ref = shift;
8823 my $value = 16 - $offset;
8825 for (my $i = $offset; $i < 16; $i++)
8827 push @{$block_ref}, $value;
8837 for (my $i = 0; $i < 18; $i++)
8839 for (my $j = 0; $j < 48; $j++)
8841 $p = ($p + 48 - $j) & 0xff;
8843 my $c = $lotus_magic_table[$p];
8845 $p = $in_ref->[$j] ^ $c;
8852 sub lotus_transform_password
8855 my $out_ref = shift;
8857 my $t = $out_ref->[15];
8859 for (my $i = 0; $i < 16; $i++)
8861 $t ^= $in_ref->[$i];
8863 my $c = $lotus_magic_table[$t];
8865 $out_ref->[$i] ^= $c;
8867 $t = $out_ref->[$i];
8871 sub mdtransform_norecalc
8873 my $state_ref = shift;
8874 my $block_ref = shift;
8878 push (@x, @{$state_ref});
8879 push (@x, @{$block_ref});
8881 for (my $i = 0; $i < 16; $i++)
8883 push (@x, $x[0 + $i] ^ $x[16 + $i]);
8888 for (my $i = 0; $i < 16; $i++)
8890 $state_ref->[$i] = $x[$i];
8896 my $state_ref = shift;
8897 my $checksum_ref = shift;
8898 my $block_ref = shift;
8900 mdtransform_norecalc ($state_ref, $block_ref);
8902 lotus_transform_password ($block_ref, $checksum_ref);
8907 my $saved_key_ref = shift;
8911 @{$saved_key_ref} = splice (@{$saved_key_ref}, 0, $size);
8913 my @state = (0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
8919 for ($curpos = 0; $curpos + 16 < $size; $curpos += 16)
8921 my $curpos16 = $curpos + 16;
8923 my @block = splice (@{$saved_key_ref}, 0, 16);
8925 mdtransform (\@state, \@checksum, \@block);
8928 my $left = $size - $curpos;
8930 my @block = splice (@{$saved_key_ref}, 0, 16);
8932 pad16 (\@block, $left);
8934 mdtransform (\@state, \@checksum, \@block);
8936 mdtransform_norecalc (\@state, \@checksum);
8941 sub pdf_compute_encryption_key
8943 my $word_buf = shift;
8944 my $padding = shift;
8959 $data .= substr ($padding, 0, 32 - length $word_buf);
8961 $data .= pack ("H*", $o);
8963 $data .= pack ("I", $P);
8965 $data .= pack ("H*", $id);
8971 $data .= pack ("I", -1);
8975 my $res = md5 ($data);
8979 for (my $i = 0; $i < 50; $i++)
8988 sub gen_random_wpa_eapol
8997 my $version = 1; # 802.1X-2001
8999 $ret .= pack ("C*", $version);
9001 my $type = 3; # means that this EAPOL frame is used to transfer key information
9003 $ret .= pack ("C*", $type);
9005 my $length; # length of remaining data
9016 $ret .= pack ("n*", $length);
9018 my $descriptor_type;
9022 $descriptor_type = 254; # EAPOL WPA key
9026 $descriptor_type = 1; # EAPOL RSN key
9029 $ret .= pack ("C*", $descriptor_type);
9031 # key_info is a bit vector:
9032 # generated from these 13 bits: encrypted key data, request, error, secure, key mic, key ack, install, key index (2), key type, key descriptor (3)
9036 $key_info |= 1 << 8; # set key MIC
9037 $key_info |= 1 << 3; # set if it is a pairwise key
9041 $key_info |= 1 << 0; # RC4 Cipher, HMAC-MD5 MIC
9045 $key_info |= 1 << 1; # AES Cipher, HMAC-SHA1 MIC
9048 $ret .= pack ("n*", $key_info);
9061 $ret .= pack ("n*", $key_length);
9063 my $replay_counter = 1;
9065 $ret .= pack ("Q>*", $replay_counter);
9069 my $key_iv = "\x00" x 16;
9073 my $key_rsc = "\x00" x 8;
9077 my $key_id = "\x00" x 8;
9081 my $key_mic = "\x00" x 16;
9089 $key_data_len = 24; # length of the key_data (== WPA info)
9093 $key_data_len = 22; # length of the key_data (== RSN info)
9096 $ret .= pack ("n*", $key_data_len);
9106 my $vendor_specific_data = "";
9108 my $tag_number = 221; # means it is a vendor specific tag
9110 $vendor_specific_data .= pack ("C*", $tag_number);
9112 my $tag_len = 22; # length of the remaining "tag data"
9114 $vendor_specific_data .= pack ("C*", $tag_len);
9116 my $vendor_specific_oui = pack ("H*", "0050f2"); # microsoft
9118 $vendor_specific_data .= $vendor_specific_oui;
9120 my $vendor_specific_oui_type = 1; # WPA Information Element
9122 $vendor_specific_data .= pack ("C*", $vendor_specific_oui_type);
9124 my $vendor_specific_wpa_version = 1;
9126 $vendor_specific_data .= pack ("v*", $vendor_specific_wpa_version);
9130 my $vendor_specific_multicast_oui = pack ("H*", "0050f2");
9132 $vendor_specific_data .= $vendor_specific_multicast_oui;
9134 my $vendor_specific_multicast_type = 2; # TKIP
9136 $vendor_specific_data .= pack ("C*", $vendor_specific_multicast_type);
9140 my $vendor_specific_unicast_count = 1;
9142 $vendor_specific_data .= pack ("v*", $vendor_specific_unicast_count);
9144 my $vendor_specific_unicast_oui = pack ("H*", "0050f2");
9146 $vendor_specific_data .= $vendor_specific_multicast_oui;
9148 my $vendor_specific_unicast_type = 2; # TKIP
9150 $vendor_specific_data .= pack ("C*", $vendor_specific_unicast_type);
9152 # Auth Key Management (AKM)
9154 my $auth_key_management_count = 1;
9156 $vendor_specific_data .= pack ("v*", $auth_key_management_count);
9158 my $auth_key_management_oui = pack ("H*", "0050f2");
9160 $vendor_specific_data .= $auth_key_management_oui;
9162 my $auth_key_management_type = 2; # Pre-Shared Key (PSK)
9164 $vendor_specific_data .= pack ("C*", $auth_key_management_type);
9166 $wpa_info = $vendor_specific_data;
9168 $key_data = $wpa_info;
9176 my $tag_number = 48; # RSN info
9178 $rsn_info .= pack ("C*", $tag_number);
9180 my $tag_len = 20; # length of the remaining "tag_data"
9182 $rsn_info .= pack ("C*", $tag_len);
9184 my $rsn_version = 1;
9186 $rsn_info .= pack ("v*", $rsn_version);
9188 # group cipher suite
9190 my $group_cipher_suite_oui = pack ("H*", "000fac"); # Ieee8021
9192 $rsn_info .= $group_cipher_suite_oui;
9194 my $group_cipher_suite_type = 4; # AES (CCM)
9196 $rsn_info .= pack ("C*", $group_cipher_suite_type);
9198 # pairwise cipher suite
9200 my $pairwise_cipher_suite_count = 1;
9202 $rsn_info .= pack ("v*", $pairwise_cipher_suite_count);
9204 my $pairwise_cipher_suite_oui = pack ("H*", "000fac"); # Ieee8021
9206 $rsn_info .= $pairwise_cipher_suite_oui;
9208 my $pairwise_cipher_suite_type = 4; # AES (CCM)
9210 $rsn_info .= pack ("C*", $pairwise_cipher_suite_type);
9212 # Auth Key Management (AKM)
9214 my $auth_key_management_count = 1;
9216 $rsn_info .= pack ("v*", $auth_key_management_count);
9218 my $auth_key_management_oui = pack ("H*", "000fac"); # Ieee8021
9220 $rsn_info .= $auth_key_management_oui;
9222 my $auth_key_management_type = 2; # Pre-Shared Key (PSK)
9224 $rsn_info .= pack ("C*", $auth_key_management_type);
9228 # bit vector of these 9 bits: peerkey enabled, management frame protection (MFP) capable, MFP required,
9229 # RSN GTKSA Capabilities (2), RSN PTKSA Capabilities (2), no pairwise Capabilities, Pre-Auth Capabilities
9231 my $rsn_capabilities = pack ("H*", "0000");
9233 $rsn_info .= $rsn_capabilities;
9235 $key_data = $rsn_info;
9251 my $data = "Pairwise key expansion";
9256 # Min(AA, SPA) || Max(AA, SPA)
9259 # compare if greater: Min()/Max() on the MACs (6 bytes)
9261 if (memcmp ($stmac, $bssid, 6) < 0)
9273 # Min(ANonce,SNonce) || Max(ANonce,SNonce)
9276 # compare if greater: Min()/Max() on the nonces (32 bytes)
9278 if (memcmp ($snonce, $anonce, 32) < 0)
9291 my $prf_buf = hmac ($data, $pmk, \&sha1);
9293 $prf_buf = substr ($prf_buf, 0, 16);
9304 my $len_str1 = length ($str1);
9305 my $len_str2 = length ($str2);
9307 if (($len > $len_str1) || ($len > $len_str2))
9309 print "ERROR: memcmp () lengths wrong";
9314 for (my $i = 0; $i < $len; $i++)
9316 my $c_1 = ord (substr ($str1, $i, 1));
9317 my $c_2 = ord (substr ($str2, $i, 1));
9319 return -1 if ($c_1 < $c_2);
9320 return 1 if ($c_1 > $c_2);