#define MARKOV_DISABLE 0
#define MARKOV_CLASSIC 0
#define BENCHMARK 0
-#define BENCHMARK_REPEATS 2
+#define BENCHMARK_REPEATS 100
#define RESTORE 0
#define RESTORE_TIMER 60
#define RESTORE_DISABLE 0
#define MAX_DICTSTAT 10000
-#define NUM_DEFAULT_BENCHMARK_ALGORITHMS 133
+#define NUM_DEFAULT_BENCHMARK_ALGORITHMS 135
#define global_free(attr) \
{ \
6600,
8200,
11300,
- 12700
+ 12700,
+ 13400,
+ 125
};
/**
" --remove Enable remove of hash once it is cracked",
" --remove-timer=NUM Update input hash file each NUM seconds",
" --potfile-disable Do not write potfile",
+ " --potfile-path Specific path to potfile",
" --debug-mode=NUM Defines the debug mode (hybrid only by using rules), see references below",
" --debug-file=FILE Output file for debugging rules (see also --debug-mode)",
" --induction-dir=FOLDER Specify induction directory to use, default is $session.induct",
" 8500 = RACF",
" 7200 = GRUB 2",
" 9900 = Radmin2",
+ " 125 = ArubaOS",
"",
"[[ Enterprise Application Software (EAS) ]]",
"",
" 8200 = 1Password, cloudkeychain",
" 11300 = Bitcoin/Litecoin wallet.dat",
" 12700 = Blockchain, My Wallet",
+ " 13400 = Keepass 1 (AES/Twofish) and Keepass 2 (AES)",
"",
NULL
};
if (device_param->skipped) continue;
- u64 speed_cnt = 0;
- float speed_ms = 0;
+ u64 speed_cnt = 0;
+ double speed_ms = 0;
for (int i = 0; i < SPEED_CACHE; i++)
{
- float rec_ms;
+ double rec_ms;
hc_timer_get (device_param->speed_rec[i], rec_ms);
{
wpa_t *wpa = (wpa_t *) data.esalts_buf;
- uint pke[25] = { 0 };
-
- char *pke_ptr = (char *) pke;
-
- for (uint i = 0; i < 25; i++)
- {
- pke[i] = byte_swap_32 (wpa->pke[i]);
- }
-
- char mac1[6] = { 0 };
- char mac2[6] = { 0 };
-
- memcpy (mac1, pke_ptr + 23, 6);
- memcpy (mac2, pke_ptr + 29, 6);
-
log_info ("Hash.Target....: %s (%02x:%02x:%02x:%02x:%02x:%02x <-> %02x:%02x:%02x:%02x:%02x:%02x)",
(char *) data.salts_buf[0].salt_buf,
- mac1[0] & 0xff,
- mac1[1] & 0xff,
- mac1[2] & 0xff,
- mac1[3] & 0xff,
- mac1[4] & 0xff,
- mac1[5] & 0xff,
- mac2[0] & 0xff,
- mac2[1] & 0xff,
- mac2[2] & 0xff,
- mac2[3] & 0xff,
- mac2[4] & 0xff,
- mac2[5] & 0xff);
+ wpa->orig_mac1[0],
+ wpa->orig_mac1[1],
+ wpa->orig_mac1[2],
+ wpa->orig_mac1[3],
+ wpa->orig_mac1[4],
+ wpa->orig_mac1[5],
+ wpa->orig_mac2[0],
+ wpa->orig_mac2[1],
+ wpa->orig_mac2[2],
+ wpa->orig_mac2[3],
+ wpa->orig_mac2[4],
+ wpa->orig_mac2[5]);
}
else if (data.hash_mode == 5200)
{
* speed new
*/
- u64 speed_cnt[DEVICES_MAX] = { 0 };
- float speed_ms[DEVICES_MAX] = { 0 };
+ u64 speed_cnt[DEVICES_MAX] = { 0 };
+ double speed_ms[DEVICES_MAX] = { 0 };
for (uint device_id = 0; device_id < data.devices_cnt; device_id++)
{
for (int i = 0; i < SPEED_CACHE; i++)
{
- float rec_ms;
+ double rec_ms;
hc_timer_get (device_param->speed_rec[i], rec_ms);
* timers
*/
- float ms_running = 0;
+ double ms_running = 0;
hc_timer_get (data.timer_running, ms_running);
- float ms_paused = data.ms_paused;
+ double ms_paused = data.ms_paused;
if (data.devices_status == STATUS_PAUSED)
{
- float ms_paused_tmp = 0;
+ double ms_paused_tmp = 0;
hc_timer_get (data.timer_paused, ms_paused_tmp);
}
}
- float ms_real = ms_running - ms_paused;
+ double ms_real = ms_running - ms_paused;
float cpt_avg_min = (float) data.cpt_total / ((ms_real / 1000) / 60);
float cpt_avg_hour = (float) data.cpt_total / ((ms_real / 1000) / 3600);
static void status_benchmark ()
{
- if (data.devices_status == STATUS_INIT) return;
+ if (data.devices_status == STATUS_INIT) return;
if (data.devices_status == STATUS_STARTING) return;
if (data.words_cnt == 0) return;
- u64 speed_cnt[DEVICES_MAX] = { 0 };
- float speed_ms[DEVICES_MAX] = { 0 };
+ u64 speed_cnt[DEVICES_MAX] = { 0 };
+ double speed_ms[DEVICES_MAX] = { 0 };
for (uint device_id = 0; device_id < data.devices_cnt; device_id++)
{
if (device_param->skipped) continue;
- speed_cnt[device_id] = 0;
- speed_ms[device_id] = 0;
-
- for (int i = 0; i < SPEED_CACHE; i++)
- {
- speed_cnt[device_id] += device_param->speed_cnt[i];
- speed_ms[device_id] += device_param->speed_ms[i];
- }
-
- speed_cnt[device_id] /= SPEED_CACHE;
- speed_ms[device_id] /= SPEED_CACHE;
+ speed_cnt[device_id] = device_param->speed_cnt[0];
+ speed_ms[device_id] = device_param->speed_ms[0];
}
float hashes_all_ms = 0;
if (event_update)
{
- float exec_time;
+ double exec_time;
hc_timer_get (timer, exec_time);
if (data.benchmark == 1)
{
- for (u32 i = 0; i < data.benchmark_repeats; i++)
+ double exec_ms_avg_prev = get_avg_exec_time (device_param, EXEC_CACHE);
+
+ // a few caching rounds
+
+ for (u32 i = 0; i < 2; i++)
+ {
+ hc_timer_set (&device_param->timer_speed);
+
+ choose_kernel (device_param, data.attack_exec, data.attack_mode, data.opts_type, salt_buf, highest_pw_len, pws_cnt);
+
+ double exec_ms_avg = get_avg_exec_time (device_param, EXEC_CACHE);
+
+ exec_ms_avg_prev = exec_ms_avg;
+ }
+
+ // benchmark_repeats became a maximum possible repeats
+
+ for (u32 i = 2; i < data.benchmark_repeats; i++)
{
+ hc_timer_set (&device_param->timer_speed);
+
choose_kernel (device_param, data.attack_exec, data.attack_mode, data.opts_type, salt_buf, highest_pw_len, pws_cnt);
+
+ double exec_ms_avg = get_avg_exec_time (device_param, EXEC_CACHE);
+
+ if ((exec_ms_avg_prev / exec_ms_avg) < 1.001) break;
+
+ exec_ms_avg_prev = exec_ms_avg;
}
}
u64 perf_sum_all = (u64) pws_cnt * (u64) innerloop_left;
- if (data.benchmark == 1)
- {
- perf_sum_all = (perf_sum_all * data.benchmark_repeats) + perf_sum_all;
- }
-
hc_thread_mutex_lock (mux_counter);
data.words_progress_done[salt_pos] += perf_sum_all;
* speed
*/
- float speed_ms;
+ double speed_ms;
hc_timer_get (device_param->timer_speed, speed_ms);
hc_thread_mutex_lock (mux_display);
+ // current speed
+
device_param->speed_cnt[speed_pos] = perf_sum_all;
device_param->speed_ms[speed_pos] = speed_ms;
speed_pos = 0;
}
+ // average speed
+
+ device_param->speed_cnt_total += perf_sum_all;
+
+ device_param->speed_ms_total += speed_ms;
+
/**
* benchmark
*/
wpa_t *wpas = (wpa_t *) data.esalts_buf;
wpa_t *wpa = &wpas[salt_pos];
- uint pke[25] = { 0 };
-
- char *pke_ptr = (char *) pke;
-
- for (uint i = 0; i < 25; i++)
- {
- pke[i] = byte_swap_32 (wpa->pke[i]);
- }
-
- u8 mac1[6] = { 0 };
- u8 mac2[6] = { 0 };
-
- memcpy (mac1, pke_ptr + 23, 6);
- memcpy (mac2, pke_ptr + 29, 6);
-
// compare hex string(s) vs binary MAC address(es)
for (uint i = 0, j = 0; i < 6; i++, j += 2)
{
- if (mac1[i] != hex_to_u8 ((const u8 *) &mac1_pos[j]))
+ if (wpa->orig_mac1[i] != hex_to_u8 ((const u8 *) &mac1_pos[j]))
{
cracked = 0;
+
break;
}
}
for (uint i = 0, j = 0; i < 6; i++, j += 2)
{
- if (mac2[i] != hex_to_u8 ((const u8 *) &mac2_pos[j]))
+ if (wpa->orig_mac2[i] != hex_to_u8 ((const u8 *) &mac2_pos[j]))
{
cracked = 0;
+
break;
}
}
if (getenv ("GPU_USE_SYNC_OBJECTS") == NULL)
putenv ((char *) "GPU_USE_SYNC_OBJECTS=1");
+ if (getenv ("CUDA_CACHE_DISABLE") == NULL)
+ putenv ((char *) "CUDA_CACHE_DISABLE=1");
+
/**
* Real init
*/
u64 limit = LIMIT;
uint keyspace = KEYSPACE;
uint potfile_disable = POTFILE_DISABLE;
+ char *potfile_path = NULL;
uint debug_mode = DEBUG_MODE;
char *debug_file = NULL;
char *induction_dir = NULL;
#define IDX_LIMIT 'l'
#define IDX_KEYSPACE 0xff35
#define IDX_POTFILE_DISABLE 0xff06
+ #define IDX_POTFILE_PATH 0xffe0
#define IDX_DEBUG_MODE 0xff43
#define IDX_DEBUG_FILE 0xff44
#define IDX_INDUCTION_DIR 0xff46
{"limit", required_argument, 0, IDX_LIMIT},
{"keyspace", no_argument, 0, IDX_KEYSPACE},
{"potfile-disable", no_argument, 0, IDX_POTFILE_DISABLE},
+ {"potfile-path", required_argument, 0, IDX_POTFILE_PATH},
{"debug-mode", required_argument, 0, IDX_DEBUG_MODE},
{"debug-file", required_argument, 0, IDX_DEBUG_FILE},
{"induction-dir", required_argument, 0, IDX_INDUCTION_DIR},
case IDX_REMOVE_TIMER: remove_timer = atoi (optarg);
remove_timer_chgd = 1; break;
case IDX_POTFILE_DISABLE: potfile_disable = 1; break;
+ case IDX_POTFILE_PATH: potfile_path = optarg; break;
case IDX_DEBUG_MODE: debug_mode = atoi (optarg); break;
case IDX_DEBUG_FILE: debug_file = optarg; break;
case IDX_INDUCTION_DIR: induction_dir = optarg; break;
return (-1);
}
- if (hash_mode_chgd && hash_mode > 13300) // just added to remove compiler warnings for hash_mode_chgd
+ if (hash_mode_chgd && hash_mode > 13400) // just added to remove compiler warnings for hash_mode_chgd
{
log_error ("ERROR: Invalid hash-type specified");
logfile_top_uint (outfile_check_timer);
logfile_top_uint (outfile_format);
logfile_top_uint (potfile_disable);
+ logfile_top_string (potfile_path);
#if defined(HAVE_HWMON) && defined(HAVE_ADL)
logfile_top_uint (powertune_enable);
#endif
dgst_pos3 = 1;
break;
+ case 125: hash_type = HASH_TYPE_SHA1;
+ salt_type = SALT_TYPE_EMBEDDED;
+ attack_exec = ATTACK_EXEC_INSIDE_KERNEL;
+ opts_type = OPTS_TYPE_PT_GENERATE_BE
+ | OPTS_TYPE_PT_ADD80
+ | OPTS_TYPE_PT_ADDBITS15
+ | OPTS_TYPE_ST_HEX;
+ kern_type = KERN_TYPE_SHA1_SLTPW;
+ dgst_size = DGST_SIZE_4_5;
+ parse_func = arubaos_parse_hash;
+ sort_by_digest = sort_by_digest_4_5;
+ opti_type = OPTI_TYPE_ZERO_BYTE
+ | OPTI_TYPE_PRECOMPUTE_INIT
+ | OPTI_TYPE_PRECOMPUTE_MERKLE
+ | OPTI_TYPE_EARLY_SKIP
+ | OPTI_TYPE_NOT_ITERATED
+ | OPTI_TYPE_PREPENDED_SALT
+ | OPTI_TYPE_RAW_HASH;
+ dgst_pos0 = 3;
+ dgst_pos1 = 4;
+ dgst_pos2 = 2;
+ dgst_pos3 = 1;
+ break;
+
case 130: hash_type = HASH_TYPE_SHA1;
salt_type = SALT_TYPE_INTERN;
attack_exec = ATTACK_EXEC_INSIDE_KERNEL;
case 8300: hash_type = HASH_TYPE_SHA1;
salt_type = SALT_TYPE_EMBEDDED;
attack_exec = ATTACK_EXEC_INSIDE_KERNEL;
- opts_type = OPTS_TYPE_PT_GENERATE_LE
+ opts_type = OPTS_TYPE_PT_GENERATE_BE
| OPTS_TYPE_ST_HEX
| OPTS_TYPE_ST_ADD80;
kern_type = KERN_TYPE_NSEC3;
dgst_pos3 = 2;
break;
+ case 13400: hash_type = HASH_TYPE_AES;
+ salt_type = SALT_TYPE_EMBEDDED;
+ attack_exec = ATTACK_EXEC_OUTSIDE_KERNEL;
+ opts_type = OPTS_TYPE_PT_GENERATE_LE;
+ kern_type = KERN_TYPE_KEEPASS;
+ dgst_size = DGST_SIZE_4_4;
+ parse_func = keepass_parse_hash;
+ sort_by_digest = sort_by_digest_4_4;
+ opti_type = OPTI_TYPE_ZERO_BYTE;
+ dgst_pos0 = 0;
+ dgst_pos1 = 1;
+ dgst_pos2 = 2;
+ dgst_pos3 = 3;
+ break;
+
default: usage_mini_print (PROGNAME); return (-1);
}
case 12100: esalt_size = sizeof (pbkdf2_sha512_t); break;
case 13000: esalt_size = sizeof (rar5_t); break;
case 13100: esalt_size = sizeof (krb5tgs_t); break;
+ case 13400: esalt_size = sizeof (keepass_t); break;
}
data.esalt_size = esalt_size;
if (keyspace == 0)
{
- snprintf (dictstat, sizeof (dictstat) - 1, "%s/hashcat.dictstat", profile_dir);
+ snprintf (dictstat, sizeof (dictstat) - 1, "%s/%s", profile_dir, DICTSTAT_FILENAME);
dictstat_fp = fopen (dictstat, "rb");
char potfile[256] = { 0 };
- snprintf (potfile, sizeof (potfile) - 1, "%s/%s.pot", session_dir, session);
+ if (potfile_path == NULL)
+ {
+ snprintf (potfile, sizeof (potfile) - 1, "%s/%s", profile_dir, POTFILE_FILENAME);
+ }
+ else
+ {
+ strncpy (potfile, potfile_path, sizeof (potfile) - 1);
+ }
data.pot_fp = NULL;
switch (hash_mode)
{
+ case 125: if (pw_max > 32) pw_max = 32;
+ break;
case 400: if (pw_max > 40) pw_max = 40;
break;
case 500: if (pw_max > 16) pw_max = 16;
wpa_t *wpa = (wpa_t *) hashes_buf[hashes_cnt].esalt;
- u8 *pke_ptr = (u8 *) wpa->pke;
-
// do the appending task
snprintf (salt_ptr + cur_pos,
rem_len,
":%02x%02x%02x%02x%02x%02x:%02x%02x%02x%02x%02x%02x",
- pke_ptr[20], pke_ptr[27], pke_ptr[26], pke_ptr[25], pke_ptr[24], pke_ptr[31], // MAC1
- pke_ptr[30], pke_ptr[29], pke_ptr[28], pke_ptr[35], pke_ptr[34], pke_ptr[33]); // MAC2
-
+ wpa->orig_mac1[0],
+ wpa->orig_mac1[1],
+ wpa->orig_mac1[2],
+ wpa->orig_mac1[3],
+ wpa->orig_mac1[4],
+ wpa->orig_mac1[5],
+ wpa->orig_mac2[0],
+ wpa->orig_mac2[1],
+ wpa->orig_mac2[2],
+ wpa->orig_mac2[3],
+ wpa->orig_mac2[4],
+ wpa->orig_mac2[5]);
// memset () the remaining part of the salt
((seven_zip_t *) hashes_buf[0].esalt)->data_len = 112;
((seven_zip_t *) hashes_buf[0].esalt)->unpack_size = 112;
break;
+ case 13400: ((keepass_t *) hashes_buf[0].esalt)->version = 2;
+ break;
}
}
break;
case 13200: hashes_buf[0].salt->salt_iter = ROUNDS_AXCRYPT;
break;
+ case 13400: hashes_buf[0].salt->salt_iter = ROUNDS_KEEPASS;
+ break;
}
hashes_cnt = 1;
{
wpa_t *wpa = (wpa_t *) found->esalt;
- uint pke[25] = { 0 };
-
- char *pke_ptr = (char *) pke;
-
- for (uint i = 0; i < 25; i++)
- {
- pke[i] = byte_swap_32 (wpa->pke[i]);
- }
-
- u8 mac1[6] = { 0 };
- u8 mac2[6] = { 0 };
-
- memcpy (mac1, pke_ptr + 23, 6);
- memcpy (mac2, pke_ptr + 29, 6);
-
// compare hex string(s) vs binary MAC address(es)
for (uint i = 0, j = 0; i < 6; i++, j += 2)
{
- if (mac1[i] != hex_to_u8 ((const u8 *) &mac1_pos[j]))
+ if (wpa->orig_mac1[i] != hex_to_u8 ((const u8 *) &mac1_pos[j]))
{
found = NULL;
+
break;
}
}
for (uint i = 0, j = 0; i < 6; i++, j += 2)
{
- if (mac2[i] != hex_to_u8 ((const u8 *) &mac2_pos[j]))
+ if (wpa->orig_mac2[i] != hex_to_u8 ((const u8 *) &mac2_pos[j]))
{
found = NULL;
+
break;
}
}
case 12900: size_tmps = kernel_power_max * sizeof (pbkdf2_sha256_tmp_t); break;
case 13000: size_tmps = kernel_power_max * sizeof (pbkdf2_sha256_tmp_t); break;
case 13200: size_tmps = kernel_power_max * sizeof (axcrypt_tmp_t); break;
+ case 13400: size_tmps = kernel_power_max * sizeof (keepass_tmp_t); break;
};
// size_hooks
if (data.quiet == 0) log_info ("");
/**
- * Inform user which algorithm is checked and at which workload setting
+ * In benchmark-mode, inform user which algorithm is checked
*/
if (benchmark == 1)
device_param->speed_pos = 0;
memset (device_param->speed_cnt, 0, SPEED_CACHE * sizeof (u64));
- memset (device_param->speed_ms, 0, SPEED_CACHE * sizeof (float));
+ memset (device_param->speed_ms, 0, SPEED_CACHE * sizeof (double));
memset (device_param->speed_rec, 0, SPEED_CACHE * sizeof (hc_timer_t));
+ device_param->speed_cnt_total = 0;
+ device_param->speed_ms_total = 0;
+
device_param->exec_pos = 0;
memset (device_param->exec_ms, 0, EXEC_CACHE * sizeof (double));