4 ## Author......: Jens Steube <jens.steube@gmail.com>
10 use Digest
::MD4 qw
(md4 md4_hex
);
11 use Digest
::MD5 qw
(md5 md5_hex
);
12 use Digest
::SHA qw
(sha1 sha256 sha384 sha512 sha1_hex sha256_hex sha384_hex sha512_hex
);
13 use Digest
::HMAC qw
(hmac hmac_hex
);
14 use Digest
::Keccak qw
(keccak_256_hex
);
15 use Crypt
::MySQL qw
(password41
);
16 use Digest
::GOST qw
(gost gost_hex
);
17 use Digest
::HMAC_MD5 qw
(hmac_md5
);
18 use Digest
::CRC qw
(crc32
);
21 use Crypt
::ECB qw
(encrypt PADDING_AUTO PADDING_NONE
);
23 use Crypt
::Eksblowfish
::Bcrypt qw
(bcrypt en_base64
);
24 use Crypt
::Digest
::RIPEMD160 qw
(ripemd160_hex
);
25 use Crypt
::Digest
::Whirlpool qw
(whirlpool_hex
);
27 use Crypt
::ScryptKDF qw
(scrypt_hash scrypt_b64
);
30 use Crypt
::UnixCrypt_XS qw
(crypt_rounds fold_password base64_to_int24 block_to_base64 int24_to_base64
);
32 use Authen
::Passphrase
::NTHash
;
33 use Authen
::Passphrase
::MySQL323
;
34 use Authen
::Passphrase
::PHPass
;
35 use Authen
::Passphrase
::LANManager
;
37 use POSIX qw
(strftime
);
39 use Net
::DNS
::RR
::NSEC3
;
40 use Convert
::EBCDIC qw
(ascii2ebcdic
);
41 use Digest
::SipHash qw
/siphash/;
43 my $hashcat = "./oclHashcat";
47 my @modes = (0, 10, 11, 12, 20, 21, 22, 23, 30, 40, 50, 60, 100, 101, 110, 111, 112, 120, 121, 122, 130, 131, 132, 140, 141, 150, 160, 190, 200, 300, 400, 500, 900, 1000, 1100, 1400, 1410, 1420, 1430, 1440, 1441, 1450, 1460, 1500, 1600, 1700, 1710, 1711, 1720, 1730, 1740, 1722, 1731, 1750, 1760, 1800, 2100, 2400, 2410, 2500, 2600, 2611, 2612, 2711, 2811, 3000, 3100, 3200, 3710, 3711, 3300, 3500, 3610, 3720, 3800, 3910, 4010, 4110, 4210, 4300, 4400, 4500, 4600, 4700, 4800, 4900, 5000, 5100, 5300, 5400, 5500, 5600, 5700, 5800, 6000, 6100, 6300, 6400, 6500, 6600, 6700, 6800, 6900, 7100, 7200, 7300, 7400, 7500, 7600, 7700, 7800, 7900, 8000, 8100, 8200, 8300, 8400, 8500, 8600, 8700, 8900, 9100, 9200, 9300, 9400, 9500, 9600, 9700, 9800, 9900, 10000, 10100, 10200, 10300, 10400, 10500, 10600, 10700, 10800, 10900, 11000, 11100, 11200, 11300, 11400, 11500, 11600, 11900, 12000, 12100, 12200, 12300, 12400, 12600, 12700, 12800, 12900, 13000, 13100, 13200);
49 my %is_unicode = map { $_ => 1 } qw(30 40 130 131 132 140 141 1000 1100 1430 1440 1441 1730 1740 1731 5500 5600 8000 9400 9500 9600 9700 9800);
50 my %less_fifteen = map { $_ => 1 } qw(500 1600 1800 2400 2410 3200 6300 7400 10500 10700);
51 my %allow_long_salt = map { $_ => 1 } qw(2500 5500 5600 7100 7200 7300 9400 9500 9600 9700 9800 10400 10500 10600 10700 1100 11000 11200 11300 11400 11600 12600);
53 my @lotus_magic_table =
55 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a,
56 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0,
57 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b,
58 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a,
59 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda,
60 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36,
61 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8,
62 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c,
63 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17,
64 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60,
65 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72,
66 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa,
67 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd,
68 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e,
69 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b,
70 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf,
71 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77,
72 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6,
73 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3,
74 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3,
75 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e,
76 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c,
77 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d,
78 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2,
79 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46,
80 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5,
81 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97,
82 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5,
83 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef,
84 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f,
85 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf,
86 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab
91 0x28, 0xbf, 0x4e, 0x5e, 0x4e, 0x75, 0x8a, 0x41,
92 0x64, 0x00, 0x4e, 0x56, 0xff, 0xfa, 0x01, 0x08,
93 0x2e, 0x2e, 0x00, 0xb6, 0xd0, 0x68, 0x3e, 0x80,
94 0x2f, 0x0c, 0xa9, 0xfe, 0x64, 0x53, 0x69, 0x7a
97 my $CISCO_BASE64_MAPPING = {'A', '.', 'B', '/', 'C', '0', 'D', '1', 'E', '2', 'F', '3', 'G', '4', 'H', '5', 'I', '6', 'J', '7', 'K', '8', 'L', '9', 'M', 'A', 'N', 'B', 'O', 'C', 'P', 'D', 'Q', 'E', 'R', 'F', 'S', 'G', 'T', 'H', 'U', 'I', 'V', 'J', 'W', 'K', 'X', 'L', 'Y', 'M', 'Z', 'N', 'a', 'O', 'b', 'P', 'c', 'Q', 'd', 'R', 'e', 'S', 'f', 'T', 'g', 'U', 'h', 'V', 'i', 'W', 'j', 'X', 'k', 'Y', 'l', 'Z', 'm', 'a', 'n', 'b', 'o', 'c', 'p', 'd', 'q', 'e', 'r', 'f', 's', 'g', 't', 'h', 'u', 'i', 'v', 'j', 'w', 'k', 'x', 'l', 'y', 'm', 'z', 'n', '0', 'o', '1', 'p', '2', 'q', '3', 'r', '4', 's', '5', 't', '6', 'u', '7', 'v', '8', 'w', '9', 'x', '+', 'y', '/', 'z'};
110 if ($type ne "verify")
112 if (scalar @ARGV > 1)
117 elsif (scalar @ARGV == 1)
127 if ($type eq "single")
131 elsif ($type eq "passthrough")
142 if (scalar @ARGV != 4)
147 my $mode = shift @ARGV;
148 my $hash_file = shift @ARGV;
149 my $in_file = shift @ARGV;
150 my $out_file = shift @ARGV;
154 open (IN
, "<", $hash_file) or die ("$hash_file: $!\n");
156 # clever ? the resulting database could be huge
157 # but we need some way to map lines in hashfile w/ cracks
158 # maybe rli2 way would be more clever (needs sorted input)
160 while (my $line = <IN
>)
162 $line =~ s/[\n\r]*$//;
164 $db->{$line} = undef;
169 verify
($mode, $db, $in_file, $out_file);
177 my $out_file = shift;
196 open (IN
, "<", $in_file) or die ("$in_file: $!\n");
197 open (OUT
, ">", $out_file) or die ("$out_file: $!\n");
201 my $base64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
202 my $itoa64_1 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
203 my $itoa64_2 = "./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
205 while (my $line = <IN
>)
212 # remember always do "exists ($db->{$hash_in})" checks as soon as possible and don't forget it
215 if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 190 || $mode == 200 || $mode == 300 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3000 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 5700 || $mode == 6000 || $mode == 6100 || $mode == 6900 || $mode == 8600 || $mode == 9900 || $mode == 10800 || $mode == 11500)
217 my $index = index ($line, ":");
221 $hash_in = substr ($line, 0, $index);
223 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
225 $word = substr ($line, $index + 1);
228 elsif ($mode == 10 || $mode == 11 || $mode == 12 || $mode == 20 || $mode == 21 || $mode == 22 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 112 || $mode == 120 || $mode == 121 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1100 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 2410 || $mode == 2611 || $mode == 2711 || $mode == 2811 || $mode == 3100 || $mode == 3610 || $mode == 3710 || $mode == 3720 || $mode == 3800 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 4900 || $mode == 5800 || $mode == 7600 || $mode == 8400 || $mode == 11000 || $mode == 12600)
231 my $index1 = index ($line, ":");
235 $hash_in = substr ($line, 0, $index1);
237 # identify lenghts of both salt and plain
239 my $salt_plain = substr ($line, $index1 + 1);
241 my $num_cols = () = $salt_plain =~ /:/g;
250 foreach (my $i = 0; $i < $num_cols; $i++)
252 $index2 = index ($salt_plain, ":", $start);
256 $start = $index2 + 1;
258 $salt = substr ($salt_plain, 0, $index2);
259 $word = substr ($salt_plain, $index2 + 1);
261 # can't be true w/ wrong $hash:$salt, otherwise the
262 # algo must have many collisions
264 if (exists ($db->{$hash_in . ":" . $salt}))
266 $hash_in = $hash_in . ":" . $salt;
272 next unless ($matched); # therefore: true == exists ($db->{$hash_in}
273 next unless (! defined ($db->{$hash_in}));
276 elsif ($mode == 2100)
279 my $index1 = index ($line, "\$DCC2\$");
281 next if $index1 != 0;
284 my $index2 = index ($line, "#", $index1 + 1);
288 $iter = substr ($line, $index1 + 6, $index2 - $index1 - 6);
291 $index1 = index ($line, "#");
295 $hash_in = substr ($line, 0, $index1 + 1);
297 # identify lenghts of both salt and plain
299 my $salt_plain = substr ($line, $index2 + 1);
301 my $num_cols = () = $salt_plain =~ /:/g;
311 foreach (my $i = 0; $i < $num_cols; $i++)
313 $index2 = index ($salt_plain, ":", $start);
317 $start = $index2 + 1;
319 $index3 = rindex ($salt_plain, "#", $index2);
321 $raw_hash = substr ($salt_plain, $index3 + 1, $index2 - $index3 - 1);
322 $salt = substr ($salt_plain, 0, $index3);
323 $word = substr ($salt_plain, $index2 + 1);
325 if (exists ($db->{$hash_in . $salt . "#" .$raw_hash}))
327 $hash_in = $hash_in . $salt . "#" . $raw_hash;
333 next unless ($matched); # therefore: true == exists ($db->{$hash_in}
334 next unless (! defined ($db->{$hash_in}));
336 # salt:hash guaranteed only : because of hex salt
337 elsif ($mode == 7300)
339 # split hash and plain
340 my $index1 = index ($line, ":");
344 $salt = substr ($line, 0, $index1);
346 $salt = pack ("H*", $salt);
348 my $rest = substr ($line, $index1 + 1);
350 my $index2 = index ($rest, ":");
354 $hash_in = substr ($rest, 0, $index2);
356 $word = substr ($rest, $index2 + 1);
358 next unless (exists ($db->{$salt . ":" . $hash_in}) and (! defined ($db->{$hash_in})));
361 elsif ($mode == 8100)
363 # split hash and plain
364 $salt = substr ($line, 1, 8);
366 my $rest = substr ($line, 1 + 8);
368 my $index2 = index ($rest, ":");
372 $hash_in = substr ($rest, 0, $index2);
374 $word = substr ($rest, $index2 + 1);
376 next unless (exists ($db->{"1" . $salt . $hash_in}) and (! defined ($db->{$hash_in})));
378 # base64 and salt embedded SSHA1, salt length = total lenght - 20
381 # split hash and plain
382 my $index = index ($line, ":");
386 $hash_in = substr ($line, 0, $index);
387 $word = substr ($line, $index + 1);
389 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
392 my $plain_base64 = substr ($hash_in, 6);
394 # base64 decode to extract salt
395 my $decoded = decode_base64
($plain_base64);
397 $salt = substr ($decoded, 20);
399 # base64 and salt embedded SSHA512, salt length = total length - 64
400 elsif ($mode == 1711)
402 # split hash and plain
403 my $index = index ($line, ":");
407 $hash_in = substr ($line, 0, $index);
408 $word = substr ($line, $index + 1);
410 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
413 my $plain_base64 = substr ($hash_in, 9);
415 # base64 decode to extract salt
416 my $decoded = decode_base64
($plain_base64);
418 $salt = substr ($decoded, 64);
420 # OSX (first 8 hex chars is salt)
421 elsif ($mode == 122 || $mode == 1722)
423 my $index = index ($line, ":");
427 $hash_in = substr ($line, 0, $index);
428 $word = substr ($line, $index + 1);
430 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
432 $salt = substr ($hash_in, 0, 8);
434 # MSSQL (2000, 2005 AND 2012), salt after version number
435 elsif ($mode == 131 || $mode == 132 || $mode == 1731)
437 my $index = index ($line, ":");
441 $hash_in = substr ($line, 0, $index);
442 $word = substr ($line, $index + 1);
444 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
446 $salt = substr ($hash_in, 6, 8);
449 elsif ($mode == 8000)
451 my $index = index ($line, ":");
455 $hash_in = substr ($line, 0, $index);
456 $word = substr ($line, $index + 1);
458 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
460 $salt = substr ($hash_in, 6, 16);
463 elsif ($mode == 141 || $mode == 1441)
465 my $index1 = index ($line, ":");
469 $hash_in = substr ($line, 0, $index1);
470 $word = substr ($line, $index1 + 1);
472 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
474 my $index2 = index ($line, "*", 14);
476 #extract salt from base64
477 my $plain_base64 = substr ($hash_in, 14, $index2 - 14);
479 $salt = decode_base64
($plain_base64);
481 # phpass (first 8 after $P$/$H$ -- or $S$ with drupal7)
482 elsif ($mode == 400 || $mode == 7900)
484 my $index = index ($line, ":");
488 $hash_in = substr ($line, 0, $index);
489 $word = substr ($line, $index + 1);
491 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
493 $salt = substr ($hash_in, 4, 8);
495 # iterations = 2 ^ cost (where cost == $iter)
496 $iter = index ($itoa64_1, substr ($hash_in, 3, 1));
498 # $something$[rounds=iter$]salt$ (get last $, then check iter)
499 elsif ($mode == 500 || $mode == 1600 || $mode == 1800 || $mode == 3300 || $mode == 7400)
501 my $index1 = index ($line, ":", 30);
505 $hash_in = substr ($line, 0, $index1);
506 $word = substr ($line, $index1 + 1);
508 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
510 $index1 = index ($hash_in, ",", 1);
511 my $index2 = index ($hash_in, "\$", 1);
515 if ($index1 < $index2)
521 $param = substr ($hash_in, $index2, 1);
525 # rounds= if available
528 if (substr ($hash_in, $index2, 7) eq "rounds=")
530 my $old_index = $index2;
532 $index2 = index ($hash_in, "\$", $index2 + 1);
536 $iter = substr ($hash_in, $old_index + 7, $index2 - $old_index - 7);
542 my $index3 = rindex ($hash_in, "\$");
546 $salt = substr ($hash_in, $index2, $index3 - $index2);
548 # descrypt (salt in first 2 char)
549 elsif ($mode == 1500)
551 my $index = index ($line, ":");
555 $hash_in = substr ($line, 0, $index);
556 $word = substr ($line, $index + 1);
558 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
560 $salt = substr ($hash_in, 0, 2);
562 # bcrypt $something$something$salt.hash
563 elsif ($mode == 3200)
565 my $index1 = index ($line, ":", 33);
569 $hash_in = substr ($line, 0, $index1);
570 $word = substr ($line, $index1 + 1);
572 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
574 my $index2 = index ($hash_in, "\$", 4);
576 $iter = substr ($hash_in, 4, $index2 - 4);
578 my $plain_base64 = substr ($hash_in, $index2 + 1, 22);
583 for (my $i = 0; $i < length ($plain_base64); $i++)
585 my $char = substr ($plain_base64, $i, 1);
586 $encoded .= substr ($base64, index ($itoa64_2, $char), 1);
589 $salt = decode_base64
($encoded);
592 elsif ($mode == 4800)
594 my $index1 = index ($line, ":");
598 my $index2 = index ($line, ":", $index1 + 1);
602 my $index3 = index ($line, ":", $index2 + 1);
606 $salt = substr ($line, $index1 + 1, $index3 - $index1 - 1);
608 $word = substr ($line, $index3 + 1);
610 $hash_in = substr ($line, 0, $index3);
613 elsif ($mode == 5300 || $mode == 5400)
615 my $num_cols = () = $line =~ /:/g;
617 next unless ($num_cols >= 9);
622 for (my $j = 0; $j < 9; $j++)
624 $index1 = index ($line, ":", $index1 + 1);
635 $word = substr ($line, $index1 + 1);
637 $hash_in = substr ($line, 0, $index1);
639 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
641 my $index2 = rindex ($line, ":", $index1 - 1);
643 $salt = substr ($line, 0, $index2);
646 elsif ($mode == 5500)
648 my $index1 = index ($line, "::");
652 my $index2 = index ($line, ":", $index1 + 2);
656 $index2 = index ($line, ":", $index2 + 1);
660 $salt = substr ($line, 0, $index2);
662 $index2 = index ($line, ":", $index2 + 1);
666 $salt .= substr ($line, $index2 + 1, 16);
668 $index2 = index ($line, ":", $index2 + 1);
672 $hash_in = substr ($line, 0, $index2);
674 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
676 $word = substr ($line, $index2 + 1);
679 elsif ($mode == 5600)
681 my $index1 = index ($line, "::");
685 my $index2 = index ($line, ":", $index1 + 2);
689 $index2 = index ($line, ":", $index2 + 1);
693 $salt = substr ($line, 0, $index2);
695 $index1 = index ($line, ":", $index2 + 1);
699 $index2 = index ($line, ":", $index1 + 1);
703 $salt .= substr ($line, $index1 + 1, $index2 - $index1 - 1);
705 $hash_in = substr ($line, 0, $index2);
707 # do it later on for this hash mode:
708 # next unless ((exists ($db->{$hash_in}) and (! defined ($db->{$hash_in}))) or (exists ($db->{$mod}) and (! defined ($db->{$mod}))));
710 $word = substr ($line, $index2 + 1);
712 # AIX smd5 something BRACE salt$
713 elsif ($mode == 6300)
715 my $index1 = index ($line, ":");
719 $hash_in = substr ($line, 0, $index1);
720 $word = substr ($line, $index1 + 1);
722 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
724 my $index2 = index ($hash_in, "}");
725 my $index3 = rindex ($hash_in, "\$");
727 $salt = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
729 # AIX: something$salt$ (no $ at position 1)
730 elsif ($mode == 6400 || $mode == 6500 || $mode == 6700)
732 my $index1 = index ($line, ":");
736 $hash_in = substr ($line, 0, $index1);
737 $word = substr ($line, $index1 + 1);
739 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
741 my $index2 = index ($hash_in, "}");
742 my $index3 = index ($hash_in, "\$");
743 my $index4 = rindex ($hash_in, "\$");
745 $salt = substr ($hash_in, $index3 + 1, $index4 - $index3 - 1);
747 $iter = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
749 # 1Password, agilekeychain
750 elsif ($mode == 6600)
752 my $num_cols = () = $line =~ /:/g;
754 next unless ($num_cols > 2);
756 my $index1 = index ($line, ":");
760 $iter = substr ($line, 0, $index1);
762 my $index2 = index ($line, ":", $index1 + 1);
766 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
768 $index1 = index ($line, ":", $index2 + 1);
772 $salt .= substr ($line, $index2 + 1, $index1 - $index2 - 33);
774 $hash_in = substr ($line, 0, $index1);
776 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
778 $word = substr ($line, $index1 + 1);
780 # 1Password, cloudkeychain
781 elsif ($mode == 8200)
783 my @datas = split (":", $line);
785 next if scalar @datas < 4;
787 my $hash = shift @datas;
788 $salt = shift @datas;
789 $iter = shift @datas;
790 my $data = shift @datas;
792 $hash_in = $hash . ":" . $salt . ":" . $iter . ":" . $data;
796 $word = join (":", @datas);
798 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
800 # lastpass (hash:iter:salt)
801 elsif ($mode == 6800)
803 my $index1 = index ($line, ":", 34);
807 $hash_in = substr ($line, 0, $index1);
809 # identify lenghts of both salt and plain
811 my $salt_plain = substr ($line, $index1 + 1);
813 my $num_cols = () = $salt_plain =~ /:/g;
822 foreach (my $i = 0; $i < $num_cols; $i++)
824 $index2 = index ($salt_plain, ":", $start);
828 $start = $index2 + 1;
830 $salt = substr ($salt_plain, 0, $index2);
831 $word = substr ($salt_plain, $index2 + 1);
833 # can't be true w/ wrong $hash:$salt, otherwise the
834 # algo must have many collisions
836 if (exists ($db->{$hash_in . ":" . $salt}))
838 $hash_in = $hash_in . ":" . $salt;
844 next unless ($matched); # therefore: true == exists ($db->{$hash_in}
845 next unless (! defined ($db->{$hash_in}));
847 $index1 = index ($hash_in, ":");
848 $index2 = index ($hash_in, ":", $index1 + 1);
850 $iter = substr ($hash_in, $index1 + 1, $index2 - $index1 - 1);
851 $salt = substr ($hash_in, $index2 + 1);
853 # OSX 10.* : $something$iter$salt$
854 elsif ($mode == 7100)
856 my $index1 = index ($line, ":");
860 $hash_in = substr ($line, 0, $index1);
861 $word = substr ($line, $index1 + 1);
863 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
865 my $index2 = index ($hash_in, "\$", 5);
869 my $index3 = index ($hash_in, "\$", $index2 + 1);
871 $salt = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
873 $iter = substr ($hash_in, 4, $index2 - 4);
875 next if (int ($iter) < 1);
877 # grub: something1.something2.something3.iter.salt.
878 elsif ($mode == 7200)
880 my $index1 = index ($line, ":");
884 $hash_in = substr ($line, 0, $index1);
885 $word = substr ($line, $index1 + 1);
887 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
889 my $index2 = index ($hash_in, ".", 19);
893 my $index3 = index ($hash_in, ".", $index2 + 1);
895 $salt = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
897 $iter = substr ($hash_in, 19, $index2 - 19);
899 next if (int ($iter) < 1);
901 # $something1$something2$something3$something4$salt$
902 elsif ($mode == 7500 )
904 my $index1 = index ($line, "\$", 11);
908 my $index2 = index ($line, "\$", $index1 + 1);
912 my $index3 = index ($line, "\$", $index2 + 1);
916 $index2 = index ($line, ":", $index3 + 1);
920 $hash_in = substr ($line, 0, $index2);
921 $word = substr ($line, $index2 + 1);
923 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
925 $salt = substr ($hash_in, 11, $index3 - 10);
926 $salt .= substr ($hash_in, $index2 - 32) . "\$\$";
927 $salt .= substr ($hash_in, $index3 + 1, $index2 - $index3 - 32 - 1);
930 elsif ($mode == 7700 || $mode == 7800)
932 my $index1 = index ($line, ":");
936 my @split1 = split (":", $line);
938 my @split2 = split ('\$', $split1[0]);
940 next unless scalar @split2 == 2;
942 $hash_in = $split1[0];
944 if (scalar @split1 > 1)
953 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
958 elsif ($mode == 8300)
960 my @datas = split (":", $line);
962 next if scalar @datas != 5;
967 ($hash, $domain, $salt, $iter, $word) = @datas;
969 $hash_in = $hash . ":" . $domain . ":" . $salt . ":" . $iter;
971 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
973 $salt = $domain . ":" . $salt;
976 elsif ($mode == 8500)
978 my @line_elements = split (":", $line);
980 next if scalar @line_elements < 2;
984 $hash_in = shift @line_elements;
986 $word = join (":", @line_elements);
990 my @hash_elements = split ('\*', $hash_in);
992 next unless ($hash_elements[0] eq '$racf$');
994 $salt = $hash_elements[1];
996 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
999 elsif ($mode == 8700)
1001 # split hash and plain
1002 my $index = index ($line, ":");
1006 $hash_in = substr ($line, 0, $index);
1007 $word = substr ($line, $index + 1);
1009 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1011 my $plain_base64 = substr ($hash_in, 2, -1);
1013 ($_, $salt, $param) = domino_decode
($plain_base64);
1016 elsif ($mode == 2612)
1018 next unless (substr ($line, 0, 6) eq '$PHPS$');
1021 my $index1 = index ($line, "\$", 6);
1023 next if $index1 < 1;
1025 $salt = substr ($line, 6, $index1 - 6);
1027 $salt = pack ("H*", $salt);
1029 my $index2 = index ($line, "\:", $index1 + 1);
1031 next if $index2 < 1;
1033 $word = substr ($line, $index2 + 1);
1035 $hash_in = substr ($line, 0, $index2);
1037 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1040 elsif ($mode == 3711)
1042 next unless (substr ($line, 0, 3) eq '$B$');
1045 my $index1 = index ($line, "\$", 3);
1047 next if $index1 < 1;
1049 $salt = substr ($line, 3, $index1 - 3);
1051 my $index2 = index ($line, ":", $index1 + 1);
1053 next if $index2 < 1;
1055 $word = substr ($line, $index2 + 1);
1057 $hash_in = substr ($line, 0, $index2);
1059 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1062 elsif ($mode == 8900)
1064 next unless (substr ($line, 0, 7) eq 'SCRYPT:');
1067 my $index1 = index ($line, ":", 7);
1069 next if $index1 < 1;
1072 my $N = substr ($line, 7, $index1 - 7);
1074 my $index2 = index ($line, ":", $index1 + 1);
1076 next if $index2 < 1;
1079 my $r = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1081 $index1 = index ($line, ":", $index2 + 1);
1083 next if $index1 < 1;
1086 my $p = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1092 $index2 = index ($line, ":", $index1 + 1);
1094 next if $index2 < 1;
1097 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1099 $salt = decode_base64
($salt);
1101 $index1 = index ($line, ":", $index2 + 1);
1103 next if $index1 < 1;
1107 $word = substr ($line, $index1 + 1);
1108 $hash_in = substr ($line, 0, $index1);
1110 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1113 elsif ($mode == 9100)
1115 # split hash and plain
1116 my $index = index ($line, ":");
1120 $hash_in = substr ($line, 0, $index);
1121 $word = substr ($line, $index + 1);
1123 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1125 my $base64_part = substr ($hash_in, 2, -1);
1127 ($_, $salt, $iter, $param) = domino_85x_decode
($base64_part);
1129 next if ($iter < 1);
1131 # Cisco $8$ - PBKDF2-HMAC-SHA256
1132 elsif ($mode == 9200)
1134 next unless (substr ($line, 0, 3) eq '$8$');
1137 my $index1 = index ($line, "\$", 3);
1139 next if $index1 != 17;
1141 my $index2 = index ($line, "\$", $index1 + 1);
1144 $salt = substr ($line, 3, $index1 - 3);
1146 $index1 = index ($line, ":", $index1 + 1);
1148 next if $index1 < 1;
1152 $word = substr ($line, $index1 + 1);
1153 $hash_in = substr ($line, 0, $index1);
1155 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1157 # Cisco $9$ - scrypt
1158 elsif ($mode == 9300)
1160 next unless (substr ($line, 0, 3) eq '$9$');
1163 my $index1 = index ($line, "\$", 3);
1165 next if $index1 != 17;
1167 my $index2 = index ($line, "\$", $index1 + 1);
1170 $salt = substr ($line, 3, $index1 - 3);
1172 $index1 = index ($line, ":", $index1 + 1);
1174 next if $index1 < 1;
1178 $word = substr ($line, $index1 + 1);
1179 $hash_in = substr ($line, 0, $index1);
1181 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1184 elsif ($mode == 9400)
1186 ($hash_in, $word) = split ":", $line;
1188 next unless defined $hash_in;
1189 next unless defined $word;
1191 my @data = split /\*/, $hash_in;
1193 next unless scalar @data == 8;
1195 next unless (shift @data eq '$office$');
1196 next unless (shift @data eq '2007');
1197 next unless (shift @data eq '20');
1199 my $aes_key_size = shift @data;
1201 next unless (($aes_key_size eq '128') || ($aes_key_size eq '256'));
1202 next unless (shift @data eq '16');
1204 next unless (length $data[0] == 32);
1205 next unless (length $data[1] == 32);
1206 next unless (length $data[2] == 40);
1208 $salt = shift @data;
1209 $param = shift @data;
1210 $param2 = $aes_key_size;
1212 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1215 elsif ($mode == 9500)
1217 ($hash_in, $word) = split ":", $line;
1219 next unless defined $hash_in;
1220 next unless defined $word;
1222 my @data = split /\*/, $hash_in;
1224 next unless scalar @data == 8;
1226 next unless (shift @data eq '$office$');
1227 next unless (shift @data eq '2010');
1228 next unless (shift @data eq '100000');
1229 next unless (shift @data eq '128');
1230 next unless (shift @data eq '16');
1232 next unless (length $data[0] == 32);
1233 next unless (length $data[1] == 32);
1234 next unless (length $data[2] == 64);
1236 $salt = shift @data;
1237 $param = shift @data;
1239 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1242 elsif ($mode == 9600)
1244 ($hash_in, $word) = split ":", $line;
1246 next unless defined $hash_in;
1247 next unless defined $word;
1249 my @data = split /\*/, $hash_in;
1251 next unless scalar @data == 8;
1253 next unless (shift @data eq '$office$');
1254 next unless (shift @data eq '2013');
1255 next unless (shift @data eq '100000');
1256 next unless (shift @data eq '256');
1257 next unless (shift @data eq '16');
1259 next unless (length $data[0] == 32);
1260 next unless (length $data[1] == 32);
1261 next unless (length $data[2] == 64);
1263 $salt = shift @data;
1264 $param = shift @data;
1266 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1269 elsif ($mode == 9700)
1271 ($hash_in, $word) = split ":", $line;
1273 next unless defined $hash_in;
1274 next unless defined $word;
1276 my @data = split /\*/, $hash_in;
1278 next unless scalar @data == 4;
1280 my $signature = shift @data;
1282 next unless (($signature eq '$oldoffice$0') || ($signature eq '$oldoffice$1'));
1284 next unless (length $data[0] == 32);
1285 next unless (length $data[1] == 32);
1286 next unless (length $data[2] == 32);
1288 $salt = shift @data;
1289 $param = shift @data;
1290 $param2 = substr ($signature, 11, 1);
1292 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1295 elsif ($mode == 9800)
1297 ($hash_in, $word) = split ":", $line;
1299 next unless defined $hash_in;
1300 next unless defined $word;
1302 my @data = split /\*/, $hash_in;
1304 next unless scalar @data == 4;
1306 my $signature = shift @data;
1308 next unless (($signature eq '$oldoffice$3') || ($signature eq '$oldoffice$4'));
1310 next unless (length $data[0] == 32);
1311 next unless (length $data[1] == 32);
1312 next unless (length $data[2] == 40);
1314 $salt = shift @data;
1315 $param = shift @data;
1316 $param2 = substr ($signature, 11, 1);
1318 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1320 # Django (PBKDF2-SHA256)
1321 elsif ($mode == 10000)
1323 next unless (substr ($line, 0, 14) eq 'pbkdf2_sha256$');
1326 my $index1 = index ($line, "\$", 14);
1328 next if $index1 < 1;
1330 my $index2 = index ($line, "\$", $index1 + 1);
1334 $iter = substr ($line, 14, $index1 - 14);
1338 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1342 $index1 = index ($line, ":", $index2 + 1);
1344 next if $index1 < 1;
1346 $word = substr ($line, $index1 + 1);
1347 $hash_in = substr ($line, 0, $index1);
1349 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1352 elsif ($mode == 10100)
1356 ($hash, undef, undef, $salt, $word) = split ":", $line;
1358 next unless defined $hash;
1359 next unless defined $salt;
1360 next unless defined $word;
1362 next unless (length $hash == 16);
1363 next unless (length $salt == 32);
1365 my $hash_in = sprintf ("%s:2:4:%s", $hash, $salt);
1367 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1370 elsif ($mode == 10200)
1372 next unless (substr ($line, 0, 10) eq '$cram_md5$');
1375 my $index1 = index ($line, "\$", 10);
1377 next if $index1 < 1;
1381 my $challengeb64 = substr ($line, 10, $index1 - 10);
1382 $salt = decode_base64
($challengeb64);
1386 my $index2 = index ($line, ":", $index1 + 1);
1388 next if $index2 < 1;
1390 my $responseb64 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1391 my $response = decode_base64
($responseb64);
1393 $param = substr ($response, 0, length ($response) - 32 - 1); # -1 is for space
1395 $word = substr ($line, $index2 + 1);
1396 $hash_in = substr ($line, 0, $index2);
1398 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1400 # SAP CODVN H (PWDSALTEDHASH) iSSHA-1
1401 elsif ($mode == 10300)
1403 next unless (substr ($line, 0, 10) eq '{x-issha, ');
1407 my $index1 = index ($line, "}", 10);
1409 next if $index1 < 1;
1411 $iter = substr ($line, 10, $index1 - 10);
1413 $iter = int ($iter);
1417 my $base64_encoded = substr ($line, $index1 + 1);
1418 my $base64_decoded = decode_base64
($base64_encoded);
1420 $salt = substr ($base64_decoded, 20);
1422 my $index2 = index ($line, ":", $index1 + 1);
1424 next if $index2 < 1;
1426 $word = substr ($line, $index2 + 1);
1427 $hash_in = substr ($line, 0, $index2);
1429 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1431 # PDF 1.1 - 1.3 (Acrobat 2 - 4)
1432 elsif ($mode == 10400)
1434 ($hash_in, $word) = split ":", $line;
1436 next unless defined $hash_in;
1437 next unless defined $word;
1439 my @data = split /\*/, $hash_in;
1441 next unless scalar @data == 11;
1443 next unless (shift @data eq '$pdf$1');
1444 next unless (shift @data eq '2');
1445 next unless (shift @data eq '40');
1446 my $P = shift @data;
1447 next unless (shift @data eq '0');
1448 next unless (shift @data eq '16');
1449 my $id = shift @data;
1450 next unless (shift @data eq '32');
1451 my $u = shift @data;
1452 next unless (shift @data eq '32');
1453 my $o = shift @data;
1460 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1462 # PDF 1.4 - 1.6 (Acrobat 5 - 8)
1463 elsif ($mode == 10500)
1465 ($hash_in, $word) = split ":", $line;
1467 next unless defined $hash_in;
1468 next unless defined $word;
1470 my @data = split /\*/, $hash_in;
1472 next unless scalar @data == 11;
1474 my $V = shift @data; $V = substr ($V, 5, 1);
1475 my $R = shift @data;
1476 next unless (shift @data eq '128');
1477 my $P = shift @data;
1478 my $enc = shift @data;
1479 next unless (shift @data eq '16');
1480 my $id = shift @data;
1481 next unless (shift @data eq '32');
1482 my $u = shift @data;
1483 next unless (shift @data eq '32');
1484 my $o = shift @data;
1494 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1496 # PDF 1.7 Level 3 (Acrobat 9)
1497 elsif ($mode == 10600)
1499 ($hash_in, $word) = split ":", $line;
1501 next unless defined $hash_in;
1502 next unless defined $word;
1504 my @data = split /\*/, $hash_in;
1506 next unless scalar @data >= 11;
1508 next unless (shift @data eq '$pdf$5');
1509 next unless (shift @data eq '5');
1510 next unless (shift @data eq '256');
1511 next unless (shift @data eq '-1028');
1512 next unless (shift @data eq '1');
1513 next unless (shift @data eq '16');
1514 my $id = shift @data;
1515 my $rest = join "*", @data;
1520 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1522 # PDF 1.7 Level 8 (Acrobat 10 - 11)
1523 elsif ($mode == 10700)
1525 ($hash_in, $word) = split ":", $line;
1527 next unless defined $hash_in;
1528 next unless defined $word;
1530 my @data = split /\*/, $hash_in;
1532 next unless scalar @data >= 11;
1534 next unless (shift @data eq '$pdf$5');
1535 next unless (shift @data eq '6');
1536 next unless (shift @data eq '256');
1537 next unless (shift @data eq '-1028');
1538 next unless (shift @data eq '1');
1539 next unless (shift @data eq '16');
1540 my $id = shift @data;
1541 my $rest = join "*", @data;
1546 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1548 # PBKDF2-HMAC-SHA256
1549 elsif ($mode == 10900)
1551 next unless (substr ($line, 0, 7) eq 'sha256:');
1554 my $index1 = index ($line, ":", 7);
1556 next if $index1 < 1;
1558 $iter = substr ($line, 7, $index1 - 7);
1562 my $index2 = index ($line, ":", $index1 + 1);
1564 next if $index2 < 1;
1566 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1568 $salt = decode_base64
($salt);
1572 $index1 = index ($line, ":", $index2 + 1);
1574 next if $index1 < 1;
1576 # additional param = output len of pbkdf2
1578 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1580 my $digest = decode_base64
($digest64_encoded);
1582 $param = length ($digest);
1586 $word = substr ($line, $index1 + 1);
1587 $hash_in = substr ($line, 0, $index1);
1589 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1591 # PostgreSQL MD5 Authentication
1592 elsif ($mode == 11100)
1594 next unless (substr ($line, 0, 10) eq '$postgres$');
1596 my $index1 = index ($line, "*", 10);
1598 next if $index1 < 1;
1602 $param = substr ($line, 10, $index1 - 10);
1604 # get the 4 byte salt
1606 my $index2 = index ($line, "*", $index1 + 1);
1608 next if $index2 < 1;
1610 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1614 $index1 = index ($line, ":", $index2 + 1);
1616 next if $index1 < 1;
1618 $word = substr ($line, $index1 + 1);
1619 $hash_in = substr ($line, 0, $index1);
1621 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1623 # MySQL MD5 Authentication
1624 elsif ($mode == 11200)
1626 next unless (substr ($line, 0, 9) eq '$mysqlna$');
1628 my $index1 = index ($line, "*", 9);
1630 next if $index1 < 1;
1634 $salt = substr ($line, 9, $index1 - 9);
1638 $index1 = index ($line, ":", $index1 + 1);
1640 next if $index1 < 1;
1642 $word = substr ($line, $index1 + 1);
1643 $hash_in = substr ($line, 0, $index1);
1645 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1648 elsif ($mode == 2500)
1650 print "ERROR: verify currently not supported for WPA/WPA2 (because of oclHashcat's output format)\n";
1654 # Bitcoin/Litecoin wallet.dat
1655 elsif ($mode == 11300)
1657 print "ERROR: verify currently not supported for Bitcoin/Litecoin wallet.dat because of unknown crypt data\n";
1661 # SIP digest authentication (MD5)
1662 elsif ($mode == 11400)
1664 next unless (substr ($line, 0, 6) eq '$sip$*');
1668 my $index1 = index ($line, "*", 6);
1670 next if $index1 < 0;
1672 $param10 = substr ($line, 6, $index1 - 6);
1674 next if (length ($param10) > 32);
1678 my $index2 = index ($line, "*", $index1 + 1);
1680 next if $index2 < 0;
1682 $param11 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1684 next if (length ($param11) > 32);
1688 $index1 = index ($line, "*", $index2 + 1);
1690 next if $index1 < 0;
1692 $param = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1694 next if (length ($param) > 12);
1698 $index2 = index ($line, "*", $index1 + 1);
1700 next if $index2 < 0;
1702 $param2 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1704 next if (length ($param2) > 20);
1708 $index1 = index ($line, "*", $index2 + 1);
1710 next if $index1 < 0;
1712 $param6 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1714 next if (length ($param6) > 24);
1718 $index2 = index ($line, "*", $index1 + 1);
1720 next if $index2 < 0;
1722 $param7 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1724 next if (length ($param7) > 10);
1728 $index1 = index ($line, "*", $index2 + 1);
1730 next if $index1 < 0;
1732 $param8 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1734 next if (length ($param8) > 32);
1738 $index2 = index ($line, "*", $index1 + 1);
1740 next if $index2 < 0;
1742 $param9 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1744 next if (length ($param9) > 32);
1748 $index1 = index ($line, "*", $index2 + 1);
1750 next if $index1 < 0;
1752 $salt = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1754 next if (length ($salt) > 34);
1758 $index2 = index ($line, "*", $index1 + 1);
1760 next if $index2 < 0;
1762 $param4 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1764 next if (length ($param4) > 12);
1768 $index1 = index ($line, "*", $index2 + 1);
1770 next if $index1 < 0;
1772 $param3 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1774 next if (length ($param3) > 10);
1778 $index2 = index ($line, "*", $index1 + 1);
1780 next if $index2 < 0;
1782 $param5 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1784 next if (length ($param5) > 8);
1788 $index1 = index ($line, "*", $index2 + 1);
1790 next if $index1 < 0;
1792 my $directive = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1794 next unless ($directive eq "MD5");
1798 $index2 = index ($line, ":", $index1 + 1);
1800 next if $index2 < 0;
1802 my $hex_digest = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1804 next unless (length ($hex_digest) == 32);
1806 $word = substr ($line, $index2 + 1);
1807 $hash_in = substr ($line, 0, $index2);
1809 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1812 elsif ($mode == 11600)
1814 next unless (substr ($line, 0, 4) eq '$7z$');
1818 my $index1 = index ($line, '$', 4);
1820 next if $index1 < 0;
1822 my $p = substr ($line, 4, $index1 - 4);
1824 next unless ($p eq "0");
1828 my $index2 = index ($line, '$', $index1 + 1);
1830 next if $index2 < 0;
1832 $iter = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1834 # seven zip salt length
1836 $index1 = index ($line, '$', $index2 + 1);
1838 next if $index1 < 0;
1840 $param = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1844 $index2 = index ($line, '$', $index1 + 1);
1846 next if $index2 < 0;
1848 $param2 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1852 $index1 = index ($line, '$', $index2 + 1);
1854 next if $index1 < 0;
1856 $param3 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1860 $index2 = index ($line, '$', $index1 + 1);
1862 next if $index2 < 0;
1864 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1866 $salt = pack ("H*", $salt);
1870 $index1 = index ($line, '$', $index2 + 1);
1872 next if $index1 < 0;
1874 my $crc = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1876 # ignore this crc, we don't need to pass it to gen_hash ()
1880 $index2 = index ($line, '$', $index1 + 1);
1882 next if $index2 < 0;
1884 $param4 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1888 $index1 = index ($line, '$', $index2 + 1);
1890 next if $index1 < 0;
1892 $param5 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1896 $index2 = index ($line, ':', $index1 + 1);
1898 next if $index2 < 0;
1900 $param6 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1901 $param6 = pack ("H*", $param6);
1903 $word = substr ($line, $index2 + 1);
1904 $hash_in = substr ($line, 0, $index2);
1906 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1909 elsif ($mode == 11900)
1911 next unless (substr ($line, 0, 4) eq 'md5:');
1914 my $index1 = index ($line, ":", 4);
1916 next if $index1 < 1;
1918 $iter = substr ($line, 4, $index1 - 4);
1922 my $index2 = index ($line, ":", $index1 + 1);
1924 next if $index2 < 1;
1926 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1928 $salt = decode_base64
($salt);
1932 $index1 = index ($line, ":", $index2 + 1);
1934 next if $index1 < 1;
1936 # additional param = output len of pbkdf2
1938 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1940 my $digest = decode_base64
($digest64_encoded);
1942 $param = length ($digest);
1946 $word = substr ($line, $index1 + 1);
1947 $hash_in = substr ($line, 0, $index1);
1949 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1952 elsif ($mode == 12000)
1954 next unless (substr ($line, 0, 5) eq 'sha1:');
1957 my $index1 = index ($line, ":", 5);
1959 next if $index1 < 1;
1961 $iter = substr ($line, 5, $index1 - 5);
1965 my $index2 = index ($line, ":", $index1 + 1);
1967 next if $index2 < 1;
1969 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1971 $salt = decode_base64
($salt);
1975 $index1 = index ($line, ":", $index2 + 1);
1977 next if $index1 < 1;
1979 # additional param = output len of pbkdf2
1981 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1983 my $digest = decode_base64
($digest64_encoded);
1985 $param = length ($digest);
1989 $word = substr ($line, $index1 + 1);
1990 $hash_in = substr ($line, 0, $index1);
1992 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1994 # PBKDF2-HMAC-SHA512
1995 elsif ($mode == 12100)
1997 next unless (substr ($line, 0, 7) eq 'sha512:');
2000 my $index1 = index ($line, ":", 7);
2002 next if $index1 < 1;
2004 $iter = substr ($line, 7, $index1 - 7);
2008 my $index2 = index ($line, ":", $index1 + 1);
2010 next if $index2 < 1;
2012 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
2014 $salt = decode_base64
($salt);
2018 $index1 = index ($line, ":", $index2 + 1);
2020 next if $index1 < 1;
2022 # additional param = output len of pbkdf2
2024 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
2026 my $digest = decode_base64
($digest64_encoded);
2028 $param = length ($digest);
2032 $word = substr ($line, $index1 + 1);
2033 $hash_in = substr ($line, 0, $index1);
2035 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2038 elsif ($mode == 12200)
2040 next unless (substr ($line, 0, 12) eq '$ecryptfs$0$');
2042 # check if default salt
2046 $param = 0 if (substr ($line, 12, 2) eq '1$');
2054 if ($param == 0) # we need to extract the salt
2056 $index1 = index ($line, '$', $index1);
2058 next if $index1 < 1;
2060 my $index2 = index ($line, '$', $index1 + 1);
2062 next if $index2 < 1;
2064 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
2069 $index1 = index ($line, ':', $index1 + 1);
2071 next if $index1 < 1;
2075 $word = substr ($line, $index1 + 1);
2076 $hash_in = substr ($line, 0, $index1);
2078 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2080 # Oracle T: Type (Oracle 12+)
2081 elsif ($mode == 12300)
2083 my $index1 = index ($line, ':');
2085 next if ($index1 != 160);
2089 $salt = substr ($line, 128, 32);
2093 $word = substr ($line, $index1 + 1);
2094 $hash_in = substr ($line, 0, $index1);
2096 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2098 # BSDiCrypt, Extended DES
2099 elsif ($mode == 12400)
2101 next unless (substr ($line, 0, 1) eq '_');
2103 my $index1 = index ($line, ':', 20);
2105 next if ($index1 != 20);
2109 $iter = substr ($line, 1, 4);
2111 $iter = base64_to_int24
($iter);
2115 $salt = substr ($line, 5, 4);
2119 $word = substr ($line, $index1 + 1);
2120 $hash_in = substr ($line, 0, $index1);
2122 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2124 # Blockchain, My Wallet
2125 elsif ($mode == 12700)
2127 my $index1 = index ($line, ':');
2129 next if ($index1 < 0);
2131 $hash_in = substr ($line, 0, $index1);
2132 $word = substr ($line, $index1 + 1);
2134 my (undef, $signature, $data_len, $data_buf) = split '\$', $hash_in;
2136 next unless ($signature eq "blockchain");
2138 next unless (($data_len * 2) == length $data_buf);
2140 $salt = substr ($data_buf, 0, 32);
2141 $param = substr ($data_buf, 32);
2143 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2145 elsif ($mode == 12800)
2147 ($hash_in, $word) = split ":", $line;
2149 next unless defined $hash_in;
2150 next unless defined $word;
2152 my @data = split /\,/, $hash_in;
2154 next unless scalar @data == 4;
2156 next unless (shift @data eq 'v1;PPH1_MD4');
2158 $salt = shift @data;
2159 $iter = shift @data;
2161 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2163 elsif ($mode == 12900)
2165 ($hash_in, $word) = split ":", $line;
2167 next unless defined $hash_in;
2168 next unless defined $word;
2170 next unless length $hash_in == 160;
2172 $param = substr ($hash_in, 0, 64);
2173 $salt = substr ($hash_in, 128, 32);
2176 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2178 elsif ($mode == 13000)
2182 ($hash_line, $word) = split ":", $line;
2184 next unless defined $hash_line;
2185 next unless defined $word;
2187 my @data = split ('\$', $hash_line);
2189 next unless scalar @data == 8;
2193 my $signature = shift @data;
2194 my $salt_len = shift @data;
2195 my $salt_buf = shift @data;
2196 my $iterations = shift @data;
2197 my $iv = shift @data;
2198 my $pswcheck_len = shift @data;
2199 my $pswcheck = shift @data;
2201 next unless ($signature eq "rar5");
2202 next unless ($salt_len == 16);
2203 next unless ($pswcheck_len == 8);
2206 $iter = $iterations;
2207 $hash_in = $pswcheck;
2210 next unless (exists ($db->{$hash_line}) and (! defined ($db->{$hash_line})));
2212 elsif ($mode == 13100 )
2214 ($hash_in, $word) = split ":", $line;
2216 next unless defined $hash_in;
2217 next unless defined $word;
2219 my @data = split ('\$', $hash_in);
2221 next unless scalar @data == 8;
2225 my $signature = shift @data;
2226 my $algorithm = shift @data;
2227 my $user = shift @data;
2228 $user = substr ($user, 1);
2229 my $realm = shift @data;
2230 my $spn = shift @data;
2231 $spn = substr ($spn, 0, length ($spn) - 1);
2232 my $checksum = shift @data;
2233 my $edata2 = shift @data;
2235 next unless ($signature eq "krb5tgs");
2236 next unless (length ($checksum) == 32);
2237 next unless (length ($edata2) >= 64);
2239 $salt = $user . '$' . $realm . '$' . $spn . '$' . substr ($edata2, 0, 16);
2241 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2243 elsif ($mode == 13200)
2245 ($hash_in, $word) = split '\*', $line;
2247 next unless defined $hash_in;
2248 next unless defined $word;
2250 my @data = split ('\*', $hash_in);
2252 next unless scalar @data == 5;
2256 my $signature = shift @data;
2257 my $version = shift @data;
2258 my $iteration = shift @data;
2259 my $mysalt = shift @data;
2260 my $digest = shift @data;
2262 next unless ($signature eq '$axcrypt$');
2263 next unless (length ($mysalt) == 32);
2264 next unless (length ($digest) == 48);
2266 $salt = $iteration . '*' . $mysalt;
2268 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2272 print "ERROR: hash mode is not supported\n";
2277 if ($word =~ m/^\$HEX\[[0-9a-fA-F]*\]$/)
2279 $word = pack ("H*", substr ($word, 5, -1));
2282 # finally generate the hash
2287 # check both variations
2288 $hash_out = gen_hash
($mode, $word, $salt, $iter, 1);
2290 $len = length $hash_out; # == length $alternative
2292 if (substr ($line, 0, $len) ne $hash_out)
2294 my $alternative = gen_hash
($mode, $word, $salt, $iter, 2);
2296 return unless (substr ($line, 0, $len) eq $alternative);
2299 elsif ($mode == 8700)
2301 $hash_out = gen_hash
($mode, $word, $salt, 0, $param);
2303 $len = length $hash_out;
2305 return unless (substr ($line, 0, $len) eq $hash_out);
2307 elsif ($mode == 8900)
2309 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2, $param3);
2311 $len = length $hash_out;
2313 return unless (substr ($line, 0, $len) eq $hash_out);
2315 elsif ($mode == 9100)
2317 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2319 $len = length $hash_out;
2321 return unless (substr ($line, 0, $len) eq $hash_out);
2323 elsif ($mode == 190)
2325 $hash_out = gen_hash
($mode, $word, $salt, $iter, 0);
2327 $len = length $hash_out; # == length $alternative
2329 if (substr ($line, 0, $len) ne $hash_out)
2331 my $alternative = gen_hash
($mode, $word, $salt, $iter, 1);
2333 return unless (substr ($line, 0, $len) eq $alternative);
2336 elsif ($mode == 3300)
2338 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2340 $len = length $hash_out;
2342 return unless (substr ($line, 0, $len) eq $hash_out);
2344 elsif ($mode == 5100)
2346 # check 3 variants (start, middle, end)
2350 $hash_out = gen_hash
($mode, $word, $salt, $iter, $idx++);
2352 $len = length $hash_out; # == length $alternative
2354 if (substr ($line, 0, $len) ne $hash_out)
2356 my $alternative = gen_hash
($mode, $word, $salt, $iter, $idx++);
2358 if (substr ($line, 0, $len) ne $alternative)
2360 my $alternative = gen_hash
($mode, $word, $salt, $iter, $idx++);
2362 return unless (substr ($line, 0, $len) eq $alternative);
2366 elsif ($mode == 9400)
2368 $hash_out = gen_hash
($mode, $word, $salt, 50000, $param, $param2);
2370 $len = length $hash_out;
2372 return unless (substr ($line, 0, $len) eq $hash_out);
2374 elsif ($mode == 9500)
2376 $hash_out = gen_hash
($mode, $word, $salt, 100000, $param);
2378 $len = length $hash_out;
2380 return unless (substr ($line, 0, $len) eq $hash_out);
2382 elsif ($mode == 9600)
2384 $hash_out = gen_hash
($mode, $word, $salt, 100000, $param);
2386 $len = length $hash_out;
2388 return unless (substr ($line, 0, $len) eq $hash_out);
2390 elsif ($mode == 9700)
2392 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2);
2394 $len = length $hash_out;
2396 return unless (substr ($line, 0, $len) eq $hash_out);
2398 elsif ($mode == 9800)
2400 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2);
2402 $len = length $hash_out;
2404 return unless (substr ($line, 0, $len) eq $hash_out);
2406 elsif ($mode == 10400)
2408 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2, $param3);
2410 $len = length $hash_out;
2412 return unless (substr ($line, 0, $len) eq $hash_out);
2414 elsif ($mode == 10500)
2416 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2, $param3, $param4, $param5, $param6);
2418 $len = length $hash_out;
2420 return unless (substr ($line, 0, $len) eq $hash_out);
2422 elsif ($mode == 10600)
2424 $hash_out = gen_hash
($mode, $word, $salt, 0, $param);
2426 $len = length $hash_out;
2428 return unless (substr ($line, 0, $len) eq $hash_out);
2430 elsif ($mode == 10700)
2432 $hash_out = gen_hash
($mode, $word, $salt, 0, $param);
2434 $len = length $hash_out;
2436 return unless (substr ($line, 0, $len) eq $hash_out);
2438 elsif ($mode == 10900)
2440 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2442 $len = length $hash_out;
2444 return unless (substr ($line, 0, $len) eq $hash_out);
2446 elsif ($mode == 11100)
2448 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2450 $len = length $hash_out;
2452 return unless (substr ($line, 0, $len) eq $hash_out);
2454 elsif ($mode == 11400)
2456 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param, $param2, $param3, $param4, $param5, $param6, $param7, $param8, $param9, $param10, $param11);
2458 $len = length $hash_out;
2460 return unless (substr ($line, 0, $len) eq $hash_out);
2462 elsif ($mode == 11600)
2464 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param, $param2, $param3, $param4, $param5, $param6);
2466 $len = length $hash_out;
2468 return unless (substr ($line, 0, $len) eq $hash_out);
2470 elsif ($mode == 11900)
2472 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2474 $len = length $hash_out;
2476 return unless (substr ($line, 0, $len) eq $hash_out);
2478 elsif ($mode == 12000)
2480 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2482 $len = length $hash_out;
2484 return unless (substr ($line, 0, $len) eq $hash_out);
2486 elsif ($mode == 12100)
2488 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2490 $len = length $hash_out;
2492 return unless (substr ($line, 0, $len) eq $hash_out);
2494 elsif ($mode == 12200)
2496 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2498 $len = length $hash_out;
2500 return unless (substr ($line, 0, $len) eq $hash_out);
2502 elsif ($mode == 12700)
2504 # this is very special, we can't call gen_hash () because the param part is not always the same
2505 # we only know that it should contain the letters "guid" at the beginning of the decryted string
2507 my $pbkdf2 = Crypt
::PBKDF2
->new (
2508 hash_class
=> 'HMACSHA1',
2513 my $salt_bin = pack ("H*", $salt);
2515 my $key = $pbkdf2->PBKDF2 ($salt_bin, $word);
2517 my $cipher = Crypt
::CBC
->new ({
2519 cipher
=> "Crypt::Rijndael",
2526 my $param_bin = pack ("H*", $param);
2528 my $decrypted = $cipher->decrypt ($param_bin);
2530 my $decrypted_part = substr ($decrypted, 1, 16);
2532 return unless ($decrypted_part =~ /"guid"/);
2534 $hash_out = $hash_in;
2536 elsif ($mode == 12900)
2538 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2540 $len = length $hash_out;
2542 return unless (substr ($line, 0, $len) eq $hash_out);
2544 elsif ($mode == 13000)
2546 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2548 $len = length $hash_out;
2550 return unless (substr ($line, 0, $len) eq $hash_out);
2552 elsif ($mode == 13100)
2554 $hash_out = gen_hash
($mode, $word, $salt);
2556 $len = length $hash_out;
2558 return unless (substr ($line, 0, $len) eq $hash_out);
2560 elsif ($mode == 13200)
2562 $hash_out = gen_hash
($mode, $word, $salt);
2564 $len = length $hash_out;
2566 return unless (substr ($line, 0, $len) eq $hash_out);
2570 $hash_out = gen_hash
($mode, $word, $salt, $iter);
2572 $len = length $hash_out;
2577 # allow $P$ and $H$ for -m 400
2578 next unless (substr ($line, 3, $len - 3) eq substr ($hash_out, 3));
2580 elsif ($mode == 5600)
2582 # oclHashcat outputs the user name always upper-case, we need
2583 next unless (substr ($line, 0, $len) eq $hash_out);
2587 my $hash_out_lower = lc ($hash_out);
2589 for my $key (keys %{$db})
2591 if (lc ($key) eq $hash_out_lower)
2603 next unless (substr ($line, 0, $len) eq $hash_out);
2607 # do not forget "exists ($db->$hash_out)" should be done above!
2608 $db->{$hash_out} = $word;
2609 print OUT
$line . "\n";
2618 my $mode = shift || 0;
2620 while (my $word_buf = <>)
2624 next if length ($word_buf) > 31;
2632 for (my $i = 0; $i < 256; $i++)
2634 my $c = get_random_chr
(0x30, 0x39);
2636 push (@salt_arr, $c);
2639 my $salt_buf = join ("", @salt_arr);
2647 if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 190 || $mode == 200 || $mode == 300 || $mode == 600 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 6000 || $mode == 6100 || $mode == 6900 || $mode == 5700 || $mode == 9900 || $mode == 10800 || $mode == 11500)
2649 $tmp_hash = gen_hash
($mode, $word_buf, "");
2651 elsif ($mode == 10 || $mode == 20 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 120 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1711 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 3610 || $mode == 3710 || $mode == 3711 || $mode == 3720 || $mode == 3800 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 4900 || $mode == 8900 || $mode == 10000 || $mode == 10200 || $mode == 10900 || $mode == 11900 || $mode == 12000 || $mode == 12100)
2653 my $salt_len = get_random_num
(1, 15);
2655 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2657 elsif ($mode == 11 || $mode == 12 || $mode == 7600 || $mode == 12300)
2659 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
2663 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 2));
2667 my $salt_len = get_random_num
(1, 11);
2669 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2671 elsif ($mode == 111 || $mode == 122 || $mode == 131 || $mode == 132 || $mode == 400 || $mode == 500 || $mode == 1600 || $mode == 1722 || $mode == 1731 || $mode == 1800 || $mode == 6300 || $mode == 7900 || $mode == 8100 || $mode == 11100)
2673 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 8));
2675 elsif ($mode == 112)
2677 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 20));
2679 elsif ($mode == 121)
2681 my $salt_len = get_random_num
(1, 9);
2683 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2685 elsif ($mode == 141 || $mode == 1441)
2687 my $salt_len = get_random_num
(1, 15);
2689 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2691 elsif ($mode == 1100)
2693 my $salt_len = get_random_num
(1, 19);
2695 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2697 elsif ($mode == 1500)
2699 next if length ($word_buf) > 8;
2701 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 2));
2703 elsif ($mode == 2100)
2705 next if length ($word_buf) > 13;
2707 my $salt_len = get_random_num
(1, 19);
2709 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2711 elsif ($mode == 2410)
2713 next if length ($word_buf) > 15;
2715 my $salt_len = get_random_num
(1, 15);
2717 my $word_len = length ($word_buf);
2719 $salt_len = min
($salt_len, 15 - $word_len);
2721 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2723 elsif ($mode == 2500)
2725 next if length ($word_buf) < 8;
2727 my $salt_len = get_random_num
(0, 32);
2729 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2731 elsif ($mode == 2611)
2733 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 3));
2735 elsif ($mode == 2612)
2737 my $salt_len = get_random_num
(1, 22);
2739 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2741 elsif ($mode == 2711)
2743 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 30));
2745 elsif ($mode == 2811)
2747 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 5));
2749 elsif ($mode == 3000)
2751 next if length ($word_buf) > 7;
2753 $tmp_hash = gen_hash
($mode, $word_buf, "");
2755 elsif ($mode == 3100)
2757 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 10));
2759 elsif ($mode == 3200 || $mode == 5800 || $mode == 6400 || $mode == 6500 || $mode == 6700 || $mode == 7400 || $mode == 3300 || $mode == 8000 || $mode == 9100 || $mode == 12200)
2761 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 16));
2763 elsif ($mode == 3800 || $mode == 4900)
2765 my $salt_len = get_random_num
(1, 11);
2767 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2769 elsif ($mode == 4800)
2771 $salt_buf = get_random_md5chap_salt
(substr ($salt_buf, 0, 16));
2773 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2775 elsif ($mode == 5300 || $mode == 5400)
2777 $salt_buf = get_random_ike_salt
();
2779 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2781 elsif ($mode == 5500)
2783 my $user_len = get_random_num
(0, 15);
2784 my $domain_len = get_random_num
(0, 15);
2786 $salt_buf = get_random_netntlmv1_salt
($user_len, $domain_len);
2788 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2790 elsif ($mode == 5600)
2792 my $user_len = get_random_num
(0, 15);
2793 my $domain_len = get_random_num
(0, 15);
2795 $salt_buf = get_random_netntlmv2_salt
($user_len, $domain_len);
2797 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2799 elsif ($mode == 6600)
2801 $salt_buf = get_random_agilekeychain_salt
();
2803 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2805 elsif ($mode == 6800)
2807 my $email_len = get_random_num
(1, 15);
2811 for (my $i = 0; $i < $email_len; $i++)
2813 $email .= get_random_chr
(0x61, 0x7a);
2816 $email .= '@trash-mail.com';
2818 $tmp_hash = gen_hash
($mode, $word_buf, $email);
2820 elsif ($mode == 7100)
2822 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 64));
2824 elsif ($mode == 7200)
2826 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 128));
2828 elsif ($mode == 7300)
2830 my $salt_len = get_random_num
(32, 256);
2832 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2834 elsif ($mode == 7500)
2836 $salt_buf = get_random_kerberos5_salt
(substr ($salt_buf, 0, 16));
2838 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2840 elsif ($mode == 7700)
2842 next if length ($word_buf) > 8;
2844 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 12));
2846 elsif ($mode == 7800)
2848 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 12));
2850 elsif ($mode == 8200)
2852 $salt_buf = get_random_cloudkeychain_salt
();
2854 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2856 elsif ($mode == 8300)
2858 $salt_buf = get_random_dnssec_salt
();
2860 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2862 elsif ($mode == 8400 || $mode == 11200)
2864 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 40));
2866 elsif ($mode == 8500)
2868 next if length ($word_buf) > 8;
2870 my $salt_len = get_random_num
(1, 9);
2872 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2874 elsif ($mode == 8600)
2876 next if length ($word_buf) > 16;
2878 $tmp_hash = gen_hash
($mode, $word_buf, "");
2880 elsif ($mode == 8700)
2882 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 5));
2884 elsif ($mode == 9200 || $mode == 9300)
2888 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2890 elsif ($mode == 9400 || $mode == 9500 || $mode == 9600 || $mode == 9700 || $mode == 9800)
2892 next if length ($word_buf) > 19;
2896 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2898 elsif ($mode == 10100)
2900 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
2902 elsif ($mode == 10300)
2904 my $salt_len = get_random_num
(4, 15);
2906 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2908 elsif ($mode == 10400)
2910 next if length ($word_buf) > 31;
2914 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2916 elsif ($mode == 10500)
2918 next if length ($word_buf) > 15;
2922 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2924 elsif ($mode == 10600)
2926 next if length ($word_buf) > 31;
2930 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2932 elsif ($mode == 10700)
2934 next if length ($word_buf) > 15;
2938 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2940 elsif ($mode == 11000)
2942 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 56));
2944 elsif ($mode == 11300)
2946 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 16));
2948 elsif ($mode == 11400)
2950 next if length ($word_buf) > 24;
2952 my $salt_len = get_random_num
(1, 15);
2954 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2956 elsif ($mode == 11600)
2958 my $salt_len = get_random_num
(0, 16);
2960 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2962 elsif ($mode == 12400)
2964 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 4));
2966 elsif ($mode == 12600)
2968 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 64));
2970 elsif ($mode == 12700)
2972 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
2974 elsif ($mode == 12800)
2976 next if length ($word_buf) > 24;
2978 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 20));
2980 elsif ($mode == 12900)
2982 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
2984 elsif ($mode == 13000)
2986 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
2988 elsif ($mode == 13100)
2990 $salt_buf = get_random_kerberos5_tgs_salt
();
2992 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2994 elsif ($mode == 13200)
2996 $salt_buf = get_random_axcrypt_salt
();
2998 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
3002 print "ERROR: Unsupported hash type\n";
3007 print $tmp_hash, "\n";
3020 for (my $j = 0; $j < scalar @modes; $j++)
3022 my $mode = $modes[$j];
3024 if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 190 || $mode == 200 || $mode == 300 || $mode == 600 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 5300 || $mode == 5400 || $mode == 6000 || $mode == 6100 || $mode == 6600 || $mode == 6900 || $mode == 5700 || $mode == 8200 || $mode == 8300 || $mode == 9900 || $mode == 10800 || $mode == 11500)
3026 for (my $i = 1; $i < 32; $i++)
3030 rnd
($mode, $len, 0);
3038 elsif ($mode == 10 || $mode == 20 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 120 || $mode == 121 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1711 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 2410 || $mode == 3610 || $mode == 3710 || $mode == 3711 || $mode == 3720 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 8900 || $mode == 10000 || $mode == 10200 || $mode == 10900 || $mode == 11900 || $mode == 12000 || $mode == 12100)
3040 my $salt_len = get_random_num
(1, 15);
3042 for (my $i = 1; $i < 32; $i++)
3046 rnd
($mode, $len, $salt_len);
3050 rnd
($mode, $i, $salt_len);
3054 elsif ($mode == 11 || $mode == 12 || $mode == 7600 || $mode == 12300)
3056 for (my $i = 1; $i < 32; $i++)
3060 rnd
($mode, $len, 32);
3064 rnd
($mode, $i, 32);
3068 elsif ($mode == 21 || $mode == 22)
3070 for (my $i = 1; $i < 32; $i++)
3074 rnd
($mode, $len, 2);
3082 elsif ($mode == 111 || $mode == 122 || $mode == 131 || $mode == 132 || $mode == 400 || $mode == 500 || $mode == 1600 || $mode == 1722 || $mode == 1731 || $mode == 6300 || $mode == 7900 || $mode == 8100 || $mode == 11100)
3084 for (my $i = 1; $i < 32; $i++)
3088 rnd
($mode, $len, 8);
3096 elsif ($mode == 112)
3098 for (my $i = 1; $i < 32; $i++)
3102 rnd
($mode, $len, 20);
3106 rnd
($mode, $i, 20);
3110 elsif ($mode == 141 || $mode == 3300 || $mode == 1441 || $mode == 1800 || $mode == 3200 || $mode == 4800 || $mode == 6400 || $mode == 6500 || $mode == 6700 || $mode == 7400 || $mode == 8000 || $mode == 9100 || $mode == 12200)
3112 for (my $i = 1; $i < 32; $i++)
3116 rnd
($mode, $len, 16);
3120 rnd
($mode, $i, 16);
3126 my $salt_len = get_random_num
(1, 19);
3128 for (my $i = 1; $i < 32; $i++)
3132 rnd
($mode, $len, $salt_len);
3136 rnd
($mode, $i, $salt_len);
3140 elsif ($mode == 1500)
3142 for (my $i = 1; $i < 9; $i++)
3146 rnd
($mode, $len, 2);
3154 elsif ($mode == 2100)
3156 my $salt_len = get_random_num
(1, 19);
3158 for (my $i = 1; $i < 13; $i++)
3162 rnd
($mode, $len, $salt_len);
3166 rnd
($mode, $i, $salt_len);
3170 elsif ($mode == 2500)
3172 my $salt_len = get_random_num
(0, 32);
3174 for (my $i = 8; $i < 16; $i++)
3176 my $generate_from_len = 0;
3185 rnd
($mode, $len, $salt_len);
3189 rnd
($mode, $i, $salt_len);
3193 elsif ($mode == 2611)
3195 for (my $i = 1; $i < 32; $i++)
3199 rnd
($mode, $len, 3);
3207 elsif ($mode == 2612)
3209 my $salt_len = get_random_num
(1, 22);
3211 for (my $i = 1; $i < 32; $i++)
3215 rnd
($mode, $len, $salt_len);
3219 rnd
($mode, $i, $salt_len);
3223 elsif ($mode == 2711)
3225 for (my $i = 1; $i < 32; $i++)
3229 rnd
($mode, $len, 30);
3233 rnd
($mode, $i, 30);
3237 elsif ($mode == 2811)
3239 for (my $i = 1; $i < 32; $i++)
3243 rnd
($mode, $len, 5);
3251 elsif ($mode == 3000)
3253 for (my $i = 1; $i < 8; $i++)
3257 rnd
($mode, $len, 0);
3265 elsif ($mode == 3100)
3267 for (my $i = 1; $i < 32; $i++)
3271 rnd
($mode, $len, 10);
3275 rnd
($mode, $i, 10);
3279 elsif ($mode == 3800 || $mode == 4900)
3281 my $salt_len = get_random_num
(1, 11);
3283 for (my $i = 1; $i < 32; $i++)
3287 rnd
($mode, $len, $salt_len);
3291 rnd
($mode, $i, $salt_len);
3295 elsif ($mode == 5500 || $mode == 5600)
3299 for (my $i = 1; $i < 27; $i++)
3301 $salt_len = get_random_num
(1, 15);
3305 rnd
($mode, $len, $salt_len);
3309 rnd
($mode, $i, $salt_len);
3313 elsif ($mode == 5800)
3315 for (my $i = 1; $i < 14; $i++)
3319 rnd
($mode, $len, 16);
3323 rnd
($mode, $i, 16);
3327 elsif ($mode == 6800)
3329 my $salt_len = get_random_num
(8, 25);
3331 for (my $i = 1; $i < 32; $i++)
3335 rnd
($mode, $len, $salt_len);
3339 rnd
($mode, $i, $salt_len);
3343 elsif ($mode == 7100)
3345 for (my $i = 1; $i < 32; $i++)
3349 rnd
($mode, $len, 64);
3353 rnd
($mode, $i, 64);
3357 elsif ($mode == 7200)
3359 for (my $i = 1; $i < 32; $i++)
3363 rnd
($mode, $len, 128);
3367 rnd
($mode, $i, 128);
3371 elsif ($mode == 7300)
3373 my $salt_len = get_random_num
(32, 255);
3375 for (my $i = 1; $i < 32; $i++)
3379 rnd
($mode, $len, $salt_len);
3383 rnd
($mode, $i, $salt_len);
3387 elsif ($mode == 7500)
3389 for (my $i = 1; $i < 27; $i++)
3393 rnd
($mode, $len, 16);
3397 rnd
($mode, $i, 16);
3401 elsif ($mode == 7700)
3403 my $salt_len = get_random_num
(1, 12);
3405 for (my $i = 1; $i < 9; $i++)
3409 rnd
($mode, $len, $salt_len);
3413 rnd
($mode, $i, $salt_len);
3417 elsif ($mode == 7800)
3419 my $salt_len = get_random_num
(1, 12);
3421 for (my $i = 1; $i < 32; $i++)
3425 rnd
($mode, $len, $salt_len);
3429 rnd
($mode, $i, $salt_len);
3433 elsif ($mode == 8400 || $mode == 11200)
3435 for (my $i = 1; $i < 32; $i++)
3439 rnd
($mode, $len, 40);
3443 rnd
($mode, $i, 40);
3447 elsif ($mode == 8500)
3449 my $salt_len = get_random_num
(1, 8);
3451 for (my $i = 1; $i < 9; $i++)
3455 rnd
($mode, $len, $salt_len);
3459 rnd
($mode, $i, $salt_len);
3463 elsif ($mode == 8600)
3465 for (my $i = 1; $i < 17; $i++)
3469 rnd
($mode, $len, 0);
3477 elsif ($mode == 8700)
3479 for (my $i = 1; $i < 32; $i++)
3483 rnd
($mode, $len, 5);
3491 elsif ($mode == 9200 || $mode == 9300)
3495 for (my $i = 1; $i < 32; $i++)
3499 rnd
($mode, $len, $salt_len);
3503 rnd
($mode, $i, $salt_len);
3507 elsif ($mode == 9400 || $mode == 9500 || $mode == 9600 || $mode == 9700 || $mode == 9800)
3511 for (my $i = 1; $i < 20; $i++)
3515 rnd
($mode, $len, $salt_len);
3519 rnd
($mode, $i, $salt_len);
3523 elsif ($mode == 10100)
3525 for (my $i = 1; $i < 32; $i++)
3529 rnd
($mode, $len, 32);
3533 rnd
($mode, $i, 32);
3537 elsif ($mode == 10300)
3539 my $salt_len = get_random_num
(4, 15);
3541 for (my $i = 1; $i < 32; $i++)
3545 rnd
($mode, $len, $salt_len);
3549 rnd
($mode, $i, $salt_len);
3553 elsif ($mode == 10400 || $mode == 10600)
3557 for (my $i = 1; $i < 32; $i++)
3561 rnd
($mode, $len, $salt_len);
3565 rnd
($mode, $i, $salt_len);
3569 elsif ($mode == 10500 || $mode == 10700)
3573 for (my $i = 1; $i < 16; $i++)
3577 rnd
($mode, $len, $salt_len);
3581 rnd
($mode, $i, $salt_len);
3585 elsif ($mode == 11000)
3587 for (my $i = 1; $i < 32; $i++)
3591 rnd
($mode, $len, 56);
3595 rnd
($mode, $i, 56);
3599 elsif ($mode == 11300)
3601 for (my $i = 1; $i < 32; $i++)
3605 rnd
($mode, $len, 16);
3609 rnd
($mode, $i, 16);
3613 elsif ($mode == 11400)
3615 for (my $i = 1; $i < 24; $i++)
3619 rnd
($mode, $len, 16);
3623 rnd
($mode, $i, 16);
3627 elsif ($mode == 11600)
3629 my $salt_len = get_random_num
(0, 16);
3631 for (my $i = 1; $i < 32; $i++)
3635 rnd
($mode, $len, $salt_len);
3639 rnd
($mode, $i, $salt_len);
3643 elsif ($mode == 12400)
3645 for (my $i = 1; $i < 32; $i++)
3649 rnd
($mode, $len, 4);
3657 elsif ($mode == 12600)
3659 for (my $i = 1; $i < 32; $i++)
3663 rnd
($mode, $len, 64);
3667 rnd
($mode, $i, 64);
3671 elsif ($mode == 12700)
3673 for (my $i = 1; $i < 32; $i++)
3677 rnd
($mode, $len, 32);
3681 rnd
($mode, $i, 32);
3685 elsif ($mode == 12800)
3687 for (my $i = 1; $i < 25; $i++)
3691 rnd
($mode, $len, 20);
3695 rnd
($mode, $i, 20);
3699 elsif ($mode == 12900)
3701 for (my $i = 1; $i < 32; $i++)
3705 rnd
($mode, $len, 32);
3709 rnd
($mode, $i, 32);
3713 elsif ($mode == 13000)
3715 for (my $i = 1; $i < 32; $i++)
3719 rnd
($mode, $len, 32);
3723 rnd
($mode, $i, 32);
3727 elsif ($mode == 13100)
3729 for (my $i = 1; $i < 27; $i++)
3733 rnd
($mode, $len, 16);
3737 rnd
($mode, $i, 16);
3741 elsif ($mode == 13200)
3743 for (my $i = 1; $i < 32; $i++)
3747 rnd
($mode, $len, 32);
3751 rnd
($mode, $i, 32);
3764 my $word_buf = shift;
3766 my $salt_buf = shift;
3770 my $additional_param = shift;
3772 my $additional_param2 = shift;
3774 my $additional_param3 = shift;
3776 my $additional_param4 = shift;
3778 my $additional_param5 = shift;
3780 my $additional_param6 = shift;
3782 my $additional_param7 = shift;
3784 my $additional_param8 = shift;
3786 my $additional_param9 = shift;
3788 my $additional_param10 = shift;
3790 my $additional_param11 = shift;
3802 $hash_buf = md5_hex
($word_buf);
3804 $tmp_hash = sprintf ("%s", $hash_buf);
3808 $hash_buf = md5_hex
($word_buf . $salt_buf);
3810 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3814 $hash_buf = md5_hex
($word_buf . $salt_buf);
3816 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3820 $hash_buf = md5_hex
($word_buf . $salt_buf);
3822 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3826 $hash_buf = md5_hex
($salt_buf . $word_buf);
3828 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3832 $hash_buf = md5_hex
($salt_buf . $word_buf);
3834 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3838 my $itoa64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
3839 my $salt_suffix = "Administration Tools";
3841 my $pass = sprintf ("%s:%s:%s", $salt_buf, $salt_suffix, $word_buf);
3843 $hash_buf = md5
($pass);
3847 for (my $pos = 0; $pos < 16; $pos += 2)
3849 my $octet1 = ord (substr ($hash_buf, $pos + 0, 1));
3850 my $octet2 = ord (substr ($hash_buf, $pos + 1, 1));
3852 my $num = ($octet1 <<8 & 0xff00) | ($octet2 & 0xff);
3854 my $idx1 = $num >> 12 & 0x0f;
3855 my $idx2 = $num >> 6 & 0x3f;
3856 my $idx3 = $num & 0x3f;
3858 $res = $res . substr ($itoa64, $idx1, 1) . substr ($itoa64, $idx2, 1) . substr ($itoa64, $idx3, 1);
3861 my $obfuscate_str = "nrcstn";
3862 my @obfuscate_pos = (0, 6, 12, 17, 23, 29);
3864 foreach my $pos (keys @obfuscate_pos)
3866 my $idx = $obfuscate_pos[$pos];
3867 my $before = substr ($res, 0, $idx);
3868 my $char = substr ($obfuscate_str, $pos, 1);
3869 my $after = substr ($res, $idx);
3871 $res = sprintf ("%s%s%s", $before, $char, $after);
3874 $tmp_hash = sprintf ("%s:%s", $res, $salt_buf);
3878 $hash_buf = md5_hex
($salt_buf . "\nskyper\n" . $word_buf);
3880 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3884 $hash_buf = md5_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
3886 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3890 $hash_buf = md5_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
3892 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3896 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&md5
, 64);
3898 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3902 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&md5
, 64);
3904 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3906 elsif ($mode == 100)
3908 $hash_buf = sha1_hex
($word_buf);
3910 $tmp_hash = sprintf ("%s", $hash_buf);
3912 elsif ($mode == 101)
3914 $hash_buf = sha1
($word_buf);
3916 my $base64_buf = encode_base64
($hash_buf);
3918 chomp ($base64_buf);
3920 $tmp_hash = sprintf ("{SHA}%s", $base64_buf);
3922 elsif ($mode == 110)
3924 $hash_buf = sha1_hex
($word_buf . $salt_buf);
3926 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3928 elsif ($mode == 111)
3930 $hash_buf = sha1
($word_buf . $salt_buf);
3932 my $base64_buf = encode_base64
($hash_buf . $salt_buf);
3934 chomp ($base64_buf);
3936 $tmp_hash = sprintf ("{SSHA}%s", $base64_buf);
3938 elsif ($mode == 112)
3940 my $salt_buf_bin = pack ("H*", $salt_buf);
3942 $hash_buf = sha1_hex
($word_buf . $salt_buf_bin);
3944 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3946 elsif ($mode == 120)
3948 $hash_buf = sha1_hex
($salt_buf . $word_buf);
3950 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3952 elsif ($mode == 121)
3954 $hash_buf = sha1_hex
(lc ($salt_buf) . $word_buf);
3956 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3958 elsif ($mode == 122)
3960 my $salt_buf_bin = pack ("H*", $salt_buf);
3962 $hash_buf = sha1_hex
($salt_buf_bin . $word_buf);
3964 $tmp_hash = sprintf ("%s%s", $salt_buf, $hash_buf);
3966 elsif ($mode == 130)
3968 $hash_buf = sha1_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
3970 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3972 elsif ($mode == 131)
3974 my $salt_buf_bin = pack ("H*", $salt_buf);
3976 $hash_buf = sha1_hex
(encode
("UTF-16LE", uc ($word_buf)) . $salt_buf_bin);
3978 $tmp_hash = sprintf ("0x0100%s%s%s", $salt_buf, "0" x
40, $hash_buf);
3980 elsif ($mode == 132)
3982 my $salt_buf_bin = pack ("H*", $salt_buf);
3984 $hash_buf = sha1_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf_bin);
3986 $tmp_hash = sprintf ("0x0100%s%s", $salt_buf, $hash_buf);
3988 elsif ($mode == 140)
3990 $hash_buf = sha1_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
3992 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3994 elsif ($mode == 141)
3996 $hash_buf = sha1
($salt_buf . encode
("UTF-16LE", $word_buf));
3998 my $base64_salt_buf = encode_base64
($salt_buf);
4000 chomp ($base64_salt_buf);
4002 my $base64_hash_buf = encode_base64
($hash_buf);
4004 $base64_hash_buf = substr ($base64_hash_buf, 0, 27);
4006 $tmp_hash = sprintf ("\$episerver\$*0*%s*%s", $base64_salt_buf, $base64_hash_buf);
4008 elsif ($mode == 150)
4010 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha1
, 64);
4012 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4014 elsif ($mode == 160)
4016 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&sha1
, 64);
4018 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4020 elsif ($mode == 190)
4022 $hash_buf = sha1_hex
($word_buf);
4024 my $variant = int (rand (2));
4026 if (defined ($additional_param))
4028 $variant = $additional_param;
4033 substr ($hash_buf, 0, 5) = "00000";
4036 $tmp_hash = sprintf ("%s", $hash_buf);
4038 elsif ($mode == 200)
4040 my $ppr = Authen
::Passphrase
::MySQL323
->new (passphrase
=> $word_buf);
4042 $hash_buf = $ppr->hash_hex;
4044 $tmp_hash = sprintf ("%s", $hash_buf);
4046 elsif ($mode == 300)
4048 $hash_buf = substr (password41
($word_buf), 1);
4050 $hash_buf = lc ($hash_buf); # useful for 'not matched' check only
4052 $tmp_hash = sprintf ("%s", $hash_buf);
4054 elsif ($mode == 400)
4063 my $ppr = Authen
::Passphrase
::PHPass
->new
4067 passphrase
=> $word_buf,
4070 $hash_buf = $ppr->as_rfc2307;
4072 $tmp_hash = sprintf ("%s", substr ($hash_buf, 7));
4074 elsif ($mode == 500)
4076 my $iterations = 1000;
4078 if (defined ($iter))
4082 $iterations = int ($iter);
4086 $hash_buf = md5_crypt
('$1$', $iterations, $word_buf, $salt_buf);
4088 $tmp_hash = sprintf ("%s", $hash_buf);
4090 elsif ($mode == 900)
4092 $hash_buf = md4_hex
($word_buf);
4094 $tmp_hash = sprintf ("%s", $hash_buf);
4096 elsif ($mode == 1000)
4098 $hash_buf = md4_hex
(encode
("UTF-16LE", $word_buf));
4100 $tmp_hash = sprintf ("%s", $hash_buf);
4102 elsif ($mode == 1100)
4104 $hash_buf = md4_hex
(md4
(encode
("UTF-16LE", $word_buf)) . encode
("UTF-16LE", lc ($salt_buf)));
4106 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4108 elsif ($mode == 1400)
4110 $hash_buf = sha256_hex
($word_buf);
4112 $tmp_hash = sprintf ("%s", $hash_buf);
4114 elsif ($mode == 1410)
4116 $hash_buf = sha256_hex
($word_buf . $salt_buf);
4118 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4120 elsif ($mode == 1420)
4122 $hash_buf = sha256_hex
($salt_buf . $word_buf);
4124 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4126 elsif ($mode == 1430)
4128 $hash_buf = sha256_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
4130 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4132 elsif ($mode == 1440)
4134 $hash_buf = sha256_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
4136 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4138 elsif ($mode == 1441)
4140 $hash_buf = sha256
($salt_buf . encode
("UTF-16LE", $word_buf));
4142 my $base64_salt_buf = encode_base64
($salt_buf);
4144 chomp ($base64_salt_buf);
4146 my $base64_hash_buf = encode_base64
($hash_buf);
4148 chomp ($base64_hash_buf);
4150 $base64_hash_buf = substr ($base64_hash_buf, 0, 43);
4152 $tmp_hash = sprintf ("\$episerver\$*1*%s*%s", $base64_salt_buf, $base64_hash_buf);
4154 elsif ($mode == 1450)
4156 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha256
, 64);
4158 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4160 elsif ($mode == 1460)
4162 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&sha256
, 64);
4164 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4166 elsif ($mode == 1500)
4168 $hash_buf = crypt ($word_buf, $salt_buf);
4170 $tmp_hash = sprintf ("%s", $hash_buf);
4172 elsif ($mode == 1600)
4174 my $iterations = 1000;
4176 if (defined ($iter))
4180 $iterations = int ($iter);
4184 $hash_buf = md5_crypt
('$apr1$', $iterations, $word_buf, $salt_buf);
4186 $tmp_hash = sprintf ("%s", $hash_buf);
4188 elsif ($mode == 1700)
4190 $hash_buf = sha512_hex
($word_buf);
4192 $tmp_hash = sprintf ("%s", $hash_buf);
4194 elsif ($mode == 1710)
4196 $hash_buf = sha512_hex
($word_buf . $salt_buf);
4198 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4200 elsif ($mode == 1711)
4202 $hash_buf = sha512_hex
($word_buf . $salt_buf);
4204 my $base64_buf = encode_base64
(pack ("H*", $hash_buf) . $salt_buf);
4206 $base64_buf =~ s/[ \n]//g;
4208 $tmp_hash = sprintf ("{SSHA512}%s", $base64_buf);
4210 elsif ($mode == 1720)
4212 $hash_buf = sha512_hex
($salt_buf . $word_buf);
4214 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4216 elsif ($mode == 1730)
4218 $hash_buf = sha512_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
4220 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4222 elsif ($mode == 1740)
4224 $hash_buf = sha512_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
4226 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4228 elsif ($mode == 1722)
4230 my $salt_buf_bin = pack ("H*", $salt_buf);
4232 $hash_buf = sha512_hex
($salt_buf_bin . $word_buf);
4234 $tmp_hash = sprintf ("%s%s", $salt_buf, $hash_buf);
4236 elsif ($mode == 1731)
4238 my $salt_buf_bin = pack ("H*", $salt_buf);
4240 $hash_buf = sha512_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf_bin);
4242 $tmp_hash = sprintf ("0x0200%s%s", $salt_buf, $hash_buf);
4244 elsif ($mode == 1750)
4246 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha512
, 128);
4248 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4250 elsif ($mode == 1760)
4252 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&sha512
, 128);
4254 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4256 elsif ($mode == 1800)
4258 my $iterations = 5000;
4260 if (defined ($iter))
4264 $iterations = int ($iter);
4268 $hash_buf = sha512_crypt
($iterations, $word_buf, $salt_buf);
4270 $tmp_hash = sprintf ("%s", $hash_buf);
4272 elsif ($mode == 2100)
4274 my $iterations = 10240;
4278 $iterations = int ($iter);
4281 my $salt = encode
("UTF-16LE", lc ($salt_buf));
4283 my $pbkdf2 = Crypt
::PBKDF2
->new
4285 hash_class
=> 'HMACSHA1',
4286 iterations
=> $iterations,
4288 salt_len
=> length ($salt),
4291 $hash_buf = unpack ("H*", $pbkdf2->PBKDF2 ($salt, md4
(md4
(encode
("UTF-16LE", $word_buf)) . $salt)));
4293 $tmp_hash = sprintf ("\$DCC2\$%i#%s#%s", $iterations, $salt_buf, $hash_buf);
4295 elsif ($mode == 2400)
4297 $tmp_hash = sprintf ("%s", pseudo_base64
(Digest
::MD5
::md5
($word_buf . "\0" x
(16 - length ($word_buf)))));
4299 elsif ($mode == 2410)
4301 my $salt_len = length ($salt_buf);
4303 my $salt_len_max4 = ($salt_len < 4) ?
$salt_len : 4;
4305 my $hash_buf = pseudo_base64
(Digest
::MD5
::md5
($word_buf . substr ($salt_buf, 0, $salt_len_max4) . "\0" x
(16 - length ($word_buf) - $salt_len_max4)));
4307 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4309 elsif ($mode == 2500)
4311 my ($bssid, $stmac, $snonce, $anonce, $eapol, $keyver, $eapol_size);
4313 if (! defined ($additional_param))
4317 $bssid = randbytes
(6);
4318 $stmac = randbytes
(6);
4319 $snonce = randbytes
(32);
4320 $anonce = randbytes
(32);
4322 $keyver = get_random_num
(1, 3); # 1 or 2
4325 # should be "validly" generated, but in theory could be anything for us also:
4326 # $eapol = "\x00" x 121; # works too, but let's generate it correctly
4328 $eapol = gen_random_wpa_eapol
($keyver, $snonce);
4332 $bssid = $additional_param;
4333 $stmac = $additional_param2;
4334 $snonce = $additional_param3;
4335 $anonce = $additional_param4;
4336 $keyver = $additional_param5;
4337 $eapol = $additional_param6;
4340 $eapol_size = length ($eapol);
4344 my $iterations = 4096;
4350 # generate the Pairwise Master Key (PMK)
4352 my $pbkdf2 = Crypt
::PBKDF2
->new
4354 hash_class
=> 'HMACSHA1',
4355 iterations
=> $iterations,
4359 my $pmk = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
4361 # Pairwise Transient Key (PTK) transformation
4363 my $ptk = wpa_prf_512
($pmk, $stmac, $bssid, $snonce, $anonce);
4365 # generate the Message Integrity Code (MIC)
4369 if ($keyver == 1) # WPA1 => MD5
4371 $mic = hmac
($eapol, $ptk, \
&md5
);
4375 $mic = hmac
($eapol, $ptk, \
&sha1
);
4378 $mic = substr ($mic, 0, 16);
4381 # format the binary output
4386 # first the essid (NULL-padded up to the first 36 bytes)
4388 $hash_buf .= $salt_buf;
4389 $hash_buf .= "\x00" x
(36 - length ($salt_buf));
4391 # the 2 MAC addresses
4393 $hash_buf .= $bssid;
4394 $hash_buf .= $stmac;
4398 $hash_buf .= $snonce;
4399 $hash_buf .= $anonce;
4403 $hash_buf .= $eapol;
4404 $hash_buf .= "\x00" x
(256 - $eapol_size);
4408 $hash_buf .= pack ("L*", $eapol_size);
4412 $hash_buf .= pack ("L*", $keyver);
4414 # and finally: the key mic
4418 # base64 encode the output
4420 $tmp_hash = encode_base64
($hash_buf, '');
4422 elsif ($mode == 2600)
4424 $hash_buf = md5_hex
(md5_hex
($word_buf));
4426 $tmp_hash = sprintf ("%s", $hash_buf);
4428 elsif ($mode == 2611)
4430 $hash_buf = md5_hex
(md5_hex
($word_buf) . $salt_buf);
4432 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4434 elsif ($mode == 2612)
4436 my $salt_buf_hex = unpack ("H*", $salt_buf);
4438 $hash_buf = md5_hex
(md5_hex
($word_buf) . $salt_buf);
4440 $tmp_hash = sprintf ("\$PHPS\$%s\$%s", $salt_buf_hex, $hash_buf);
4442 elsif ($mode == 2711)
4444 $hash_buf = md5_hex
(md5_hex
($word_buf) . $salt_buf);
4446 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4448 elsif ($mode == 2811)
4450 $hash_buf = md5_hex
(md5_hex
($salt_buf) . md5_hex
($word_buf));
4452 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4454 elsif ($mode == 3000)
4456 my $ppr = Authen
::Passphrase
::LANManager
->new ("passphrase" => $word_buf);
4458 $hash_buf = $ppr->hash_hex;
4460 $tmp_hash = sprintf ("%s", substr ($hash_buf, 0, 16));
4462 elsif ($mode == 3100)
4464 $hash_buf = oracle_hash
($salt_buf, $word_buf);
4466 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4468 elsif ($mode == 3200)
4477 $tmp_hash = bcrypt
($word_buf, sprintf ('$2a$%s$%s$', $cost, en_base64
($salt_buf)));
4479 elsif ($mode == 3300)
4481 my $iterations = 904;
4485 $iterations = int ($iter);
4490 if (defined ($additional_param))
4492 $variant = $additional_param;
4495 my $prefix = sprintf ("\$md5%srounds=%i\$%s", $variant, $iterations, $salt_buf);
4497 $iterations += 4096;
4499 $hash_buf = sun_md5
($word_buf, $prefix, $iterations);
4501 $tmp_hash = sprintf ("%s\$%s", $prefix, $hash_buf);
4503 elsif ($mode == 3500)
4505 $hash_buf = md5_hex
(md5_hex
(md5_hex
($word_buf)));
4507 $tmp_hash = sprintf ("%s", $hash_buf);
4509 elsif ($mode == 3610)
4511 $hash_buf = md5_hex
(md5_hex
($salt_buf) . $word_buf);
4513 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4515 elsif ($mode == 3710)
4517 $hash_buf = md5_hex
($salt_buf . md5_hex
($word_buf));
4519 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4521 elsif ($mode == 3711)
4523 $hash_buf = md5_hex
($salt_buf . "-" . md5_hex
($word_buf));
4525 $tmp_hash = sprintf ("\$B\$%s\$%s", $salt_buf, $hash_buf);
4527 elsif ($mode == 3720)
4529 $hash_buf = md5_hex
($word_buf . md5_hex
($salt_buf));
4531 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4533 elsif ($mode == 3800)
4535 $hash_buf = md5_hex
($salt_buf . $word_buf . $salt_buf);
4537 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4539 elsif ($mode == 3910)
4541 $hash_buf = md5_hex
(md5_hex
($word_buf) . md5_hex
($salt_buf));
4543 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4545 elsif ($mode == 4010)
4547 $hash_buf = md5_hex
($salt_buf . md5_hex
($salt_buf . $word_buf));
4549 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4551 elsif ($mode == 4110)
4553 $hash_buf = md5_hex
($salt_buf . md5_hex
($word_buf . $salt_buf));
4555 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4557 elsif ($mode == 4210)
4559 $hash_buf = md5_hex
($salt_buf . "\x00" . $word_buf);
4561 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4563 elsif ($mode == 4300)
4565 $hash_buf = md5_hex
(uc (md5_hex
($word_buf)));
4567 $tmp_hash = sprintf ("%s", $hash_buf);
4569 elsif ($mode == 4400)
4571 $hash_buf = md5_hex
(sha1_hex
($word_buf));
4573 $tmp_hash = sprintf ("%s", $hash_buf);
4575 elsif ($mode == 4500)
4577 $hash_buf = sha1_hex
(sha1_hex
($word_buf));
4579 $tmp_hash = sprintf ("%s", $hash_buf);
4581 elsif ($mode == 4600)
4583 $hash_buf = sha1_hex
(sha1_hex
(sha1_hex
($word_buf)));
4585 $tmp_hash = sprintf ("%s", $hash_buf);
4587 elsif ($mode == 4700)
4589 $hash_buf = sha1_hex
(md5_hex
($word_buf));
4591 $tmp_hash = sprintf ("%s", $hash_buf);
4593 elsif ($mode == 4800)
4595 my $index = rindex ($salt_buf, ":");
4597 my $salt = substr ($salt_buf, 0, $index);
4598 my $salt_bin = pack ("H*", $salt);
4599 my $chap_sign = substr ($salt_buf, $index + 1);
4600 my $chap_sign_bin = pack ("H*", $chap_sign);
4602 $hash_buf = md5_hex
($chap_sign_bin . $word_buf . $salt_bin);
4604 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4606 elsif ($mode == 4900)
4608 $hash_buf = sha1_hex
($salt_buf . $word_buf . $salt_buf);
4610 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4612 elsif ($mode == 5000)
4614 $hash_buf = keccak_256_hex
($word_buf);
4616 $tmp_hash = sprintf ("%s", $hash_buf);
4618 elsif ($mode == 5100)
4622 if (! defined ($additional_param))
4628 $pos = $additional_param * 8 unless ($additional_param > 2);
4631 $hash_buf = md5_hex
($word_buf);
4633 $tmp_hash = sprintf ("%s", substr ($hash_buf, $pos, 16));
4635 elsif ($mode == 5300)
4637 my @salt_arr = split (":", $salt_buf);
4639 my $msg_buf = pack ("H*", $salt_arr[0] . $salt_arr[1] . $salt_arr[2] . $salt_arr[3] . $salt_arr[4] . $salt_arr[5]);
4640 my $nr_buf = pack ("H*", $salt_arr[6] . $salt_arr[7]);
4642 my $hash_buf = hmac
($nr_buf , $word_buf, \
&md5
, 64);
4643 $hash_buf = hmac_hex
($msg_buf, $hash_buf, \
&md5
, 64);
4645 $tmp_hash = sprintf ("%s:%s", $salt_buf, $hash_buf);
4647 elsif ($mode == 5400)
4649 my @salt_arr = split (":", $salt_buf);
4651 my $msg_buf = pack ("H*", $salt_arr[0] . $salt_arr[1] . $salt_arr[2] . $salt_arr[3] . $salt_arr[4] . $salt_arr[5]);
4652 my $nr_buf = pack ("H*", $salt_arr[6] . $salt_arr[7]);
4654 my $hash_buf = hmac
($nr_buf , $word_buf, \
&sha1
, 64);
4655 $hash_buf = hmac_hex
($msg_buf, $hash_buf, \
&sha1
, 64);
4657 $tmp_hash = sprintf ("%s:%s", $salt_buf, $hash_buf);
4659 elsif ($mode == 5500)
4661 my $index1 = index ($salt_buf, "::");
4662 my $user = substr ($salt_buf, 0, $index1);
4664 my $index2 = index ($salt_buf, ":", $index1 + 2);
4665 my $domain = substr ($salt_buf, $index1 + 2, $index2 - $index1 - 2);
4667 my $len = length (substr ($salt_buf, $index2 + 1));
4669 my $c_challenge_hex;
4673 $c_challenge_hex = substr ($salt_buf, $index2 + 1, 48);
4678 $c_challenge_hex = substr ($salt_buf, $index2 + 1, 16);
4679 $c_challenge_hex .= 00 x
32;
4682 my $c_challenge = pack ("H*", substr ($c_challenge_hex, 0, 16));
4683 my $s_challenge_hex = substr ($salt_buf, $index2 + 17, 16);
4684 my $s_challenge = pack ("H*", $s_challenge_hex);
4686 my $challenge = substr (md5
($s_challenge . $c_challenge), 0, 8);
4690 my $nthash = Authen
::Passphrase
::NTHash
->new (passphrase
=> $word_buf)->hash . "\x00" x
5;
4692 $ntresp .= Crypt
::ECB
::encrypt
(setup_des_key
(substr ($nthash, 0, 7)), "DES", $challenge, PADDING_NONE
);
4693 $ntresp .= Crypt
::ECB
::encrypt
(setup_des_key
(substr ($nthash, 7, 7)), "DES", $challenge, PADDING_NONE
);
4694 $ntresp .= Crypt
::ECB
::encrypt
(setup_des_key
(substr ($nthash, 14, 7)), "DES", $challenge, PADDING_NONE
);
4696 $tmp_hash = sprintf ("%s::%s:%s:%s:%s", $user, $domain, $c_challenge_hex, unpack ("H*", $ntresp), $s_challenge_hex);
4698 elsif ($mode == 5600)
4700 my $index1 = index ($salt_buf, "::");
4701 my $user = substr ($salt_buf, 0, $index1);
4703 my $index2 = index ($salt_buf, ":", $index1 + 2);
4704 my $domain = substr ($salt_buf, $index1 + 2, $index2 - $index1 - 2);
4706 my $s_challenge_hex = substr ($salt_buf, $index2 + 1, 16);
4707 my $s_challenge = pack ("H*", $s_challenge_hex);
4709 my $temp_hex = substr ($salt_buf, $index2 + 17);
4710 my $temp = pack ("H*", $temp_hex);
4712 my $nthash = Authen
::Passphrase
::NTHash
->new (passphrase
=> $word_buf)->hash;
4713 my $identity = Encode
::encode
("UTF-16LE", uc ($user) . $domain);
4715 $hash_buf = hmac_hex
($s_challenge . $temp, hmac
($identity, $nthash, \
&md5
, 64), \
&md5
, 64);
4717 $tmp_hash = sprintf ("%s::%s:%s:%s:%s", $user, $domain, $s_challenge_hex, $hash_buf, $temp_hex);
4719 elsif ($mode == 5700)
4721 $hash_buf = sha256
($word_buf);
4723 my $base64_buf = encode_base64
($hash_buf);
4727 for (my $i = 0; $i < 43; $i++)
4729 $tmp_hash .= $CISCO_BASE64_MAPPING->{substr ($base64_buf, $i, 1)};
4732 elsif ($mode == 5800)
4734 $hash_buf = androidpin_hash
($word_buf, $salt_buf);
4736 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4738 elsif ($mode == 6000)
4740 $hash_buf = ripemd160_hex
($word_buf);
4742 $tmp_hash = sprintf ("%s", $hash_buf);
4744 elsif ($mode == 6100)
4746 $hash_buf = whirlpool_hex
($word_buf);
4748 $tmp_hash = sprintf ("%s", $hash_buf);
4750 elsif ($mode == 6300)
4752 my $iterations = 1000; # hard coded by the AIX format
4754 $hash_buf = md5_crypt
('', $iterations, $word_buf, $salt_buf);
4756 $tmp_hash = sprintf ("{smd5}%s", $hash_buf);
4758 elsif ($mode == 6400)
4760 my $iterations = 64;
4764 $iterations = 1 << int ($iter);
4767 $hash_buf = aix_ssha256_pbkdf2
($word_buf, $salt_buf, $iterations);
4769 $tmp_hash = sprintf ("{ssha256}%02i\$%s\$%s", log ($iterations) / log (2), $salt_buf, $hash_buf);
4771 elsif ($mode == 6500)
4773 my $iterations = 64;
4777 $iterations = 1 << int ($iter);
4780 $hash_buf = aix_ssha512_pbkdf2
($word_buf, $salt_buf, $iterations);
4782 $tmp_hash = sprintf ("{ssha512}%02i\$%s\$%s", log ($iterations) / log (2), $salt_buf, $hash_buf);
4784 elsif ($mode == 6600)
4786 my $iterations = 1000;
4790 $iterations = int ($iter);
4793 my $salt_hex = substr ($salt_buf, 0, 16);
4794 my $salt = pack ("H*", $salt_hex);
4796 my $prefix = substr ($salt_buf, 16, 2016);
4798 my $iv_hex = substr ($salt_buf, 2032);
4799 my $iv = pack ("H*", $iv_hex);
4801 my $data = pack ("H*", "10101010101010101010101010101010");
4803 my $hasher = Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA1');
4805 my $pbkdf2 = Crypt
::PBKDF2
->new (
4807 iterations
=> $iterations,
4811 my $key = $pbkdf2->PBKDF2 ($salt, $word_buf);
4813 my $cipher = Crypt
::CBC
->new ({
4815 cipher
=> "Crypt::Rijndael",
4822 my $encrypted = unpack ("H*", $cipher->encrypt ($data));
4824 $hash_buf = substr ($encrypted, 0, 32);
4826 $tmp_hash = sprintf ("%i:%s:%s%s%s", $iterations, $salt_hex, $prefix, $iv_hex, $hash_buf);
4828 elsif ($mode == 6700)
4830 my $iterations = 64;
4834 $iterations = 1 << int ($iter);
4837 $hash_buf = aix_ssha1_pbkdf2
($word_buf, $salt_buf, $iterations);
4839 $tmp_hash = sprintf ("{ssha1}%02i\$%s\$%s", log ($iterations) / log (2), $salt_buf, $hash_buf);
4841 elsif ($mode == 6800)
4843 my $variant = $additional_param;
4845 if (! defined ($variant))
4847 $variant = int (rand (2));
4850 my $iterations = 500;
4854 $iterations = int ($iter);
4857 my $iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
4859 my $hasher = Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256);
4861 my $pbkdf2 = Crypt
::PBKDF2
->new (
4863 iterations
=> $iterations,
4867 my $key = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
4869 my $cipher = Crypt
::CBC
->new ({
4871 cipher
=> "Crypt::Rijndael",
4880 my $encrypt = $cipher->encrypt (substr ($salt_buf, 0, 16));
4882 $hash_buf = substr (unpack ("H*", $encrypt), 0, 32);
4886 my $verifier = "lastpass rocks\x02\x02";
4888 $hash_buf = unpack ("H*", substr ($cipher->encrypt ($verifier), 0, 16));
4891 $tmp_hash = sprintf ("%s:%i:%s", $hash_buf, $iterations, $salt_buf);
4893 elsif ($mode == 6900)
4895 $hash_buf = gost_hex
($word_buf);
4897 $tmp_hash = sprintf ("%s", $hash_buf);
4899 elsif ($mode == 7100)
4901 my $iterations = 1024;
4905 $iterations = int ($iter);
4908 my $pbkdf2 = Crypt
::PBKDF2
->new
4910 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 512),
4911 iterations
=> $iterations
4914 $hash_buf = unpack ("H*", $pbkdf2->PBKDF2 (pack ("H*", $salt_buf), $word_buf));
4916 $tmp_hash = sprintf ("\$ml\$%i\$%s\$%0128s", $iterations, $salt_buf, $hash_buf);
4918 elsif ($mode == 7200)
4920 my $iterations = 1024;
4924 $iterations = int ($iter);
4927 my $pbkdf2 = Crypt
::PBKDF2
->new (
4928 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 512),
4929 iterations
=> $iterations
4932 $hash_buf = unpack ("H*", $pbkdf2->PBKDF2 (pack ("H*", $salt_buf), $word_buf));
4934 $tmp_hash = sprintf ("grub.pbkdf2.sha512.%i.%s.%0128s", $iterations, $salt_buf, $hash_buf);
4936 elsif ($mode == 7300)
4938 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha1
);
4940 $tmp_hash = sprintf ("%s:%s", unpack ("H*", $salt_buf), $hash_buf);
4942 elsif ($mode == 7400)
4944 my $iterations = 5000;
4946 if (defined ($iter))
4950 $iterations = int ($iter);
4954 $hash_buf = sha256_crypt
($iterations, $word_buf, $salt_buf);
4956 $tmp_hash = sprintf ("%s", $hash_buf);
4958 elsif ($mode == 7500)
4960 my @salt_arr = split ("\\\$", $salt_buf);
4962 my $user = $salt_arr[0];
4964 my $realm = $salt_arr[1];
4966 my $salt = $salt_arr[2];
4968 my $hmac_salt = $salt_arr[3];
4969 my $hmac_salt_bin = pack ("H*", $hmac_salt);
4971 my $clear_data = $salt_arr[4];
4973 my $k = md4
(encode
("UTF-16LE", $word_buf));
4975 my $k1 = hmac_md5
("\x01\x00\x00\x00", $k);
4977 my $k3 = hmac_md5
($hmac_salt_bin, $k1);
4979 if (length ($clear_data) > 1)
4981 my $clear_data_bin = pack ("H*", $clear_data);
4983 $hash_buf = RC4
($k3, $clear_data_bin);
4987 my $hash = $salt_arr[5];
4989 my $hash_bin = pack ("H*", $hash);
4991 my $clear_data = RC4
($k3, $hash_bin);
4993 my $timestamp = substr ($clear_data, 14, 14);
4998 if ($timestamp !~ /^[[:digit:]]{14}$/)
5005 $hash_buf = "\x00" x
36;
5007 if ($hash_buf eq $hash_bin)
5009 $hash_buf = "\x01" x
36;
5014 $hash_buf = $hash_bin;
5018 $tmp_hash = sprintf ("\$krb5pa\$23\$%s\$%s\$%s\$%s%s", $user, $realm, $salt, unpack ("H*", $hash_buf), $hmac_salt);
5020 elsif ($mode == 7600)
5022 $hash_buf = sha1_hex
($salt_buf . sha1_hex
($word_buf));
5024 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
5026 elsif ($mode == 7700)
5028 $word_buf = uc $word_buf;
5029 $salt_buf = uc $salt_buf;
5031 my $word_buf_t = sapb_transcode
($word_buf);
5032 my $salt_buf_t = sapb_transcode
($salt_buf);
5034 my $digest1 = md5
($word_buf_t . $salt_buf_t);
5036 my $data = sapb_waldorf
($digest1, $word_buf_t, $salt_buf_t);
5038 my $digest2 = md5
($data);
5040 my ($a, $b, $c, $d) = unpack ("N4", $digest2);
5045 $tmp_hash = sprintf ("%s\$%08X%08X", $salt_buf, $a, $b);
5047 elsif ($mode == 7800)
5049 my $theMagicArray_s =
5050 "\x91\xac\x51\x14\x9f\x67\x54\x43\x24\xe7\x3b\xe0\x28\x74\x7b\xc2" .
5051 "\x86\x33\x13\xeb\x5a\x4f\xcb\x5c\x08\x0a\x73\x37\x0e\x5d\x1c\x2f" .
5052 "\x33\x8f\xe6\xe5\xf8\x9b\xae\xdd\x16\xf2\x4b\x8d\x2c\xe1\xd4\xdc" .
5053 "\xb0\xcb\xdf\x9d\xd4\x70\x6d\x17\xf9\x4d\x42\x3f\x9b\x1b\x11\x94" .
5054 "\x9f\x5b\xc1\x9b\x06\x05\x9d\x03\x9d\x5e\x13\x8a\x1e\x9a\x6a\xe8" .
5055 "\xd9\x7c\x14\x17\x58\xc7\x2a\xf6\xa1\x99\x63\x0a\xd7\xfd\x70\xc3" .
5056 "\xf6\x5e\x74\x13\x03\xc9\x0b\x04\x26\x98\xf7\x26\x8a\x92\x93\x25" .
5057 "\xb0\xa2\x0d\x23\xed\x63\x79\x6d\x13\x32\xfa\x3c\x35\x02\x9a\xa3" .
5058 "\xb3\xdd\x8e\x0a\x24\xbf\x51\xc3\x7c\xcd\x55\x9f\x37\xaf\x94\x4c" .
5059 "\x29\x08\x52\x82\xb2\x3b\x4e\x37\x9f\x17\x07\x91\x11\x3b\xfd\xcd";
5061 $salt_buf = uc $salt_buf;
5063 my $digest = sha1
($word_buf . $salt_buf);
5065 my ($a, $b, $c, $d, $e) = unpack ("I*", $digest);
5067 my $lengthMagicArray = 0x20;
5068 my $offsetMagicArray = 0;
5070 $lengthMagicArray += (($a >> 0) & 0xff) % 6;
5071 $lengthMagicArray += (($a >> 8) & 0xff) % 6;
5072 $lengthMagicArray += (($a >> 16) & 0xff) % 6;
5073 $lengthMagicArray += (($a >> 24) & 0xff) % 6;
5074 $lengthMagicArray += (($b >> 0) & 0xff) % 6;
5075 $lengthMagicArray += (($b >> 8) & 0xff) % 6;
5076 $lengthMagicArray += (($b >> 16) & 0xff) % 6;
5077 $lengthMagicArray += (($b >> 24) & 0xff) % 6;
5078 $lengthMagicArray += (($c >> 0) & 0xff) % 6;
5079 $lengthMagicArray += (($c >> 8) & 0xff) % 6;
5080 $offsetMagicArray += (($c >> 16) & 0xff) % 8;
5081 $offsetMagicArray += (($c >> 24) & 0xff) % 8;
5082 $offsetMagicArray += (($d >> 0) & 0xff) % 8;
5083 $offsetMagicArray += (($d >> 8) & 0xff) % 8;
5084 $offsetMagicArray += (($d >> 16) & 0xff) % 8;
5085 $offsetMagicArray += (($d >> 24) & 0xff) % 8;
5086 $offsetMagicArray += (($e >> 0) & 0xff) % 8;
5087 $offsetMagicArray += (($e >> 8) & 0xff) % 8;
5088 $offsetMagicArray += (($e >> 16) & 0xff) % 8;
5089 $offsetMagicArray += (($e >> 24) & 0xff) % 8;
5091 my $hash_buf = sha1_hex
($word_buf . substr ($theMagicArray_s, $offsetMagicArray, $lengthMagicArray) . $salt_buf);
5093 $tmp_hash = sprintf ("%s\$%s", $salt_buf, uc $hash_buf);
5095 elsif ($mode == 7900)
5104 my $phpass_it = 1 << $cost;
5106 $hash_buf = sha512
($salt_buf . $word_buf);
5108 for (my $i = 0; $i < $phpass_it; $i++)
5110 $hash_buf = sha512
($hash_buf . $word_buf);
5113 my $base64_buf = substr (Authen
::Passphrase
::PHPass
::_en_base64
($hash_buf), 0, 43);
5115 my $base64_digits = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
5117 my $cost_str = substr ($base64_digits , $cost, 1);
5119 $tmp_hash = sprintf ('$S$%s%s%s', $cost_str, $salt_buf, $base64_buf);
5121 elsif ($mode == 8000)
5123 my $salt_buf_bin = pack ("H*", $salt_buf);
5125 my $word_buf_utf = encode
("UTF-16BE", $word_buf);
5127 $hash_buf = sha256_hex
($word_buf_utf . "\x00" x
(510 - (length ($word_buf) * 2)) . $salt_buf_bin);
5129 $tmp_hash = sprintf ("0xc007%s%s", $salt_buf, $hash_buf);
5131 elsif ($mode == 8100)
5133 $hash_buf = sha1_hex
($salt_buf . $word_buf . "\x00");
5135 $tmp_hash = sprintf ("1%s%s", $salt_buf, $hash_buf);
5137 elsif ($mode == 8200)
5139 my $iterations = 40000;
5141 if (defined ($iter))
5143 $iterations = $iter;
5146 my $salt_hex = substr ($salt_buf, 0, 32);
5147 my $salt = pack ("H*", $salt_hex);
5149 my $data_hex = substr ($salt_buf, 32);
5150 my $data = pack ("H*", $data_hex);
5152 my $pbkdf2 = Crypt
::PBKDF2
->new
5154 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 512),
5155 iterations
=> int $iterations
5158 my $key = $pbkdf2->PBKDF2 ($salt, $word_buf);
5160 $hash_buf = hmac_hex
($data, substr ($key, 32, 32), \
&sha256
, 64);
5162 $tmp_hash = sprintf ("%s:%s:%d:%s", $hash_buf, $salt_hex, $iterations, $data_hex);
5164 elsif ($mode == 8300)
5166 my ($domain, $salt_hex) = split (":", $salt_buf);
5168 my $hashalg = Net
::DNS
::SEC
->digtype ("SHA1");
5170 my $salt = pack ("H*", $salt_hex);
5174 if (defined ($iter))
5176 $iterations = $iter;
5179 my $name = lc ($word_buf . $domain);
5181 my $hash_buf = Net
::DNS
::RR
::NSEC3
::name2hash
($hashalg, $name, $iterations, $salt);
5183 $tmp_hash = sprintf ("%s:%s:%s:%d", $hash_buf, $domain, $salt_hex, $iterations);
5185 elsif ($mode == 8400)
5187 $hash_buf = sha1_hex
($salt_buf . sha1_hex
($salt_buf . sha1_hex
($word_buf)));
5189 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
5191 elsif ($mode == 8500)
5193 $hash_buf = racf_hash
(uc $salt_buf, $word_buf);
5195 $tmp_hash = sprintf ('$racf$*%s*%s', uc $salt_buf, uc $hash_buf);
5197 elsif ($mode == 8600)
5199 my @saved_key = map { ord $_; } split "", $word_buf;
5201 my $len = scalar @saved_key;
5203 my @state = domino_big_md
(\
@saved_key, $len);
5205 $tmp_hash = sprintf ('%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x',
5224 elsif ($mode == 8700)
5226 my $domino_char = undef;
5228 if (defined ($additional_param))
5230 $domino_char = $additional_param;
5233 my @saved_key = map { ord $_; } split "", $word_buf;
5235 my $len = scalar @saved_key;
5237 my @state = domino_big_md
(\
@saved_key, $len);
5239 my $str = "(" . unpack ("H*", join ("", (map { chr $_; } @state))) . ")";
5241 @saved_key = map { ord $_; } split "", $salt_buf . uc $str;
5243 @state = domino_big_md
(\
@saved_key, 34);
5245 $hash_buf = join ("", (map { chr $_; } @state));
5247 $tmp_hash = sprintf ('(G%s)', domino_encode
($salt_buf . $hash_buf, $domino_char));
5249 elsif ($mode == 8900)
5255 if (defined ($additional_param))
5257 $N = $additional_param;
5258 $r = $additional_param2;
5259 $p = $additional_param3;
5262 $hash_buf = scrypt_hash
($word_buf, $salt_buf, $N, $r, $p, 32);
5264 $tmp_hash = sprintf ('%s', $hash_buf);
5266 elsif ($mode == 9100)
5268 my $iterations = 5000;
5270 if (defined ($iter))
5272 $iterations = $iter;
5275 my $domino_char = undef;
5277 # domino 5 hash - SEC_pwddigest_V1 - -m 8600
5279 my @saved_key = map { ord $_; } split "", $word_buf;
5281 my $len = scalar @saved_key;
5283 my @state = domino_big_md
(\
@saved_key, $len);
5286 # domino 6 hash - SEC_pwddigest_V2 - -m 8700
5288 my $salt_part = substr ($salt_buf, 0, 5);
5290 my $str = "(" . unpack ("H*", join ("", (map { chr $_; } @state))) . ")";
5292 @saved_key = map { ord $_; } split "", $salt_part . uc $str;
5294 @state = domino_big_md
(\
@saved_key, 34);
5296 $hash_buf = join ("", (map { chr $_; } @state));
5298 $tmp_hash = sprintf ('(G%s)', domino_encode
($salt_part . $hash_buf, $domino_char));
5301 # domino 8(.5.x) hash - SEC_pwddigest_V3 - -m 9100
5303 my $pbkdf2 = Crypt
::PBKDF2
->new
5305 hash_class
=> 'HMACSHA1',
5306 iterations
=> $iterations,
5313 if (defined ($additional_param))
5315 $chars = $additional_param;
5318 my $digest_new = $pbkdf2->PBKDF2 ($salt_buf, $tmp_hash);
5320 my $iteration_str = "" . $iterations;
5322 for (my $i = length ($iterations); $i < 10; $i++)
5324 $iterations = "0" . $iterations;
5327 $tmp_hash = sprintf ('(H%s)', domino_85x_encode
($salt_buf . $iterations . $chars . $digest_new, $domino_char));
5329 elsif ($mode == 9200)
5331 my $iterations = 20000;
5333 my $pbkdf2 = Crypt
::PBKDF2
->new
5335 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256),
5336 iterations
=> $iterations
5339 $hash_buf = encode_base64
($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
5343 for (my $i = 0; $i < 43; $i++)
5345 $tmp_hash .= $CISCO_BASE64_MAPPING->{substr ($hash_buf, $i, 1)};
5348 $tmp_hash = sprintf ("\$8\$%s\$%s", $salt_buf, $tmp_hash);
5350 elsif ($mode == 9300)
5356 $hash_buf = scrypt_b64
($word_buf, $salt_buf, $N, $r, $p, 32);
5360 for (my $i = 0; $i < 43; $i++)
5362 $tmp_hash .= $CISCO_BASE64_MAPPING->{substr ($hash_buf, $i, 1)};
5365 $tmp_hash = sprintf ('$9$%s$%s', $salt_buf, $tmp_hash);
5367 elsif ($mode == 9400)
5369 my $iterations = 50000;
5373 $iterations = int ($iter);
5376 my $aes_key_size = 128; # or 256
5378 if (defined ($additional_param2))
5380 $aes_key_size = $additional_param2;
5383 $salt_buf = pack ("H*", $salt_buf);
5385 my $tmp = sha1
($salt_buf . encode
("UTF-16LE", $word_buf));
5387 for (my $i = 0; $i < $iterations; $i++)
5389 my $num32 = pack ("L", $i);
5391 $tmp = sha1
($num32 . $tmp);
5394 my $zero32 = pack ("L", 0x00);
5396 my $derivation_array1 = pack ("C", 0x36) x
64;
5397 my $derivation_array2 = pack ("C", 0x5C) x
64;
5399 $tmp = sha1
($tmp . $zero32);
5401 my $tmp2 = sha1
($derivation_array1 ^ $tmp);
5402 my $tmp3 = sha1
($derivation_array2 ^ $tmp);
5404 my $key = substr ($tmp2 . $tmp3, 0, $aes_key_size / 8);
5406 my $m = Crypt
::Mode
::ECB
->new ('AES', 0);
5410 if (defined $additional_param)
5412 $encdata = $m->decrypt (pack ("H*", $additional_param), $key);
5416 $encdata = "A" x
16; ## can be anything
5419 my $data1_buf = $encdata;
5420 my $data2_buf = sha1
(substr ($data1_buf, 0, 16));
5422 $data1_buf = substr ($data1_buf . ("\x00" x
16), 0, 16);
5423 $data2_buf = substr ($data2_buf . ("\x00" x
16), 0, 32);
5425 my $encrypted1 = unpack ("H*", $m->encrypt ($data1_buf, $key));
5426 my $encrypted2 = unpack ("H*", $m->encrypt ($data2_buf, $key));
5428 $encrypted1 = substr ($encrypted1, 0, 32);
5429 $encrypted2 = substr ($encrypted2, 0, 40);
5431 $tmp_hash = sprintf ("\$office\$*%d*%d*%d*%d*%s*%s*%s", 2007, 20, $aes_key_size, 16, unpack ("H*", $salt_buf), $encrypted1, $encrypted2);
5433 elsif ($mode == 9500)
5435 my $iterations = 100000;
5439 $iterations = int ($iter);
5442 $salt_buf = pack ("H*", $salt_buf);
5444 my $tmp = sha1
($salt_buf . encode
("UTF-16LE", $word_buf));
5446 for (my $i = 0; $i < $iterations; $i++)
5448 my $num32 = pack ("L", $i);
5450 $tmp = sha1
($num32 . $tmp);
5453 my $encryptedVerifierHashInputBlockKey = "\xfe\xa7\xd2\x76\x3b\x4b\x9e\x79";
5454 my $encryptedVerifierHashValueBlockKey = "\xd7\xaa\x0f\x6d\x30\x61\x34\x4e";
5456 my $final1 = sha1
($tmp . $encryptedVerifierHashInputBlockKey);
5457 my $final2 = sha1
($tmp . $encryptedVerifierHashValueBlockKey);
5459 my $key1 = substr ($final1, 0, 16);
5460 my $key2 = substr ($final2, 0, 16);
5462 my $cipher1 = Crypt
::CBC
->new ({
5464 cipher
=> "Crypt::Rijndael",
5472 my $cipher2 = Crypt
::CBC
->new ({
5474 cipher
=> "Crypt::Rijndael",
5484 if (defined $additional_param)
5486 $encdata = $cipher1->decrypt (pack ("H*", $additional_param));
5490 $encdata = "A" x
16; ## can be anything
5493 my $data1_buf = $encdata;
5494 my $data2_buf = sha1
(substr ($data1_buf, 0, 16));
5496 my $encrypted1 = unpack ("H*", $cipher1->encrypt ($data1_buf));
5497 my $encrypted2 = unpack ("H*", $cipher2->encrypt ($data2_buf));
5499 $encrypted2 = substr ($encrypted2, 0, 64);
5501 $tmp_hash = sprintf ("\$office\$*%d*%d*%d*%d*%s*%s*%s", 2010, 100000, 128, 16, unpack ("H*", $salt_buf), $encrypted1, $encrypted2);
5503 elsif ($mode == 9600)
5505 my $iterations = 100000;
5509 $iterations = int ($iter);
5512 $salt_buf = pack ("H*", $salt_buf);
5514 my $tmp = sha512
($salt_buf . encode
("UTF-16LE", $word_buf));
5516 for (my $i = 0; $i < $iterations; $i++)
5518 my $num32 = pack ("L", $i);
5520 $tmp = sha512
($num32 . $tmp);
5523 my $encryptedVerifierHashInputBlockKey = "\xfe\xa7\xd2\x76\x3b\x4b\x9e\x79";
5524 my $encryptedVerifierHashValueBlockKey = "\xd7\xaa\x0f\x6d\x30\x61\x34\x4e";
5526 my $final1 = sha512
($tmp . $encryptedVerifierHashInputBlockKey);
5527 my $final2 = sha512
($tmp . $encryptedVerifierHashValueBlockKey);
5529 my $key1 = substr ($final1, 0, 32);
5530 my $key2 = substr ($final2, 0, 32);
5532 my $cipher1 = Crypt
::CBC
->new ({
5534 cipher
=> "Crypt::Rijndael",
5542 my $cipher2 = Crypt
::CBC
->new ({
5544 cipher
=> "Crypt::Rijndael",
5554 if (defined $additional_param)
5556 $encdata = $cipher1->decrypt (pack ("H*", $additional_param));
5560 $encdata = "A" x
16; ## can be anything
5563 my $data1_buf = $encdata;
5564 my $data2_buf = sha512
(substr ($data1_buf, 0, 16));
5566 my $encrypted1 = unpack ("H*", $cipher1->encrypt ($data1_buf));
5567 my $encrypted2 = unpack ("H*", $cipher2->encrypt ($data2_buf));
5569 $encrypted2 = substr ($encrypted2, 0, 64);
5571 $tmp_hash = sprintf ("\$office\$*%d*%d*%d*%d*%s*%s*%s", 2013, 100000, 256, 16, unpack ("H*", $salt_buf), $encrypted1, $encrypted2);
5573 elsif ($mode == 9700)
5575 $salt_buf = pack ("H*", $salt_buf);
5577 my $tmp = md5
(encode
("UTF-16LE", $word_buf));
5579 $tmp = substr ($tmp, 0, 5);
5583 for (my $i = 0; $i < 16; $i++)
5591 $tmp = substr ($tmp, 0, 5);
5595 if (defined $additional_param2)
5597 $version = $additional_param2;
5601 $version = (unpack ("L", $tmp) & 1) ?
0 : 1;
5604 my $rc4_key = md5
($tmp . "\x00\x00\x00\x00");
5606 my $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5610 if (defined $additional_param)
5612 $encdata = $m->RC4 (pack ("H*", $additional_param));
5616 $encdata = "A" x
16; ## can be anything
5619 my $data1_buf = $encdata;
5620 my $data2_buf = md5
(substr ($data1_buf, 0, 16));
5622 $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5624 my $encrypted1 = $m->RC4 ($data1_buf);
5625 my $encrypted2 = $m->RC4 ($data2_buf);
5627 $tmp_hash = sprintf ("\$oldoffice\$%d*%s*%s*%s", $version, unpack ("H*", $salt_buf), unpack ("H*", $encrypted1), unpack ("H*", $encrypted2));
5629 elsif ($mode == 9800)
5631 $salt_buf = pack ("H*", $salt_buf);
5633 my $tmp = sha1
($salt_buf. encode
("UTF-16LE", $word_buf));
5637 if (defined $additional_param2)
5639 $version = $additional_param2;
5643 $version = (unpack ("L", $tmp) & 1) ?
3 : 4;
5646 my $rc4_key = sha1
($tmp . "\x00\x00\x00\x00");
5650 $rc4_key = substr ($rc4_key, 0, 5) . "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
5653 my $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5657 if (defined $additional_param)
5659 $encdata = $m->RC4 (pack ("H*", $additional_param));
5663 $encdata = "A" x
16; ## can be anything
5666 my $data1_buf = $encdata;
5667 my $data2_buf = sha1
(substr ($data1_buf, 0, 16));
5669 $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5671 my $encrypted1 = $m->RC4 ($data1_buf);
5672 my $encrypted2 = $m->RC4 ($data2_buf);
5674 $tmp_hash = sprintf ("\$oldoffice\$%d*%s*%s*%s", $version, unpack ("H*", $salt_buf), unpack ("H*", $encrypted1), unpack ("H*", $encrypted2));
5676 elsif ($mode == 9900)
5678 $tmp_hash = sprintf ("%s", md5_hex
($word_buf . "\0" x
(100 - length ($word_buf))));
5680 elsif ($mode == 10000)
5682 my $iterations = 10000;
5686 $iterations = int ($iter);
5689 my $pbkdf2 = Crypt
::PBKDF2
->new
5691 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256),
5692 iterations
=> $iterations
5695 $hash_buf = encode_base64
($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
5696 $hash_buf =~ s/[\r\n]//g;
5698 $tmp_hash = sprintf ("pbkdf2_sha256\$%i\$%s\$%s", $iterations, $salt_buf, $hash_buf);
5700 elsif ($mode == 10100)
5702 my $seed = pack ("H*", $salt_buf);
5704 my ($hi, $lo) = siphash
($word_buf, $seed);
5706 my $hi_s = sprintf ("%08x", $hi);
5707 my $lo_s = sprintf ("%08x", $lo);
5709 $hi_s =~ s/^(..)(..)(..)(..)$/$4$3$2$1/;
5710 $lo_s =~ s/^(..)(..)(..)(..)$/$4$3$2$1/;
5712 $tmp_hash = sprintf ("%s%s:2:4:%s", $hi_s, $lo_s, $salt_buf);
5714 elsif ($mode == 10200)
5716 my $challengeb64 = encode_base64
($salt_buf);
5717 $challengeb64 =~ s/[\r\n]//g;
5721 if (defined $additional_param)
5723 $username = $additional_param;
5730 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&md5
);
5732 my $responseb64 = encode_base64
($username . " " . $hash_buf);
5733 $responseb64 =~ s/[\r\n]//g;
5735 $tmp_hash = sprintf ('$cram_md5$%s$%s', $challengeb64, $responseb64);
5737 elsif ($mode == 10300)
5739 my $iterations = 1024;
5743 $iterations = int ($iter);
5746 my $hash_buf = $salt_buf;
5748 for (my $pos = 0; $pos < $iterations; $pos++)
5750 $hash_buf = sha1
($word_buf . $hash_buf);
5753 $hash_buf = encode_base64
($hash_buf . $salt_buf);
5754 $hash_buf =~ s/[\r\n]//g;
5756 $tmp_hash = sprintf ("{x-issha, %i}%s", $iterations, $hash_buf);
5758 elsif ($mode == 10400)
5761 my $u = $additional_param;
5762 my $o = $additional_param2;
5763 my $P = $additional_param3;
5765 if (defined $u == 0)
5770 if (defined $o == 0)
5775 if (defined $P == 0)
5782 for (my $i = 0; $i < 32; $i++)
5784 $padding .= pack ("C", $pdf_padding[$i]);
5787 my $res = pdf_compute_encryption_key
($word_buf, $padding, $id, $u, $o, $P, 1, 2, 0);
5789 my $m = Crypt
::RC4
->new (substr ($res, 0, 5));
5791 $u = $m->RC4 ($padding);
5793 $tmp_hash = sprintf ('$pdf$%d*%d*40*%d*%d*16*%s*32*%s*32*%s', 1, 2, $P, 0, $id, unpack ("H*", $u), $o);
5795 elsif ($mode == 10500)
5798 my $u = $additional_param;
5799 my $o = $additional_param2;
5800 my $P = $additional_param3;
5801 my $V = $additional_param4;
5802 my $R = $additional_param5;
5803 my $enc = $additional_param6;
5805 if (defined $u == 0)
5812 if (defined $o == 0)
5817 if (defined $R == 0)
5819 $R = get_random_num
(3, 5);
5822 if (defined $V == 0)
5824 $V = ($R == 3) ?
2 : 4;
5827 if (defined $P == 0)
5829 $P = ($R == 3) ?
-4 : -1028;
5832 if (defined $enc == 0)
5834 $enc = ($R == 3) ?
1 : get_random_num
(0, 2);
5839 for (my $i = 0; $i < 32; $i++)
5841 $padding .= pack ("C", $pdf_padding[$i]);
5844 my $res = pdf_compute_encryption_key
($word_buf, $padding, $id, $u, $o, $P, $V, $R, $enc);
5846 my $digest = md5
($padding . pack ("H*", $id));
5848 my $m = Crypt
::RC4
->new ($res);
5850 $u = $m->RC4 ($digest);
5852 my @ress = split "", $res;
5854 for (my $x = 1; $x <= 19; $x++)
5858 for (my $i = 0; $i < 16; $i++)
5860 $xor[$i] = chr (ord ($ress[$i]) ^ $x);
5863 my $s = join ("", @xor);
5865 my $m2 = Crypt
::RC4
->new ($s);
5870 $u .= substr (pack ("H*", $u_save), 16, 16);
5872 $tmp_hash = sprintf ('$pdf$%d*%d*128*%d*%d*16*%s*32*%s*32*%s', $V, $R, $P, $enc, $id, unpack ("H*", $u), $o);
5874 elsif ($mode == 10600)
5877 my $rest = $additional_param;
5879 if (defined $id == 0)
5884 if (defined $rest == 0)
5890 $rest .= "*127*00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000";
5893 my @data = split /\*/, $rest;
5895 my $u = pack ("H*", $data[1]);
5897 my $h = sha256
($word_buf . substr ($u, 32, 8));
5899 $data[1] = unpack ("H*", $h . substr ($u, 32));
5901 $rest = join ("*", @data);
5903 $tmp_hash = sprintf ('$pdf$5*5*256*-1028*1*16*%s*%s', $id, $rest);
5905 elsif ($mode == 10700)
5908 my $rest = $additional_param;
5910 if (defined $id == 0)
5915 if (defined $rest == 0)
5921 $rest .= "*127*00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000";
5924 my @datax = split /\*/, $rest;
5926 my $u = pack ("H*", $datax[1]);
5928 my $block = sha256
($word_buf . substr ($u, 32, 8));
5930 my $block_size = 32;
5932 my $data = 0x00 x
64;
5938 for (my $i = 0; $i < 64 || $i < $data63 + 32; $i++)
5940 $data = $word_buf . $block;
5942 $data_len = length ($data);
5944 for (my $k = 1; $k < 64; $k++)
5946 $data .= $word_buf . $block;
5949 my $aes = Crypt
::CBC
->new ({
5950 key
=> substr ($block, 0, 16),
5951 cipher
=> "Crypt::Rijndael",
5952 iv
=> substr ($block, 16, 16),
5959 my $data = $aes->encrypt ($data);
5963 for (my $j = 0; $j < 16; $j++)
5965 $sum += ord (substr ($data, $j, 1));
5968 $block_size = 32 + ($sum % 3) * 16;
5970 if ($block_size == 32)
5972 $block = sha256
(substr ($data, 0, $data_len * 64));
5974 elsif ($block_size == 48)
5976 $block = sha384
(substr ($data, 0, $data_len * 64));
5978 elsif ($block_size == 64)
5980 $block = sha512
(substr ($data, 0, $data_len * 64));
5983 $data63 = ord (substr ($data, $data_len * 64 - 1, 1));
5986 $datax[1] = unpack ("H*", substr ($block, 0, 32) . substr ($u, 32));
5988 $rest = join ("*", @datax);
5990 $tmp_hash = sprintf ('$pdf$5*6*256*-1028*1*16*%s*%s', $id, $rest);
5992 elsif ($mode == 10800)
5994 $hash_buf = sha384_hex
($word_buf);
5996 $tmp_hash = sprintf ("%s", $hash_buf);
5998 elsif ($mode == 10900)
6000 my $iterations = 1000;
6004 $iterations = int ($iter);
6009 if (defined $additional_param)
6011 $out_len = $additional_param;
6014 my $pbkdf2 = Crypt
::PBKDF2
->new
6016 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256),
6017 iterations
=> $iterations,
6018 output_len
=> $out_len
6021 $hash_buf = encode_base64
($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
6022 $hash_buf =~ s/[\r\n]//g;
6024 my $base64_salt_buf = encode_base64
($salt_buf);
6026 chomp ($base64_salt_buf);
6028 $tmp_hash = sprintf ("sha256:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6030 elsif ($mode == 11000)
6032 $hash_buf = md5_hex
($salt_buf . $word_buf);
6034 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
6036 elsif ($mode == 11100)
6038 my $user = "postgres";
6040 if (defined $additional_param)
6042 $user = $additional_param;
6045 $hash_buf = md5_hex
(md5_hex
($word_buf . $user) . pack ("H*", $salt_buf));
6047 $tmp_hash = sprintf ("\$postgres\$%s*%s*%s", $user, $salt_buf, $hash_buf);
6049 elsif ($mode == 11200)
6051 my $sha1_pass = sha1
($word_buf);
6052 my $double_sha1 = sha1
($sha1_pass);
6054 my $xor_part1 = $sha1_pass;
6055 my $xor_part2 = sha1
(pack ("H*", $salt_buf) . $double_sha1);
6059 for (my $i = 0; $i < 20; $i++)
6061 my $first_byte = substr ($xor_part1, $i, 1);
6062 my $second_byte = substr ($xor_part2, $i, 1);
6064 my $xor_result = $first_byte ^ $second_byte;
6066 $hash_buf .= unpack ("H*", $xor_result);
6069 $tmp_hash = sprintf ("\$mysqlna\$%s*%s", $salt_buf, $hash_buf);
6071 elsif ($mode == 11300)
6073 my $ckey_buf = get_random_string
(96);
6075 if (length ($additional_param))
6077 $ckey_buf = $additional_param;
6080 my $public_key_buf = get_random_string
(66);
6082 if (length ($additional_param2))
6084 $public_key_buf = $additional_param2;
6087 my $salt_iter = get_random_num
(150000, 250000);
6091 $salt_iter = int ($iter);
6094 my $hash_buf = sha512
($word_buf . pack ("H*", $salt_buf));
6096 for (my $i = 1; $i < $salt_iter; $i++)
6098 $hash_buf = sha512
($hash_buf);
6101 my $data = get_random_string
(32);
6103 my $aes = Crypt
::CBC
->new ({
6104 key
=> substr ($hash_buf, 0, 32),
6105 cipher
=> "Crypt::Rijndael",
6106 iv
=> substr ($hash_buf, 32, 16),
6110 padding
=> "standard",
6113 my $cry_master_buf = (unpack ("H*", $aes->encrypt ($data)));
6115 $tmp_hash = sprintf ('$bitcoin$%d$%s$%d$%s$%d$%d$%s$%d$%s',
6116 length ($cry_master_buf),
6123 length ($public_key_buf),
6126 elsif ($mode == 11400)
6128 my ($directive, $URI_server, $URI_client, $user, $realm, $nonce, $nonce_count, $nonce_client, $qop, $method, $URI, $URI_prefix, $URI_resource, $URI_suffix);
6130 $directive = "MD5"; # only directive currently supported
6132 if (defined ($additional_param))
6134 $user = $additional_param;
6135 $realm = $additional_param2;
6137 $nonce_count = $additional_param3;
6138 $nonce_client = $additional_param4;
6139 $qop = $additional_param5;
6140 $method = $additional_param6;
6142 $URI_prefix = $additional_param7;
6143 $URI_resource = $additional_param8;
6144 $URI_suffix = $additional_param9;
6146 # not needed information
6148 $URI_server = $additional_param10;
6149 $URI_client = $additional_param11;
6153 $user = get_random_string
(get_random_num
(0, 12 + 1));
6155 # special limit: (user_len + 1 + realm_len + 1 + word_buf_len) < 56
6156 my $realm_max_len = 55 - length ($user) - 1 - length ($word_buf) - 1;
6158 if ($realm_max_len < 1) # should never happen
6163 $realm_max_len = min
(20, $realm_max_len);
6165 $realm = get_random_string
(get_random_num
(0, $realm_max_len + 1));
6169 if (get_random_num
(0, 1 + 1) == 1)
6173 $nonce_count = get_random_string
(get_random_num
(0, 10 + 1));
6174 $nonce_client = get_random_string
(get_random_num
(0, 12 + 1));
6184 $method = get_random_string
(get_random_num
(0, 24 + 1));
6186 $URI_prefix = get_random_string
(get_random_num
(0, 10 + 1));
6187 $URI_resource = get_random_string
(get_random_num
(1, 32 + 1));
6188 $URI_suffix = get_random_string
(get_random_num
(0, 32 + 1));
6190 # not needed information
6192 $URI_server = get_random_string
(get_random_num
(0, 32 + 1));
6193 $URI_client = $URI_resource; # simplification
6200 if (length ($URI_prefix) > 0)
6202 $URI = $URI_prefix . ":";
6205 $URI .= $URI_resource;
6207 if (length ($URI_suffix) > 0)
6209 $URI .= ":" . $URI_suffix;
6212 my $HA2 = md5_hex
($method . ":" . $URI);
6214 my $HA1 = md5_hex
($user . ":" . $realm . ":" . $word_buf);
6218 if (($qop eq "auth") || ($qop eq "auth-int"))
6220 $tmp_buf = $nonce . ":" . $nonce_count . ":" . $nonce_client . ":" . $qop;
6227 my $hash_buf = md5_hex
($HA1 . ":" . $tmp_buf . ":" . $HA2);
6229 $tmp_hash = sprintf ("\$sip\$*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s", $URI_server, $URI_resource, $user, $realm, $method, $URI_prefix, $URI_resource, $URI_suffix, $nonce, $nonce_client, $nonce_count, $qop, $directive, $hash_buf);
6231 elsif ($mode == 11500)
6233 $hash_buf = crc32
($word_buf);
6235 $tmp_hash = sprintf ("%08x:00000000", $hash_buf);
6237 elsif ($mode == 11600)
6239 my ($p, $num_cycle_power, $seven_zip_salt_len, $seven_zip_salt_buf, $salt_len, $data_len, $unpack_size, $data_buf);
6243 my $validation_only = 0;
6245 $validation_only = 1 if (defined ($additional_param));
6247 if ($validation_only == 1)
6249 $num_cycle_power = int ($iter);
6250 $seven_zip_salt_len = $additional_param;
6251 $seven_zip_salt_buf = $additional_param2;
6252 $salt_len = $additional_param3;
6253 # $salt_buf set in parser
6254 # $hash_buf (resulting crc)
6255 $data_len = $additional_param4;
6256 $unpack_size = $additional_param5;
6257 $data_buf = $additional_param6;
6261 $num_cycle_power = 14; # by default it is 19
6262 $seven_zip_salt_len = 0;
6263 $seven_zip_salt_buf = "";
6264 $salt_len = length ($salt_buf);
6265 # $salt_buf set automatically
6266 # $hash_buf (resulting crc)
6267 # $data_len will be set when encrypting
6268 $unpack_size = get_random_num
(1, 32 + 1);
6269 $data_buf = get_random_string
($unpack_size);
6273 # 2 ^ NumCyclesPower "iterations" of SHA256 (only one final SHA256)
6276 $word_buf = encode
("UTF-16LE", $word_buf);
6278 my $rounds = 1 << $num_cycle_power;
6282 for (my $i = 0; $i < $rounds; $i++)
6286 $num_buf .= pack ("V", $i);
6287 $num_buf .= "\x00" x
4;
6289 # this would be better but only works on 64-bit systems:
6290 # $num_buf = pack ("q", $i);
6292 $pass_buf .= sprintf ("%s%s", $word_buf, $num_buf);
6295 my $key = sha256
($pass_buf);
6297 # the salt_buf is our IV for AES CBC
6300 my $salt_buf_len = length ($salt_buf);
6301 my $salt_padding_len = 0;
6303 if ($salt_buf_len < 16)
6305 $salt_padding_len = 16 - $salt_buf_len;
6308 $salt_buf .= "\x00" x
$salt_padding_len;
6310 my $aes = Crypt
::CBC
->new ({
6311 cipher
=> "Crypt::Rijndael",
6319 if ($validation_only == 1)
6323 my $decrypted_data = $aes->decrypt ($data_buf);
6325 $decrypted_data = substr ($decrypted_data, 0, $unpack_size);
6327 $hash_buf = crc32
($decrypted_data);
6333 $hash_buf = crc32
($data_buf);
6335 $data_buf = $aes->encrypt ($data_buf);
6337 $data_len = length ($data_buf);
6340 $tmp_hash = sprintf ("\$7z\$%i\$%i\$%i\$%s\$%i\$%08s\$%u\$%u\$%u\$%s", $p, $num_cycle_power, $seven_zip_salt_len, $seven_zip_salt_buf, $salt_len, unpack ("H*", $salt_buf), $hash_buf, $data_len, $unpack_size, unpack ("H*", $data_buf));
6342 elsif ($mode == 11900)
6344 my $iterations = 1000;
6348 $iterations = int ($iter);
6353 if (defined $additional_param)
6355 $out_len = $additional_param;
6359 # call PHP here - WTF
6362 # sanitize $word_buf and $salt_buf:
6364 my $word_buf_base64 = encode_base64
($word_buf);
6365 $word_buf_base64 =~ s/[\r\n]//g;
6367 my $salt_buf_base64 = encode_base64
($salt_buf);
6368 $salt_buf_base64 =~ s/[\r\n]//g;
6372 $out_len = int ($out_len);
6374 # output is in hex encoding, otherwise it could be screwed (but shouldn't)
6376 my $php_code = <<'END_CODE';
6378 function pbkdf2 ($algorithm, $password, $salt, $count, $key_length, $raw_output = false)
6380 $algorithm = strtolower ($algorithm);
6382 if (! in_array ($algorithm, hash_algos (), true))
6384 trigger_error ("PBKDF2 ERROR: Invalid hash algorithm.", E_USER_ERROR);
6387 if ($count <= 0 || $key_length <= 0)
6389 trigger_error ("PBKDF2 ERROR: Invalid parameters.", E_USER_ERROR);
6392 if (function_exists ("hash_pbkdf2"))
6396 $key_length = $key_length * 2;
6399 return hash_pbkdf2 ($algorithm, $password, $salt, $count, $key_length, $raw_output);
6402 $hash_length = strlen (hash ($algorithm, "", true));
6403 $block_count = ceil ($key_length / $hash_length);
6407 for ($i = 1; $i <= $block_count; $i++)
6409 $last = $salt . pack ("N", $i);
6411 $last = $xorsum = hash_hmac ($algorithm, $last, $password, true);
6413 for ($j = 1; $j < $count; $j++)
6415 $xorsum ^= ($last = hash_hmac ($algorithm, $last, $password, true));
6423 return substr ($output, 0, $key_length);
6427 return bin2hex (substr ($output, 0, $key_length));
6431 print pbkdf2 ("md5", base64_decode ("$word_buf_base64"), base64_decode ("$salt_buf_base64"), $iterations, $out_len, False);
6435 # replace with these command line arguments
6437 $php_code =~ s/\$word_buf_base64/$word_buf_base64/;
6438 $php_code =~ s/\$salt_buf_base64/$salt_buf_base64/;
6439 $php_code =~ s/\$iterations/$iterations/;
6440 $php_code =~ s/\$out_len/$out_len/;
6442 my $php_output = `php -r '$php_code'`;
6444 $hash_buf = pack ("H*", $php_output);
6446 $hash_buf = encode_base64 ($hash_buf);
6447 $hash_buf =~ s/[\r\n]//g;
6449 my $base64_salt_buf = encode_base64 ($salt_buf);
6451 chomp ($base64_salt_buf);
6453 $tmp_hash = sprintf ("md5:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6455 elsif ($mode == 12000)
6457 my $iterations = 1000;
6461 $iterations = int ($iter);
6466 if (defined $additional_param)
6468 $out_len = $additional_param;
6471 my $pbkdf2 = Crypt::PBKDF2->new
6473 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1'),
6474 iterations => $iterations,
6475 output_len => $out_len
6478 $hash_buf = encode_base64 ($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
6479 $hash_buf =~ s/[\r\n]//g;
6481 my $base64_salt_buf = encode_base64 ($salt_buf);
6483 chomp ($base64_salt_buf);
6485 $tmp_hash = sprintf ("sha1:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6487 elsif ($mode == 12100)
6489 my $iterations = 1000;
6493 $iterations = int ($iter);
6498 if (defined $additional_param)
6500 $out_len = $additional_param;
6503 my $pbkdf2 = Crypt::PBKDF2->new
6505 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 512),
6506 iterations => $iterations,
6507 output_len => $out_len
6510 $hash_buf = encode_base64 ($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
6511 $hash_buf =~ s/[\r\n]//g;
6513 my $base64_salt_buf = encode_base64 ($salt_buf);
6515 chomp ($base64_salt_buf);
6517 $tmp_hash = sprintf ("sha512:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6519 elsif ($mode == 12200)
6521 my $iterations = 65536;
6523 my $default_salt = 0;
6525 if (defined $additional_param)
6527 $default_salt = int ($additional_param);
6530 if ($default_salt == 1)
6532 $salt_buf = "0011223344556677";
6535 $hash_buf = sha512 (pack ("H*", $salt_buf) . $word_buf);
6537 for (my $i = 0; $i < $iterations; $i++)
6539 $hash_buf = sha512 ($hash_buf);
6542 $hash_buf = unpack ("H*", $hash_buf);
6543 $hash_buf = substr ($hash_buf, 0, 16);
6545 if ($default_salt == 0)
6547 $tmp_hash = sprintf ("\$ecryptfs\$0\$1\$%s\$%s", $salt_buf, $hash_buf);
6551 $tmp_hash = sprintf ("\$ecryptfs\$0\$%s", $hash_buf);
6554 elsif ($mode == 12300)
6556 my $iterations = 4096;
6558 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 512);
6560 my $pbkdf2 = Crypt::PBKDF2->new (
6562 iterations => $iterations,
6566 my $salt_bin = pack ("H*", $salt_buf);
6568 my $key = $pbkdf2->PBKDF2 ($salt_bin. "AUTH_PBKDF2_SPEEDY_KEY", $word_buf);
6570 $hash_buf = sha512_hex ($key . $salt_bin);
6572 $tmp_hash = sprintf ("%s%s", uc ($hash_buf), uc ($salt_buf));
6574 elsif ($mode == 12400)
6580 $iterations = int ($iter);
6584 $iterations = get_random_num (1, 5001 + 1);
6587 my $key_value = fold_password ($word_buf);
6589 my $data = "\x00\x00\x00\x00\x00\x00\x00\x00";
6590 my $salt_value = base64_to_int24 ($salt_buf);
6592 $hash_buf = crypt_rounds ($key_value, $iterations, $salt_value, $data);
6594 $tmp_hash = sprintf ("_%s%s%s", int24_to_base64 ($iterations), $salt_buf, block_to_base64 ($hash_buf));
6596 elsif ($mode == 12600)
6598 $hash_buf = sha1_hex ($word_buf);
6600 $hash_buf = sha256_hex ($salt_buf . uc $hash_buf);
6602 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
6604 elsif ($mode == 12700)
6606 my $iterations = 10;
6609 "guid" : "00000000-0000-0000-0000-000000000000",
6610 "sharedKey" : "00000000-0000-0000-0000-000000000000",
6611 "options" : {"pbkdf2_iterations":10,"fee_policy":0,"html5_notifications":false,"logout_time":600000,"tx_display":0,"always_keep_local_backup":false}|;
6613 my $salt_buf_bin = pack ("H*", $salt_buf);
6615 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1');
6617 my $pbkdf2 = Crypt::PBKDF2->new (
6619 iterations => $iterations,
6623 my $key = $pbkdf2->PBKDF2 ($salt_buf_bin, $word_buf);
6625 my $cipher = Crypt::CBC->new ({
6627 cipher => "Crypt::Rijndael",
6628 iv => $salt_buf_bin,
6634 my $encrypted = unpack ("H*", $cipher->encrypt ($data));
6636 $tmp_hash = sprintf ("\$blockchain\$%s\$%s", length ($salt_buf . $encrypted) / 2, $salt_buf . $encrypted);
6638 elsif ($mode == 12800)
6640 my $iterations = 100;
6644 $iterations = int ($iter);
6647 my $nt = md4_hex (encode ("UTF-16LE", $word_buf));
6649 my $pbkdf2 = Crypt::PBKDF2->new
6651 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
6652 iterations => $iterations,
6656 my $salt_buf_bin = pack ("H*", $salt_buf);
6658 my $hash = $pbkdf2->PBKDF2 ($salt_buf_bin, uc (encode ("UTF-16LE", $nt)));
6660 $tmp_hash = sprintf ("v1;PPH1_MD4,%s,%d,%s", $salt_buf, $iterations, unpack ("H*", $hash));
6662 elsif ($mode == 12900)
6664 my $iterations = 4096;
6668 $iterations = int ($iter);
6671 my $salt2 = $salt_buf . $salt_buf;
6673 if (defined $additional_param)
6675 $salt2 = $additional_param;
6678 my $pbkdf2 = Crypt::PBKDF2->new
6680 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
6681 iterations => $iterations,
6685 my $salt_buf_bin = pack ("H*", $salt_buf);
6687 my $hash = $pbkdf2->PBKDF2 ($salt_buf_bin, $word_buf);
6689 my $salt2_bin = pack ("H*", $salt2);
6691 my $hash_hmac = hmac_hex ($salt2_bin, $hash, \&sha256, 64);
6693 $tmp_hash = sprintf ("%s%s%s", $salt2, $hash_hmac, $salt_buf);
6695 elsif ($mode == 13000)
6697 my $iterations = 15;
6701 $iterations = int ($iter);
6706 if (defined $additional_param)
6708 $iv = $additional_param;
6711 my $pbkdf2 = Crypt::PBKDF2->new
6713 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
6714 iterations => (1 << $iterations) + 32,
6718 my $salt_buf_bin = pack ("H*", $salt_buf);
6720 my $hash = $pbkdf2->PBKDF2 ($salt_buf_bin, $word_buf);
6722 my $hash_final = substr ($hash, 0, 8)
6723 ^ substr ($hash, 8, 8)
6724 ^ substr ($hash, 16, 8)
6725 ^ substr ($hash, 24, 8);
6727 $tmp_hash = sprintf ('$rar5$16$%s$%d$%s$8$%s', $salt_buf, $iterations, $iv, unpack ("H*", $hash_final));
6729 elsif ($mode == 13100)
6731 my @salt_arr = split ('\$', $salt_buf);
6733 my $user = $salt_arr[0];
6735 my $realm = $salt_arr[1];
6737 my $spn = $salt_arr[2];
6739 my $nonce = $salt_arr[3];
6741 my $cleartext_ticket = '6381b03081ada00703050050a00000a11b3019a003020117a1'.
6742 '12041058e0d77776e8b8e03991f2966939222aa2171b154d594b5242544553542e434f4e5'.
6743 '44f534f2e434f4da3133011a003020102a10a30081b067472616e6365a40b3009a0030201'.
6744 '01a1020400a511180f32303136303231353134343735305aa611180f32303136303231353'.
6745 '134343735305aa711180f32303136303231363030343735305aa811180f32303136303232'.
6748 $cleartext_ticket = $nonce . $cleartext_ticket;
6750 my $k = md4 (encode ("UTF-16LE", $word_buf));
6752 my $k1 = hmac_md5 ("\x02\x00\x00\x00", $k);
6754 my $checksum = hmac_md5 (pack ("H*", $cleartext_ticket), $k1);
6756 my $k3 = hmac_md5 ($checksum, $k1);
6758 my $cipher = Crypt::RC4->new ($k3);
6760 my $edata2 = $cipher->RC4 (pack ("H*", $cleartext_ticket));
6762 $tmp_hash = sprintf ('$krb5tgs$23$*%s$%s$%s*$%s$%s', $user, $realm, $spn, unpack ("H*", $checksum), unpack ("H*", $edata2));
6764 elsif ($mode == 13200)
6766 my @salt_arr = split ('\*', $salt_buf);
6768 my $iteration = $salt_arr[0];
6770 my $mysalt = $salt_arr[1];
6772 $mysalt = pack ("H*", $mysalt);
6774 my $DEK = randbytes (16);
6776 my $iv = "a6a6a6a6a6a6a6a6";
6778 my $KEK = sha1($word_buf);
6780 $KEK = substr ($KEK ^ $mysalt, 0, 16);
6782 my $aes = Crypt::Mode::ECB->new ('AES');
6784 my @R = ('', substr(pack ("H*",$DEK),0,8), substr(pack ("H*",$DEK),8,16));
6788 my $A = pack ("H*", $iv);
6790 for (my $j = 0; $j < $iteration; $j++)
6792 $B = $aes->encrypt ($A . $R[1], $KEK);
6794 $A = substr ($B, 0, 8) ^ pack ("q", (2 * $j + 1));
6796 $R[1] = substr ($B, 8, 16);
6798 $B = $aes->encrypt ($A . $R[2], $KEK);
6800 $A = substr ($B, 0, 8) ^ pack ("q", (2 * $j + 2));
6802 $R[2] = substr ($B, 8, 16);
6805 my $wrapped_key = unpack ("H*", $A . substr ($R[1], 0 ,8) . substr ($R[2], 0 ,8));
6807 $mysalt = unpack ("H*", $mysalt);
6809 $tmp_hash = sprintf ('$axcrypt$*1*%s*%s*%s', $iteration, $mysalt, $wrapped_key);
6819 my $word_len = shift;
6821 my $salt_len = shift;
6825 $max = 15 if ($mode == 2410);
6827 if ($is_unicode{$mode})
6829 if (! $allow_long_salt{$mode})
6831 $word_len = min ($word_len, int ($max / 2) - $salt_len);
6835 $word_len = min ($word_len, int ($max / 2));
6838 elsif ($less_fifteen{$mode})
6840 $word_len = min ($word_len, 15);
6844 $salt_len = min ($salt_len, 15 - $word_len);
6849 if (! $allow_long_salt{$mode})
6851 $word_len = min ($word_len, $max - $salt_len);
6870 for (my $i = 0; $i < $salt_len; $i++)
6872 my $c = get_random_chr (0x30, 0x39);
6874 push (@salt_arr, $c);
6877 $salt_buf = join ("", @salt_arr);
6879 $salt_buf = get_random_md5chap_salt ($salt_buf);
6881 elsif ($mode == 5300 || $mode == 5400)
6883 $salt_buf = get_random_ike_salt ();
6885 elsif ($mode == 5500)
6887 $salt_buf = get_random_netntlmv1_salt ($salt_len, $salt_len);
6889 elsif ($mode == 5600)
6891 $salt_buf = get_random_netntlmv2_salt ($salt_len, $salt_len);
6893 elsif ($mode == 6600)
6895 $salt_buf = get_random_agilekeychain_salt ();
6897 elsif ($mode == 8200)
6899 $salt_buf = get_random_cloudkeychain_salt ();
6901 elsif ($mode == 8300)
6903 $salt_buf = get_random_dnssec_salt ();
6905 elsif ($mode == 13100)
6907 $salt_buf = get_random_kerberos5_tgs_salt ();
6909 elsif ($mode == 13200)
6911 $salt_buf = get_random_axcrypt_salt ();
6917 for (my $i = 0; $i < $salt_len; $i++)
6919 my $c = get_random_chr (0x30, 0x39);
6921 push (@salt_arr, $c);
6924 $salt_buf = join ("", @salt_arr);
6928 $salt_buf = get_random_kerberos5_salt ($salt_buf);
6938 for (my $i = 0; $i < $word_len; $i++)
6940 my $c = get_random_chr (0x30, 0x39);
6942 push (@word_arr, $c);
6945 my $word_buf = join ("", @word_arr);
6951 my $tmp_hash = gen_hash ($mode, $word_buf, $salt_buf);
6964 print sprintf ("echo -n %-20s | %s \${OPTS} %s %4d '%s'\n", $word_buf, @cmd);
6976 sub get_random_string
6982 for (my $i = 0; $i < $len; $i++)
6984 my $c = get_random_chr (0x30, 0x39);
6989 my $buf = join ("", @arr);
6999 return int ((rand ($max - $min)) + $min);
7004 return chr get_random_num (@_);
7013 for (my $i = 0; $i < length ($str); $i += 4)
7015 my $num = domino_base64_decode (substr ($str, $i, 4), 4);
7017 $decoded .= chr (($num >> 16) & 0xff) . chr (($num >> 8) & 0xff) . chr ($num & 0xff);
7024 $salt = substr ($decoded, 0, 5);
7026 my $byte10 = (ord (substr ($salt, 3, 1)) - 4);
7030 $byte10 = 256 + $byte10;
7033 substr ($salt, 3, 1) = chr ($byte10);
7035 $digest = substr ($decoded, 5, 9);
7036 $char = substr ($str, 18, 1);
7038 return ($digest, $salt, $char);
7041 sub domino_85x_decode
7047 for (my $i = 0; $i < length ($str); $i += 4)
7049 my $num = domino_base64_decode (substr ($str, $i, 4), 4);
7051 $decoded .= chr (($num >> 16) & 0xff) . chr (($num >> 8) & 0xff) . chr ($num & 0xff);
7056 my $iterations = -1;
7059 $salt = substr ($decoded, 0, 16); # longer than -m 8700 (5 vs 16 <- new)
7061 my $byte10 = (ord (substr ($salt, 3, 1)) - 4);
7065 $byte10 = 256 + $byte10;
7068 substr ($salt, 3, 1) = chr ($byte10);
7070 $iterations = substr ($decoded, 16, 10);
7072 if ($iterations =~ /^?d*$/)
7076 $iterations = $iterations + 0; # hack: make sure it is an int now (atoi ())
7077 $chars = substr ($decoded, 26, 2); # in my example it is "02"
7078 $digest = substr ($decoded, 28, 8); # only of length of 8 vs 20 SHA1 bytes
7081 return ($digest, $salt, $iterations, $chars);
7084 sub domino_base64_decode
7089 my $itoa64 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
7097 my $idx = (index ($itoa64, substr ($v, $n - $i, 1))) & 0x3f;
7099 $ret += ($idx << (6 * ($i - 1)));
7112 my $byte10 = (ord (substr ($final, 3, 1)) + 4);
7116 $byte10 = $byte10 - 256;
7119 substr ($final, 3, 1) = chr ($byte10);
7123 $passwd .= domino_base64_encode ((int (ord (substr ($final, 0, 1))) << 16) | (int (ord (substr ($final, 1, 1))) << 8) | (int (ord (substr ($final, 2, 1)))), 4);
7124 $passwd .= domino_base64_encode ((int (ord (substr ($final, 3, 1))) << 16) | (int (ord (substr ($final, 4, 1))) << 8) | (int (ord (substr ($final, 5, 1)))), 4);
7125 $passwd .= domino_base64_encode ((int (ord (substr ($final, 6, 1))) << 16) | (int (ord (substr ($final, 7, 1))) << 8) | (int (ord (substr ($final, 8, 1)))), 4);
7126 $passwd .= domino_base64_encode ((int (ord (substr ($final, 9, 1))) << 16) | (int (ord (substr ($final, 10, 1))) << 8) | (int (ord (substr ($final, 11, 1)))), 4);
7127 $passwd .= domino_base64_encode ((int (ord (substr ($final, 12, 1))) << 16) | (int (ord (substr ($final, 13, 1))) << 8) | (int (ord (substr ($final, 14, 1)))), 4);
7129 if (defined ($char))
7131 substr ($passwd, 18, 1) = $char;
7133 substr ($passwd, 19, 1) = "";
7138 sub domino_85x_encode
7143 my $byte10 = (ord (substr ($final, 3, 1)) + 4);
7147 $byte10 = $byte10 - 256;
7150 substr ($final, 3, 1) = chr ($byte10);
7154 $passwd .= domino_base64_encode ((int (ord (substr ($final, 0, 1))) << 16) | (int (ord (substr ($final, 1, 1))) << 8) | (int (ord (substr ($final, 2, 1)))), 4);
7155 $passwd .= domino_base64_encode ((int (ord (substr ($final, 3, 1))) << 16) | (int (ord (substr ($final, 4, 1))) << 8) | (int (ord (substr ($final, 5, 1)))), 4);
7156 $passwd .= domino_base64_encode ((int (ord (substr ($final, 6, 1))) << 16) | (int (ord (substr ($final, 7, 1))) << 8) | (int (ord (substr ($final, 8, 1)))), 4);
7157 $passwd .= domino_base64_encode ((int (ord (substr ($final, 9, 1))) << 16) | (int (ord (substr ($final, 10, 1))) << 8) | (int (ord (substr ($final, 11, 1)))), 4);
7158 $passwd .= domino_base64_encode ((int (ord (substr ($final, 12, 1))) << 16) | (int (ord (substr ($final, 13, 1))) << 8) | (int (ord (substr ($final, 14, 1)))), 4);
7159 $passwd .= domino_base64_encode ((int (ord (substr ($final, 15, 1))) << 16) | (int (ord (substr ($final, 16, 1))) << 8) | (int (ord (substr ($final, 17, 1)))), 4);
7160 $passwd .= domino_base64_encode ((int (ord (substr ($final, 18, 1))) << 16) | (int (ord (substr ($final, 19, 1))) << 8) | (int (ord (substr ($final, 20, 1)))), 4);
7161 $passwd .= domino_base64_encode ((int (ord (substr ($final, 21, 1))) << 16) | (int (ord (substr ($final, 22, 1))) << 8) | (int (ord (substr ($final, 23, 1)))), 4);
7162 $passwd .= domino_base64_encode ((int (ord (substr ($final, 24, 1))) << 16) | (int (ord (substr ($final, 25, 1))) << 8) | (int (ord (substr ($final, 26, 1)))), 4);
7163 $passwd .= domino_base64_encode ((int (ord (substr ($final, 27, 1))) << 16) | (int (ord (substr ($final, 28, 1))) << 8) | (int (ord (substr ($final, 29, 1)))), 4);
7164 $passwd .= domino_base64_encode ((int (ord (substr ($final, 30, 1))) << 16) | (int (ord (substr ($final, 31, 1))) << 8) | (int (ord (substr ($final, 32, 1)))), 4);
7165 $passwd .= domino_base64_encode ((int (ord (substr ($final, 33, 1))) << 16) | (int (ord (substr ($final, 34, 1))) << 8) | (int (ord (substr ($final, 35, 1)))), 4);
7167 if (defined ($char))
7169 substr ($passwd, 18, 1) = $char;
7175 sub domino_base64_encode
7180 my $itoa64 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
7184 while (($n - 1) >= 0)
7188 $ret = substr ($itoa64, $v & 0x3f, 1) . $ret;
7198 my $itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
7203 my $v = unpack "V", substr($md5, $i*4, 4);
7205 $s64 .= substr($itoa64, $v & 0x3f, 1);
7214 my ($username, $password) = @_;
7216 $username = substr ($username . " " x 8, 0, 8);
7217 $password = substr ($password . " " x 8, 0, 8);
7219 my $username_ebc = ascii2ebcdic ($username);
7220 my $password_ebc = ascii2ebcdic ($password);
7222 my @pw = split ("", $password_ebc);
7224 for (my $i = 0; $i < 8; $i++)
7226 $pw[$i] = unpack ("C", $pw[$i]);
7229 $pw[$i] = pack ("C", $pw[$i] & 0xff);
7232 my $key = join ("", @pw);
7234 my $cipher = new Crypt::DES $key;
7236 my $ciphertext = $cipher->encrypt ($username_ebc);
7238 my $ct = unpack ("H16", $ciphertext);
7245 my ($username, $password) = @_;
7247 my $userpass = pack('n*', unpack('C*', uc($username.$password)));
7248 $userpass .= pack('C', 0) while (length($userpass) % 8);
7250 my $key = pack('H*', "0123456789ABCDEF");
7251 my $iv = pack('H*', "0000000000000000");
7253 my $c = new Crypt::CBC(
7260 my $key2 = substr($c->encrypt($userpass), length($userpass)-8, 8);
7262 my $c2 = new Crypt::CBC(
7269 my $hash = substr($c2->encrypt($userpass), length($userpass)-8, 8);
7271 return uc(unpack('H*', $hash));
7276 my $word_buf = shift;
7278 my $salt_buf = shift;
7280 my $w = sprintf ("%d%s%s", 0, $word_buf, $salt_buf);
7282 my $digest = sha1 ($w);
7284 for (my $i = 1; $i < 1024; $i++)
7286 $w = $digest . sprintf ("%d%s%s", $i, $word_buf, $salt_buf);
7288 $digest = sha1 ($w);
7291 my ($A, $B, $C, $D, $E) = unpack ("N5", $digest);
7293 return sprintf ("%08x%08x%08x%08x%08x", $A, $B, $C, $D, $E);
7301 my $itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
7305 while (($n - 1) >= 0)
7309 $ret .= substr ($itoa64, $v & 0x3f, 1);
7325 my $hash = ""; # hash to be returned by this function
7327 my $final = md5 ($pass . $salt . $pass);
7329 $salt = substr ($salt, 0, 8);
7331 my $tmp = $pass . $magic . $salt;
7333 my $pass_len = length ($pass);
7337 for ($i = $pass_len; $i > 0; $i -= 16)
7346 $tmp .= substr ($final, 0, $len);
7359 $tmp .= substr ($pass, 0, 1);
7365 $final = md5 ($tmp);
7367 for ($i = 0; $i < $iter; $i++)
7399 $final = md5 ($tmp);
7403 # now format the output sting ("hash")
7407 $hash = to64 ((ord (substr ($final, 0, 1)) << 16) | (ord (substr ($final, 6, 1)) << 8) | (ord (substr ($final, 12, 1))), 4);
7408 $hash .= to64 ((ord (substr ($final, 1, 1)) << 16) | (ord (substr ($final, 7, 1)) << 8) | (ord (substr ($final, 13, 1))), 4);
7409 $hash .= to64 ((ord (substr ($final, 2, 1)) << 16) | (ord (substr ($final, 8, 1)) << 8) | (ord (substr ($final, 14, 1))), 4);
7410 $hash .= to64 ((ord (substr ($final, 3, 1)) << 16) | (ord (substr ($final, 9, 1)) << 8) | (ord (substr ($final, 15, 1))), 4);
7411 $hash .= to64 ((ord (substr ($final, 4, 1)) << 16) | (ord (substr ($final, 10, 1)) << 8) | (ord (substr ($final, 5, 1))), 4);
7412 $hash .= to64 (ord (substr ($final, 11, 1)), 2);
7414 if ($iter == 1000) # default
7416 $hash_buf = sprintf ("%s%s\$%s", $magic , $salt , $hash);
7420 $hash_buf = sprintf ("%srounds=%i\$%s\$%s", $magic, $iter, $salt , $hash);
7432 my $hash = ""; # hash to be returned by this function
7434 my $final = sha512 ($pass . $salt . $pass);
7436 $salt = substr ($salt, 0, 16);
7438 my $tmp = $pass . $salt;
7440 my $pass_len = length ($pass);
7441 my $salt_len = length ($salt);
7445 for ($i = $pass_len; $i > 0; $i -= 16)
7454 $tmp .= substr ($final, 0, $len);
7473 $final = sha512 ($tmp);
7479 for ($i = 0; $i < $pass_len; $i++)
7484 $p_bytes = sha512 ($p_bytes);
7485 $p_bytes = substr ($p_bytes, 0, $pass_len);
7489 my $final_first_byte = ord (substr ($final, 0, 1));
7493 for ($i = 0; $i < (16 + $final_first_byte); $i++)
7498 $s_bytes = sha512 ($s_bytes);
7499 $s_bytes = substr ($s_bytes, 0, $salt_len);
7501 for ($i = 0; $i < $iter; $i++)
7533 $final = sha512 ($tmp);
7537 # now format the output string ("hash")
7541 $hash .= to64 ((ord (substr ($final, 0, 1)) << 16) | (ord (substr ($final, 21, 1)) << 8) | (ord (substr ($final, 42, 1))), 4);
7542 $hash .= to64 ((ord (substr ($final, 22, 1)) << 16) | (ord (substr ($final, 43, 1)) << 8) | (ord (substr ($final, 1, 1))), 4);
7543 $hash .= to64 ((ord (substr ($final, 44, 1)) << 16) | (ord (substr ($final, 2, 1)) << 8) | (ord (substr ($final, 23, 1))), 4);
7544 $hash .= to64 ((ord (substr ($final, 3, 1)) << 16) | (ord (substr ($final, 24, 1)) << 8) | (ord (substr ($final, 45, 1))), 4);
7545 $hash .= to64 ((ord (substr ($final, 25, 1)) << 16) | (ord (substr ($final, 46, 1)) << 8) | (ord (substr ($final, 4, 1))), 4);
7546 $hash .= to64 ((ord (substr ($final, 47, 1)) << 16) | (ord (substr ($final, 5, 1)) << 8) | (ord (substr ($final, 26, 1))), 4);
7547 $hash .= to64 ((ord (substr ($final, 6, 1)) << 16) | (ord (substr ($final, 27, 1)) << 8) | (ord (substr ($final, 48, 1))), 4);
7548 $hash .= to64 ((ord (substr ($final, 28, 1)) << 16) | (ord (substr ($final, 49, 1)) << 8) | (ord (substr ($final, 7, 1))), 4);
7549 $hash .= to64 ((ord (substr ($final, 50, 1)) << 16) | (ord (substr ($final, 8, 1)) << 8) | (ord (substr ($final, 29, 1))), 4);
7550 $hash .= to64 ((ord (substr ($final, 9, 1)) << 16) | (ord (substr ($final, 30, 1)) << 8) | (ord (substr ($final, 51, 1))), 4);
7551 $hash .= to64 ((ord (substr ($final, 31, 1)) << 16) | (ord (substr ($final, 52, 1)) << 8) | (ord (substr ($final, 10, 1))), 4);
7552 $hash .= to64 ((ord (substr ($final, 53, 1)) << 16) | (ord (substr ($final, 11, 1)) << 8) | (ord (substr ($final, 32, 1))), 4);
7553 $hash .= to64 ((ord (substr ($final, 12, 1)) << 16) | (ord (substr ($final, 33, 1)) << 8) | (ord (substr ($final, 54, 1))), 4);
7554 $hash .= to64 ((ord (substr ($final, 34, 1)) << 16) | (ord (substr ($final, 55, 1)) << 8) | (ord (substr ($final, 13, 1))), 4);
7555 $hash .= to64 ((ord (substr ($final, 56, 1)) << 16) | (ord (substr ($final, 14, 1)) << 8) | (ord (substr ($final, 35, 1))), 4);
7556 $hash .= to64 ((ord (substr ($final, 15, 1)) << 16) | (ord (substr ($final, 36, 1)) << 8) | (ord (substr ($final, 57, 1))), 4);
7557 $hash .= to64 ((ord (substr ($final, 37, 1)) << 16) | (ord (substr ($final, 58, 1)) << 8) | (ord (substr ($final, 16, 1))), 4);
7558 $hash .= to64 ((ord (substr ($final, 59, 1)) << 16) | (ord (substr ($final, 17, 1)) << 8) | (ord (substr ($final, 38, 1))), 4);
7559 $hash .= to64 ((ord (substr ($final, 18, 1)) << 16) | (ord (substr ($final, 39, 1)) << 8) | (ord (substr ($final, 60, 1))), 4);
7560 $hash .= to64 ((ord (substr ($final, 40, 1)) << 16) | (ord (substr ($final, 61, 1)) << 8) | (ord (substr ($final, 19, 1))), 4);
7561 $hash .= to64 ((ord (substr ($final, 62, 1)) << 16) | (ord (substr ($final, 20, 1)) << 8) | (ord (substr ($final, 41, 1))), 4);
7562 $hash .= to64 (ord (substr ($final, 63, 1)), 2);
7566 if ($iter == 5000) # default
7568 $hash_buf = sprintf ("%s%s\$%s", $magic, $salt , $hash);
7572 $hash_buf = sprintf ("%srounds=%i\$%s\$%s", $magic, $iter, $salt , $hash);
7584 my $hash = ""; # hash to be returned by this function
7586 my $final = sha256 ($pass . $salt . $pass);
7588 $salt = substr ($salt, 0, 16);
7590 my $tmp = $pass . $salt;
7592 my $pass_len = length ($pass);
7593 my $salt_len = length ($salt);
7597 for ($i = $pass_len; $i > 0; $i -= 16)
7606 $tmp .= substr ($final, 0, $len);
7625 $final = sha256 ($tmp);
7631 for ($i = 0; $i < $pass_len; $i++)
7636 $p_bytes = sha256 ($p_bytes);
7637 $p_bytes = substr ($p_bytes, 0, $pass_len);
7641 my $final_first_byte = ord (substr ($final, 0, 1));
7645 for ($i = 0; $i < (16 + $final_first_byte); $i++)
7650 $s_bytes = sha256 ($s_bytes);
7651 $s_bytes = substr ($s_bytes, 0, $salt_len);
7653 for ($i = 0; $i < $iter; $i++)
7685 $final = sha256 ($tmp);
7689 # now format the output string ("hash")
7693 $hash .= to64 ((ord (substr ($final, 0, 1)) << 16) | (ord (substr ($final, 10, 1)) << 8) | (ord (substr ($final, 20, 1))), 4);
7694 $hash .= to64 ((ord (substr ($final, 21, 1)) << 16) | (ord (substr ($final, 1, 1)) << 8) | (ord (substr ($final, 11, 1))), 4);
7695 $hash .= to64 ((ord (substr ($final, 12, 1)) << 16) | (ord (substr ($final, 22, 1)) << 8) | (ord (substr ($final, 2, 1))), 4);
7696 $hash .= to64 ((ord (substr ($final, 3, 1)) << 16) | (ord (substr ($final, 13, 1)) << 8) | (ord (substr ($final, 23, 1))), 4);
7697 $hash .= to64 ((ord (substr ($final, 24, 1)) << 16) | (ord (substr ($final, 4, 1)) << 8) | (ord (substr ($final, 14, 1))), 4);
7698 $hash .= to64 ((ord (substr ($final, 15, 1)) << 16) | (ord (substr ($final, 25, 1)) << 8) | (ord (substr ($final, 5, 1))), 4);
7699 $hash .= to64 ((ord (substr ($final, 6, 1)) << 16) | (ord (substr ($final, 16, 1)) << 8) | (ord (substr ($final, 26, 1))), 4);
7700 $hash .= to64 ((ord (substr ($final, 27, 1)) << 16) | (ord (substr ($final, 7, 1)) << 8) | (ord (substr ($final, 17, 1))), 4);
7701 $hash .= to64 ((ord (substr ($final, 18, 1)) << 16) | (ord (substr ($final, 28, 1)) << 8) | (ord (substr ($final, 8, 1))), 4);
7702 $hash .= to64 ((ord (substr ($final, 9, 1)) << 16) | (ord (substr ($final, 19, 1)) << 8) | (ord (substr ($final, 29, 1))), 4);
7703 $hash .= to64 ((ord (substr ($final, 31, 1)) << 8) | (ord (substr ($final, 30, 1))), 3);
7707 if ($iter == 5000) # default
7709 $hash_buf = sprintf ("%s%s\$%s", $magic, $salt , $hash);
7713 $hash_buf = sprintf ("%srounds=%i\$%s\$%s", $magic, $iter, $salt , $hash);
7719 sub aix_ssha256_pbkdf2
7721 my $word_buf = shift;
7722 my $salt_buf = shift;
7723 my $iterations = shift;
7725 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256);
7727 my $pbkdf2 = Crypt::PBKDF2->new (
7729 iterations => $iterations,
7733 my $hash_buf = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
7737 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 1, 1))) << 8) | (int (ord (substr ($hash_buf, 2, 1)))), 4);
7738 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 4, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
7739 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 6, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 8, 1)))), 4);
7740 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 9, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 11, 1)))), 4);
7741 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 12, 1))) << 16) | (int (ord (substr ($hash_buf, 13, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
7742 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 15, 1))) << 16) | (int (ord (substr ($hash_buf, 16, 1))) << 8) | (int (ord (substr ($hash_buf, 17, 1)))), 4);
7743 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 18, 1))) << 16) | (int (ord (substr ($hash_buf, 19, 1))) << 8) | (int (ord (substr ($hash_buf, 20, 1)))), 4);
7744 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 21, 1))) << 16) | (int (ord (substr ($hash_buf, 22, 1))) << 8) | (int (ord (substr ($hash_buf, 23, 1)))), 4);
7745 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 24, 1))) << 16) | (int (ord (substr ($hash_buf, 25, 1))) << 8) | (int (ord (substr ($hash_buf, 26, 1)))), 4);
7746 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 27, 1))) << 16) | (int (ord (substr ($hash_buf, 28, 1))) << 8) | (int (ord (substr ($hash_buf, 29, 1)))), 4);
7747 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 30, 1))) << 16) | (int (ord (substr ($hash_buf, 31, 1))) << 8) , 3);
7752 sub aix_ssha512_pbkdf2
7754 my $word_buf = shift;
7755 my $salt_buf = shift;
7756 my $iterations = shift;
7758 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 512);
7760 my $pbkdf2 = Crypt::PBKDF2->new (
7762 iterations => $iterations,
7765 my $hash_buf = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
7769 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 1, 1))) << 8) | (int (ord (substr ($hash_buf, 2, 1)))), 4);
7770 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 4, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
7771 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 6, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 8, 1)))), 4);
7772 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 9, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 11, 1)))), 4);
7773 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 12, 1))) << 16) | (int (ord (substr ($hash_buf, 13, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
7774 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 15, 1))) << 16) | (int (ord (substr ($hash_buf, 16, 1))) << 8) | (int (ord (substr ($hash_buf, 17, 1)))), 4);
7775 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 18, 1))) << 16) | (int (ord (substr ($hash_buf, 19, 1))) << 8) | (int (ord (substr ($hash_buf, 20, 1)))), 4);
7776 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 21, 1))) << 16) | (int (ord (substr ($hash_buf, 22, 1))) << 8) | (int (ord (substr ($hash_buf, 23, 1)))), 4);
7777 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 24, 1))) << 16) | (int (ord (substr ($hash_buf, 25, 1))) << 8) | (int (ord (substr ($hash_buf, 26, 1)))), 4);
7778 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 27, 1))) << 16) | (int (ord (substr ($hash_buf, 28, 1))) << 8) | (int (ord (substr ($hash_buf, 29, 1)))), 4);
7779 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 30, 1))) << 16) | (int (ord (substr ($hash_buf, 31, 1))) << 8) | (int (ord (substr ($hash_buf, 32, 1)))), 4);
7780 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 33, 1))) << 16) | (int (ord (substr ($hash_buf, 34, 1))) << 8) | (int (ord (substr ($hash_buf, 35, 1)))), 4);
7781 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 36, 1))) << 16) | (int (ord (substr ($hash_buf, 37, 1))) << 8) | (int (ord (substr ($hash_buf, 38, 1)))), 4);
7782 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 39, 1))) << 16) | (int (ord (substr ($hash_buf, 40, 1))) << 8) | (int (ord (substr ($hash_buf, 41, 1)))), 4);
7783 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 42, 1))) << 16) | (int (ord (substr ($hash_buf, 43, 1))) << 8) | (int (ord (substr ($hash_buf, 44, 1)))), 4);
7784 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 45, 1))) << 16) | (int (ord (substr ($hash_buf, 46, 1))) << 8) | (int (ord (substr ($hash_buf, 47, 1)))), 4);
7785 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 48, 1))) << 16) | (int (ord (substr ($hash_buf, 49, 1))) << 8) | (int (ord (substr ($hash_buf, 50, 1)))), 4);
7786 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 51, 1))) << 16) | (int (ord (substr ($hash_buf, 52, 1))) << 8) | (int (ord (substr ($hash_buf, 53, 1)))), 4);
7787 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 54, 1))) << 16) | (int (ord (substr ($hash_buf, 55, 1))) << 8) | (int (ord (substr ($hash_buf, 56, 1)))), 4);
7788 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 57, 1))) << 16) | (int (ord (substr ($hash_buf, 58, 1))) << 8) | (int (ord (substr ($hash_buf, 59, 1)))), 4);
7789 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 60, 1))) << 16) | (int (ord (substr ($hash_buf, 61, 1))) << 8) | (int (ord (substr ($hash_buf, 62, 1)))), 4);
7790 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 63, 1))) << 16) , 2);
7795 sub aix_ssha1_pbkdf2
7797 my $word_buf = shift;
7798 my $salt_buf = shift;
7799 my $iterations = shift;
7801 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1');
7803 my $pbkdf2 = Crypt::PBKDF2->new (
7805 iterations => $iterations,
7808 my $hash_buf = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
7812 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 1, 1))) << 8) | (int (ord (substr ($hash_buf, 2, 1)))), 4);
7813 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 4, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
7814 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 6, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 8, 1)))), 4);
7815 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 9, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 11, 1)))), 4);
7816 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 12, 1))) << 16) | (int (ord (substr ($hash_buf, 13, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
7817 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 15, 1))) << 16) | (int (ord (substr ($hash_buf, 16, 1))) << 8) | (int (ord (substr ($hash_buf, 17, 1)))), 4);
7818 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 18, 1))) << 16) | (int (ord (substr ($hash_buf, 19, 1))) << 8) , 3);
7827 my @data = split "", $data_s;
7830 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
7831 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
7832 "\x3f\x40\x41\x50\x43\x44\x45\x4b\x47\x48\x4d\x4e\x54\x51\x53\x46" .
7833 "\x35\x36\x37\x38\x39\x3a\x3b\x3c\x3d\x3e\x56\x55\x5c\x49\x5d\x4a" .
7834 "\x42\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" .
7835 "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x58\x5b\x59\xff\x52" .
7836 "\x4c\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" .
7837 "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x57\x5e\x5a\x4f\xff" .
7838 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
7839 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
7840 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
7841 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
7842 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
7843 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
7844 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
7845 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff";
7847 my @transTable = unpack ("C256", $transTable_s);
7851 for (my $i = 0; $i < scalar @data; $i++)
7853 $out[$i] = $transTable[int (ord ($data[$i]))];
7856 return pack ("C*", @out);
7861 my $digest_s = shift;
7866 my @w = unpack "C*", $w_s;
7867 my @s = unpack "C*", $s_s;
7870 "\x14\x77\xf3\xd4\xbb\x71\x23\xd0\x03\xff\x47\x93\x55\xaa\x66\x91" .
7871 "\xf2\x88\x6b\x99\xbf\xcb\x32\x1a\x19\xd9\xa7\x82\x22\x49\xa2\x51" .
7872 "\xe2\xb7\x33\x71\x8b\x9f\x5d\x01\x44\x70\xae\x11\xef\x28\xf0\x0d";
7874 my @bcodeTable = unpack ("C48", $bcodeTable_s);
7876 my @abcd = unpack ("C16", $digest_s);
7878 my $sum20 = ($abcd[0] & 3)
7888 for (my $i2 = 0; $i2 < $sum20; $i2++)
7893 for (my $i1 = 0, my $i2 = 0, my $i3 = 0; $i2 < $sum20; $i2++, $i2++)
7895 if ($i1 < length $w_s)
7897 if ($abcd[15 - $i1] & 1)
7899 $out[$i2] = $bcodeTable[48 - 1 - $i1];
7904 $out[$i2] = $w[$i1];
7910 if ($i3 < length $s_s)
7912 $out[$i2] = $s[$i3];
7918 $out[$i2] = $bcodeTable[$i2 - $i1 - $i3];
7921 return substr (pack ("C*", @out), 0, $sum20);
7926 my @key_56 = split (//, shift);
7932 $key .= chr(((ord($key_56[0]) << 7) | (ord($key_56[1]) >> 1)) & 255);
7933 $key .= chr(((ord($key_56[1]) << 6) | (ord($key_56[2]) >> 2)) & 255);
7934 $key .= chr(((ord($key_56[2]) << 5) | (ord($key_56[3]) >> 3)) & 255);
7935 $key .= chr(((ord($key_56[3]) << 4) | (ord($key_56[4]) >> 4)) & 255);
7936 $key .= chr(((ord($key_56[4]) << 3) | (ord($key_56[5]) >> 5)) & 255);
7937 $key .= chr(((ord($key_56[5]) << 2) | (ord($key_56[6]) >> 6)) & 255);
7938 $key .= chr(( ord($key_56[6]) << 1) & 255);
7949 for (my $i = 0; $i < $len; $i++)
7951 my $c = get_random_chr (0, 255);
7956 return join ("", @arr);
7959 sub get_random_netntlmv1_salt
7961 my $len_user = shift;
7962 my $len_domain = shift;
7968 for (my $i = 0; $i < $len_user; $i++)
7970 $type = get_random_num (1, 3);
7974 $char = get_random_chr (0x30, 0x39);
7978 $char = get_random_chr (0x41, 0x5A);
7982 $char = get_random_chr (0x61, 0x7A);
7990 for (my $i = 0; $i < $len_domain; $i++)
7992 $type = get_random_num (1, 3);
7996 $char = get_random_chr (0x30, 0x39);
8000 $char = get_random_chr (0x41, 0x5A);
8004 $char = get_random_chr (0x61, 0x7A);
8010 my $c_challenge = randbytes (8);
8011 my $s_challenge = randbytes (8);
8013 my $salt_buf = $user . "::" . $domain . ":" . unpack ("H*", $c_challenge) . unpack ("H*", $s_challenge);
8018 sub get_random_netntlmv2_salt
8020 my $len_user = shift;
8021 my $len_domain = shift;
8027 if ($len_user + $len_domain > 27)
8029 if ($len_user > $len_domain)
8031 $len_user = 27 - $len_domain;
8035 $len_domain = 27 - $len_user;
8039 for (my $i = 0; $i < $len_user; $i++)
8041 $type = get_random_num (1, 3);
8045 $char = get_random_chr (0x30, 0x39);
8049 $char = get_random_chr (0x41, 0x5A);
8053 $char = get_random_chr (0x61, 0x7A);
8061 for (my $i = 0; $i < $len_domain; $i++)
8063 $type = get_random_num (1, 3);
8067 $char = get_random_chr (0x30, 0x39);
8071 $char = get_random_chr (0x41, 0x5A);
8075 $char = get_random_chr (0x61, 0x7A);
8081 my $c_challenge = randbytes (8);
8082 my $s_challenge = randbytes (8);
8084 my $temp = "\x01\x01" .
8089 randbytes (20 * rand () + 1) .
8092 my $salt_buf = $user . "::" . $domain . ":" . unpack ("H*", $s_challenge) . unpack ("H*", $temp);
8097 sub get_random_ike_salt
8101 for (my $i = 0; $i < 40; $i++)
8103 $nr_buf .= get_random_chr (0, 0xff);
8108 for (my $i = 0; $i < 440; $i++)
8110 $msg_buf .= get_random_chr (0, 0xff);
8113 my $nr_buf_hex = unpack ("H*", $nr_buf);
8114 my $msg_buf_hex = unpack ("H*", $msg_buf);
8116 my $salt_buf = sprintf ("%s:%s:%s:%s:%s:%s:%s:%s", substr ($msg_buf_hex, 0, 256), substr ($msg_buf_hex, 256, 256), substr ($msg_buf_hex, 512, 16), substr ($msg_buf_hex, 528, 16), substr ($msg_buf_hex, 544, 320), substr ($msg_buf_hex, 864, 16), substr ($nr_buf_hex, 0, 40), substr ($nr_buf_hex, 40, 40));
8121 sub get_random_agilekeychain_salt
8125 for (my $i = 0; $i < 8; $i++)
8127 $salt_buf .= get_random_chr (0x0, 0xff);
8132 for (my $i = 0; $i < 16; $i++)
8134 $iv .= get_random_chr (0x0, 0xff);
8137 my $prefix = "\x00" x 1008;
8139 my $ret = unpack ("H*", $salt_buf . $prefix . $iv);
8144 sub get_random_cloudkeychain_salt
8148 for (my $i = 0; $i < 16; $i++)
8150 $salt_buf .= get_random_chr (0x0, 0xff);
8153 for (my $i = 0; $i < 304; $i++)
8155 $salt_buf .= get_random_chr (0x0, 0xff);
8158 my $ret = unpack ("H*", $salt_buf);
8163 sub get_random_kerberos5_salt
8165 my $custom_salt = shift;
8167 my $clear_data = randbytes (14) .
8168 strftime ("%Y%m%d%H%M%S", localtime) .
8172 my $realm = "realm";
8175 my $salt_buf = $user . "\$" . $realm . "\$" . $salt . "\$" . unpack ("H*", $custom_salt) . "\$" . unpack ("H*", $clear_data) . "\$";
8180 sub get_random_kerberos5_tgs_salt
8182 my $nonce = randbytes (8);
8185 my $realm = "realm";
8186 my $spn = "test/spn";
8188 my $salt_buf = $user . "\$" . $realm . "\$" . $spn . "\$" . unpack ("H*",$nonce);
8193 sub get_random_axcrypt_salt
8195 my $mysalt = randbytes (16);
8197 $mysalt = unpack ("H*", $mysalt);
8199 my $iteration = get_random_num (6, 100000);
8201 my $salt_buf = $iteration . '*' . $mysalt;
8206 sub get_random_md5chap_salt
8208 my $salt_buf = shift;
8210 my $salt = unpack ("H*", $salt_buf);
8214 $salt .= unpack ("H*", randbytes (1));
8219 sub get_random_dnssec_salt
8225 for (my $i = 0; $i < 8; $i++)
8227 $salt_buf .= get_random_chr (0x61, 0x7a);
8230 $salt_buf .= ".net";
8234 for (my $i = 0; $i < 8; $i++)
8236 $salt_buf .= get_random_chr (0x30, 0x39);
8249 my $byte_off = int ($bit / 8);
8250 my $bit_off = int ($bit % 8);
8252 my $char = substr ($digest, $byte_off, 1);
8253 my $num = ord ($char);
8255 return (($num & (1 << $bit_off)) ? 1 : 0);
8264 my $constant_phrase =
8265 "To be, or not to be,--that is the question:--\n" .
8266 "Whether 'tis nobler in the mind to suffer\n" .
8267 "The slings and arrows of outrageous fortune\n" .
8268 "Or to take arms against a sea of troubles,\n" .
8269 "And by opposing end them?--To die,--to sleep,--\n" .
8270 "No more; and by a sleep to say we end\n" .
8271 "The heartache, and the thousand natural shocks\n" .
8272 "That flesh is heir to,--'tis a consummation\n" .
8273 "Devoutly to be wish'd. To die,--to sleep;--\n" .
8274 "To sleep! perchance to dream:--ay, there's the rub;\n" .
8275 "For in that sleep of death what dreams may come,\n" .
8276 "When we have shuffled off this mortal coil,\n" .
8277 "Must give us pause: there's the respect\n" .
8278 "That makes calamity of so long life;\n" .
8279 "For who would bear the whips and scorns of time,\n" .
8280 "The oppressor's wrong, the proud man's contumely,\n" .
8281 "The pangs of despis'd love, the law's delay,\n" .
8282 "The insolence of office, and the spurns\n" .
8283 "That patient merit of the unworthy takes,\n" .
8284 "When he himself might his quietus make\n" .
8285 "With a bare bodkin? who would these fardels bear,\n" .
8286 "To grunt and sweat under a weary life,\n" .
8287 "But that the dread of something after death,--\n" .
8288 "The undiscover'd country, from whose bourn\n" .
8289 "No traveller returns,--puzzles the will,\n" .
8290 "And makes us rather bear those ills we have\n" .
8291 "Than fly to others that we know not of?\n" .
8292 "Thus conscience does make cowards of us all;\n" .
8293 "And thus the native hue of resolution\n" .
8294 "Is sicklied o'er with the pale cast of thought;\n" .
8295 "And enterprises of great pith and moment,\n" .
8296 "With this regard, their currents turn awry,\n" .
8297 "And lose the name of action.--Soft you now!\n" .
8298 "The fair Ophelia!--Nymph, in thy orisons\n" .
8299 "Be all my sins remember'd.\n\x00";
8301 my $constant_len = length ($constant_phrase);
8303 my $hash_buf = md5 ($pw . $salt);
8309 for (my $round = 0; $round < $iter; $round++)
8311 my $shift_a = md5bit ($hash_buf, $round + 0);
8312 my $shift_b = md5bit ($hash_buf, $round + 64);
8317 for (my $k = 0; $k < 16; $k++)
8319 my $s7shift = ord (substr ($hash_buf, $k, 1)) % 8;
8321 my $l = ($k + 3) % 16;
8323 my $num = ord (substr ($hash_buf, $l, 1));
8325 $shift_4[$k] = $num % 5;
8327 $shift_7[$k] = ($num >> $s7shift) & 1;
8332 for (my $k = 0; $k < 16; $k++)
8334 $indirect_4[$k] = (ord (substr ($hash_buf, $k, 1)) >> $shift_4[$k]) & 0xf;
8339 for (my $k = 0; $k < 16; $k++)
8341 $indirect_7[$k] = (ord (substr ($hash_buf, $indirect_4[$k], 1)) >> $shift_7[$k]) & 0x7f;
8347 for (my $k = 0; $k < 8; $k++)
8349 $indirect_a |= md5bit ($hash_buf, $indirect_7[$k + 0]) << $k;
8351 $indirect_b |= md5bit ($hash_buf, $indirect_7[$k + 8]) << $k;
8354 $indirect_a = ($indirect_a >> $shift_a) & 0x7f;
8355 $indirect_b = ($indirect_b >> $shift_b) & 0x7f;
8357 my $bit_a = md5bit ($hash_buf, $indirect_a);
8358 my $bit_b = md5bit ($hash_buf, $indirect_b);
8368 if ($bit_a ^ $bit_b)
8370 substr ($W, 16, 48) = substr ($constant_phrase, 0, 48);
8374 $to_hash .= substr ($W, 0, 64);
8378 for ($constant_off = 48; $constant_off < $constant_len - 64; $constant_off += 64)
8380 substr ($W, 0, 64) = substr ($constant_phrase, $constant_off, 64);
8384 $to_hash .= substr ($W, 0, 64);
8387 $pos = $constant_len - $constant_off;
8391 substr ($W, 0, $pos) = substr ($constant_phrase, $constant_off, $pos);
8406 my $round_div = int ($tmp / 10);
8407 my $round_mod = int ($tmp % 10);
8411 $a_buf[int ($a_len / 4)] = (($round_mod + 0x30) | ($a_buf[int ($a_len / 4)] << 8));
8421 for ($g = 0; $g < $a_len; $g++)
8423 my $remainder = $a_buf[$g];
8429 while ($remainder > 0)
8431 $sub = $remainder >> (8 * $factor);
8433 if ($started != 1 || $sub > 0)
8437 $tmp_str = chr ($sub) . $tmp_str;
8439 $remainder -= ($sub << (8 * $factor));
8447 substr ($W, $pos, $a_len) = $tmp_str;
8453 $to_hash .= substr ($W, 0, $pos);
8455 $to_hash = substr ($to_hash, 0, $total);
8457 $hash_buf = md5 ($to_hash);
8462 $passwd .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 6, 1))) << 8) | (int (ord (substr ($hash_buf, 12, 1)))), 4);
8463 $passwd .= to64 ((int (ord (substr ($hash_buf, 1, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 13, 1)))), 4);
8464 $passwd .= to64 ((int (ord (substr ($hash_buf, 2, 1))) << 16) | (int (ord (substr ($hash_buf, 8, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
8465 $passwd .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 9, 1))) << 8) | (int (ord (substr ($hash_buf, 15, 1)))), 4);
8466 $passwd .= to64 ((int (ord (substr ($hash_buf, 4, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
8467 $passwd .= to64 ((int (ord (substr ($hash_buf, 11, 1)))), 2);
8474 die ("usage: $0 single|passthrough| [mode] [len]\n" .
8476 " $0 verify [mode] [hashfile] [cracks] [outfile]\n");
8481 my $block_ref = shift;
8485 my $value = 16 - $offset;
8487 for (my $i = $offset; $i < 16; $i++)
8489 push @{$block_ref}, $value;
8499 for (my $i = 0; $i < 18; $i++)
8501 for (my $j = 0; $j < 48; $j++)
8503 $p = ($p + 48 - $j) & 0xff;
8505 my $c = $lotus_magic_table[$p];
8507 $p = $in_ref->[$j] ^ $c;
8514 sub lotus_transform_password
8517 my $out_ref = shift;
8519 my $t = $out_ref->[15];
8521 for (my $i = 0; $i < 16; $i++)
8523 $t ^= $in_ref->[$i];
8525 my $c = $lotus_magic_table[$t];
8527 $out_ref->[$i] ^= $c;
8529 $t = $out_ref->[$i];
8533 sub mdtransform_norecalc
8535 my $state_ref = shift;
8536 my $block_ref = shift;
8540 push (@x, @{$state_ref});
8541 push (@x, @{$block_ref});
8543 for (my $i = 0; $i < 16; $i++)
8545 push (@x, $x[0 + $i] ^ $x[16 + $i]);
8550 for (my $i = 0; $i < 16; $i++)
8552 $state_ref->[$i] = $x[$i];
8558 my $state_ref = shift;
8559 my $checksum_ref = shift;
8560 my $block_ref = shift;
8562 mdtransform_norecalc ($state_ref, $block_ref);
8564 lotus_transform_password ($block_ref, $checksum_ref);
8569 my $saved_key_ref = shift;
8573 @{$saved_key_ref} = splice (@{$saved_key_ref}, 0, $size);
8575 my @state = (0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
8581 for ($curpos = 0; $curpos + 16 < $size; $curpos += 16)
8583 my $curpos16 = $curpos + 16;
8585 my @block = splice (@{$saved_key_ref}, 0, 16);
8587 mdtransform (\@state, \@checksum, \@block);
8590 my $left = $size - $curpos;
8592 my @block = splice (@{$saved_key_ref}, 0, 16);
8594 pad16 (\@block, $left);
8596 mdtransform (\@state, \@checksum, \@block);
8598 mdtransform_norecalc (\@state, \@checksum);
8603 sub pdf_compute_encryption_key
8605 my $word_buf = shift;
8606 my $padding = shift;
8621 $data .= substr ($padding, 0, 32 - length $word_buf);
8623 $data .= pack ("H*", $o);
8625 $data .= pack ("I", $P);
8627 $data .= pack ("H*", $id);
8633 $data .= pack ("I", -1);
8637 my $res = md5 ($data);
8641 for (my $i = 0; $i < 50; $i++)
8650 sub gen_random_wpa_eapol
8659 my $version = 1; # 802.1X-2001
8661 $ret .= pack ("C*", $version);
8663 my $type = 3; # means that this EAPOL frame is used to transfer key information
8665 $ret .= pack ("C*", $type);
8667 my $length; # length of remaining data
8678 $ret .= pack ("n*", $length);
8680 my $descriptor_type;
8684 $descriptor_type = 254; # EAPOL WPA key
8688 $descriptor_type = 1; # EAPOL RSN key
8691 $ret .= pack ("C*", $descriptor_type);
8693 # key_info is a bit vector:
8694 # generated from these 13 bits: encrypted key data, request, error, secure, key mic, key ack, install, key index (2), key type, key descriptor (3)
8698 $key_info |= 1 << 8; # set key MIC
8699 $key_info |= 1 << 3; # set if it is a pairwise key
8703 $key_info |= 1 << 0; # RC4 Cipher, HMAC-MD5 MIC
8707 $key_info |= 1 << 1; # AES Cipher, HMAC-SHA1 MIC
8710 $ret .= pack ("n*", $key_info);
8723 $ret .= pack ("n*", $key_length);
8725 my $replay_counter = 1;
8727 $ret .= pack ("Q>*", $replay_counter);
8731 my $key_iv = "\x00" x 16;
8735 my $key_rsc = "\x00" x 8;
8739 my $key_id = "\x00" x 8;
8743 my $key_mic = "\x00" x 16;
8751 $key_data_len = 24; # length of the key_data (== WPA info)
8755 $key_data_len = 22; # length of the key_data (== RSN info)
8758 $ret .= pack ("n*", $key_data_len);
8768 my $vendor_specific_data = "";
8770 my $tag_number = 221; # means it is a vendor specific tag
8772 $vendor_specific_data .= pack ("C*", $tag_number);
8774 my $tag_len = 22; # length of the remaining "tag data"
8776 $vendor_specific_data .= pack ("C*", $tag_len);
8778 my $vendor_specific_oui = pack ("H*", "0050f2"); # microsoft
8780 $vendor_specific_data .= $vendor_specific_oui;
8782 my $vendor_specific_oui_type = 1; # WPA Information Element
8784 $vendor_specific_data .= pack ("C*", $vendor_specific_oui_type);
8786 my $vendor_specific_wpa_version = 1;
8788 $vendor_specific_data .= pack ("v*", $vendor_specific_wpa_version);
8792 my $vendor_specific_multicast_oui = pack ("H*", "0050f2");
8794 $vendor_specific_data .= $vendor_specific_multicast_oui;
8796 my $vendor_specific_multicast_type = 2; # TKIP
8798 $vendor_specific_data .= pack ("C*", $vendor_specific_multicast_type);
8802 my $vendor_specific_unicast_count = 1;
8804 $vendor_specific_data .= pack ("v*", $vendor_specific_unicast_count);
8806 my $vendor_specific_unicast_oui = pack ("H*", "0050f2");
8808 $vendor_specific_data .= $vendor_specific_multicast_oui;
8810 my $vendor_specific_unicast_type = 2; # TKIP
8812 $vendor_specific_data .= pack ("C*", $vendor_specific_unicast_type);
8814 # Auth Key Management (AKM)
8816 my $auth_key_management_count = 1;
8818 $vendor_specific_data .= pack ("v*", $auth_key_management_count);
8820 my $auth_key_management_oui = pack ("H*", "0050f2");
8822 $vendor_specific_data .= $auth_key_management_oui;
8824 my $auth_key_management_type = 2; # Pre-Shared Key (PSK)
8826 $vendor_specific_data .= pack ("C*", $auth_key_management_type);
8828 $wpa_info = $vendor_specific_data;
8830 $key_data = $wpa_info;
8838 my $tag_number = 48; # RSN info
8840 $rsn_info .= pack ("C*", $tag_number);
8842 my $tag_len = 20; # length of the remaining "tag_data"
8844 $rsn_info .= pack ("C*", $tag_len);
8846 my $rsn_version = 1;
8848 $rsn_info .= pack ("v*", $rsn_version);
8850 # group cipher suite
8852 my $group_cipher_suite_oui = pack ("H*", "000fac"); # Ieee8021
8854 $rsn_info .= $group_cipher_suite_oui;
8856 my $group_cipher_suite_type = 4; # AES (CCM)
8858 $rsn_info .= pack ("C*", $group_cipher_suite_type);
8860 # pairwise cipher suite
8862 my $pairwise_cipher_suite_count = 1;
8864 $rsn_info .= pack ("v*", $pairwise_cipher_suite_count);
8866 my $pairwise_cipher_suite_oui = pack ("H*", "000fac"); # Ieee8021
8868 $rsn_info .= $pairwise_cipher_suite_oui;
8870 my $pairwise_cipher_suite_type = 4; # AES (CCM)
8872 $rsn_info .= pack ("C*", $pairwise_cipher_suite_type);
8874 # Auth Key Management (AKM)
8876 my $auth_key_management_count = 1;
8878 $rsn_info .= pack ("v*", $auth_key_management_count);
8880 my $auth_key_management_oui = pack ("H*", "000fac"); # Ieee8021
8882 $rsn_info .= $auth_key_management_oui;
8884 my $auth_key_management_type = 2; # Pre-Shared Key (PSK)
8886 $rsn_info .= pack ("C*", $auth_key_management_type);
8890 # bit vector of these 9 bits: peerkey enabled, management frame protection (MFP) capable, MFP required,
8891 # RSN GTKSA Capabilities (2), RSN PTKSA Capabilities (2), no pairwise Capabilities, Pre-Auth Capabilities
8893 my $rsn_capabilities = pack ("H*", "0000");
8895 $rsn_info .= $rsn_capabilities;
8897 $key_data = $rsn_info;
8913 my $data = "Pairwise key expansion";
8918 # Min(AA, SPA) || Max(AA, SPA)
8921 # compare if greater: Min()/Max() on the MACs (6 bytes)
8923 if (memcmp ($stmac, $bssid, 6) < 0)
8935 # Min(ANonce,SNonce) || Max(ANonce,SNonce)
8938 # compare if greater: Min()/Max() on the nonces (32 bytes)
8940 if (memcmp ($snonce, $anonce, 32) < 0)
8953 my $prf_buf = hmac ($data, $pmk, \&sha1);
8955 $prf_buf = substr ($prf_buf, 0, 16);
8966 my $len_str1 = length ($str1);
8967 my $len_str2 = length ($str2);
8969 if (($len > $len_str1) || ($len > $len_str2))
8971 print "ERROR: memcmp () lengths wrong";
8976 for (my $i = 0; $i < $len; $i++)
8978 my $c_1 = ord (substr ($str1, $i, 1));
8979 my $c_2 = ord (substr ($str2, $i, 1));
8981 return -1 if ($c_1 < $c_2);
8982 return 1 if ($c_1 > $c_2);