4 ## Author......: Jens Steube <jens.steube@gmail.com>
10 use Digest
::MD4 qw
(md4 md4_hex
);
11 use Digest
::MD5 qw
(md5 md5_hex
);
12 use Digest
::SHA qw
(sha1 sha256 sha384 sha512 sha1_hex sha256_hex sha384_hex sha512_hex
);
13 use Digest
::HMAC qw
(hmac hmac_hex
);
14 use Digest
::Keccak qw
(keccak_256_hex
);
15 use Crypt
::MySQL qw
(password41
);
16 use Digest
::GOST qw
(gost gost_hex
);
17 use Digest
::HMAC_MD5 qw
(hmac_md5
);
18 use Digest
::CRC qw
(crc32
);
21 use Crypt
::ECB qw
(encrypt PADDING_AUTO PADDING_NONE
);
23 use Crypt
::Eksblowfish
::Bcrypt qw
(bcrypt en_base64
);
24 use Crypt
::Digest
::RIPEMD160 qw
(ripemd160_hex
);
25 use Crypt
::Digest
::Whirlpool qw
(whirlpool_hex
);
27 use Crypt
::ScryptKDF qw
(scrypt_hash scrypt_b64
);
31 use Crypt
::UnixCrypt_XS qw
(crypt_rounds fold_password base64_to_int24 block_to_base64 int24_to_base64
);
33 use Authen
::Passphrase
::NTHash
;
34 use Authen
::Passphrase
::MySQL323
;
35 use Authen
::Passphrase
::PHPass
;
36 use Authen
::Passphrase
::LANManager
;
38 use POSIX qw
(strftime
);
40 use Net
::DNS
::RR
::NSEC3
;
41 use Convert
::EBCDIC qw
(ascii2ebcdic
);
42 use Digest
::SipHash qw
/siphash/;
44 my $hashcat = "./oclHashcat";
48 my @modes = (0, 10, 11, 12, 20, 21, 22, 23, 30, 40, 50, 60, 100, 101, 110, 111, 112, 120, 121, 122, 125, 130, 131, 132, 140, 141, 150, 160, 190, 200, 300, 400, 500, 900, 1000, 1100, 1400, 1410, 1420, 1430, 1440, 1441, 1450, 1460, 1500, 1600, 1700, 1710, 1711, 1720, 1730, 1740, 1722, 1731, 1750, 1760, 1800, 2100, 2400, 2410, 2500, 2600, 2611, 2612, 2711, 2811, 3000, 3100, 3200, 3710, 3711, 3300, 3500, 3610, 3720, 3800, 3910, 4010, 4110, 4210, 4300, 4400, 4500, 4600, 4700, 4800, 4900, 5000, 5100, 5300, 5400, 5500, 5600, 5700, 5800, 6000, 6100, 6300, 6400, 6500, 6600, 6700, 6800, 6900, 7100, 7200, 7300, 7400, 7500, 7600, 7700, 7800, 7900, 8000, 8100, 8200, 8300, 8400, 8500, 8600, 8700, 8900, 9100, 9200, 9300, 9400, 9500, 9600, 9700, 9800, 9900, 10000, 10100, 10200, 10300, 10400, 10500, 10600, 10700, 10800, 10900, 11000, 11100, 11200, 11300, 11400, 11500, 11600, 11900, 12000, 12100, 12200, 12300, 12400, 12600, 12700, 12800, 12900, 13000, 13100, 13200, 13300, 13400);
50 my %is_unicode = map { $_ => 1 } qw(30 40 130 131 132 133 140 141 1000 1100 1430 1440 1441 1730 1740 1731 5500 5600 8000 9400 9500 9600 9700 9800);
51 my %less_fifteen = map { $_ => 1 } qw(500 1600 1800 2400 2410 3200 6300 7400 10500 10700);
52 my %allow_long_salt = map { $_ => 1 } qw(2500 5500 5600 7100 7200 7300 9400 9500 9600 9700 9800 10400 10500 10600 10700 1100 11000 11200 11300 11400 11600 12600);
54 my @lotus_magic_table =
56 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a,
57 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0,
58 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b,
59 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a,
60 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda,
61 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36,
62 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8,
63 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c,
64 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17,
65 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60,
66 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72,
67 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa,
68 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd,
69 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e,
70 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b,
71 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf,
72 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77,
73 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6,
74 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3,
75 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3,
76 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e,
77 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c,
78 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d,
79 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2,
80 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46,
81 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5,
82 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97,
83 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5,
84 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef,
85 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f,
86 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf,
87 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab
92 0x28, 0xbf, 0x4e, 0x5e, 0x4e, 0x75, 0x8a, 0x41,
93 0x64, 0x00, 0x4e, 0x56, 0xff, 0xfa, 0x01, 0x08,
94 0x2e, 0x2e, 0x00, 0xb6, 0xd0, 0x68, 0x3e, 0x80,
95 0x2f, 0x0c, 0xa9, 0xfe, 0x64, 0x53, 0x69, 0x7a
98 my $CISCO_BASE64_MAPPING = {'A', '.', 'B', '/', 'C', '0', 'D', '1', 'E', '2', 'F', '3', 'G', '4', 'H', '5', 'I', '6', 'J', '7', 'K', '8', 'L', '9', 'M', 'A', 'N', 'B', 'O', 'C', 'P', 'D', 'Q', 'E', 'R', 'F', 'S', 'G', 'T', 'H', 'U', 'I', 'V', 'J', 'W', 'K', 'X', 'L', 'Y', 'M', 'Z', 'N', 'a', 'O', 'b', 'P', 'c', 'Q', 'd', 'R', 'e', 'S', 'f', 'T', 'g', 'U', 'h', 'V', 'i', 'W', 'j', 'X', 'k', 'Y', 'l', 'Z', 'm', 'a', 'n', 'b', 'o', 'c', 'p', 'd', 'q', 'e', 'r', 'f', 's', 'g', 't', 'h', 'u', 'i', 'v', 'j', 'w', 'k', 'x', 'l', 'y', 'm', 'z', 'n', '0', 'o', '1', 'p', '2', 'q', '3', 'r', '4', 's', '5', 't', '6', 'u', '7', 'v', '8', 'w', '9', 'x', '+', 'y', '/', 'z'};
100 if (scalar @ARGV < 1)
111 if ($type ne "verify")
113 if (scalar @ARGV > 1)
118 elsif (scalar @ARGV == 1)
128 if ($type eq "single")
132 elsif ($type eq "passthrough")
143 if (scalar @ARGV != 4)
148 my $mode = shift @ARGV;
149 my $hash_file = shift @ARGV;
150 my $in_file = shift @ARGV;
151 my $out_file = shift @ARGV;
155 open (IN
, "<", $hash_file) or die ("$hash_file: $!\n");
157 # clever ? the resulting database could be huge
158 # but we need some way to map lines in hashfile w/ cracks
159 # maybe rli2 way would be more clever (needs sorted input)
161 while (my $line = <IN
>)
163 $line =~ s/[\n\r]*$//;
165 $db->{$line} = undef;
170 verify
($mode, $db, $in_file, $out_file);
178 my $out_file = shift;
197 open (IN
, "<", $in_file) or die ("$in_file: $!\n");
198 open (OUT
, ">", $out_file) or die ("$out_file: $!\n");
202 my $base64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
203 my $itoa64_1 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
204 my $itoa64_2 = "./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
206 while (my $line = <IN
>)
213 # remember always do "exists ($db->{$hash_in})" checks as soon as possible and don't forget it
216 if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 133 || $mode == 190 || $mode == 200 || $mode == 300 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3000 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 5700 || $mode == 6000 || $mode == 6100 || $mode == 6900 || $mode == 8600 || $mode == 9900 || $mode == 10800 || $mode == 11500)
218 my $index = index ($line, ":");
222 $hash_in = substr ($line, 0, $index);
224 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
226 $word = substr ($line, $index + 1);
229 elsif ($mode == 10 || $mode == 11 || $mode == 12 || $mode == 20 || $mode == 21 || $mode == 22 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 112 || $mode == 120 || $mode == 121 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1100 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 2410 || $mode == 2611 || $mode == 2711 || $mode == 2811 || $mode == 3100 || $mode == 3610 || $mode == 3710 || $mode == 3720 || $mode == 3800 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 4900 || $mode == 5800 || $mode == 7600 || $mode == 8400 || $mode == 11000 || $mode == 12600)
232 my $index1 = index ($line, ":");
236 $hash_in = substr ($line, 0, $index1);
238 # identify lenghts of both salt and plain
240 my $salt_plain = substr ($line, $index1 + 1);
242 my $num_cols = () = $salt_plain =~ /:/g;
251 foreach (my $i = 0; $i < $num_cols; $i++)
253 $index2 = index ($salt_plain, ":", $start);
257 $start = $index2 + 1;
259 $salt = substr ($salt_plain, 0, $index2);
260 $word = substr ($salt_plain, $index2 + 1);
262 # can't be true w/ wrong $hash:$salt, otherwise the
263 # algo must have many collisions
265 if (exists ($db->{$hash_in . ":" . $salt}))
267 $hash_in = $hash_in . ":" . $salt;
273 next unless ($matched); # therefore: true == exists ($db->{$hash_in}
274 next unless (! defined ($db->{$hash_in}));
277 elsif ($mode == 2100)
280 my $index1 = index ($line, "\$DCC2\$");
282 next if $index1 != 0;
285 my $index2 = index ($line, "#", $index1 + 1);
289 $iter = substr ($line, $index1 + 6, $index2 - $index1 - 6);
292 $index1 = index ($line, "#");
296 $hash_in = substr ($line, 0, $index1 + 1);
298 # identify lenghts of both salt and plain
300 my $salt_plain = substr ($line, $index2 + 1);
302 my $num_cols = () = $salt_plain =~ /:/g;
312 foreach (my $i = 0; $i < $num_cols; $i++)
314 $index2 = index ($salt_plain, ":", $start);
318 $start = $index2 + 1;
320 $index3 = rindex ($salt_plain, "#", $index2);
322 $raw_hash = substr ($salt_plain, $index3 + 1, $index2 - $index3 - 1);
323 $salt = substr ($salt_plain, 0, $index3);
324 $word = substr ($salt_plain, $index2 + 1);
326 if (exists ($db->{$hash_in . $salt . "#" .$raw_hash}))
328 $hash_in = $hash_in . $salt . "#" . $raw_hash;
334 next unless ($matched); # therefore: true == exists ($db->{$hash_in}
335 next unless (! defined ($db->{$hash_in}));
337 # salt:hash guaranteed only : because of hex salt
338 elsif ($mode == 7300)
340 # split hash and plain
341 my $index1 = index ($line, ":");
345 $salt = substr ($line, 0, $index1);
347 $salt = pack ("H*", $salt);
349 my $rest = substr ($line, $index1 + 1);
351 my $index2 = index ($rest, ":");
355 $hash_in = substr ($rest, 0, $index2);
357 $word = substr ($rest, $index2 + 1);
359 next unless (exists ($db->{$salt . ":" . $hash_in}) and (! defined ($db->{$hash_in})));
362 elsif ($mode == 8100)
364 # split hash and plain
365 $salt = substr ($line, 1, 8);
367 my $rest = substr ($line, 1 + 8);
369 my $index2 = index ($rest, ":");
373 $hash_in = substr ($rest, 0, $index2);
375 $word = substr ($rest, $index2 + 1);
377 next unless (exists ($db->{"1" . $salt . $hash_in}) and (! defined ($db->{$hash_in})));
379 # base64 and salt embedded SSHA1, salt length = total lenght - 20
382 # split hash and plain
383 my $index = index ($line, ":");
387 $hash_in = substr ($line, 0, $index);
388 $word = substr ($line, $index + 1);
390 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
393 my $plain_base64 = substr ($hash_in, 6);
395 # base64 decode to extract salt
396 my $decoded = decode_base64
($plain_base64);
398 $salt = substr ($decoded, 20);
400 # base64 and salt embedded SSHA512, salt length = total length - 64
401 elsif ($mode == 1711)
403 # split hash and plain
404 my $index = index ($line, ":");
408 $hash_in = substr ($line, 0, $index);
409 $word = substr ($line, $index + 1);
411 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
414 my $plain_base64 = substr ($hash_in, 9);
416 # base64 decode to extract salt
417 my $decoded = decode_base64
($plain_base64);
419 $salt = substr ($decoded, 64);
421 # OSX (first 8 hex chars is salt)
422 # ArubaOS (the signature gets added in gen_hash)
423 elsif ($mode == 122 || $mode == 1722 || $mode == 125)
425 my $index = index ($line, ":");
429 $hash_in = substr ($line, 0, $index);
430 $word = substr ($line, $index + 1);
432 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
434 $salt = substr ($hash_in, 0, 8);
436 # MSSQL (2000, 2005 AND 2012), salt after version number
437 elsif ($mode == 131 || $mode == 132 || $mode == 1731)
439 my $index = index ($line, ":");
443 $hash_in = substr ($line, 0, $index);
444 $word = substr ($line, $index + 1);
446 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
448 $salt = substr ($hash_in, 6, 8);
451 elsif ($mode == 8000)
453 my $index = index ($line, ":");
457 $hash_in = substr ($line, 0, $index);
458 $word = substr ($line, $index + 1);
460 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
462 $salt = substr ($hash_in, 6, 16);
465 elsif ($mode == 141 || $mode == 1441)
467 my $index1 = index ($line, ":");
471 $hash_in = substr ($line, 0, $index1);
472 $word = substr ($line, $index1 + 1);
474 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
476 my $index2 = index ($line, "*", 14);
478 #extract salt from base64
479 my $plain_base64 = substr ($hash_in, 14, $index2 - 14);
481 $salt = decode_base64
($plain_base64);
483 # phpass (first 8 after $P$/$H$ -- or $S$ with drupal7)
484 elsif ($mode == 400 || $mode == 7900)
486 my $index = index ($line, ":");
490 $hash_in = substr ($line, 0, $index);
491 $word = substr ($line, $index + 1);
493 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
495 $salt = substr ($hash_in, 4, 8);
497 # iterations = 2 ^ cost (where cost == $iter)
498 $iter = index ($itoa64_1, substr ($hash_in, 3, 1));
500 # $something$[rounds=iter$]salt$ (get last $, then check iter)
501 elsif ($mode == 500 || $mode == 1600 || $mode == 1800 || $mode == 3300 || $mode == 7400)
503 my $index1 = index ($line, ":", 30);
507 $hash_in = substr ($line, 0, $index1);
508 $word = substr ($line, $index1 + 1);
510 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
512 $index1 = index ($hash_in, ",", 1);
513 my $index2 = index ($hash_in, "\$", 1);
517 if ($index1 < $index2)
523 $param = substr ($hash_in, $index2, 1);
527 # rounds= if available
530 if (substr ($hash_in, $index2, 7) eq "rounds=")
532 my $old_index = $index2;
534 $index2 = index ($hash_in, "\$", $index2 + 1);
538 $iter = substr ($hash_in, $old_index + 7, $index2 - $old_index - 7);
544 my $index3 = rindex ($hash_in, "\$");
548 $salt = substr ($hash_in, $index2, $index3 - $index2);
550 # descrypt (salt in first 2 char)
551 elsif ($mode == 1500)
553 my $index = index ($line, ":");
557 $hash_in = substr ($line, 0, $index);
558 $word = substr ($line, $index + 1);
560 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
562 $salt = substr ($hash_in, 0, 2);
564 # bcrypt $something$something$salt.hash
565 elsif ($mode == 3200)
567 my $index1 = index ($line, ":", 33);
571 $hash_in = substr ($line, 0, $index1);
572 $word = substr ($line, $index1 + 1);
574 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
576 my $index2 = index ($hash_in, "\$", 4);
578 $iter = substr ($hash_in, 4, $index2 - 4);
580 my $plain_base64 = substr ($hash_in, $index2 + 1, 22);
585 for (my $i = 0; $i < length ($plain_base64); $i++)
587 my $char = substr ($plain_base64, $i, 1);
588 $encoded .= substr ($base64, index ($itoa64_2, $char), 1);
591 $salt = decode_base64
($encoded);
594 elsif ($mode == 4800)
596 my $index1 = index ($line, ":");
600 my $index2 = index ($line, ":", $index1 + 1);
604 my $index3 = index ($line, ":", $index2 + 1);
608 $salt = substr ($line, $index1 + 1, $index3 - $index1 - 1);
610 $word = substr ($line, $index3 + 1);
612 $hash_in = substr ($line, 0, $index3);
615 elsif ($mode == 5300 || $mode == 5400)
617 my $num_cols = () = $line =~ /:/g;
619 next unless ($num_cols >= 9);
624 for (my $j = 0; $j < 9; $j++)
626 $index1 = index ($line, ":", $index1 + 1);
637 $word = substr ($line, $index1 + 1);
639 $hash_in = substr ($line, 0, $index1);
641 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
643 my $index2 = rindex ($line, ":", $index1 - 1);
645 $salt = substr ($line, 0, $index2);
648 elsif ($mode == 5500)
650 my $index1 = index ($line, "::");
654 my $index2 = index ($line, ":", $index1 + 2);
658 $index2 = index ($line, ":", $index2 + 1);
662 $salt = substr ($line, 0, $index2);
664 $index2 = index ($line, ":", $index2 + 1);
668 $salt .= substr ($line, $index2 + 1, 16);
670 $index2 = index ($line, ":", $index2 + 1);
674 $hash_in = substr ($line, 0, $index2);
676 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
678 $word = substr ($line, $index2 + 1);
681 elsif ($mode == 5600)
683 my $index1 = index ($line, "::");
687 my $index2 = index ($line, ":", $index1 + 2);
691 $index2 = index ($line, ":", $index2 + 1);
695 $salt = substr ($line, 0, $index2);
697 $index1 = index ($line, ":", $index2 + 1);
701 $index2 = index ($line, ":", $index1 + 1);
705 $salt .= substr ($line, $index1 + 1, $index2 - $index1 - 1);
707 $hash_in = substr ($line, 0, $index2);
709 # do it later on for this hash mode:
710 # next unless ((exists ($db->{$hash_in}) and (! defined ($db->{$hash_in}))) or (exists ($db->{$mod}) and (! defined ($db->{$mod}))));
712 $word = substr ($line, $index2 + 1);
714 # AIX smd5 something BRACE salt$
715 elsif ($mode == 6300)
717 my $index1 = index ($line, ":");
721 $hash_in = substr ($line, 0, $index1);
722 $word = substr ($line, $index1 + 1);
724 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
726 my $index2 = index ($hash_in, "}");
727 my $index3 = rindex ($hash_in, "\$");
729 $salt = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
731 # AIX: something$salt$ (no $ at position 1)
732 elsif ($mode == 6400 || $mode == 6500 || $mode == 6700)
734 my $index1 = index ($line, ":");
738 $hash_in = substr ($line, 0, $index1);
739 $word = substr ($line, $index1 + 1);
741 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
743 my $index2 = index ($hash_in, "}");
744 my $index3 = index ($hash_in, "\$");
745 my $index4 = rindex ($hash_in, "\$");
747 $salt = substr ($hash_in, $index3 + 1, $index4 - $index3 - 1);
749 $iter = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
751 # 1Password, agilekeychain
752 elsif ($mode == 6600)
754 my $num_cols = () = $line =~ /:/g;
756 next unless ($num_cols > 2);
758 my $index1 = index ($line, ":");
762 $iter = substr ($line, 0, $index1);
764 my $index2 = index ($line, ":", $index1 + 1);
768 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
770 $index1 = index ($line, ":", $index2 + 1);
774 $salt .= substr ($line, $index2 + 1, $index1 - $index2 - 33);
776 $hash_in = substr ($line, 0, $index1);
778 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
780 $word = substr ($line, $index1 + 1);
782 # 1Password, cloudkeychain
783 elsif ($mode == 8200)
785 my @datas = split (":", $line);
787 next if scalar @datas < 4;
789 my $hash = shift @datas;
790 $salt = shift @datas;
791 $iter = shift @datas;
792 my $data = shift @datas;
794 $hash_in = $hash . ":" . $salt . ":" . $iter . ":" . $data;
798 $word = join (":", @datas);
800 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
802 # lastpass (hash:iter:salt)
803 elsif ($mode == 6800)
805 my $index1 = index ($line, ":", 34);
809 $hash_in = substr ($line, 0, $index1);
811 # identify lenghts of both salt and plain
813 my $salt_plain = substr ($line, $index1 + 1);
815 my $num_cols = () = $salt_plain =~ /:/g;
824 foreach (my $i = 0; $i < $num_cols; $i++)
826 $index2 = index ($salt_plain, ":", $start);
830 $start = $index2 + 1;
832 $salt = substr ($salt_plain, 0, $index2);
833 $word = substr ($salt_plain, $index2 + 1);
835 # can't be true w/ wrong $hash:$salt, otherwise the
836 # algo must have many collisions
838 if (exists ($db->{$hash_in . ":" . $salt}))
840 $hash_in = $hash_in . ":" . $salt;
846 next unless ($matched); # therefore: true == exists ($db->{$hash_in}
847 next unless (! defined ($db->{$hash_in}));
849 $index1 = index ($hash_in, ":");
850 $index2 = index ($hash_in, ":", $index1 + 1);
852 $iter = substr ($hash_in, $index1 + 1, $index2 - $index1 - 1);
853 $salt = substr ($hash_in, $index2 + 1);
855 # OSX 10.* : $something$iter$salt$
856 elsif ($mode == 7100)
858 my $index1 = index ($line, ":");
862 $hash_in = substr ($line, 0, $index1);
863 $word = substr ($line, $index1 + 1);
865 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
867 my $index2 = index ($hash_in, "\$", 5);
871 my $index3 = index ($hash_in, "\$", $index2 + 1);
873 $salt = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
875 $iter = substr ($hash_in, 4, $index2 - 4);
877 next if (int ($iter) < 1);
879 # grub: something1.something2.something3.iter.salt.
880 elsif ($mode == 7200)
882 my $index1 = index ($line, ":");
886 $hash_in = substr ($line, 0, $index1);
887 $word = substr ($line, $index1 + 1);
889 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
891 my $index2 = index ($hash_in, ".", 19);
895 my $index3 = index ($hash_in, ".", $index2 + 1);
897 $salt = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
899 $iter = substr ($hash_in, 19, $index2 - 19);
901 next if (int ($iter) < 1);
903 # $something1$something2$something3$something4$salt$
904 elsif ($mode == 7500 )
906 my $index1 = index ($line, "\$", 11);
910 my $index2 = index ($line, "\$", $index1 + 1);
914 my $index3 = index ($line, "\$", $index2 + 1);
918 $index2 = index ($line, ":", $index3 + 1);
922 $hash_in = substr ($line, 0, $index2);
923 $word = substr ($line, $index2 + 1);
925 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
927 $salt = substr ($hash_in, 11, $index3 - 10);
928 $salt .= substr ($hash_in, $index2 - 32) . "\$\$";
929 $salt .= substr ($hash_in, $index3 + 1, $index2 - $index3 - 32 - 1);
932 elsif ($mode == 7700 || $mode == 7800)
934 my $index1 = index ($line, ":");
938 my @split1 = split (":", $line);
940 my @split2 = split ('\$', $split1[0]);
942 next unless scalar @split2 == 2;
944 $hash_in = $split1[0];
946 if (scalar @split1 > 1)
955 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
960 elsif ($mode == 8300)
962 my @datas = split (":", $line);
964 next if scalar @datas != 5;
969 ($hash, $domain, $salt, $iter, $word) = @datas;
971 $hash_in = $hash . ":" . $domain . ":" . $salt . ":" . $iter;
973 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
975 $salt = $domain . ":" . $salt;
978 elsif ($mode == 8500)
980 my @line_elements = split (":", $line);
982 next if scalar @line_elements < 2;
986 $hash_in = shift @line_elements;
988 $word = join (":", @line_elements);
992 my @hash_elements = split ('\*', $hash_in);
994 next unless ($hash_elements[0] eq '$racf$');
996 $salt = $hash_elements[1];
998 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1001 elsif ($mode == 8700)
1003 # split hash and plain
1004 my $index = index ($line, ":");
1008 $hash_in = substr ($line, 0, $index);
1009 $word = substr ($line, $index + 1);
1011 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1013 my $plain_base64 = substr ($hash_in, 2, -1);
1015 ($_, $salt, $param) = domino_decode
($plain_base64);
1018 elsif ($mode == 2612)
1020 next unless (substr ($line, 0, 6) eq '$PHPS$');
1023 my $index1 = index ($line, "\$", 6);
1025 next if $index1 < 1;
1027 $salt = substr ($line, 6, $index1 - 6);
1029 $salt = pack ("H*", $salt);
1031 my $index2 = index ($line, "\:", $index1 + 1);
1033 next if $index2 < 1;
1035 $word = substr ($line, $index2 + 1);
1037 $hash_in = substr ($line, 0, $index2);
1039 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1042 elsif ($mode == 3711)
1044 next unless (substr ($line, 0, 3) eq '$B$');
1047 my $index1 = index ($line, "\$", 3);
1049 next if $index1 < 1;
1051 $salt = substr ($line, 3, $index1 - 3);
1053 my $index2 = index ($line, ":", $index1 + 1);
1055 next if $index2 < 1;
1057 $word = substr ($line, $index2 + 1);
1059 $hash_in = substr ($line, 0, $index2);
1061 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1064 elsif ($mode == 8900)
1066 next unless (substr ($line, 0, 7) eq 'SCRYPT:');
1069 my $index1 = index ($line, ":", 7);
1071 next if $index1 < 1;
1074 my $N = substr ($line, 7, $index1 - 7);
1076 my $index2 = index ($line, ":", $index1 + 1);
1078 next if $index2 < 1;
1081 my $r = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1083 $index1 = index ($line, ":", $index2 + 1);
1085 next if $index1 < 1;
1088 my $p = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1094 $index2 = index ($line, ":", $index1 + 1);
1096 next if $index2 < 1;
1099 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1101 $salt = decode_base64
($salt);
1103 $index1 = index ($line, ":", $index2 + 1);
1105 next if $index1 < 1;
1109 $word = substr ($line, $index1 + 1);
1110 $hash_in = substr ($line, 0, $index1);
1112 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1115 elsif ($mode == 9100)
1117 # split hash and plain
1118 my $index = index ($line, ":");
1122 $hash_in = substr ($line, 0, $index);
1123 $word = substr ($line, $index + 1);
1125 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1127 my $base64_part = substr ($hash_in, 2, -1);
1129 ($_, $salt, $iter, $param) = domino_85x_decode
($base64_part);
1131 next if ($iter < 1);
1133 # Cisco $8$ - PBKDF2-HMAC-SHA256
1134 elsif ($mode == 9200)
1136 next unless (substr ($line, 0, 3) eq '$8$');
1139 my $index1 = index ($line, "\$", 3);
1141 next if $index1 != 17;
1143 my $index2 = index ($line, "\$", $index1 + 1);
1146 $salt = substr ($line, 3, $index1 - 3);
1148 $index1 = index ($line, ":", $index1 + 1);
1150 next if $index1 < 1;
1154 $word = substr ($line, $index1 + 1);
1155 $hash_in = substr ($line, 0, $index1);
1157 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1159 # Cisco $9$ - scrypt
1160 elsif ($mode == 9300)
1162 next unless (substr ($line, 0, 3) eq '$9$');
1165 my $index1 = index ($line, "\$", 3);
1167 next if $index1 != 17;
1169 my $index2 = index ($line, "\$", $index1 + 1);
1172 $salt = substr ($line, 3, $index1 - 3);
1174 $index1 = index ($line, ":", $index1 + 1);
1176 next if $index1 < 1;
1180 $word = substr ($line, $index1 + 1);
1181 $hash_in = substr ($line, 0, $index1);
1183 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1186 elsif ($mode == 9400)
1188 ($hash_in, $word) = split ":", $line;
1190 next unless defined $hash_in;
1191 next unless defined $word;
1193 my @data = split /\*/, $hash_in;
1195 next unless scalar @data == 8;
1197 next unless (shift @data eq '$office$');
1198 next unless (shift @data eq '2007');
1199 next unless (shift @data eq '20');
1201 my $aes_key_size = shift @data;
1203 next unless (($aes_key_size eq '128') || ($aes_key_size eq '256'));
1204 next unless (shift @data eq '16');
1206 next unless (length $data[0] == 32);
1207 next unless (length $data[1] == 32);
1208 next unless (length $data[2] == 40);
1210 $salt = shift @data;
1211 $param = shift @data;
1212 $param2 = $aes_key_size;
1214 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1217 elsif ($mode == 9500)
1219 ($hash_in, $word) = split ":", $line;
1221 next unless defined $hash_in;
1222 next unless defined $word;
1224 my @data = split /\*/, $hash_in;
1226 next unless scalar @data == 8;
1228 next unless (shift @data eq '$office$');
1229 next unless (shift @data eq '2010');
1230 next unless (shift @data eq '100000');
1231 next unless (shift @data eq '128');
1232 next unless (shift @data eq '16');
1234 next unless (length $data[0] == 32);
1235 next unless (length $data[1] == 32);
1236 next unless (length $data[2] == 64);
1238 $salt = shift @data;
1239 $param = shift @data;
1241 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1244 elsif ($mode == 9600)
1246 ($hash_in, $word) = split ":", $line;
1248 next unless defined $hash_in;
1249 next unless defined $word;
1251 my @data = split /\*/, $hash_in;
1253 next unless scalar @data == 8;
1255 next unless (shift @data eq '$office$');
1256 next unless (shift @data eq '2013');
1257 next unless (shift @data eq '100000');
1258 next unless (shift @data eq '256');
1259 next unless (shift @data eq '16');
1261 next unless (length $data[0] == 32);
1262 next unless (length $data[1] == 32);
1263 next unless (length $data[2] == 64);
1265 $salt = shift @data;
1266 $param = shift @data;
1268 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1271 elsif ($mode == 9700)
1273 ($hash_in, $word) = split ":", $line;
1275 next unless defined $hash_in;
1276 next unless defined $word;
1278 my @data = split /\*/, $hash_in;
1280 next unless scalar @data == 4;
1282 my $signature = shift @data;
1284 next unless (($signature eq '$oldoffice$0') || ($signature eq '$oldoffice$1'));
1286 next unless (length $data[0] == 32);
1287 next unless (length $data[1] == 32);
1288 next unless (length $data[2] == 32);
1290 $salt = shift @data;
1291 $param = shift @data;
1292 $param2 = substr ($signature, 11, 1);
1294 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1297 elsif ($mode == 9800)
1299 ($hash_in, $word) = split ":", $line;
1301 next unless defined $hash_in;
1302 next unless defined $word;
1304 my @data = split /\*/, $hash_in;
1306 next unless scalar @data == 4;
1308 my $signature = shift @data;
1310 next unless (($signature eq '$oldoffice$3') || ($signature eq '$oldoffice$4'));
1312 next unless (length $data[0] == 32);
1313 next unless (length $data[1] == 32);
1314 next unless (length $data[2] == 40);
1316 $salt = shift @data;
1317 $param = shift @data;
1318 $param2 = substr ($signature, 11, 1);
1320 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1322 # Django (PBKDF2-SHA256)
1323 elsif ($mode == 10000)
1325 next unless (substr ($line, 0, 14) eq 'pbkdf2_sha256$');
1328 my $index1 = index ($line, "\$", 14);
1330 next if $index1 < 1;
1332 my $index2 = index ($line, "\$", $index1 + 1);
1336 $iter = substr ($line, 14, $index1 - 14);
1340 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1344 $index1 = index ($line, ":", $index2 + 1);
1346 next if $index1 < 1;
1348 $word = substr ($line, $index1 + 1);
1349 $hash_in = substr ($line, 0, $index1);
1351 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1354 elsif ($mode == 10100)
1358 ($hash, undef, undef, $salt, $word) = split ":", $line;
1360 next unless defined $hash;
1361 next unless defined $salt;
1362 next unless defined $word;
1364 next unless (length $hash == 16);
1365 next unless (length $salt == 32);
1367 my $hash_in = sprintf ("%s:2:4:%s", $hash, $salt);
1369 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1372 elsif ($mode == 10200)
1374 next unless (substr ($line, 0, 10) eq '$cram_md5$');
1377 my $index1 = index ($line, "\$", 10);
1379 next if $index1 < 1;
1383 my $challengeb64 = substr ($line, 10, $index1 - 10);
1384 $salt = decode_base64
($challengeb64);
1388 my $index2 = index ($line, ":", $index1 + 1);
1390 next if $index2 < 1;
1392 my $responseb64 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1393 my $response = decode_base64
($responseb64);
1395 $param = substr ($response, 0, length ($response) - 32 - 1); # -1 is for space
1397 $word = substr ($line, $index2 + 1);
1398 $hash_in = substr ($line, 0, $index2);
1400 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1402 # SAP CODVN H (PWDSALTEDHASH) iSSHA-1
1403 elsif ($mode == 10300)
1405 next unless (substr ($line, 0, 10) eq '{x-issha, ');
1409 my $index1 = index ($line, "}", 10);
1411 next if $index1 < 1;
1413 $iter = substr ($line, 10, $index1 - 10);
1415 $iter = int ($iter);
1419 my $base64_encoded = substr ($line, $index1 + 1);
1420 my $base64_decoded = decode_base64
($base64_encoded);
1422 $salt = substr ($base64_decoded, 20);
1424 my $index2 = index ($line, ":", $index1 + 1);
1426 next if $index2 < 1;
1428 $word = substr ($line, $index2 + 1);
1429 $hash_in = substr ($line, 0, $index2);
1431 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1433 # PDF 1.1 - 1.3 (Acrobat 2 - 4)
1434 elsif ($mode == 10400)
1436 ($hash_in, $word) = split ":", $line;
1438 next unless defined $hash_in;
1439 next unless defined $word;
1441 my @data = split /\*/, $hash_in;
1443 next unless scalar @data == 11;
1445 next unless (shift @data eq '$pdf$1');
1446 next unless (shift @data eq '2');
1447 next unless (shift @data eq '40');
1448 my $P = shift @data;
1449 next unless (shift @data eq '0');
1450 next unless (shift @data eq '16');
1451 my $id = shift @data;
1452 next unless (shift @data eq '32');
1453 my $u = shift @data;
1454 next unless (shift @data eq '32');
1455 my $o = shift @data;
1462 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1464 # PDF 1.4 - 1.6 (Acrobat 5 - 8)
1465 elsif ($mode == 10500)
1467 ($hash_in, $word) = split ":", $line;
1469 next unless defined $hash_in;
1470 next unless defined $word;
1472 my @data = split /\*/, $hash_in;
1474 next unless scalar @data == 11;
1476 my $V = shift @data; $V = substr ($V, 5, 1);
1477 my $R = shift @data;
1478 next unless (shift @data eq '128');
1479 my $P = shift @data;
1480 my $enc = shift @data;
1481 next unless (shift @data eq '16');
1482 my $id = shift @data;
1483 next unless (shift @data eq '32');
1484 my $u = shift @data;
1485 next unless (shift @data eq '32');
1486 my $o = shift @data;
1496 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1498 # PDF 1.7 Level 3 (Acrobat 9)
1499 elsif ($mode == 10600)
1501 ($hash_in, $word) = split ":", $line;
1503 next unless defined $hash_in;
1504 next unless defined $word;
1506 my @data = split /\*/, $hash_in;
1508 next unless scalar @data >= 11;
1510 next unless (shift @data eq '$pdf$5');
1511 next unless (shift @data eq '5');
1512 next unless (shift @data eq '256');
1513 next unless (shift @data eq '-1028');
1514 next unless (shift @data eq '1');
1515 next unless (shift @data eq '16');
1516 my $id = shift @data;
1517 my $rest = join "*", @data;
1522 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1524 # PDF 1.7 Level 8 (Acrobat 10 - 11)
1525 elsif ($mode == 10700)
1527 ($hash_in, $word) = split ":", $line;
1529 next unless defined $hash_in;
1530 next unless defined $word;
1532 my @data = split /\*/, $hash_in;
1534 next unless scalar @data >= 11;
1536 next unless (shift @data eq '$pdf$5');
1537 next unless (shift @data eq '6');
1538 next unless (shift @data eq '256');
1539 next unless (shift @data eq '-1028');
1540 next unless (shift @data eq '1');
1541 next unless (shift @data eq '16');
1542 my $id = shift @data;
1543 my $rest = join "*", @data;
1548 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1550 # PBKDF2-HMAC-SHA256
1551 elsif ($mode == 10900)
1553 next unless (substr ($line, 0, 7) eq 'sha256:');
1556 my $index1 = index ($line, ":", 7);
1558 next if $index1 < 1;
1560 $iter = substr ($line, 7, $index1 - 7);
1564 my $index2 = index ($line, ":", $index1 + 1);
1566 next if $index2 < 1;
1568 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1570 $salt = decode_base64
($salt);
1574 $index1 = index ($line, ":", $index2 + 1);
1576 next if $index1 < 1;
1578 # additional param = output len of pbkdf2
1580 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1582 my $digest = decode_base64
($digest64_encoded);
1584 $param = length ($digest);
1588 $word = substr ($line, $index1 + 1);
1589 $hash_in = substr ($line, 0, $index1);
1591 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1593 # PostgreSQL MD5 Authentication
1594 elsif ($mode == 11100)
1596 next unless (substr ($line, 0, 10) eq '$postgres$');
1598 my $index1 = index ($line, "*", 10);
1600 next if $index1 < 1;
1604 $param = substr ($line, 10, $index1 - 10);
1606 # get the 4 byte salt
1608 my $index2 = index ($line, "*", $index1 + 1);
1610 next if $index2 < 1;
1612 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1616 $index1 = index ($line, ":", $index2 + 1);
1618 next if $index1 < 1;
1620 $word = substr ($line, $index1 + 1);
1621 $hash_in = substr ($line, 0, $index1);
1623 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1625 # MySQL MD5 Authentication
1626 elsif ($mode == 11200)
1628 next unless (substr ($line, 0, 9) eq '$mysqlna$');
1630 my $index1 = index ($line, "*", 9);
1632 next if $index1 < 1;
1636 $salt = substr ($line, 9, $index1 - 9);
1640 $index1 = index ($line, ":", $index1 + 1);
1642 next if $index1 < 1;
1644 $word = substr ($line, $index1 + 1);
1645 $hash_in = substr ($line, 0, $index1);
1647 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1650 elsif ($mode == 2500)
1652 print "ERROR: verify currently not supported for WPA/WPA2 (because of oclHashcat's output format)\n";
1656 # Bitcoin/Litecoin wallet.dat
1657 elsif ($mode == 11300)
1659 print "ERROR: verify currently not supported for Bitcoin/Litecoin wallet.dat because of unknown crypt data\n";
1663 # SIP digest authentication (MD5)
1664 elsif ($mode == 11400)
1666 next unless (substr ($line, 0, 6) eq '$sip$*');
1670 my $index1 = index ($line, "*", 6);
1672 next if $index1 < 0;
1674 $param10 = substr ($line, 6, $index1 - 6);
1676 next if (length ($param10) > 32);
1680 my $index2 = index ($line, "*", $index1 + 1);
1682 next if $index2 < 0;
1684 $param11 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1686 next if (length ($param11) > 32);
1690 $index1 = index ($line, "*", $index2 + 1);
1692 next if $index1 < 0;
1694 $param = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1696 next if (length ($param) > 12);
1700 $index2 = index ($line, "*", $index1 + 1);
1702 next if $index2 < 0;
1704 $param2 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1706 next if (length ($param2) > 20);
1710 $index1 = index ($line, "*", $index2 + 1);
1712 next if $index1 < 0;
1714 $param6 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1716 next if (length ($param6) > 24);
1720 $index2 = index ($line, "*", $index1 + 1);
1722 next if $index2 < 0;
1724 $param7 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1726 next if (length ($param7) > 10);
1730 $index1 = index ($line, "*", $index2 + 1);
1732 next if $index1 < 0;
1734 $param8 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1736 next if (length ($param8) > 32);
1740 $index2 = index ($line, "*", $index1 + 1);
1742 next if $index2 < 0;
1744 $param9 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1746 next if (length ($param9) > 32);
1750 $index1 = index ($line, "*", $index2 + 1);
1752 next if $index1 < 0;
1754 $salt = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1756 next if (length ($salt) > 34);
1760 $index2 = index ($line, "*", $index1 + 1);
1762 next if $index2 < 0;
1764 $param4 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1766 next if (length ($param4) > 12);
1770 $index1 = index ($line, "*", $index2 + 1);
1772 next if $index1 < 0;
1774 $param3 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1776 next if (length ($param3) > 10);
1780 $index2 = index ($line, "*", $index1 + 1);
1782 next if $index2 < 0;
1784 $param5 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1786 next if (length ($param5) > 8);
1790 $index1 = index ($line, "*", $index2 + 1);
1792 next if $index1 < 0;
1794 my $directive = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1796 next unless ($directive eq "MD5");
1800 $index2 = index ($line, ":", $index1 + 1);
1802 next if $index2 < 0;
1804 my $hex_digest = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1806 next unless (length ($hex_digest) == 32);
1808 $word = substr ($line, $index2 + 1);
1809 $hash_in = substr ($line, 0, $index2);
1811 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1814 elsif ($mode == 11600)
1816 next unless (substr ($line, 0, 4) eq '$7z$');
1820 my $index1 = index ($line, '$', 4);
1822 next if $index1 < 0;
1824 my $p = substr ($line, 4, $index1 - 4);
1826 next unless ($p eq "0");
1830 my $index2 = index ($line, '$', $index1 + 1);
1832 next if $index2 < 0;
1834 $iter = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1836 # seven zip salt length
1838 $index1 = index ($line, '$', $index2 + 1);
1840 next if $index1 < 0;
1842 $param = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1846 $index2 = index ($line, '$', $index1 + 1);
1848 next if $index2 < 0;
1850 $param2 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1854 $index1 = index ($line, '$', $index2 + 1);
1856 next if $index1 < 0;
1858 $param3 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1862 $index2 = index ($line, '$', $index1 + 1);
1864 next if $index2 < 0;
1866 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1868 $salt = pack ("H*", $salt);
1872 $index1 = index ($line, '$', $index2 + 1);
1874 next if $index1 < 0;
1876 my $crc = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1878 # ignore this crc, we don't need to pass it to gen_hash ()
1882 $index2 = index ($line, '$', $index1 + 1);
1884 next if $index2 < 0;
1886 $param4 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1890 $index1 = index ($line, '$', $index2 + 1);
1892 next if $index1 < 0;
1894 $param5 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1898 $index2 = index ($line, ':', $index1 + 1);
1900 next if $index2 < 0;
1902 $param6 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1903 $param6 = pack ("H*", $param6);
1905 $word = substr ($line, $index2 + 1);
1906 $hash_in = substr ($line, 0, $index2);
1908 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1911 elsif ($mode == 11900)
1913 next unless (substr ($line, 0, 4) eq 'md5:');
1916 my $index1 = index ($line, ":", 4);
1918 next if $index1 < 1;
1920 $iter = substr ($line, 4, $index1 - 4);
1924 my $index2 = index ($line, ":", $index1 + 1);
1926 next if $index2 < 1;
1928 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1930 $salt = decode_base64
($salt);
1934 $index1 = index ($line, ":", $index2 + 1);
1936 next if $index1 < 1;
1938 # additional param = output len of pbkdf2
1940 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1942 my $digest = decode_base64
($digest64_encoded);
1944 $param = length ($digest);
1948 $word = substr ($line, $index1 + 1);
1949 $hash_in = substr ($line, 0, $index1);
1951 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1954 elsif ($mode == 12000)
1956 next unless (substr ($line, 0, 5) eq 'sha1:');
1959 my $index1 = index ($line, ":", 5);
1961 next if $index1 < 1;
1963 $iter = substr ($line, 5, $index1 - 5);
1967 my $index2 = index ($line, ":", $index1 + 1);
1969 next if $index2 < 1;
1971 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1973 $salt = decode_base64
($salt);
1977 $index1 = index ($line, ":", $index2 + 1);
1979 next if $index1 < 1;
1981 # additional param = output len of pbkdf2
1983 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1985 my $digest = decode_base64
($digest64_encoded);
1987 $param = length ($digest);
1991 $word = substr ($line, $index1 + 1);
1992 $hash_in = substr ($line, 0, $index1);
1994 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1996 # PBKDF2-HMAC-SHA512
1997 elsif ($mode == 12100)
1999 next unless (substr ($line, 0, 7) eq 'sha512:');
2002 my $index1 = index ($line, ":", 7);
2004 next if $index1 < 1;
2006 $iter = substr ($line, 7, $index1 - 7);
2010 my $index2 = index ($line, ":", $index1 + 1);
2012 next if $index2 < 1;
2014 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
2016 $salt = decode_base64
($salt);
2020 $index1 = index ($line, ":", $index2 + 1);
2022 next if $index1 < 1;
2024 # additional param = output len of pbkdf2
2026 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
2028 my $digest = decode_base64
($digest64_encoded);
2030 $param = length ($digest);
2034 $word = substr ($line, $index1 + 1);
2035 $hash_in = substr ($line, 0, $index1);
2037 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2040 elsif ($mode == 12200)
2042 next unless (substr ($line, 0, 12) eq '$ecryptfs$0$');
2044 # check if default salt
2048 $param = 0 if (substr ($line, 12, 2) eq '1$');
2056 if ($param == 0) # we need to extract the salt
2058 $index1 = index ($line, '$', $index1);
2060 next if $index1 < 1;
2062 my $index2 = index ($line, '$', $index1 + 1);
2064 next if $index2 < 1;
2066 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
2071 $index1 = index ($line, ':', $index1 + 1);
2073 next if $index1 < 1;
2077 $word = substr ($line, $index1 + 1);
2078 $hash_in = substr ($line, 0, $index1);
2080 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2082 # Oracle T: Type (Oracle 12+)
2083 elsif ($mode == 12300)
2085 my $index1 = index ($line, ':');
2087 next if ($index1 != 160);
2091 $salt = substr ($line, 128, 32);
2095 $word = substr ($line, $index1 + 1);
2096 $hash_in = substr ($line, 0, $index1);
2098 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2100 # BSDiCrypt, Extended DES
2101 elsif ($mode == 12400)
2103 next unless (substr ($line, 0, 1) eq '_');
2105 my $index1 = index ($line, ':', 20);
2107 next if ($index1 != 20);
2111 $iter = substr ($line, 1, 4);
2113 $iter = base64_to_int24
($iter);
2117 $salt = substr ($line, 5, 4);
2121 $word = substr ($line, $index1 + 1);
2122 $hash_in = substr ($line, 0, $index1);
2124 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2126 # Blockchain, My Wallet
2127 elsif ($mode == 12700)
2129 my $index1 = index ($line, ':');
2131 next if ($index1 < 0);
2133 $hash_in = substr ($line, 0, $index1);
2134 $word = substr ($line, $index1 + 1);
2136 my (undef, $signature, $data_len, $data_buf) = split '\$', $hash_in;
2138 next unless ($signature eq "blockchain");
2140 next unless (($data_len * 2) == length $data_buf);
2142 $salt = substr ($data_buf, 0, 32);
2143 $param = substr ($data_buf, 32);
2145 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2147 elsif ($mode == 12800)
2149 ($hash_in, $word) = split ":", $line;
2151 next unless defined $hash_in;
2152 next unless defined $word;
2154 my @data = split /\,/, $hash_in;
2156 next unless scalar @data == 4;
2158 next unless (shift @data eq 'v1;PPH1_MD4');
2160 $salt = shift @data;
2161 $iter = shift @data;
2163 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2165 elsif ($mode == 12900)
2167 ($hash_in, $word) = split ":", $line;
2169 next unless defined $hash_in;
2170 next unless defined $word;
2172 next unless length $hash_in == 160;
2174 $param = substr ($hash_in, 0, 64);
2175 $salt = substr ($hash_in, 128, 32);
2178 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2180 elsif ($mode == 13000)
2184 ($hash_line, $word) = split ":", $line;
2186 next unless defined $hash_line;
2187 next unless defined $word;
2189 my @data = split ('\$', $hash_line);
2191 next unless scalar @data == 8;
2195 my $signature = shift @data;
2196 my $salt_len = shift @data;
2197 my $salt_buf = shift @data;
2198 my $iterations = shift @data;
2199 my $iv = shift @data;
2200 my $pswcheck_len = shift @data;
2201 my $pswcheck = shift @data;
2203 next unless ($signature eq "rar5");
2204 next unless ($salt_len == 16);
2205 next unless ($pswcheck_len == 8);
2208 $iter = $iterations;
2209 $hash_in = $pswcheck;
2212 next unless (exists ($db->{$hash_line}) and (! defined ($db->{$hash_line})));
2214 elsif ($mode == 13100 )
2216 ($hash_in, $word) = split ":", $line;
2218 next unless defined $hash_in;
2219 next unless defined $word;
2221 my @data = split ('\$', $hash_in);
2223 next unless scalar @data == 8;
2227 my $signature = shift @data;
2228 my $algorithm = shift @data;
2229 my $user = shift @data;
2230 $user = substr ($user, 1);
2231 my $realm = shift @data;
2232 my $spn = shift @data;
2233 $spn = substr ($spn, 0, length ($spn) - 1);
2234 my $checksum = shift @data;
2235 my $edata2 = shift @data;
2237 next unless ($signature eq "krb5tgs");
2238 next unless (length ($checksum) == 32);
2239 next unless (length ($edata2) >= 64);
2241 $salt = $user . '$' . $realm . '$' . $spn . '$' . substr ($edata2, 0, 16);
2243 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2245 elsif ($mode == 13200)
2247 ($hash_in, $word) = split ":", $line;
2249 next unless defined $hash_in;
2250 next unless defined $word;
2252 my @data = split ('\*', $hash_in);
2254 next unless scalar @data == 5;
2258 my $signature = shift @data;
2259 my $version = shift @data;
2260 my $iteration = shift @data;
2261 my $mysalt = shift @data;
2262 my $digest = shift @data;
2264 next unless ($signature eq '$axcrypt$');
2265 next unless (length ($mysalt) == 32);
2266 next unless (length ($digest) == 48);
2268 $salt = $iteration . '*' . $mysalt;
2270 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2272 elsif ($mode == 13300)
2274 ($hash_in, $word) = split ":", $line;
2276 next unless defined $hash_in;
2277 next unless defined $word;
2279 my @data = split ('\$', $hash_in);
2281 next unless scalar @data == 2;
2285 my $signature = shift @data;
2286 my $digest = shift @data;
2288 next unless ($signature eq '$axcrypt_sha1');
2289 next unless (length ($digest) == 32 || length ($digest) == 40);
2291 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2293 elsif ($mode == 13400)
2295 ($hash_in, $word) = split ":", $line;
2297 next unless defined $hash_in;
2298 next unless defined $word;
2300 my @data = split ('\*', $hash_in);
2302 next unless (scalar @data == 9
2303 || scalar @data == 11
2304 || scalar @data == 12
2305 || scalar @data == 14);
2307 my $signature = shift @data;
2308 next unless ($signature eq '$keepass$');
2310 my $version = shift @data;
2311 next unless ($version == 1 || $version == 2);
2313 my $iteration = shift @data;
2315 my $algorithm = shift @data;
2317 my $final_random_seed = shift @data;
2321 next unless (length ($final_random_seed) == 32);
2323 elsif ($version == 2)
2325 next unless (length ($final_random_seed) == 64);
2328 my $transf_random_seed = shift @data;
2329 next unless (length ($transf_random_seed) == 64);
2331 my $enc_iv = shift @data;
2332 next unless (length ($enc_iv) == 32);
2336 my $contents_hash = shift @data;
2337 next unless (length ($contents_hash) == 64);
2339 my $inline_flags = shift @data;
2340 next unless ($inline_flags == 1);
2342 my $contents_len = shift @data;
2344 my $contents = shift @data;
2345 next unless (length ($contents) == $contents_len * 2);
2347 elsif ($version == 2)
2349 my $expected_bytes = shift @data;
2350 next unless (length ($expected_bytes) == 64);
2352 my $contents_hash = shift @data;
2353 next unless (length ($contents_hash) == 64);
2356 if (scalar @data == 12 || scalar @data == 14)
2358 my $inline_flags = shift @data;
2359 next unless ($inline_flags == 1);
2361 my $keyfile_len = shift @data;
2362 next unless ($keyfile_len == 64);
2364 my $keyfile = shift @data;
2365 next unless (length ($keyfile) == $keyfile_len);
2368 $salt = substr ($hash_in, length ("*keepass*") + 1, length ($hash_in));
2370 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2374 print "ERROR: hash mode is not supported\n";
2379 if ($word =~ m/^\$HEX\[[0-9a-fA-F]*\]$/)
2381 $word = pack ("H*", substr ($word, 5, -1));
2384 # finally generate the hash
2389 # check both variations
2390 $hash_out = gen_hash
($mode, $word, $salt, $iter, 1);
2392 $len = length $hash_out; # == length $alternative
2394 if (substr ($line, 0, $len) ne $hash_out)
2396 my $alternative = gen_hash
($mode, $word, $salt, $iter, 2);
2398 return unless (substr ($line, 0, $len) eq $alternative);
2401 elsif ($mode == 8700)
2403 $hash_out = gen_hash
($mode, $word, $salt, 0, $param);
2405 $len = length $hash_out;
2407 return unless (substr ($line, 0, $len) eq $hash_out);
2409 elsif ($mode == 8900)
2411 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2, $param3);
2413 $len = length $hash_out;
2415 return unless (substr ($line, 0, $len) eq $hash_out);
2417 elsif ($mode == 9100)
2419 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2421 $len = length $hash_out;
2423 return unless (substr ($line, 0, $len) eq $hash_out);
2425 elsif ($mode == 190)
2427 $hash_out = gen_hash
($mode, $word, $salt, $iter, 0);
2429 $len = length $hash_out; # == length $alternative
2431 if (substr ($line, 0, $len) ne $hash_out)
2433 my $alternative = gen_hash
($mode, $word, $salt, $iter, 1);
2435 return unless (substr ($line, 0, $len) eq $alternative);
2438 elsif ($mode == 3300)
2440 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2442 $len = length $hash_out;
2444 return unless (substr ($line, 0, $len) eq $hash_out);
2446 elsif ($mode == 5100)
2448 # check 3 variants (start, middle, end)
2452 $hash_out = gen_hash
($mode, $word, $salt, $iter, $idx++);
2454 $len = length $hash_out; # == length $alternative
2456 if (substr ($line, 0, $len) ne $hash_out)
2458 my $alternative = gen_hash
($mode, $word, $salt, $iter, $idx++);
2460 if (substr ($line, 0, $len) ne $alternative)
2462 my $alternative = gen_hash
($mode, $word, $salt, $iter, $idx++);
2464 return unless (substr ($line, 0, $len) eq $alternative);
2468 elsif ($mode == 9400)
2470 $hash_out = gen_hash
($mode, $word, $salt, 50000, $param, $param2);
2472 $len = length $hash_out;
2474 return unless (substr ($line, 0, $len) eq $hash_out);
2476 elsif ($mode == 9500)
2478 $hash_out = gen_hash
($mode, $word, $salt, 100000, $param);
2480 $len = length $hash_out;
2482 return unless (substr ($line, 0, $len) eq $hash_out);
2484 elsif ($mode == 9600)
2486 $hash_out = gen_hash
($mode, $word, $salt, 100000, $param);
2488 $len = length $hash_out;
2490 return unless (substr ($line, 0, $len) eq $hash_out);
2492 elsif ($mode == 9700)
2494 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2);
2496 $len = length $hash_out;
2498 return unless (substr ($line, 0, $len) eq $hash_out);
2500 elsif ($mode == 9800)
2502 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2);
2504 $len = length $hash_out;
2506 return unless (substr ($line, 0, $len) eq $hash_out);
2508 elsif ($mode == 10400)
2510 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2, $param3);
2512 $len = length $hash_out;
2514 return unless (substr ($line, 0, $len) eq $hash_out);
2516 elsif ($mode == 10500)
2518 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2, $param3, $param4, $param5, $param6);
2520 $len = length $hash_out;
2522 return unless (substr ($line, 0, $len) eq $hash_out);
2524 elsif ($mode == 10600)
2526 $hash_out = gen_hash
($mode, $word, $salt, 0, $param);
2528 $len = length $hash_out;
2530 return unless (substr ($line, 0, $len) eq $hash_out);
2532 elsif ($mode == 10700)
2534 $hash_out = gen_hash
($mode, $word, $salt, 0, $param);
2536 $len = length $hash_out;
2538 return unless (substr ($line, 0, $len) eq $hash_out);
2540 elsif ($mode == 10900)
2542 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2544 $len = length $hash_out;
2546 return unless (substr ($line, 0, $len) eq $hash_out);
2548 elsif ($mode == 11100)
2550 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2552 $len = length $hash_out;
2554 return unless (substr ($line, 0, $len) eq $hash_out);
2556 elsif ($mode == 11400)
2558 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param, $param2, $param3, $param4, $param5, $param6, $param7, $param8, $param9, $param10, $param11);
2560 $len = length $hash_out;
2562 return unless (substr ($line, 0, $len) eq $hash_out);
2564 elsif ($mode == 11600)
2566 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param, $param2, $param3, $param4, $param5, $param6);
2568 $len = length $hash_out;
2570 return unless (substr ($line, 0, $len) eq $hash_out);
2572 elsif ($mode == 11900)
2574 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2576 $len = length $hash_out;
2578 return unless (substr ($line, 0, $len) eq $hash_out);
2580 elsif ($mode == 12000)
2582 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2584 $len = length $hash_out;
2586 return unless (substr ($line, 0, $len) eq $hash_out);
2588 elsif ($mode == 12100)
2590 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2592 $len = length $hash_out;
2594 return unless (substr ($line, 0, $len) eq $hash_out);
2596 elsif ($mode == 12200)
2598 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2600 $len = length $hash_out;
2602 return unless (substr ($line, 0, $len) eq $hash_out);
2604 elsif ($mode == 12700)
2606 # this is very special, we can't call gen_hash () because the param part is not always the same
2607 # we only know that it should contain the letters "guid" at the beginning of the decryted string
2609 my $pbkdf2 = Crypt
::PBKDF2
->new (
2610 hash_class
=> 'HMACSHA1',
2615 my $salt_bin = pack ("H*", $salt);
2617 my $key = $pbkdf2->PBKDF2 ($salt_bin, $word);
2619 my $cipher = Crypt
::CBC
->new ({
2621 cipher
=> "Crypt::Rijndael",
2628 my $param_bin = pack ("H*", $param);
2630 my $decrypted = $cipher->decrypt ($param_bin);
2632 my $decrypted_part = substr ($decrypted, 1, 16);
2634 return unless ($decrypted_part =~ /"guid"/);
2636 $hash_out = $hash_in;
2638 elsif ($mode == 12900)
2640 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2642 $len = length $hash_out;
2644 return unless (substr ($line, 0, $len) eq $hash_out);
2646 elsif ($mode == 13000)
2648 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2650 $len = length $hash_out;
2652 return unless (substr ($line, 0, $len) eq $hash_out);
2654 elsif ($mode == 13100)
2656 $hash_out = gen_hash
($mode, $word, $salt);
2658 $len = length $hash_out;
2660 return unless (substr ($line, 0, $len) eq $hash_out);
2662 elsif ($mode == 13200)
2664 $hash_out = gen_hash
($mode, $word, $salt);
2666 $len = length $hash_out;
2668 return unless (substr ($line, 0, $len) eq $hash_out);
2670 elsif ($mode == 13400)
2672 $hash_out = gen_hash
($mode, $word, $salt);
2674 $len = length $hash_out;
2676 return unless (substr ($line, 0, $len) eq $hash_out);
2680 $hash_out = gen_hash
($mode, $word, $salt, $iter);
2682 $len = length $hash_out;
2687 # allow $P$ and $H$ for -m 400
2688 next unless (substr ($line, 3, $len - 3) eq substr ($hash_out, 3));
2690 elsif ($mode == 5600)
2692 # oclHashcat outputs the user name always upper-case, we need
2693 next unless (substr ($line, 0, $len) eq $hash_out);
2697 my $hash_out_lower = lc ($hash_out);
2699 for my $key (keys %{$db})
2701 if (lc ($key) eq $hash_out_lower)
2713 next unless (substr ($line, 0, $len) eq $hash_out);
2717 # do not forget "exists ($db->$hash_out)" should be done above!
2718 $db->{$hash_out} = $word;
2719 print OUT
$line . "\n";
2728 my $mode = shift || 0;
2730 while (my $word_buf = <>)
2734 next if length ($word_buf) > 31;
2742 for (my $i = 0; $i < 256; $i++)
2744 my $c = get_random_chr
(0x30, 0x39);
2746 push (@salt_arr, $c);
2749 my $salt_buf = join ("", @salt_arr);
2757 if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 133 || $mode == 190 || $mode == 200 || $mode == 300 || $mode == 600 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 6000 || $mode == 6100 || $mode == 6900 || $mode == 5700 || $mode == 9900 || $mode == 10800 || $mode == 11500 || $mode == 13300)
2759 $tmp_hash = gen_hash
($mode, $word_buf, "");
2761 elsif ($mode == 10 || $mode == 20 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 120 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1711 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 3610 || $mode == 3710 || $mode == 3711 || $mode == 3720 || $mode == 3800 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 4900 || $mode == 8900 || $mode == 10000 || $mode == 10200 || $mode == 10900 || $mode == 11900 || $mode == 12000 || $mode == 12100)
2763 my $salt_len = get_random_num
(1, 15);
2765 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2767 elsif ($mode == 11 || $mode == 12 || $mode == 7600 || $mode == 12300)
2769 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
2773 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 2));
2777 my $salt_len = get_random_num
(1, 11);
2779 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2781 elsif ($mode == 111 || $mode == 122 || $mode == 131 || $mode == 132 || $mode == 400 || $mode == 500 || $mode == 1600 || $mode == 1722 || $mode == 1731 || $mode == 1800 || $mode == 6300 || $mode == 7900 || $mode == 8100 || $mode == 11100)
2783 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 8));
2785 elsif ($mode == 112)
2787 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 20));
2789 elsif ($mode == 121)
2791 my $salt_len = get_random_num
(1, 9);
2793 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2795 elsif ($mode == 125)
2797 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 10));
2799 elsif ($mode == 141 || $mode == 1441)
2801 my $salt_len = get_random_num
(1, 15);
2803 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2805 elsif ($mode == 1100)
2807 my $salt_len = get_random_num
(1, 19);
2809 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2811 elsif ($mode == 1500)
2813 next if length ($word_buf) > 8;
2815 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 2));
2817 elsif ($mode == 2100)
2819 next if length ($word_buf) > 13;
2821 my $salt_len = get_random_num
(1, 19);
2823 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2825 elsif ($mode == 2410)
2827 next if length ($word_buf) > 15;
2829 my $salt_len = get_random_num
(1, 15);
2831 my $word_len = length ($word_buf);
2833 $salt_len = min
($salt_len, 15 - $word_len);
2835 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2837 elsif ($mode == 2500)
2839 next if length ($word_buf) < 8;
2841 my $salt_len = get_random_num
(0, 32);
2843 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2845 elsif ($mode == 2611)
2847 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 3));
2849 elsif ($mode == 2612)
2851 my $salt_len = get_random_num
(1, 22);
2853 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2855 elsif ($mode == 2711)
2857 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 30));
2859 elsif ($mode == 2811)
2861 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 5));
2863 elsif ($mode == 3000)
2865 next if length ($word_buf) > 7;
2867 $tmp_hash = gen_hash
($mode, $word_buf, "");
2869 elsif ($mode == 3100)
2871 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 10));
2873 elsif ($mode == 3200 || $mode == 5800 || $mode == 6400 || $mode == 6500 || $mode == 6700 || $mode == 7400 || $mode == 3300 || $mode == 8000 || $mode == 9100 || $mode == 12200)
2875 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 16));
2877 elsif ($mode == 3800 || $mode == 4900)
2879 my $salt_len = get_random_num
(1, 11);
2881 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2883 elsif ($mode == 4800)
2885 $salt_buf = get_random_md5chap_salt
(substr ($salt_buf, 0, 16));
2887 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2889 elsif ($mode == 5300 || $mode == 5400)
2891 $salt_buf = get_random_ike_salt
();
2893 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2895 elsif ($mode == 5500)
2897 my $user_len = get_random_num
(0, 15);
2898 my $domain_len = get_random_num
(0, 15);
2900 $salt_buf = get_random_netntlmv1_salt
($user_len, $domain_len);
2902 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2904 elsif ($mode == 5600)
2906 my $user_len = get_random_num
(0, 15);
2907 my $domain_len = get_random_num
(0, 15);
2909 $salt_buf = get_random_netntlmv2_salt
($user_len, $domain_len);
2911 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2913 elsif ($mode == 6600)
2915 $salt_buf = get_random_agilekeychain_salt
();
2917 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2919 elsif ($mode == 6800)
2921 my $email_len = get_random_num
(1, 15);
2925 for (my $i = 0; $i < $email_len; $i++)
2927 $email .= get_random_chr
(0x61, 0x7a);
2930 $email .= '@trash-mail.com';
2932 $tmp_hash = gen_hash
($mode, $word_buf, $email);
2934 elsif ($mode == 7100)
2936 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 64));
2938 elsif ($mode == 7200)
2940 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 128));
2942 elsif ($mode == 7300)
2944 my $salt_len = get_random_num
(32, 256);
2946 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2948 elsif ($mode == 7500)
2950 $salt_buf = get_random_kerberos5_salt
(substr ($salt_buf, 0, 16));
2952 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2954 elsif ($mode == 7700)
2956 next if length ($word_buf) > 8;
2958 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 12));
2960 elsif ($mode == 7800)
2962 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 12));
2964 elsif ($mode == 8200)
2966 $salt_buf = get_random_cloudkeychain_salt
();
2968 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2970 elsif ($mode == 8300)
2972 $salt_buf = get_random_dnssec_salt
();
2974 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2976 elsif ($mode == 8400 || $mode == 11200)
2978 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 40));
2980 elsif ($mode == 8500)
2982 next if length ($word_buf) > 8;
2984 my $salt_len = get_random_num
(1, 9);
2986 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2988 elsif ($mode == 8600)
2990 next if length ($word_buf) > 16;
2992 $tmp_hash = gen_hash
($mode, $word_buf, "");
2994 elsif ($mode == 8700)
2996 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 5));
2998 elsif ($mode == 9200 || $mode == 9300)
3002 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3004 elsif ($mode == 9400 || $mode == 9500 || $mode == 9600 || $mode == 9700 || $mode == 9800)
3006 next if length ($word_buf) > 19;
3010 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3012 elsif ($mode == 10100)
3014 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
3016 elsif ($mode == 10300)
3018 my $salt_len = get_random_num
(4, 15);
3020 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3022 elsif ($mode == 10400)
3024 next if length ($word_buf) > 31;
3028 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3030 elsif ($mode == 10500)
3032 next if length ($word_buf) > 15;
3036 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3038 elsif ($mode == 10600)
3040 next if length ($word_buf) > 31;
3044 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3046 elsif ($mode == 10700)
3048 next if length ($word_buf) > 15;
3052 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3054 elsif ($mode == 11000)
3056 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 56));
3058 elsif ($mode == 11300)
3060 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 16));
3062 elsif ($mode == 11400)
3064 next if length ($word_buf) > 24;
3066 my $salt_len = get_random_num
(1, 15);
3068 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3070 elsif ($mode == 11600)
3072 my $salt_len = get_random_num
(0, 16);
3074 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3076 elsif ($mode == 12400)
3078 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 4));
3080 elsif ($mode == 12600)
3082 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 64));
3084 elsif ($mode == 12700)
3086 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
3088 elsif ($mode == 12800)
3090 next if length ($word_buf) > 24;
3092 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 20));
3094 elsif ($mode == 12900)
3096 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
3098 elsif ($mode == 13000)
3100 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
3102 elsif ($mode == 13100)
3104 $salt_buf = get_random_kerberos5_tgs_salt
();
3106 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
3108 elsif ($mode == 13200)
3110 $salt_buf = get_random_axcrypt_salt
();
3112 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
3114 elsif ($mode == 13400)
3116 $salt_buf = get_random_keepass_salt
();
3118 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
3122 print "ERROR: Unsupported hash type\n";
3127 print $tmp_hash, "\n";
3140 for (my $j = 0; $j < scalar @modes; $j++)
3142 my $mode = $modes[$j];
3144 if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 133 || $mode == 190 || $mode == 200 || $mode == 300 || $mode == 600 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 5300 || $mode == 5400 || $mode == 6000 || $mode == 6100 || $mode == 6600 || $mode == 6900 || $mode == 5700 || $mode == 8200 || $mode == 8300 || $mode == 9900 || $mode == 10800 || $mode == 11500 || $mode == 13300)
3146 for (my $i = 1; $i < 32; $i++)
3150 rnd
($mode, $len, 0);
3158 elsif ($mode == 10 || $mode == 20 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 120 || $mode == 121 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1711 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 2410 || $mode == 3610 || $mode == 3710 || $mode == 3711 || $mode == 3720 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 8900 || $mode == 10000 || $mode == 10200 || $mode == 10900 || $mode == 11900 || $mode == 12000 || $mode == 12100)
3160 my $salt_len = get_random_num
(1, 15);
3162 for (my $i = 1; $i < 32; $i++)
3166 rnd
($mode, $len, $salt_len);
3170 rnd
($mode, $i, $salt_len);
3174 elsif ($mode == 11 || $mode == 12 || $mode == 7600 || $mode == 12300)
3176 for (my $i = 1; $i < 32; $i++)
3180 rnd
($mode, $len, 32);
3184 rnd
($mode, $i, 32);
3188 elsif ($mode == 21 || $mode == 22)
3190 for (my $i = 1; $i < 32; $i++)
3194 rnd
($mode, $len, 2);
3202 elsif ($mode == 111 || $mode == 122 || $mode == 125 || $mode == 131 || $mode == 132 || $mode == 400 || $mode == 500 || $mode == 1600 || $mode == 1722 || $mode == 1731 || $mode == 6300 || $mode == 7900 || $mode == 8100 || $mode == 11100)
3204 for (my $i = 1; $i < 32; $i++)
3208 rnd
($mode, $len, 8);
3216 elsif ($mode == 112)
3218 for (my $i = 1; $i < 32; $i++)
3222 rnd
($mode, $len, 20);
3226 rnd
($mode, $i, 20);
3230 elsif ($mode == 141 || $mode == 3300 || $mode == 1441 || $mode == 1800 || $mode == 3200 || $mode == 4800 || $mode == 6400 || $mode == 6500 || $mode == 6700 || $mode == 7400 || $mode == 8000 || $mode == 9100 || $mode == 12200)
3232 for (my $i = 1; $i < 32; $i++)
3236 rnd
($mode, $len, 16);
3240 rnd
($mode, $i, 16);
3246 my $salt_len = get_random_num
(1, 19);
3248 for (my $i = 1; $i < 32; $i++)
3252 rnd
($mode, $len, $salt_len);
3256 rnd
($mode, $i, $salt_len);
3260 elsif ($mode == 1500)
3262 for (my $i = 1; $i < 9; $i++)
3266 rnd
($mode, $len, 2);
3274 elsif ($mode == 2100)
3276 my $salt_len = get_random_num
(1, 19);
3278 for (my $i = 1; $i < 13; $i++)
3282 rnd
($mode, $len, $salt_len);
3286 rnd
($mode, $i, $salt_len);
3290 elsif ($mode == 2500)
3292 my $salt_len = get_random_num
(0, 32);
3294 for (my $i = 8; $i < 16; $i++)
3296 my $generate_from_len = 0;
3305 rnd
($mode, $len, $salt_len);
3309 rnd
($mode, $i, $salt_len);
3313 elsif ($mode == 2611)
3315 for (my $i = 1; $i < 32; $i++)
3319 rnd
($mode, $len, 3);
3327 elsif ($mode == 2612)
3329 my $salt_len = get_random_num
(1, 22);
3331 for (my $i = 1; $i < 32; $i++)
3335 rnd
($mode, $len, $salt_len);
3339 rnd
($mode, $i, $salt_len);
3343 elsif ($mode == 2711)
3345 for (my $i = 1; $i < 32; $i++)
3349 rnd
($mode, $len, 30);
3353 rnd
($mode, $i, 30);
3357 elsif ($mode == 2811)
3359 for (my $i = 1; $i < 32; $i++)
3363 rnd
($mode, $len, 5);
3371 elsif ($mode == 3000)
3373 for (my $i = 1; $i < 8; $i++)
3377 rnd
($mode, $len, 0);
3385 elsif ($mode == 3100)
3387 for (my $i = 1; $i < 32; $i++)
3391 rnd
($mode, $len, 10);
3395 rnd
($mode, $i, 10);
3399 elsif ($mode == 3800 || $mode == 4900)
3401 my $salt_len = get_random_num
(1, 11);
3403 for (my $i = 1; $i < 32; $i++)
3407 rnd
($mode, $len, $salt_len);
3411 rnd
($mode, $i, $salt_len);
3415 elsif ($mode == 5500 || $mode == 5600)
3419 for (my $i = 1; $i < 27; $i++)
3421 $salt_len = get_random_num
(1, 15);
3425 rnd
($mode, $len, $salt_len);
3429 rnd
($mode, $i, $salt_len);
3433 elsif ($mode == 5800)
3435 for (my $i = 1; $i < 14; $i++)
3439 rnd
($mode, $len, 16);
3443 rnd
($mode, $i, 16);
3447 elsif ($mode == 6800)
3449 my $salt_len = get_random_num
(8, 25);
3451 for (my $i = 1; $i < 32; $i++)
3455 rnd
($mode, $len, $salt_len);
3459 rnd
($mode, $i, $salt_len);
3463 elsif ($mode == 7100)
3465 for (my $i = 1; $i < 32; $i++)
3469 rnd
($mode, $len, 64);
3473 rnd
($mode, $i, 64);
3477 elsif ($mode == 7200)
3479 for (my $i = 1; $i < 32; $i++)
3483 rnd
($mode, $len, 128);
3487 rnd
($mode, $i, 128);
3491 elsif ($mode == 7300)
3493 my $salt_len = get_random_num
(32, 255);
3495 for (my $i = 1; $i < 32; $i++)
3499 rnd
($mode, $len, $salt_len);
3503 rnd
($mode, $i, $salt_len);
3507 elsif ($mode == 7500)
3509 for (my $i = 1; $i < 27; $i++)
3513 rnd
($mode, $len, 16);
3517 rnd
($mode, $i, 16);
3521 elsif ($mode == 7700)
3523 my $salt_len = get_random_num
(1, 12);
3525 for (my $i = 1; $i < 9; $i++)
3529 rnd
($mode, $len, $salt_len);
3533 rnd
($mode, $i, $salt_len);
3537 elsif ($mode == 7800)
3539 my $salt_len = get_random_num
(1, 12);
3541 for (my $i = 1; $i < 32; $i++)
3545 rnd
($mode, $len, $salt_len);
3549 rnd
($mode, $i, $salt_len);
3553 elsif ($mode == 8400 || $mode == 11200)
3555 for (my $i = 1; $i < 32; $i++)
3559 rnd
($mode, $len, 40);
3563 rnd
($mode, $i, 40);
3567 elsif ($mode == 8500)
3569 my $salt_len = get_random_num
(1, 8);
3571 for (my $i = 1; $i < 9; $i++)
3575 rnd
($mode, $len, $salt_len);
3579 rnd
($mode, $i, $salt_len);
3583 elsif ($mode == 8600)
3585 for (my $i = 1; $i < 17; $i++)
3589 rnd
($mode, $len, 0);
3597 elsif ($mode == 8700)
3599 for (my $i = 1; $i < 32; $i++)
3603 rnd
($mode, $len, 5);
3611 elsif ($mode == 9200 || $mode == 9300)
3615 for (my $i = 1; $i < 32; $i++)
3619 rnd
($mode, $len, $salt_len);
3623 rnd
($mode, $i, $salt_len);
3627 elsif ($mode == 9400 || $mode == 9500 || $mode == 9600 || $mode == 9700 || $mode == 9800)
3631 for (my $i = 1; $i < 20; $i++)
3635 rnd
($mode, $len, $salt_len);
3639 rnd
($mode, $i, $salt_len);
3643 elsif ($mode == 10100)
3645 for (my $i = 1; $i < 32; $i++)
3649 rnd
($mode, $len, 32);
3653 rnd
($mode, $i, 32);
3657 elsif ($mode == 10300)
3659 my $salt_len = get_random_num
(4, 15);
3661 for (my $i = 1; $i < 32; $i++)
3665 rnd
($mode, $len, $salt_len);
3669 rnd
($mode, $i, $salt_len);
3673 elsif ($mode == 10400 || $mode == 10600)
3677 for (my $i = 1; $i < 32; $i++)
3681 rnd
($mode, $len, $salt_len);
3685 rnd
($mode, $i, $salt_len);
3689 elsif ($mode == 10500 || $mode == 10700)
3693 for (my $i = 1; $i < 16; $i++)
3697 rnd
($mode, $len, $salt_len);
3701 rnd
($mode, $i, $salt_len);
3705 elsif ($mode == 11000)
3707 for (my $i = 1; $i < 32; $i++)
3711 rnd
($mode, $len, 56);
3715 rnd
($mode, $i, 56);
3719 elsif ($mode == 11300)
3721 for (my $i = 1; $i < 32; $i++)
3725 rnd
($mode, $len, 16);
3729 rnd
($mode, $i, 16);
3733 elsif ($mode == 11400)
3735 for (my $i = 1; $i < 24; $i++)
3739 rnd
($mode, $len, 16);
3743 rnd
($mode, $i, 16);
3747 elsif ($mode == 11600)
3749 my $salt_len = get_random_num
(0, 16);
3751 for (my $i = 1; $i < 32; $i++)
3755 rnd
($mode, $len, $salt_len);
3759 rnd
($mode, $i, $salt_len);
3763 elsif ($mode == 12400)
3765 for (my $i = 1; $i < 32; $i++)
3769 rnd
($mode, $len, 4);
3777 elsif ($mode == 12600)
3779 for (my $i = 1; $i < 32; $i++)
3783 rnd
($mode, $len, 64);
3787 rnd
($mode, $i, 64);
3791 elsif ($mode == 12700)
3793 for (my $i = 1; $i < 32; $i++)
3797 rnd
($mode, $len, 32);
3801 rnd
($mode, $i, 32);
3805 elsif ($mode == 12800)
3807 for (my $i = 1; $i < 25; $i++)
3811 rnd
($mode, $len, 20);
3815 rnd
($mode, $i, 20);
3819 elsif ($mode == 12900)
3821 for (my $i = 1; $i < 32; $i++)
3825 rnd
($mode, $len, 32);
3829 rnd
($mode, $i, 32);
3833 elsif ($mode == 13000)
3835 for (my $i = 1; $i < 32; $i++)
3839 rnd
($mode, $len, 32);
3843 rnd
($mode, $i, 32);
3847 elsif ($mode == 13100)
3849 for (my $i = 1; $i < 27; $i++)
3853 rnd
($mode, $len, 16);
3857 rnd
($mode, $i, 16);
3861 elsif ($mode == 13200)
3863 for (my $i = 1; $i < 32; $i++)
3867 rnd
($mode, $len, 32);
3871 rnd
($mode, $i, 32);
3875 elsif ($mode == 13400)
3877 for (my $i = 1; $i < 16; $i++)
3881 rnd
($mode, $len, 16);
3885 rnd
($mode, $i, 16);
3898 my $word_buf = shift;
3900 my $salt_buf = shift;
3904 my $additional_param = shift;
3906 my $additional_param2 = shift;
3908 my $additional_param3 = shift;
3910 my $additional_param4 = shift;
3912 my $additional_param5 = shift;
3914 my $additional_param6 = shift;
3916 my $additional_param7 = shift;
3918 my $additional_param8 = shift;
3920 my $additional_param9 = shift;
3922 my $additional_param10 = shift;
3924 my $additional_param11 = shift;
3936 $hash_buf = md5_hex
($word_buf);
3938 $tmp_hash = sprintf ("%s", $hash_buf);
3942 $hash_buf = md5_hex
($word_buf . $salt_buf);
3944 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3948 $hash_buf = md5_hex
($word_buf . $salt_buf);
3950 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3954 $hash_buf = md5_hex
($word_buf . $salt_buf);
3956 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3960 $hash_buf = md5_hex
($salt_buf . $word_buf);
3962 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3966 $hash_buf = md5_hex
($salt_buf . $word_buf);
3968 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3972 my $itoa64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
3973 my $salt_suffix = "Administration Tools";
3975 my $pass = sprintf ("%s:%s:%s", $salt_buf, $salt_suffix, $word_buf);
3977 $hash_buf = md5
($pass);
3981 for (my $pos = 0; $pos < 16; $pos += 2)
3983 my $octet1 = ord (substr ($hash_buf, $pos + 0, 1));
3984 my $octet2 = ord (substr ($hash_buf, $pos + 1, 1));
3986 my $num = ($octet1 <<8 & 0xff00) | ($octet2 & 0xff);
3988 my $idx1 = $num >> 12 & 0x0f;
3989 my $idx2 = $num >> 6 & 0x3f;
3990 my $idx3 = $num & 0x3f;
3992 $res = $res . substr ($itoa64, $idx1, 1) . substr ($itoa64, $idx2, 1) . substr ($itoa64, $idx3, 1);
3995 my $obfuscate_str = "nrcstn";
3996 my @obfuscate_pos = (0, 6, 12, 17, 23, 29);
3998 foreach my $pos (keys @obfuscate_pos)
4000 my $idx = $obfuscate_pos[$pos];
4001 my $before = substr ($res, 0, $idx);
4002 my $char = substr ($obfuscate_str, $pos, 1);
4003 my $after = substr ($res, $idx);
4005 $res = sprintf ("%s%s%s", $before, $char, $after);
4008 $tmp_hash = sprintf ("%s:%s", $res, $salt_buf);
4012 $hash_buf = md5_hex
($salt_buf . "\nskyper\n" . $word_buf);
4014 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4018 $hash_buf = md5_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
4020 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4024 $hash_buf = md5_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
4026 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4030 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&md5
, 64);
4032 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4036 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&md5
, 64);
4038 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4040 elsif ($mode == 100)
4042 $hash_buf = sha1_hex
($word_buf);
4044 $tmp_hash = sprintf ("%s", $hash_buf);
4046 elsif ($mode == 101)
4048 $hash_buf = sha1
($word_buf);
4050 my $base64_buf = encode_base64
($hash_buf);
4052 chomp ($base64_buf);
4054 $tmp_hash = sprintf ("{SHA}%s", $base64_buf);
4056 elsif ($mode == 110)
4058 $hash_buf = sha1_hex
($word_buf . $salt_buf);
4060 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4062 elsif ($mode == 111)
4064 $hash_buf = sha1
($word_buf . $salt_buf);
4066 my $base64_buf = encode_base64
($hash_buf . $salt_buf);
4068 chomp ($base64_buf);
4070 $tmp_hash = sprintf ("{SSHA}%s", $base64_buf);
4072 elsif ($mode == 112)
4074 my $salt_buf_bin = pack ("H*", $salt_buf);
4076 $hash_buf = sha1_hex
($word_buf . $salt_buf_bin);
4078 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4080 elsif ($mode == 120)
4082 $hash_buf = sha1_hex
($salt_buf . $word_buf);
4084 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4086 elsif ($mode == 121)
4088 $hash_buf = sha1_hex
(lc ($salt_buf) . $word_buf);
4090 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4092 elsif ($mode == 122)
4094 my $salt_buf_bin = pack ("H*", $salt_buf);
4096 $hash_buf = sha1_hex
($salt_buf_bin . $word_buf);
4098 $tmp_hash = sprintf ("%s%s", $salt_buf, $hash_buf);
4100 elsif ($mode == 125)
4102 my $signature = "01";
4104 my $salt_buf_bin = pack ("H*", $salt_buf . $signature);
4106 $hash_buf = sha1_hex
($salt_buf_bin . $word_buf);
4108 $tmp_hash = sprintf ("%s%s%s", $salt_buf, $signature, $hash_buf);
4110 elsif ($mode == 130)
4112 $hash_buf = sha1_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
4114 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4116 elsif ($mode == 131)
4118 my $salt_buf_bin = pack ("H*", $salt_buf);
4120 $hash_buf = sha1_hex
(encode
("UTF-16LE", uc ($word_buf)) . $salt_buf_bin);
4122 $tmp_hash = sprintf ("0x0100%s%s%s", $salt_buf, "0" x
40, $hash_buf);
4124 elsif ($mode == 132)
4126 my $salt_buf_bin = pack ("H*", $salt_buf);
4128 $hash_buf = sha1_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf_bin);
4130 $tmp_hash = sprintf ("0x0100%s%s", $salt_buf, $hash_buf);
4132 elsif ($mode == 133)
4134 $hash_buf = sha1
(encode
("UTF-16LE", $word_buf));
4136 $hash_buf = encode_base64
($hash_buf);
4137 $hash_buf =~ s/[\r\n]//g;
4139 $tmp_hash = sprintf ("%s", $hash_buf);
4141 elsif ($mode == 140)
4143 $hash_buf = sha1_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
4145 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4147 elsif ($mode == 141)
4149 $hash_buf = sha1
($salt_buf . encode
("UTF-16LE", $word_buf));
4151 my $base64_salt_buf = encode_base64
($salt_buf);
4153 chomp ($base64_salt_buf);
4155 my $base64_hash_buf = encode_base64
($hash_buf);
4157 $base64_hash_buf = substr ($base64_hash_buf, 0, 27);
4159 $tmp_hash = sprintf ("\$episerver\$*0*%s*%s", $base64_salt_buf, $base64_hash_buf);
4161 elsif ($mode == 150)
4163 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha1
, 64);
4165 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4167 elsif ($mode == 160)
4169 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&sha1
, 64);
4171 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4173 elsif ($mode == 190)
4175 $hash_buf = sha1_hex
($word_buf);
4177 my $variant = int (rand (2));
4179 if (defined ($additional_param))
4181 $variant = $additional_param;
4186 substr ($hash_buf, 0, 5) = "00000";
4189 $tmp_hash = sprintf ("%s", $hash_buf);
4191 elsif ($mode == 200)
4193 my $ppr = Authen
::Passphrase
::MySQL323
->new (passphrase
=> $word_buf);
4195 $hash_buf = $ppr->hash_hex;
4197 $tmp_hash = sprintf ("%s", $hash_buf);
4199 elsif ($mode == 300)
4201 $hash_buf = substr (password41
($word_buf), 1);
4203 $hash_buf = lc ($hash_buf); # useful for 'not matched' check only
4205 $tmp_hash = sprintf ("%s", $hash_buf);
4207 elsif ($mode == 400)
4216 my $ppr = Authen
::Passphrase
::PHPass
->new
4220 passphrase
=> $word_buf,
4223 $hash_buf = $ppr->as_rfc2307;
4225 $tmp_hash = sprintf ("%s", substr ($hash_buf, 7));
4227 elsif ($mode == 500)
4229 my $iterations = 1000;
4231 if (defined ($iter))
4235 $iterations = int ($iter);
4239 $hash_buf = md5_crypt
('$1$', $iterations, $word_buf, $salt_buf);
4241 $tmp_hash = sprintf ("%s", $hash_buf);
4243 elsif ($mode == 900)
4245 $hash_buf = md4_hex
($word_buf);
4247 $tmp_hash = sprintf ("%s", $hash_buf);
4249 elsif ($mode == 1000)
4251 $hash_buf = md4_hex
(encode
("UTF-16LE", $word_buf));
4253 $tmp_hash = sprintf ("%s", $hash_buf);
4255 elsif ($mode == 1100)
4257 $hash_buf = md4_hex
(md4
(encode
("UTF-16LE", $word_buf)) . encode
("UTF-16LE", lc ($salt_buf)));
4259 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4261 elsif ($mode == 1400)
4263 $hash_buf = sha256_hex
($word_buf);
4265 $tmp_hash = sprintf ("%s", $hash_buf);
4267 elsif ($mode == 1410)
4269 $hash_buf = sha256_hex
($word_buf . $salt_buf);
4271 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4273 elsif ($mode == 1420)
4275 $hash_buf = sha256_hex
($salt_buf . $word_buf);
4277 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4279 elsif ($mode == 1430)
4281 $hash_buf = sha256_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
4283 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4285 elsif ($mode == 1440)
4287 $hash_buf = sha256_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
4289 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4291 elsif ($mode == 1441)
4293 $hash_buf = sha256
($salt_buf . encode
("UTF-16LE", $word_buf));
4295 my $base64_salt_buf = encode_base64
($salt_buf);
4297 chomp ($base64_salt_buf);
4299 my $base64_hash_buf = encode_base64
($hash_buf);
4301 chomp ($base64_hash_buf);
4303 $base64_hash_buf = substr ($base64_hash_buf, 0, 43);
4305 $tmp_hash = sprintf ("\$episerver\$*1*%s*%s", $base64_salt_buf, $base64_hash_buf);
4307 elsif ($mode == 1450)
4309 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha256
, 64);
4311 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4313 elsif ($mode == 1460)
4315 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&sha256
, 64);
4317 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4319 elsif ($mode == 1500)
4321 $hash_buf = crypt ($word_buf, $salt_buf);
4323 $tmp_hash = sprintf ("%s", $hash_buf);
4325 elsif ($mode == 1600)
4327 my $iterations = 1000;
4329 if (defined ($iter))
4333 $iterations = int ($iter);
4337 $hash_buf = md5_crypt
('$apr1$', $iterations, $word_buf, $salt_buf);
4339 $tmp_hash = sprintf ("%s", $hash_buf);
4341 elsif ($mode == 1700)
4343 $hash_buf = sha512_hex
($word_buf);
4345 $tmp_hash = sprintf ("%s", $hash_buf);
4347 elsif ($mode == 1710)
4349 $hash_buf = sha512_hex
($word_buf . $salt_buf);
4351 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4353 elsif ($mode == 1711)
4355 $hash_buf = sha512_hex
($word_buf . $salt_buf);
4357 my $base64_buf = encode_base64
(pack ("H*", $hash_buf) . $salt_buf);
4359 $base64_buf =~ s/[ \n]//g;
4361 $tmp_hash = sprintf ("{SSHA512}%s", $base64_buf);
4363 elsif ($mode == 1720)
4365 $hash_buf = sha512_hex
($salt_buf . $word_buf);
4367 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4369 elsif ($mode == 1730)
4371 $hash_buf = sha512_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
4373 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4375 elsif ($mode == 1740)
4377 $hash_buf = sha512_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
4379 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4381 elsif ($mode == 1722)
4383 my $salt_buf_bin = pack ("H*", $salt_buf);
4385 $hash_buf = sha512_hex
($salt_buf_bin . $word_buf);
4387 $tmp_hash = sprintf ("%s%s", $salt_buf, $hash_buf);
4389 elsif ($mode == 1731)
4391 my $salt_buf_bin = pack ("H*", $salt_buf);
4393 $hash_buf = sha512_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf_bin);
4395 $tmp_hash = sprintf ("0x0200%s%s", $salt_buf, $hash_buf);
4397 elsif ($mode == 1750)
4399 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha512
, 128);
4401 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4403 elsif ($mode == 1760)
4405 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&sha512
, 128);
4407 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4409 elsif ($mode == 1800)
4411 my $iterations = 5000;
4413 if (defined ($iter))
4417 $iterations = int ($iter);
4421 $hash_buf = sha512_crypt
($iterations, $word_buf, $salt_buf);
4423 $tmp_hash = sprintf ("%s", $hash_buf);
4425 elsif ($mode == 2100)
4427 my $iterations = 10240;
4431 $iterations = int ($iter);
4434 my $salt = encode
("UTF-16LE", lc ($salt_buf));
4436 my $pbkdf2 = Crypt
::PBKDF2
->new
4438 hash_class
=> 'HMACSHA1',
4439 iterations
=> $iterations,
4441 salt_len
=> length ($salt),
4444 $hash_buf = unpack ("H*", $pbkdf2->PBKDF2 ($salt, md4
(md4
(encode
("UTF-16LE", $word_buf)) . $salt)));
4446 $tmp_hash = sprintf ("\$DCC2\$%i#%s#%s", $iterations, $salt_buf, $hash_buf);
4448 elsif ($mode == 2400)
4450 $tmp_hash = sprintf ("%s", pseudo_base64
(Digest
::MD5
::md5
($word_buf . "\0" x
(16 - length ($word_buf)))));
4452 elsif ($mode == 2410)
4454 my $salt_len = length ($salt_buf);
4456 my $salt_len_max4 = ($salt_len < 4) ?
$salt_len : 4;
4458 my $hash_buf = pseudo_base64
(Digest
::MD5
::md5
($word_buf . substr ($salt_buf, 0, $salt_len_max4) . "\0" x
(16 - length ($word_buf) - $salt_len_max4)));
4460 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4462 elsif ($mode == 2500)
4464 my ($bssid, $stmac, $snonce, $anonce, $eapol, $keyver, $eapol_size);
4466 if (! defined ($additional_param))
4470 $bssid = randbytes
(6);
4471 $stmac = randbytes
(6);
4472 $snonce = randbytes
(32);
4473 $anonce = randbytes
(32);
4475 $keyver = get_random_num
(1, 3); # 1 or 2
4478 # should be "validly" generated, but in theory could be anything for us also:
4479 # $eapol = "\x00" x 121; # works too, but let's generate it correctly
4481 $eapol = gen_random_wpa_eapol
($keyver, $snonce);
4485 $bssid = $additional_param;
4486 $stmac = $additional_param2;
4487 $snonce = $additional_param3;
4488 $anonce = $additional_param4;
4489 $keyver = $additional_param5;
4490 $eapol = $additional_param6;
4493 $eapol_size = length ($eapol);
4497 my $iterations = 4096;
4503 # generate the Pairwise Master Key (PMK)
4505 my $pbkdf2 = Crypt
::PBKDF2
->new
4507 hash_class
=> 'HMACSHA1',
4508 iterations
=> $iterations,
4512 my $pmk = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
4514 # Pairwise Transient Key (PTK) transformation
4516 my $ptk = wpa_prf_512
($pmk, $stmac, $bssid, $snonce, $anonce);
4518 # generate the Message Integrity Code (MIC)
4522 if ($keyver == 1) # WPA1 => MD5
4524 $mic = hmac
($eapol, $ptk, \
&md5
);
4528 $mic = hmac
($eapol, $ptk, \
&sha1
);
4531 $mic = substr ($mic, 0, 16);
4534 # format the binary output
4539 # first the essid (NULL-padded up to the first 36 bytes)
4541 $hash_buf .= $salt_buf;
4542 $hash_buf .= "\x00" x
(36 - length ($salt_buf));
4544 # the 2 MAC addresses
4546 $hash_buf .= $bssid;
4547 $hash_buf .= $stmac;
4551 $hash_buf .= $snonce;
4552 $hash_buf .= $anonce;
4556 $hash_buf .= $eapol;
4557 $hash_buf .= "\x00" x
(256 - $eapol_size);
4561 $hash_buf .= pack ("L*", $eapol_size);
4565 $hash_buf .= pack ("L*", $keyver);
4567 # and finally: the key mic
4571 # base64 encode the output
4573 $tmp_hash = encode_base64
($hash_buf, '');
4575 elsif ($mode == 2600)
4577 $hash_buf = md5_hex
(md5_hex
($word_buf));
4579 $tmp_hash = sprintf ("%s", $hash_buf);
4581 elsif ($mode == 2611)
4583 $hash_buf = md5_hex
(md5_hex
($word_buf) . $salt_buf);
4585 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4587 elsif ($mode == 2612)
4589 my $salt_buf_hex = unpack ("H*", $salt_buf);
4591 $hash_buf = md5_hex
(md5_hex
($word_buf) . $salt_buf);
4593 $tmp_hash = sprintf ("\$PHPS\$%s\$%s", $salt_buf_hex, $hash_buf);
4595 elsif ($mode == 2711)
4597 $hash_buf = md5_hex
(md5_hex
($word_buf) . $salt_buf);
4599 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4601 elsif ($mode == 2811)
4603 $hash_buf = md5_hex
(md5_hex
($salt_buf) . md5_hex
($word_buf));
4605 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4607 elsif ($mode == 3000)
4609 my $ppr = Authen
::Passphrase
::LANManager
->new ("passphrase" => $word_buf);
4611 $hash_buf = $ppr->hash_hex;
4613 $tmp_hash = sprintf ("%s", substr ($hash_buf, 0, 16));
4615 elsif ($mode == 3100)
4617 $hash_buf = oracle_hash
($salt_buf, $word_buf);
4619 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4621 elsif ($mode == 3200)
4630 $tmp_hash = bcrypt
($word_buf, sprintf ('$2a$%s$%s$', $cost, en_base64
($salt_buf)));
4632 elsif ($mode == 3300)
4634 my $iterations = 904;
4638 $iterations = int ($iter);
4643 if (defined ($additional_param))
4645 $variant = $additional_param;
4648 my $prefix = sprintf ("\$md5%srounds=%i\$%s", $variant, $iterations, $salt_buf);
4650 $iterations += 4096;
4652 $hash_buf = sun_md5
($word_buf, $prefix, $iterations);
4654 $tmp_hash = sprintf ("%s\$%s", $prefix, $hash_buf);
4656 elsif ($mode == 3500)
4658 $hash_buf = md5_hex
(md5_hex
(md5_hex
($word_buf)));
4660 $tmp_hash = sprintf ("%s", $hash_buf);
4662 elsif ($mode == 3610)
4664 $hash_buf = md5_hex
(md5_hex
($salt_buf) . $word_buf);
4666 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4668 elsif ($mode == 3710)
4670 $hash_buf = md5_hex
($salt_buf . md5_hex
($word_buf));
4672 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4674 elsif ($mode == 3711)
4676 $hash_buf = md5_hex
($salt_buf . "-" . md5_hex
($word_buf));
4678 $tmp_hash = sprintf ("\$B\$%s\$%s", $salt_buf, $hash_buf);
4680 elsif ($mode == 3720)
4682 $hash_buf = md5_hex
($word_buf . md5_hex
($salt_buf));
4684 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4686 elsif ($mode == 3800)
4688 $hash_buf = md5_hex
($salt_buf . $word_buf . $salt_buf);
4690 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4692 elsif ($mode == 3910)
4694 $hash_buf = md5_hex
(md5_hex
($word_buf) . md5_hex
($salt_buf));
4696 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4698 elsif ($mode == 4010)
4700 $hash_buf = md5_hex
($salt_buf . md5_hex
($salt_buf . $word_buf));
4702 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4704 elsif ($mode == 4110)
4706 $hash_buf = md5_hex
($salt_buf . md5_hex
($word_buf . $salt_buf));
4708 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4710 elsif ($mode == 4210)
4712 $hash_buf = md5_hex
($salt_buf . "\x00" . $word_buf);
4714 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4716 elsif ($mode == 4300)
4718 $hash_buf = md5_hex
(uc (md5_hex
($word_buf)));
4720 $tmp_hash = sprintf ("%s", $hash_buf);
4722 elsif ($mode == 4400)
4724 $hash_buf = md5_hex
(sha1_hex
($word_buf));
4726 $tmp_hash = sprintf ("%s", $hash_buf);
4728 elsif ($mode == 4500)
4730 $hash_buf = sha1_hex
(sha1_hex
($word_buf));
4732 $tmp_hash = sprintf ("%s", $hash_buf);
4734 elsif ($mode == 4600)
4736 $hash_buf = sha1_hex
(sha1_hex
(sha1_hex
($word_buf)));
4738 $tmp_hash = sprintf ("%s", $hash_buf);
4740 elsif ($mode == 4700)
4742 $hash_buf = sha1_hex
(md5_hex
($word_buf));
4744 $tmp_hash = sprintf ("%s", $hash_buf);
4746 elsif ($mode == 4800)
4748 my $index = rindex ($salt_buf, ":");
4750 my $salt = substr ($salt_buf, 0, $index);
4751 my $salt_bin = pack ("H*", $salt);
4752 my $chap_sign = substr ($salt_buf, $index + 1);
4753 my $chap_sign_bin = pack ("H*", $chap_sign);
4755 $hash_buf = md5_hex
($chap_sign_bin . $word_buf . $salt_bin);
4757 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4759 elsif ($mode == 4900)
4761 $hash_buf = sha1_hex
($salt_buf . $word_buf . $salt_buf);
4763 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4765 elsif ($mode == 5000)
4767 $hash_buf = keccak_256_hex
($word_buf);
4769 $tmp_hash = sprintf ("%s", $hash_buf);
4771 elsif ($mode == 5100)
4775 if (! defined ($additional_param))
4781 $pos = $additional_param * 8 unless ($additional_param > 2);
4784 $hash_buf = md5_hex
($word_buf);
4786 $tmp_hash = sprintf ("%s", substr ($hash_buf, $pos, 16));
4788 elsif ($mode == 5300)
4790 my @salt_arr = split (":", $salt_buf);
4792 my $msg_buf = pack ("H*", $salt_arr[0] . $salt_arr[1] . $salt_arr[2] . $salt_arr[3] . $salt_arr[4] . $salt_arr[5]);
4793 my $nr_buf = pack ("H*", $salt_arr[6] . $salt_arr[7]);
4795 my $hash_buf = hmac
($nr_buf , $word_buf, \
&md5
, 64);
4796 $hash_buf = hmac_hex
($msg_buf, $hash_buf, \
&md5
, 64);
4798 $tmp_hash = sprintf ("%s:%s", $salt_buf, $hash_buf);
4800 elsif ($mode == 5400)
4802 my @salt_arr = split (":", $salt_buf);
4804 my $msg_buf = pack ("H*", $salt_arr[0] . $salt_arr[1] . $salt_arr[2] . $salt_arr[3] . $salt_arr[4] . $salt_arr[5]);
4805 my $nr_buf = pack ("H*", $salt_arr[6] . $salt_arr[7]);
4807 my $hash_buf = hmac
($nr_buf , $word_buf, \
&sha1
, 64);
4808 $hash_buf = hmac_hex
($msg_buf, $hash_buf, \
&sha1
, 64);
4810 $tmp_hash = sprintf ("%s:%s", $salt_buf, $hash_buf);
4812 elsif ($mode == 5500)
4814 my $index1 = index ($salt_buf, "::");
4815 my $user = substr ($salt_buf, 0, $index1);
4817 my $index2 = index ($salt_buf, ":", $index1 + 2);
4818 my $domain = substr ($salt_buf, $index1 + 2, $index2 - $index1 - 2);
4820 my $len = length (substr ($salt_buf, $index2 + 1));
4822 my $c_challenge_hex;
4826 $c_challenge_hex = substr ($salt_buf, $index2 + 1, 48);
4831 $c_challenge_hex = substr ($salt_buf, $index2 + 1, 16);
4832 $c_challenge_hex .= 00 x
32;
4835 my $c_challenge = pack ("H*", substr ($c_challenge_hex, 0, 16));
4836 my $s_challenge_hex = substr ($salt_buf, $index2 + 17, 16);
4837 my $s_challenge = pack ("H*", $s_challenge_hex);
4839 my $challenge = substr (md5
($s_challenge . $c_challenge), 0, 8);
4843 my $nthash = Authen
::Passphrase
::NTHash
->new (passphrase
=> $word_buf)->hash . "\x00" x
5;
4845 $ntresp .= Crypt
::ECB
::encrypt
(setup_des_key
(substr ($nthash, 0, 7)), "DES", $challenge, PADDING_NONE
);
4846 $ntresp .= Crypt
::ECB
::encrypt
(setup_des_key
(substr ($nthash, 7, 7)), "DES", $challenge, PADDING_NONE
);
4847 $ntresp .= Crypt
::ECB
::encrypt
(setup_des_key
(substr ($nthash, 14, 7)), "DES", $challenge, PADDING_NONE
);
4849 $tmp_hash = sprintf ("%s::%s:%s:%s:%s", $user, $domain, $c_challenge_hex, unpack ("H*", $ntresp), $s_challenge_hex);
4851 elsif ($mode == 5600)
4853 my $index1 = index ($salt_buf, "::");
4854 my $user = substr ($salt_buf, 0, $index1);
4856 my $index2 = index ($salt_buf, ":", $index1 + 2);
4857 my $domain = substr ($salt_buf, $index1 + 2, $index2 - $index1 - 2);
4859 my $s_challenge_hex = substr ($salt_buf, $index2 + 1, 16);
4860 my $s_challenge = pack ("H*", $s_challenge_hex);
4862 my $temp_hex = substr ($salt_buf, $index2 + 17);
4863 my $temp = pack ("H*", $temp_hex);
4865 my $nthash = Authen
::Passphrase
::NTHash
->new (passphrase
=> $word_buf)->hash;
4866 my $identity = Encode
::encode
("UTF-16LE", uc ($user) . $domain);
4868 $hash_buf = hmac_hex
($s_challenge . $temp, hmac
($identity, $nthash, \
&md5
, 64), \
&md5
, 64);
4870 $tmp_hash = sprintf ("%s::%s:%s:%s:%s", $user, $domain, $s_challenge_hex, $hash_buf, $temp_hex);
4872 elsif ($mode == 5700)
4874 $hash_buf = sha256
($word_buf);
4876 my $base64_buf = encode_base64
($hash_buf);
4880 for (my $i = 0; $i < 43; $i++)
4882 $tmp_hash .= $CISCO_BASE64_MAPPING->{substr ($base64_buf, $i, 1)};
4885 elsif ($mode == 5800)
4887 $hash_buf = androidpin_hash
($word_buf, $salt_buf);
4889 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4891 elsif ($mode == 6000)
4893 $hash_buf = ripemd160_hex
($word_buf);
4895 $tmp_hash = sprintf ("%s", $hash_buf);
4897 elsif ($mode == 6100)
4899 $hash_buf = whirlpool_hex
($word_buf);
4901 $tmp_hash = sprintf ("%s", $hash_buf);
4903 elsif ($mode == 6300)
4905 my $iterations = 1000; # hard coded by the AIX format
4907 $hash_buf = md5_crypt
('', $iterations, $word_buf, $salt_buf);
4909 $tmp_hash = sprintf ("{smd5}%s", $hash_buf);
4911 elsif ($mode == 6400)
4913 my $iterations = 64;
4917 $iterations = 1 << int ($iter);
4920 $hash_buf = aix_ssha256_pbkdf2
($word_buf, $salt_buf, $iterations);
4922 $tmp_hash = sprintf ("{ssha256}%02i\$%s\$%s", log ($iterations) / log (2), $salt_buf, $hash_buf);
4924 elsif ($mode == 6500)
4926 my $iterations = 64;
4930 $iterations = 1 << int ($iter);
4933 $hash_buf = aix_ssha512_pbkdf2
($word_buf, $salt_buf, $iterations);
4935 $tmp_hash = sprintf ("{ssha512}%02i\$%s\$%s", log ($iterations) / log (2), $salt_buf, $hash_buf);
4937 elsif ($mode == 6600)
4939 my $iterations = 1000;
4943 $iterations = int ($iter);
4946 my $salt_hex = substr ($salt_buf, 0, 16);
4947 my $salt = pack ("H*", $salt_hex);
4949 my $prefix = substr ($salt_buf, 16, 2016);
4951 my $iv_hex = substr ($salt_buf, 2032);
4952 my $iv = pack ("H*", $iv_hex);
4954 my $data = pack ("H*", "10101010101010101010101010101010");
4956 my $hasher = Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA1');
4958 my $pbkdf2 = Crypt
::PBKDF2
->new (
4960 iterations
=> $iterations,
4964 my $key = $pbkdf2->PBKDF2 ($salt, $word_buf);
4966 my $cipher = Crypt
::CBC
->new ({
4968 cipher
=> "Crypt::Rijndael",
4975 my $encrypted = unpack ("H*", $cipher->encrypt ($data));
4977 $hash_buf = substr ($encrypted, 0, 32);
4979 $tmp_hash = sprintf ("%i:%s:%s%s%s", $iterations, $salt_hex, $prefix, $iv_hex, $hash_buf);
4981 elsif ($mode == 6700)
4983 my $iterations = 64;
4987 $iterations = 1 << int ($iter);
4990 $hash_buf = aix_ssha1_pbkdf2
($word_buf, $salt_buf, $iterations);
4992 $tmp_hash = sprintf ("{ssha1}%02i\$%s\$%s", log ($iterations) / log (2), $salt_buf, $hash_buf);
4994 elsif ($mode == 6800)
4996 my $variant = $additional_param;
4998 if (! defined ($variant))
5000 $variant = int (rand (2));
5003 my $iterations = 500;
5007 $iterations = int ($iter);
5010 my $iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
5012 my $hasher = Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256);
5014 my $pbkdf2 = Crypt
::PBKDF2
->new (
5016 iterations
=> $iterations,
5020 my $key = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
5022 my $cipher = Crypt
::CBC
->new ({
5024 cipher
=> "Crypt::Rijndael",
5033 my $encrypt = $cipher->encrypt (substr ($salt_buf, 0, 16));
5035 $hash_buf = substr (unpack ("H*", $encrypt), 0, 32);
5039 my $verifier = "lastpass rocks\x02\x02";
5041 $hash_buf = unpack ("H*", substr ($cipher->encrypt ($verifier), 0, 16));
5044 $tmp_hash = sprintf ("%s:%i:%s", $hash_buf, $iterations, $salt_buf);
5046 elsif ($mode == 6900)
5048 $hash_buf = gost_hex
($word_buf);
5050 $tmp_hash = sprintf ("%s", $hash_buf);
5052 elsif ($mode == 7100)
5054 my $iterations = 1024;
5058 $iterations = int ($iter);
5061 my $pbkdf2 = Crypt
::PBKDF2
->new
5063 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 512),
5064 iterations
=> $iterations
5067 $hash_buf = unpack ("H*", $pbkdf2->PBKDF2 (pack ("H*", $salt_buf), $word_buf));
5069 $tmp_hash = sprintf ("\$ml\$%i\$%s\$%0128s", $iterations, $salt_buf, $hash_buf);
5071 elsif ($mode == 7200)
5073 my $iterations = 1024;
5077 $iterations = int ($iter);
5080 my $pbkdf2 = Crypt
::PBKDF2
->new (
5081 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 512),
5082 iterations
=> $iterations
5085 $hash_buf = unpack ("H*", $pbkdf2->PBKDF2 (pack ("H*", $salt_buf), $word_buf));
5087 $tmp_hash = sprintf ("grub.pbkdf2.sha512.%i.%s.%0128s", $iterations, $salt_buf, $hash_buf);
5089 elsif ($mode == 7300)
5091 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha1
);
5093 $tmp_hash = sprintf ("%s:%s", unpack ("H*", $salt_buf), $hash_buf);
5095 elsif ($mode == 7400)
5097 my $iterations = 5000;
5099 if (defined ($iter))
5103 $iterations = int ($iter);
5107 $hash_buf = sha256_crypt
($iterations, $word_buf, $salt_buf);
5109 $tmp_hash = sprintf ("%s", $hash_buf);
5111 elsif ($mode == 7500)
5113 my @salt_arr = split ("\\\$", $salt_buf);
5115 my $user = $salt_arr[0];
5117 my $realm = $salt_arr[1];
5119 my $salt = $salt_arr[2];
5121 my $hmac_salt = $salt_arr[3];
5122 my $hmac_salt_bin = pack ("H*", $hmac_salt);
5124 my $clear_data = $salt_arr[4];
5126 my $k = md4
(encode
("UTF-16LE", $word_buf));
5128 my $k1 = hmac_md5
("\x01\x00\x00\x00", $k);
5130 my $k3 = hmac_md5
($hmac_salt_bin, $k1);
5132 if (length ($clear_data) > 1)
5134 my $clear_data_bin = pack ("H*", $clear_data);
5136 $hash_buf = RC4
($k3, $clear_data_bin);
5140 my $hash = $salt_arr[5];
5142 my $hash_bin = pack ("H*", $hash);
5144 my $clear_data = RC4
($k3, $hash_bin);
5146 my $timestamp = substr ($clear_data, 14, 14);
5151 if ($timestamp !~ /^[[:digit:]]{14}$/)
5158 $hash_buf = "\x00" x
36;
5160 if ($hash_buf eq $hash_bin)
5162 $hash_buf = "\x01" x
36;
5167 $hash_buf = $hash_bin;
5171 $tmp_hash = sprintf ("\$krb5pa\$23\$%s\$%s\$%s\$%s%s", $user, $realm, $salt, unpack ("H*", $hash_buf), $hmac_salt);
5173 elsif ($mode == 7600)
5175 $hash_buf = sha1_hex
($salt_buf . sha1_hex
($word_buf));
5177 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
5179 elsif ($mode == 7700)
5181 $word_buf = uc $word_buf;
5182 $salt_buf = uc $salt_buf;
5184 my $word_buf_t = sapb_transcode
($word_buf);
5185 my $salt_buf_t = sapb_transcode
($salt_buf);
5187 my $digest1 = md5
($word_buf_t . $salt_buf_t);
5189 my $data = sapb_waldorf
($digest1, $word_buf_t, $salt_buf_t);
5191 my $digest2 = md5
($data);
5193 my ($a, $b, $c, $d) = unpack ("N4", $digest2);
5198 $tmp_hash = sprintf ("%s\$%08X%08X", $salt_buf, $a, $b);
5200 elsif ($mode == 7800)
5202 my $theMagicArray_s =
5203 "\x91\xac\x51\x14\x9f\x67\x54\x43\x24\xe7\x3b\xe0\x28\x74\x7b\xc2" .
5204 "\x86\x33\x13\xeb\x5a\x4f\xcb\x5c\x08\x0a\x73\x37\x0e\x5d\x1c\x2f" .
5205 "\x33\x8f\xe6\xe5\xf8\x9b\xae\xdd\x16\xf2\x4b\x8d\x2c\xe1\xd4\xdc" .
5206 "\xb0\xcb\xdf\x9d\xd4\x70\x6d\x17\xf9\x4d\x42\x3f\x9b\x1b\x11\x94" .
5207 "\x9f\x5b\xc1\x9b\x06\x05\x9d\x03\x9d\x5e\x13\x8a\x1e\x9a\x6a\xe8" .
5208 "\xd9\x7c\x14\x17\x58\xc7\x2a\xf6\xa1\x99\x63\x0a\xd7\xfd\x70\xc3" .
5209 "\xf6\x5e\x74\x13\x03\xc9\x0b\x04\x26\x98\xf7\x26\x8a\x92\x93\x25" .
5210 "\xb0\xa2\x0d\x23\xed\x63\x79\x6d\x13\x32\xfa\x3c\x35\x02\x9a\xa3" .
5211 "\xb3\xdd\x8e\x0a\x24\xbf\x51\xc3\x7c\xcd\x55\x9f\x37\xaf\x94\x4c" .
5212 "\x29\x08\x52\x82\xb2\x3b\x4e\x37\x9f\x17\x07\x91\x11\x3b\xfd\xcd";
5214 $salt_buf = uc $salt_buf;
5216 my $digest = sha1
($word_buf . $salt_buf);
5218 my ($a, $b, $c, $d, $e) = unpack ("I*", $digest);
5220 my $lengthMagicArray = 0x20;
5221 my $offsetMagicArray = 0;
5223 $lengthMagicArray += (($a >> 0) & 0xff) % 6;
5224 $lengthMagicArray += (($a >> 8) & 0xff) % 6;
5225 $lengthMagicArray += (($a >> 16) & 0xff) % 6;
5226 $lengthMagicArray += (($a >> 24) & 0xff) % 6;
5227 $lengthMagicArray += (($b >> 0) & 0xff) % 6;
5228 $lengthMagicArray += (($b >> 8) & 0xff) % 6;
5229 $lengthMagicArray += (($b >> 16) & 0xff) % 6;
5230 $lengthMagicArray += (($b >> 24) & 0xff) % 6;
5231 $lengthMagicArray += (($c >> 0) & 0xff) % 6;
5232 $lengthMagicArray += (($c >> 8) & 0xff) % 6;
5233 $offsetMagicArray += (($c >> 16) & 0xff) % 8;
5234 $offsetMagicArray += (($c >> 24) & 0xff) % 8;
5235 $offsetMagicArray += (($d >> 0) & 0xff) % 8;
5236 $offsetMagicArray += (($d >> 8) & 0xff) % 8;
5237 $offsetMagicArray += (($d >> 16) & 0xff) % 8;
5238 $offsetMagicArray += (($d >> 24) & 0xff) % 8;
5239 $offsetMagicArray += (($e >> 0) & 0xff) % 8;
5240 $offsetMagicArray += (($e >> 8) & 0xff) % 8;
5241 $offsetMagicArray += (($e >> 16) & 0xff) % 8;
5242 $offsetMagicArray += (($e >> 24) & 0xff) % 8;
5244 my $hash_buf = sha1_hex
($word_buf . substr ($theMagicArray_s, $offsetMagicArray, $lengthMagicArray) . $salt_buf);
5246 $tmp_hash = sprintf ("%s\$%s", $salt_buf, uc $hash_buf);
5248 elsif ($mode == 7900)
5257 my $phpass_it = 1 << $cost;
5259 $hash_buf = sha512
($salt_buf . $word_buf);
5261 for (my $i = 0; $i < $phpass_it; $i++)
5263 $hash_buf = sha512
($hash_buf . $word_buf);
5266 my $base64_buf = substr (Authen
::Passphrase
::PHPass
::_en_base64
($hash_buf), 0, 43);
5268 my $base64_digits = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
5270 my $cost_str = substr ($base64_digits , $cost, 1);
5272 $tmp_hash = sprintf ('$S$%s%s%s', $cost_str, $salt_buf, $base64_buf);
5274 elsif ($mode == 8000)
5276 my $salt_buf_bin = pack ("H*", $salt_buf);
5278 my $word_buf_utf = encode
("UTF-16BE", $word_buf);
5280 $hash_buf = sha256_hex
($word_buf_utf . "\x00" x
(510 - (length ($word_buf) * 2)) . $salt_buf_bin);
5282 $tmp_hash = sprintf ("0xc007%s%s", $salt_buf, $hash_buf);
5284 elsif ($mode == 8100)
5286 $hash_buf = sha1_hex
($salt_buf . $word_buf . "\x00");
5288 $tmp_hash = sprintf ("1%s%s", $salt_buf, $hash_buf);
5290 elsif ($mode == 8200)
5292 my $iterations = 40000;
5294 if (defined ($iter))
5296 $iterations = $iter;
5299 my $salt_hex = substr ($salt_buf, 0, 32);
5300 my $salt = pack ("H*", $salt_hex);
5302 my $data_hex = substr ($salt_buf, 32);
5303 my $data = pack ("H*", $data_hex);
5305 my $pbkdf2 = Crypt
::PBKDF2
->new
5307 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 512),
5308 iterations
=> int $iterations
5311 my $key = $pbkdf2->PBKDF2 ($salt, $word_buf);
5313 $hash_buf = hmac_hex
($data, substr ($key, 32, 32), \
&sha256
, 64);
5315 $tmp_hash = sprintf ("%s:%s:%d:%s", $hash_buf, $salt_hex, $iterations, $data_hex);
5317 elsif ($mode == 8300)
5319 my ($domain, $salt_hex) = split (":", $salt_buf);
5321 my $hashalg = Net
::DNS
::SEC
->digtype ("SHA1");
5323 my $salt = pack ("H*", $salt_hex);
5327 if (defined ($iter))
5329 $iterations = $iter;
5332 my $name = lc ($word_buf . $domain);
5334 my $hash_buf = Net
::DNS
::RR
::NSEC3
::name2hash
($hashalg, $name, $iterations, $salt);
5336 $tmp_hash = sprintf ("%s:%s:%s:%d", $hash_buf, $domain, $salt_hex, $iterations);
5338 elsif ($mode == 8400)
5340 $hash_buf = sha1_hex
($salt_buf . sha1_hex
($salt_buf . sha1_hex
($word_buf)));
5342 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
5344 elsif ($mode == 8500)
5346 $hash_buf = racf_hash
(uc $salt_buf, $word_buf);
5348 $tmp_hash = sprintf ('$racf$*%s*%s', uc $salt_buf, uc $hash_buf);
5350 elsif ($mode == 8600)
5352 my @saved_key = map { ord $_; } split "", $word_buf;
5354 my $len = scalar @saved_key;
5356 my @state = domino_big_md
(\
@saved_key, $len);
5358 $tmp_hash = sprintf ('%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x',
5377 elsif ($mode == 8700)
5379 my $domino_char = undef;
5381 if (defined ($additional_param))
5383 $domino_char = $additional_param;
5386 my @saved_key = map { ord $_; } split "", $word_buf;
5388 my $len = scalar @saved_key;
5390 my @state = domino_big_md
(\
@saved_key, $len);
5392 my $str = "(" . unpack ("H*", join ("", (map { chr $_; } @state))) . ")";
5394 @saved_key = map { ord $_; } split "", $salt_buf . uc $str;
5396 @state = domino_big_md
(\
@saved_key, 34);
5398 $hash_buf = join ("", (map { chr $_; } @state));
5400 $tmp_hash = sprintf ('(G%s)', domino_encode
($salt_buf . $hash_buf, $domino_char));
5402 elsif ($mode == 8900)
5408 if (defined ($additional_param))
5410 $N = $additional_param;
5411 $r = $additional_param2;
5412 $p = $additional_param3;
5415 $hash_buf = scrypt_hash
($word_buf, $salt_buf, $N, $r, $p, 32);
5417 $tmp_hash = sprintf ('%s', $hash_buf);
5419 elsif ($mode == 9100)
5421 my $iterations = 5000;
5423 if (defined ($iter))
5425 $iterations = $iter;
5428 my $domino_char = undef;
5430 # domino 5 hash - SEC_pwddigest_V1 - -m 8600
5432 my @saved_key = map { ord $_; } split "", $word_buf;
5434 my $len = scalar @saved_key;
5436 my @state = domino_big_md
(\
@saved_key, $len);
5439 # domino 6 hash - SEC_pwddigest_V2 - -m 8700
5441 my $salt_part = substr ($salt_buf, 0, 5);
5443 my $str = "(" . unpack ("H*", join ("", (map { chr $_; } @state))) . ")";
5445 @saved_key = map { ord $_; } split "", $salt_part . uc $str;
5447 @state = domino_big_md
(\
@saved_key, 34);
5449 $hash_buf = join ("", (map { chr $_; } @state));
5451 $tmp_hash = sprintf ('(G%s)', domino_encode
($salt_part . $hash_buf, $domino_char));
5454 # domino 8(.5.x) hash - SEC_pwddigest_V3 - -m 9100
5456 my $pbkdf2 = Crypt
::PBKDF2
->new
5458 hash_class
=> 'HMACSHA1',
5459 iterations
=> $iterations,
5466 if (defined ($additional_param))
5468 $chars = $additional_param;
5471 my $digest_new = $pbkdf2->PBKDF2 ($salt_buf, $tmp_hash);
5473 my $iteration_str = "" . $iterations;
5475 for (my $i = length ($iterations); $i < 10; $i++)
5477 $iterations = "0" . $iterations;
5480 $tmp_hash = sprintf ('(H%s)', domino_85x_encode
($salt_buf . $iterations . $chars . $digest_new, $domino_char));
5482 elsif ($mode == 9200)
5484 my $iterations = 20000;
5486 my $pbkdf2 = Crypt
::PBKDF2
->new
5488 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256),
5489 iterations
=> $iterations
5492 $hash_buf = encode_base64
($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
5496 for (my $i = 0; $i < 43; $i++)
5498 $tmp_hash .= $CISCO_BASE64_MAPPING->{substr ($hash_buf, $i, 1)};
5501 $tmp_hash = sprintf ("\$8\$%s\$%s", $salt_buf, $tmp_hash);
5503 elsif ($mode == 9300)
5509 $hash_buf = scrypt_b64
($word_buf, $salt_buf, $N, $r, $p, 32);
5513 for (my $i = 0; $i < 43; $i++)
5515 $tmp_hash .= $CISCO_BASE64_MAPPING->{substr ($hash_buf, $i, 1)};
5518 $tmp_hash = sprintf ('$9$%s$%s', $salt_buf, $tmp_hash);
5520 elsif ($mode == 9400)
5522 my $iterations = 50000;
5526 $iterations = int ($iter);
5529 my $aes_key_size = 128; # or 256
5531 if (defined ($additional_param2))
5533 $aes_key_size = $additional_param2;
5536 $salt_buf = pack ("H*", $salt_buf);
5538 my $tmp = sha1
($salt_buf . encode
("UTF-16LE", $word_buf));
5540 for (my $i = 0; $i < $iterations; $i++)
5542 my $num32 = pack ("L", $i);
5544 $tmp = sha1
($num32 . $tmp);
5547 my $zero32 = pack ("L", 0x00);
5549 my $derivation_array1 = pack ("C", 0x36) x
64;
5550 my $derivation_array2 = pack ("C", 0x5C) x
64;
5552 $tmp = sha1
($tmp . $zero32);
5554 my $tmp2 = sha1
($derivation_array1 ^ $tmp);
5555 my $tmp3 = sha1
($derivation_array2 ^ $tmp);
5557 my $key = substr ($tmp2 . $tmp3, 0, $aes_key_size / 8);
5559 my $m = Crypt
::Mode
::ECB
->new ('AES', 0);
5563 if (defined $additional_param)
5565 $encdata = $m->decrypt (pack ("H*", $additional_param), $key);
5569 $encdata = "A" x
16; ## can be anything
5572 my $data1_buf = $encdata;
5573 my $data2_buf = sha1
(substr ($data1_buf, 0, 16));
5575 $data1_buf = substr ($data1_buf . ("\x00" x
16), 0, 16);
5576 $data2_buf = substr ($data2_buf . ("\x00" x
16), 0, 32);
5578 my $encrypted1 = unpack ("H*", $m->encrypt ($data1_buf, $key));
5579 my $encrypted2 = unpack ("H*", $m->encrypt ($data2_buf, $key));
5581 $encrypted1 = substr ($encrypted1, 0, 32);
5582 $encrypted2 = substr ($encrypted2, 0, 40);
5584 $tmp_hash = sprintf ("\$office\$*%d*%d*%d*%d*%s*%s*%s", 2007, 20, $aes_key_size, 16, unpack ("H*", $salt_buf), $encrypted1, $encrypted2);
5586 elsif ($mode == 9500)
5588 my $iterations = 100000;
5592 $iterations = int ($iter);
5595 $salt_buf = pack ("H*", $salt_buf);
5597 my $tmp = sha1
($salt_buf . encode
("UTF-16LE", $word_buf));
5599 for (my $i = 0; $i < $iterations; $i++)
5601 my $num32 = pack ("L", $i);
5603 $tmp = sha1
($num32 . $tmp);
5606 my $encryptedVerifierHashInputBlockKey = "\xfe\xa7\xd2\x76\x3b\x4b\x9e\x79";
5607 my $encryptedVerifierHashValueBlockKey = "\xd7\xaa\x0f\x6d\x30\x61\x34\x4e";
5609 my $final1 = sha1
($tmp . $encryptedVerifierHashInputBlockKey);
5610 my $final2 = sha1
($tmp . $encryptedVerifierHashValueBlockKey);
5612 my $key1 = substr ($final1, 0, 16);
5613 my $key2 = substr ($final2, 0, 16);
5615 my $cipher1 = Crypt
::CBC
->new ({
5617 cipher
=> "Crypt::Rijndael",
5625 my $cipher2 = Crypt
::CBC
->new ({
5627 cipher
=> "Crypt::Rijndael",
5637 if (defined $additional_param)
5639 $encdata = $cipher1->decrypt (pack ("H*", $additional_param));
5643 $encdata = "A" x
16; ## can be anything
5646 my $data1_buf = $encdata;
5647 my $data2_buf = sha1
(substr ($data1_buf, 0, 16));
5649 my $encrypted1 = unpack ("H*", $cipher1->encrypt ($data1_buf));
5650 my $encrypted2 = unpack ("H*", $cipher2->encrypt ($data2_buf));
5652 $encrypted2 = substr ($encrypted2, 0, 64);
5654 $tmp_hash = sprintf ("\$office\$*%d*%d*%d*%d*%s*%s*%s", 2010, 100000, 128, 16, unpack ("H*", $salt_buf), $encrypted1, $encrypted2);
5656 elsif ($mode == 9600)
5658 my $iterations = 100000;
5662 $iterations = int ($iter);
5665 $salt_buf = pack ("H*", $salt_buf);
5667 my $tmp = sha512
($salt_buf . encode
("UTF-16LE", $word_buf));
5669 for (my $i = 0; $i < $iterations; $i++)
5671 my $num32 = pack ("L", $i);
5673 $tmp = sha512
($num32 . $tmp);
5676 my $encryptedVerifierHashInputBlockKey = "\xfe\xa7\xd2\x76\x3b\x4b\x9e\x79";
5677 my $encryptedVerifierHashValueBlockKey = "\xd7\xaa\x0f\x6d\x30\x61\x34\x4e";
5679 my $final1 = sha512
($tmp . $encryptedVerifierHashInputBlockKey);
5680 my $final2 = sha512
($tmp . $encryptedVerifierHashValueBlockKey);
5682 my $key1 = substr ($final1, 0, 32);
5683 my $key2 = substr ($final2, 0, 32);
5685 my $cipher1 = Crypt
::CBC
->new ({
5687 cipher
=> "Crypt::Rijndael",
5695 my $cipher2 = Crypt
::CBC
->new ({
5697 cipher
=> "Crypt::Rijndael",
5707 if (defined $additional_param)
5709 $encdata = $cipher1->decrypt (pack ("H*", $additional_param));
5713 $encdata = "A" x
16; ## can be anything
5716 my $data1_buf = $encdata;
5717 my $data2_buf = sha512
(substr ($data1_buf, 0, 16));
5719 my $encrypted1 = unpack ("H*", $cipher1->encrypt ($data1_buf));
5720 my $encrypted2 = unpack ("H*", $cipher2->encrypt ($data2_buf));
5722 $encrypted2 = substr ($encrypted2, 0, 64);
5724 $tmp_hash = sprintf ("\$office\$*%d*%d*%d*%d*%s*%s*%s", 2013, 100000, 256, 16, unpack ("H*", $salt_buf), $encrypted1, $encrypted2);
5726 elsif ($mode == 9700)
5728 $salt_buf = pack ("H*", $salt_buf);
5730 my $tmp = md5
(encode
("UTF-16LE", $word_buf));
5732 $tmp = substr ($tmp, 0, 5);
5736 for (my $i = 0; $i < 16; $i++)
5744 $tmp = substr ($tmp, 0, 5);
5748 if (defined $additional_param2)
5750 $version = $additional_param2;
5754 $version = (unpack ("L", $tmp) & 1) ?
0 : 1;
5757 my $rc4_key = md5
($tmp . "\x00\x00\x00\x00");
5759 my $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5763 if (defined $additional_param)
5765 $encdata = $m->RC4 (pack ("H*", $additional_param));
5769 $encdata = "A" x
16; ## can be anything
5772 my $data1_buf = $encdata;
5773 my $data2_buf = md5
(substr ($data1_buf, 0, 16));
5775 $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5777 my $encrypted1 = $m->RC4 ($data1_buf);
5778 my $encrypted2 = $m->RC4 ($data2_buf);
5780 $tmp_hash = sprintf ("\$oldoffice\$%d*%s*%s*%s", $version, unpack ("H*", $salt_buf), unpack ("H*", $encrypted1), unpack ("H*", $encrypted2));
5782 elsif ($mode == 9800)
5784 $salt_buf = pack ("H*", $salt_buf);
5786 my $tmp = sha1
($salt_buf. encode
("UTF-16LE", $word_buf));
5790 if (defined $additional_param2)
5792 $version = $additional_param2;
5796 $version = (unpack ("L", $tmp) & 1) ?
3 : 4;
5799 my $rc4_key = sha1
($tmp . "\x00\x00\x00\x00");
5803 $rc4_key = substr ($rc4_key, 0, 5) . "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
5806 my $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5810 if (defined $additional_param)
5812 $encdata = $m->RC4 (pack ("H*", $additional_param));
5816 $encdata = "A" x
16; ## can be anything
5819 my $data1_buf = $encdata;
5820 my $data2_buf = sha1
(substr ($data1_buf, 0, 16));
5822 $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5824 my $encrypted1 = $m->RC4 ($data1_buf);
5825 my $encrypted2 = $m->RC4 ($data2_buf);
5827 $tmp_hash = sprintf ("\$oldoffice\$%d*%s*%s*%s", $version, unpack ("H*", $salt_buf), unpack ("H*", $encrypted1), unpack ("H*", $encrypted2));
5829 elsif ($mode == 9900)
5831 $tmp_hash = sprintf ("%s", md5_hex
($word_buf . "\0" x
(100 - length ($word_buf))));
5833 elsif ($mode == 10000)
5835 my $iterations = 10000;
5839 $iterations = int ($iter);
5842 my $pbkdf2 = Crypt
::PBKDF2
->new
5844 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256),
5845 iterations
=> $iterations
5848 $hash_buf = encode_base64
($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
5849 $hash_buf =~ s/[\r\n]//g;
5851 $tmp_hash = sprintf ("pbkdf2_sha256\$%i\$%s\$%s", $iterations, $salt_buf, $hash_buf);
5853 elsif ($mode == 10100)
5855 my $seed = pack ("H*", $salt_buf);
5857 my ($hi, $lo) = siphash
($word_buf, $seed);
5859 my $hi_s = sprintf ("%08x", $hi);
5860 my $lo_s = sprintf ("%08x", $lo);
5862 $hi_s =~ s/^(..)(..)(..)(..)$/$4$3$2$1/;
5863 $lo_s =~ s/^(..)(..)(..)(..)$/$4$3$2$1/;
5865 $tmp_hash = sprintf ("%s%s:2:4:%s", $hi_s, $lo_s, $salt_buf);
5867 elsif ($mode == 10200)
5869 my $challengeb64 = encode_base64
($salt_buf);
5870 $challengeb64 =~ s/[\r\n]//g;
5874 if (defined $additional_param)
5876 $username = $additional_param;
5883 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&md5
);
5885 my $responseb64 = encode_base64
($username . " " . $hash_buf);
5886 $responseb64 =~ s/[\r\n]//g;
5888 $tmp_hash = sprintf ('$cram_md5$%s$%s', $challengeb64, $responseb64);
5890 elsif ($mode == 10300)
5892 my $iterations = 1024;
5896 $iterations = int ($iter);
5899 my $hash_buf = $salt_buf;
5901 for (my $pos = 0; $pos < $iterations; $pos++)
5903 $hash_buf = sha1
($word_buf . $hash_buf);
5906 $hash_buf = encode_base64
($hash_buf . $salt_buf);
5907 $hash_buf =~ s/[\r\n]//g;
5909 $tmp_hash = sprintf ("{x-issha, %i}%s", $iterations, $hash_buf);
5911 elsif ($mode == 10400)
5914 my $u = $additional_param;
5915 my $o = $additional_param2;
5916 my $P = $additional_param3;
5918 if (defined $u == 0)
5923 if (defined $o == 0)
5928 if (defined $P == 0)
5935 for (my $i = 0; $i < 32; $i++)
5937 $padding .= pack ("C", $pdf_padding[$i]);
5940 my $res = pdf_compute_encryption_key
($word_buf, $padding, $id, $u, $o, $P, 1, 2, 0);
5942 my $m = Crypt
::RC4
->new (substr ($res, 0, 5));
5944 $u = $m->RC4 ($padding);
5946 $tmp_hash = sprintf ('$pdf$%d*%d*40*%d*%d*16*%s*32*%s*32*%s', 1, 2, $P, 0, $id, unpack ("H*", $u), $o);
5948 elsif ($mode == 10500)
5951 my $u = $additional_param;
5952 my $o = $additional_param2;
5953 my $P = $additional_param3;
5954 my $V = $additional_param4;
5955 my $R = $additional_param5;
5956 my $enc = $additional_param6;
5958 if (defined $u == 0)
5965 if (defined $o == 0)
5970 if (defined $R == 0)
5972 $R = get_random_num
(3, 5);
5975 if (defined $V == 0)
5977 $V = ($R == 3) ?
2 : 4;
5980 if (defined $P == 0)
5982 $P = ($R == 3) ?
-4 : -1028;
5985 if (defined $enc == 0)
5987 $enc = ($R == 3) ?
1 : get_random_num
(0, 2);
5992 for (my $i = 0; $i < 32; $i++)
5994 $padding .= pack ("C", $pdf_padding[$i]);
5997 my $res = pdf_compute_encryption_key
($word_buf, $padding, $id, $u, $o, $P, $V, $R, $enc);
5999 my $digest = md5
($padding . pack ("H*", $id));
6001 my $m = Crypt
::RC4
->new ($res);
6003 $u = $m->RC4 ($digest);
6005 my @ress = split "", $res;
6007 for (my $x = 1; $x <= 19; $x++)
6011 for (my $i = 0; $i < 16; $i++)
6013 $xor[$i] = chr (ord ($ress[$i]) ^ $x);
6016 my $s = join ("", @xor);
6018 my $m2 = Crypt
::RC4
->new ($s);
6023 $u .= substr (pack ("H*", $u_save), 16, 16);
6025 $tmp_hash = sprintf ('$pdf$%d*%d*128*%d*%d*16*%s*32*%s*32*%s', $V, $R, $P, $enc, $id, unpack ("H*", $u), $o);
6027 elsif ($mode == 10600)
6030 my $rest = $additional_param;
6032 if (defined $id == 0)
6037 if (defined $rest == 0)
6043 $rest .= "*127*00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000";
6046 my @data = split /\*/, $rest;
6048 my $u = pack ("H*", $data[1]);
6050 my $h = sha256
($word_buf . substr ($u, 32, 8));
6052 $data[1] = unpack ("H*", $h . substr ($u, 32));
6054 $rest = join ("*", @data);
6056 $tmp_hash = sprintf ('$pdf$5*5*256*-1028*1*16*%s*%s', $id, $rest);
6058 elsif ($mode == 10700)
6061 my $rest = $additional_param;
6063 if (defined $id == 0)
6068 if (defined $rest == 0)
6074 $rest .= "*127*00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000";
6077 my @datax = split /\*/, $rest;
6079 my $u = pack ("H*", $datax[1]);
6081 my $block = sha256
($word_buf . substr ($u, 32, 8));
6083 my $block_size = 32;
6085 my $data = 0x00 x
64;
6091 for (my $i = 0; $i < 64 || $i < $data63 + 32; $i++)
6093 $data = $word_buf . $block;
6095 $data_len = length ($data);
6097 for (my $k = 1; $k < 64; $k++)
6099 $data .= $word_buf . $block;
6102 my $aes = Crypt
::CBC
->new ({
6103 key
=> substr ($block, 0, 16),
6104 cipher
=> "Crypt::Rijndael",
6105 iv
=> substr ($block, 16, 16),
6112 my $data = $aes->encrypt ($data);
6116 for (my $j = 0; $j < 16; $j++)
6118 $sum += ord (substr ($data, $j, 1));
6121 $block_size = 32 + ($sum % 3) * 16;
6123 if ($block_size == 32)
6125 $block = sha256
(substr ($data, 0, $data_len * 64));
6127 elsif ($block_size == 48)
6129 $block = sha384
(substr ($data, 0, $data_len * 64));
6131 elsif ($block_size == 64)
6133 $block = sha512
(substr ($data, 0, $data_len * 64));
6136 $data63 = ord (substr ($data, $data_len * 64 - 1, 1));
6139 $datax[1] = unpack ("H*", substr ($block, 0, 32) . substr ($u, 32));
6141 $rest = join ("*", @datax);
6143 $tmp_hash = sprintf ('$pdf$5*6*256*-1028*1*16*%s*%s', $id, $rest);
6145 elsif ($mode == 10800)
6147 $hash_buf = sha384_hex
($word_buf);
6149 $tmp_hash = sprintf ("%s", $hash_buf);
6151 elsif ($mode == 10900)
6153 my $iterations = 1000;
6157 $iterations = int ($iter);
6162 if (defined $additional_param)
6164 $out_len = $additional_param;
6167 my $pbkdf2 = Crypt
::PBKDF2
->new
6169 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256),
6170 iterations
=> $iterations,
6171 output_len
=> $out_len
6174 $hash_buf = encode_base64
($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
6175 $hash_buf =~ s/[\r\n]//g;
6177 my $base64_salt_buf = encode_base64
($salt_buf);
6179 chomp ($base64_salt_buf);
6181 $tmp_hash = sprintf ("sha256:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6183 elsif ($mode == 11000)
6185 $hash_buf = md5_hex
($salt_buf . $word_buf);
6187 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
6189 elsif ($mode == 11100)
6191 my $user = "postgres";
6193 if (defined $additional_param)
6195 $user = $additional_param;
6198 $hash_buf = md5_hex
(md5_hex
($word_buf . $user) . pack ("H*", $salt_buf));
6200 $tmp_hash = sprintf ("\$postgres\$%s*%s*%s", $user, $salt_buf, $hash_buf);
6202 elsif ($mode == 11200)
6204 my $sha1_pass = sha1
($word_buf);
6205 my $double_sha1 = sha1
($sha1_pass);
6207 my $xor_part1 = $sha1_pass;
6208 my $xor_part2 = sha1
(pack ("H*", $salt_buf) . $double_sha1);
6212 for (my $i = 0; $i < 20; $i++)
6214 my $first_byte = substr ($xor_part1, $i, 1);
6215 my $second_byte = substr ($xor_part2, $i, 1);
6217 my $xor_result = $first_byte ^ $second_byte;
6219 $hash_buf .= unpack ("H*", $xor_result);
6222 $tmp_hash = sprintf ("\$mysqlna\$%s*%s", $salt_buf, $hash_buf);
6224 elsif ($mode == 11300)
6226 my $ckey_buf = get_random_string
(96);
6228 if (length ($additional_param))
6230 $ckey_buf = $additional_param;
6233 my $public_key_buf = get_random_string
(66);
6235 if (length ($additional_param2))
6237 $public_key_buf = $additional_param2;
6240 my $salt_iter = get_random_num
(150000, 250000);
6244 $salt_iter = int ($iter);
6247 my $hash_buf = sha512
($word_buf . pack ("H*", $salt_buf));
6249 for (my $i = 1; $i < $salt_iter; $i++)
6251 $hash_buf = sha512
($hash_buf);
6254 my $data = get_random_string
(32);
6256 my $aes = Crypt
::CBC
->new ({
6257 key
=> substr ($hash_buf, 0, 32),
6258 cipher
=> "Crypt::Rijndael",
6259 iv
=> substr ($hash_buf, 32, 16),
6263 padding
=> "standard",
6266 my $cry_master_buf = (unpack ("H*", $aes->encrypt ($data)));
6268 $tmp_hash = sprintf ('$bitcoin$%d$%s$%d$%s$%d$%d$%s$%d$%s',
6269 length ($cry_master_buf),
6276 length ($public_key_buf),
6279 elsif ($mode == 11400)
6281 my ($directive, $URI_server, $URI_client, $user, $realm, $nonce, $nonce_count, $nonce_client, $qop, $method, $URI, $URI_prefix, $URI_resource, $URI_suffix);
6283 $directive = "MD5"; # only directive currently supported
6285 if (defined ($additional_param))
6287 $user = $additional_param;
6288 $realm = $additional_param2;
6290 $nonce_count = $additional_param3;
6291 $nonce_client = $additional_param4;
6292 $qop = $additional_param5;
6293 $method = $additional_param6;
6295 $URI_prefix = $additional_param7;
6296 $URI_resource = $additional_param8;
6297 $URI_suffix = $additional_param9;
6299 # not needed information
6301 $URI_server = $additional_param10;
6302 $URI_client = $additional_param11;
6306 $user = get_random_string
(get_random_num
(0, 12 + 1));
6308 # special limit: (user_len + 1 + realm_len + 1 + word_buf_len) < 56
6309 my $realm_max_len = 55 - length ($user) - 1 - length ($word_buf) - 1;
6311 if ($realm_max_len < 1) # should never happen
6316 $realm_max_len = min
(20, $realm_max_len);
6318 $realm = get_random_string
(get_random_num
(0, $realm_max_len + 1));
6322 if (get_random_num
(0, 1 + 1) == 1)
6326 $nonce_count = get_random_string
(get_random_num
(0, 10 + 1));
6327 $nonce_client = get_random_string
(get_random_num
(0, 12 + 1));
6337 $method = get_random_string
(get_random_num
(0, 24 + 1));
6339 $URI_prefix = get_random_string
(get_random_num
(0, 10 + 1));
6340 $URI_resource = get_random_string
(get_random_num
(1, 32 + 1));
6341 $URI_suffix = get_random_string
(get_random_num
(0, 32 + 1));
6343 # not needed information
6345 $URI_server = get_random_string
(get_random_num
(0, 32 + 1));
6346 $URI_client = $URI_resource; # simplification
6353 if (length ($URI_prefix) > 0)
6355 $URI = $URI_prefix . ":";
6358 $URI .= $URI_resource;
6360 if (length ($URI_suffix) > 0)
6362 $URI .= ":" . $URI_suffix;
6365 my $HA2 = md5_hex
($method . ":" . $URI);
6367 my $HA1 = md5_hex
($user . ":" . $realm . ":" . $word_buf);
6371 if (($qop eq "auth") || ($qop eq "auth-int"))
6373 $tmp_buf = $nonce . ":" . $nonce_count . ":" . $nonce_client . ":" . $qop;
6380 my $hash_buf = md5_hex
($HA1 . ":" . $tmp_buf . ":" . $HA2);
6382 $tmp_hash = sprintf ("\$sip\$*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s", $URI_server, $URI_resource, $user, $realm, $method, $URI_prefix, $URI_resource, $URI_suffix, $nonce, $nonce_client, $nonce_count, $qop, $directive, $hash_buf);
6384 elsif ($mode == 11500)
6386 $hash_buf = crc32
($word_buf);
6388 $tmp_hash = sprintf ("%08x:00000000", $hash_buf);
6390 elsif ($mode == 11600)
6392 my ($p, $num_cycle_power, $seven_zip_salt_len, $seven_zip_salt_buf, $salt_len, $data_len, $unpack_size, $data_buf);
6396 my $validation_only = 0;
6398 $validation_only = 1 if (defined ($additional_param));
6400 if ($validation_only == 1)
6402 $num_cycle_power = int ($iter);
6403 $seven_zip_salt_len = $additional_param;
6404 $seven_zip_salt_buf = $additional_param2;
6405 $salt_len = $additional_param3;
6406 # $salt_buf set in parser
6407 # $hash_buf (resulting crc)
6408 $data_len = $additional_param4;
6409 $unpack_size = $additional_param5;
6410 $data_buf = $additional_param6;
6414 $num_cycle_power = 14; # by default it is 19
6415 $seven_zip_salt_len = 0;
6416 $seven_zip_salt_buf = "";
6417 $salt_len = length ($salt_buf);
6418 # $salt_buf set automatically
6419 # $hash_buf (resulting crc)
6420 # $data_len will be set when encrypting
6421 $unpack_size = get_random_num
(1, 32 + 1);
6422 $data_buf = get_random_string
($unpack_size);
6426 # 2 ^ NumCyclesPower "iterations" of SHA256 (only one final SHA256)
6429 $word_buf = encode
("UTF-16LE", $word_buf);
6431 my $rounds = 1 << $num_cycle_power;
6435 for (my $i = 0; $i < $rounds; $i++)
6439 $num_buf .= pack ("V", $i);
6440 $num_buf .= "\x00" x
4;
6442 # this would be better but only works on 64-bit systems:
6443 # $num_buf = pack ("q", $i);
6445 $pass_buf .= sprintf ("%s%s", $word_buf, $num_buf);
6448 my $key = sha256
($pass_buf);
6450 # the salt_buf is our IV for AES CBC
6453 my $salt_buf_len = length ($salt_buf);
6454 my $salt_padding_len = 0;
6456 if ($salt_buf_len < 16)
6458 $salt_padding_len = 16 - $salt_buf_len;
6461 $salt_buf .= "\x00" x
$salt_padding_len;
6463 my $aes = Crypt
::CBC
->new ({
6464 cipher
=> "Crypt::Rijndael",
6472 if ($validation_only == 1)
6476 my $decrypted_data = $aes->decrypt ($data_buf);
6478 $decrypted_data = substr ($decrypted_data, 0, $unpack_size);
6480 $hash_buf = crc32
($decrypted_data);
6486 $hash_buf = crc32
($data_buf);
6488 $data_buf = $aes->encrypt ($data_buf);
6490 $data_len = length ($data_buf);
6493 $tmp_hash = sprintf ("\$7z\$%i\$%i\$%i\$%s\$%i\$%08s\$%u\$%u\$%u\$%s", $p, $num_cycle_power, $seven_zip_salt_len, $seven_zip_salt_buf, $salt_len, unpack ("H*", $salt_buf), $hash_buf, $data_len, $unpack_size, unpack ("H*", $data_buf));
6495 elsif ($mode == 11900)
6497 my $iterations = 1000;
6501 $iterations = int ($iter);
6506 if (defined $additional_param)
6508 $out_len = $additional_param;
6512 # call PHP here - WTF
6515 # sanitize $word_buf and $salt_buf:
6517 my $word_buf_base64 = encode_base64
($word_buf);
6518 $word_buf_base64 =~ s/[\r\n]//g;
6520 my $salt_buf_base64 = encode_base64
($salt_buf);
6521 $salt_buf_base64 =~ s/[\r\n]//g;
6525 $out_len = int ($out_len);
6527 # output is in hex encoding, otherwise it could be screwed (but shouldn't)
6529 my $php_code = <<'END_CODE';
6531 function pbkdf2 ($algorithm, $password, $salt, $count, $key_length, $raw_output = false)
6533 $algorithm = strtolower ($algorithm);
6535 if (! in_array ($algorithm, hash_algos (), true))
6537 trigger_error ("PBKDF2 ERROR: Invalid hash algorithm.", E_USER_ERROR);
6540 if ($count <= 0 || $key_length <= 0)
6542 trigger_error ("PBKDF2 ERROR: Invalid parameters.", E_USER_ERROR);
6545 if (function_exists ("hash_pbkdf2"))
6549 $key_length = $key_length * 2;
6552 return hash_pbkdf2 ($algorithm, $password, $salt, $count, $key_length, $raw_output);
6555 $hash_length = strlen (hash ($algorithm, "", true));
6556 $block_count = ceil ($key_length / $hash_length);
6560 for ($i = 1; $i <= $block_count; $i++)
6562 $last = $salt . pack ("N", $i);
6564 $last = $xorsum = hash_hmac ($algorithm, $last, $password, true);
6566 for ($j = 1; $j < $count; $j++)
6568 $xorsum ^= ($last = hash_hmac ($algorithm, $last, $password, true));
6576 return substr ($output, 0, $key_length);
6580 return bin2hex (substr ($output, 0, $key_length));
6584 print pbkdf2 ("md5", base64_decode ("$word_buf_base64"), base64_decode ("$salt_buf_base64"), $iterations, $out_len, False);
6588 # replace with these command line arguments
6590 $php_code =~ s/\$word_buf_base64/$word_buf_base64/;
6591 $php_code =~ s/\$salt_buf_base64/$salt_buf_base64/;
6592 $php_code =~ s/\$iterations/$iterations/;
6593 $php_code =~ s/\$out_len/$out_len/;
6595 my $php_output = `php -r '$php_code'`;
6597 $hash_buf = pack ("H*", $php_output);
6599 $hash_buf = encode_base64 ($hash_buf);
6600 $hash_buf =~ s/[\r\n]//g;
6602 my $base64_salt_buf = encode_base64 ($salt_buf);
6604 chomp ($base64_salt_buf);
6606 $tmp_hash = sprintf ("md5:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6608 elsif ($mode == 12000)
6610 my $iterations = 1000;
6614 $iterations = int ($iter);
6619 if (defined $additional_param)
6621 $out_len = $additional_param;
6624 my $pbkdf2 = Crypt::PBKDF2->new
6626 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1'),
6627 iterations => $iterations,
6628 output_len => $out_len
6631 $hash_buf = encode_base64 ($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
6632 $hash_buf =~ s/[\r\n]//g;
6634 my $base64_salt_buf = encode_base64 ($salt_buf);
6636 chomp ($base64_salt_buf);
6638 $tmp_hash = sprintf ("sha1:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6640 elsif ($mode == 12100)
6642 my $iterations = 1000;
6646 $iterations = int ($iter);
6651 if (defined $additional_param)
6653 $out_len = $additional_param;
6656 my $pbkdf2 = Crypt::PBKDF2->new
6658 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 512),
6659 iterations => $iterations,
6660 output_len => $out_len
6663 $hash_buf = encode_base64 ($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
6664 $hash_buf =~ s/[\r\n]//g;
6666 my $base64_salt_buf = encode_base64 ($salt_buf);
6668 chomp ($base64_salt_buf);
6670 $tmp_hash = sprintf ("sha512:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6672 elsif ($mode == 12200)
6674 my $iterations = 65536;
6676 my $default_salt = 0;
6678 if (defined $additional_param)
6680 $default_salt = int ($additional_param);
6683 if ($default_salt == 1)
6685 $salt_buf = "0011223344556677";
6688 $hash_buf = sha512 (pack ("H*", $salt_buf) . $word_buf);
6690 for (my $i = 0; $i < $iterations; $i++)
6692 $hash_buf = sha512 ($hash_buf);
6695 $hash_buf = unpack ("H*", $hash_buf);
6696 $hash_buf = substr ($hash_buf, 0, 16);
6698 if ($default_salt == 0)
6700 $tmp_hash = sprintf ("\$ecryptfs\$0\$1\$%s\$%s", $salt_buf, $hash_buf);
6704 $tmp_hash = sprintf ("\$ecryptfs\$0\$%s", $hash_buf);
6707 elsif ($mode == 12300)
6709 my $iterations = 4096;
6711 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 512);
6713 my $pbkdf2 = Crypt::PBKDF2->new (
6715 iterations => $iterations,
6719 my $salt_bin = pack ("H*", $salt_buf);
6721 my $key = $pbkdf2->PBKDF2 ($salt_bin. "AUTH_PBKDF2_SPEEDY_KEY", $word_buf);
6723 $hash_buf = sha512_hex ($key . $salt_bin);
6725 $tmp_hash = sprintf ("%s%s", uc ($hash_buf), uc ($salt_buf));
6727 elsif ($mode == 12400)
6733 $iterations = int ($iter);
6737 $iterations = get_random_num (1, 5001 + 1);
6740 my $key_value = fold_password ($word_buf);
6742 my $data = "\x00\x00\x00\x00\x00\x00\x00\x00";
6743 my $salt_value = base64_to_int24 ($salt_buf);
6745 $hash_buf = crypt_rounds ($key_value, $iterations, $salt_value, $data);
6747 $tmp_hash = sprintf ("_%s%s%s", int24_to_base64 ($iterations), $salt_buf, block_to_base64 ($hash_buf));
6749 elsif ($mode == 12600)
6751 $hash_buf = sha1_hex ($word_buf);
6753 $hash_buf = sha256_hex ($salt_buf . uc $hash_buf);
6755 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
6757 elsif ($mode == 12700)
6759 my $iterations = 10;
6762 "guid" : "00000000-0000-0000-0000-000000000000",
6763 "sharedKey" : "00000000-0000-0000-0000-000000000000",
6764 "options" : {"pbkdf2_iterations":10,"fee_policy":0,"html5_notifications":false,"logout_time":600000,"tx_display":0,"always_keep_local_backup":false}|;
6766 my $salt_buf_bin = pack ("H*", $salt_buf);
6768 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1');
6770 my $pbkdf2 = Crypt::PBKDF2->new (
6772 iterations => $iterations,
6776 my $key = $pbkdf2->PBKDF2 ($salt_buf_bin, $word_buf);
6778 my $cipher = Crypt::CBC->new ({
6780 cipher => "Crypt::Rijndael",
6781 iv => $salt_buf_bin,
6787 my $encrypted = unpack ("H*", $cipher->encrypt ($data));
6789 $tmp_hash = sprintf ("\$blockchain\$%s\$%s", length ($salt_buf . $encrypted) / 2, $salt_buf . $encrypted);
6791 elsif ($mode == 12800)
6793 my $iterations = 100;
6797 $iterations = int ($iter);
6800 my $nt = md4_hex (encode ("UTF-16LE", $word_buf));
6802 my $pbkdf2 = Crypt::PBKDF2->new
6804 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
6805 iterations => $iterations,
6809 my $salt_buf_bin = pack ("H*", $salt_buf);
6811 my $hash = $pbkdf2->PBKDF2 ($salt_buf_bin, uc (encode ("UTF-16LE", $nt)));
6813 $tmp_hash = sprintf ("v1;PPH1_MD4,%s,%d,%s", $salt_buf, $iterations, unpack ("H*", $hash));
6815 elsif ($mode == 12900)
6817 my $iterations = 4096;
6821 $iterations = int ($iter);
6824 my $salt2 = $salt_buf . $salt_buf;
6826 if (defined $additional_param)
6828 $salt2 = $additional_param;
6831 my $pbkdf2 = Crypt::PBKDF2->new
6833 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
6834 iterations => $iterations,
6838 my $salt_buf_bin = pack ("H*", $salt_buf);
6840 my $hash = $pbkdf2->PBKDF2 ($salt_buf_bin, $word_buf);
6842 my $salt2_bin = pack ("H*", $salt2);
6844 my $hash_hmac = hmac_hex ($salt2_bin, $hash, \&sha256, 64);
6846 $tmp_hash = sprintf ("%s%s%s", $salt2, $hash_hmac, $salt_buf);
6848 elsif ($mode == 13000)
6850 my $iterations = 15;
6854 $iterations = int ($iter);
6859 if (defined $additional_param)
6861 $iv = $additional_param;
6864 my $pbkdf2 = Crypt::PBKDF2->new
6866 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
6867 iterations => (1 << $iterations) + 32,
6871 my $salt_buf_bin = pack ("H*", $salt_buf);
6873 my $hash = $pbkdf2->PBKDF2 ($salt_buf_bin, $word_buf);
6875 my $hash_final = substr ($hash, 0, 8)
6876 ^ substr ($hash, 8, 8)
6877 ^ substr ($hash, 16, 8)
6878 ^ substr ($hash, 24, 8);
6880 $tmp_hash = sprintf ('$rar5$16$%s$%d$%s$8$%s', $salt_buf, $iterations, $iv, unpack ("H*", $hash_final));
6882 elsif ($mode == 13100)
6884 my @salt_arr = split ('\$', $salt_buf);
6886 my $user = $salt_arr[0];
6888 my $realm = $salt_arr[1];
6890 my $spn = $salt_arr[2];
6892 my $nonce = $salt_arr[3];
6894 my $cleartext_ticket = '6381b03081ada00703050050a00000a11b3019a003020117a1'.
6895 '12041058e0d77776e8b8e03991f2966939222aa2171b154d594b5242544553542e434f4e5'.
6896 '44f534f2e434f4da3133011a003020102a10a30081b067472616e6365a40b3009a0030201'.
6897 '01a1020400a511180f32303136303231353134343735305aa611180f32303136303231353'.
6898 '134343735305aa711180f32303136303231363030343735305aa811180f32303136303232'.
6901 $cleartext_ticket = $nonce . $cleartext_ticket;
6903 my $k = md4 (encode ("UTF-16LE", $word_buf));
6905 my $k1 = hmac_md5 ("\x02\x00\x00\x00", $k);
6907 my $checksum = hmac_md5 (pack ("H*", $cleartext_ticket), $k1);
6909 my $k3 = hmac_md5 ($checksum, $k1);
6911 my $cipher = Crypt::RC4->new ($k3);
6913 my $edata2 = $cipher->RC4 (pack ("H*", $cleartext_ticket));
6915 $tmp_hash = sprintf ('$krb5tgs$23$*%s$%s$%s*$%s$%s', $user, $realm, $spn, unpack ("H*", $checksum), unpack ("H*", $edata2));
6917 elsif ($mode == 13200)
6919 my @salt_arr = split ('\*', $salt_buf);
6921 my $iteration = $salt_arr[0];
6923 my $mysalt = $salt_arr[1];
6925 $mysalt = pack ("H*", $mysalt);
6927 my $DEK = randbytes (16);
6929 my $iv = "a6a6a6a6a6a6a6a6";
6931 my $KEK = sha1($word_buf);
6933 $KEK = substr ($KEK ^ $mysalt, 0, 16);
6935 my $aes = Crypt::Mode::ECB->new ('AES');
6937 my @R = ('', substr(pack ("H*",$DEK),0,8), substr(pack ("H*",$DEK),8,16));
6941 my $A = pack ("H*", $iv);
6943 for (my $j = 0; $j < $iteration; $j++)
6945 $B = $aes->encrypt ($A . $R[1], $KEK);
6947 $A = substr ($B, 0, 8) ^ pack ("q", (2 * $j + 1));
6949 $R[1] = substr ($B, 8, 16);
6951 $B = $aes->encrypt ($A . $R[2], $KEK);
6953 $A = substr ($B, 0, 8) ^ pack ("q", (2 * $j + 2));
6955 $R[2] = substr ($B, 8, 16);
6958 my $wrapped_key = unpack ("H*", $A . substr ($R[1], 0 ,8) . substr ($R[2], 0 ,8));
6960 $mysalt = unpack ("H*", $mysalt);
6962 $tmp_hash = sprintf ('$axcrypt$*1*%s*%s*%s', $iteration, $mysalt, $wrapped_key);
6964 elsif ($mode == 13300)
6966 $hash_buf = sha1_hex ($word_buf);
6968 $tmp_hash = sprintf ('$axcrypt_sha1$%s', substr ($hash_buf, 0, 32));
6972 elsif ($mode == 13400)
6974 my @salt_arr = split ('\*', $salt_buf);
6976 my $version = $salt_arr[0];
6978 my $iteration = $salt_arr[1];
6980 my $algorithm = $salt_arr[2];
6982 my $final_random_seed = $salt_arr[3];
6984 my $transf_random_seed = $salt_arr[4];
6986 my $enc_iv = $salt_arr[5];
6990 # specific to version 1
6995 # specific to version 2
6998 # specific to keyfile handling
6999 my $inline_keyfile_flag;
7001 my $keyfile_content;
7002 my $keyfile_attributes = "";
7004 $final_random_seed = pack ("H*", $final_random_seed);
7006 $transf_random_seed = pack ("H*", $transf_random_seed);
7008 $enc_iv = pack ("H*", $enc_iv);
7010 my $intermediate_hash = sha256 ($word_buf);
7014 $contents_hash = $salt_arr[6];
7015 $contents_hash = pack ("H*", $contents_hash);
7017 $inline_flag = $salt_arr[7];
7019 $contents_len = $salt_arr[8];
7021 $contents = $salt_arr[9];
7022 $contents = pack ("H*", $contents);
7025 if (scalar @salt_arr == 13)
7027 $inline_keyfile_flag = $salt_arr[10];
7029 $keyfile_len = $salt_arr[11];
7031 $keyfile_content = $salt_arr[12];
7033 $keyfile_attributes = $keyfile_attributes
7034 . "*" . $inline_keyfile_flag
7035 . "*" . $keyfile_len
7036 . "*" . $keyfile_content;
7038 $intermediate_hash = $intermediate_hash . pack ("H*", $keyfile_content);
7039 $intermediate_hash = sha256 ($intermediate_hash);
7042 elsif ($version == 2)
7045 if (scalar @salt_arr == 11)
7047 $inline_keyfile_flag = $salt_arr[8];
7049 $keyfile_len = $salt_arr[9];
7051 $keyfile_content = $salt_arr[10];
7053 $intermediate_hash = $intermediate_hash . pack ("H*", $keyfile_content);
7055 $keyfile_attributes = $keyfile_attributes
7056 . "*" . $inline_keyfile_flag
7057 . "*" . $keyfile_len
7058 . "*" . $keyfile_content;
7061 $intermediate_hash = sha256 ($intermediate_hash);
7064 my $aes = Crypt::Mode::ECB->new ('AES', 1);
7066 for (my $j = 0; $j < $iteration; $j++)
7068 $intermediate_hash = $aes->encrypt ($intermediate_hash, $transf_random_seed);
7070 $intermediate_hash = substr ($intermediate_hash, 0, 32);
7073 $intermediate_hash = sha256 ($intermediate_hash);
7075 my $final_key = sha256 ($final_random_seed . $intermediate_hash);
7077 my $final_algorithm;
7079 if ($version == 1 && $algorithm == 1)
7081 $final_algorithm = "Crypt::Twofish";
7085 $final_algorithm = "Crypt::Rijndael";
7088 my $cipher = Crypt::CBC->new ({
7090 cipher => $final_algorithm,
7099 $contents_hash = sha256 ($contents);
7101 $contents = $cipher->encrypt($contents);
7103 $tmp_hash = sprintf ('$keepass$*%d*%d*%d*%s*%s*%s*%s*%d*%d*%s%s',
7107 unpack ("H*", $final_random_seed),
7108 unpack ("H*", $transf_random_seed),
7109 unpack ("H*", $enc_iv),
7110 unpack ("H*", $contents_hash),
7113 unpack ("H*", $contents),
7114 $keyfile_attributes);
7118 $expected_bytes = $salt_arr[6];
7120 $contents_hash = $salt_arr[7];
7121 $contents_hash = pack ("H*", $contents_hash);
7123 $expected_bytes = $cipher->decrypt($contents_hash);
7125 $tmp_hash = sprintf ('$keepass$*%d*%d*%d*%s*%s*%s*%s*%s%s',
7129 unpack ("H*", $final_random_seed),
7130 unpack ("H*", $transf_random_seed),
7131 unpack ("H*", $enc_iv),
7132 unpack ("H*", $expected_bytes),
7133 unpack ("H*", $contents_hash),
7134 $keyfile_attributes);
7145 my $word_len = shift;
7147 my $salt_len = shift;
7151 $max = 15 if ($mode == 2410);
7153 if ($is_unicode{$mode})
7155 if (! $allow_long_salt{$mode})
7157 $word_len = min ($word_len, int ($max / 2) - $salt_len);
7161 $word_len = min ($word_len, int ($max / 2));
7164 elsif ($less_fifteen{$mode})
7166 $word_len = min ($word_len, 15);
7170 $salt_len = min ($salt_len, 15 - $word_len);
7175 if (! $allow_long_salt{$mode})
7177 $word_len = min ($word_len, $max - $salt_len);
7196 for (my $i = 0; $i < $salt_len; $i++)
7198 my $c = get_random_chr (0x30, 0x39);
7200 push (@salt_arr, $c);
7203 $salt_buf = join ("", @salt_arr);
7205 $salt_buf = get_random_md5chap_salt ($salt_buf);
7207 elsif ($mode == 5300 || $mode == 5400)
7209 $salt_buf = get_random_ike_salt ();
7211 elsif ($mode == 5500)
7213 $salt_buf = get_random_netntlmv1_salt ($salt_len, $salt_len);
7215 elsif ($mode == 5600)
7217 $salt_buf = get_random_netntlmv2_salt ($salt_len, $salt_len);
7219 elsif ($mode == 6600)
7221 $salt_buf = get_random_agilekeychain_salt ();
7223 elsif ($mode == 8200)
7225 $salt_buf = get_random_cloudkeychain_salt ();
7227 elsif ($mode == 8300)
7229 $salt_buf = get_random_dnssec_salt ();
7231 elsif ($mode == 13100)
7233 $salt_buf = get_random_kerberos5_tgs_salt ();
7235 elsif ($mode == 13200)
7237 $salt_buf = get_random_axcrypt_salt ();
7239 elsif ($mode == 13400)
7241 $salt_buf = get_random_keepass_salt ();
7247 for (my $i = 0; $i < $salt_len; $i++)
7249 my $c = get_random_chr (0x30, 0x39);
7251 push (@salt_arr, $c);
7254 $salt_buf = join ("", @salt_arr);
7258 $salt_buf = get_random_kerberos5_salt ($salt_buf);
7268 for (my $i = 0; $i < $word_len; $i++)
7270 my $c = get_random_chr (0x30, 0x39);
7272 push (@word_arr, $c);
7275 my $word_buf = join ("", @word_arr);
7281 my $tmp_hash = gen_hash ($mode, $word_buf, $salt_buf);
7294 print sprintf ("echo -n %-20s | %s \${OPTS} %s %4d '%s'\n", $word_buf, @cmd);
7306 sub get_random_string
7312 for (my $i = 0; $i < $len; $i++)
7314 my $c = get_random_chr (0x30, 0x39);
7319 my $buf = join ("", @arr);
7329 return int ((rand ($max - $min)) + $min);
7334 return chr get_random_num (@_);
7343 for (my $i = 0; $i < length ($str); $i += 4)
7345 my $num = domino_base64_decode (substr ($str, $i, 4), 4);
7347 $decoded .= chr (($num >> 16) & 0xff) . chr (($num >> 8) & 0xff) . chr ($num & 0xff);
7354 $salt = substr ($decoded, 0, 5);
7356 my $byte10 = (ord (substr ($salt, 3, 1)) - 4);
7360 $byte10 = 256 + $byte10;
7363 substr ($salt, 3, 1) = chr ($byte10);
7365 $digest = substr ($decoded, 5, 9);
7366 $char = substr ($str, 18, 1);
7368 return ($digest, $salt, $char);
7371 sub domino_85x_decode
7377 for (my $i = 0; $i < length ($str); $i += 4)
7379 my $num = domino_base64_decode (substr ($str, $i, 4), 4);
7381 $decoded .= chr (($num >> 16) & 0xff) . chr (($num >> 8) & 0xff) . chr ($num & 0xff);
7386 my $iterations = -1;
7389 $salt = substr ($decoded, 0, 16); # longer than -m 8700 (5 vs 16 <- new)
7391 my $byte10 = (ord (substr ($salt, 3, 1)) - 4);
7395 $byte10 = 256 + $byte10;
7398 substr ($salt, 3, 1) = chr ($byte10);
7400 $iterations = substr ($decoded, 16, 10);
7402 if ($iterations =~ /^?d*$/)
7406 $iterations = $iterations + 0; # hack: make sure it is an int now (atoi ())
7407 $chars = substr ($decoded, 26, 2); # in my example it is "02"
7408 $digest = substr ($decoded, 28, 8); # only of length of 8 vs 20 SHA1 bytes
7411 return ($digest, $salt, $iterations, $chars);
7414 sub domino_base64_decode
7419 my $itoa64 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
7427 my $idx = (index ($itoa64, substr ($v, $n - $i, 1))) & 0x3f;
7429 $ret += ($idx << (6 * ($i - 1)));
7442 my $byte10 = (ord (substr ($final, 3, 1)) + 4);
7446 $byte10 = $byte10 - 256;
7449 substr ($final, 3, 1) = chr ($byte10);
7453 $passwd .= domino_base64_encode ((int (ord (substr ($final, 0, 1))) << 16) | (int (ord (substr ($final, 1, 1))) << 8) | (int (ord (substr ($final, 2, 1)))), 4);
7454 $passwd .= domino_base64_encode ((int (ord (substr ($final, 3, 1))) << 16) | (int (ord (substr ($final, 4, 1))) << 8) | (int (ord (substr ($final, 5, 1)))), 4);
7455 $passwd .= domino_base64_encode ((int (ord (substr ($final, 6, 1))) << 16) | (int (ord (substr ($final, 7, 1))) << 8) | (int (ord (substr ($final, 8, 1)))), 4);
7456 $passwd .= domino_base64_encode ((int (ord (substr ($final, 9, 1))) << 16) | (int (ord (substr ($final, 10, 1))) << 8) | (int (ord (substr ($final, 11, 1)))), 4);
7457 $passwd .= domino_base64_encode ((int (ord (substr ($final, 12, 1))) << 16) | (int (ord (substr ($final, 13, 1))) << 8) | (int (ord (substr ($final, 14, 1)))), 4);
7459 if (defined ($char))
7461 substr ($passwd, 18, 1) = $char;
7463 substr ($passwd, 19, 1) = "";
7468 sub domino_85x_encode
7473 my $byte10 = (ord (substr ($final, 3, 1)) + 4);
7477 $byte10 = $byte10 - 256;
7480 substr ($final, 3, 1) = chr ($byte10);
7484 $passwd .= domino_base64_encode ((int (ord (substr ($final, 0, 1))) << 16) | (int (ord (substr ($final, 1, 1))) << 8) | (int (ord (substr ($final, 2, 1)))), 4);
7485 $passwd .= domino_base64_encode ((int (ord (substr ($final, 3, 1))) << 16) | (int (ord (substr ($final, 4, 1))) << 8) | (int (ord (substr ($final, 5, 1)))), 4);
7486 $passwd .= domino_base64_encode ((int (ord (substr ($final, 6, 1))) << 16) | (int (ord (substr ($final, 7, 1))) << 8) | (int (ord (substr ($final, 8, 1)))), 4);
7487 $passwd .= domino_base64_encode ((int (ord (substr ($final, 9, 1))) << 16) | (int (ord (substr ($final, 10, 1))) << 8) | (int (ord (substr ($final, 11, 1)))), 4);
7488 $passwd .= domino_base64_encode ((int (ord (substr ($final, 12, 1))) << 16) | (int (ord (substr ($final, 13, 1))) << 8) | (int (ord (substr ($final, 14, 1)))), 4);
7489 $passwd .= domino_base64_encode ((int (ord (substr ($final, 15, 1))) << 16) | (int (ord (substr ($final, 16, 1))) << 8) | (int (ord (substr ($final, 17, 1)))), 4);
7490 $passwd .= domino_base64_encode ((int (ord (substr ($final, 18, 1))) << 16) | (int (ord (substr ($final, 19, 1))) << 8) | (int (ord (substr ($final, 20, 1)))), 4);
7491 $passwd .= domino_base64_encode ((int (ord (substr ($final, 21, 1))) << 16) | (int (ord (substr ($final, 22, 1))) << 8) | (int (ord (substr ($final, 23, 1)))), 4);
7492 $passwd .= domino_base64_encode ((int (ord (substr ($final, 24, 1))) << 16) | (int (ord (substr ($final, 25, 1))) << 8) | (int (ord (substr ($final, 26, 1)))), 4);
7493 $passwd .= domino_base64_encode ((int (ord (substr ($final, 27, 1))) << 16) | (int (ord (substr ($final, 28, 1))) << 8) | (int (ord (substr ($final, 29, 1)))), 4);
7494 $passwd .= domino_base64_encode ((int (ord (substr ($final, 30, 1))) << 16) | (int (ord (substr ($final, 31, 1))) << 8) | (int (ord (substr ($final, 32, 1)))), 4);
7495 $passwd .= domino_base64_encode ((int (ord (substr ($final, 33, 1))) << 16) | (int (ord (substr ($final, 34, 1))) << 8) | (int (ord (substr ($final, 35, 1)))), 4);
7497 if (defined ($char))
7499 substr ($passwd, 18, 1) = $char;
7505 sub domino_base64_encode
7510 my $itoa64 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
7514 while (($n - 1) >= 0)
7518 $ret = substr ($itoa64, $v & 0x3f, 1) . $ret;
7528 my $itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
7533 my $v = unpack "V", substr($md5, $i*4, 4);
7535 $s64 .= substr($itoa64, $v & 0x3f, 1);
7544 my ($username, $password) = @_;
7546 $username = substr ($username . " " x 8, 0, 8);
7547 $password = substr ($password . " " x 8, 0, 8);
7549 my $username_ebc = ascii2ebcdic ($username);
7550 my $password_ebc = ascii2ebcdic ($password);
7552 my @pw = split ("", $password_ebc);
7554 for (my $i = 0; $i < 8; $i++)
7556 $pw[$i] = unpack ("C", $pw[$i]);
7559 $pw[$i] = pack ("C", $pw[$i] & 0xff);
7562 my $key = join ("", @pw);
7564 my $cipher = new Crypt::DES $key;
7566 my $ciphertext = $cipher->encrypt ($username_ebc);
7568 my $ct = unpack ("H16", $ciphertext);
7575 my ($username, $password) = @_;
7577 my $userpass = pack('n*', unpack('C*', uc($username.$password)));
7578 $userpass .= pack('C', 0) while (length($userpass) % 8);
7580 my $key = pack('H*', "0123456789ABCDEF");
7581 my $iv = pack('H*', "0000000000000000");
7583 my $c = new Crypt::CBC(
7590 my $key2 = substr($c->encrypt($userpass), length($userpass)-8, 8);
7592 my $c2 = new Crypt::CBC(
7599 my $hash = substr($c2->encrypt($userpass), length($userpass)-8, 8);
7601 return uc(unpack('H*', $hash));
7606 my $word_buf = shift;
7608 my $salt_buf = shift;
7610 my $w = sprintf ("%d%s%s", 0, $word_buf, $salt_buf);
7612 my $digest = sha1 ($w);
7614 for (my $i = 1; $i < 1024; $i++)
7616 $w = $digest . sprintf ("%d%s%s", $i, $word_buf, $salt_buf);
7618 $digest = sha1 ($w);
7621 my ($A, $B, $C, $D, $E) = unpack ("N5", $digest);
7623 return sprintf ("%08x%08x%08x%08x%08x", $A, $B, $C, $D, $E);
7631 my $itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
7635 while (($n - 1) >= 0)
7639 $ret .= substr ($itoa64, $v & 0x3f, 1);
7655 my $hash = ""; # hash to be returned by this function
7657 my $final = md5 ($pass . $salt . $pass);
7659 $salt = substr ($salt, 0, 8);
7661 my $tmp = $pass . $magic . $salt;
7663 my $pass_len = length ($pass);
7667 for ($i = $pass_len; $i > 0; $i -= 16)
7676 $tmp .= substr ($final, 0, $len);
7689 $tmp .= substr ($pass, 0, 1);
7695 $final = md5 ($tmp);
7697 for ($i = 0; $i < $iter; $i++)
7729 $final = md5 ($tmp);
7733 # now format the output sting ("hash")
7737 $hash = to64 ((ord (substr ($final, 0, 1)) << 16) | (ord (substr ($final, 6, 1)) << 8) | (ord (substr ($final, 12, 1))), 4);
7738 $hash .= to64 ((ord (substr ($final, 1, 1)) << 16) | (ord (substr ($final, 7, 1)) << 8) | (ord (substr ($final, 13, 1))), 4);
7739 $hash .= to64 ((ord (substr ($final, 2, 1)) << 16) | (ord (substr ($final, 8, 1)) << 8) | (ord (substr ($final, 14, 1))), 4);
7740 $hash .= to64 ((ord (substr ($final, 3, 1)) << 16) | (ord (substr ($final, 9, 1)) << 8) | (ord (substr ($final, 15, 1))), 4);
7741 $hash .= to64 ((ord (substr ($final, 4, 1)) << 16) | (ord (substr ($final, 10, 1)) << 8) | (ord (substr ($final, 5, 1))), 4);
7742 $hash .= to64 (ord (substr ($final, 11, 1)), 2);
7744 if ($iter == 1000) # default
7746 $hash_buf = sprintf ("%s%s\$%s", $magic , $salt , $hash);
7750 $hash_buf = sprintf ("%srounds=%i\$%s\$%s", $magic, $iter, $salt , $hash);
7762 my $hash = ""; # hash to be returned by this function
7764 my $final = sha512 ($pass . $salt . $pass);
7766 $salt = substr ($salt, 0, 16);
7768 my $tmp = $pass . $salt;
7770 my $pass_len = length ($pass);
7771 my $salt_len = length ($salt);
7775 for ($i = $pass_len; $i > 0; $i -= 16)
7784 $tmp .= substr ($final, 0, $len);
7803 $final = sha512 ($tmp);
7809 for ($i = 0; $i < $pass_len; $i++)
7814 $p_bytes = sha512 ($p_bytes);
7815 $p_bytes = substr ($p_bytes, 0, $pass_len);
7819 my $final_first_byte = ord (substr ($final, 0, 1));
7823 for ($i = 0; $i < (16 + $final_first_byte); $i++)
7828 $s_bytes = sha512 ($s_bytes);
7829 $s_bytes = substr ($s_bytes, 0, $salt_len);
7831 for ($i = 0; $i < $iter; $i++)
7863 $final = sha512 ($tmp);
7867 # now format the output string ("hash")
7871 $hash .= to64 ((ord (substr ($final, 0, 1)) << 16) | (ord (substr ($final, 21, 1)) << 8) | (ord (substr ($final, 42, 1))), 4);
7872 $hash .= to64 ((ord (substr ($final, 22, 1)) << 16) | (ord (substr ($final, 43, 1)) << 8) | (ord (substr ($final, 1, 1))), 4);
7873 $hash .= to64 ((ord (substr ($final, 44, 1)) << 16) | (ord (substr ($final, 2, 1)) << 8) | (ord (substr ($final, 23, 1))), 4);
7874 $hash .= to64 ((ord (substr ($final, 3, 1)) << 16) | (ord (substr ($final, 24, 1)) << 8) | (ord (substr ($final, 45, 1))), 4);
7875 $hash .= to64 ((ord (substr ($final, 25, 1)) << 16) | (ord (substr ($final, 46, 1)) << 8) | (ord (substr ($final, 4, 1))), 4);
7876 $hash .= to64 ((ord (substr ($final, 47, 1)) << 16) | (ord (substr ($final, 5, 1)) << 8) | (ord (substr ($final, 26, 1))), 4);
7877 $hash .= to64 ((ord (substr ($final, 6, 1)) << 16) | (ord (substr ($final, 27, 1)) << 8) | (ord (substr ($final, 48, 1))), 4);
7878 $hash .= to64 ((ord (substr ($final, 28, 1)) << 16) | (ord (substr ($final, 49, 1)) << 8) | (ord (substr ($final, 7, 1))), 4);
7879 $hash .= to64 ((ord (substr ($final, 50, 1)) << 16) | (ord (substr ($final, 8, 1)) << 8) | (ord (substr ($final, 29, 1))), 4);
7880 $hash .= to64 ((ord (substr ($final, 9, 1)) << 16) | (ord (substr ($final, 30, 1)) << 8) | (ord (substr ($final, 51, 1))), 4);
7881 $hash .= to64 ((ord (substr ($final, 31, 1)) << 16) | (ord (substr ($final, 52, 1)) << 8) | (ord (substr ($final, 10, 1))), 4);
7882 $hash .= to64 ((ord (substr ($final, 53, 1)) << 16) | (ord (substr ($final, 11, 1)) << 8) | (ord (substr ($final, 32, 1))), 4);
7883 $hash .= to64 ((ord (substr ($final, 12, 1)) << 16) | (ord (substr ($final, 33, 1)) << 8) | (ord (substr ($final, 54, 1))), 4);
7884 $hash .= to64 ((ord (substr ($final, 34, 1)) << 16) | (ord (substr ($final, 55, 1)) << 8) | (ord (substr ($final, 13, 1))), 4);
7885 $hash .= to64 ((ord (substr ($final, 56, 1)) << 16) | (ord (substr ($final, 14, 1)) << 8) | (ord (substr ($final, 35, 1))), 4);
7886 $hash .= to64 ((ord (substr ($final, 15, 1)) << 16) | (ord (substr ($final, 36, 1)) << 8) | (ord (substr ($final, 57, 1))), 4);
7887 $hash .= to64 ((ord (substr ($final, 37, 1)) << 16) | (ord (substr ($final, 58, 1)) << 8) | (ord (substr ($final, 16, 1))), 4);
7888 $hash .= to64 ((ord (substr ($final, 59, 1)) << 16) | (ord (substr ($final, 17, 1)) << 8) | (ord (substr ($final, 38, 1))), 4);
7889 $hash .= to64 ((ord (substr ($final, 18, 1)) << 16) | (ord (substr ($final, 39, 1)) << 8) | (ord (substr ($final, 60, 1))), 4);
7890 $hash .= to64 ((ord (substr ($final, 40, 1)) << 16) | (ord (substr ($final, 61, 1)) << 8) | (ord (substr ($final, 19, 1))), 4);
7891 $hash .= to64 ((ord (substr ($final, 62, 1)) << 16) | (ord (substr ($final, 20, 1)) << 8) | (ord (substr ($final, 41, 1))), 4);
7892 $hash .= to64 (ord (substr ($final, 63, 1)), 2);
7896 if ($iter == 5000) # default
7898 $hash_buf = sprintf ("%s%s\$%s", $magic, $salt , $hash);
7902 $hash_buf = sprintf ("%srounds=%i\$%s\$%s", $magic, $iter, $salt , $hash);
7914 my $hash = ""; # hash to be returned by this function
7916 my $final = sha256 ($pass . $salt . $pass);
7918 $salt = substr ($salt, 0, 16);
7920 my $tmp = $pass . $salt;
7922 my $pass_len = length ($pass);
7923 my $salt_len = length ($salt);
7927 for ($i = $pass_len; $i > 0; $i -= 16)
7936 $tmp .= substr ($final, 0, $len);
7955 $final = sha256 ($tmp);
7961 for ($i = 0; $i < $pass_len; $i++)
7966 $p_bytes = sha256 ($p_bytes);
7967 $p_bytes = substr ($p_bytes, 0, $pass_len);
7971 my $final_first_byte = ord (substr ($final, 0, 1));
7975 for ($i = 0; $i < (16 + $final_first_byte); $i++)
7980 $s_bytes = sha256 ($s_bytes);
7981 $s_bytes = substr ($s_bytes, 0, $salt_len);
7983 for ($i = 0; $i < $iter; $i++)
8015 $final = sha256 ($tmp);
8019 # now format the output string ("hash")
8023 $hash .= to64 ((ord (substr ($final, 0, 1)) << 16) | (ord (substr ($final, 10, 1)) << 8) | (ord (substr ($final, 20, 1))), 4);
8024 $hash .= to64 ((ord (substr ($final, 21, 1)) << 16) | (ord (substr ($final, 1, 1)) << 8) | (ord (substr ($final, 11, 1))), 4);
8025 $hash .= to64 ((ord (substr ($final, 12, 1)) << 16) | (ord (substr ($final, 22, 1)) << 8) | (ord (substr ($final, 2, 1))), 4);
8026 $hash .= to64 ((ord (substr ($final, 3, 1)) << 16) | (ord (substr ($final, 13, 1)) << 8) | (ord (substr ($final, 23, 1))), 4);
8027 $hash .= to64 ((ord (substr ($final, 24, 1)) << 16) | (ord (substr ($final, 4, 1)) << 8) | (ord (substr ($final, 14, 1))), 4);
8028 $hash .= to64 ((ord (substr ($final, 15, 1)) << 16) | (ord (substr ($final, 25, 1)) << 8) | (ord (substr ($final, 5, 1))), 4);
8029 $hash .= to64 ((ord (substr ($final, 6, 1)) << 16) | (ord (substr ($final, 16, 1)) << 8) | (ord (substr ($final, 26, 1))), 4);
8030 $hash .= to64 ((ord (substr ($final, 27, 1)) << 16) | (ord (substr ($final, 7, 1)) << 8) | (ord (substr ($final, 17, 1))), 4);
8031 $hash .= to64 ((ord (substr ($final, 18, 1)) << 16) | (ord (substr ($final, 28, 1)) << 8) | (ord (substr ($final, 8, 1))), 4);
8032 $hash .= to64 ((ord (substr ($final, 9, 1)) << 16) | (ord (substr ($final, 19, 1)) << 8) | (ord (substr ($final, 29, 1))), 4);
8033 $hash .= to64 ((ord (substr ($final, 31, 1)) << 8) | (ord (substr ($final, 30, 1))), 3);
8037 if ($iter == 5000) # default
8039 $hash_buf = sprintf ("%s%s\$%s", $magic, $salt , $hash);
8043 $hash_buf = sprintf ("%srounds=%i\$%s\$%s", $magic, $iter, $salt , $hash);
8049 sub aix_ssha256_pbkdf2
8051 my $word_buf = shift;
8052 my $salt_buf = shift;
8053 my $iterations = shift;
8055 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256);
8057 my $pbkdf2 = Crypt::PBKDF2->new (
8059 iterations => $iterations,
8063 my $hash_buf = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
8067 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 1, 1))) << 8) | (int (ord (substr ($hash_buf, 2, 1)))), 4);
8068 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 4, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
8069 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 6, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 8, 1)))), 4);
8070 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 9, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 11, 1)))), 4);
8071 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 12, 1))) << 16) | (int (ord (substr ($hash_buf, 13, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
8072 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 15, 1))) << 16) | (int (ord (substr ($hash_buf, 16, 1))) << 8) | (int (ord (substr ($hash_buf, 17, 1)))), 4);
8073 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 18, 1))) << 16) | (int (ord (substr ($hash_buf, 19, 1))) << 8) | (int (ord (substr ($hash_buf, 20, 1)))), 4);
8074 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 21, 1))) << 16) | (int (ord (substr ($hash_buf, 22, 1))) << 8) | (int (ord (substr ($hash_buf, 23, 1)))), 4);
8075 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 24, 1))) << 16) | (int (ord (substr ($hash_buf, 25, 1))) << 8) | (int (ord (substr ($hash_buf, 26, 1)))), 4);
8076 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 27, 1))) << 16) | (int (ord (substr ($hash_buf, 28, 1))) << 8) | (int (ord (substr ($hash_buf, 29, 1)))), 4);
8077 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 30, 1))) << 16) | (int (ord (substr ($hash_buf, 31, 1))) << 8) , 3);
8082 sub aix_ssha512_pbkdf2
8084 my $word_buf = shift;
8085 my $salt_buf = shift;
8086 my $iterations = shift;
8088 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 512);
8090 my $pbkdf2 = Crypt::PBKDF2->new (
8092 iterations => $iterations,
8095 my $hash_buf = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
8099 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 1, 1))) << 8) | (int (ord (substr ($hash_buf, 2, 1)))), 4);
8100 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 4, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
8101 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 6, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 8, 1)))), 4);
8102 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 9, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 11, 1)))), 4);
8103 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 12, 1))) << 16) | (int (ord (substr ($hash_buf, 13, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
8104 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 15, 1))) << 16) | (int (ord (substr ($hash_buf, 16, 1))) << 8) | (int (ord (substr ($hash_buf, 17, 1)))), 4);
8105 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 18, 1))) << 16) | (int (ord (substr ($hash_buf, 19, 1))) << 8) | (int (ord (substr ($hash_buf, 20, 1)))), 4);
8106 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 21, 1))) << 16) | (int (ord (substr ($hash_buf, 22, 1))) << 8) | (int (ord (substr ($hash_buf, 23, 1)))), 4);
8107 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 24, 1))) << 16) | (int (ord (substr ($hash_buf, 25, 1))) << 8) | (int (ord (substr ($hash_buf, 26, 1)))), 4);
8108 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 27, 1))) << 16) | (int (ord (substr ($hash_buf, 28, 1))) << 8) | (int (ord (substr ($hash_buf, 29, 1)))), 4);
8109 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 30, 1))) << 16) | (int (ord (substr ($hash_buf, 31, 1))) << 8) | (int (ord (substr ($hash_buf, 32, 1)))), 4);
8110 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 33, 1))) << 16) | (int (ord (substr ($hash_buf, 34, 1))) << 8) | (int (ord (substr ($hash_buf, 35, 1)))), 4);
8111 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 36, 1))) << 16) | (int (ord (substr ($hash_buf, 37, 1))) << 8) | (int (ord (substr ($hash_buf, 38, 1)))), 4);
8112 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 39, 1))) << 16) | (int (ord (substr ($hash_buf, 40, 1))) << 8) | (int (ord (substr ($hash_buf, 41, 1)))), 4);
8113 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 42, 1))) << 16) | (int (ord (substr ($hash_buf, 43, 1))) << 8) | (int (ord (substr ($hash_buf, 44, 1)))), 4);
8114 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 45, 1))) << 16) | (int (ord (substr ($hash_buf, 46, 1))) << 8) | (int (ord (substr ($hash_buf, 47, 1)))), 4);
8115 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 48, 1))) << 16) | (int (ord (substr ($hash_buf, 49, 1))) << 8) | (int (ord (substr ($hash_buf, 50, 1)))), 4);
8116 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 51, 1))) << 16) | (int (ord (substr ($hash_buf, 52, 1))) << 8) | (int (ord (substr ($hash_buf, 53, 1)))), 4);
8117 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 54, 1))) << 16) | (int (ord (substr ($hash_buf, 55, 1))) << 8) | (int (ord (substr ($hash_buf, 56, 1)))), 4);
8118 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 57, 1))) << 16) | (int (ord (substr ($hash_buf, 58, 1))) << 8) | (int (ord (substr ($hash_buf, 59, 1)))), 4);
8119 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 60, 1))) << 16) | (int (ord (substr ($hash_buf, 61, 1))) << 8) | (int (ord (substr ($hash_buf, 62, 1)))), 4);
8120 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 63, 1))) << 16) , 2);
8125 sub aix_ssha1_pbkdf2
8127 my $word_buf = shift;
8128 my $salt_buf = shift;
8129 my $iterations = shift;
8131 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1');
8133 my $pbkdf2 = Crypt::PBKDF2->new (
8135 iterations => $iterations,
8138 my $hash_buf = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
8142 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 1, 1))) << 8) | (int (ord (substr ($hash_buf, 2, 1)))), 4);
8143 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 4, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
8144 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 6, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 8, 1)))), 4);
8145 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 9, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 11, 1)))), 4);
8146 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 12, 1))) << 16) | (int (ord (substr ($hash_buf, 13, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
8147 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 15, 1))) << 16) | (int (ord (substr ($hash_buf, 16, 1))) << 8) | (int (ord (substr ($hash_buf, 17, 1)))), 4);
8148 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 18, 1))) << 16) | (int (ord (substr ($hash_buf, 19, 1))) << 8) , 3);
8157 my @data = split "", $data_s;
8160 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8161 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8162 "\x3f\x40\x41\x50\x43\x44\x45\x4b\x47\x48\x4d\x4e\x54\x51\x53\x46" .
8163 "\x35\x36\x37\x38\x39\x3a\x3b\x3c\x3d\x3e\x56\x55\x5c\x49\x5d\x4a" .
8164 "\x42\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" .
8165 "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x58\x5b\x59\xff\x52" .
8166 "\x4c\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" .
8167 "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x57\x5e\x5a\x4f\xff" .
8168 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8169 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8170 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8171 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8172 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8173 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8174 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8175 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff";
8177 my @transTable = unpack ("C256", $transTable_s);
8181 for (my $i = 0; $i < scalar @data; $i++)
8183 $out[$i] = $transTable[int (ord ($data[$i]))];
8186 return pack ("C*", @out);
8191 my $digest_s = shift;
8196 my @w = unpack "C*", $w_s;
8197 my @s = unpack "C*", $s_s;
8200 "\x14\x77\xf3\xd4\xbb\x71\x23\xd0\x03\xff\x47\x93\x55\xaa\x66\x91" .
8201 "\xf2\x88\x6b\x99\xbf\xcb\x32\x1a\x19\xd9\xa7\x82\x22\x49\xa2\x51" .
8202 "\xe2\xb7\x33\x71\x8b\x9f\x5d\x01\x44\x70\xae\x11\xef\x28\xf0\x0d";
8204 my @bcodeTable = unpack ("C48", $bcodeTable_s);
8206 my @abcd = unpack ("C16", $digest_s);
8208 my $sum20 = ($abcd[0] & 3)
8218 for (my $i2 = 0; $i2 < $sum20; $i2++)
8223 for (my $i1 = 0, my $i2 = 0, my $i3 = 0; $i2 < $sum20; $i2++, $i2++)
8225 if ($i1 < length $w_s)
8227 if ($abcd[15 - $i1] & 1)
8229 $out[$i2] = $bcodeTable[48 - 1 - $i1];
8234 $out[$i2] = $w[$i1];
8240 if ($i3 < length $s_s)
8242 $out[$i2] = $s[$i3];
8248 $out[$i2] = $bcodeTable[$i2 - $i1 - $i3];
8251 return substr (pack ("C*", @out), 0, $sum20);
8256 my @key_56 = split (//, shift);
8262 $key .= chr(((ord($key_56[0]) << 7) | (ord($key_56[1]) >> 1)) & 255);
8263 $key .= chr(((ord($key_56[1]) << 6) | (ord($key_56[2]) >> 2)) & 255);
8264 $key .= chr(((ord($key_56[2]) << 5) | (ord($key_56[3]) >> 3)) & 255);
8265 $key .= chr(((ord($key_56[3]) << 4) | (ord($key_56[4]) >> 4)) & 255);
8266 $key .= chr(((ord($key_56[4]) << 3) | (ord($key_56[5]) >> 5)) & 255);
8267 $key .= chr(((ord($key_56[5]) << 2) | (ord($key_56[6]) >> 6)) & 255);
8268 $key .= chr(( ord($key_56[6]) << 1) & 255);
8279 for (my $i = 0; $i < $len; $i++)
8281 my $c = get_random_chr (0, 255);
8286 return join ("", @arr);
8289 sub get_random_netntlmv1_salt
8291 my $len_user = shift;
8292 my $len_domain = shift;
8298 for (my $i = 0; $i < $len_user; $i++)
8300 $type = get_random_num (1, 3);
8304 $char = get_random_chr (0x30, 0x39);
8308 $char = get_random_chr (0x41, 0x5A);
8312 $char = get_random_chr (0x61, 0x7A);
8320 for (my $i = 0; $i < $len_domain; $i++)
8322 $type = get_random_num (1, 3);
8326 $char = get_random_chr (0x30, 0x39);
8330 $char = get_random_chr (0x41, 0x5A);
8334 $char = get_random_chr (0x61, 0x7A);
8340 my $c_challenge = randbytes (8);
8341 my $s_challenge = randbytes (8);
8343 my $salt_buf = $user . "::" . $domain . ":" . unpack ("H*", $c_challenge) . unpack ("H*", $s_challenge);
8348 sub get_random_netntlmv2_salt
8350 my $len_user = shift;
8351 my $len_domain = shift;
8357 if ($len_user + $len_domain > 27)
8359 if ($len_user > $len_domain)
8361 $len_user = 27 - $len_domain;
8365 $len_domain = 27 - $len_user;
8369 for (my $i = 0; $i < $len_user; $i++)
8371 $type = get_random_num (1, 3);
8375 $char = get_random_chr (0x30, 0x39);
8379 $char = get_random_chr (0x41, 0x5A);
8383 $char = get_random_chr (0x61, 0x7A);
8391 for (my $i = 0; $i < $len_domain; $i++)
8393 $type = get_random_num (1, 3);
8397 $char = get_random_chr (0x30, 0x39);
8401 $char = get_random_chr (0x41, 0x5A);
8405 $char = get_random_chr (0x61, 0x7A);
8411 my $c_challenge = randbytes (8);
8412 my $s_challenge = randbytes (8);
8414 my $temp = "\x01\x01" .
8419 randbytes (20 * rand () + 1) .
8422 my $salt_buf = $user . "::" . $domain . ":" . unpack ("H*", $s_challenge) . unpack ("H*", $temp);
8427 sub get_random_ike_salt
8431 for (my $i = 0; $i < 40; $i++)
8433 $nr_buf .= get_random_chr (0, 0xff);
8438 for (my $i = 0; $i < 440; $i++)
8440 $msg_buf .= get_random_chr (0, 0xff);
8443 my $nr_buf_hex = unpack ("H*", $nr_buf);
8444 my $msg_buf_hex = unpack ("H*", $msg_buf);
8446 my $salt_buf = sprintf ("%s:%s:%s:%s:%s:%s:%s:%s", substr ($msg_buf_hex, 0, 256), substr ($msg_buf_hex, 256, 256), substr ($msg_buf_hex, 512, 16), substr ($msg_buf_hex, 528, 16), substr ($msg_buf_hex, 544, 320), substr ($msg_buf_hex, 864, 16), substr ($nr_buf_hex, 0, 40), substr ($nr_buf_hex, 40, 40));
8451 sub get_random_agilekeychain_salt
8455 for (my $i = 0; $i < 8; $i++)
8457 $salt_buf .= get_random_chr (0x0, 0xff);
8462 for (my $i = 0; $i < 16; $i++)
8464 $iv .= get_random_chr (0x0, 0xff);
8467 my $prefix = "\x00" x 1008;
8469 my $ret = unpack ("H*", $salt_buf . $prefix . $iv);
8474 sub get_random_cloudkeychain_salt
8478 for (my $i = 0; $i < 16; $i++)
8480 $salt_buf .= get_random_chr (0x0, 0xff);
8483 for (my $i = 0; $i < 304; $i++)
8485 $salt_buf .= get_random_chr (0x0, 0xff);
8488 my $ret = unpack ("H*", $salt_buf);
8493 sub get_random_kerberos5_salt
8495 my $custom_salt = shift;
8497 my $clear_data = randbytes (14) .
8498 strftime ("%Y%m%d%H%M%S", localtime) .
8502 my $realm = "realm";
8505 my $salt_buf = $user . "\$" . $realm . "\$" . $salt . "\$" . unpack ("H*", $custom_salt) . "\$" . unpack ("H*", $clear_data) . "\$";
8510 sub get_random_kerberos5_tgs_salt
8512 my $nonce = randbytes (8);
8515 my $realm = "realm";
8516 my $spn = "test/spn";
8518 my $salt_buf = $user . "\$" . $realm . "\$" . $spn . "\$" . unpack ("H*",$nonce);
8523 sub get_random_axcrypt_salt
8525 my $mysalt = randbytes (16);
8527 $mysalt = unpack ("H*", $mysalt);
8529 my $iteration = get_random_num (6, 100000);
8531 my $salt_buf = $iteration . '*' . $mysalt;
8536 sub get_random_keepass_salt
8538 my $version = get_random_num (1, 3);
8544 my $final_random_seed;
8548 $algorithm = get_random_num (0, 2);
8550 $iteration = get_random_num (50000, 100000);
8552 $final_random_seed = randbytes (16);
8553 $final_random_seed = unpack ("H*", $final_random_seed);
8555 elsif ($version == 2)
8559 $iteration = get_random_num (6000, 100000);
8561 $final_random_seed = randbytes (32);
8562 $final_random_seed = unpack ("H*", $final_random_seed);
8565 my $transf_random_seed = randbytes (32);
8566 $transf_random_seed = unpack ("H*", $transf_random_seed);
8568 my $enc_iv = randbytes (16);
8569 $enc_iv = unpack ("H*", $enc_iv);
8571 my $contents_hash = randbytes (32);
8572 $contents_hash = unpack ("H*", $contents_hash);
8574 my $inline_flag = 1;
8576 my $contents_len = get_random_num (128, 500);
8578 my $contents = randbytes ($contents_len);
8580 $contents_len += 16 - $contents_len % 16;
8582 $contents = unpack ("H*", $contents);
8586 my $is_keyfile = get_random_num (0, 2);
8588 my $keyfile_attributes = "";
8590 if ($is_keyfile == 1)
8592 $keyfile_attributes = $keyfile_attributes
8594 . unpack ("H*", randbytes (32));
8599 $salt_buf = $version . '*' .
8602 $final_random_seed . '*' .
8603 $transf_random_seed . '*' .
8605 $contents_hash . '*' .
8606 $inline_flag . '*' .
8607 $contents_len . '*' .
8609 $keyfile_attributes;
8611 elsif ($version == 2)
8613 $contents = randbytes (32);
8614 $contents = unpack ("H*", $contents);
8616 $salt_buf = $version . '*' .
8619 $final_random_seed . '*' .
8620 $transf_random_seed . '*' .
8622 $contents_hash . '*' .
8624 $keyfile_attributes;
8630 sub get_random_md5chap_salt
8632 my $salt_buf = shift;
8634 my $salt = unpack ("H*", $salt_buf);
8638 $salt .= unpack ("H*", randbytes (1));
8643 sub get_random_dnssec_salt
8649 for (my $i = 0; $i < 8; $i++)
8651 $salt_buf .= get_random_chr (0x61, 0x7a);
8654 $salt_buf .= ".net";
8658 for (my $i = 0; $i < 8; $i++)
8660 $salt_buf .= get_random_chr (0x30, 0x39);
8673 my $byte_off = int ($bit / 8);
8674 my $bit_off = int ($bit % 8);
8676 my $char = substr ($digest, $byte_off, 1);
8677 my $num = ord ($char);
8679 return (($num & (1 << $bit_off)) ? 1 : 0);
8688 my $constant_phrase =
8689 "To be, or not to be,--that is the question:--\n" .
8690 "Whether 'tis nobler in the mind to suffer\n" .
8691 "The slings and arrows of outrageous fortune\n" .
8692 "Or to take arms against a sea of troubles,\n" .
8693 "And by opposing end them?--To die,--to sleep,--\n" .
8694 "No more; and by a sleep to say we end\n" .
8695 "The heartache, and the thousand natural shocks\n" .
8696 "That flesh is heir to,--'tis a consummation\n" .
8697 "Devoutly to be wish'd. To die,--to sleep;--\n" .
8698 "To sleep! perchance to dream:--ay, there's the rub;\n" .
8699 "For in that sleep of death what dreams may come,\n" .
8700 "When we have shuffled off this mortal coil,\n" .
8701 "Must give us pause: there's the respect\n" .
8702 "That makes calamity of so long life;\n" .
8703 "For who would bear the whips and scorns of time,\n" .
8704 "The oppressor's wrong, the proud man's contumely,\n" .
8705 "The pangs of despis'd love, the law's delay,\n" .
8706 "The insolence of office, and the spurns\n" .
8707 "That patient merit of the unworthy takes,\n" .
8708 "When he himself might his quietus make\n" .
8709 "With a bare bodkin? who would these fardels bear,\n" .
8710 "To grunt and sweat under a weary life,\n" .
8711 "But that the dread of something after death,--\n" .
8712 "The undiscover'd country, from whose bourn\n" .
8713 "No traveller returns,--puzzles the will,\n" .
8714 "And makes us rather bear those ills we have\n" .
8715 "Than fly to others that we know not of?\n" .
8716 "Thus conscience does make cowards of us all;\n" .
8717 "And thus the native hue of resolution\n" .
8718 "Is sicklied o'er with the pale cast of thought;\n" .
8719 "And enterprises of great pith and moment,\n" .
8720 "With this regard, their currents turn awry,\n" .
8721 "And lose the name of action.--Soft you now!\n" .
8722 "The fair Ophelia!--Nymph, in thy orisons\n" .
8723 "Be all my sins remember'd.\n\x00";
8725 my $constant_len = length ($constant_phrase);
8727 my $hash_buf = md5 ($pw . $salt);
8733 for (my $round = 0; $round < $iter; $round++)
8735 my $shift_a = md5bit ($hash_buf, $round + 0);
8736 my $shift_b = md5bit ($hash_buf, $round + 64);
8741 for (my $k = 0; $k < 16; $k++)
8743 my $s7shift = ord (substr ($hash_buf, $k, 1)) % 8;
8745 my $l = ($k + 3) % 16;
8747 my $num = ord (substr ($hash_buf, $l, 1));
8749 $shift_4[$k] = $num % 5;
8751 $shift_7[$k] = ($num >> $s7shift) & 1;
8756 for (my $k = 0; $k < 16; $k++)
8758 $indirect_4[$k] = (ord (substr ($hash_buf, $k, 1)) >> $shift_4[$k]) & 0xf;
8763 for (my $k = 0; $k < 16; $k++)
8765 $indirect_7[$k] = (ord (substr ($hash_buf, $indirect_4[$k], 1)) >> $shift_7[$k]) & 0x7f;
8771 for (my $k = 0; $k < 8; $k++)
8773 $indirect_a |= md5bit ($hash_buf, $indirect_7[$k + 0]) << $k;
8775 $indirect_b |= md5bit ($hash_buf, $indirect_7[$k + 8]) << $k;
8778 $indirect_a = ($indirect_a >> $shift_a) & 0x7f;
8779 $indirect_b = ($indirect_b >> $shift_b) & 0x7f;
8781 my $bit_a = md5bit ($hash_buf, $indirect_a);
8782 my $bit_b = md5bit ($hash_buf, $indirect_b);
8792 if ($bit_a ^ $bit_b)
8794 substr ($W, 16, 48) = substr ($constant_phrase, 0, 48);
8798 $to_hash .= substr ($W, 0, 64);
8802 for ($constant_off = 48; $constant_off < $constant_len - 64; $constant_off += 64)
8804 substr ($W, 0, 64) = substr ($constant_phrase, $constant_off, 64);
8808 $to_hash .= substr ($W, 0, 64);
8811 $pos = $constant_len - $constant_off;
8815 substr ($W, 0, $pos) = substr ($constant_phrase, $constant_off, $pos);
8830 my $round_div = int ($tmp / 10);
8831 my $round_mod = int ($tmp % 10);
8835 $a_buf[int ($a_len / 4)] = (($round_mod + 0x30) | ($a_buf[int ($a_len / 4)] << 8));
8845 for ($g = 0; $g < $a_len; $g++)
8847 my $remainder = $a_buf[$g];
8853 while ($remainder > 0)
8855 $sub = $remainder >> (8 * $factor);
8857 if ($started != 1 || $sub > 0)
8861 $tmp_str = chr ($sub) . $tmp_str;
8863 $remainder -= ($sub << (8 * $factor));
8871 substr ($W, $pos, $a_len) = $tmp_str;
8877 $to_hash .= substr ($W, 0, $pos);
8879 $to_hash = substr ($to_hash, 0, $total);
8881 $hash_buf = md5 ($to_hash);
8886 $passwd .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 6, 1))) << 8) | (int (ord (substr ($hash_buf, 12, 1)))), 4);
8887 $passwd .= to64 ((int (ord (substr ($hash_buf, 1, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 13, 1)))), 4);
8888 $passwd .= to64 ((int (ord (substr ($hash_buf, 2, 1))) << 16) | (int (ord (substr ($hash_buf, 8, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
8889 $passwd .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 9, 1))) << 8) | (int (ord (substr ($hash_buf, 15, 1)))), 4);
8890 $passwd .= to64 ((int (ord (substr ($hash_buf, 4, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
8891 $passwd .= to64 ((int (ord (substr ($hash_buf, 11, 1)))), 2);
8898 die ("usage: $0 single|passthrough| [mode] [len]\n" .
8900 " $0 verify [mode] [hashfile] [cracks] [outfile]\n");
8905 my $block_ref = shift;
8909 my $value = 16 - $offset;
8911 for (my $i = $offset; $i < 16; $i++)
8913 push @{$block_ref}, $value;
8923 for (my $i = 0; $i < 18; $i++)
8925 for (my $j = 0; $j < 48; $j++)
8927 $p = ($p + 48 - $j) & 0xff;
8929 my $c = $lotus_magic_table[$p];
8931 $p = $in_ref->[$j] ^ $c;
8938 sub lotus_transform_password
8941 my $out_ref = shift;
8943 my $t = $out_ref->[15];
8945 for (my $i = 0; $i < 16; $i++)
8947 $t ^= $in_ref->[$i];
8949 my $c = $lotus_magic_table[$t];
8951 $out_ref->[$i] ^= $c;
8953 $t = $out_ref->[$i];
8957 sub mdtransform_norecalc
8959 my $state_ref = shift;
8960 my $block_ref = shift;
8964 push (@x, @{$state_ref});
8965 push (@x, @{$block_ref});
8967 for (my $i = 0; $i < 16; $i++)
8969 push (@x, $x[0 + $i] ^ $x[16 + $i]);
8974 for (my $i = 0; $i < 16; $i++)
8976 $state_ref->[$i] = $x[$i];
8982 my $state_ref = shift;
8983 my $checksum_ref = shift;
8984 my $block_ref = shift;
8986 mdtransform_norecalc ($state_ref, $block_ref);
8988 lotus_transform_password ($block_ref, $checksum_ref);
8993 my $saved_key_ref = shift;
8997 @{$saved_key_ref} = splice (@{$saved_key_ref}, 0, $size);
8999 my @state = (0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
9005 for ($curpos = 0; $curpos + 16 < $size; $curpos += 16)
9007 my $curpos16 = $curpos + 16;
9009 my @block = splice (@{$saved_key_ref}, 0, 16);
9011 mdtransform (\@state, \@checksum, \@block);
9014 my $left = $size - $curpos;
9016 my @block = splice (@{$saved_key_ref}, 0, 16);
9018 pad16 (\@block, $left);
9020 mdtransform (\@state, \@checksum, \@block);
9022 mdtransform_norecalc (\@state, \@checksum);
9027 sub pdf_compute_encryption_key
9029 my $word_buf = shift;
9030 my $padding = shift;
9045 $data .= substr ($padding, 0, 32 - length $word_buf);
9047 $data .= pack ("H*", $o);
9049 $data .= pack ("I", $P);
9051 $data .= pack ("H*", $id);
9057 $data .= pack ("I", -1);
9061 my $res = md5 ($data);
9065 for (my $i = 0; $i < 50; $i++)
9074 sub gen_random_wpa_eapol
9083 my $version = 1; # 802.1X-2001
9085 $ret .= pack ("C*", $version);
9087 my $type = 3; # means that this EAPOL frame is used to transfer key information
9089 $ret .= pack ("C*", $type);
9091 my $length; # length of remaining data
9102 $ret .= pack ("n*", $length);
9104 my $descriptor_type;
9108 $descriptor_type = 254; # EAPOL WPA key
9112 $descriptor_type = 1; # EAPOL RSN key
9115 $ret .= pack ("C*", $descriptor_type);
9117 # key_info is a bit vector:
9118 # generated from these 13 bits: encrypted key data, request, error, secure, key mic, key ack, install, key index (2), key type, key descriptor (3)
9122 $key_info |= 1 << 8; # set key MIC
9123 $key_info |= 1 << 3; # set if it is a pairwise key
9127 $key_info |= 1 << 0; # RC4 Cipher, HMAC-MD5 MIC
9131 $key_info |= 1 << 1; # AES Cipher, HMAC-SHA1 MIC
9134 $ret .= pack ("n*", $key_info);
9147 $ret .= pack ("n*", $key_length);
9149 my $replay_counter = 1;
9151 $ret .= pack ("Q>*", $replay_counter);
9155 my $key_iv = "\x00" x 16;
9159 my $key_rsc = "\x00" x 8;
9163 my $key_id = "\x00" x 8;
9167 my $key_mic = "\x00" x 16;
9175 $key_data_len = 24; # length of the key_data (== WPA info)
9179 $key_data_len = 22; # length of the key_data (== RSN info)
9182 $ret .= pack ("n*", $key_data_len);
9192 my $vendor_specific_data = "";
9194 my $tag_number = 221; # means it is a vendor specific tag
9196 $vendor_specific_data .= pack ("C*", $tag_number);
9198 my $tag_len = 22; # length of the remaining "tag data"
9200 $vendor_specific_data .= pack ("C*", $tag_len);
9202 my $vendor_specific_oui = pack ("H*", "0050f2"); # microsoft
9204 $vendor_specific_data .= $vendor_specific_oui;
9206 my $vendor_specific_oui_type = 1; # WPA Information Element
9208 $vendor_specific_data .= pack ("C*", $vendor_specific_oui_type);
9210 my $vendor_specific_wpa_version = 1;
9212 $vendor_specific_data .= pack ("v*", $vendor_specific_wpa_version);
9216 my $vendor_specific_multicast_oui = pack ("H*", "0050f2");
9218 $vendor_specific_data .= $vendor_specific_multicast_oui;
9220 my $vendor_specific_multicast_type = 2; # TKIP
9222 $vendor_specific_data .= pack ("C*", $vendor_specific_multicast_type);
9226 my $vendor_specific_unicast_count = 1;
9228 $vendor_specific_data .= pack ("v*", $vendor_specific_unicast_count);
9230 my $vendor_specific_unicast_oui = pack ("H*", "0050f2");
9232 $vendor_specific_data .= $vendor_specific_multicast_oui;
9234 my $vendor_specific_unicast_type = 2; # TKIP
9236 $vendor_specific_data .= pack ("C*", $vendor_specific_unicast_type);
9238 # Auth Key Management (AKM)
9240 my $auth_key_management_count = 1;
9242 $vendor_specific_data .= pack ("v*", $auth_key_management_count);
9244 my $auth_key_management_oui = pack ("H*", "0050f2");
9246 $vendor_specific_data .= $auth_key_management_oui;
9248 my $auth_key_management_type = 2; # Pre-Shared Key (PSK)
9250 $vendor_specific_data .= pack ("C*", $auth_key_management_type);
9252 $wpa_info = $vendor_specific_data;
9254 $key_data = $wpa_info;
9262 my $tag_number = 48; # RSN info
9264 $rsn_info .= pack ("C*", $tag_number);
9266 my $tag_len = 20; # length of the remaining "tag_data"
9268 $rsn_info .= pack ("C*", $tag_len);
9270 my $rsn_version = 1;
9272 $rsn_info .= pack ("v*", $rsn_version);
9274 # group cipher suite
9276 my $group_cipher_suite_oui = pack ("H*", "000fac"); # Ieee8021
9278 $rsn_info .= $group_cipher_suite_oui;
9280 my $group_cipher_suite_type = 4; # AES (CCM)
9282 $rsn_info .= pack ("C*", $group_cipher_suite_type);
9284 # pairwise cipher suite
9286 my $pairwise_cipher_suite_count = 1;
9288 $rsn_info .= pack ("v*", $pairwise_cipher_suite_count);
9290 my $pairwise_cipher_suite_oui = pack ("H*", "000fac"); # Ieee8021
9292 $rsn_info .= $pairwise_cipher_suite_oui;
9294 my $pairwise_cipher_suite_type = 4; # AES (CCM)
9296 $rsn_info .= pack ("C*", $pairwise_cipher_suite_type);
9298 # Auth Key Management (AKM)
9300 my $auth_key_management_count = 1;
9302 $rsn_info .= pack ("v*", $auth_key_management_count);
9304 my $auth_key_management_oui = pack ("H*", "000fac"); # Ieee8021
9306 $rsn_info .= $auth_key_management_oui;
9308 my $auth_key_management_type = 2; # Pre-Shared Key (PSK)
9310 $rsn_info .= pack ("C*", $auth_key_management_type);
9314 # bit vector of these 9 bits: peerkey enabled, management frame protection (MFP) capable, MFP required,
9315 # RSN GTKSA Capabilities (2), RSN PTKSA Capabilities (2), no pairwise Capabilities, Pre-Auth Capabilities
9317 my $rsn_capabilities = pack ("H*", "0000");
9319 $rsn_info .= $rsn_capabilities;
9321 $key_data = $rsn_info;
9337 my $data = "Pairwise key expansion";
9342 # Min(AA, SPA) || Max(AA, SPA)
9345 # compare if greater: Min()/Max() on the MACs (6 bytes)
9347 if (memcmp ($stmac, $bssid, 6) < 0)
9359 # Min(ANonce,SNonce) || Max(ANonce,SNonce)
9362 # compare if greater: Min()/Max() on the nonces (32 bytes)
9364 if (memcmp ($snonce, $anonce, 32) < 0)
9377 my $prf_buf = hmac ($data, $pmk, \&sha1);
9379 $prf_buf = substr ($prf_buf, 0, 16);
9390 my $len_str1 = length ($str1);
9391 my $len_str2 = length ($str2);
9393 if (($len > $len_str1) || ($len > $len_str2))
9395 print "ERROR: memcmp () lengths wrong";
9400 for (my $i = 0; $i < $len; $i++)
9402 my $c_1 = ord (substr ($str1, $i, 1));
9403 my $c_2 = ord (substr ($str2, $i, 1));
9405 return -1 if ($c_1 < $c_2);
9406 return 1 if ($c_1 > $c_2);