X-Git-Url: https://www.flypig.org.uk/git/?a=blobdiff_plain;f=salted.c;h=8383380377b6dbf23b438e5d6d8e9dec0eae4bbe;hb=HEAD;hp=dadd650ac624535704b2871f655aeb750e592aaf;hpb=69b30aba94474d80e4fe3c0d210effd229edcede;p=pwdhash.git

diff --git a/salted.c b/salted.c
index dadd650..8383380 100644
--- a/salted.c
+++ b/salted.c
@@ -48,7 +48,7 @@ u32x mangle_md5 (u32x w0[4], u32x w1[4], const u32x in_len)
         digest[2] = MD5M_C;
         digest[3] = MD5M_D;
 
-        md5_transform (w0_t, w1_t, w2_t, w3_t, digest);
+        md5_transform_cl (w0_t, w1_t, w2_t, w3_t, digest);
 
         u8 b64encoded[16];
 
@@ -93,10 +93,11 @@ u32x mangle_md5 (u32x w0[4], u32x w1[4], const u32x in_len)
 u32x mangle_hmac (u32x w0[4], u32x w1[4], const u32x in_len)
 {
         u32x out_len = in_len;
+
 		u32 digest[4];
 		u32 data[8];
 		u32 i;
-		
+
 		data[0] = w0[0];
 		data[1] = w0[1];
 		data[2] = w0[2];
@@ -105,14 +106,116 @@ u32x mangle_hmac (u32x w0[4], u32x w1[4], const u32x in_len)
 		data[5] = w1[1];
 		data[6] = w1[2];
 		data[7] = w1[3];
+
+		md5hmac_domain((u8 *)data, in_len, (u8 *)digest);
+
+//		printf("HMAC: ");
+//		for (i = 0; i < 16; i++) {
+//			printf("%x", ((u8 *)digest)[i]);
+//		}
+//		printf("\n");
+
+		w0[0] = digest[0];
+		w0[1] = digest[1];
+		w0[2] = digest[2];
+		w0[3] = digest[3];
+		w1[0] = 0;
+		w1[1] = 0;
+		w1[2] = 0;
+		w1[3] = 0;
+
+        out_len = b64_encode ((u8 *)data, 16, (u8 *)w0);
+		//out_len = 8;
+
+		for (i = out_len; i < 32; i++) {
+				((u8 *)data)[i] = 0;
+		}
+      
+		w0[0] = data[0];
+		w0[1] = data[1];
+		w0[2] = data[2];
+		w0[3] = data[3];
+		w1[0] = data[4];
+		w1[1] = data[5];
+		w1[2] = data[6];
+		w1[3] = data[7];
+
+        return (out_len);
+}
+
+bool containsnonalphanumeric (u8 * data, u32 length)
+{
+	bool nonalphanumeric;
+	u32 pos;
+	char check;
+	u32 startingSize;
+
+	nonalphanumeric = false;
+	for (pos = 0; (pos < length) && !nonalphanumeric; pos++) {
+		check = data[pos];
+		if (!((check >= 'a') && (check <= 'z'))
+			&& !((check >= 'A') && (check <= 'Z'))
+			&& !((check >= '0') && (check <= '9'))
+			&& !(check == '_')) {
+			nonalphanumeric = true;
+		}
+	}
 	
-		md5hmac_cl("flypig.co.uk", strlen("flypig.co.uk"), (u8 *)data, in_len, (u8 *)digest);
+	return nonalphanumeric;
+}
+
+bool contains(u8 const * password, u32 length, u8 start, u8 end) {
+	bool doescontain = false;
+	u32 pos;
 
-		printf("HMAC: ");
-		for (i = 0; i < 16; i++) {
-			printf("%x", ((u8 *)digest)[i]);
+	for (pos = 0; (pos < length) && (doescontain == false); pos++) {
+		if ((password[pos] >= start) && (password[pos] <= end)) {
+			doescontain = true;
 		}
-		printf("\n");
+	}
+	
+	return doescontain;
+}
+
+void rotate_string(u8 * torotate, u32 length, u32 steps) {
+	u8 scratch[RESULT_MAX];
+	u32 pos;
+	
+	for (pos = 0; pos < length; pos++) {
+		scratch[pos] = torotate[(pos + steps) % length];
+	}
+
+	for (pos = 0; pos < length; pos++) {
+		torotate[pos] = scratch[pos];
+	}
+}
+
+u32x mangle_pwdhash (u32x w0[4], u32x w1[4], const u32x in_len)
+{
+        u32x out_len = in_len;
+
+		u32 digest[4];
+		u32 data[8];
+		u32 hash[8];
+		u32 i;
+		u32 size;
+		u32 extrasize;
+		u32 startingsize;
+		bool nonalphanumeric;
+		u32 extrapos;
+		u8 next;
+
+		hash[0] = w0[0];
+		hash[1] = w0[1];
+		hash[2] = w0[2];
+		hash[3] = w0[3];
+		hash[4] = w1[0];
+		hash[5] = w1[1];
+		hash[6] = w1[2];
+		hash[7] = w1[3];
+
+		md5hmac_domain((u8 *)hash, in_len, (u8 *)digest);
+		nonalphanumeric = containsnonalphanumeric ((u8 *)hash, in_len);
 
 		w0[0] = digest[0];
 		w0[1] = digest[1];
@@ -123,12 +226,85 @@ u32x mangle_hmac (u32x w0[4], u32x w1[4], const u32x in_len)
 		w1[2] = 0;
 		w1[3] = 0;
 
-        out_len = b64_encode ((u8 *)data, 16, (u8 *)w0);
+        out_len = b64_encode ((u8 *)hash, 16, (u8 *)w0);
+        out_len = 22; // b64 encoding will produce 24 bytes output, but last two will be "=="
+        extrasize = 22;
+        size = in_len + 2;
 
-        for (i = out_len; i < 32; i++) {
-                ((u8 *)data)[i] = 0;
-        }
-        
+        printf("Hash: %s\n", (u8 *)hash);
+
+//		for (i = out_len; i < 32; i++) {
+//			((u8 *)hash)[i] = 0;
+//		}
+
+		startingsize = size - 4;
+		startingsize = (startingsize < extrasize) ? startingsize : extrasize;
+
+		for (i = 0; i < startingsize; i++) {
+			((u8 *)data)[i] = ((u8 *)hash)[i];
+		}
+		for (i = startingsize; i < 32; i++) {
+			((u8 *)data)[i] = 0;
+		}
+
+		extrapos = startingsize;
+
+		// Add the extras
+		// Capital letter
+		next = (extrapos < extrasize) ? ((u8 *)hash)[extrapos] : 0;
+		extrapos++;
+		if (!contains((u8 *)data, startingsize, 'A', 'Z')) {
+			next = 'A' + (next % ('Z' - 'A' + 1));
+		}
+		((u8 *)data)[startingsize] = next;
+		startingsize++;
+
+		// Lower case letter
+		next = (extrapos < extrasize) ? ((u8 *)hash)[extrapos] : 0;
+		extrapos++;
+		if (!contains((u8 *)data, startingsize, 'a', 'z')) {
+			next = 'a' + (next % ('z' - 'a' + 1));
+		}
+		((u8 *)data)[startingsize] = next;
+		startingsize++;
+
+		// Number
+		next = (extrapos < extrasize) ? ((u8 *)hash)[extrapos] : 0;
+		extrapos++;
+		if (!contains((u8 *)data, startingsize, '0', '9')) {
+			next = '0' + (next % ('9' - '0' + 1));
+		}
+		((u8 *)data)[startingsize] = next;
+		startingsize++;
+
+		// Non alphanumeric
+		if (containsnonalphanumeric((u8 *)data, startingsize) && nonalphanumeric) {
+			next = (extrapos < extrasize) ? ((u8 *)hash)[extrapos] : 0;
+			extrapos++;
+		}
+		else {
+			next = '+';
+		}
+		((u8 *)data)[startingsize] = next;
+		startingsize++;
+
+		if (!nonalphanumeric) {
+			for (i = 0; i < startingsize; i++) {
+				if (containsnonalphanumeric(((u8 *)data) + i, 1)) {
+					next = (extrapos < extrasize) ? ((u8 *)hash)[extrapos] : 0;
+					extrapos++;
+					next = 'A' + (next % ('Z' - 'A' + 1));
+					((u8 *)data)[i] = next;
+				}
+			}
+		}
+
+		next = (extrapos < extrasize) ? ((u8 *)hash)[extrapos] : 0;
+		rotate_string((u8 *)data, startingsize, next);
+		((u8 *)data)[startingsize] = 0;
+
+		out_len = startingsize;
+      
 		w0[0] = data[0];
 		w0[1] = data[1];
 		w0[2] = data[2];
@@ -141,6 +317,13 @@ u32x mangle_hmac (u32x w0[4], u32x w1[4], const u32x in_len)
         return (out_len);
 }
 
+void writeHexByte(unsigned char byte, unsigned char * hex) {
+	static char number[] = "0123456789abcdef";
+	
+	hex[0] = number[(byte >> 4)];
+	hex[1] = number[(byte % 16)];
+}
+
 int main(int argc, char * argv[]) {
 	unsigned char result[RESULT_MAX];
 	unsigned char salt[SALT_MAX];
@@ -170,15 +353,15 @@ int main(int argc, char * argv[]) {
 	}
 	salt[SALT_MAX - 1] = '\0';
 
-	SPH_HashedPassowrd("hashcat", "flypig.co.uk", result);
+	//SPH_HashedPassowrd("hashcat", "flypig.co.uk", result);
 
 	//mangle(password);
 
-	mangle_hmac ((u32x *)password, (u32x *)(password + 16), strlen(password));
+	size = mangle_pwdhash ((u32x *)password, (u32x *)(password + 16), strlen(password));
 
 	//md5hmac(salt, password, digest);
 
-	md5hmac_cl(salt, strlen(salt), password, strlen(password), digest);
+	md5hmac_cl(salt, strlen(salt), password, size, digest);
 
 
 	for (pos = 0; pos < DIGEST_SIZE; pos++) {