+ $hash_buf = pack ("H*", $php_output);
+
+ $hash_buf = encode_base64 ($hash_buf);
+ $hash_buf =~ s/[\r\n]//g;
+
+ my $base64_salt_buf = encode_base64 ($salt_buf);
+
+ chomp ($base64_salt_buf);
+
+ $tmp_hash = sprintf ("md5:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
+ }
+ elsif ($mode == 12000)
+ {
+ my $iterations = 1000;
+
+ if (length ($iter))
+ {
+ $iterations = int ($iter);
+ }
+
+ my $out_len = 16;
+
+ if (defined $additional_param)
+ {
+ $out_len = $additional_param;
+ }
+
+ my $pbkdf2 = Crypt::PBKDF2->new
+ (
+ hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1'),
+ iterations => $iterations,
+ output_len => $out_len
+ );
+
+ $hash_buf = encode_base64 ($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
+ $hash_buf =~ s/[\r\n]//g;
+
+ my $base64_salt_buf = encode_base64 ($salt_buf);
+
+ chomp ($base64_salt_buf);
+
+ $tmp_hash = sprintf ("sha1:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
+ }
+ elsif ($mode == 12100)
+ {
+ my $iterations = 1000;
+
+ if (length ($iter))
+ {
+ $iterations = int ($iter);
+ }
+
+ my $out_len = 16;
+
+ if (defined $additional_param)
+ {
+ $out_len = $additional_param;
+ }
+
+ my $pbkdf2 = Crypt::PBKDF2->new
+ (
+ hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 512),
+ iterations => $iterations,
+ output_len => $out_len
+ );
+
+ $hash_buf = encode_base64 ($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
+ $hash_buf =~ s/[\r\n]//g;
+
+ my $base64_salt_buf = encode_base64 ($salt_buf);
+
+ chomp ($base64_salt_buf);
+
+ $tmp_hash = sprintf ("sha512:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
+ }
+ elsif ($mode == 12200)
+ {
+ my $iterations = 65536;
+
+ my $default_salt = 0;
+
+ if (defined $additional_param)
+ {
+ $default_salt = int ($additional_param);
+ }
+
+ if ($default_salt == 1)
+ {
+ $salt_buf = "0011223344556677";
+ }
+
+ $hash_buf = sha512 (pack ("H*", $salt_buf) . $word_buf);
+
+ for (my $i = 0; $i < $iterations; $i++)
+ {
+ $hash_buf = sha512 ($hash_buf);
+ }
+
+ $hash_buf = unpack ("H*", $hash_buf);
+ $hash_buf = substr ($hash_buf, 0, 16);
+
+ if ($default_salt == 0)
+ {
+ $tmp_hash = sprintf ("\$ecryptfs\$0\$1\$%s\$%s", $salt_buf, $hash_buf);
+ }
+ else
+ {
+ $tmp_hash = sprintf ("\$ecryptfs\$0\$%s", $hash_buf);
+ }
+ }
+ elsif ($mode == 12300)
+ {
+ my $iterations = 4096;
+
+ my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 512);
+
+ my $pbkdf2 = Crypt::PBKDF2->new (
+ hasher => $hasher,
+ iterations => $iterations,
+ output_len => 64
+ );
+
+ my $salt_bin = pack ("H*", $salt_buf);
+
+ my $key = $pbkdf2->PBKDF2 ($salt_bin. "AUTH_PBKDF2_SPEEDY_KEY", $word_buf);
+
+ $hash_buf = sha512_hex ($key . $salt_bin);
+
+ $tmp_hash = sprintf ("%s%s", uc ($hash_buf), uc ($salt_buf));
+ }
+ elsif ($mode == 12400)
+ {
+ my $iterations;
+
+ if (length ($iter))
+ {
+ $iterations = int ($iter);
+ }
+ else
+ {
+ $iterations = get_random_num (1, 5001 + 1);
+ }
+
+ my $key_value = fold_password ($word_buf);
+
+ my $data = "\x00\x00\x00\x00\x00\x00\x00\x00";
+ my $salt_value = base64_to_int24 ($salt_buf);
+
+ $hash_buf = crypt_rounds ($key_value, $iterations, $salt_value, $data);
+
+ $tmp_hash = sprintf ("_%s%s%s", int24_to_base64 ($iterations), $salt_buf, block_to_base64 ($hash_buf));
+ }
+ elsif ($mode == 12600)
+ {
+ $hash_buf = sha1_hex ($word_buf);
+
+ $hash_buf = sha256_hex ($salt_buf . uc $hash_buf);
+
+ $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
+ }
+ elsif ($mode == 12700)
+ {
+ my $iterations = 10;
+
+ my $data = qq|{
+ "guid" : "00000000-0000-0000-0000-000000000000",
+ "sharedKey" : "00000000-0000-0000-0000-000000000000",
+ "options" : {"pbkdf2_iterations":10,"fee_policy":0,"html5_notifications":false,"logout_time":600000,"tx_display":0,"always_keep_local_backup":false}|;
+
+ my $salt_buf_bin = pack ("H*", $salt_buf);
+
+ my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1');
+
+ my $pbkdf2 = Crypt::PBKDF2->new (
+ hasher => $hasher,
+ iterations => $iterations,
+ output_len => 32
+ );
+
+ my $key = $pbkdf2->PBKDF2 ($salt_buf_bin, $word_buf);
+
+ my $cipher = Crypt::CBC->new ({
+ key => $key,
+ cipher => "Crypt::Rijndael",
+ iv => $salt_buf_bin,
+ literal_key => 1,
+ header => "none",
+ keysize => 32
+ });
+
+ my $encrypted = unpack ("H*", $cipher->encrypt ($data));
+
+ $tmp_hash = sprintf ("\$blockchain\$%s\$%s", length ($salt_buf . $encrypted) / 2, $salt_buf . $encrypted);
+ }
+ elsif ($mode == 12800)
+ {
+ my $iterations = 100;
+
+ if (length ($iter))
+ {
+ $iterations = int ($iter);
+ }
+
+ my $nt = md4_hex (encode ("UTF-16LE", $word_buf));
+
+ my $pbkdf2 = Crypt::PBKDF2->new
+ (
+ hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
+ iterations => $iterations,
+ output_len => 32
+ );
+
+ my $salt_buf_bin = pack ("H*", $salt_buf);
+
+ my $hash = $pbkdf2->PBKDF2 ($salt_buf_bin, uc (encode ("UTF-16LE", $nt)));
+
+ $tmp_hash = sprintf ("v1;PPH1_MD4,%s,%d,%s", $salt_buf, $iterations, unpack ("H*", $hash));
+ }
+ elsif ($mode == 12900)
+ {
+ my $iterations = 4096;
+
+ if (length ($iter))
+ {
+ $iterations = int ($iter);
+ }
+
+ my $salt2 = $salt_buf . $salt_buf;
+
+ if (defined $additional_param)
+ {
+ $salt2 = $additional_param;
+ }
+
+ my $pbkdf2 = Crypt::PBKDF2->new
+ (
+ hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
+ iterations => $iterations,
+ output_len => 32
+ );
+
+ my $salt_buf_bin = pack ("H*", $salt_buf);
+
+ my $hash = $pbkdf2->PBKDF2 ($salt_buf_bin, $word_buf);
+
+ my $salt2_bin = pack ("H*", $salt2);
+
+ my $hash_hmac = hmac_hex ($salt2_bin, $hash, \&sha256, 64);
+
+ $tmp_hash = sprintf ("%s%s%s", $salt2, $hash_hmac, $salt_buf);
+ }
+ elsif ($mode == 13000)
+ {
+ my $iterations = 15;
+
+ if (length ($iter))
+ {
+ $iterations = int ($iter);
+ }
+
+ my $iv = "0" x 32;
+
+ if (defined $additional_param)
+ {
+ $iv = $additional_param;
+ }
+
+ my $pbkdf2 = Crypt::PBKDF2->new
+ (
+ hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
+ iterations => (1 << $iterations) + 32,
+ output_len => 32
+ );
+
+ my $salt_buf_bin = pack ("H*", $salt_buf);
+
+ my $hash = $pbkdf2->PBKDF2 ($salt_buf_bin, $word_buf);
+
+ my $hash_final = substr ($hash, 0, 8)
+ ^ substr ($hash, 8, 8)
+ ^ substr ($hash, 16, 8)
+ ^ substr ($hash, 24, 8);
+
+ $tmp_hash = sprintf ('$rar5$16$%s$%d$%s$8$%s', $salt_buf, $iterations, $iv, unpack ("H*", $hash_final));
+ }
+ elsif ($mode == 13100)
+ {
+ my @salt_arr = split ('\$', $salt_buf);
+
+ my $user = $salt_arr[0];
+
+ my $realm = $salt_arr[1];
+
+ my $spn = $salt_arr[2];
+
+ my $k = md4 (encode ("UTF-16LE", $word_buf));
+
+ my $k1 = hmac_md5 ("\x02\x00\x00\x00", $k);
+
+ my $cleartext_ticket = '6381b03081ada00703050050a00000a11b3019a003020117a1'.
+ '12041058e0d77776e8b8e03991f2966939222aa2171b154d594b5242544553542e434f4e5'.
+ '44f534f2e434f4da3133011a003020102a10a30081b067472616e6365a40b3009a0030201'.
+ '01a1020400a511180f32303136303231353134343735305aa611180f32303136303231353'.
+ '134343735305aa711180f32303136303231363030343735305aa811180f32303136303232'.
+ '323134343735305a';
+
+ my $checksum = "";
+
+ if (defined $additional_param)
+ {
+ $checksum = pack ("H*", $additional_param);
+ }
+ else
+ {
+ my $nonce = $salt_arr[3];
+
+ $cleartext_ticket = $nonce . $cleartext_ticket;
+
+ $checksum = hmac_md5 (pack ("H*", $cleartext_ticket), $k1);
+ }
+
+ my $k3 = hmac_md5 ($checksum, $k1);
+
+ my $edata2 = "";
+
+ if (defined $additional_param2)
+ {
+ $edata2 = $additional_param2;
+
+ my $cipher_decrypt = Crypt::RC4->new ($k3);
+
+ my $ticket_decrypt = unpack ("H*", $cipher_decrypt->RC4 (pack ("H*", $edata2)));
+
+ my $check_correct = ((substr ($ticket_decrypt, 16, 4) eq "6381" && substr ($ticket_decrypt, 22, 2) eq "30") ||
+ (substr ($ticket_decrypt, 16, 4) eq "6382")) &&
+ ((substr ($ticket_decrypt, 32, 6) eq "030500") ||
+ (substr ($ticket_decrypt, 32, 8) eq "050307A0"));
+
+ if ($check_correct == 1)
+ {
+ $cleartext_ticket = $ticket_decrypt;
+ }
+ else # validation failed
+ {
+ # fake/wrong ticket (otherwise if we just decrypt/encrypt we end up with false positives all the time)
+ $cleartext_ticket = "0" x (length ($cleartext_ticket) + 16);
+ }
+ }
+
+ my $cipher = Crypt::RC4->new ($k3);
+
+ $edata2 = $cipher->RC4 (pack ("H*", $cleartext_ticket));
+
+ $tmp_hash = sprintf ('$krb5tgs$23$*%s$%s$%s*$%s$%s', $user, $realm, $spn, unpack ("H*", $checksum), unpack ("H*", $edata2));
+ }
+ elsif ($mode == 13200)
+ {
+ my @salt_arr = split ('\*', $salt_buf);
+
+ my $iteration = $salt_arr[0];
+
+ my $mysalt = $salt_arr[1];
+
+ $mysalt = pack ("H*", $mysalt);
+
+ my $iv = "a6a6a6a6a6a6a6a6";
+
+ my $KEK = sha1 ($word_buf);
+
+ $KEK = substr ($KEK ^ $mysalt, 0, 16);
+
+ my $aes = Crypt::Mode::ECB->new ('AES');
+
+ my $B;
+
+ my $A;
+
+ my @R = ();
+
+ if (defined $additional_param)
+ {
+ $additional_param = pack ("H*", $additional_param);
+
+ $A = substr ($additional_param, 0, 8);
+ $B = 0x00 x 8;
+
+ $R[1] = substr ($additional_param, 8, 8);
+ $R[2] = substr ($additional_param, 16, 8);
+
+ for (my $j = $iteration - 1; $j >= 0; $j--)
+ {
+ $A = substr ($A, 0, 8) ^ pack ("l", (2 * $j + 2));
+
+ $B = $R[2];
+
+ $A = $aes->decrypt ($A . $B . "\x00" x 16, $KEK);
+
+ $R[2] = substr ($A, 8, 16);
+
+ $A = substr ($A, 0, 8) ^ pack ("l", (2 * $j + 1));
+
+ $B = $R[1];
+
+ $A = $aes->decrypt ($A . $B . "\x00" x 16, $KEK);
+
+ $R[1] = substr ($A, 8, 16);
+ }
+
+ # check if valid
+ if (index ($A, "\xa6\xa6\xa6\xa6\xa6\xa6\xa6\xa6") != 0)
+ {
+ # fake wrong @R and $A values
+
+ @R = ('', "\x00" x 8, "\x00" x 8);
+
+ $A = "\x00" x 16;
+ }
+ }
+ else
+ {
+ my $DEK = randbytes (16);
+
+ @R = ('', substr (pack ("H*", $DEK), 0, 8), substr (pack ("H*", $DEK), 8, 16));
+
+ $A = pack ("H*", $iv);
+ }
+
+ for (my $j = 0; $j < $iteration; $j++)
+ {
+ $B = $aes->encrypt ($A . $R[1], $KEK);
+
+ $A = substr ($B, 0, 8) ^ pack ("q", (2 * $j + 1));
+
+ $R[1] = substr ($B, 8, 16);
+
+ $B = $aes->encrypt ($A . $R[2], $KEK);
+
+ $A = substr ($B, 0, 8) ^ pack ("q", (2 * $j + 2));
+
+ $R[2] = substr ($B, 8, 16);
+ }
+
+ my $wrapped_key = unpack ("H*", $A . substr ($R[1], 0 ,8) . substr ($R[2], 0 ,8));
+
+ $mysalt = unpack ("H*", $mysalt);
+
+ $tmp_hash = sprintf ('$axcrypt$*1*%s*%s*%s', $iteration, $mysalt, $wrapped_key);
+ }
+ elsif ($mode == 13300)
+ {
+ $hash_buf = sha1_hex ($word_buf);
+
+ $tmp_hash = sprintf ('$axcrypt_sha1$%s', substr ($hash_buf, 0, 32));
+ }
+ elsif ($mode == 13400)
+ {
+ my @salt_arr = split ('\*', $salt_buf);
+
+ my $version = $salt_arr[0];
+
+ my $iteration = $salt_arr[1];
+
+ my $algorithm = $salt_arr[2];
+
+ my $final_random_seed = $salt_arr[3];
+
+ my $transf_random_seed = $salt_arr[4];
+
+ my $enc_iv = $salt_arr[5];
+
+ my $contents_hash;
+
+ # specific to version 1
+ my $inline_flag;
+ my $contents_len;
+ my $contents;
+
+ # specific to version 2
+ my $expected_bytes;
+
+ # specific to keyfile handling
+ my $inline_keyfile_flag;
+ my $keyfile_len;
+ my $keyfile_content;
+ my $keyfile_attributes = "";
+
+ $final_random_seed = pack ("H*", $final_random_seed);
+
+ $transf_random_seed = pack ("H*", $transf_random_seed);
+
+ $enc_iv = pack ("H*", $enc_iv);
+
+ my $intermediate_hash = sha256 ($word_buf);
+
+ if ($version == 1)
+ {
+ $contents_hash = $salt_arr[6];
+
+ $contents_hash = pack ("H*", $contents_hash);
+
+ $inline_flag = $salt_arr[7];
+
+
+ $contents_len = $salt_arr[8];
+
+
+ $contents = $salt_arr[9];