4 ## Author......: Jens Steube <jens.steube@gmail.com>
10 use Digest
::MD4 qw
(md4 md4_hex
);
11 use Digest
::MD5 qw
(md5 md5_hex
);
12 use Digest
::SHA qw
(sha1 sha256 sha384 sha512 sha1_hex sha256_hex sha384_hex sha512_hex
);
13 use Digest
::HMAC qw
(hmac hmac_hex
);
14 use Digest
::Keccak qw
(keccak_256_hex
);
15 use Crypt
::MySQL qw
(password41
);
16 use Digest
::GOST qw
(gost gost_hex
);
17 use Digest
::HMAC_MD5 qw
(hmac_md5
);
18 use Digest
::CRC qw
(crc32
);
21 use Crypt
::ECB qw
(encrypt
);
23 use Crypt
::Eksblowfish
::Bcrypt qw
(bcrypt en_base64
);
24 use Crypt
::Digest
::RIPEMD160 qw
(ripemd160_hex
);
25 use Crypt
::Digest
::Whirlpool qw
(whirlpool_hex
);
27 use Crypt
::ScryptKDF qw
(scrypt_hash scrypt_b64
);
31 use Crypt
::UnixCrypt_XS qw
(crypt_rounds fold_password base64_to_int24 block_to_base64 int24_to_base64
);
33 use Authen
::Passphrase
::NTHash
;
34 use Authen
::Passphrase
::MySQL323
;
35 use Authen
::Passphrase
::PHPass
;
36 use Authen
::Passphrase
::LANManager
;
38 use POSIX qw
(strftime
);
40 use Net
::DNS
::RR
::NSEC3
;
41 use Convert
::EBCDIC qw
(ascii2ebcdic
);
42 use Digest
::SipHash qw
/siphash/;
44 my $hashcat = "./hashcat";
48 my @modes = (0, 10, 11, 12, 20, 21, 22, 23, 30, 40, 50, 60, 100, 101, 110, 111, 112, 120, 121, 122, 125, 130, 131, 132, 133, 140, 141, 150, 160, 190, 200, 300, 400, 500, 900, 1000, 1100, 1400, 1410, 1420, 1430, 1440, 1441, 1450, 1460, 1500, 1600, 1700, 1710, 1711, 1720, 1730, 1740, 1722, 1731, 1750, 1760, 1800, 2100, 2400, 2410, 2500, 2600, 2611, 2612, 2711, 2811, 3000, 3100, 3200, 3710, 3711, 3300, 3500, 3610, 3720, 3800, 3910, 4010, 4110, 4210, 4300, 4400, 4500, 4600, 4700, 4800, 4900, 5000, 5100, 5300, 5400, 5500, 5600, 5700, 5800, 6000, 6100, 6300, 6400, 6500, 6600, 6700, 6800, 6900, 7100, 7200, 7300, 7400, 7500, 7600, 7700, 7800, 7900, 8000, 8100, 8200, 8300, 8400, 8500, 8600, 8700, 8900, 9100, 9200, 9300, 9400, 9500, 9600, 9700, 9800, 9900, 10000, 10100, 10200, 10300, 10400, 10500, 10600, 10700, 10800, 10900, 11000, 11100, 11200, 11300, 11400, 11500, 11600, 11900, 12000, 12100, 12200, 12300, 12400, 12600, 12700, 12800, 12900, 13000, 13100, 13200, 13300, 13400, 13500, 13600);
50 my %is_unicode = map { $_ => 1 } qw(30 40 130 131 132 133 140 141 1000 1100 1430 1440 1441 1730 1740 1731 5500 5600 8000 9400 9500 9600 9700 9800 11600 13500);
51 my %less_fifteen = map { $_ => 1 } qw(500 1600 1800 2400 2410 3200 6300 7400 10500 10700);
52 my %allow_long_salt = map { $_ => 1 } qw(2500 5500 5600 7100 7200 7300 9400 9500 9600 9700 9800 10400 10500 10600 10700 1100 11000 11200 11300 11400 11600 12600 13500);
54 my @lotus_magic_table =
56 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a,
57 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0,
58 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b,
59 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a,
60 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda,
61 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36,
62 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8,
63 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c,
64 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17,
65 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60,
66 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72,
67 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa,
68 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd,
69 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e,
70 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b,
71 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf,
72 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77,
73 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6,
74 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3,
75 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3,
76 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e,
77 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c,
78 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d,
79 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2,
80 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46,
81 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5,
82 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97,
83 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5,
84 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef,
85 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f,
86 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf,
87 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab
92 0x28, 0xbf, 0x4e, 0x5e, 0x4e, 0x75, 0x8a, 0x41,
93 0x64, 0x00, 0x4e, 0x56, 0xff, 0xfa, 0x01, 0x08,
94 0x2e, 0x2e, 0x00, 0xb6, 0xd0, 0x68, 0x3e, 0x80,
95 0x2f, 0x0c, 0xa9, 0xfe, 0x64, 0x53, 0x69, 0x7a
98 my $CISCO_BASE64_MAPPING = {'A', '.', 'B', '/', 'C', '0', 'D', '1', 'E', '2', 'F', '3', 'G', '4', 'H', '5', 'I', '6', 'J', '7', 'K', '8', 'L', '9', 'M', 'A', 'N', 'B', 'O', 'C', 'P', 'D', 'Q', 'E', 'R', 'F', 'S', 'G', 'T', 'H', 'U', 'I', 'V', 'J', 'W', 'K', 'X', 'L', 'Y', 'M', 'Z', 'N', 'a', 'O', 'b', 'P', 'c', 'Q', 'd', 'R', 'e', 'S', 'f', 'T', 'g', 'U', 'h', 'V', 'i', 'W', 'j', 'X', 'k', 'Y', 'l', 'Z', 'm', 'a', 'n', 'b', 'o', 'c', 'p', 'd', 'q', 'e', 'r', 'f', 's', 'g', 't', 'h', 'u', 'i', 'v', 'j', 'w', 'k', 'x', 'l', 'y', 'm', 'z', 'n', '0', 'o', '1', 'p', '2', 'q', '3', 'r', '4', 's', '5', 't', '6', 'u', '7', 'v', '8', 'w', '9', 'x', '+', 'y', '/', 'z'};
100 if (scalar @ARGV < 1)
111 if ($type ne "verify")
113 if (scalar @ARGV > 1)
118 elsif (scalar @ARGV == 1)
128 if ($type eq "single")
132 elsif ($type eq "passthrough")
143 if (scalar @ARGV != 4)
148 my $mode = shift @ARGV;
149 my $hash_file = shift @ARGV;
150 my $in_file = shift @ARGV;
151 my $out_file = shift @ARGV;
155 open (IN
, "<", $hash_file) or die ("$hash_file: $!\n");
157 # clever ? the resulting database could be huge
158 # but we need some way to map lines in hashfile w/ cracks
159 # maybe rli2 way would be more clever (needs sorted input)
161 while (my $line = <IN
>)
163 $line =~ s/[\n\r]*$//;
165 $db->{$line} = undef;
170 verify
($mode, $db, $in_file, $out_file);
178 my $out_file = shift;
197 open (IN
, "<", $in_file) or die ("$in_file: $!\n");
198 open (OUT
, ">", $out_file) or die ("$out_file: $!\n");
202 my $base64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
203 my $itoa64_1 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
204 my $itoa64_2 = "./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
206 while (my $line = <IN
>)
213 # remember always do "exists ($db->{$hash_in})" checks as soon as possible and don't forget it
216 if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 133 || $mode == 190 || $mode == 200 || $mode == 300 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3000 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 5700 || $mode == 6000 || $mode == 6100 || $mode == 6900 || $mode == 8600 || $mode == 9900 || $mode == 10800 || $mode == 11500)
218 my $index = index ($line, ":");
222 $hash_in = substr ($line, 0, $index);
224 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
226 $word = substr ($line, $index + 1);
229 elsif ($mode == 10 || $mode == 11 || $mode == 12 || $mode == 20 || $mode == 21 || $mode == 22 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 112 || $mode == 120 || $mode == 121 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1100 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 2410 || $mode == 2611 || $mode == 2711 || $mode == 2811 || $mode == 3100 || $mode == 3610 || $mode == 3710 || $mode == 3720 || $mode == 3800 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 4900 || $mode == 5800 || $mode == 7600 || $mode == 8400 || $mode == 11000 || $mode == 12600 || $mode == 13500)
232 my $index1 = index ($line, ":");
236 $hash_in = substr ($line, 0, $index1);
238 # identify lenghts of both salt and plain
240 my $salt_plain = substr ($line, $index1 + 1);
242 my $num_cols = () = $salt_plain =~ /:/g;
251 foreach (my $i = 0; $i < $num_cols; $i++)
253 $index2 = index ($salt_plain, ":", $start);
257 $start = $index2 + 1;
259 $salt = substr ($salt_plain, 0, $index2);
260 $word = substr ($salt_plain, $index2 + 1);
262 # can't be true w/ wrong $hash:$salt, otherwise the
263 # algo must have many collisions
265 if (exists ($db->{$hash_in . ":" . $salt}))
267 $hash_in = $hash_in . ":" . $salt;
273 next unless ($matched); # therefore: true == exists ($db->{$hash_in}
274 next unless (! defined ($db->{$hash_in}));
277 elsif ($mode == 2100)
280 my $index1 = index ($line, "\$DCC2\$");
282 next if $index1 != 0;
285 my $index2 = index ($line, "#", $index1 + 1);
289 $iter = substr ($line, $index1 + 6, $index2 - $index1 - 6);
292 $index1 = index ($line, "#");
296 $hash_in = substr ($line, 0, $index1 + 1);
298 # identify lenghts of both salt and plain
300 my $salt_plain = substr ($line, $index2 + 1);
302 my $num_cols = () = $salt_plain =~ /:/g;
312 foreach (my $i = 0; $i < $num_cols; $i++)
314 $index2 = index ($salt_plain, ":", $start);
318 $start = $index2 + 1;
320 $index3 = rindex ($salt_plain, "#", $index2);
322 $raw_hash = substr ($salt_plain, $index3 + 1, $index2 - $index3 - 1);
323 $salt = substr ($salt_plain, 0, $index3);
324 $word = substr ($salt_plain, $index2 + 1);
326 if (exists ($db->{$hash_in . $salt . "#" .$raw_hash}))
328 $hash_in = $hash_in . $salt . "#" . $raw_hash;
334 next unless ($matched); # therefore: true == exists ($db->{$hash_in}
335 next unless (! defined ($db->{$hash_in}));
337 # salt:hash guaranteed only : because of hex salt
338 elsif ($mode == 7300)
340 # split hash and plain
341 my $index1 = index ($line, ":");
345 $salt = substr ($line, 0, $index1);
347 $salt = pack ("H*", $salt);
349 my $rest = substr ($line, $index1 + 1);
351 my $index2 = index ($rest, ":");
355 $hash_in = substr ($rest, 0, $index2);
357 $word = substr ($rest, $index2 + 1);
359 next unless (exists ($db->{$salt . ":" . $hash_in}) and (! defined ($db->{$hash_in})));
362 elsif ($mode == 8100)
364 # split hash and plain
365 $salt = substr ($line, 1, 8);
367 my $rest = substr ($line, 1 + 8);
369 my $index2 = index ($rest, ":");
373 $hash_in = substr ($rest, 0, $index2);
375 $word = substr ($rest, $index2 + 1);
377 next unless (exists ($db->{"1" . $salt . $hash_in}) and (! defined ($db->{$hash_in})));
379 # base64 and salt embedded SSHA1, salt length = total lenght - 20
382 # split hash and plain
383 my $index = index ($line, ":");
387 $hash_in = substr ($line, 0, $index);
388 $word = substr ($line, $index + 1);
390 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
393 my $plain_base64 = substr ($hash_in, 6);
395 # base64 decode to extract salt
396 my $decoded = decode_base64
($plain_base64);
398 $salt = substr ($decoded, 20);
400 # base64 and salt embedded SSHA512, salt length = total length - 64
401 elsif ($mode == 1711)
403 # split hash and plain
404 my $index = index ($line, ":");
408 $hash_in = substr ($line, 0, $index);
409 $word = substr ($line, $index + 1);
411 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
414 my $plain_base64 = substr ($hash_in, 9);
416 # base64 decode to extract salt
417 my $decoded = decode_base64
($plain_base64);
419 $salt = substr ($decoded, 64);
421 # OSX (first 8 hex chars is salt)
422 # ArubaOS (the signature gets added in gen_hash)
423 elsif ($mode == 122 || $mode == 1722 || $mode == 125)
425 my $index = index ($line, ":");
429 $hash_in = substr ($line, 0, $index);
430 $word = substr ($line, $index + 1);
432 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
434 $salt = substr ($hash_in, 0, 8);
436 # MSSQL (2000, 2005 AND 2012), salt after version number
437 elsif ($mode == 131 || $mode == 132 || $mode == 1731)
439 my $index = index ($line, ":");
443 $hash_in = substr ($line, 0, $index);
444 $word = substr ($line, $index + 1);
446 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
448 $salt = substr ($hash_in, 6, 8);
451 elsif ($mode == 8000)
453 my $index = index ($line, ":");
457 $hash_in = substr ($line, 0, $index);
458 $word = substr ($line, $index + 1);
460 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
462 $salt = substr ($hash_in, 6, 16);
465 elsif ($mode == 141 || $mode == 1441)
467 my $index1 = index ($line, ":");
471 $hash_in = substr ($line, 0, $index1);
472 $word = substr ($line, $index1 + 1);
474 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
476 my $index2 = index ($line, "*", 14);
478 #extract salt from base64
479 my $plain_base64 = substr ($hash_in, 14, $index2 - 14);
481 $salt = decode_base64
($plain_base64);
483 # phpass (first 8 after $P$/$H$ -- or $S$ with drupal7)
484 elsif ($mode == 400 || $mode == 7900)
486 my $index = index ($line, ":");
490 $hash_in = substr ($line, 0, $index);
491 $word = substr ($line, $index + 1);
493 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
495 $salt = substr ($hash_in, 4, 8);
497 # iterations = 2 ^ cost (where cost == $iter)
498 $iter = index ($itoa64_1, substr ($hash_in, 3, 1));
500 # $something$[rounds=iter$]salt$ (get last $, then check iter)
501 elsif ($mode == 500 || $mode == 1600 || $mode == 1800 || $mode == 3300 || $mode == 7400)
503 my $index1 = index ($line, ":", 30);
507 $hash_in = substr ($line, 0, $index1);
508 $word = substr ($line, $index1 + 1);
510 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
512 $index1 = index ($hash_in, ",", 1);
513 my $index2 = index ($hash_in, "\$", 1);
517 if ($index1 < $index2)
523 $param = substr ($hash_in, $index2, 1);
527 # rounds= if available
530 if (substr ($hash_in, $index2, 7) eq "rounds=")
532 my $old_index = $index2;
534 $index2 = index ($hash_in, "\$", $index2 + 1);
538 $iter = substr ($hash_in, $old_index + 7, $index2 - $old_index - 7);
544 my $index3 = rindex ($hash_in, "\$");
548 $salt = substr ($hash_in, $index2, $index3 - $index2);
550 # descrypt (salt in first 2 char)
551 elsif ($mode == 1500)
553 my $index = index ($line, ":");
557 $hash_in = substr ($line, 0, $index);
558 $word = substr ($line, $index + 1);
560 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
562 $salt = substr ($hash_in, 0, 2);
564 # bcrypt $something$something$salt.hash
565 elsif ($mode == 3200)
567 my $index1 = index ($line, ":", 33);
571 $hash_in = substr ($line, 0, $index1);
572 $word = substr ($line, $index1 + 1);
574 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
576 my $index2 = index ($hash_in, "\$", 4);
578 $iter = substr ($hash_in, 4, $index2 - 4);
580 my $plain_base64 = substr ($hash_in, $index2 + 1, 22);
585 for (my $i = 0; $i < length ($plain_base64); $i++)
587 my $char = substr ($plain_base64, $i, 1);
588 $encoded .= substr ($base64, index ($itoa64_2, $char), 1);
591 $salt = decode_base64
($encoded);
594 elsif ($mode == 4800)
596 my $index1 = index ($line, ":");
600 my $index2 = index ($line, ":", $index1 + 1);
604 my $index3 = index ($line, ":", $index2 + 1);
608 $salt = substr ($line, $index1 + 1, $index3 - $index1 - 1);
610 $word = substr ($line, $index3 + 1);
612 $hash_in = substr ($line, 0, $index3);
615 elsif ($mode == 5300 || $mode == 5400)
617 my $num_cols = () = $line =~ /:/g;
619 next unless ($num_cols >= 9);
624 for (my $j = 0; $j < 9; $j++)
626 $index1 = index ($line, ":", $index1 + 1);
637 $word = substr ($line, $index1 + 1);
639 $hash_in = substr ($line, 0, $index1);
641 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
643 my $index2 = rindex ($line, ":", $index1 - 1);
645 $salt = substr ($line, 0, $index2);
648 elsif ($mode == 5500)
650 my $index1 = index ($line, "::");
654 my $index2 = index ($line, ":", $index1 + 2);
658 $index2 = index ($line, ":", $index2 + 1);
662 $salt = substr ($line, 0, $index2);
664 $index2 = index ($line, ":", $index2 + 1);
668 $salt .= substr ($line, $index2 + 1, 16);
670 $index2 = index ($line, ":", $index2 + 1);
674 $hash_in = substr ($line, 0, $index2);
676 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
678 $word = substr ($line, $index2 + 1);
681 elsif ($mode == 5600)
683 my $index1 = index ($line, "::");
687 my $index2 = index ($line, ":", $index1 + 2);
691 $index2 = index ($line, ":", $index2 + 1);
695 $salt = substr ($line, 0, $index2);
697 $index1 = index ($line, ":", $index2 + 1);
701 $index2 = index ($line, ":", $index1 + 1);
705 $salt .= substr ($line, $index1 + 1, $index2 - $index1 - 1);
707 $hash_in = substr ($line, 0, $index2);
709 # do it later on for this hash mode:
710 # next unless ((exists ($db->{$hash_in}) and (! defined ($db->{$hash_in}))) or (exists ($db->{$mod}) and (! defined ($db->{$mod}))));
712 $word = substr ($line, $index2 + 1);
714 # AIX smd5 something BRACE salt$
715 elsif ($mode == 6300)
717 my $index1 = index ($line, ":");
721 $hash_in = substr ($line, 0, $index1);
722 $word = substr ($line, $index1 + 1);
724 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
726 my $index2 = index ($hash_in, "}");
727 my $index3 = rindex ($hash_in, "\$");
729 $salt = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
731 # AIX: something$salt$ (no $ at position 1)
732 elsif ($mode == 6400 || $mode == 6500 || $mode == 6700)
734 my $index1 = index ($line, ":");
738 $hash_in = substr ($line, 0, $index1);
739 $word = substr ($line, $index1 + 1);
741 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
743 my $index2 = index ($hash_in, "}");
744 my $index3 = index ($hash_in, "\$");
745 my $index4 = rindex ($hash_in, "\$");
747 $salt = substr ($hash_in, $index3 + 1, $index4 - $index3 - 1);
749 $iter = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
751 # 1Password, agilekeychain
752 elsif ($mode == 6600)
754 my $num_cols = () = $line =~ /:/g;
756 next unless ($num_cols > 2);
758 my $index1 = index ($line, ":");
762 $iter = substr ($line, 0, $index1);
764 my $index2 = index ($line, ":", $index1 + 1);
768 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
770 $index1 = index ($line, ":", $index2 + 1);
774 $salt .= substr ($line, $index2 + 1, $index1 - $index2 - 33);
776 $hash_in = substr ($line, 0, $index1);
778 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
780 $word = substr ($line, $index1 + 1);
782 # 1Password, cloudkeychain
783 elsif ($mode == 8200)
785 my @datas = split (":", $line);
787 next if scalar @datas < 4;
789 my $hash = shift @datas;
790 $salt = shift @datas;
791 $iter = shift @datas;
792 my $data = shift @datas;
794 $hash_in = $hash . ":" . $salt . ":" . $iter . ":" . $data;
798 $word = join (":", @datas);
800 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
802 # lastpass (hash:iter:salt)
803 elsif ($mode == 6800)
805 my $index1 = index ($line, ":", 34);
809 $hash_in = substr ($line, 0, $index1);
811 # identify lenghts of both salt and plain
813 my $salt_plain = substr ($line, $index1 + 1);
815 my $num_cols = () = $salt_plain =~ /:/g;
824 foreach (my $i = 0; $i < $num_cols; $i++)
826 $index2 = index ($salt_plain, ":", $start);
830 $start = $index2 + 1;
832 $salt = substr ($salt_plain, 0, $index2);
833 $word = substr ($salt_plain, $index2 + 1);
835 # can't be true w/ wrong $hash:$salt, otherwise the
836 # algo must have many collisions
838 if (exists ($db->{$hash_in . ":" . $salt}))
840 $hash_in = $hash_in . ":" . $salt;
846 next unless ($matched); # therefore: true == exists ($db->{$hash_in}
847 next unless (! defined ($db->{$hash_in}));
849 $index1 = index ($hash_in, ":");
850 $index2 = index ($hash_in, ":", $index1 + 1);
852 $iter = substr ($hash_in, $index1 + 1, $index2 - $index1 - 1);
853 $salt = substr ($hash_in, $index2 + 1);
855 # OSX 10.* : $something$iter$salt$
856 elsif ($mode == 7100)
858 my $index1 = index ($line, ":");
862 $hash_in = substr ($line, 0, $index1);
863 $word = substr ($line, $index1 + 1);
865 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
867 my $index2 = index ($hash_in, "\$", 5);
871 my $index3 = index ($hash_in, "\$", $index2 + 1);
873 $salt = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
875 $iter = substr ($hash_in, 4, $index2 - 4);
877 next if (int ($iter) < 1);
879 # grub: something1.something2.something3.iter.salt.
880 elsif ($mode == 7200)
882 my $index1 = index ($line, ":");
886 $hash_in = substr ($line, 0, $index1);
887 $word = substr ($line, $index1 + 1);
889 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
891 my $index2 = index ($hash_in, ".", 19);
895 my $index3 = index ($hash_in, ".", $index2 + 1);
897 $salt = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
899 $iter = substr ($hash_in, 19, $index2 - 19);
901 next if (int ($iter) < 1);
903 # $something1$something2$something3$something4$salt$
904 elsif ($mode == 7500 )
906 my $index1 = index ($line, "\$", 11);
910 my $index2 = index ($line, "\$", $index1 + 1);
914 my $index3 = index ($line, "\$", $index2 + 1);
918 $index2 = index ($line, ":", $index3 + 1);
922 $hash_in = substr ($line, 0, $index2);
923 $word = substr ($line, $index2 + 1);
925 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
927 $salt = substr ($hash_in, 11, $index3 - 10);
928 $salt .= substr ($hash_in, $index2 - 32) . "\$\$";
929 $salt .= substr ($hash_in, $index3 + 1, $index2 - $index3 - 32 - 1);
932 elsif ($mode == 7700 || $mode == 7800)
934 my $index1 = index ($line, ":");
938 my @split1 = split (":", $line);
940 my @split2 = split ('\$', $split1[0]);
942 next unless scalar @split2 == 2;
944 $hash_in = $split1[0];
946 if (scalar @split1 > 1)
955 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
960 elsif ($mode == 8300)
962 my @datas = split (":", $line);
964 next if scalar @datas != 5;
969 ($hash, $domain, $salt, $iter, $word) = @datas;
971 $hash_in = $hash . ":" . $domain . ":" . $salt . ":" . $iter;
973 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
975 $salt = $domain . ":" . $salt;
978 elsif ($mode == 8500)
980 my @line_elements = split (":", $line);
982 next if scalar @line_elements < 2;
986 $hash_in = shift @line_elements;
988 $word = join (":", @line_elements);
992 my @hash_elements = split ('\*', $hash_in);
994 next unless ($hash_elements[0] eq '$racf$');
996 $salt = $hash_elements[1];
998 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1001 elsif ($mode == 8700)
1003 # split hash and plain
1004 my $index = index ($line, ":");
1008 $hash_in = substr ($line, 0, $index);
1009 $word = substr ($line, $index + 1);
1011 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1013 my $plain_base64 = substr ($hash_in, 2, -1);
1015 ($_, $salt, $param) = domino_decode
($plain_base64);
1018 elsif ($mode == 2612)
1020 next unless (substr ($line, 0, 6) eq '$PHPS$');
1023 my $index1 = index ($line, "\$", 6);
1025 next if $index1 < 1;
1027 $salt = substr ($line, 6, $index1 - 6);
1029 $salt = pack ("H*", $salt);
1031 my $index2 = index ($line, "\:", $index1 + 1);
1033 next if $index2 < 1;
1035 $word = substr ($line, $index2 + 1);
1037 $hash_in = substr ($line, 0, $index2);
1039 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1042 elsif ($mode == 3711)
1044 next unless (substr ($line, 0, 3) eq '$B$');
1047 my $index1 = index ($line, "\$", 3);
1049 next if $index1 < 1;
1051 $salt = substr ($line, 3, $index1 - 3);
1053 my $index2 = index ($line, ":", $index1 + 1);
1055 next if $index2 < 1;
1057 $word = substr ($line, $index2 + 1);
1059 $hash_in = substr ($line, 0, $index2);
1061 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1064 elsif ($mode == 8900)
1066 next unless (substr ($line, 0, 7) eq 'SCRYPT:');
1069 my $index1 = index ($line, ":", 7);
1071 next if $index1 < 1;
1074 my $N = substr ($line, 7, $index1 - 7);
1076 my $index2 = index ($line, ":", $index1 + 1);
1078 next if $index2 < 1;
1081 my $r = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1083 $index1 = index ($line, ":", $index2 + 1);
1085 next if $index1 < 1;
1088 my $p = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1094 $index2 = index ($line, ":", $index1 + 1);
1096 next if $index2 < 1;
1099 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1101 $salt = decode_base64
($salt);
1103 $index1 = index ($line, ":", $index2 + 1);
1105 next if $index1 < 1;
1109 $word = substr ($line, $index1 + 1);
1110 $hash_in = substr ($line, 0, $index1);
1112 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1115 elsif ($mode == 9100)
1117 # split hash and plain
1118 my $index = index ($line, ":");
1122 $hash_in = substr ($line, 0, $index);
1123 $word = substr ($line, $index + 1);
1125 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1127 my $base64_part = substr ($hash_in, 2, -1);
1129 ($_, $salt, $iter, $param) = domino_85x_decode
($base64_part);
1131 next if ($iter < 1);
1133 # Cisco $8$ - PBKDF2-HMAC-SHA256
1134 elsif ($mode == 9200)
1136 next unless (substr ($line, 0, 3) eq '$8$');
1139 my $index1 = index ($line, "\$", 3);
1141 next if $index1 != 17;
1143 my $index2 = index ($line, "\$", $index1 + 1);
1146 $salt = substr ($line, 3, $index1 - 3);
1148 $index1 = index ($line, ":", $index1 + 1);
1150 next if $index1 < 1;
1154 $word = substr ($line, $index1 + 1);
1155 $hash_in = substr ($line, 0, $index1);
1157 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1159 # Cisco $9$ - scrypt
1160 elsif ($mode == 9300)
1162 next unless (substr ($line, 0, 3) eq '$9$');
1165 my $index1 = index ($line, "\$", 3);
1167 next if $index1 != 17;
1169 my $index2 = index ($line, "\$", $index1 + 1);
1172 $salt = substr ($line, 3, $index1 - 3);
1174 $index1 = index ($line, ":", $index1 + 1);
1176 next if $index1 < 1;
1180 $word = substr ($line, $index1 + 1);
1181 $hash_in = substr ($line, 0, $index1);
1183 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1186 elsif ($mode == 9400)
1188 ($hash_in, $word) = split ":", $line;
1190 next unless defined $hash_in;
1191 next unless defined $word;
1193 my @data = split /\*/, $hash_in;
1195 next unless scalar @data == 8;
1197 next unless (shift @data eq '$office$');
1198 next unless (shift @data eq '2007');
1199 next unless (shift @data eq '20');
1201 my $aes_key_size = shift @data;
1203 next unless (($aes_key_size eq '128') || ($aes_key_size eq '256'));
1204 next unless (shift @data eq '16');
1206 next unless (length $data[0] == 32);
1207 next unless (length $data[1] == 32);
1208 next unless (length $data[2] == 40);
1210 $salt = shift @data;
1211 $param = shift @data;
1212 $param2 = $aes_key_size;
1214 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1217 elsif ($mode == 9500)
1219 ($hash_in, $word) = split ":", $line;
1221 next unless defined $hash_in;
1222 next unless defined $word;
1224 my @data = split /\*/, $hash_in;
1226 next unless scalar @data == 8;
1228 next unless (shift @data eq '$office$');
1229 next unless (shift @data eq '2010');
1230 next unless (shift @data eq '100000');
1231 next unless (shift @data eq '128');
1232 next unless (shift @data eq '16');
1234 next unless (length $data[0] == 32);
1235 next unless (length $data[1] == 32);
1236 next unless (length $data[2] == 64);
1238 $salt = shift @data;
1239 $param = shift @data;
1241 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1244 elsif ($mode == 9600)
1246 ($hash_in, $word) = split ":", $line;
1248 next unless defined $hash_in;
1249 next unless defined $word;
1251 my @data = split /\*/, $hash_in;
1253 next unless scalar @data == 8;
1255 next unless (shift @data eq '$office$');
1256 next unless (shift @data eq '2013');
1257 next unless (shift @data eq '100000');
1258 next unless (shift @data eq '256');
1259 next unless (shift @data eq '16');
1261 next unless (length $data[0] == 32);
1262 next unless (length $data[1] == 32);
1263 next unless (length $data[2] == 64);
1265 $salt = shift @data;
1266 $param = shift @data;
1268 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1271 elsif ($mode == 9700)
1273 ($hash_in, $word) = split ":", $line;
1275 next unless defined $hash_in;
1276 next unless defined $word;
1278 my @data = split /\*/, $hash_in;
1280 next unless scalar @data == 4;
1282 my $signature = shift @data;
1284 next unless (($signature eq '$oldoffice$0') || ($signature eq '$oldoffice$1'));
1286 next unless (length $data[0] == 32);
1287 next unless (length $data[1] == 32);
1288 next unless (length $data[2] == 32);
1290 $salt = shift @data;
1291 $param = shift @data;
1292 $param2 = substr ($signature, 11, 1);
1294 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1297 elsif ($mode == 9800)
1299 ($hash_in, $word) = split ":", $line;
1301 next unless defined $hash_in;
1302 next unless defined $word;
1304 my @data = split /\*/, $hash_in;
1306 next unless scalar @data == 4;
1308 my $signature = shift @data;
1310 next unless (($signature eq '$oldoffice$3') || ($signature eq '$oldoffice$4'));
1312 next unless (length $data[0] == 32);
1313 next unless (length $data[1] == 32);
1314 next unless (length $data[2] == 40);
1316 $salt = shift @data;
1317 $param = shift @data;
1318 $param2 = substr ($signature, 11, 1);
1320 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1322 # Django (PBKDF2-SHA256)
1323 elsif ($mode == 10000)
1325 next unless (substr ($line, 0, 14) eq 'pbkdf2_sha256$');
1328 my $index1 = index ($line, "\$", 14);
1330 next if $index1 < 1;
1332 my $index2 = index ($line, "\$", $index1 + 1);
1336 $iter = substr ($line, 14, $index1 - 14);
1340 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1344 $index1 = index ($line, ":", $index2 + 1);
1346 next if $index1 < 1;
1348 $word = substr ($line, $index1 + 1);
1349 $hash_in = substr ($line, 0, $index1);
1351 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1354 elsif ($mode == 10100)
1358 ($hash, undef, undef, $salt, $word) = split ":", $line;
1360 next unless defined $hash;
1361 next unless defined $salt;
1362 next unless defined $word;
1364 next unless (length $hash == 16);
1365 next unless (length $salt == 32);
1367 my $hash_in = sprintf ("%s:2:4:%s", $hash, $salt);
1369 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1372 elsif ($mode == 10200)
1374 next unless (substr ($line, 0, 10) eq '$cram_md5$');
1377 my $index1 = index ($line, "\$", 10);
1379 next if $index1 < 1;
1383 my $challengeb64 = substr ($line, 10, $index1 - 10);
1384 $salt = decode_base64
($challengeb64);
1388 my $index2 = index ($line, ":", $index1 + 1);
1390 next if $index2 < 1;
1392 my $responseb64 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1393 my $response = decode_base64
($responseb64);
1395 $param = substr ($response, 0, length ($response) - 32 - 1); # -1 is for space
1397 $word = substr ($line, $index2 + 1);
1398 $hash_in = substr ($line, 0, $index2);
1400 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1402 # SAP CODVN H (PWDSALTEDHASH) iSSHA-1
1403 elsif ($mode == 10300)
1405 next unless (substr ($line, 0, 10) eq '{x-issha, ');
1409 my $index1 = index ($line, "}", 10);
1411 next if $index1 < 1;
1413 $iter = substr ($line, 10, $index1 - 10);
1415 $iter = int ($iter);
1419 my $base64_encoded = substr ($line, $index1 + 1);
1420 my $base64_decoded = decode_base64
($base64_encoded);
1422 $salt = substr ($base64_decoded, 20);
1424 my $index2 = index ($line, ":", $index1 + 1);
1426 next if $index2 < 1;
1428 $word = substr ($line, $index2 + 1);
1429 $hash_in = substr ($line, 0, $index2);
1431 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1433 # PDF 1.1 - 1.3 (Acrobat 2 - 4)
1434 elsif ($mode == 10400)
1436 ($hash_in, $word) = split ":", $line;
1438 next unless defined $hash_in;
1439 next unless defined $word;
1441 my @data = split /\*/, $hash_in;
1443 next unless scalar @data == 11;
1445 next unless (shift @data eq '$pdf$1');
1446 next unless (shift @data eq '2');
1447 next unless (shift @data eq '40');
1448 my $P = shift @data;
1449 next unless (shift @data eq '0');
1450 next unless (shift @data eq '16');
1451 my $id = shift @data;
1452 next unless (shift @data eq '32');
1453 my $u = shift @data;
1454 next unless (shift @data eq '32');
1455 my $o = shift @data;
1462 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1464 # PDF 1.4 - 1.6 (Acrobat 5 - 8)
1465 elsif ($mode == 10500)
1467 ($hash_in, $word) = split ":", $line;
1469 next unless defined $hash_in;
1470 next unless defined $word;
1472 my @data = split /\*/, $hash_in;
1474 next unless scalar @data == 11;
1476 my $V = shift @data; $V = substr ($V, 5, 1);
1477 my $R = shift @data;
1478 next unless (shift @data eq '128');
1479 my $P = shift @data;
1480 my $enc = shift @data;
1481 next unless (shift @data eq '16');
1482 my $id = shift @data;
1483 next unless (shift @data eq '32');
1484 my $u = shift @data;
1485 next unless (shift @data eq '32');
1486 my $o = shift @data;
1496 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1498 # PDF 1.7 Level 3 (Acrobat 9)
1499 elsif ($mode == 10600)
1501 ($hash_in, $word) = split ":", $line;
1503 next unless defined $hash_in;
1504 next unless defined $word;
1506 my @data = split /\*/, $hash_in;
1508 next unless scalar @data >= 11;
1510 next unless (shift @data eq '$pdf$5');
1511 next unless (shift @data eq '5');
1512 next unless (shift @data eq '256');
1513 next unless (shift @data eq '-1028');
1514 next unless (shift @data eq '1');
1515 next unless (shift @data eq '16');
1516 my $id = shift @data;
1517 my $rest = join "*", @data;
1522 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1524 # PDF 1.7 Level 8 (Acrobat 10 - 11)
1525 elsif ($mode == 10700)
1527 ($hash_in, $word) = split ":", $line;
1529 next unless defined $hash_in;
1530 next unless defined $word;
1532 my @data = split /\*/, $hash_in;
1534 next unless scalar @data >= 11;
1536 next unless (shift @data eq '$pdf$5');
1537 next unless (shift @data eq '6');
1538 next unless (shift @data eq '256');
1539 next unless (shift @data eq '-1028');
1540 next unless (shift @data eq '1');
1541 next unless (shift @data eq '16');
1542 my $id = shift @data;
1543 my $rest = join "*", @data;
1548 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1550 # PBKDF2-HMAC-SHA256
1551 elsif ($mode == 10900)
1553 next unless (substr ($line, 0, 7) eq 'sha256:');
1556 my $index1 = index ($line, ":", 7);
1558 next if $index1 < 1;
1560 $iter = substr ($line, 7, $index1 - 7);
1564 my $index2 = index ($line, ":", $index1 + 1);
1566 next if $index2 < 1;
1568 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1570 $salt = decode_base64
($salt);
1574 $index1 = index ($line, ":", $index2 + 1);
1576 next if $index1 < 1;
1578 # additional param = output len of pbkdf2
1580 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1582 my $digest = decode_base64
($digest64_encoded);
1584 $param = length ($digest);
1588 $word = substr ($line, $index1 + 1);
1589 $hash_in = substr ($line, 0, $index1);
1591 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1593 # PostgreSQL MD5 Authentication
1594 elsif ($mode == 11100)
1596 next unless (substr ($line, 0, 10) eq '$postgres$');
1598 my $index1 = index ($line, "*", 10);
1600 next if $index1 < 1;
1604 $param = substr ($line, 10, $index1 - 10);
1606 # get the 4 byte salt
1608 my $index2 = index ($line, "*", $index1 + 1);
1610 next if $index2 < 1;
1612 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1616 $index1 = index ($line, ":", $index2 + 1);
1618 next if $index1 < 1;
1620 $word = substr ($line, $index1 + 1);
1621 $hash_in = substr ($line, 0, $index1);
1623 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1625 # MySQL MD5 Authentication
1626 elsif ($mode == 11200)
1628 next unless (substr ($line, 0, 9) eq '$mysqlna$');
1630 my $index1 = index ($line, "*", 9);
1632 next if $index1 < 1;
1636 $salt = substr ($line, 9, $index1 - 9);
1640 $index1 = index ($line, ":", $index1 + 1);
1642 next if $index1 < 1;
1644 $word = substr ($line, $index1 + 1);
1645 $hash_in = substr ($line, 0, $index1);
1647 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1650 elsif ($mode == 2500)
1652 print "ERROR: verify currently not supported for WPA/WPA2 (because of hashcat's output format)\n";
1656 # Bitcoin/Litecoin wallet.dat
1657 elsif ($mode == 11300)
1659 print "ERROR: verify currently not supported for Bitcoin/Litecoin wallet.dat because of unknown crypt data\n";
1663 # SIP digest authentication (MD5)
1664 elsif ($mode == 11400)
1666 next unless (substr ($line, 0, 6) eq '$sip$*');
1670 my $index1 = index ($line, "*", 6);
1672 next if $index1 < 0;
1674 $param10 = substr ($line, 6, $index1 - 6);
1676 next if (length ($param10) > 32);
1680 my $index2 = index ($line, "*", $index1 + 1);
1682 next if $index2 < 0;
1684 $param11 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1686 next if (length ($param11) > 32);
1690 $index1 = index ($line, "*", $index2 + 1);
1692 next if $index1 < 0;
1694 $param = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1696 next if (length ($param) > 12);
1700 $index2 = index ($line, "*", $index1 + 1);
1702 next if $index2 < 0;
1704 $param2 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1706 next if (length ($param2) > 20);
1710 $index1 = index ($line, "*", $index2 + 1);
1712 next if $index1 < 0;
1714 $param6 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1716 next if (length ($param6) > 24);
1720 $index2 = index ($line, "*", $index1 + 1);
1722 next if $index2 < 0;
1724 $param7 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1726 next if (length ($param7) > 10);
1730 $index1 = index ($line, "*", $index2 + 1);
1732 next if $index1 < 0;
1734 $param8 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1736 next if (length ($param8) > 32);
1740 $index2 = index ($line, "*", $index1 + 1);
1742 next if $index2 < 0;
1744 $param9 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1746 next if (length ($param9) > 32);
1750 $index1 = index ($line, "*", $index2 + 1);
1752 next if $index1 < 0;
1754 $salt = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1756 next if (length ($salt) > 34);
1760 $index2 = index ($line, "*", $index1 + 1);
1762 next if $index2 < 0;
1764 $param4 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1766 next if (length ($param4) > 12);
1770 $index1 = index ($line, "*", $index2 + 1);
1772 next if $index1 < 0;
1774 $param3 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1776 next if (length ($param3) > 10);
1780 $index2 = index ($line, "*", $index1 + 1);
1782 next if $index2 < 0;
1784 $param5 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1786 next if (length ($param5) > 8);
1790 $index1 = index ($line, "*", $index2 + 1);
1792 next if $index1 < 0;
1794 my $directive = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1796 next unless ($directive eq "MD5");
1800 $index2 = index ($line, ":", $index1 + 1);
1802 next if $index2 < 0;
1804 my $hex_digest = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1806 next unless (length ($hex_digest) == 32);
1808 $word = substr ($line, $index2 + 1);
1809 $hash_in = substr ($line, 0, $index2);
1811 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1814 elsif ($mode == 11600)
1816 next unless (substr ($line, 0, 4) eq '$7z$');
1820 my $index1 = index ($line, '$', 4);
1822 next if $index1 < 0;
1824 my $p = substr ($line, 4, $index1 - 4);
1826 next unless ($p eq "0");
1830 my $index2 = index ($line, '$', $index1 + 1);
1832 next if $index2 < 0;
1834 $iter = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1836 # seven zip salt length
1838 $index1 = index ($line, '$', $index2 + 1);
1840 next if $index1 < 0;
1842 $param = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1846 $index2 = index ($line, '$', $index1 + 1);
1848 next if $index2 < 0;
1850 $param2 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1854 $index1 = index ($line, '$', $index2 + 1);
1856 next if $index1 < 0;
1858 $param3 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1862 $index2 = index ($line, '$', $index1 + 1);
1864 next if $index2 < 0;
1866 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1868 $salt = pack ("H*", $salt);
1872 $index1 = index ($line, '$', $index2 + 1);
1874 next if $index1 < 0;
1876 my $crc = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1878 # ignore this crc, we don't need to pass it to gen_hash ()
1882 $index2 = index ($line, '$', $index1 + 1);
1884 next if $index2 < 0;
1886 $param4 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1890 $index1 = index ($line, '$', $index2 + 1);
1892 next if $index1 < 0;
1894 $param5 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1898 $index2 = index ($line, ':', $index1 + 1);
1900 next if $index2 < 0;
1902 $param6 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1903 $param6 = pack ("H*", $param6);
1905 $word = substr ($line, $index2 + 1);
1906 $hash_in = substr ($line, 0, $index2);
1908 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1911 elsif ($mode == 11900)
1913 next unless (substr ($line, 0, 4) eq 'md5:');
1916 my $index1 = index ($line, ":", 4);
1918 next if $index1 < 1;
1920 $iter = substr ($line, 4, $index1 - 4);
1924 my $index2 = index ($line, ":", $index1 + 1);
1926 next if $index2 < 1;
1928 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1930 $salt = decode_base64
($salt);
1934 $index1 = index ($line, ":", $index2 + 1);
1936 next if $index1 < 1;
1938 # additional param = output len of pbkdf2
1940 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1942 my $digest = decode_base64
($digest64_encoded);
1944 $param = length ($digest);
1948 $word = substr ($line, $index1 + 1);
1949 $hash_in = substr ($line, 0, $index1);
1951 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1954 elsif ($mode == 12000)
1956 next unless (substr ($line, 0, 5) eq 'sha1:');
1959 my $index1 = index ($line, ":", 5);
1961 next if $index1 < 1;
1963 $iter = substr ($line, 5, $index1 - 5);
1967 my $index2 = index ($line, ":", $index1 + 1);
1969 next if $index2 < 1;
1971 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1973 $salt = decode_base64
($salt);
1977 $index1 = index ($line, ":", $index2 + 1);
1979 next if $index1 < 1;
1981 # additional param = output len of pbkdf2
1983 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1985 my $digest = decode_base64
($digest64_encoded);
1987 $param = length ($digest);
1991 $word = substr ($line, $index1 + 1);
1992 $hash_in = substr ($line, 0, $index1);
1994 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1996 # PBKDF2-HMAC-SHA512
1997 elsif ($mode == 12100)
1999 next unless (substr ($line, 0, 7) eq 'sha512:');
2002 my $index1 = index ($line, ":", 7);
2004 next if $index1 < 1;
2006 $iter = substr ($line, 7, $index1 - 7);
2010 my $index2 = index ($line, ":", $index1 + 1);
2012 next if $index2 < 1;
2014 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
2016 $salt = decode_base64
($salt);
2020 $index1 = index ($line, ":", $index2 + 1);
2022 next if $index1 < 1;
2024 # additional param = output len of pbkdf2
2026 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
2028 my $digest = decode_base64
($digest64_encoded);
2030 $param = length ($digest);
2034 $word = substr ($line, $index1 + 1);
2035 $hash_in = substr ($line, 0, $index1);
2037 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2040 elsif ($mode == 12200)
2042 next unless (substr ($line, 0, 12) eq '$ecryptfs$0$');
2044 # check if default salt
2048 $param = 0 if (substr ($line, 12, 2) eq '1$');
2056 if ($param == 0) # we need to extract the salt
2058 $index1 = index ($line, '$', $index1);
2060 next if $index1 < 1;
2062 my $index2 = index ($line, '$', $index1 + 1);
2064 next if $index2 < 1;
2066 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
2071 $index1 = index ($line, ':', $index1 + 1);
2073 next if $index1 < 1;
2077 $word = substr ($line, $index1 + 1);
2078 $hash_in = substr ($line, 0, $index1);
2080 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2082 # Oracle T: Type (Oracle 12+)
2083 elsif ($mode == 12300)
2085 my $index1 = index ($line, ':');
2087 next if ($index1 != 160);
2091 $salt = substr ($line, 128, 32);
2095 $word = substr ($line, $index1 + 1);
2096 $hash_in = substr ($line, 0, $index1);
2098 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2100 # BSDiCrypt, Extended DES
2101 elsif ($mode == 12400)
2103 next unless (substr ($line, 0, 1) eq '_');
2105 my $index1 = index ($line, ':', 20);
2107 next if ($index1 != 20);
2111 $iter = substr ($line, 1, 4);
2113 $iter = base64_to_int24
($iter);
2117 $salt = substr ($line, 5, 4);
2121 $word = substr ($line, $index1 + 1);
2122 $hash_in = substr ($line, 0, $index1);
2124 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2126 # Blockchain, My Wallet
2127 elsif ($mode == 12700)
2129 my $index1 = index ($line, ':');
2131 next if ($index1 < 0);
2133 $hash_in = substr ($line, 0, $index1);
2134 $word = substr ($line, $index1 + 1);
2136 my (undef, $signature, $data_len, $data_buf) = split '\$', $hash_in;
2138 next unless ($signature eq "blockchain");
2140 next unless (($data_len * 2) == length $data_buf);
2142 $salt = substr ($data_buf, 0, 32);
2143 $param = substr ($data_buf, 32);
2145 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2147 elsif ($mode == 12800)
2149 ($hash_in, $word) = split ":", $line;
2151 next unless defined $hash_in;
2152 next unless defined $word;
2154 my @data = split /\,/, $hash_in;
2156 next unless scalar @data == 4;
2158 next unless (shift @data eq 'v1;PPH1_MD4');
2160 $salt = shift @data;
2161 $iter = shift @data;
2163 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2165 elsif ($mode == 12900)
2167 ($hash_in, $word) = split ":", $line;
2169 next unless defined $hash_in;
2170 next unless defined $word;
2172 next unless length $hash_in == 160;
2174 $param = substr ($hash_in, 0, 64);
2175 $salt = substr ($hash_in, 128, 32);
2178 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2180 elsif ($mode == 13000)
2184 ($hash_line, $word) = split ":", $line;
2186 next unless defined $hash_line;
2187 next unless defined $word;
2189 my @data = split ('\$', $hash_line);
2191 next unless scalar @data == 8;
2195 my $signature = shift @data;
2196 my $salt_len = shift @data;
2197 my $salt_buf = shift @data;
2198 my $iterations = shift @data;
2199 my $iv = shift @data;
2200 my $pswcheck_len = shift @data;
2201 my $pswcheck = shift @data;
2203 next unless ($signature eq "rar5");
2204 next unless ($salt_len == 16);
2205 next unless ($pswcheck_len == 8);
2208 $iter = $iterations;
2209 $hash_in = $pswcheck;
2212 next unless (exists ($db->{$hash_line}) and (! defined ($db->{$hash_line})));
2214 elsif ($mode == 13100 )
2216 ($hash_in, $word) = split ":", $line;
2218 next unless defined $hash_in;
2219 next unless defined $word;
2221 my @data = split ('\$', $hash_in);
2223 next unless scalar @data == 8;
2227 my $signature = shift @data;
2228 my $algorithm = shift @data;
2229 my $user = shift @data;
2230 $user = substr ($user, 1);
2231 my $realm = shift @data;
2232 my $spn = shift @data;
2233 $spn = substr ($spn, 0, length ($spn) - 1);
2234 my $checksum = shift @data;
2235 my $edata2 = shift @data;
2237 next unless ($signature eq "krb5tgs");
2238 next unless (length ($checksum) == 32);
2239 next unless (length ($edata2) >= 64);
2241 $salt = $user . '$' . $realm . '$' . $spn . '$' . substr ($edata2, 0, 16);
2243 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2245 elsif ($mode == 13200)
2247 ($hash_in, $word) = split ":", $line;
2249 next unless defined $hash_in;
2250 next unless defined $word;
2252 my @data = split ('\*', $hash_in);
2254 next unless scalar @data == 5;
2258 my $signature = shift @data;
2259 my $version = shift @data;
2260 my $iteration = shift @data;
2261 my $mysalt = shift @data;
2262 my $digest = shift @data;
2264 next unless ($signature eq '$axcrypt$');
2265 next unless (length ($mysalt) == 32);
2266 next unless (length ($digest) == 48);
2268 $salt = $iteration . '*' . $mysalt;
2270 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2272 elsif ($mode == 13300)
2274 ($hash_in, $word) = split ":", $line;
2276 next unless defined $hash_in;
2277 next unless defined $word;
2279 my @data = split ('\$', $hash_in);
2281 next unless scalar @data == 2;
2285 my $signature = shift @data;
2286 my $digest = shift @data;
2288 next unless ($signature eq '$axcrypt_sha1');
2289 next unless (length ($digest) == 32 || length ($digest) == 40);
2291 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2293 elsif ($mode == 13400)
2295 ($hash_in, $word) = split ":", $line;
2297 next unless defined $hash_in;
2298 next unless defined $word;
2300 my @data = split ('\*', $hash_in);
2302 next unless (scalar @data == 9
2303 || scalar @data == 11
2304 || scalar @data == 12
2305 || scalar @data == 14);
2307 my $signature = shift @data;
2308 next unless ($signature eq '$keepass$');
2310 my $version = shift @data;
2311 next unless ($version == 1 || $version == 2);
2313 my $iteration = shift @data;
2315 my $algorithm = shift @data;
2317 my $final_random_seed = shift @data;
2321 next unless (length ($final_random_seed) == 32);
2323 elsif ($version == 2)
2325 next unless (length ($final_random_seed) == 64);
2328 my $transf_random_seed = shift @data;
2329 next unless (length ($transf_random_seed) == 64);
2331 my $enc_iv = shift @data;
2332 next unless (length ($enc_iv) == 32);
2336 my $contents_hash = shift @data;
2337 next unless (length ($contents_hash) == 64);
2339 my $inline_flags = shift @data;
2340 next unless ($inline_flags == 1);
2342 my $contents_len = shift @data;
2344 my $contents = shift @data;
2345 next unless (length ($contents) == $contents_len * 2);
2347 elsif ($version == 2)
2349 my $expected_bytes = shift @data;
2350 next unless (length ($expected_bytes) == 64);
2352 my $contents_hash = shift @data;
2353 next unless (length ($contents_hash) == 64);
2356 if (scalar @data == 12 || scalar @data == 14)
2358 my $inline_flags = shift @data;
2359 next unless ($inline_flags == 1);
2361 my $keyfile_len = shift @data;
2362 next unless ($keyfile_len == 64);
2364 my $keyfile = shift @data;
2365 next unless (length ($keyfile) == $keyfile_len);
2368 $salt = substr ($hash_in, length ("*keepass*") + 1, length ($hash_in));
2370 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2372 elsif ($mode == 13600)
2374 ($hash_in, $word) = split ":", $line;
2376 next unless defined $hash_in;
2377 next unless defined $word;
2379 my @data = split ('\*', $hash_in);
2381 next unless scalar @data == 10;
2383 my $tag_start = shift @data;
2384 my $type = shift @data;
2385 my $mode = shift @data;
2386 my $magic = shift @data;
2387 my $salt = shift @data;
2388 my $verify_bytes = shift @data;
2389 my $length = shift @data;
2390 my $data = shift @data;
2391 my $auth = shift @data;
2392 my $tag_end = shift @data;
2394 next unless ($tag_start eq '$zip2$');
2395 next unless ($tag_end eq '$/zip2$');
2404 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2408 print "ERROR: hash mode is not supported\n";
2413 if ($word =~ m/^\$HEX\[[0-9a-fA-F]*\]$/)
2415 $word = pack ("H*", substr ($word, 5, -1));
2418 # finally generate the hash
2423 # check both variations
2424 $hash_out = gen_hash
($mode, $word, $salt, $iter, 1);
2426 $len = length $hash_out; # == length $alternative
2428 if (substr ($line, 0, $len) ne $hash_out)
2430 my $alternative = gen_hash
($mode, $word, $salt, $iter, 2);
2432 return unless (substr ($line, 0, $len) eq $alternative);
2435 elsif ($mode == 8700)
2437 $hash_out = gen_hash
($mode, $word, $salt, 0, $param);
2439 $len = length $hash_out;
2441 return unless (substr ($line, 0, $len) eq $hash_out);
2443 elsif ($mode == 8900)
2445 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2, $param3);
2447 $len = length $hash_out;
2449 return unless (substr ($line, 0, $len) eq $hash_out);
2451 elsif ($mode == 9100)
2453 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2455 $len = length $hash_out;
2457 return unless (substr ($line, 0, $len) eq $hash_out);
2459 elsif ($mode == 190)
2461 $hash_out = gen_hash
($mode, $word, $salt, $iter, 0);
2463 $len = length $hash_out; # == length $alternative
2465 if (substr ($line, 0, $len) ne $hash_out)
2467 my $alternative = gen_hash
($mode, $word, $salt, $iter, 1);
2469 return unless (substr ($line, 0, $len) eq $alternative);
2472 elsif ($mode == 3300)
2474 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2476 $len = length $hash_out;
2478 return unless (substr ($line, 0, $len) eq $hash_out);
2480 elsif ($mode == 5100)
2482 # check 3 variants (start, middle, end)
2486 $hash_out = gen_hash
($mode, $word, $salt, $iter, $idx++);
2488 $len = length $hash_out; # == length $alternative
2490 if (substr ($line, 0, $len) ne $hash_out)
2492 my $alternative = gen_hash
($mode, $word, $salt, $iter, $idx++);
2494 if (substr ($line, 0, $len) ne $alternative)
2496 my $alternative = gen_hash
($mode, $word, $salt, $iter, $idx++);
2498 return unless (substr ($line, 0, $len) eq $alternative);
2502 elsif ($mode == 9400)
2504 $hash_out = gen_hash
($mode, $word, $salt, 50000, $param, $param2);
2506 $len = length $hash_out;
2508 return unless (substr ($line, 0, $len) eq $hash_out);
2510 elsif ($mode == 9500)
2512 $hash_out = gen_hash
($mode, $word, $salt, 100000, $param);
2514 $len = length $hash_out;
2516 return unless (substr ($line, 0, $len) eq $hash_out);
2518 elsif ($mode == 9600)
2520 $hash_out = gen_hash
($mode, $word, $salt, 100000, $param);
2522 $len = length $hash_out;
2524 return unless (substr ($line, 0, $len) eq $hash_out);
2526 elsif ($mode == 9700)
2528 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2);
2530 $len = length $hash_out;
2532 return unless (substr ($line, 0, $len) eq $hash_out);
2534 elsif ($mode == 9800)
2536 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2);
2538 $len = length $hash_out;
2540 return unless (substr ($line, 0, $len) eq $hash_out);
2542 elsif ($mode == 10400)
2544 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2, $param3);
2546 $len = length $hash_out;
2548 return unless (substr ($line, 0, $len) eq $hash_out);
2550 elsif ($mode == 10500)
2552 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2, $param3, $param4, $param5, $param6);
2554 $len = length $hash_out;
2556 return unless (substr ($line, 0, $len) eq $hash_out);
2558 elsif ($mode == 10600)
2560 $hash_out = gen_hash
($mode, $word, $salt, 0, $param);
2562 $len = length $hash_out;
2564 return unless (substr ($line, 0, $len) eq $hash_out);
2566 elsif ($mode == 10700)
2568 $hash_out = gen_hash
($mode, $word, $salt, 0, $param);
2570 $len = length $hash_out;
2572 return unless (substr ($line, 0, $len) eq $hash_out);
2574 elsif ($mode == 10900)
2576 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2578 $len = length $hash_out;
2580 return unless (substr ($line, 0, $len) eq $hash_out);
2582 elsif ($mode == 11100)
2584 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2586 $len = length $hash_out;
2588 return unless (substr ($line, 0, $len) eq $hash_out);
2590 elsif ($mode == 11400)
2592 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param, $param2, $param3, $param4, $param5, $param6, $param7, $param8, $param9, $param10, $param11);
2594 $len = length $hash_out;
2596 return unless (substr ($line, 0, $len) eq $hash_out);
2598 elsif ($mode == 11600)
2600 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param, $param2, $param3, $param4, $param5, $param6);
2602 $len = length $hash_out;
2604 return unless (substr ($line, 0, $len) eq $hash_out);
2606 elsif ($mode == 11900)
2608 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2610 $len = length $hash_out;
2612 return unless (substr ($line, 0, $len) eq $hash_out);
2614 elsif ($mode == 12000)
2616 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2618 $len = length $hash_out;
2620 return unless (substr ($line, 0, $len) eq $hash_out);
2622 elsif ($mode == 12100)
2624 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2626 $len = length $hash_out;
2628 return unless (substr ($line, 0, $len) eq $hash_out);
2630 elsif ($mode == 12200)
2632 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2634 $len = length $hash_out;
2636 return unless (substr ($line, 0, $len) eq $hash_out);
2638 elsif ($mode == 12700)
2640 # this is very special, we can't call gen_hash () because the param part is not always the same
2641 # we only know that it should contain the letters "guid" at the beginning of the decryted string
2643 my $pbkdf2 = Crypt
::PBKDF2
->new (
2644 hash_class
=> 'HMACSHA1',
2649 my $salt_bin = pack ("H*", $salt);
2651 my $key = $pbkdf2->PBKDF2 ($salt_bin, $word);
2653 my $cipher = Crypt
::CBC
->new ({
2655 cipher
=> "Crypt::Rijndael",
2662 my $param_bin = pack ("H*", $param);
2664 my $decrypted = $cipher->decrypt ($param_bin);
2666 my $decrypted_part = substr ($decrypted, 1, 16);
2668 return unless ($decrypted_part =~ /"guid"/);
2670 $hash_out = $hash_in;
2672 elsif ($mode == 12900)
2674 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2676 $len = length $hash_out;
2678 return unless (substr ($line, 0, $len) eq $hash_out);
2680 elsif ($mode == 13000)
2682 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2684 $len = length $hash_out;
2686 return unless (substr ($line, 0, $len) eq $hash_out);
2688 elsif ($mode == 13100)
2690 $hash_out = gen_hash
($mode, $word, $salt);
2692 $len = length $hash_out;
2694 return unless (substr ($line, 0, $len) eq $hash_out);
2696 elsif ($mode == 13200)
2698 $hash_out = gen_hash
($mode, $word, $salt);
2700 $len = length $hash_out;
2702 return unless (substr ($line, 0, $len) eq $hash_out);
2704 elsif ($mode == 13400)
2706 $hash_out = gen_hash
($mode, $word, $salt);
2708 $len = length $hash_out;
2710 return unless (substr ($line, 0, $len) eq $hash_out);
2712 elsif ($mode == 13600)
2714 $hash_out = gen_hash
($mode, $word, undef, undef, $param, $param2, $param3, $param4, $param5, $param6);
2716 $len = length $hash_out;
2718 return unless (substr ($line, 0, $len) eq $hash_out);
2722 $hash_out = gen_hash
($mode, $word, $salt, $iter);
2724 $len = length $hash_out;
2729 # allow $P$ and $H$ for -m 400
2730 next unless (substr ($line, 3, $len - 3) eq substr ($hash_out, 3));
2732 elsif ($mode == 5600)
2734 # hashcat outputs the user name always upper-case, we need
2735 next unless (substr ($line, 0, $len) eq $hash_out);
2739 my $hash_out_lower = lc ($hash_out);
2741 for my $key (keys %{$db})
2743 if (lc ($key) eq $hash_out_lower)
2755 next unless (substr ($line, 0, $len) eq $hash_out);
2759 # do not forget "exists ($db->$hash_out)" should be done above!
2760 $db->{$hash_out} = $word;
2761 print OUT
$line . "\n";
2770 my $mode = shift || 0;
2772 while (my $word_buf = <>)
2776 next if length ($word_buf) > 31;
2784 for (my $i = 0; $i < 256; $i++)
2786 my $c = get_random_chr
(0x30, 0x39);
2788 push (@salt_arr, $c);
2791 my $salt_buf = join ("", @salt_arr);
2799 if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 133 || $mode == 190 || $mode == 200 || $mode == 300 || $mode == 600 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 6000 || $mode == 6100 || $mode == 6900 || $mode == 5700 || $mode == 9900 || $mode == 10800 || $mode == 11500 || $mode == 13300)
2801 $tmp_hash = gen_hash
($mode, $word_buf, "");
2803 elsif ($mode == 10 || $mode == 20 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 120 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1711 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 3610 || $mode == 3710 || $mode == 3711 || $mode == 3720 || $mode == 3800 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 4900 || $mode == 8900 || $mode == 10000 || $mode == 10200 || $mode == 10900 || $mode == 11900 || $mode == 12000 || $mode == 12100)
2805 my $salt_len = get_random_num
(1, 15);
2807 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2809 elsif ($mode == 11 || $mode == 12 || $mode == 7600 || $mode == 12300)
2811 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
2815 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 2));
2819 my $salt_len = get_random_num
(1, 11);
2821 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2823 elsif ($mode == 111 || $mode == 122 || $mode == 131 || $mode == 132 || $mode == 400 || $mode == 500 || $mode == 1600 || $mode == 1722 || $mode == 1731 || $mode == 1800 || $mode == 6300 || $mode == 7900 || $mode == 8100 || $mode == 11100)
2825 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 8));
2827 elsif ($mode == 112)
2829 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 20));
2831 elsif ($mode == 121)
2833 my $salt_len = get_random_num
(1, 9);
2835 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2837 elsif ($mode == 125)
2839 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 8));
2841 elsif ($mode == 141 || $mode == 1441)
2843 my $salt_len = get_random_num
(1, 15);
2845 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2847 elsif ($mode == 1100)
2849 my $salt_len = get_random_num
(1, 19);
2851 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2853 elsif ($mode == 1500)
2855 next if length ($word_buf) > 8;
2857 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 2));
2859 elsif ($mode == 2100)
2861 next if length ($word_buf) > 13;
2863 my $salt_len = get_random_num
(1, 19);
2865 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2867 elsif ($mode == 2410)
2869 next if length ($word_buf) > 15;
2871 my $salt_len = get_random_num
(1, 15);
2873 my $word_len = length ($word_buf);
2875 $salt_len = min
($salt_len, 15 - $word_len);
2877 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2879 elsif ($mode == 2500)
2881 next if length ($word_buf) < 8;
2883 my $salt_len = get_random_num
(0, 32);
2885 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2887 elsif ($mode == 2611)
2889 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 3));
2891 elsif ($mode == 2612)
2893 my $salt_len = get_random_num
(1, 22);
2895 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2897 elsif ($mode == 2711)
2899 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 30));
2901 elsif ($mode == 2811)
2903 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 5));
2905 elsif ($mode == 3000)
2907 next if length ($word_buf) > 7;
2909 $tmp_hash = gen_hash
($mode, $word_buf, "");
2911 elsif ($mode == 3100)
2913 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 10));
2915 elsif ($mode == 3200 || $mode == 5800 || $mode == 6400 || $mode == 6500 || $mode == 6700 || $mode == 7400 || $mode == 3300 || $mode == 8000 || $mode == 9100 || $mode == 12200)
2917 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 16));
2919 elsif ($mode == 3800 || $mode == 4900)
2921 my $salt_len = get_random_num
(1, 11);
2923 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2925 elsif ($mode == 4800)
2927 $salt_buf = get_random_md5chap_salt
(substr ($salt_buf, 0, 16));
2929 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2931 elsif ($mode == 5300 || $mode == 5400)
2933 $salt_buf = get_random_ike_salt
();
2935 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2937 elsif ($mode == 5500)
2939 my $user_len = get_random_num
(0, 15);
2940 my $domain_len = get_random_num
(0, 15);
2942 $salt_buf = get_random_netntlmv1_salt
($user_len, $domain_len);
2944 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2946 elsif ($mode == 5600)
2948 my $user_len = get_random_num
(0, 15);
2949 my $domain_len = get_random_num
(0, 15);
2951 $salt_buf = get_random_netntlmv2_salt
($user_len, $domain_len);
2953 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2955 elsif ($mode == 6600)
2957 $salt_buf = get_random_agilekeychain_salt
();
2959 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2961 elsif ($mode == 6800)
2963 my $email_len = get_random_num
(1, 15);
2967 for (my $i = 0; $i < $email_len; $i++)
2969 $email .= get_random_chr
(0x61, 0x7a);
2972 $email .= '@trash-mail.com';
2974 $tmp_hash = gen_hash
($mode, $word_buf, $email);
2976 elsif ($mode == 7100)
2978 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 64));
2980 elsif ($mode == 7200)
2982 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 128));
2984 elsif ($mode == 7300)
2986 my $salt_len = get_random_num
(32, 256);
2988 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2990 elsif ($mode == 7500)
2992 $salt_buf = get_random_kerberos5_salt
(substr ($salt_buf, 0, 16));
2994 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2996 elsif ($mode == 7700)
2998 next if length ($word_buf) > 8;
3000 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 12));
3002 elsif ($mode == 7800)
3004 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 12));
3006 elsif ($mode == 8200)
3008 $salt_buf = get_random_cloudkeychain_salt
();
3010 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
3012 elsif ($mode == 8300)
3014 $salt_buf = get_random_dnssec_salt
();
3016 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
3018 elsif ($mode == 8400 || $mode == 11200)
3020 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 40));
3022 elsif ($mode == 8500)
3024 next if length ($word_buf) > 8;
3026 my $salt_len = get_random_num
(1, 9);
3028 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3030 elsif ($mode == 8600)
3032 next if length ($word_buf) > 16;
3034 $tmp_hash = gen_hash
($mode, $word_buf, "");
3036 elsif ($mode == 8700)
3038 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 5));
3040 elsif ($mode == 9200 || $mode == 9300)
3044 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3046 elsif ($mode == 9400 || $mode == 9500 || $mode == 9600 || $mode == 9700 || $mode == 9800)
3048 next if length ($word_buf) > 19;
3052 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3054 elsif ($mode == 10100)
3056 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
3058 elsif ($mode == 10300)
3060 my $salt_len = get_random_num
(4, 15);
3062 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3064 elsif ($mode == 10400)
3066 next if length ($word_buf) > 31;
3070 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3072 elsif ($mode == 10500)
3074 next if length ($word_buf) > 15;
3078 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3080 elsif ($mode == 10600)
3082 next if length ($word_buf) > 31;
3086 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3088 elsif ($mode == 10700)
3090 next if length ($word_buf) > 15;
3094 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3096 elsif ($mode == 11000)
3098 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 56));
3100 elsif ($mode == 11300)
3102 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 16));
3104 elsif ($mode == 11400)
3106 next if length ($word_buf) > 24;
3108 my $salt_len = get_random_num
(1, 15);
3110 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3112 elsif ($mode == 11600)
3114 my $salt_len = get_random_num
(0, 16);
3116 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3118 elsif ($mode == 12400)
3120 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 4));
3122 elsif ($mode == 12600)
3124 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 64));
3126 elsif ($mode == 12700)
3128 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
3130 elsif ($mode == 12800)
3132 next if length ($word_buf) > 24;
3134 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 20));
3136 elsif ($mode == 12900)
3138 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
3140 elsif ($mode == 13000)
3142 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
3144 elsif ($mode == 13100)
3146 $salt_buf = get_random_kerberos5_tgs_salt
();
3148 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
3150 elsif ($mode == 13200)
3152 $salt_buf = get_random_axcrypt_salt
();
3154 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
3156 elsif ($mode == 13400)
3158 $salt_buf = get_random_keepass_salt
();
3160 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
3162 elsif ($mode == 13500)
3164 $salt_buf = get_pstoken_salt
();
3166 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
3168 elsif ($mode == 13600)
3170 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
3174 print "ERROR: Unsupported hash type\n";
3179 print $tmp_hash, "\n";
3192 for (my $j = 0; $j < scalar @modes; $j++)
3194 my $mode = $modes[$j];
3196 if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 133 || $mode == 190 || $mode == 200 || $mode == 300 || $mode == 600 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 5300 || $mode == 5400 || $mode == 6000 || $mode == 6100 || $mode == 6600 || $mode == 6900 || $mode == 5700 || $mode == 8200 || $mode == 8300 || $mode == 9900 || $mode == 10800 || $mode == 11500 || $mode == 13300)
3198 for (my $i = 1; $i < 32; $i++)
3202 rnd
($mode, $len, 0);
3210 elsif ($mode == 10 || $mode == 20 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 120 || $mode == 121 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1711 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 2410 || $mode == 3610 || $mode == 3710 || $mode == 3711 || $mode == 3720 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 8900 || $mode == 10000 || $mode == 10200 || $mode == 10900 || $mode == 11900 || $mode == 12000 || $mode == 12100)
3212 my $salt_len = get_random_num
(1, 15);
3214 for (my $i = 1; $i < 32; $i++)
3218 rnd
($mode, $len, $salt_len);
3222 rnd
($mode, $i, $salt_len);
3226 elsif ($mode == 11 || $mode == 12 || $mode == 7600 || $mode == 12300)
3228 for (my $i = 1; $i < 32; $i++)
3232 rnd
($mode, $len, 32);
3236 rnd
($mode, $i, 32);
3240 elsif ($mode == 21 || $mode == 22)
3242 for (my $i = 1; $i < 32; $i++)
3246 rnd
($mode, $len, 2);
3254 elsif ($mode == 111 || $mode == 122 || $mode == 125 || $mode == 131 || $mode == 132 || $mode == 400 || $mode == 500 || $mode == 1600 || $mode == 1722 || $mode == 1731 || $mode == 6300 || $mode == 7900 || $mode == 8100 || $mode == 11100)
3256 for (my $i = 1; $i < 32; $i++)
3260 rnd
($mode, $len, 8);
3268 elsif ($mode == 112)
3270 for (my $i = 1; $i < 32; $i++)
3274 rnd
($mode, $len, 20);
3278 rnd
($mode, $i, 20);
3282 elsif ($mode == 141 || $mode == 3300 || $mode == 1441 || $mode == 1800 || $mode == 3200 || $mode == 4800 || $mode == 6400 || $mode == 6500 || $mode == 6700 || $mode == 7400 || $mode == 8000 || $mode == 9100 || $mode == 12200)
3284 for (my $i = 1; $i < 32; $i++)
3288 rnd
($mode, $len, 16);
3292 rnd
($mode, $i, 16);
3298 my $salt_len = get_random_num
(1, 19);
3300 for (my $i = 1; $i < 32; $i++)
3304 rnd
($mode, $len, $salt_len);
3308 rnd
($mode, $i, $salt_len);
3312 elsif ($mode == 1500)
3314 for (my $i = 1; $i < 9; $i++)
3318 rnd
($mode, $len, 2);
3326 elsif ($mode == 2100)
3328 my $salt_len = get_random_num
(1, 19);
3330 for (my $i = 1; $i < 13; $i++)
3334 rnd
($mode, $len, $salt_len);
3338 rnd
($mode, $i, $salt_len);
3342 elsif ($mode == 2500)
3344 my $salt_len = get_random_num
(0, 32);
3346 for (my $i = 8; $i < 16; $i++)
3348 my $generate_from_len = 0;
3357 rnd
($mode, $len, $salt_len);
3361 rnd
($mode, $i, $salt_len);
3365 elsif ($mode == 2611)
3367 for (my $i = 1; $i < 32; $i++)
3371 rnd
($mode, $len, 3);
3379 elsif ($mode == 2612)
3381 my $salt_len = get_random_num
(1, 22);
3383 for (my $i = 1; $i < 32; $i++)
3387 rnd
($mode, $len, $salt_len);
3391 rnd
($mode, $i, $salt_len);
3395 elsif ($mode == 2711)
3397 for (my $i = 1; $i < 32; $i++)
3401 rnd
($mode, $len, 30);
3405 rnd
($mode, $i, 30);
3409 elsif ($mode == 2811)
3411 for (my $i = 1; $i < 32; $i++)
3415 rnd
($mode, $len, 5);
3423 elsif ($mode == 3000)
3425 for (my $i = 1; $i < 8; $i++)
3429 rnd
($mode, $len, 0);
3437 elsif ($mode == 3100)
3439 for (my $i = 1; $i < 32; $i++)
3443 rnd
($mode, $len, 10);
3447 rnd
($mode, $i, 10);
3451 elsif ($mode == 3800 || $mode == 4900)
3453 my $salt_len = get_random_num
(1, 11);
3455 for (my $i = 1; $i < 32; $i++)
3459 rnd
($mode, $len, $salt_len);
3463 rnd
($mode, $i, $salt_len);
3467 elsif ($mode == 5500 || $mode == 5600)
3471 for (my $i = 1; $i < 27; $i++)
3473 $salt_len = get_random_num
(1, 15);
3477 rnd
($mode, $len, $salt_len);
3481 rnd
($mode, $i, $salt_len);
3485 elsif ($mode == 5800)
3487 for (my $i = 1; $i < 14; $i++)
3491 rnd
($mode, $len, 16);
3495 rnd
($mode, $i, 16);
3499 elsif ($mode == 6800)
3501 my $salt_len = get_random_num
(8, 25);
3503 for (my $i = 1; $i < 32; $i++)
3507 rnd
($mode, $len, $salt_len);
3511 rnd
($mode, $i, $salt_len);
3515 elsif ($mode == 7100)
3517 for (my $i = 1; $i < 32; $i++)
3521 rnd
($mode, $len, 64);
3525 rnd
($mode, $i, 64);
3529 elsif ($mode == 7200)
3531 for (my $i = 1; $i < 32; $i++)
3535 rnd
($mode, $len, 128);
3539 rnd
($mode, $i, 128);
3543 elsif ($mode == 7300)
3545 my $salt_len = get_random_num
(32, 255);
3547 for (my $i = 1; $i < 32; $i++)
3551 rnd
($mode, $len, $salt_len);
3555 rnd
($mode, $i, $salt_len);
3559 elsif ($mode == 7500)
3561 for (my $i = 1; $i < 27; $i++)
3565 rnd
($mode, $len, 16);
3569 rnd
($mode, $i, 16);
3573 elsif ($mode == 7700)
3575 my $salt_len = get_random_num
(1, 12);
3577 for (my $i = 1; $i < 9; $i++)
3581 rnd
($mode, $len, $salt_len);
3585 rnd
($mode, $i, $salt_len);
3589 elsif ($mode == 7800)
3591 my $salt_len = get_random_num
(1, 12);
3593 for (my $i = 1; $i < 32; $i++)
3597 rnd
($mode, $len, $salt_len);
3601 rnd
($mode, $i, $salt_len);
3605 elsif ($mode == 8400 || $mode == 11200)
3607 for (my $i = 1; $i < 32; $i++)
3611 rnd
($mode, $len, 40);
3615 rnd
($mode, $i, 40);
3619 elsif ($mode == 8500)
3621 my $salt_len = get_random_num
(1, 8);
3623 for (my $i = 1; $i < 9; $i++)
3627 rnd
($mode, $len, $salt_len);
3631 rnd
($mode, $i, $salt_len);
3635 elsif ($mode == 8600)
3637 for (my $i = 1; $i < 17; $i++)
3641 rnd
($mode, $len, 0);
3649 elsif ($mode == 8700)
3651 for (my $i = 1; $i < 32; $i++)
3655 rnd
($mode, $len, 5);
3663 elsif ($mode == 9200 || $mode == 9300)
3667 for (my $i = 1; $i < 32; $i++)
3671 rnd
($mode, $len, $salt_len);
3675 rnd
($mode, $i, $salt_len);
3679 elsif ($mode == 9400 || $mode == 9500 || $mode == 9600 || $mode == 9700 || $mode == 9800)
3683 for (my $i = 1; $i < 20; $i++)
3687 rnd
($mode, $len, $salt_len);
3691 rnd
($mode, $i, $salt_len);
3695 elsif ($mode == 10100)
3697 for (my $i = 1; $i < 32; $i++)
3701 rnd
($mode, $len, 32);
3705 rnd
($mode, $i, 32);
3709 elsif ($mode == 10300)
3711 my $salt_len = get_random_num
(4, 15);
3713 for (my $i = 1; $i < 32; $i++)
3717 rnd
($mode, $len, $salt_len);
3721 rnd
($mode, $i, $salt_len);
3725 elsif ($mode == 10400 || $mode == 10600)
3729 for (my $i = 1; $i < 32; $i++)
3733 rnd
($mode, $len, $salt_len);
3737 rnd
($mode, $i, $salt_len);
3741 elsif ($mode == 10500 || $mode == 10700)
3745 for (my $i = 1; $i < 16; $i++)
3749 rnd
($mode, $len, $salt_len);
3753 rnd
($mode, $i, $salt_len);
3757 elsif ($mode == 11000)
3759 for (my $i = 1; $i < 32; $i++)
3763 rnd
($mode, $len, 56);
3767 rnd
($mode, $i, 56);
3771 elsif ($mode == 11300)
3773 for (my $i = 1; $i < 32; $i++)
3777 rnd
($mode, $len, 16);
3781 rnd
($mode, $i, 16);
3785 elsif ($mode == 11400)
3787 for (my $i = 1; $i < 24; $i++)
3791 rnd
($mode, $len, 16);
3795 rnd
($mode, $i, 16);
3799 elsif ($mode == 11600)
3801 my $salt_len = get_random_num
(0, 16);
3803 for (my $i = 1; $i < 32; $i++)
3807 rnd
($mode, $len, $salt_len);
3811 rnd
($mode, $i, $salt_len);
3815 elsif ($mode == 12400)
3817 for (my $i = 1; $i < 32; $i++)
3821 rnd
($mode, $len, 4);
3829 elsif ($mode == 12600)
3831 for (my $i = 1; $i < 32; $i++)
3835 rnd
($mode, $len, 64);
3839 rnd
($mode, $i, 64);
3843 elsif ($mode == 12700)
3845 for (my $i = 1; $i < 32; $i++)
3849 rnd
($mode, $len, 32);
3853 rnd
($mode, $i, 32);
3857 elsif ($mode == 12800)
3859 for (my $i = 1; $i < 25; $i++)
3863 rnd
($mode, $len, 20);
3867 rnd
($mode, $i, 20);
3871 elsif ($mode == 12900)
3873 for (my $i = 1; $i < 32; $i++)
3877 rnd
($mode, $len, 32);
3881 rnd
($mode, $i, 32);
3885 elsif ($mode == 13000)
3887 for (my $i = 1; $i < 32; $i++)
3891 rnd
($mode, $len, 32);
3895 rnd
($mode, $i, 32);
3899 elsif ($mode == 13100)
3901 for (my $i = 1; $i < 27; $i++)
3905 rnd
($mode, $len, 16);
3909 rnd
($mode, $i, 16);
3913 elsif ($mode == 13200)
3915 for (my $i = 1; $i < 32; $i++)
3919 rnd
($mode, $len, 32);
3923 rnd
($mode, $i, 32);
3927 elsif ($mode == 13400)
3929 for (my $i = 1; $i < 16; $i++)
3933 rnd
($mode, $len, 16);
3937 rnd
($mode, $i, 16);
3941 elsif ($mode == 13500)
3943 for (my $i = 1; $i < 16; $i++)
3947 rnd
($mode, $len, 16);
3951 rnd
($mode, $i, 16);
3955 elsif ($mode == 13600)
3957 for (my $i = 1; $i < 16; $i++)
3961 rnd
($mode, $len, 32);
3965 rnd
($mode, $i, 32);
3978 my $word_buf = shift;
3980 my $salt_buf = shift;
3984 my $additional_param = shift;
3986 my $additional_param2 = shift;
3988 my $additional_param3 = shift;
3990 my $additional_param4 = shift;
3992 my $additional_param5 = shift;
3994 my $additional_param6 = shift;
3996 my $additional_param7 = shift;
3998 my $additional_param8 = shift;
4000 my $additional_param9 = shift;
4002 my $additional_param10 = shift;
4004 my $additional_param11 = shift;
4016 $hash_buf = md5_hex
($word_buf);
4018 $tmp_hash = sprintf ("%s", $hash_buf);
4022 $hash_buf = md5_hex
($word_buf . $salt_buf);
4024 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4028 $hash_buf = md5_hex
($word_buf . $salt_buf);
4030 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4034 $hash_buf = md5_hex
($word_buf . $salt_buf);
4036 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4040 $hash_buf = md5_hex
($salt_buf . $word_buf);
4042 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4046 $hash_buf = md5_hex
($salt_buf . $word_buf);
4048 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4052 my $itoa64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
4053 my $salt_suffix = "Administration Tools";
4055 my $pass = sprintf ("%s:%s:%s", $salt_buf, $salt_suffix, $word_buf);
4057 $hash_buf = md5
($pass);
4061 for (my $pos = 0; $pos < 16; $pos += 2)
4063 my $octet1 = ord (substr ($hash_buf, $pos + 0, 1));
4064 my $octet2 = ord (substr ($hash_buf, $pos + 1, 1));
4066 my $num = ($octet1 <<8 & 0xff00) | ($octet2 & 0xff);
4068 my $idx1 = $num >> 12 & 0x0f;
4069 my $idx2 = $num >> 6 & 0x3f;
4070 my $idx3 = $num & 0x3f;
4072 $res = $res . substr ($itoa64, $idx1, 1) . substr ($itoa64, $idx2, 1) . substr ($itoa64, $idx3, 1);
4075 my $obfuscate_str = "nrcstn";
4076 my @obfuscate_pos = (0, 6, 12, 17, 23, 29);
4078 foreach my $pos (keys @obfuscate_pos)
4080 my $idx = $obfuscate_pos[$pos];
4081 my $before = substr ($res, 0, $idx);
4082 my $char = substr ($obfuscate_str, $pos, 1);
4083 my $after = substr ($res, $idx);
4085 $res = sprintf ("%s%s%s", $before, $char, $after);
4088 $tmp_hash = sprintf ("%s:%s", $res, $salt_buf);
4092 $hash_buf = md5_hex
($salt_buf . "\nskyper\n" . $word_buf);
4094 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4098 $hash_buf = md5_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
4100 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4104 $hash_buf = md5_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
4106 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4110 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&md5
, 64);
4112 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4116 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&md5
, 64);
4118 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4120 elsif ($mode == 100)
4122 $hash_buf = sha1_hex
($word_buf);
4124 $tmp_hash = sprintf ("%s", $hash_buf);
4126 elsif ($mode == 101)
4128 $hash_buf = sha1
($word_buf);
4130 my $base64_buf = encode_base64
($hash_buf);
4132 chomp ($base64_buf);
4134 $tmp_hash = sprintf ("{SHA}%s", $base64_buf);
4136 elsif ($mode == 110)
4138 $hash_buf = sha1_hex
($word_buf . $salt_buf);
4140 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4142 elsif ($mode == 111)
4144 $hash_buf = sha1
($word_buf . $salt_buf);
4146 my $base64_buf = encode_base64
($hash_buf . $salt_buf);
4148 chomp ($base64_buf);
4150 $tmp_hash = sprintf ("{SSHA}%s", $base64_buf);
4152 elsif ($mode == 112)
4154 my $salt_buf_bin = pack ("H*", $salt_buf);
4156 $hash_buf = sha1_hex
($word_buf . $salt_buf_bin);
4158 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4160 elsif ($mode == 120)
4162 $hash_buf = sha1_hex
($salt_buf . $word_buf);
4164 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4166 elsif ($mode == 121)
4168 $hash_buf = sha1_hex
(lc ($salt_buf) . $word_buf);
4170 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4172 elsif ($mode == 122)
4174 my $salt_buf_bin = pack ("H*", $salt_buf);
4176 $hash_buf = sha1_hex
($salt_buf_bin . $word_buf);
4178 $tmp_hash = sprintf ("%s%s", $salt_buf, $hash_buf);
4180 elsif ($mode == 125)
4182 my $signature = "01";
4184 my $salt_buf_bin = pack ("H*", $salt_buf . $signature);
4186 $hash_buf = sha1_hex
($salt_buf_bin . $word_buf);
4188 $tmp_hash = sprintf ("%s%s%s", $salt_buf, $signature, $hash_buf);
4190 elsif ($mode == 130)
4192 $hash_buf = sha1_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
4194 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4196 elsif ($mode == 131)
4198 my $salt_buf_bin = pack ("H*", $salt_buf);
4200 $hash_buf = sha1_hex
(encode
("UTF-16LE", uc ($word_buf)) . $salt_buf_bin);
4202 $tmp_hash = sprintf ("0x0100%s%s%s", $salt_buf, "0" x
40, $hash_buf);
4204 elsif ($mode == 132)
4206 my $salt_buf_bin = pack ("H*", $salt_buf);
4208 $hash_buf = sha1_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf_bin);
4210 $tmp_hash = sprintf ("0x0100%s%s", $salt_buf, $hash_buf);
4212 elsif ($mode == 133)
4214 $hash_buf = sha1
(encode
("UTF-16LE", $word_buf));
4216 $hash_buf = encode_base64
($hash_buf);
4217 $hash_buf =~ s/[\r\n]//g;
4219 $tmp_hash = sprintf ("%s", $hash_buf);
4221 elsif ($mode == 140)
4223 $hash_buf = sha1_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
4225 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4227 elsif ($mode == 141)
4229 $hash_buf = sha1
($salt_buf . encode
("UTF-16LE", $word_buf));
4231 my $base64_salt_buf = encode_base64
($salt_buf);
4233 chomp ($base64_salt_buf);
4235 my $base64_hash_buf = encode_base64
($hash_buf);
4237 $base64_hash_buf = substr ($base64_hash_buf, 0, 27);
4239 $tmp_hash = sprintf ("\$episerver\$*0*%s*%s", $base64_salt_buf, $base64_hash_buf);
4241 elsif ($mode == 150)
4243 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha1
, 64);
4245 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4247 elsif ($mode == 160)
4249 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&sha1
, 64);
4251 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4253 elsif ($mode == 190)
4255 $hash_buf = sha1_hex
($word_buf);
4257 my $variant = int (rand (2));
4259 if (defined ($additional_param))
4261 $variant = $additional_param;
4266 substr ($hash_buf, 0, 5) = "00000";
4269 $tmp_hash = sprintf ("%s", $hash_buf);
4271 elsif ($mode == 200)
4273 my $ppr = Authen
::Passphrase
::MySQL323
->new (passphrase
=> $word_buf);
4275 $hash_buf = $ppr->hash_hex;
4277 $tmp_hash = sprintf ("%s", $hash_buf);
4279 elsif ($mode == 300)
4281 $hash_buf = substr (password41
($word_buf), 1);
4283 $hash_buf = lc ($hash_buf); # useful for 'not matched' check only
4285 $tmp_hash = sprintf ("%s", $hash_buf);
4287 elsif ($mode == 400)
4296 my $ppr = Authen
::Passphrase
::PHPass
->new
4300 passphrase
=> $word_buf,
4303 $hash_buf = $ppr->as_rfc2307;
4305 $tmp_hash = sprintf ("%s", substr ($hash_buf, 7));
4307 elsif ($mode == 500)
4309 my $iterations = 1000;
4311 if (defined ($iter))
4315 $iterations = int ($iter);
4319 $hash_buf = md5_crypt
('$1$', $iterations, $word_buf, $salt_buf);
4321 $tmp_hash = sprintf ("%s", $hash_buf);
4323 elsif ($mode == 900)
4325 $hash_buf = md4_hex
($word_buf);
4327 $tmp_hash = sprintf ("%s", $hash_buf);
4329 elsif ($mode == 1000)
4331 $hash_buf = md4_hex
(encode
("UTF-16LE", $word_buf));
4333 $tmp_hash = sprintf ("%s", $hash_buf);
4335 elsif ($mode == 1100)
4337 $hash_buf = md4_hex
(md4
(encode
("UTF-16LE", $word_buf)) . encode
("UTF-16LE", lc ($salt_buf)));
4339 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4341 elsif ($mode == 1400)
4343 $hash_buf = sha256_hex
($word_buf);
4345 $tmp_hash = sprintf ("%s", $hash_buf);
4347 elsif ($mode == 1410)
4349 $hash_buf = sha256_hex
($word_buf . $salt_buf);
4351 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4353 elsif ($mode == 1420)
4355 $hash_buf = sha256_hex
($salt_buf . $word_buf);
4357 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4359 elsif ($mode == 1430)
4361 $hash_buf = sha256_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
4363 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4365 elsif ($mode == 1440)
4367 $hash_buf = sha256_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
4369 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4371 elsif ($mode == 1441)
4373 $hash_buf = sha256
($salt_buf . encode
("UTF-16LE", $word_buf));
4375 my $base64_salt_buf = encode_base64
($salt_buf);
4377 chomp ($base64_salt_buf);
4379 my $base64_hash_buf = encode_base64
($hash_buf);
4381 chomp ($base64_hash_buf);
4383 $base64_hash_buf = substr ($base64_hash_buf, 0, 43);
4385 $tmp_hash = sprintf ("\$episerver\$*1*%s*%s", $base64_salt_buf, $base64_hash_buf);
4387 elsif ($mode == 1450)
4389 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha256
, 64);
4391 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4393 elsif ($mode == 1460)
4395 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&sha256
, 64);
4397 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4399 elsif ($mode == 1500)
4401 $hash_buf = crypt ($word_buf, $salt_buf);
4403 $tmp_hash = sprintf ("%s", $hash_buf);
4405 elsif ($mode == 1600)
4407 my $iterations = 1000;
4409 if (defined ($iter))
4413 $iterations = int ($iter);
4417 $hash_buf = md5_crypt
('$apr1$', $iterations, $word_buf, $salt_buf);
4419 $tmp_hash = sprintf ("%s", $hash_buf);
4421 elsif ($mode == 1700)
4423 $hash_buf = sha512_hex
($word_buf);
4425 $tmp_hash = sprintf ("%s", $hash_buf);
4427 elsif ($mode == 1710)
4429 $hash_buf = sha512_hex
($word_buf . $salt_buf);
4431 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4433 elsif ($mode == 1711)
4435 $hash_buf = sha512_hex
($word_buf . $salt_buf);
4437 my $base64_buf = encode_base64
(pack ("H*", $hash_buf) . $salt_buf);
4439 $base64_buf =~ s/[ \n]//g;
4441 $tmp_hash = sprintf ("{SSHA512}%s", $base64_buf);
4443 elsif ($mode == 1720)
4445 $hash_buf = sha512_hex
($salt_buf . $word_buf);
4447 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4449 elsif ($mode == 1730)
4451 $hash_buf = sha512_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
4453 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4455 elsif ($mode == 1740)
4457 $hash_buf = sha512_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
4459 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4461 elsif ($mode == 1722)
4463 my $salt_buf_bin = pack ("H*", $salt_buf);
4465 $hash_buf = sha512_hex
($salt_buf_bin . $word_buf);
4467 $tmp_hash = sprintf ("%s%s", $salt_buf, $hash_buf);
4469 elsif ($mode == 1731)
4471 my $salt_buf_bin = pack ("H*", $salt_buf);
4473 $hash_buf = sha512_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf_bin);
4475 $tmp_hash = sprintf ("0x0200%s%s", $salt_buf, $hash_buf);
4477 elsif ($mode == 1750)
4479 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha512
, 128);
4481 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4483 elsif ($mode == 1760)
4485 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&sha512
, 128);
4487 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4489 elsif ($mode == 1800)
4491 my $iterations = 5000;
4493 if (defined ($iter))
4497 $iterations = int ($iter);
4501 $hash_buf = sha512_crypt
($iterations, $word_buf, $salt_buf);
4503 $tmp_hash = sprintf ("%s", $hash_buf);
4505 elsif ($mode == 2100)
4507 my $iterations = 10240;
4511 $iterations = int ($iter);
4514 my $salt = encode
("UTF-16LE", lc ($salt_buf));
4516 my $pbkdf2 = Crypt
::PBKDF2
->new
4518 hash_class
=> 'HMACSHA1',
4519 iterations
=> $iterations,
4521 salt_len
=> length ($salt),
4524 $hash_buf = unpack ("H*", $pbkdf2->PBKDF2 ($salt, md4
(md4
(encode
("UTF-16LE", $word_buf)) . $salt)));
4526 $tmp_hash = sprintf ("\$DCC2\$%i#%s#%s", $iterations, $salt_buf, $hash_buf);
4528 elsif ($mode == 2400)
4530 $tmp_hash = sprintf ("%s", pseudo_base64
(Digest
::MD5
::md5
($word_buf . "\0" x
(16 - length ($word_buf)))));
4532 elsif ($mode == 2410)
4534 my $salt_len = length ($salt_buf);
4536 my $salt_len_max4 = ($salt_len < 4) ?
$salt_len : 4;
4538 my $hash_buf = pseudo_base64
(Digest
::MD5
::md5
($word_buf . substr ($salt_buf, 0, $salt_len_max4) . "\0" x
(16 - length ($word_buf) - $salt_len_max4)));
4540 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4542 elsif ($mode == 2500)
4544 my ($bssid, $stmac, $snonce, $anonce, $eapol, $keyver, $eapol_size);
4546 if (! defined ($additional_param))
4550 $bssid = randbytes
(6);
4551 $stmac = randbytes
(6);
4552 $snonce = randbytes
(32);
4553 $anonce = randbytes
(32);
4555 $keyver = get_random_num
(1, 3); # 1 or 2
4558 # should be "validly" generated, but in theory could be anything for us also:
4559 # $eapol = "\x00" x 121; # works too, but let's generate it correctly
4561 $eapol = gen_random_wpa_eapol
($keyver, $snonce);
4565 $bssid = $additional_param;
4566 $stmac = $additional_param2;
4567 $snonce = $additional_param3;
4568 $anonce = $additional_param4;
4569 $keyver = $additional_param5;
4570 $eapol = $additional_param6;
4573 $eapol_size = length ($eapol);
4577 my $iterations = 4096;
4583 # generate the Pairwise Master Key (PMK)
4585 my $pbkdf2 = Crypt
::PBKDF2
->new
4587 hash_class
=> 'HMACSHA1',
4588 iterations
=> $iterations,
4592 my $pmk = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
4594 # Pairwise Transient Key (PTK) transformation
4596 my $ptk = wpa_prf_512
($pmk, $stmac, $bssid, $snonce, $anonce);
4598 # generate the Message Integrity Code (MIC)
4602 if ($keyver == 1) # WPA1 => MD5
4604 $mic = hmac
($eapol, $ptk, \
&md5
);
4608 $mic = hmac
($eapol, $ptk, \
&sha1
);
4611 $mic = substr ($mic, 0, 16);
4614 # format the binary output
4619 # first the essid (NULL-padded up to the first 36 bytes)
4621 $hash_buf .= $salt_buf;
4622 $hash_buf .= "\x00" x
(36 - length ($salt_buf));
4624 # the 2 MAC addresses
4626 $hash_buf .= $bssid;
4627 $hash_buf .= $stmac;
4631 $hash_buf .= $snonce;
4632 $hash_buf .= $anonce;
4636 $hash_buf .= $eapol;
4637 $hash_buf .= "\x00" x
(256 - $eapol_size);
4641 $hash_buf .= pack ("L*", $eapol_size);
4645 $hash_buf .= pack ("L*", $keyver);
4647 # and finally: the key mic
4651 # base64 encode the output
4653 $tmp_hash = encode_base64
($hash_buf, '');
4655 elsif ($mode == 2600)
4657 $hash_buf = md5_hex
(md5_hex
($word_buf));
4659 $tmp_hash = sprintf ("%s", $hash_buf);
4661 elsif ($mode == 2611)
4663 $hash_buf = md5_hex
(md5_hex
($word_buf) . $salt_buf);
4665 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4667 elsif ($mode == 2612)
4669 my $salt_buf_hex = unpack ("H*", $salt_buf);
4671 $hash_buf = md5_hex
(md5_hex
($word_buf) . $salt_buf);
4673 $tmp_hash = sprintf ("\$PHPS\$%s\$%s", $salt_buf_hex, $hash_buf);
4675 elsif ($mode == 2711)
4677 $hash_buf = md5_hex
(md5_hex
($word_buf) . $salt_buf);
4679 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4681 elsif ($mode == 2811)
4683 $hash_buf = md5_hex
(md5_hex
($salt_buf) . md5_hex
($word_buf));
4685 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4687 elsif ($mode == 3000)
4689 my $ppr = Authen
::Passphrase
::LANManager
->new ("passphrase" => $word_buf);
4691 $hash_buf = $ppr->hash_hex;
4693 $tmp_hash = sprintf ("%s", substr ($hash_buf, 0, 16));
4695 elsif ($mode == 3100)
4697 $hash_buf = oracle_hash
($salt_buf, $word_buf);
4699 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4701 elsif ($mode == 3200)
4710 $tmp_hash = bcrypt
($word_buf, sprintf ('$2a$%s$%s$', $cost, en_base64
($salt_buf)));
4712 elsif ($mode == 3300)
4714 my $iterations = 904;
4718 $iterations = int ($iter);
4723 if (defined ($additional_param))
4725 $variant = $additional_param;
4728 my $prefix = sprintf ("\$md5%srounds=%i\$%s", $variant, $iterations, $salt_buf);
4730 $iterations += 4096;
4732 $hash_buf = sun_md5
($word_buf, $prefix, $iterations);
4734 $tmp_hash = sprintf ("%s\$%s", $prefix, $hash_buf);
4736 elsif ($mode == 3500)
4738 $hash_buf = md5_hex
(md5_hex
(md5_hex
($word_buf)));
4740 $tmp_hash = sprintf ("%s", $hash_buf);
4742 elsif ($mode == 3610)
4744 $hash_buf = md5_hex
(md5_hex
($salt_buf) . $word_buf);
4746 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4748 elsif ($mode == 3710)
4750 $hash_buf = md5_hex
($salt_buf . md5_hex
($word_buf));
4752 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4754 elsif ($mode == 3711)
4756 $hash_buf = md5_hex
($salt_buf . "-" . md5_hex
($word_buf));
4758 $tmp_hash = sprintf ("\$B\$%s\$%s", $salt_buf, $hash_buf);
4760 elsif ($mode == 3720)
4762 $hash_buf = md5_hex
($word_buf . md5_hex
($salt_buf));
4764 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4766 elsif ($mode == 3800)
4768 $hash_buf = md5_hex
($salt_buf . $word_buf . $salt_buf);
4770 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4772 elsif ($mode == 3910)
4774 $hash_buf = md5_hex
(md5_hex
($word_buf) . md5_hex
($salt_buf));
4776 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4778 elsif ($mode == 4010)
4780 $hash_buf = md5_hex
($salt_buf . md5_hex
($salt_buf . $word_buf));
4782 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4784 elsif ($mode == 4110)
4786 $hash_buf = md5_hex
($salt_buf . md5_hex
($word_buf . $salt_buf));
4788 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4790 elsif ($mode == 4210)
4792 $hash_buf = md5_hex
($salt_buf . "\x00" . $word_buf);
4794 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4796 elsif ($mode == 4300)
4798 $hash_buf = md5_hex
(uc (md5_hex
($word_buf)));
4800 $tmp_hash = sprintf ("%s", $hash_buf);
4802 elsif ($mode == 4400)
4804 $hash_buf = md5_hex
(sha1_hex
($word_buf));
4806 $tmp_hash = sprintf ("%s", $hash_buf);
4808 elsif ($mode == 4500)
4810 $hash_buf = sha1_hex
(sha1_hex
($word_buf));
4812 $tmp_hash = sprintf ("%s", $hash_buf);
4814 elsif ($mode == 4600)
4816 $hash_buf = sha1_hex
(sha1_hex
(sha1_hex
($word_buf)));
4818 $tmp_hash = sprintf ("%s", $hash_buf);
4820 elsif ($mode == 4700)
4822 $hash_buf = sha1_hex
(md5_hex
($word_buf));
4824 $tmp_hash = sprintf ("%s", $hash_buf);
4826 elsif ($mode == 4800)
4828 my $index = rindex ($salt_buf, ":");
4830 my $salt = substr ($salt_buf, 0, $index);
4831 my $salt_bin = pack ("H*", $salt);
4832 my $chap_sign = substr ($salt_buf, $index + 1);
4833 my $chap_sign_bin = pack ("H*", $chap_sign);
4835 $hash_buf = md5_hex
($chap_sign_bin . $word_buf . $salt_bin);
4837 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4839 elsif ($mode == 4900)
4841 $hash_buf = sha1_hex
($salt_buf . $word_buf . $salt_buf);
4843 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4845 elsif ($mode == 5000)
4847 $hash_buf = keccak_256_hex
($word_buf);
4849 $tmp_hash = sprintf ("%s", $hash_buf);
4851 elsif ($mode == 5100)
4855 if (! defined ($additional_param))
4861 $pos = $additional_param * 8 unless ($additional_param > 2);
4864 $hash_buf = md5_hex
($word_buf);
4866 $tmp_hash = sprintf ("%s", substr ($hash_buf, $pos, 16));
4868 elsif ($mode == 5300)
4870 my @salt_arr = split (":", $salt_buf);
4872 my $msg_buf = pack ("H*", $salt_arr[0] . $salt_arr[1] . $salt_arr[2] . $salt_arr[3] . $salt_arr[4] . $salt_arr[5]);
4873 my $nr_buf = pack ("H*", $salt_arr[6] . $salt_arr[7]);
4875 my $hash_buf = hmac
($nr_buf , $word_buf, \
&md5
, 64);
4876 $hash_buf = hmac_hex
($msg_buf, $hash_buf, \
&md5
, 64);
4878 $tmp_hash = sprintf ("%s:%s", $salt_buf, $hash_buf);
4880 elsif ($mode == 5400)
4882 my @salt_arr = split (":", $salt_buf);
4884 my $msg_buf = pack ("H*", $salt_arr[0] . $salt_arr[1] . $salt_arr[2] . $salt_arr[3] . $salt_arr[4] . $salt_arr[5]);
4885 my $nr_buf = pack ("H*", $salt_arr[6] . $salt_arr[7]);
4887 my $hash_buf = hmac
($nr_buf , $word_buf, \
&sha1
, 64);
4888 $hash_buf = hmac_hex
($msg_buf, $hash_buf, \
&sha1
, 64);
4890 $tmp_hash = sprintf ("%s:%s", $salt_buf, $hash_buf);
4892 elsif ($mode == 5500)
4894 my $index1 = index ($salt_buf, "::");
4895 my $user = substr ($salt_buf, 0, $index1);
4897 my $index2 = index ($salt_buf, ":", $index1 + 2);
4898 my $domain = substr ($salt_buf, $index1 + 2, $index2 - $index1 - 2);
4900 my $len = length (substr ($salt_buf, $index2 + 1));
4902 my $c_challenge_hex;
4906 $c_challenge_hex = substr ($salt_buf, $index2 + 1, 48);
4911 $c_challenge_hex = substr ($salt_buf, $index2 + 1, 16);
4912 $c_challenge_hex .= 00 x
32;
4915 my $c_challenge = pack ("H*", substr ($c_challenge_hex, 0, 16));
4916 my $s_challenge_hex = substr ($salt_buf, $index2 + 17, 16);
4917 my $s_challenge = pack ("H*", $s_challenge_hex);
4919 my $challenge = substr (md5
($s_challenge . $c_challenge), 0, 8);
4923 my $nthash = Authen
::Passphrase
::NTHash
->new (passphrase
=> $word_buf)->hash . "\x00" x
5;
4925 $ntresp .= Crypt
::ECB
::encrypt
(setup_des_key
(substr ($nthash, 0, 7)), "DES", $challenge, "none");
4926 $ntresp .= Crypt
::ECB
::encrypt
(setup_des_key
(substr ($nthash, 7, 7)), "DES", $challenge, "none");
4927 $ntresp .= Crypt
::ECB
::encrypt
(setup_des_key
(substr ($nthash, 14, 7)), "DES", $challenge, "none");
4929 $tmp_hash = sprintf ("%s::%s:%s:%s:%s", $user, $domain, $c_challenge_hex, unpack ("H*", $ntresp), $s_challenge_hex);
4931 elsif ($mode == 5600)
4933 my $index1 = index ($salt_buf, "::");
4934 my $user = substr ($salt_buf, 0, $index1);
4936 my $index2 = index ($salt_buf, ":", $index1 + 2);
4937 my $domain = substr ($salt_buf, $index1 + 2, $index2 - $index1 - 2);
4939 my $s_challenge_hex = substr ($salt_buf, $index2 + 1, 16);
4940 my $s_challenge = pack ("H*", $s_challenge_hex);
4942 my $temp_hex = substr ($salt_buf, $index2 + 17);
4943 my $temp = pack ("H*", $temp_hex);
4945 my $nthash = Authen
::Passphrase
::NTHash
->new (passphrase
=> $word_buf)->hash;
4946 my $identity = Encode
::encode
("UTF-16LE", uc ($user) . $domain);
4948 $hash_buf = hmac_hex
($s_challenge . $temp, hmac
($identity, $nthash, \
&md5
, 64), \
&md5
, 64);
4950 $tmp_hash = sprintf ("%s::%s:%s:%s:%s", $user, $domain, $s_challenge_hex, $hash_buf, $temp_hex);
4952 elsif ($mode == 5700)
4954 $hash_buf = sha256
($word_buf);
4956 my $base64_buf = encode_base64
($hash_buf);
4960 for (my $i = 0; $i < 43; $i++)
4962 $tmp_hash .= $CISCO_BASE64_MAPPING->{substr ($base64_buf, $i, 1)};
4965 elsif ($mode == 5800)
4967 $hash_buf = androidpin_hash
($word_buf, $salt_buf);
4969 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4971 elsif ($mode == 6000)
4973 $hash_buf = ripemd160_hex
($word_buf);
4975 $tmp_hash = sprintf ("%s", $hash_buf);
4977 elsif ($mode == 6100)
4979 $hash_buf = whirlpool_hex
($word_buf);
4981 $tmp_hash = sprintf ("%s", $hash_buf);
4983 elsif ($mode == 6300)
4985 my $iterations = 1000; # hard coded by the AIX format
4987 $hash_buf = md5_crypt
('', $iterations, $word_buf, $salt_buf);
4989 $tmp_hash = sprintf ("{smd5}%s", $hash_buf);
4991 elsif ($mode == 6400)
4993 my $iterations = 64;
4997 $iterations = 1 << int ($iter);
5000 $hash_buf = aix_ssha256_pbkdf2
($word_buf, $salt_buf, $iterations);
5002 $tmp_hash = sprintf ("{ssha256}%02i\$%s\$%s", log ($iterations) / log (2), $salt_buf, $hash_buf);
5004 elsif ($mode == 6500)
5006 my $iterations = 64;
5010 $iterations = 1 << int ($iter);
5013 $hash_buf = aix_ssha512_pbkdf2
($word_buf, $salt_buf, $iterations);
5015 $tmp_hash = sprintf ("{ssha512}%02i\$%s\$%s", log ($iterations) / log (2), $salt_buf, $hash_buf);
5017 elsif ($mode == 6600)
5019 my $iterations = 1000;
5023 $iterations = int ($iter);
5026 my $salt_hex = substr ($salt_buf, 0, 16);
5027 my $salt = pack ("H*", $salt_hex);
5029 my $prefix = substr ($salt_buf, 16, 2016);
5031 my $iv_hex = substr ($salt_buf, 2032);
5032 my $iv = pack ("H*", $iv_hex);
5034 my $data = pack ("H*", "10101010101010101010101010101010");
5036 my $hasher = Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA1');
5038 my $pbkdf2 = Crypt
::PBKDF2
->new (
5040 iterations
=> $iterations,
5044 my $key = $pbkdf2->PBKDF2 ($salt, $word_buf);
5046 my $cipher = Crypt
::CBC
->new ({
5048 cipher
=> "Crypt::Rijndael",
5055 my $encrypted = unpack ("H*", $cipher->encrypt ($data));
5057 $hash_buf = substr ($encrypted, 0, 32);
5059 $tmp_hash = sprintf ("%i:%s:%s%s%s", $iterations, $salt_hex, $prefix, $iv_hex, $hash_buf);
5061 elsif ($mode == 6700)
5063 my $iterations = 64;
5067 $iterations = 1 << int ($iter);
5070 $hash_buf = aix_ssha1_pbkdf2
($word_buf, $salt_buf, $iterations);
5072 $tmp_hash = sprintf ("{ssha1}%02i\$%s\$%s", log ($iterations) / log (2), $salt_buf, $hash_buf);
5074 elsif ($mode == 6800)
5076 my $variant = $additional_param;
5078 if (! defined ($variant))
5080 $variant = int (rand (2));
5083 my $iterations = 500;
5087 $iterations = int ($iter);
5090 my $iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
5092 my $hasher = Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256);
5094 my $pbkdf2 = Crypt
::PBKDF2
->new (
5096 iterations
=> $iterations,
5100 my $key = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
5102 my $cipher = Crypt
::CBC
->new ({
5104 cipher
=> "Crypt::Rijndael",
5113 my $encrypt = $cipher->encrypt (substr ($salt_buf, 0, 16));
5115 $hash_buf = substr (unpack ("H*", $encrypt), 0, 32);
5119 my $verifier = "lastpass rocks\x02\x02";
5121 $hash_buf = unpack ("H*", substr ($cipher->encrypt ($verifier), 0, 16));
5124 $tmp_hash = sprintf ("%s:%i:%s", $hash_buf, $iterations, $salt_buf);
5126 elsif ($mode == 6900)
5128 $hash_buf = gost_hex
($word_buf);
5130 $tmp_hash = sprintf ("%s", $hash_buf);
5132 elsif ($mode == 7100)
5134 my $iterations = 1024;
5138 $iterations = int ($iter);
5141 my $pbkdf2 = Crypt
::PBKDF2
->new
5143 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 512),
5144 iterations
=> $iterations
5147 $hash_buf = unpack ("H*", $pbkdf2->PBKDF2 (pack ("H*", $salt_buf), $word_buf));
5149 $tmp_hash = sprintf ("\$ml\$%i\$%s\$%0128s", $iterations, $salt_buf, $hash_buf);
5151 elsif ($mode == 7200)
5153 my $iterations = 1024;
5157 $iterations = int ($iter);
5160 my $pbkdf2 = Crypt
::PBKDF2
->new (
5161 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 512),
5162 iterations
=> $iterations
5165 $hash_buf = unpack ("H*", $pbkdf2->PBKDF2 (pack ("H*", $salt_buf), $word_buf));
5167 $tmp_hash = sprintf ("grub.pbkdf2.sha512.%i.%s.%0128s", $iterations, $salt_buf, $hash_buf);
5169 elsif ($mode == 7300)
5171 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha1
);
5173 $tmp_hash = sprintf ("%s:%s", unpack ("H*", $salt_buf), $hash_buf);
5175 elsif ($mode == 7400)
5177 my $iterations = 5000;
5179 if (defined ($iter))
5183 $iterations = int ($iter);
5187 $hash_buf = sha256_crypt
($iterations, $word_buf, $salt_buf);
5189 $tmp_hash = sprintf ("%s", $hash_buf);
5191 elsif ($mode == 7500)
5193 my @salt_arr = split ("\\\$", $salt_buf);
5195 my $user = $salt_arr[0];
5197 my $realm = $salt_arr[1];
5199 my $salt = $salt_arr[2];
5201 my $hmac_salt = $salt_arr[3];
5202 my $hmac_salt_bin = pack ("H*", $hmac_salt);
5204 my $clear_data = $salt_arr[4];
5206 my $k = md4
(encode
("UTF-16LE", $word_buf));
5208 my $k1 = hmac_md5
("\x01\x00\x00\x00", $k);
5210 my $k3 = hmac_md5
($hmac_salt_bin, $k1);
5212 if (length ($clear_data) > 1)
5214 my $clear_data_bin = pack ("H*", $clear_data);
5216 $hash_buf = RC4
($k3, $clear_data_bin);
5220 my $hash = $salt_arr[5];
5222 my $hash_bin = pack ("H*", $hash);
5224 my $clear_data = RC4
($k3, $hash_bin);
5226 my $timestamp = substr ($clear_data, 14, 14);
5231 if ($timestamp !~ /^[[:digit:]]{14}$/)
5238 $hash_buf = "\x00" x
36;
5240 if ($hash_buf eq $hash_bin)
5242 $hash_buf = "\x01" x
36;
5247 $hash_buf = $hash_bin;
5251 $tmp_hash = sprintf ("\$krb5pa\$23\$%s\$%s\$%s\$%s%s", $user, $realm, $salt, unpack ("H*", $hash_buf), $hmac_salt);
5253 elsif ($mode == 7600)
5255 $hash_buf = sha1_hex
($salt_buf . sha1_hex
($word_buf));
5257 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
5259 elsif ($mode == 7700)
5261 $word_buf = uc $word_buf;
5262 $salt_buf = uc $salt_buf;
5264 my $word_buf_t = sapb_transcode
($word_buf);
5265 my $salt_buf_t = sapb_transcode
($salt_buf);
5267 my $digest1 = md5
($word_buf_t . $salt_buf_t);
5269 my $data = sapb_waldorf
($digest1, $word_buf_t, $salt_buf_t);
5271 my $digest2 = md5
($data);
5273 my ($a, $b, $c, $d) = unpack ("N4", $digest2);
5278 $tmp_hash = sprintf ("%s\$%08X%08X", $salt_buf, $a, $b);
5280 elsif ($mode == 7800)
5282 my $theMagicArray_s =
5283 "\x91\xac\x51\x14\x9f\x67\x54\x43\x24\xe7\x3b\xe0\x28\x74\x7b\xc2" .
5284 "\x86\x33\x13\xeb\x5a\x4f\xcb\x5c\x08\x0a\x73\x37\x0e\x5d\x1c\x2f" .
5285 "\x33\x8f\xe6\xe5\xf8\x9b\xae\xdd\x16\xf2\x4b\x8d\x2c\xe1\xd4\xdc" .
5286 "\xb0\xcb\xdf\x9d\xd4\x70\x6d\x17\xf9\x4d\x42\x3f\x9b\x1b\x11\x94" .
5287 "\x9f\x5b\xc1\x9b\x06\x05\x9d\x03\x9d\x5e\x13\x8a\x1e\x9a\x6a\xe8" .
5288 "\xd9\x7c\x14\x17\x58\xc7\x2a\xf6\xa1\x99\x63\x0a\xd7\xfd\x70\xc3" .
5289 "\xf6\x5e\x74\x13\x03\xc9\x0b\x04\x26\x98\xf7\x26\x8a\x92\x93\x25" .
5290 "\xb0\xa2\x0d\x23\xed\x63\x79\x6d\x13\x32\xfa\x3c\x35\x02\x9a\xa3" .
5291 "\xb3\xdd\x8e\x0a\x24\xbf\x51\xc3\x7c\xcd\x55\x9f\x37\xaf\x94\x4c" .
5292 "\x29\x08\x52\x82\xb2\x3b\x4e\x37\x9f\x17\x07\x91\x11\x3b\xfd\xcd";
5294 $salt_buf = uc $salt_buf;
5296 my $digest = sha1
($word_buf . $salt_buf);
5298 my ($a, $b, $c, $d, $e) = unpack ("I*", $digest);
5300 my $lengthMagicArray = 0x20;
5301 my $offsetMagicArray = 0;
5303 $lengthMagicArray += (($a >> 0) & 0xff) % 6;
5304 $lengthMagicArray += (($a >> 8) & 0xff) % 6;
5305 $lengthMagicArray += (($a >> 16) & 0xff) % 6;
5306 $lengthMagicArray += (($a >> 24) & 0xff) % 6;
5307 $lengthMagicArray += (($b >> 0) & 0xff) % 6;
5308 $lengthMagicArray += (($b >> 8) & 0xff) % 6;
5309 $lengthMagicArray += (($b >> 16) & 0xff) % 6;
5310 $lengthMagicArray += (($b >> 24) & 0xff) % 6;
5311 $lengthMagicArray += (($c >> 0) & 0xff) % 6;
5312 $lengthMagicArray += (($c >> 8) & 0xff) % 6;
5313 $offsetMagicArray += (($c >> 16) & 0xff) % 8;
5314 $offsetMagicArray += (($c >> 24) & 0xff) % 8;
5315 $offsetMagicArray += (($d >> 0) & 0xff) % 8;
5316 $offsetMagicArray += (($d >> 8) & 0xff) % 8;
5317 $offsetMagicArray += (($d >> 16) & 0xff) % 8;
5318 $offsetMagicArray += (($d >> 24) & 0xff) % 8;
5319 $offsetMagicArray += (($e >> 0) & 0xff) % 8;
5320 $offsetMagicArray += (($e >> 8) & 0xff) % 8;
5321 $offsetMagicArray += (($e >> 16) & 0xff) % 8;
5322 $offsetMagicArray += (($e >> 24) & 0xff) % 8;
5324 my $hash_buf = sha1_hex
($word_buf . substr ($theMagicArray_s, $offsetMagicArray, $lengthMagicArray) . $salt_buf);
5326 $tmp_hash = sprintf ("%s\$%s", $salt_buf, uc $hash_buf);
5328 elsif ($mode == 7900)
5337 my $phpass_it = 1 << $cost;
5339 $hash_buf = sha512
($salt_buf . $word_buf);
5341 for (my $i = 0; $i < $phpass_it; $i++)
5343 $hash_buf = sha512
($hash_buf . $word_buf);
5346 my $base64_buf = substr (Authen
::Passphrase
::PHPass
::_en_base64
($hash_buf), 0, 43);
5348 my $base64_digits = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
5350 my $cost_str = substr ($base64_digits , $cost, 1);
5352 $tmp_hash = sprintf ('$S$%s%s%s', $cost_str, $salt_buf, $base64_buf);
5354 elsif ($mode == 8000)
5356 my $salt_buf_bin = pack ("H*", $salt_buf);
5358 my $word_buf_utf = encode
("UTF-16BE", $word_buf);
5360 $hash_buf = sha256_hex
($word_buf_utf . "\x00" x
(510 - (length ($word_buf) * 2)) . $salt_buf_bin);
5362 $tmp_hash = sprintf ("0xc007%s%s", $salt_buf, $hash_buf);
5364 elsif ($mode == 8100)
5366 $hash_buf = sha1_hex
($salt_buf . $word_buf . "\x00");
5368 $tmp_hash = sprintf ("1%s%s", $salt_buf, $hash_buf);
5370 elsif ($mode == 8200)
5372 my $iterations = 40000;
5374 if (defined ($iter))
5376 $iterations = $iter;
5379 my $salt_hex = substr ($salt_buf, 0, 32);
5380 my $salt = pack ("H*", $salt_hex);
5382 my $data_hex = substr ($salt_buf, 32);
5383 my $data = pack ("H*", $data_hex);
5385 my $pbkdf2 = Crypt
::PBKDF2
->new
5387 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 512),
5388 iterations
=> int $iterations
5391 my $key = $pbkdf2->PBKDF2 ($salt, $word_buf);
5393 $hash_buf = hmac_hex
($data, substr ($key, 32, 32), \
&sha256
, 64);
5395 $tmp_hash = sprintf ("%s:%s:%d:%s", $hash_buf, $salt_hex, $iterations, $data_hex);
5397 elsif ($mode == 8300)
5399 my ($domain, $salt_hex) = split (":", $salt_buf);
5401 my $hashalg = Net
::DNS
::SEC
->digtype ("SHA1");
5403 my $salt = pack ("H*", $salt_hex);
5407 if (defined ($iter))
5409 $iterations = $iter;
5412 my $name = lc ($word_buf . $domain);
5414 my $hash_buf = Net
::DNS
::RR
::NSEC3
::name2hash
($hashalg, $name, $iterations, $salt);
5416 $tmp_hash = sprintf ("%s:%s:%s:%d", $hash_buf, $domain, $salt_hex, $iterations);
5418 elsif ($mode == 8400)
5420 $hash_buf = sha1_hex
($salt_buf . sha1_hex
($salt_buf . sha1_hex
($word_buf)));
5422 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
5424 elsif ($mode == 8500)
5426 $hash_buf = racf_hash
(uc $salt_buf, $word_buf);
5428 $tmp_hash = sprintf ('$racf$*%s*%s', uc $salt_buf, uc $hash_buf);
5430 elsif ($mode == 8600)
5432 my @saved_key = map { ord $_; } split "", $word_buf;
5434 my $len = scalar @saved_key;
5436 my @state = domino_big_md
(\
@saved_key, $len);
5438 $tmp_hash = sprintf ('%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x',
5457 elsif ($mode == 8700)
5459 my $domino_char = undef;
5461 if (defined ($additional_param))
5463 $domino_char = $additional_param;
5466 my @saved_key = map { ord $_; } split "", $word_buf;
5468 my $len = scalar @saved_key;
5470 my @state = domino_big_md
(\
@saved_key, $len);
5472 my $str = "(" . unpack ("H*", join ("", (map { chr $_; } @state))) . ")";
5474 @saved_key = map { ord $_; } split "", $salt_buf . uc $str;
5476 @state = domino_big_md
(\
@saved_key, 34);
5478 $hash_buf = join ("", (map { chr $_; } @state));
5480 $tmp_hash = sprintf ('(G%s)', domino_encode
($salt_buf . $hash_buf, $domino_char));
5482 elsif ($mode == 8900)
5488 if (defined ($additional_param))
5490 $N = $additional_param;
5491 $r = $additional_param2;
5492 $p = $additional_param3;
5495 $hash_buf = scrypt_hash
($word_buf, $salt_buf, $N, $r, $p, 32);
5497 $tmp_hash = sprintf ('%s', $hash_buf);
5499 elsif ($mode == 9100)
5501 my $iterations = 5000;
5503 if (defined ($iter))
5505 $iterations = $iter;
5508 my $domino_char = undef;
5510 # domino 5 hash - SEC_pwddigest_V1 - -m 8600
5512 my @saved_key = map { ord $_; } split "", $word_buf;
5514 my $len = scalar @saved_key;
5516 my @state = domino_big_md
(\
@saved_key, $len);
5519 # domino 6 hash - SEC_pwddigest_V2 - -m 8700
5521 my $salt_part = substr ($salt_buf, 0, 5);
5523 my $str = "(" . unpack ("H*", join ("", (map { chr $_; } @state))) . ")";
5525 @saved_key = map { ord $_; } split "", $salt_part . uc $str;
5527 @state = domino_big_md
(\
@saved_key, 34);
5529 $hash_buf = join ("", (map { chr $_; } @state));
5531 $tmp_hash = sprintf ('(G%s)', domino_encode
($salt_part . $hash_buf, $domino_char));
5534 # domino 8(.5.x) hash - SEC_pwddigest_V3 - -m 9100
5536 my $pbkdf2 = Crypt
::PBKDF2
->new
5538 hash_class
=> 'HMACSHA1',
5539 iterations
=> $iterations,
5546 if (defined ($additional_param))
5548 $chars = $additional_param;
5551 my $digest_new = $pbkdf2->PBKDF2 ($salt_buf, $tmp_hash);
5553 my $iteration_str = "" . $iterations;
5555 for (my $i = length ($iterations); $i < 10; $i++)
5557 $iterations = "0" . $iterations;
5560 $tmp_hash = sprintf ('(H%s)', domino_85x_encode
($salt_buf . $iterations . $chars . $digest_new, $domino_char));
5562 elsif ($mode == 9200)
5564 my $iterations = 20000;
5566 my $pbkdf2 = Crypt
::PBKDF2
->new
5568 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256),
5569 iterations
=> $iterations
5572 $hash_buf = encode_base64
($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
5576 for (my $i = 0; $i < 43; $i++)
5578 $tmp_hash .= $CISCO_BASE64_MAPPING->{substr ($hash_buf, $i, 1)};
5581 $tmp_hash = sprintf ("\$8\$%s\$%s", $salt_buf, $tmp_hash);
5583 elsif ($mode == 9300)
5589 $hash_buf = scrypt_b64
($word_buf, $salt_buf, $N, $r, $p, 32);
5593 for (my $i = 0; $i < 43; $i++)
5595 $tmp_hash .= $CISCO_BASE64_MAPPING->{substr ($hash_buf, $i, 1)};
5598 $tmp_hash = sprintf ('$9$%s$%s', $salt_buf, $tmp_hash);
5600 elsif ($mode == 9400)
5602 my $iterations = 50000;
5606 $iterations = int ($iter);
5609 my $aes_key_size = 128; # or 256
5611 if (defined ($additional_param2))
5613 $aes_key_size = $additional_param2;
5616 $salt_buf = pack ("H*", $salt_buf);
5618 my $tmp = sha1
($salt_buf . encode
("UTF-16LE", $word_buf));
5620 for (my $i = 0; $i < $iterations; $i++)
5622 my $num32 = pack ("L", $i);
5624 $tmp = sha1
($num32 . $tmp);
5627 my $zero32 = pack ("L", 0x00);
5629 my $derivation_array1 = pack ("C", 0x36) x
64;
5630 my $derivation_array2 = pack ("C", 0x5C) x
64;
5632 $tmp = sha1
($tmp . $zero32);
5634 my $tmp2 = sha1
($derivation_array1 ^ $tmp);
5635 my $tmp3 = sha1
($derivation_array2 ^ $tmp);
5637 my $key = substr ($tmp2 . $tmp3, 0, $aes_key_size / 8);
5639 my $m = Crypt
::Mode
::ECB
->new ('AES', 0);
5643 if (defined $additional_param)
5645 $encdata = $m->decrypt (pack ("H*", $additional_param), $key);
5649 $encdata = "A" x
16; ## can be anything
5652 my $data1_buf = $encdata;
5653 my $data2_buf = sha1
(substr ($data1_buf, 0, 16));
5655 $data1_buf = substr ($data1_buf . ("\x00" x
16), 0, 16);
5656 $data2_buf = substr ($data2_buf . ("\x00" x
16), 0, 32);
5658 my $encrypted1 = unpack ("H*", $m->encrypt ($data1_buf, $key));
5659 my $encrypted2 = unpack ("H*", $m->encrypt ($data2_buf, $key));
5661 $encrypted1 = substr ($encrypted1, 0, 32);
5662 $encrypted2 = substr ($encrypted2, 0, 40);
5664 $tmp_hash = sprintf ("\$office\$*%d*%d*%d*%d*%s*%s*%s", 2007, 20, $aes_key_size, 16, unpack ("H*", $salt_buf), $encrypted1, $encrypted2);
5666 elsif ($mode == 9500)
5668 my $iterations = 100000;
5672 $iterations = int ($iter);
5675 $salt_buf = pack ("H*", $salt_buf);
5677 my $tmp = sha1
($salt_buf . encode
("UTF-16LE", $word_buf));
5679 for (my $i = 0; $i < $iterations; $i++)
5681 my $num32 = pack ("L", $i);
5683 $tmp = sha1
($num32 . $tmp);
5686 my $encryptedVerifierHashInputBlockKey = "\xfe\xa7\xd2\x76\x3b\x4b\x9e\x79";
5687 my $encryptedVerifierHashValueBlockKey = "\xd7\xaa\x0f\x6d\x30\x61\x34\x4e";
5689 my $final1 = sha1
($tmp . $encryptedVerifierHashInputBlockKey);
5690 my $final2 = sha1
($tmp . $encryptedVerifierHashValueBlockKey);
5692 my $key1 = substr ($final1, 0, 16);
5693 my $key2 = substr ($final2, 0, 16);
5695 my $cipher1 = Crypt
::CBC
->new ({
5697 cipher
=> "Crypt::Rijndael",
5705 my $cipher2 = Crypt
::CBC
->new ({
5707 cipher
=> "Crypt::Rijndael",
5717 if (defined $additional_param)
5719 $encdata = $cipher1->decrypt (pack ("H*", $additional_param));
5723 $encdata = "A" x
16; ## can be anything
5726 my $data1_buf = $encdata;
5727 my $data2_buf = sha1
(substr ($data1_buf, 0, 16));
5729 my $encrypted1 = unpack ("H*", $cipher1->encrypt ($data1_buf));
5730 my $encrypted2 = unpack ("H*", $cipher2->encrypt ($data2_buf));
5732 $encrypted2 = substr ($encrypted2, 0, 64);
5734 $tmp_hash = sprintf ("\$office\$*%d*%d*%d*%d*%s*%s*%s", 2010, 100000, 128, 16, unpack ("H*", $salt_buf), $encrypted1, $encrypted2);
5736 elsif ($mode == 9600)
5738 my $iterations = 100000;
5742 $iterations = int ($iter);
5745 $salt_buf = pack ("H*", $salt_buf);
5747 my $tmp = sha512
($salt_buf . encode
("UTF-16LE", $word_buf));
5749 for (my $i = 0; $i < $iterations; $i++)
5751 my $num32 = pack ("L", $i);
5753 $tmp = sha512
($num32 . $tmp);
5756 my $encryptedVerifierHashInputBlockKey = "\xfe\xa7\xd2\x76\x3b\x4b\x9e\x79";
5757 my $encryptedVerifierHashValueBlockKey = "\xd7\xaa\x0f\x6d\x30\x61\x34\x4e";
5759 my $final1 = sha512
($tmp . $encryptedVerifierHashInputBlockKey);
5760 my $final2 = sha512
($tmp . $encryptedVerifierHashValueBlockKey);
5762 my $key1 = substr ($final1, 0, 32);
5763 my $key2 = substr ($final2, 0, 32);
5765 my $cipher1 = Crypt
::CBC
->new ({
5767 cipher
=> "Crypt::Rijndael",
5775 my $cipher2 = Crypt
::CBC
->new ({
5777 cipher
=> "Crypt::Rijndael",
5787 if (defined $additional_param)
5789 $encdata = $cipher1->decrypt (pack ("H*", $additional_param));
5793 $encdata = "A" x
16; ## can be anything
5796 my $data1_buf = $encdata;
5797 my $data2_buf = sha512
(substr ($data1_buf, 0, 16));
5799 my $encrypted1 = unpack ("H*", $cipher1->encrypt ($data1_buf));
5800 my $encrypted2 = unpack ("H*", $cipher2->encrypt ($data2_buf));
5802 $encrypted2 = substr ($encrypted2, 0, 64);
5804 $tmp_hash = sprintf ("\$office\$*%d*%d*%d*%d*%s*%s*%s", 2013, 100000, 256, 16, unpack ("H*", $salt_buf), $encrypted1, $encrypted2);
5806 elsif ($mode == 9700)
5808 $salt_buf = pack ("H*", $salt_buf);
5810 my $tmp = md5
(encode
("UTF-16LE", $word_buf));
5812 $tmp = substr ($tmp, 0, 5);
5816 for (my $i = 0; $i < 16; $i++)
5824 $tmp = substr ($tmp, 0, 5);
5828 if (defined $additional_param2)
5830 $version = $additional_param2;
5834 $version = (unpack ("L", $tmp) & 1) ?
0 : 1;
5837 my $rc4_key = md5
($tmp . "\x00\x00\x00\x00");
5839 my $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5843 if (defined $additional_param)
5845 $encdata = $m->RC4 (pack ("H*", $additional_param));
5849 $encdata = "A" x
16; ## can be anything
5852 my $data1_buf = $encdata;
5853 my $data2_buf = md5
(substr ($data1_buf, 0, 16));
5855 $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5857 my $encrypted1 = $m->RC4 ($data1_buf);
5858 my $encrypted2 = $m->RC4 ($data2_buf);
5860 $tmp_hash = sprintf ("\$oldoffice\$%d*%s*%s*%s", $version, unpack ("H*", $salt_buf), unpack ("H*", $encrypted1), unpack ("H*", $encrypted2));
5862 elsif ($mode == 9800)
5864 $salt_buf = pack ("H*", $salt_buf);
5866 my $tmp = sha1
($salt_buf. encode
("UTF-16LE", $word_buf));
5870 if (defined $additional_param2)
5872 $version = $additional_param2;
5876 $version = (unpack ("L", $tmp) & 1) ?
3 : 4;
5879 my $rc4_key = sha1
($tmp . "\x00\x00\x00\x00");
5883 $rc4_key = substr ($rc4_key, 0, 5) . "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
5886 my $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5890 if (defined $additional_param)
5892 $encdata = $m->RC4 (pack ("H*", $additional_param));
5896 $encdata = "A" x
16; ## can be anything
5899 my $data1_buf = $encdata;
5900 my $data2_buf = sha1
(substr ($data1_buf, 0, 16));
5902 $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5904 my $encrypted1 = $m->RC4 ($data1_buf);
5905 my $encrypted2 = $m->RC4 ($data2_buf);
5907 $tmp_hash = sprintf ("\$oldoffice\$%d*%s*%s*%s", $version, unpack ("H*", $salt_buf), unpack ("H*", $encrypted1), unpack ("H*", $encrypted2));
5909 elsif ($mode == 9900)
5911 $tmp_hash = sprintf ("%s", md5_hex
($word_buf . "\0" x
(100 - length ($word_buf))));
5913 elsif ($mode == 10000)
5915 my $iterations = 10000;
5919 $iterations = int ($iter);
5922 my $pbkdf2 = Crypt
::PBKDF2
->new
5924 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256),
5925 iterations
=> $iterations
5928 $hash_buf = encode_base64
($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
5929 $hash_buf =~ s/[\r\n]//g;
5931 $tmp_hash = sprintf ("pbkdf2_sha256\$%i\$%s\$%s", $iterations, $salt_buf, $hash_buf);
5933 elsif ($mode == 10100)
5935 my $seed = pack ("H*", $salt_buf);
5937 my ($hi, $lo) = siphash
($word_buf, $seed);
5939 my $hi_s = sprintf ("%08x", $hi);
5940 my $lo_s = sprintf ("%08x", $lo);
5942 $hi_s =~ s/^(..)(..)(..)(..)$/$4$3$2$1/;
5943 $lo_s =~ s/^(..)(..)(..)(..)$/$4$3$2$1/;
5945 $tmp_hash = sprintf ("%s%s:2:4:%s", $hi_s, $lo_s, $salt_buf);
5947 elsif ($mode == 10200)
5949 my $challengeb64 = encode_base64
($salt_buf);
5950 $challengeb64 =~ s/[\r\n]//g;
5954 if (defined $additional_param)
5956 $username = $additional_param;
5963 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&md5
);
5965 my $responseb64 = encode_base64
($username . " " . $hash_buf);
5966 $responseb64 =~ s/[\r\n]//g;
5968 $tmp_hash = sprintf ('$cram_md5$%s$%s', $challengeb64, $responseb64);
5970 elsif ($mode == 10300)
5972 my $iterations = 1024;
5976 $iterations = int ($iter);
5979 my $hash_buf = $salt_buf;
5981 for (my $pos = 0; $pos < $iterations; $pos++)
5983 $hash_buf = sha1
($word_buf . $hash_buf);
5986 $hash_buf = encode_base64
($hash_buf . $salt_buf);
5987 $hash_buf =~ s/[\r\n]//g;
5989 $tmp_hash = sprintf ("{x-issha, %i}%s", $iterations, $hash_buf);
5991 elsif ($mode == 10400)
5994 my $u = $additional_param;
5995 my $o = $additional_param2;
5996 my $P = $additional_param3;
5998 if (defined $u == 0)
6003 if (defined $o == 0)
6008 if (defined $P == 0)
6015 for (my $i = 0; $i < 32; $i++)
6017 $padding .= pack ("C", $pdf_padding[$i]);
6020 my $res = pdf_compute_encryption_key
($word_buf, $padding, $id, $u, $o, $P, 1, 2, 0);
6022 my $m = Crypt
::RC4
->new (substr ($res, 0, 5));
6024 $u = $m->RC4 ($padding);
6026 $tmp_hash = sprintf ('$pdf$%d*%d*40*%d*%d*16*%s*32*%s*32*%s', 1, 2, $P, 0, $id, unpack ("H*", $u), $o);
6028 elsif ($mode == 10500)
6031 my $u = $additional_param;
6032 my $o = $additional_param2;
6033 my $P = $additional_param3;
6034 my $V = $additional_param4;
6035 my $R = $additional_param5;
6036 my $enc = $additional_param6;
6038 if (defined $u == 0)
6045 if (defined $o == 0)
6050 if (defined $R == 0)
6052 $R = get_random_num
(3, 5);
6055 if (defined $V == 0)
6057 $V = ($R == 3) ?
2 : 4;
6060 if (defined $P == 0)
6062 $P = ($R == 3) ?
-4 : -1028;
6065 if (defined $enc == 0)
6067 $enc = ($R == 3) ?
1 : get_random_num
(0, 2);
6072 for (my $i = 0; $i < 32; $i++)
6074 $padding .= pack ("C", $pdf_padding[$i]);
6077 my $res = pdf_compute_encryption_key
($word_buf, $padding, $id, $u, $o, $P, $V, $R, $enc);
6079 my $digest = md5
($padding . pack ("H*", $id));
6081 my $m = Crypt
::RC4
->new ($res);
6083 $u = $m->RC4 ($digest);
6085 my @ress = split "", $res;
6087 for (my $x = 1; $x <= 19; $x++)
6091 for (my $i = 0; $i < 16; $i++)
6093 $xor[$i] = chr (ord ($ress[$i]) ^ $x);
6096 my $s = join ("", @xor);
6098 my $m2 = Crypt
::RC4
->new ($s);
6103 $u .= substr (pack ("H*", $u_save), 16, 16);
6105 $tmp_hash = sprintf ('$pdf$%d*%d*128*%d*%d*16*%s*32*%s*32*%s', $V, $R, $P, $enc, $id, unpack ("H*", $u), $o);
6107 elsif ($mode == 10600)
6110 my $rest = $additional_param;
6112 if (defined $id == 0)
6117 if (defined $rest == 0)
6123 $rest .= "*127*00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000";
6126 my @data = split /\*/, $rest;
6128 my $u = pack ("H*", $data[1]);
6130 my $h = sha256
($word_buf . substr ($u, 32, 8));
6132 $data[1] = unpack ("H*", $h . substr ($u, 32));
6134 $rest = join ("*", @data);
6136 $tmp_hash = sprintf ('$pdf$5*5*256*-1028*1*16*%s*%s', $id, $rest);
6138 elsif ($mode == 10700)
6141 my $rest = $additional_param;
6143 if (defined $id == 0)
6148 if (defined $rest == 0)
6154 $rest .= "*127*00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000";
6157 my @datax = split /\*/, $rest;
6159 my $u = pack ("H*", $datax[1]);
6161 my $block = sha256
($word_buf . substr ($u, 32, 8));
6163 my $block_size = 32;
6165 my $data = 0x00 x
64;
6171 for (my $i = 0; $i < 64 || $i < $data63 + 32; $i++)
6173 $data = $word_buf . $block;
6175 $data_len = length ($data);
6177 for (my $k = 1; $k < 64; $k++)
6179 $data .= $word_buf . $block;
6182 my $aes = Crypt
::CBC
->new ({
6183 key
=> substr ($block, 0, 16),
6184 cipher
=> "Crypt::Rijndael",
6185 iv
=> substr ($block, 16, 16),
6192 my $data = $aes->encrypt ($data);
6196 for (my $j = 0; $j < 16; $j++)
6198 $sum += ord (substr ($data, $j, 1));
6201 $block_size = 32 + ($sum % 3) * 16;
6203 if ($block_size == 32)
6205 $block = sha256
(substr ($data, 0, $data_len * 64));
6207 elsif ($block_size == 48)
6209 $block = sha384
(substr ($data, 0, $data_len * 64));
6211 elsif ($block_size == 64)
6213 $block = sha512
(substr ($data, 0, $data_len * 64));
6216 $data63 = ord (substr ($data, $data_len * 64 - 1, 1));
6219 $datax[1] = unpack ("H*", substr ($block, 0, 32) . substr ($u, 32));
6221 $rest = join ("*", @datax);
6223 $tmp_hash = sprintf ('$pdf$5*6*256*-1028*1*16*%s*%s', $id, $rest);
6225 elsif ($mode == 10800)
6227 $hash_buf = sha384_hex
($word_buf);
6229 $tmp_hash = sprintf ("%s", $hash_buf);
6231 elsif ($mode == 10900)
6233 my $iterations = 1000;
6237 $iterations = int ($iter);
6242 if (defined $additional_param)
6244 $out_len = $additional_param;
6247 my $pbkdf2 = Crypt
::PBKDF2
->new
6249 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256),
6250 iterations
=> $iterations,
6251 output_len
=> $out_len
6254 $hash_buf = encode_base64
($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
6255 $hash_buf =~ s/[\r\n]//g;
6257 my $base64_salt_buf = encode_base64
($salt_buf);
6259 chomp ($base64_salt_buf);
6261 $tmp_hash = sprintf ("sha256:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6263 elsif ($mode == 11000)
6265 $hash_buf = md5_hex
($salt_buf . $word_buf);
6267 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
6269 elsif ($mode == 11100)
6271 my $user = "postgres";
6273 if (defined $additional_param)
6275 $user = $additional_param;
6278 $hash_buf = md5_hex
(md5_hex
($word_buf . $user) . pack ("H*", $salt_buf));
6280 $tmp_hash = sprintf ("\$postgres\$%s*%s*%s", $user, $salt_buf, $hash_buf);
6282 elsif ($mode == 11200)
6284 my $sha1_pass = sha1
($word_buf);
6285 my $double_sha1 = sha1
($sha1_pass);
6287 my $xor_part1 = $sha1_pass;
6288 my $xor_part2 = sha1
(pack ("H*", $salt_buf) . $double_sha1);
6292 for (my $i = 0; $i < 20; $i++)
6294 my $first_byte = substr ($xor_part1, $i, 1);
6295 my $second_byte = substr ($xor_part2, $i, 1);
6297 my $xor_result = $first_byte ^ $second_byte;
6299 $hash_buf .= unpack ("H*", $xor_result);
6302 $tmp_hash = sprintf ("\$mysqlna\$%s*%s", $salt_buf, $hash_buf);
6304 elsif ($mode == 11300)
6306 my $ckey_buf = get_random_string
(96);
6308 if (length ($additional_param))
6310 $ckey_buf = $additional_param;
6313 my $public_key_buf = get_random_string
(66);
6315 if (length ($additional_param2))
6317 $public_key_buf = $additional_param2;
6320 my $salt_iter = get_random_num
(150000, 250000);
6324 $salt_iter = int ($iter);
6327 my $hash_buf = sha512
($word_buf . pack ("H*", $salt_buf));
6329 for (my $i = 1; $i < $salt_iter; $i++)
6331 $hash_buf = sha512
($hash_buf);
6334 my $data = get_random_string
(32);
6336 my $aes = Crypt
::CBC
->new ({
6337 key
=> substr ($hash_buf, 0, 32),
6338 cipher
=> "Crypt::Rijndael",
6339 iv
=> substr ($hash_buf, 32, 16),
6343 padding
=> "standard",
6346 my $cry_master_buf = (unpack ("H*", $aes->encrypt ($data)));
6348 $tmp_hash = sprintf ('$bitcoin$%d$%s$%d$%s$%d$%d$%s$%d$%s',
6349 length ($cry_master_buf),
6356 length ($public_key_buf),
6359 elsif ($mode == 11400)
6361 my ($directive, $URI_server, $URI_client, $user, $realm, $nonce, $nonce_count, $nonce_client, $qop, $method, $URI, $URI_prefix, $URI_resource, $URI_suffix);
6363 $directive = "MD5"; # only directive currently supported
6365 if (defined ($additional_param))
6367 $user = $additional_param;
6368 $realm = $additional_param2;
6370 $nonce_count = $additional_param3;
6371 $nonce_client = $additional_param4;
6372 $qop = $additional_param5;
6373 $method = $additional_param6;
6375 $URI_prefix = $additional_param7;
6376 $URI_resource = $additional_param8;
6377 $URI_suffix = $additional_param9;
6379 # not needed information
6381 $URI_server = $additional_param10;
6382 $URI_client = $additional_param11;
6386 $user = get_random_string
(get_random_num
(0, 12 + 1));
6388 # special limit: (user_len + 1 + realm_len + 1 + word_buf_len) < 56
6389 my $realm_max_len = 55 - length ($user) - 1 - length ($word_buf) - 1;
6391 if ($realm_max_len < 1) # should never happen
6396 $realm_max_len = min
(20, $realm_max_len);
6398 $realm = get_random_string
(get_random_num
(0, $realm_max_len + 1));
6402 if (get_random_num
(0, 1 + 1) == 1)
6406 $nonce_count = get_random_string
(get_random_num
(0, 10 + 1));
6407 $nonce_client = get_random_string
(get_random_num
(0, 12 + 1));
6417 $method = get_random_string
(get_random_num
(0, 24 + 1));
6419 $URI_prefix = get_random_string
(get_random_num
(0, 10 + 1));
6420 $URI_resource = get_random_string
(get_random_num
(1, 32 + 1));
6421 $URI_suffix = get_random_string
(get_random_num
(0, 32 + 1));
6423 # not needed information
6425 $URI_server = get_random_string
(get_random_num
(0, 32 + 1));
6426 $URI_client = $URI_resource; # simplification
6433 if (length ($URI_prefix) > 0)
6435 $URI = $URI_prefix . ":";
6438 $URI .= $URI_resource;
6440 if (length ($URI_suffix) > 0)
6442 $URI .= ":" . $URI_suffix;
6445 my $HA2 = md5_hex
($method . ":" . $URI);
6447 my $HA1 = md5_hex
($user . ":" . $realm . ":" . $word_buf);
6451 if (($qop eq "auth") || ($qop eq "auth-int"))
6453 $tmp_buf = $nonce . ":" . $nonce_count . ":" . $nonce_client . ":" . $qop;
6460 my $hash_buf = md5_hex
($HA1 . ":" . $tmp_buf . ":" . $HA2);
6462 $tmp_hash = sprintf ("\$sip\$*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s", $URI_server, $URI_resource, $user, $realm, $method, $URI_prefix, $URI_resource, $URI_suffix, $nonce, $nonce_client, $nonce_count, $qop, $directive, $hash_buf);
6464 elsif ($mode == 11500)
6466 $hash_buf = crc32
($word_buf);
6468 $tmp_hash = sprintf ("%08x:00000000", $hash_buf);
6470 elsif ($mode == 11600)
6472 my ($p, $num_cycle_power, $seven_zip_salt_len, $seven_zip_salt_buf, $salt_len, $data_len, $unpack_size, $data_buf);
6476 my $validation_only = 0;
6478 $validation_only = 1 if (defined ($additional_param));
6480 if ($validation_only == 1)
6482 $num_cycle_power = int ($iter);
6483 $seven_zip_salt_len = $additional_param;
6484 $seven_zip_salt_buf = $additional_param2;
6485 $salt_len = $additional_param3;
6486 # $salt_buf set in parser
6487 # $hash_buf (resulting crc)
6488 $data_len = $additional_param4;
6489 $unpack_size = $additional_param5;
6490 $data_buf = $additional_param6;
6494 $num_cycle_power = 14; # by default it is 19
6495 $seven_zip_salt_len = 0;
6496 $seven_zip_salt_buf = "";
6497 $salt_len = length ($salt_buf);
6498 # $salt_buf set automatically
6499 # $hash_buf (resulting crc)
6500 # $data_len will be set when encrypting
6501 $unpack_size = get_random_num
(1, 32 + 1);
6502 $data_buf = get_random_string
($unpack_size);
6506 # 2 ^ NumCyclesPower "iterations" of SHA256 (only one final SHA256)
6509 $word_buf = encode
("UTF-16LE", $word_buf);
6511 my $rounds = 1 << $num_cycle_power;
6515 for (my $i = 0; $i < $rounds; $i++)
6519 $num_buf .= pack ("V", $i);
6520 $num_buf .= "\x00" x
4;
6522 # this would be better but only works on 64-bit systems:
6523 # $num_buf = pack ("q", $i);
6525 $pass_buf .= sprintf ("%s%s", $word_buf, $num_buf);
6528 my $key = sha256
($pass_buf);
6530 # the salt_buf is our IV for AES CBC
6533 my $salt_buf_len = length ($salt_buf);
6534 my $salt_padding_len = 0;
6536 if ($salt_buf_len < 16)
6538 $salt_padding_len = 16 - $salt_buf_len;
6541 $salt_buf .= "\x00" x
$salt_padding_len;
6543 my $aes = Crypt
::CBC
->new ({
6544 cipher
=> "Crypt::Rijndael",
6552 if ($validation_only == 1)
6556 my $decrypted_data = $aes->decrypt ($data_buf);
6558 $decrypted_data = substr ($decrypted_data, 0, $unpack_size);
6560 $hash_buf = crc32
($decrypted_data);
6566 $hash_buf = crc32
($data_buf);
6568 $data_buf = $aes->encrypt ($data_buf);
6570 $data_len = length ($data_buf);
6573 $tmp_hash = sprintf ("\$7z\$%i\$%i\$%i\$%s\$%i\$%08s\$%u\$%u\$%u\$%s", $p, $num_cycle_power, $seven_zip_salt_len, $seven_zip_salt_buf, $salt_len, unpack ("H*", $salt_buf), $hash_buf, $data_len, $unpack_size, unpack ("H*", $data_buf));
6575 elsif ($mode == 11900)
6577 my $iterations = 1000;
6581 $iterations = int ($iter);
6586 if (defined $additional_param)
6588 $out_len = $additional_param;
6592 # call PHP here - WTF
6595 # sanitize $word_buf and $salt_buf:
6597 my $word_buf_base64 = encode_base64
($word_buf);
6598 $word_buf_base64 =~ s/[\r\n]//g;
6600 my $salt_buf_base64 = encode_base64
($salt_buf);
6601 $salt_buf_base64 =~ s/[\r\n]//g;
6605 $out_len = int ($out_len);
6607 # output is in hex encoding, otherwise it could be screwed (but shouldn't)
6609 my $php_code = <<'END_CODE';
6611 function pbkdf2 ($algorithm, $password, $salt, $count, $key_length, $raw_output = false)
6613 $algorithm = strtolower ($algorithm);
6615 if (! in_array ($algorithm, hash_algos (), true))
6617 trigger_error ("PBKDF2 ERROR: Invalid hash algorithm.", E_USER_ERROR);
6620 if ($count <= 0 || $key_length <= 0)
6622 trigger_error ("PBKDF2 ERROR: Invalid parameters.", E_USER_ERROR);
6625 if (function_exists ("hash_pbkdf2"))
6629 $key_length = $key_length * 2;
6632 return hash_pbkdf2 ($algorithm, $password, $salt, $count, $key_length, $raw_output);
6635 $hash_length = strlen (hash ($algorithm, "", true));
6636 $block_count = ceil ($key_length / $hash_length);
6640 for ($i = 1; $i <= $block_count; $i++)
6642 $last = $salt . pack ("N", $i);
6644 $last = $xorsum = hash_hmac ($algorithm, $last, $password, true);
6646 for ($j = 1; $j < $count; $j++)
6648 $xorsum ^= ($last = hash_hmac ($algorithm, $last, $password, true));
6656 return substr ($output, 0, $key_length);
6660 return bin2hex (substr ($output, 0, $key_length));
6664 print pbkdf2 ("md5", base64_decode ("$word_buf_base64"), base64_decode ("$salt_buf_base64"), $iterations, $out_len, False);
6668 # replace with these command line arguments
6670 $php_code =~ s/\$word_buf_base64/$word_buf_base64/;
6671 $php_code =~ s/\$salt_buf_base64/$salt_buf_base64/;
6672 $php_code =~ s/\$iterations/$iterations/;
6673 $php_code =~ s/\$out_len/$out_len/;
6675 my $php_output = `php -r '$php_code'`;
6677 $hash_buf = pack ("H*", $php_output);
6679 $hash_buf = encode_base64 ($hash_buf);
6680 $hash_buf =~ s/[\r\n]//g;
6682 my $base64_salt_buf = encode_base64 ($salt_buf);
6684 chomp ($base64_salt_buf);
6686 $tmp_hash = sprintf ("md5:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6688 elsif ($mode == 12000)
6690 my $iterations = 1000;
6694 $iterations = int ($iter);
6699 if (defined $additional_param)
6701 $out_len = $additional_param;
6704 my $pbkdf2 = Crypt::PBKDF2->new
6706 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1'),
6707 iterations => $iterations,
6708 output_len => $out_len
6711 $hash_buf = encode_base64 ($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
6712 $hash_buf =~ s/[\r\n]//g;
6714 my $base64_salt_buf = encode_base64 ($salt_buf);
6716 chomp ($base64_salt_buf);
6718 $tmp_hash = sprintf ("sha1:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6720 elsif ($mode == 12100)
6722 my $iterations = 1000;
6726 $iterations = int ($iter);
6731 if (defined $additional_param)
6733 $out_len = $additional_param;
6736 my $pbkdf2 = Crypt::PBKDF2->new
6738 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 512),
6739 iterations => $iterations,
6740 output_len => $out_len
6743 $hash_buf = encode_base64 ($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
6744 $hash_buf =~ s/[\r\n]//g;
6746 my $base64_salt_buf = encode_base64 ($salt_buf);
6748 chomp ($base64_salt_buf);
6750 $tmp_hash = sprintf ("sha512:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6752 elsif ($mode == 12200)
6754 my $iterations = 65536;
6756 my $default_salt = 0;
6758 if (defined $additional_param)
6760 $default_salt = int ($additional_param);
6763 if ($default_salt == 1)
6765 $salt_buf = "0011223344556677";
6768 $hash_buf = sha512 (pack ("H*", $salt_buf) . $word_buf);
6770 for (my $i = 0; $i < $iterations; $i++)
6772 $hash_buf = sha512 ($hash_buf);
6775 $hash_buf = unpack ("H*", $hash_buf);
6776 $hash_buf = substr ($hash_buf, 0, 16);
6778 if ($default_salt == 0)
6780 $tmp_hash = sprintf ("\$ecryptfs\$0\$1\$%s\$%s", $salt_buf, $hash_buf);
6784 $tmp_hash = sprintf ("\$ecryptfs\$0\$%s", $hash_buf);
6787 elsif ($mode == 12300)
6789 my $iterations = 4096;
6791 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 512);
6793 my $pbkdf2 = Crypt::PBKDF2->new (
6795 iterations => $iterations,
6799 my $salt_bin = pack ("H*", $salt_buf);
6801 my $key = $pbkdf2->PBKDF2 ($salt_bin. "AUTH_PBKDF2_SPEEDY_KEY", $word_buf);
6803 $hash_buf = sha512_hex ($key . $salt_bin);
6805 $tmp_hash = sprintf ("%s%s", uc ($hash_buf), uc ($salt_buf));
6807 elsif ($mode == 12400)
6813 $iterations = int ($iter);
6817 $iterations = get_random_num (1, 5001 + 1);
6820 my $key_value = fold_password ($word_buf);
6822 my $data = "\x00\x00\x00\x00\x00\x00\x00\x00";
6823 my $salt_value = base64_to_int24 ($salt_buf);
6825 $hash_buf = crypt_rounds ($key_value, $iterations, $salt_value, $data);
6827 $tmp_hash = sprintf ("_%s%s%s", int24_to_base64 ($iterations), $salt_buf, block_to_base64 ($hash_buf));
6829 elsif ($mode == 12600)
6831 $hash_buf = sha1_hex ($word_buf);
6833 $hash_buf = sha256_hex ($salt_buf . uc $hash_buf);
6835 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
6837 elsif ($mode == 12700)
6839 my $iterations = 10;
6842 "guid" : "00000000-0000-0000-0000-000000000000",
6843 "sharedKey" : "00000000-0000-0000-0000-000000000000",
6844 "options" : {"pbkdf2_iterations":10,"fee_policy":0,"html5_notifications":false,"logout_time":600000,"tx_display":0,"always_keep_local_backup":false}|;
6846 my $salt_buf_bin = pack ("H*", $salt_buf);
6848 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1');
6850 my $pbkdf2 = Crypt::PBKDF2->new (
6852 iterations => $iterations,
6856 my $key = $pbkdf2->PBKDF2 ($salt_buf_bin, $word_buf);
6858 my $cipher = Crypt::CBC->new ({
6860 cipher => "Crypt::Rijndael",
6861 iv => $salt_buf_bin,
6867 my $encrypted = unpack ("H*", $cipher->encrypt ($data));
6869 $tmp_hash = sprintf ("\$blockchain\$%s\$%s", length ($salt_buf . $encrypted) / 2, $salt_buf . $encrypted);
6871 elsif ($mode == 12800)
6873 my $iterations = 100;
6877 $iterations = int ($iter);
6880 my $nt = md4_hex (encode ("UTF-16LE", $word_buf));
6882 my $pbkdf2 = Crypt::PBKDF2->new
6884 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
6885 iterations => $iterations,
6889 my $salt_buf_bin = pack ("H*", $salt_buf);
6891 my $hash = $pbkdf2->PBKDF2 ($salt_buf_bin, uc (encode ("UTF-16LE", $nt)));
6893 $tmp_hash = sprintf ("v1;PPH1_MD4,%s,%d,%s", $salt_buf, $iterations, unpack ("H*", $hash));
6895 elsif ($mode == 12900)
6897 my $iterations = 4096;
6901 $iterations = int ($iter);
6904 my $salt2 = $salt_buf . $salt_buf;
6906 if (defined $additional_param)
6908 $salt2 = $additional_param;
6911 my $pbkdf2 = Crypt::PBKDF2->new
6913 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
6914 iterations => $iterations,
6918 my $salt_buf_bin = pack ("H*", $salt_buf);
6920 my $hash = $pbkdf2->PBKDF2 ($salt_buf_bin, $word_buf);
6922 my $salt2_bin = pack ("H*", $salt2);
6924 my $hash_hmac = hmac_hex ($salt2_bin, $hash, \&sha256, 64);
6926 $tmp_hash = sprintf ("%s%s%s", $salt2, $hash_hmac, $salt_buf);
6928 elsif ($mode == 13000)
6930 my $iterations = 15;
6934 $iterations = int ($iter);
6939 if (defined $additional_param)
6941 $iv = $additional_param;
6944 my $pbkdf2 = Crypt::PBKDF2->new
6946 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
6947 iterations => (1 << $iterations) + 32,
6951 my $salt_buf_bin = pack ("H*", $salt_buf);
6953 my $hash = $pbkdf2->PBKDF2 ($salt_buf_bin, $word_buf);
6955 my $hash_final = substr ($hash, 0, 8)
6956 ^ substr ($hash, 8, 8)
6957 ^ substr ($hash, 16, 8)
6958 ^ substr ($hash, 24, 8);
6960 $tmp_hash = sprintf ('$rar5$16$%s$%d$%s$8$%s', $salt_buf, $iterations, $iv, unpack ("H*", $hash_final));
6962 elsif ($mode == 13100)
6964 my @salt_arr = split ('\$', $salt_buf);
6966 my $user = $salt_arr[0];
6968 my $realm = $salt_arr[1];
6970 my $spn = $salt_arr[2];
6972 my $nonce = $salt_arr[3];
6974 my $cleartext_ticket = '6381b03081ada00703050050a00000a11b3019a003020117a1'.
6975 '12041058e0d77776e8b8e03991f2966939222aa2171b154d594b5242544553542e434f4e5'.
6976 '44f534f2e434f4da3133011a003020102a10a30081b067472616e6365a40b3009a0030201'.
6977 '01a1020400a511180f32303136303231353134343735305aa611180f32303136303231353'.
6978 '134343735305aa711180f32303136303231363030343735305aa811180f32303136303232'.
6981 $cleartext_ticket = $nonce . $cleartext_ticket;
6983 my $k = md4 (encode ("UTF-16LE", $word_buf));
6985 my $k1 = hmac_md5 ("\x02\x00\x00\x00", $k);
6987 my $checksum = hmac_md5 (pack ("H*", $cleartext_ticket), $k1);
6989 my $k3 = hmac_md5 ($checksum, $k1);
6991 my $cipher = Crypt::RC4->new ($k3);
6993 my $edata2 = $cipher->RC4 (pack ("H*", $cleartext_ticket));
6995 $tmp_hash = sprintf ('$krb5tgs$23$*%s$%s$%s*$%s$%s', $user, $realm, $spn, unpack ("H*", $checksum), unpack ("H*", $edata2));
6997 elsif ($mode == 13200)
6999 my @salt_arr = split ('\*', $salt_buf);
7001 my $iteration = $salt_arr[0];
7003 my $mysalt = $salt_arr[1];
7005 $mysalt = pack ("H*", $mysalt);
7007 my $DEK = randbytes (16);
7009 my $iv = "a6a6a6a6a6a6a6a6";
7011 my $KEK = sha1($word_buf);
7013 $KEK = substr ($KEK ^ $mysalt, 0, 16);
7015 my $aes = Crypt::Mode::ECB->new ('AES');
7017 my @R = ('', substr(pack ("H*",$DEK),0,8), substr(pack ("H*",$DEK),8,16));
7021 my $A = pack ("H*", $iv);
7023 for (my $j = 0; $j < $iteration; $j++)
7025 $B = $aes->encrypt ($A . $R[1], $KEK);
7027 $A = substr ($B, 0, 8) ^ pack ("q", (2 * $j + 1));
7029 $R[1] = substr ($B, 8, 16);
7031 $B = $aes->encrypt ($A . $R[2], $KEK);
7033 $A = substr ($B, 0, 8) ^ pack ("q", (2 * $j + 2));
7035 $R[2] = substr ($B, 8, 16);
7038 my $wrapped_key = unpack ("H*", $A . substr ($R[1], 0 ,8) . substr ($R[2], 0 ,8));
7040 $mysalt = unpack ("H*", $mysalt);
7042 $tmp_hash = sprintf ('$axcrypt$*1*%s*%s*%s', $iteration, $mysalt, $wrapped_key);
7044 elsif ($mode == 13300)
7046 $hash_buf = sha1_hex ($word_buf);
7048 $tmp_hash = sprintf ('$axcrypt_sha1$%s', substr ($hash_buf, 0, 32));
7050 elsif ($mode == 13400)
7052 my @salt_arr = split ('\*', $salt_buf);
7054 my $version = $salt_arr[0];
7056 my $iteration = $salt_arr[1];
7058 my $algorithm = $salt_arr[2];
7060 my $final_random_seed = $salt_arr[3];
7062 my $transf_random_seed = $salt_arr[4];
7064 my $enc_iv = $salt_arr[5];
7068 # specific to version 1
7073 # specific to version 2
7076 # specific to keyfile handling
7077 my $inline_keyfile_flag;
7079 my $keyfile_content;
7080 my $keyfile_attributes = "";
7082 $final_random_seed = pack ("H*", $final_random_seed);
7084 $transf_random_seed = pack ("H*", $transf_random_seed);
7086 $enc_iv = pack ("H*", $enc_iv);
7088 my $intermediate_hash = sha256 ($word_buf);
7092 $contents_hash = $salt_arr[6];
7093 $contents_hash = pack ("H*", $contents_hash);
7095 $inline_flag = $salt_arr[7];
7097 $contents_len = $salt_arr[8];
7099 $contents = $salt_arr[9];
7100 $contents = pack ("H*", $contents);
7103 if (scalar @salt_arr == 13)
7105 $inline_keyfile_flag = $salt_arr[10];
7107 $keyfile_len = $salt_arr[11];
7109 $keyfile_content = $salt_arr[12];
7111 $keyfile_attributes = $keyfile_attributes
7112 . "*" . $inline_keyfile_flag
7113 . "*" . $keyfile_len
7114 . "*" . $keyfile_content;
7116 $intermediate_hash = $intermediate_hash . pack ("H*", $keyfile_content);
7117 $intermediate_hash = sha256 ($intermediate_hash);
7120 elsif ($version == 2)
7123 if (scalar @salt_arr == 11)
7125 $inline_keyfile_flag = $salt_arr[8];
7127 $keyfile_len = $salt_arr[9];
7129 $keyfile_content = $salt_arr[10];
7131 $intermediate_hash = $intermediate_hash . pack ("H*", $keyfile_content);
7133 $keyfile_attributes = $keyfile_attributes
7134 . "*" . $inline_keyfile_flag
7135 . "*" . $keyfile_len
7136 . "*" . $keyfile_content;
7139 $intermediate_hash = sha256 ($intermediate_hash);
7142 my $aes = Crypt::Mode::ECB->new ('AES', 1);
7144 for (my $j = 0; $j < $iteration; $j++)
7146 $intermediate_hash = $aes->encrypt ($intermediate_hash, $transf_random_seed);
7148 $intermediate_hash = substr ($intermediate_hash, 0, 32);
7151 $intermediate_hash = sha256 ($intermediate_hash);
7153 my $final_key = sha256 ($final_random_seed . $intermediate_hash);
7155 my $final_algorithm;
7157 if ($version == 1 && $algorithm == 1)
7159 $final_algorithm = "Crypt::Twofish";
7163 $final_algorithm = "Crypt::Rijndael";
7166 my $cipher = Crypt::CBC->new ({
7168 cipher => $final_algorithm,
7177 $contents_hash = sha256 ($contents);
7179 $contents = $cipher->encrypt($contents);
7181 $tmp_hash = sprintf ('$keepass$*%d*%d*%d*%s*%s*%s*%s*%d*%d*%s%s',
7185 unpack ("H*", $final_random_seed),
7186 unpack ("H*", $transf_random_seed),
7187 unpack ("H*", $enc_iv),
7188 unpack ("H*", $contents_hash),
7191 unpack ("H*", $contents),
7192 $keyfile_attributes);
7196 $expected_bytes = $salt_arr[6];
7198 $contents_hash = $salt_arr[7];
7199 $contents_hash = pack ("H*", $contents_hash);
7201 $expected_bytes = $cipher->decrypt($contents_hash);
7203 $tmp_hash = sprintf ('$keepass$*%d*%d*%d*%s*%s*%s*%s*%s%s',
7207 unpack ("H*", $final_random_seed),
7208 unpack ("H*", $transf_random_seed),
7209 unpack ("H*", $enc_iv),
7210 unpack ("H*", $expected_bytes),
7211 unpack ("H*", $contents_hash),
7212 $keyfile_attributes);
7215 elsif ($mode == 13500)
7217 $hash_buf = sha1_hex (pack ("H*", $salt_buf) . encode ("UTF-16LE", $word_buf));
7219 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
7221 elsif ($mode == 13600)
7223 my $iterations = 1000;
7227 if (defined $additional_param)
7229 $type = $additional_param;
7232 my $mode = 1 + int rand (3);
7234 if (defined $additional_param2)
7236 $mode = $additional_param2;
7241 if (defined $additional_param3)
7243 $magic = $additional_param3;
7246 if (defined $additional_param4)
7248 $salt_buf = $additional_param4;
7251 $salt_buf = substr ($salt_buf, 0, 8 + ($mode * 8));
7253 my $compress_length = 0;
7255 if (defined $additional_param5)
7257 $compress_length = $additional_param5;
7262 if (defined $additional_param6)
7264 $data = $additional_param6;
7267 my $key_len = (8 * ($mode & 3) + 8) * 2;
7269 my $out_len = $key_len + 2;
7271 my $salt_buf_bin = pack ("H*", $salt_buf);
7273 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1');
7275 my $pbkdf2 = Crypt::PBKDF2->new
7278 iterations => $iterations,
7279 output_len => $out_len
7282 my $key = $pbkdf2->PBKDF2_hex ($salt_buf_bin, $word_buf);
7284 my $verify_bytes = substr ($key, -4); $verify_bytes =~ s/^0+//; #lol
7286 $key = substr ($key, $key_len, $key_len);
7288 my $key_bin = pack ("H*", $key);
7290 my $auth = hmac_hex ($data, $key_bin, \&sha1, 64);
7292 $tmp_hash = sprintf ('$zip2$*%u*%u*%u*%s*%s*%u*%s*%s*$/zip2$', $type, $mode, $magic, $salt_buf, $verify_bytes, $compress_length, $data, substr ($auth, 0, 20));
7302 my $word_len = shift;
7304 my $salt_len = shift;
7308 $max = 15 if ($mode == 2410);
7310 if ($is_unicode{$mode})
7312 if (! $allow_long_salt{$mode})
7314 $word_len = min ($word_len, int ($max / 2) - $salt_len);
7318 $word_len = min ($word_len, int ($max / 2));
7321 elsif ($less_fifteen{$mode})
7323 $word_len = min ($word_len, 15);
7327 $salt_len = min ($salt_len, 15 - $word_len);
7332 if (! $allow_long_salt{$mode})
7334 $word_len = min ($word_len, $max - $salt_len);
7353 for (my $i = 0; $i < $salt_len; $i++)
7355 my $c = get_random_chr (0x30, 0x39);
7357 push (@salt_arr, $c);
7360 $salt_buf = join ("", @salt_arr);
7362 $salt_buf = get_random_md5chap_salt ($salt_buf);
7364 elsif ($mode == 5300 || $mode == 5400)
7366 $salt_buf = get_random_ike_salt ();
7368 elsif ($mode == 5500)
7370 $salt_buf = get_random_netntlmv1_salt ($salt_len, $salt_len);
7372 elsif ($mode == 5600)
7374 $salt_buf = get_random_netntlmv2_salt ($salt_len, $salt_len);
7376 elsif ($mode == 6600)
7378 $salt_buf = get_random_agilekeychain_salt ();
7380 elsif ($mode == 8200)
7382 $salt_buf = get_random_cloudkeychain_salt ();
7384 elsif ($mode == 8300)
7386 $salt_buf = get_random_dnssec_salt ();
7388 elsif ($mode == 13100)
7390 $salt_buf = get_random_kerberos5_tgs_salt ();
7392 elsif ($mode == 13200)
7394 $salt_buf = get_random_axcrypt_salt ();
7396 elsif ($mode == 13400)
7398 $salt_buf = get_random_keepass_salt ();
7400 elsif ($mode == 13500)
7402 $salt_buf = get_pstoken_salt ();
7408 for (my $i = 0; $i < $salt_len; $i++)
7410 my $c = get_random_chr (0x30, 0x39);
7412 push (@salt_arr, $c);
7415 $salt_buf = join ("", @salt_arr);
7419 $salt_buf = get_random_kerberos5_salt ($salt_buf);
7429 for (my $i = 0; $i < $word_len; $i++)
7431 my $c = get_random_chr (0x30, 0x39);
7433 push (@word_arr, $c);
7436 my $word_buf = join ("", @word_arr);
7442 my $tmp_hash = gen_hash ($mode, $word_buf, $salt_buf);
7455 print sprintf ("echo -n %-20s | %s \${OPTS} %s %4d '%s'\n", $word_buf, @cmd);
7467 sub get_random_string
7473 for (my $i = 0; $i < $len; $i++)
7475 my $c = get_random_chr (0x30, 0x39);
7480 my $buf = join ("", @arr);
7490 return int ((rand ($max - $min)) + $min);
7495 return chr get_random_num (@_);
7504 for (my $i = 0; $i < length ($str); $i += 4)
7506 my $num = domino_base64_decode (substr ($str, $i, 4), 4);
7508 $decoded .= chr (($num >> 16) & 0xff) . chr (($num >> 8) & 0xff) . chr ($num & 0xff);
7515 $salt = substr ($decoded, 0, 5);
7517 my $byte10 = (ord (substr ($salt, 3, 1)) - 4);
7521 $byte10 = 256 + $byte10;
7524 substr ($salt, 3, 1) = chr ($byte10);
7526 $digest = substr ($decoded, 5, 9);
7527 $char = substr ($str, 18, 1);
7529 return ($digest, $salt, $char);
7532 sub domino_85x_decode
7538 for (my $i = 0; $i < length ($str); $i += 4)
7540 my $num = domino_base64_decode (substr ($str, $i, 4), 4);
7542 $decoded .= chr (($num >> 16) & 0xff) . chr (($num >> 8) & 0xff) . chr ($num & 0xff);
7547 my $iterations = -1;
7550 $salt = substr ($decoded, 0, 16); # longer than -m 8700 (5 vs 16 <- new)
7552 my $byte10 = (ord (substr ($salt, 3, 1)) - 4);
7556 $byte10 = 256 + $byte10;
7559 substr ($salt, 3, 1) = chr ($byte10);
7561 $iterations = substr ($decoded, 16, 10);
7563 if ($iterations =~ /^?d*$/)
7567 $iterations = $iterations + 0; # hack: make sure it is an int now (atoi ())
7568 $chars = substr ($decoded, 26, 2); # in my example it is "02"
7569 $digest = substr ($decoded, 28, 8); # only of length of 8 vs 20 SHA1 bytes
7572 return ($digest, $salt, $iterations, $chars);
7575 sub domino_base64_decode
7580 my $itoa64 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
7588 my $idx = (index ($itoa64, substr ($v, $n - $i, 1))) & 0x3f;
7590 $ret += ($idx << (6 * ($i - 1)));
7603 my $byte10 = (ord (substr ($final, 3, 1)) + 4);
7607 $byte10 = $byte10 - 256;
7610 substr ($final, 3, 1) = chr ($byte10);
7614 $passwd .= domino_base64_encode ((int (ord (substr ($final, 0, 1))) << 16) | (int (ord (substr ($final, 1, 1))) << 8) | (int (ord (substr ($final, 2, 1)))), 4);
7615 $passwd .= domino_base64_encode ((int (ord (substr ($final, 3, 1))) << 16) | (int (ord (substr ($final, 4, 1))) << 8) | (int (ord (substr ($final, 5, 1)))), 4);
7616 $passwd .= domino_base64_encode ((int (ord (substr ($final, 6, 1))) << 16) | (int (ord (substr ($final, 7, 1))) << 8) | (int (ord (substr ($final, 8, 1)))), 4);
7617 $passwd .= domino_base64_encode ((int (ord (substr ($final, 9, 1))) << 16) | (int (ord (substr ($final, 10, 1))) << 8) | (int (ord (substr ($final, 11, 1)))), 4);
7618 $passwd .= domino_base64_encode ((int (ord (substr ($final, 12, 1))) << 16) | (int (ord (substr ($final, 13, 1))) << 8) | (int (ord (substr ($final, 14, 1)))), 4);
7620 if (defined ($char))
7622 substr ($passwd, 18, 1) = $char;
7624 substr ($passwd, 19, 1) = "";
7629 sub domino_85x_encode
7634 my $byte10 = (ord (substr ($final, 3, 1)) + 4);
7638 $byte10 = $byte10 - 256;
7641 substr ($final, 3, 1) = chr ($byte10);
7645 $passwd .= domino_base64_encode ((int (ord (substr ($final, 0, 1))) << 16) | (int (ord (substr ($final, 1, 1))) << 8) | (int (ord (substr ($final, 2, 1)))), 4);
7646 $passwd .= domino_base64_encode ((int (ord (substr ($final, 3, 1))) << 16) | (int (ord (substr ($final, 4, 1))) << 8) | (int (ord (substr ($final, 5, 1)))), 4);
7647 $passwd .= domino_base64_encode ((int (ord (substr ($final, 6, 1))) << 16) | (int (ord (substr ($final, 7, 1))) << 8) | (int (ord (substr ($final, 8, 1)))), 4);
7648 $passwd .= domino_base64_encode ((int (ord (substr ($final, 9, 1))) << 16) | (int (ord (substr ($final, 10, 1))) << 8) | (int (ord (substr ($final, 11, 1)))), 4);
7649 $passwd .= domino_base64_encode ((int (ord (substr ($final, 12, 1))) << 16) | (int (ord (substr ($final, 13, 1))) << 8) | (int (ord (substr ($final, 14, 1)))), 4);
7650 $passwd .= domino_base64_encode ((int (ord (substr ($final, 15, 1))) << 16) | (int (ord (substr ($final, 16, 1))) << 8) | (int (ord (substr ($final, 17, 1)))), 4);
7651 $passwd .= domino_base64_encode ((int (ord (substr ($final, 18, 1))) << 16) | (int (ord (substr ($final, 19, 1))) << 8) | (int (ord (substr ($final, 20, 1)))), 4);
7652 $passwd .= domino_base64_encode ((int (ord (substr ($final, 21, 1))) << 16) | (int (ord (substr ($final, 22, 1))) << 8) | (int (ord (substr ($final, 23, 1)))), 4);
7653 $passwd .= domino_base64_encode ((int (ord (substr ($final, 24, 1))) << 16) | (int (ord (substr ($final, 25, 1))) << 8) | (int (ord (substr ($final, 26, 1)))), 4);
7654 $passwd .= domino_base64_encode ((int (ord (substr ($final, 27, 1))) << 16) | (int (ord (substr ($final, 28, 1))) << 8) | (int (ord (substr ($final, 29, 1)))), 4);
7655 $passwd .= domino_base64_encode ((int (ord (substr ($final, 30, 1))) << 16) | (int (ord (substr ($final, 31, 1))) << 8) | (int (ord (substr ($final, 32, 1)))), 4);
7656 $passwd .= domino_base64_encode ((int (ord (substr ($final, 33, 1))) << 16) | (int (ord (substr ($final, 34, 1))) << 8) | (int (ord (substr ($final, 35, 1)))), 4);
7658 if (defined ($char))
7660 substr ($passwd, 18, 1) = $char;
7666 sub domino_base64_encode
7671 my $itoa64 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
7675 while (($n - 1) >= 0)
7679 $ret = substr ($itoa64, $v & 0x3f, 1) . $ret;
7689 my $itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
7694 my $v = unpack "V", substr($md5, $i*4, 4);
7696 $s64 .= substr($itoa64, $v & 0x3f, 1);
7705 my ($username, $password) = @_;
7707 $username = substr ($username . " " x 8, 0, 8);
7708 $password = substr ($password . " " x 8, 0, 8);
7710 my $username_ebc = ascii2ebcdic ($username);
7711 my $password_ebc = ascii2ebcdic ($password);
7713 my @pw = split ("", $password_ebc);
7715 for (my $i = 0; $i < 8; $i++)
7717 $pw[$i] = unpack ("C", $pw[$i]);
7720 $pw[$i] = pack ("C", $pw[$i] & 0xff);
7723 my $key = join ("", @pw);
7725 my $cipher = new Crypt::DES $key;
7727 my $ciphertext = $cipher->encrypt ($username_ebc);
7729 my $ct = unpack ("H16", $ciphertext);
7736 my ($username, $password) = @_;
7738 my $userpass = pack('n*', unpack('C*', uc($username.$password)));
7739 $userpass .= pack('C', 0) while (length($userpass) % 8);
7741 my $key = pack('H*', "0123456789ABCDEF");
7742 my $iv = pack('H*', "0000000000000000");
7744 my $c = new Crypt::CBC(
7751 my $key2 = substr($c->encrypt($userpass), length($userpass)-8, 8);
7753 my $c2 = new Crypt::CBC(
7760 my $hash = substr($c2->encrypt($userpass), length($userpass)-8, 8);
7762 return uc(unpack('H*', $hash));
7767 my $word_buf = shift;
7769 my $salt_buf = shift;
7771 my $w = sprintf ("%d%s%s", 0, $word_buf, $salt_buf);
7773 my $digest = sha1 ($w);
7775 for (my $i = 1; $i < 1024; $i++)
7777 $w = $digest . sprintf ("%d%s%s", $i, $word_buf, $salt_buf);
7779 $digest = sha1 ($w);
7782 my ($A, $B, $C, $D, $E) = unpack ("N5", $digest);
7784 return sprintf ("%08x%08x%08x%08x%08x", $A, $B, $C, $D, $E);
7792 my $itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
7796 while (($n - 1) >= 0)
7800 $ret .= substr ($itoa64, $v & 0x3f, 1);
7816 my $hash = ""; # hash to be returned by this function
7818 my $final = md5 ($pass . $salt . $pass);
7820 $salt = substr ($salt, 0, 8);
7822 my $tmp = $pass . $magic . $salt;
7824 my $pass_len = length ($pass);
7828 for ($i = $pass_len; $i > 0; $i -= 16)
7837 $tmp .= substr ($final, 0, $len);
7850 $tmp .= substr ($pass, 0, 1);
7856 $final = md5 ($tmp);
7858 for ($i = 0; $i < $iter; $i++)
7890 $final = md5 ($tmp);
7894 # now format the output sting ("hash")
7898 $hash = to64 ((ord (substr ($final, 0, 1)) << 16) | (ord (substr ($final, 6, 1)) << 8) | (ord (substr ($final, 12, 1))), 4);
7899 $hash .= to64 ((ord (substr ($final, 1, 1)) << 16) | (ord (substr ($final, 7, 1)) << 8) | (ord (substr ($final, 13, 1))), 4);
7900 $hash .= to64 ((ord (substr ($final, 2, 1)) << 16) | (ord (substr ($final, 8, 1)) << 8) | (ord (substr ($final, 14, 1))), 4);
7901 $hash .= to64 ((ord (substr ($final, 3, 1)) << 16) | (ord (substr ($final, 9, 1)) << 8) | (ord (substr ($final, 15, 1))), 4);
7902 $hash .= to64 ((ord (substr ($final, 4, 1)) << 16) | (ord (substr ($final, 10, 1)) << 8) | (ord (substr ($final, 5, 1))), 4);
7903 $hash .= to64 (ord (substr ($final, 11, 1)), 2);
7905 if ($iter == 1000) # default
7907 $hash_buf = sprintf ("%s%s\$%s", $magic , $salt , $hash);
7911 $hash_buf = sprintf ("%srounds=%i\$%s\$%s", $magic, $iter, $salt , $hash);
7923 my $hash = ""; # hash to be returned by this function
7925 my $final = sha512 ($pass . $salt . $pass);
7927 $salt = substr ($salt, 0, 16);
7929 my $tmp = $pass . $salt;
7931 my $pass_len = length ($pass);
7932 my $salt_len = length ($salt);
7936 for ($i = $pass_len; $i > 0; $i -= 16)
7945 $tmp .= substr ($final, 0, $len);
7964 $final = sha512 ($tmp);
7970 for ($i = 0; $i < $pass_len; $i++)
7975 $p_bytes = sha512 ($p_bytes);
7976 $p_bytes = substr ($p_bytes, 0, $pass_len);
7980 my $final_first_byte = ord (substr ($final, 0, 1));
7984 for ($i = 0; $i < (16 + $final_first_byte); $i++)
7989 $s_bytes = sha512 ($s_bytes);
7990 $s_bytes = substr ($s_bytes, 0, $salt_len);
7992 for ($i = 0; $i < $iter; $i++)
8024 $final = sha512 ($tmp);
8028 # now format the output string ("hash")
8032 $hash .= to64 ((ord (substr ($final, 0, 1)) << 16) | (ord (substr ($final, 21, 1)) << 8) | (ord (substr ($final, 42, 1))), 4);
8033 $hash .= to64 ((ord (substr ($final, 22, 1)) << 16) | (ord (substr ($final, 43, 1)) << 8) | (ord (substr ($final, 1, 1))), 4);
8034 $hash .= to64 ((ord (substr ($final, 44, 1)) << 16) | (ord (substr ($final, 2, 1)) << 8) | (ord (substr ($final, 23, 1))), 4);
8035 $hash .= to64 ((ord (substr ($final, 3, 1)) << 16) | (ord (substr ($final, 24, 1)) << 8) | (ord (substr ($final, 45, 1))), 4);
8036 $hash .= to64 ((ord (substr ($final, 25, 1)) << 16) | (ord (substr ($final, 46, 1)) << 8) | (ord (substr ($final, 4, 1))), 4);
8037 $hash .= to64 ((ord (substr ($final, 47, 1)) << 16) | (ord (substr ($final, 5, 1)) << 8) | (ord (substr ($final, 26, 1))), 4);
8038 $hash .= to64 ((ord (substr ($final, 6, 1)) << 16) | (ord (substr ($final, 27, 1)) << 8) | (ord (substr ($final, 48, 1))), 4);
8039 $hash .= to64 ((ord (substr ($final, 28, 1)) << 16) | (ord (substr ($final, 49, 1)) << 8) | (ord (substr ($final, 7, 1))), 4);
8040 $hash .= to64 ((ord (substr ($final, 50, 1)) << 16) | (ord (substr ($final, 8, 1)) << 8) | (ord (substr ($final, 29, 1))), 4);
8041 $hash .= to64 ((ord (substr ($final, 9, 1)) << 16) | (ord (substr ($final, 30, 1)) << 8) | (ord (substr ($final, 51, 1))), 4);
8042 $hash .= to64 ((ord (substr ($final, 31, 1)) << 16) | (ord (substr ($final, 52, 1)) << 8) | (ord (substr ($final, 10, 1))), 4);
8043 $hash .= to64 ((ord (substr ($final, 53, 1)) << 16) | (ord (substr ($final, 11, 1)) << 8) | (ord (substr ($final, 32, 1))), 4);
8044 $hash .= to64 ((ord (substr ($final, 12, 1)) << 16) | (ord (substr ($final, 33, 1)) << 8) | (ord (substr ($final, 54, 1))), 4);
8045 $hash .= to64 ((ord (substr ($final, 34, 1)) << 16) | (ord (substr ($final, 55, 1)) << 8) | (ord (substr ($final, 13, 1))), 4);
8046 $hash .= to64 ((ord (substr ($final, 56, 1)) << 16) | (ord (substr ($final, 14, 1)) << 8) | (ord (substr ($final, 35, 1))), 4);
8047 $hash .= to64 ((ord (substr ($final, 15, 1)) << 16) | (ord (substr ($final, 36, 1)) << 8) | (ord (substr ($final, 57, 1))), 4);
8048 $hash .= to64 ((ord (substr ($final, 37, 1)) << 16) | (ord (substr ($final, 58, 1)) << 8) | (ord (substr ($final, 16, 1))), 4);
8049 $hash .= to64 ((ord (substr ($final, 59, 1)) << 16) | (ord (substr ($final, 17, 1)) << 8) | (ord (substr ($final, 38, 1))), 4);
8050 $hash .= to64 ((ord (substr ($final, 18, 1)) << 16) | (ord (substr ($final, 39, 1)) << 8) | (ord (substr ($final, 60, 1))), 4);
8051 $hash .= to64 ((ord (substr ($final, 40, 1)) << 16) | (ord (substr ($final, 61, 1)) << 8) | (ord (substr ($final, 19, 1))), 4);
8052 $hash .= to64 ((ord (substr ($final, 62, 1)) << 16) | (ord (substr ($final, 20, 1)) << 8) | (ord (substr ($final, 41, 1))), 4);
8053 $hash .= to64 (ord (substr ($final, 63, 1)), 2);
8057 if ($iter == 5000) # default
8059 $hash_buf = sprintf ("%s%s\$%s", $magic, $salt , $hash);
8063 $hash_buf = sprintf ("%srounds=%i\$%s\$%s", $magic, $iter, $salt , $hash);
8075 my $hash = ""; # hash to be returned by this function
8077 my $final = sha256 ($pass . $salt . $pass);
8079 $salt = substr ($salt, 0, 16);
8081 my $tmp = $pass . $salt;
8083 my $pass_len = length ($pass);
8084 my $salt_len = length ($salt);
8088 for ($i = $pass_len; $i > 0; $i -= 16)
8097 $tmp .= substr ($final, 0, $len);
8116 $final = sha256 ($tmp);
8122 for ($i = 0; $i < $pass_len; $i++)
8127 $p_bytes = sha256 ($p_bytes);
8128 $p_bytes = substr ($p_bytes, 0, $pass_len);
8132 my $final_first_byte = ord (substr ($final, 0, 1));
8136 for ($i = 0; $i < (16 + $final_first_byte); $i++)
8141 $s_bytes = sha256 ($s_bytes);
8142 $s_bytes = substr ($s_bytes, 0, $salt_len);
8144 for ($i = 0; $i < $iter; $i++)
8176 $final = sha256 ($tmp);
8180 # now format the output string ("hash")
8184 $hash .= to64 ((ord (substr ($final, 0, 1)) << 16) | (ord (substr ($final, 10, 1)) << 8) | (ord (substr ($final, 20, 1))), 4);
8185 $hash .= to64 ((ord (substr ($final, 21, 1)) << 16) | (ord (substr ($final, 1, 1)) << 8) | (ord (substr ($final, 11, 1))), 4);
8186 $hash .= to64 ((ord (substr ($final, 12, 1)) << 16) | (ord (substr ($final, 22, 1)) << 8) | (ord (substr ($final, 2, 1))), 4);
8187 $hash .= to64 ((ord (substr ($final, 3, 1)) << 16) | (ord (substr ($final, 13, 1)) << 8) | (ord (substr ($final, 23, 1))), 4);
8188 $hash .= to64 ((ord (substr ($final, 24, 1)) << 16) | (ord (substr ($final, 4, 1)) << 8) | (ord (substr ($final, 14, 1))), 4);
8189 $hash .= to64 ((ord (substr ($final, 15, 1)) << 16) | (ord (substr ($final, 25, 1)) << 8) | (ord (substr ($final, 5, 1))), 4);
8190 $hash .= to64 ((ord (substr ($final, 6, 1)) << 16) | (ord (substr ($final, 16, 1)) << 8) | (ord (substr ($final, 26, 1))), 4);
8191 $hash .= to64 ((ord (substr ($final, 27, 1)) << 16) | (ord (substr ($final, 7, 1)) << 8) | (ord (substr ($final, 17, 1))), 4);
8192 $hash .= to64 ((ord (substr ($final, 18, 1)) << 16) | (ord (substr ($final, 28, 1)) << 8) | (ord (substr ($final, 8, 1))), 4);
8193 $hash .= to64 ((ord (substr ($final, 9, 1)) << 16) | (ord (substr ($final, 19, 1)) << 8) | (ord (substr ($final, 29, 1))), 4);
8194 $hash .= to64 ((ord (substr ($final, 31, 1)) << 8) | (ord (substr ($final, 30, 1))), 3);
8198 if ($iter == 5000) # default
8200 $hash_buf = sprintf ("%s%s\$%s", $magic, $salt , $hash);
8204 $hash_buf = sprintf ("%srounds=%i\$%s\$%s", $magic, $iter, $salt , $hash);
8210 sub aix_ssha256_pbkdf2
8212 my $word_buf = shift;
8213 my $salt_buf = shift;
8214 my $iterations = shift;
8216 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256);
8218 my $pbkdf2 = Crypt::PBKDF2->new (
8220 iterations => $iterations,
8224 my $hash_buf = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
8228 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 1, 1))) << 8) | (int (ord (substr ($hash_buf, 2, 1)))), 4);
8229 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 4, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
8230 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 6, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 8, 1)))), 4);
8231 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 9, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 11, 1)))), 4);
8232 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 12, 1))) << 16) | (int (ord (substr ($hash_buf, 13, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
8233 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 15, 1))) << 16) | (int (ord (substr ($hash_buf, 16, 1))) << 8) | (int (ord (substr ($hash_buf, 17, 1)))), 4);
8234 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 18, 1))) << 16) | (int (ord (substr ($hash_buf, 19, 1))) << 8) | (int (ord (substr ($hash_buf, 20, 1)))), 4);
8235 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 21, 1))) << 16) | (int (ord (substr ($hash_buf, 22, 1))) << 8) | (int (ord (substr ($hash_buf, 23, 1)))), 4);
8236 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 24, 1))) << 16) | (int (ord (substr ($hash_buf, 25, 1))) << 8) | (int (ord (substr ($hash_buf, 26, 1)))), 4);
8237 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 27, 1))) << 16) | (int (ord (substr ($hash_buf, 28, 1))) << 8) | (int (ord (substr ($hash_buf, 29, 1)))), 4);
8238 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 30, 1))) << 16) | (int (ord (substr ($hash_buf, 31, 1))) << 8) , 3);
8243 sub aix_ssha512_pbkdf2
8245 my $word_buf = shift;
8246 my $salt_buf = shift;
8247 my $iterations = shift;
8249 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 512);
8251 my $pbkdf2 = Crypt::PBKDF2->new (
8253 iterations => $iterations,
8256 my $hash_buf = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
8260 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 1, 1))) << 8) | (int (ord (substr ($hash_buf, 2, 1)))), 4);
8261 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 4, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
8262 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 6, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 8, 1)))), 4);
8263 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 9, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 11, 1)))), 4);
8264 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 12, 1))) << 16) | (int (ord (substr ($hash_buf, 13, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
8265 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 15, 1))) << 16) | (int (ord (substr ($hash_buf, 16, 1))) << 8) | (int (ord (substr ($hash_buf, 17, 1)))), 4);
8266 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 18, 1))) << 16) | (int (ord (substr ($hash_buf, 19, 1))) << 8) | (int (ord (substr ($hash_buf, 20, 1)))), 4);
8267 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 21, 1))) << 16) | (int (ord (substr ($hash_buf, 22, 1))) << 8) | (int (ord (substr ($hash_buf, 23, 1)))), 4);
8268 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 24, 1))) << 16) | (int (ord (substr ($hash_buf, 25, 1))) << 8) | (int (ord (substr ($hash_buf, 26, 1)))), 4);
8269 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 27, 1))) << 16) | (int (ord (substr ($hash_buf, 28, 1))) << 8) | (int (ord (substr ($hash_buf, 29, 1)))), 4);
8270 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 30, 1))) << 16) | (int (ord (substr ($hash_buf, 31, 1))) << 8) | (int (ord (substr ($hash_buf, 32, 1)))), 4);
8271 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 33, 1))) << 16) | (int (ord (substr ($hash_buf, 34, 1))) << 8) | (int (ord (substr ($hash_buf, 35, 1)))), 4);
8272 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 36, 1))) << 16) | (int (ord (substr ($hash_buf, 37, 1))) << 8) | (int (ord (substr ($hash_buf, 38, 1)))), 4);
8273 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 39, 1))) << 16) | (int (ord (substr ($hash_buf, 40, 1))) << 8) | (int (ord (substr ($hash_buf, 41, 1)))), 4);
8274 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 42, 1))) << 16) | (int (ord (substr ($hash_buf, 43, 1))) << 8) | (int (ord (substr ($hash_buf, 44, 1)))), 4);
8275 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 45, 1))) << 16) | (int (ord (substr ($hash_buf, 46, 1))) << 8) | (int (ord (substr ($hash_buf, 47, 1)))), 4);
8276 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 48, 1))) << 16) | (int (ord (substr ($hash_buf, 49, 1))) << 8) | (int (ord (substr ($hash_buf, 50, 1)))), 4);
8277 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 51, 1))) << 16) | (int (ord (substr ($hash_buf, 52, 1))) << 8) | (int (ord (substr ($hash_buf, 53, 1)))), 4);
8278 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 54, 1))) << 16) | (int (ord (substr ($hash_buf, 55, 1))) << 8) | (int (ord (substr ($hash_buf, 56, 1)))), 4);
8279 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 57, 1))) << 16) | (int (ord (substr ($hash_buf, 58, 1))) << 8) | (int (ord (substr ($hash_buf, 59, 1)))), 4);
8280 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 60, 1))) << 16) | (int (ord (substr ($hash_buf, 61, 1))) << 8) | (int (ord (substr ($hash_buf, 62, 1)))), 4);
8281 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 63, 1))) << 16) , 2);
8286 sub aix_ssha1_pbkdf2
8288 my $word_buf = shift;
8289 my $salt_buf = shift;
8290 my $iterations = shift;
8292 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1');
8294 my $pbkdf2 = Crypt::PBKDF2->new (
8296 iterations => $iterations,
8299 my $hash_buf = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
8303 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 1, 1))) << 8) | (int (ord (substr ($hash_buf, 2, 1)))), 4);
8304 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 4, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
8305 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 6, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 8, 1)))), 4);
8306 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 9, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 11, 1)))), 4);
8307 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 12, 1))) << 16) | (int (ord (substr ($hash_buf, 13, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
8308 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 15, 1))) << 16) | (int (ord (substr ($hash_buf, 16, 1))) << 8) | (int (ord (substr ($hash_buf, 17, 1)))), 4);
8309 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 18, 1))) << 16) | (int (ord (substr ($hash_buf, 19, 1))) << 8) , 3);
8318 my @data = split "", $data_s;
8321 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8322 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8323 "\x3f\x40\x41\x50\x43\x44\x45\x4b\x47\x48\x4d\x4e\x54\x51\x53\x46" .
8324 "\x35\x36\x37\x38\x39\x3a\x3b\x3c\x3d\x3e\x56\x55\x5c\x49\x5d\x4a" .
8325 "\x42\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" .
8326 "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x58\x5b\x59\xff\x52" .
8327 "\x4c\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" .
8328 "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x57\x5e\x5a\x4f\xff" .
8329 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8330 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8331 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8332 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8333 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8334 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8335 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8336 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff";
8338 my @transTable = unpack ("C256", $transTable_s);
8342 for (my $i = 0; $i < scalar @data; $i++)
8344 $out[$i] = $transTable[int (ord ($data[$i]))];
8347 return pack ("C*", @out);
8352 my $digest_s = shift;
8357 my @w = unpack "C*", $w_s;
8358 my @s = unpack "C*", $s_s;
8361 "\x14\x77\xf3\xd4\xbb\x71\x23\xd0\x03\xff\x47\x93\x55\xaa\x66\x91" .
8362 "\xf2\x88\x6b\x99\xbf\xcb\x32\x1a\x19\xd9\xa7\x82\x22\x49\xa2\x51" .
8363 "\xe2\xb7\x33\x71\x8b\x9f\x5d\x01\x44\x70\xae\x11\xef\x28\xf0\x0d";
8365 my @bcodeTable = unpack ("C48", $bcodeTable_s);
8367 my @abcd = unpack ("C16", $digest_s);
8369 my $sum20 = ($abcd[0] & 3)
8379 for (my $i2 = 0; $i2 < $sum20; $i2++)
8384 for (my $i1 = 0, my $i2 = 0, my $i3 = 0; $i2 < $sum20; $i2++, $i2++)
8386 if ($i1 < length $w_s)
8388 if ($abcd[15 - $i1] & 1)
8390 $out[$i2] = $bcodeTable[48 - 1 - $i1];
8395 $out[$i2] = $w[$i1];
8401 if ($i3 < length $s_s)
8403 $out[$i2] = $s[$i3];
8409 $out[$i2] = $bcodeTable[$i2 - $i1 - $i3];
8412 return substr (pack ("C*", @out), 0, $sum20);
8417 my @key_56 = split (//, shift);
8423 $key .= chr(((ord($key_56[0]) << 7) | (ord($key_56[1]) >> 1)) & 255);
8424 $key .= chr(((ord($key_56[1]) << 6) | (ord($key_56[2]) >> 2)) & 255);
8425 $key .= chr(((ord($key_56[2]) << 5) | (ord($key_56[3]) >> 3)) & 255);
8426 $key .= chr(((ord($key_56[3]) << 4) | (ord($key_56[4]) >> 4)) & 255);
8427 $key .= chr(((ord($key_56[4]) << 3) | (ord($key_56[5]) >> 5)) & 255);
8428 $key .= chr(((ord($key_56[5]) << 2) | (ord($key_56[6]) >> 6)) & 255);
8429 $key .= chr(( ord($key_56[6]) << 1) & 255);
8440 for (my $i = 0; $i < $len; $i++)
8442 my $c = get_random_chr (0, 255);
8447 return join ("", @arr);
8450 sub get_random_netntlmv1_salt
8452 my $len_user = shift;
8453 my $len_domain = shift;
8459 for (my $i = 0; $i < $len_user; $i++)
8461 $type = get_random_num (1, 3);
8465 $char = get_random_chr (0x30, 0x39);
8469 $char = get_random_chr (0x41, 0x5A);
8473 $char = get_random_chr (0x61, 0x7A);
8481 for (my $i = 0; $i < $len_domain; $i++)
8483 $type = get_random_num (1, 3);
8487 $char = get_random_chr (0x30, 0x39);
8491 $char = get_random_chr (0x41, 0x5A);
8495 $char = get_random_chr (0x61, 0x7A);
8501 my $c_challenge = randbytes (8);
8502 my $s_challenge = randbytes (8);
8504 my $salt_buf = $user . "::" . $domain . ":" . unpack ("H*", $c_challenge) . unpack ("H*", $s_challenge);
8509 sub get_random_netntlmv2_salt
8511 my $len_user = shift;
8512 my $len_domain = shift;
8518 if ($len_user + $len_domain > 27)
8520 if ($len_user > $len_domain)
8522 $len_user = 27 - $len_domain;
8526 $len_domain = 27 - $len_user;
8530 for (my $i = 0; $i < $len_user; $i++)
8532 $type = get_random_num (1, 3);
8536 $char = get_random_chr (0x30, 0x39);
8540 $char = get_random_chr (0x41, 0x5A);
8544 $char = get_random_chr (0x61, 0x7A);
8552 for (my $i = 0; $i < $len_domain; $i++)
8554 $type = get_random_num (1, 3);
8558 $char = get_random_chr (0x30, 0x39);
8562 $char = get_random_chr (0x41, 0x5A);
8566 $char = get_random_chr (0x61, 0x7A);
8572 my $c_challenge = randbytes (8);
8573 my $s_challenge = randbytes (8);
8575 my $temp = "\x01\x01" .
8580 randbytes (20 * rand () + 1) .
8583 my $salt_buf = $user . "::" . $domain . ":" . unpack ("H*", $s_challenge) . unpack ("H*", $temp);
8588 sub get_random_ike_salt
8592 for (my $i = 0; $i < 40; $i++)
8594 $nr_buf .= get_random_chr (0, 0xff);
8599 for (my $i = 0; $i < 440; $i++)
8601 $msg_buf .= get_random_chr (0, 0xff);
8604 my $nr_buf_hex = unpack ("H*", $nr_buf);
8605 my $msg_buf_hex = unpack ("H*", $msg_buf);
8607 my $salt_buf = sprintf ("%s:%s:%s:%s:%s:%s:%s:%s", substr ($msg_buf_hex, 0, 256), substr ($msg_buf_hex, 256, 256), substr ($msg_buf_hex, 512, 16), substr ($msg_buf_hex, 528, 16), substr ($msg_buf_hex, 544, 320), substr ($msg_buf_hex, 864, 16), substr ($nr_buf_hex, 0, 40), substr ($nr_buf_hex, 40, 40));
8612 sub get_random_agilekeychain_salt
8616 for (my $i = 0; $i < 8; $i++)
8618 $salt_buf .= get_random_chr (0x0, 0xff);
8623 for (my $i = 0; $i < 16; $i++)
8625 $iv .= get_random_chr (0x0, 0xff);
8628 my $prefix = "\x00" x 1008;
8630 my $ret = unpack ("H*", $salt_buf . $prefix . $iv);
8635 sub get_random_cloudkeychain_salt
8639 for (my $i = 0; $i < 16; $i++)
8641 $salt_buf .= get_random_chr (0x0, 0xff);
8644 for (my $i = 0; $i < 304; $i++)
8646 $salt_buf .= get_random_chr (0x0, 0xff);
8649 my $ret = unpack ("H*", $salt_buf);
8654 sub get_random_kerberos5_salt
8656 my $custom_salt = shift;
8658 my $clear_data = randbytes (14) .
8659 strftime ("%Y%m%d%H%M%S", localtime) .
8663 my $realm = "realm";
8666 my $salt_buf = $user . "\$" . $realm . "\$" . $salt . "\$" . unpack ("H*", $custom_salt) . "\$" . unpack ("H*", $clear_data) . "\$";
8671 sub get_random_kerberos5_tgs_salt
8673 my $nonce = randbytes (8);
8676 my $realm = "realm";
8677 my $spn = "test/spn";
8679 my $salt_buf = $user . "\$" . $realm . "\$" . $spn . "\$" . unpack ("H*",$nonce);
8684 sub get_random_axcrypt_salt
8686 my $mysalt = randbytes (16);
8688 $mysalt = unpack ("H*", $mysalt);
8690 my $iteration = get_random_num (6, 100000);
8692 my $salt_buf = $iteration . '*' . $mysalt;
8697 sub get_random_keepass_salt
8699 my $version = get_random_num (1, 3);
8705 my $final_random_seed;
8709 $algorithm = get_random_num (0, 2);
8711 $iteration = get_random_num (50000, 100000);
8713 $final_random_seed = randbytes (16);
8714 $final_random_seed = unpack ("H*", $final_random_seed);
8716 elsif ($version == 2)
8720 $iteration = get_random_num (6000, 100000);
8722 $final_random_seed = randbytes (32);
8723 $final_random_seed = unpack ("H*", $final_random_seed);
8726 my $transf_random_seed = randbytes (32);
8727 $transf_random_seed = unpack ("H*", $transf_random_seed);
8729 my $enc_iv = randbytes (16);
8730 $enc_iv = unpack ("H*", $enc_iv);
8732 my $contents_hash = randbytes (32);
8733 $contents_hash = unpack ("H*", $contents_hash);
8735 my $inline_flag = 1;
8737 my $contents_len = get_random_num (128, 500);
8739 my $contents = randbytes ($contents_len);
8741 $contents_len += 16 - $contents_len % 16;
8743 $contents = unpack ("H*", $contents);
8747 my $is_keyfile = get_random_num (0, 2);
8749 my $keyfile_attributes = "";
8751 if ($is_keyfile == 1)
8753 $keyfile_attributes = $keyfile_attributes
8755 . unpack ("H*", randbytes (32));
8760 $salt_buf = $version . '*' .
8763 $final_random_seed . '*' .
8764 $transf_random_seed . '*' .
8766 $contents_hash . '*' .
8767 $inline_flag . '*' .
8768 $contents_len . '*' .
8770 $keyfile_attributes;
8772 elsif ($version == 2)
8774 $contents = randbytes (32);
8775 $contents = unpack ("H*", $contents);
8777 $salt_buf = $version . '*' .
8780 $final_random_seed . '*' .
8781 $transf_random_seed . '*' .
8783 $contents_hash . '*' .
8785 $keyfile_attributes;
8791 sub get_pstoken_salt
8793 my $pstoken_length = get_random_num (16, 256);
8795 ## not a valid pstoken but a better test
8796 ## because of random length
8798 my $pstoken_const = randbytes ($pstoken_length);
8800 return unpack ("H*", $pstoken_const);
8803 sub get_random_md5chap_salt
8805 my $salt_buf = shift;
8807 my $salt = unpack ("H*", $salt_buf);
8811 $salt .= unpack ("H*", randbytes (1));
8816 sub get_random_dnssec_salt
8822 for (my $i = 0; $i < 8; $i++)
8824 $salt_buf .= get_random_chr (0x61, 0x7a);
8827 $salt_buf .= ".net";
8831 for (my $i = 0; $i < 8; $i++)
8833 $salt_buf .= get_random_chr (0x30, 0x39);
8846 my $byte_off = int ($bit / 8);
8847 my $bit_off = int ($bit % 8);
8849 my $char = substr ($digest, $byte_off, 1);
8850 my $num = ord ($char);
8852 return (($num & (1 << $bit_off)) ? 1 : 0);
8861 my $constant_phrase =
8862 "To be, or not to be,--that is the question:--\n" .
8863 "Whether 'tis nobler in the mind to suffer\n" .
8864 "The slings and arrows of outrageous fortune\n" .
8865 "Or to take arms against a sea of troubles,\n" .
8866 "And by opposing end them?--To die,--to sleep,--\n" .
8867 "No more; and by a sleep to say we end\n" .
8868 "The heartache, and the thousand natural shocks\n" .
8869 "That flesh is heir to,--'tis a consummation\n" .
8870 "Devoutly to be wish'd. To die,--to sleep;--\n" .
8871 "To sleep! perchance to dream:--ay, there's the rub;\n" .
8872 "For in that sleep of death what dreams may come,\n" .
8873 "When we have shuffled off this mortal coil,\n" .
8874 "Must give us pause: there's the respect\n" .
8875 "That makes calamity of so long life;\n" .
8876 "For who would bear the whips and scorns of time,\n" .
8877 "The oppressor's wrong, the proud man's contumely,\n" .
8878 "The pangs of despis'd love, the law's delay,\n" .
8879 "The insolence of office, and the spurns\n" .
8880 "That patient merit of the unworthy takes,\n" .
8881 "When he himself might his quietus make\n" .
8882 "With a bare bodkin? who would these fardels bear,\n" .
8883 "To grunt and sweat under a weary life,\n" .
8884 "But that the dread of something after death,--\n" .
8885 "The undiscover'd country, from whose bourn\n" .
8886 "No traveller returns,--puzzles the will,\n" .
8887 "And makes us rather bear those ills we have\n" .
8888 "Than fly to others that we know not of?\n" .
8889 "Thus conscience does make cowards of us all;\n" .
8890 "And thus the native hue of resolution\n" .
8891 "Is sicklied o'er with the pale cast of thought;\n" .
8892 "And enterprises of great pith and moment,\n" .
8893 "With this regard, their currents turn awry,\n" .
8894 "And lose the name of action.--Soft you now!\n" .
8895 "The fair Ophelia!--Nymph, in thy orisons\n" .
8896 "Be all my sins remember'd.\n\x00";
8898 my $constant_len = length ($constant_phrase);
8900 my $hash_buf = md5 ($pw . $salt);
8906 for (my $round = 0; $round < $iter; $round++)
8908 my $shift_a = md5bit ($hash_buf, $round + 0);
8909 my $shift_b = md5bit ($hash_buf, $round + 64);
8914 for (my $k = 0; $k < 16; $k++)
8916 my $s7shift = ord (substr ($hash_buf, $k, 1)) % 8;
8918 my $l = ($k + 3) % 16;
8920 my $num = ord (substr ($hash_buf, $l, 1));
8922 $shift_4[$k] = $num % 5;
8924 $shift_7[$k] = ($num >> $s7shift) & 1;
8929 for (my $k = 0; $k < 16; $k++)
8931 $indirect_4[$k] = (ord (substr ($hash_buf, $k, 1)) >> $shift_4[$k]) & 0xf;
8936 for (my $k = 0; $k < 16; $k++)
8938 $indirect_7[$k] = (ord (substr ($hash_buf, $indirect_4[$k], 1)) >> $shift_7[$k]) & 0x7f;
8944 for (my $k = 0; $k < 8; $k++)
8946 $indirect_a |= md5bit ($hash_buf, $indirect_7[$k + 0]) << $k;
8948 $indirect_b |= md5bit ($hash_buf, $indirect_7[$k + 8]) << $k;
8951 $indirect_a = ($indirect_a >> $shift_a) & 0x7f;
8952 $indirect_b = ($indirect_b >> $shift_b) & 0x7f;
8954 my $bit_a = md5bit ($hash_buf, $indirect_a);
8955 my $bit_b = md5bit ($hash_buf, $indirect_b);
8965 if ($bit_a ^ $bit_b)
8967 substr ($W, 16, 48) = substr ($constant_phrase, 0, 48);
8971 $to_hash .= substr ($W, 0, 64);
8975 for ($constant_off = 48; $constant_off < $constant_len - 64; $constant_off += 64)
8977 substr ($W, 0, 64) = substr ($constant_phrase, $constant_off, 64);
8981 $to_hash .= substr ($W, 0, 64);
8984 $pos = $constant_len - $constant_off;
8988 substr ($W, 0, $pos) = substr ($constant_phrase, $constant_off, $pos);
9003 my $round_div = int ($tmp / 10);
9004 my $round_mod = int ($tmp % 10);
9008 $a_buf[int ($a_len / 4)] = (($round_mod + 0x30) | ($a_buf[int ($a_len / 4)] << 8));
9018 for ($g = 0; $g < $a_len; $g++)
9020 my $remainder = $a_buf[$g];
9026 while ($remainder > 0)
9028 $sub = $remainder >> (8 * $factor);
9030 if ($started != 1 || $sub > 0)
9034 $tmp_str = chr ($sub) . $tmp_str;
9036 $remainder -= ($sub << (8 * $factor));
9044 substr ($W, $pos, $a_len) = $tmp_str;
9050 $to_hash .= substr ($W, 0, $pos);
9052 $to_hash = substr ($to_hash, 0, $total);
9054 $hash_buf = md5 ($to_hash);
9059 $passwd .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 6, 1))) << 8) | (int (ord (substr ($hash_buf, 12, 1)))), 4);
9060 $passwd .= to64 ((int (ord (substr ($hash_buf, 1, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 13, 1)))), 4);
9061 $passwd .= to64 ((int (ord (substr ($hash_buf, 2, 1))) << 16) | (int (ord (substr ($hash_buf, 8, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
9062 $passwd .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 9, 1))) << 8) | (int (ord (substr ($hash_buf, 15, 1)))), 4);
9063 $passwd .= to64 ((int (ord (substr ($hash_buf, 4, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
9064 $passwd .= to64 ((int (ord (substr ($hash_buf, 11, 1)))), 2);
9071 die ("usage: $0 single|passthrough| [mode] [len]\n" .
9073 " $0 verify [mode] [hashfile] [cracks] [outfile]\n");
9078 my $block_ref = shift;
9082 my $value = 16 - $offset;
9084 for (my $i = $offset; $i < 16; $i++)
9086 push @{$block_ref}, $value;
9096 for (my $i = 0; $i < 18; $i++)
9098 for (my $j = 0; $j < 48; $j++)
9100 $p = ($p + 48 - $j) & 0xff;
9102 my $c = $lotus_magic_table[$p];
9104 $p = $in_ref->[$j] ^ $c;
9111 sub lotus_transform_password
9114 my $out_ref = shift;
9116 my $t = $out_ref->[15];
9118 for (my $i = 0; $i < 16; $i++)
9120 $t ^= $in_ref->[$i];
9122 my $c = $lotus_magic_table[$t];
9124 $out_ref->[$i] ^= $c;
9126 $t = $out_ref->[$i];
9130 sub mdtransform_norecalc
9132 my $state_ref = shift;
9133 my $block_ref = shift;
9137 push (@x, @{$state_ref});
9138 push (@x, @{$block_ref});
9140 for (my $i = 0; $i < 16; $i++)
9142 push (@x, $x[0 + $i] ^ $x[16 + $i]);
9147 for (my $i = 0; $i < 16; $i++)
9149 $state_ref->[$i] = $x[$i];
9155 my $state_ref = shift;
9156 my $checksum_ref = shift;
9157 my $block_ref = shift;
9159 mdtransform_norecalc ($state_ref, $block_ref);
9161 lotus_transform_password ($block_ref, $checksum_ref);
9166 my $saved_key_ref = shift;
9170 @{$saved_key_ref} = splice (@{$saved_key_ref}, 0, $size);
9172 my @state = (0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
9178 for ($curpos = 0; $curpos + 16 < $size; $curpos += 16)
9180 my $curpos16 = $curpos + 16;
9182 my @block = splice (@{$saved_key_ref}, 0, 16);
9184 mdtransform (\@state, \@checksum, \@block);
9187 my $left = $size - $curpos;
9189 my @block = splice (@{$saved_key_ref}, 0, 16);
9191 pad16 (\@block, $left);
9193 mdtransform (\@state, \@checksum, \@block);
9195 mdtransform_norecalc (\@state, \@checksum);
9200 sub pdf_compute_encryption_key
9202 my $word_buf = shift;
9203 my $padding = shift;
9218 $data .= substr ($padding, 0, 32 - length $word_buf);
9220 $data .= pack ("H*", $o);
9222 $data .= pack ("I", $P);
9224 $data .= pack ("H*", $id);
9230 $data .= pack ("I", -1);
9234 my $res = md5 ($data);
9238 for (my $i = 0; $i < 50; $i++)
9247 sub gen_random_wpa_eapol
9256 my $version = 1; # 802.1X-2001
9258 $ret .= pack ("C*", $version);
9260 my $type = 3; # means that this EAPOL frame is used to transfer key information
9262 $ret .= pack ("C*", $type);
9264 my $length; # length of remaining data
9275 $ret .= pack ("n*", $length);
9277 my $descriptor_type;
9281 $descriptor_type = 254; # EAPOL WPA key
9285 $descriptor_type = 1; # EAPOL RSN key
9288 $ret .= pack ("C*", $descriptor_type);
9290 # key_info is a bit vector:
9291 # generated from these 13 bits: encrypted key data, request, error, secure, key mic, key ack, install, key index (2), key type, key descriptor (3)
9295 $key_info |= 1 << 8; # set key MIC
9296 $key_info |= 1 << 3; # set if it is a pairwise key
9300 $key_info |= 1 << 0; # RC4 Cipher, HMAC-MD5 MIC
9304 $key_info |= 1 << 1; # AES Cipher, HMAC-SHA1 MIC
9307 $ret .= pack ("n*", $key_info);
9320 $ret .= pack ("n*", $key_length);
9322 my $replay_counter = 1;
9324 $ret .= pack ("Q>*", $replay_counter);
9328 my $key_iv = "\x00" x 16;
9332 my $key_rsc = "\x00" x 8;
9336 my $key_id = "\x00" x 8;
9340 my $key_mic = "\x00" x 16;
9348 $key_data_len = 24; # length of the key_data (== WPA info)
9352 $key_data_len = 22; # length of the key_data (== RSN info)
9355 $ret .= pack ("n*", $key_data_len);
9365 my $vendor_specific_data = "";
9367 my $tag_number = 221; # means it is a vendor specific tag
9369 $vendor_specific_data .= pack ("C*", $tag_number);
9371 my $tag_len = 22; # length of the remaining "tag data"
9373 $vendor_specific_data .= pack ("C*", $tag_len);
9375 my $vendor_specific_oui = pack ("H*", "0050f2"); # microsoft
9377 $vendor_specific_data .= $vendor_specific_oui;
9379 my $vendor_specific_oui_type = 1; # WPA Information Element
9381 $vendor_specific_data .= pack ("C*", $vendor_specific_oui_type);
9383 my $vendor_specific_wpa_version = 1;
9385 $vendor_specific_data .= pack ("v*", $vendor_specific_wpa_version);
9389 my $vendor_specific_multicast_oui = pack ("H*", "0050f2");
9391 $vendor_specific_data .= $vendor_specific_multicast_oui;
9393 my $vendor_specific_multicast_type = 2; # TKIP
9395 $vendor_specific_data .= pack ("C*", $vendor_specific_multicast_type);
9399 my $vendor_specific_unicast_count = 1;
9401 $vendor_specific_data .= pack ("v*", $vendor_specific_unicast_count);
9403 my $vendor_specific_unicast_oui = pack ("H*", "0050f2");
9405 $vendor_specific_data .= $vendor_specific_multicast_oui;
9407 my $vendor_specific_unicast_type = 2; # TKIP
9409 $vendor_specific_data .= pack ("C*", $vendor_specific_unicast_type);
9411 # Auth Key Management (AKM)
9413 my $auth_key_management_count = 1;
9415 $vendor_specific_data .= pack ("v*", $auth_key_management_count);
9417 my $auth_key_management_oui = pack ("H*", "0050f2");
9419 $vendor_specific_data .= $auth_key_management_oui;
9421 my $auth_key_management_type = 2; # Pre-Shared Key (PSK)
9423 $vendor_specific_data .= pack ("C*", $auth_key_management_type);
9425 $wpa_info = $vendor_specific_data;
9427 $key_data = $wpa_info;
9435 my $tag_number = 48; # RSN info
9437 $rsn_info .= pack ("C*", $tag_number);
9439 my $tag_len = 20; # length of the remaining "tag_data"
9441 $rsn_info .= pack ("C*", $tag_len);
9443 my $rsn_version = 1;
9445 $rsn_info .= pack ("v*", $rsn_version);
9447 # group cipher suite
9449 my $group_cipher_suite_oui = pack ("H*", "000fac"); # Ieee8021
9451 $rsn_info .= $group_cipher_suite_oui;
9453 my $group_cipher_suite_type = 4; # AES (CCM)
9455 $rsn_info .= pack ("C*", $group_cipher_suite_type);
9457 # pairwise cipher suite
9459 my $pairwise_cipher_suite_count = 1;
9461 $rsn_info .= pack ("v*", $pairwise_cipher_suite_count);
9463 my $pairwise_cipher_suite_oui = pack ("H*", "000fac"); # Ieee8021
9465 $rsn_info .= $pairwise_cipher_suite_oui;
9467 my $pairwise_cipher_suite_type = 4; # AES (CCM)
9469 $rsn_info .= pack ("C*", $pairwise_cipher_suite_type);
9471 # Auth Key Management (AKM)
9473 my $auth_key_management_count = 1;
9475 $rsn_info .= pack ("v*", $auth_key_management_count);
9477 my $auth_key_management_oui = pack ("H*", "000fac"); # Ieee8021
9479 $rsn_info .= $auth_key_management_oui;
9481 my $auth_key_management_type = 2; # Pre-Shared Key (PSK)
9483 $rsn_info .= pack ("C*", $auth_key_management_type);
9487 # bit vector of these 9 bits: peerkey enabled, management frame protection (MFP) capable, MFP required,
9488 # RSN GTKSA Capabilities (2), RSN PTKSA Capabilities (2), no pairwise Capabilities, Pre-Auth Capabilities
9490 my $rsn_capabilities = pack ("H*", "0000");
9492 $rsn_info .= $rsn_capabilities;
9494 $key_data = $rsn_info;
9510 my $data = "Pairwise key expansion";
9515 # Min(AA, SPA) || Max(AA, SPA)
9518 # compare if greater: Min()/Max() on the MACs (6 bytes)
9520 if (memcmp ($stmac, $bssid, 6) < 0)
9532 # Min(ANonce,SNonce) || Max(ANonce,SNonce)
9535 # compare if greater: Min()/Max() on the nonces (32 bytes)
9537 if (memcmp ($snonce, $anonce, 32) < 0)
9550 my $prf_buf = hmac ($data, $pmk, \&sha1);
9552 $prf_buf = substr ($prf_buf, 0, 16);
9563 my $len_str1 = length ($str1);
9564 my $len_str2 = length ($str2);
9566 if (($len > $len_str1) || ($len > $len_str2))
9568 print "ERROR: memcmp () lengths wrong";
9573 for (my $i = 0; $i < $len; $i++)
9575 my $c_1 = ord (substr ($str1, $i, 1));
9576 my $c_2 = ord (substr ($str2, $i, 1));
9578 return -1 if ($c_1 < $c_2);
9579 return 1 if ($c_1 > $c_2);