X-Git-Url: https://www.flypig.org.uk/git/?a=blobdiff_plain;f=tools%2Ftest.pl;h=ef8dc4a77672f9da370ad43ceee08aa6d8932e46;hb=161a6eb4bc643d8e636e96eda613f5137d30da59;hp=9ef274bc2d7515a1007a50e2106c676f3240a4af;hpb=d0123e63b1afa3ec0836ee23ba6619201541b75b;p=hashcat.git diff --git a/tools/test.pl b/tools/test.pl index 9ef274b..ef8dc4a 100755 --- a/tools/test.pl +++ b/tools/test.pl @@ -45,11 +45,11 @@ my $hashcat = "./hashcat"; my $MAX_LEN = 55; -my @modes = (0, 10, 11, 12, 20, 21, 22, 23, 30, 40, 50, 60, 100, 101, 110, 111, 112, 120, 121, 122, 125, 130, 131, 132, 133, 140, 141, 150, 160, 190, 200, 300, 400, 500, 900, 1000, 1100, 1400, 1410, 1420, 1430, 1440, 1441, 1450, 1460, 1500, 1600, 1700, 1710, 1711, 1720, 1730, 1740, 1722, 1731, 1750, 1760, 1800, 2100, 2400, 2410, 2500, 2600, 2611, 2612, 2711, 2811, 3000, 3100, 3200, 3710, 3711, 3300, 3500, 3610, 3720, 3800, 3910, 4010, 4110, 4210, 4300, 4400, 4500, 4600, 4700, 4800, 4900, 5000, 5100, 5300, 5400, 5500, 5600, 5700, 5800, 6000, 6100, 6300, 6400, 6500, 6600, 6700, 6800, 6900, 7100, 7200, 7300, 7400, 7500, 7600, 7700, 7800, 7900, 8000, 8100, 8200, 8300, 8400, 8500, 8600, 8700, 8900, 9100, 9200, 9300, 9400, 9500, 9600, 9700, 9800, 9900, 10000, 10100, 10200, 10300, 10400, 10500, 10600, 10700, 10800, 10900, 11000, 11100, 11200, 11300, 11400, 11500, 11600, 11900, 12000, 12100, 12200, 12300, 12400, 12600, 12700, 12800, 12900, 13000, 13100, 13200, 13300, 13400, 13500, 13600); +my @modes = (0, 10, 11, 12, 20, 21, 22, 23, 30, 40, 50, 60, 100, 101, 110, 111, 112, 120, 121, 122, 125, 130, 131, 132, 133, 140, 141, 150, 160, 200, 300, 400, 500, 900, 1000, 1100, 1400, 1410, 1420, 1430, 1440, 1441, 1450, 1460, 1500, 1600, 1700, 1710, 1711, 1720, 1730, 1740, 1722, 1731, 1750, 1760, 1800, 2100, 2400, 2410, 2500, 2600, 2611, 2612, 2711, 2811, 3000, 3100, 3200, 3710, 3711, 3300, 3500, 3610, 3720, 3800, 3910, 4010, 4110, 4210, 4300, 4400, 4500, 4600, 4700, 4800, 4900, 5000, 5100, 5300, 5400, 5500, 5600, 5700, 5800, 6000, 6100, 6300, 6400, 6500, 6600, 6700, 6800, 6900, 7100, 7200, 7300, 7400, 7500, 7600, 7700, 7800, 7900, 8000, 8100, 8200, 8300, 8400, 8500, 8600, 8700, 8900, 9100, 9200, 9300, 9400, 9500, 9600, 9700, 9800, 9900, 10000, 10100, 10200, 10300, 10400, 10500, 10600, 10700, 10800, 10900, 11000, 11100, 11200, 11300, 11400, 11500, 11600, 11900, 12000, 12100, 12200, 12300, 12400, 12600, 12700, 12800, 12900, 13000, 13100, 13200, 13300, 13400, 13500, 13600, 13800); -my %is_unicode = map { $_ => 1 } qw(30 40 130 131 132 133 140 141 1000 1100 1430 1440 1441 1730 1740 1731 5500 5600 8000 9400 9500 9600 9700 9800 11600 13500); +my %is_unicode = map { $_ => 1 } qw(30 40 130 131 132 133 140 141 1000 1100 1430 1440 1441 1730 1740 1731 5500 5600 8000 9400 9500 9600 9700 9800 11600 13500 13800); my %less_fifteen = map { $_ => 1 } qw(500 1600 1800 2400 2410 3200 6300 7400 10500 10700); -my %allow_long_salt = map { $_ => 1 } qw(2500 5500 5600 7100 7200 7300 9400 9500 9600 9700 9800 10400 10500 10600 10700 1100 11000 11200 11300 11400 11600 12600 13500); +my %allow_long_salt = map { $_ => 1 } qw(2500 5500 5600 7100 7200 7300 9400 9500 9600 9700 9800 10400 10500 10600 10700 1100 11000 11200 11300 11400 11600 12600 13500 13800); my @lotus_magic_table = ( @@ -213,7 +213,7 @@ sub verify # remember always do "exists ($db->{$hash_in})" checks as soon as possible and don't forget it # unsalted - if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 133 || $mode == 190 || $mode == 200 || $mode == 300 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3000 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 5700 || $mode == 6000 || $mode == 6100 || $mode == 6900 || $mode == 8600 || $mode == 9900 || $mode == 10800 || $mode == 11500) + if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 133 || $mode == 200 || $mode == 300 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3000 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 5700 || $mode == 6000 || $mode == 6100 || $mode == 6900 || $mode == 8600 || $mode == 9900 || $mode == 10800 || $mode == 11500) { my $index = index ($line, ":"); @@ -226,7 +226,7 @@ sub verify $word = substr ($line, $index + 1); } # hash:salt - elsif ($mode == 10 || $mode == 11 || $mode == 12 || $mode == 20 || $mode == 21 || $mode == 22 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 112 || $mode == 120 || $mode == 121 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1100 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 2410 || $mode == 2611 || $mode == 2711 || $mode == 2811 || $mode == 3100 || $mode == 3610 || $mode == 3710 || $mode == 3720 || $mode == 3800 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 4900 || $mode == 5800 || $mode == 7600 || $mode == 8400 || $mode == 11000 || $mode == 12600 || $mode == 13500) + elsif ($mode == 10 || $mode == 11 || $mode == 12 || $mode == 20 || $mode == 21 || $mode == 22 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 112 || $mode == 120 || $mode == 121 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1100 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 2410 || $mode == 2611 || $mode == 2711 || $mode == 2811 || $mode == 3100 || $mode == 3610 || $mode == 3710 || $mode == 3720 || $mode == 3800 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 4900 || $mode == 5800 || $mode == 7600 || $mode == 8400 || $mode == 11000 || $mode == 12600 || $mode == 13500 || $mode == 13800) { # get hash my $index1 = index ($line, ":"); @@ -2211,7 +2211,7 @@ sub verify next unless (exists ($db->{$hash_line}) and (! defined ($db->{$hash_line}))); } - elsif ($mode == 13100 ) + elsif ($mode == 13100) { ($hash_in, $word) = split ":", $line; @@ -2238,7 +2238,10 @@ sub verify next unless (length ($checksum) == 32); next unless (length ($edata2) >= 64); - $salt = $user . '$' . $realm . '$' . $spn . '$' . substr ($edata2, 0, 16); + $salt = $user . '$' . $realm . '$' . $spn . '$'; + + $param = $checksum; + $param2 = $edata2; next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in}))); } @@ -2253,8 +2256,6 @@ sub verify next unless scalar @data == 5; - shift @data; - my $signature = shift @data; my $version = shift @data; my $iteration = shift @data; @@ -2265,7 +2266,8 @@ sub verify next unless (length ($mysalt) == 32); next unless (length ($digest) == 48); - $salt = $iteration . '*' . $mysalt; + $salt = $iteration . '*' . $mysalt; + $param = $digest; next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in}))); } @@ -2365,7 +2367,8 @@ sub verify next unless (length ($keyfile) == $keyfile_len); } - $salt = substr ($hash_in, length ("*keepass*") + 1, length ($hash_in)); + $salt = substr ($hash_in, length ("*keepass*") + 1); + $param = 1; # distinguish between encrypting vs decrypting next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in}))); } @@ -2456,19 +2459,6 @@ sub verify return unless (substr ($line, 0, $len) eq $hash_out); } - elsif ($mode == 190) - { - $hash_out = gen_hash ($mode, $word, $salt, $iter, 0); - - $len = length $hash_out; # == length $alternative - - if (substr ($line, 0, $len) ne $hash_out) - { - my $alternative = gen_hash ($mode, $word, $salt, $iter, 1); - - return unless (substr ($line, 0, $len) eq $alternative); - } - } elsif ($mode == 3300) { $hash_out = gen_hash ($mode, $word, $salt, $iter, $param); @@ -2687,7 +2677,7 @@ sub verify } elsif ($mode == 13100) { - $hash_out = gen_hash ($mode, $word, $salt); + $hash_out = gen_hash ($mode, $word, $salt, $iter, $param, $param2); $len = length $hash_out; @@ -2695,7 +2685,7 @@ sub verify } elsif ($mode == 13200) { - $hash_out = gen_hash ($mode, $word, $salt); + $hash_out = gen_hash ($mode, $word, $salt, $iter, $param); $len = length $hash_out; @@ -2703,7 +2693,7 @@ sub verify } elsif ($mode == 13400) { - $hash_out = gen_hash ($mode, $word, $salt); + $hash_out = gen_hash ($mode, $word, $salt, $iter, $param); $len = length $hash_out; @@ -2796,7 +2786,7 @@ sub passthrough my $tmp_hash; - if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 133 || $mode == 190 || $mode == 200 || $mode == 300 || $mode == 600 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 6000 || $mode == 6100 || $mode == 6900 || $mode == 5700 || $mode == 9900 || $mode == 10800 || $mode == 11500 || $mode == 13300) + if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 133 || $mode == 200 || $mode == 300 || $mode == 600 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 6000 || $mode == 6100 || $mode == 6900 || $mode == 5700 || $mode == 9900 || $mode == 10800 || $mode == 11500 || $mode == 13300) { $tmp_hash = gen_hash ($mode, $word_buf, ""); } @@ -2836,7 +2826,7 @@ sub passthrough } elsif ($mode == 125) { - $tmp_hash = gen_hash ($mode, $word_buf, substr ($salt_buf, 0, 10)); + $tmp_hash = gen_hash ($mode, $word_buf, substr ($salt_buf, 0, 8)); } elsif ($mode == 141 || $mode == 1441) { @@ -3169,6 +3159,10 @@ sub passthrough { $tmp_hash = gen_hash ($mode, $word_buf, substr ($salt_buf, 0, 32)); } + elsif ($mode == 13800) + { + $tmp_hash = gen_hash ($mode, $word_buf, substr ($salt_buf, 0, 256)); + } else { print "ERROR: Unsupported hash type\n"; @@ -3193,7 +3187,7 @@ sub single { my $mode = $modes[$j]; - if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 133 || $mode == 190 || $mode == 200 || $mode == 300 || $mode == 600 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 5300 || $mode == 5400 || $mode == 6000 || $mode == 6100 || $mode == 6600 || $mode == 6900 || $mode == 5700 || $mode == 8200 || $mode == 8300 || $mode == 9900 || $mode == 10800 || $mode == 11500 || $mode == 13300) + if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 133 || $mode == 200 || $mode == 300 || $mode == 600 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 5300 || $mode == 5400 || $mode == 6000 || $mode == 6100 || $mode == 6600 || $mode == 6900 || $mode == 5700 || $mode == 8200 || $mode == 8300 || $mode == 9900 || $mode == 10800 || $mode == 11500 || $mode == 13300) { for (my $i = 1; $i < 32; $i++) { @@ -3966,6 +3960,20 @@ sub single } } } + elsif ($mode == 13800) + { + for (my $i = 1; $i < 32; $i++) + { + if ($len != 0) + { + rnd ($mode, $len, 256); + } + else + { + rnd ($mode, $i, 256); + } + } + } } } @@ -4250,24 +4258,6 @@ sub gen_hash $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf); } - elsif ($mode == 190) - { - $hash_buf = sha1_hex ($word_buf); - - my $variant = int (rand (2)); - - if (defined ($additional_param)) - { - $variant = $additional_param; - } - - if ($variant == 1) - { - substr ($hash_buf, 0, 5) = "00000"; - } - - $tmp_hash = sprintf ("%s", $hash_buf); - } elsif ($mode == 200) { my $ppr = Authen::Passphrase::MySQL323->new (passphrase => $word_buf); @@ -6969,28 +6959,63 @@ END_CODE my $spn = $salt_arr[2]; - my $nonce = $salt_arr[3]; + my $k = md4 (encode ("UTF-16LE", $word_buf)); + + my $k1 = hmac_md5 ("\x02\x00\x00\x00", $k); my $cleartext_ticket = '6381b03081ada00703050050a00000a11b3019a003020117a1'. - '12041058e0d77776e8b8e03991f2966939222aa2171b154d594b5242544553542e434f4e5'. - '44f534f2e434f4da3133011a003020102a10a30081b067472616e6365a40b3009a0030201'. - '01a1020400a511180f32303136303231353134343735305aa611180f32303136303231353'. - '134343735305aa711180f32303136303231363030343735305aa811180f32303136303232'. - '323134343735305a'; + '12041058e0d77776e8b8e03991f2966939222aa2171b154d594b5242544553542e434f4e5'. + '44f534f2e434f4da3133011a003020102a10a30081b067472616e6365a40b3009a0030201'. + '01a1020400a511180f32303136303231353134343735305aa611180f32303136303231353'. + '134343735305aa711180f32303136303231363030343735305aa811180f32303136303232'. + '323134343735305a'; - $cleartext_ticket = $nonce . $cleartext_ticket; + my $checksum = ""; - my $k = md4 (encode ("UTF-16LE", $word_buf)); + if (defined $additional_param) + { + $checksum = pack ("H*", $additional_param); + } + else + { + my $nonce = $salt_arr[3]; - my $k1 = hmac_md5 ("\x02\x00\x00\x00", $k); + $cleartext_ticket = $nonce . $cleartext_ticket; - my $checksum = hmac_md5 (pack ("H*", $cleartext_ticket), $k1); + $checksum = hmac_md5 (pack ("H*", $cleartext_ticket), $k1); + } my $k3 = hmac_md5 ($checksum, $k1); + my $edata2 = ""; + + if (defined $additional_param2) + { + $edata2 = $additional_param2; + + my $cipher_decrypt = Crypt::RC4->new ($k3); + + my $ticket_decrypt = unpack ("H*", $cipher_decrypt->RC4 (pack ("H*", $edata2))); + + my $check_correct = ((substr ($ticket_decrypt, 16, 4) eq "6381" && substr ($ticket_decrypt, 22, 2) eq "30") || + (substr ($ticket_decrypt, 16, 4) eq "6382")) && + ((substr ($ticket_decrypt, 32, 6) eq "030500") || + (substr ($ticket_decrypt, 32, 8) eq "050307A0")); + + if ($check_correct == 1) + { + $cleartext_ticket = $ticket_decrypt; + } + else # validation failed + { + # fake/wrong ticket (otherwise if we just decrypt/encrypt we end up with false positives all the time) + $cleartext_ticket = "0" x (length ($cleartext_ticket) + 16); + } + } + my $cipher = Crypt::RC4->new ($k3); - my $edata2 = $cipher->RC4 (pack ("H*", $cleartext_ticket)); + $edata2 = $cipher->RC4 (pack ("H*", $cleartext_ticket)); $tmp_hash = sprintf ('$krb5tgs$23$*%s$%s$%s*$%s$%s', $user, $realm, $spn, unpack ("H*", $checksum), unpack ("H*", $edata2)); } @@ -6998,27 +7023,73 @@ END_CODE { my @salt_arr = split ('\*', $salt_buf); - my $iteration = $salt_arr[0]; + my $iteration = $salt_arr[0]; my $mysalt = $salt_arr[1]; $mysalt = pack ("H*", $mysalt); - my $DEK = randbytes (16); - my $iv = "a6a6a6a6a6a6a6a6"; - my $KEK = sha1($word_buf); + my $KEK = sha1 ($word_buf); $KEK = substr ($KEK ^ $mysalt, 0, 16); my $aes = Crypt::Mode::ECB->new ('AES'); - my @R = ('', substr(pack ("H*",$DEK),0,8), substr(pack ("H*",$DEK),8,16)); - my $B; - my $A = pack ("H*", $iv); + my $A; + + my @R = (); + + if (defined $additional_param) + { + $additional_param = pack ("H*", $additional_param); + + $A = substr ($additional_param, 0, 8); + $B = 0x00 x 8; + + $R[1] = substr ($additional_param, 8, 8); + $R[2] = substr ($additional_param, 16, 8); + + for (my $j = $iteration - 1; $j >= 0; $j--) + { + $A = substr ($A, 0, 8) ^ pack ("l", (2 * $j + 2)); + + $B = $R[2]; + + $A = $aes->decrypt ($A . $B . "\x00" x 16, $KEK); + + $R[2] = substr ($A, 8, 16); + + $A = substr ($A, 0, 8) ^ pack ("l", (2 * $j + 1)); + + $B = $R[1]; + + $A = $aes->decrypt ($A . $B . "\x00" x 16, $KEK); + + $R[1] = substr ($A, 8, 16); + } + + # check if valid + if (index ($A, "\xa6\xa6\xa6\xa6\xa6\xa6\xa6\xa6") != 0) + { + # fake wrong @R and $A values + + @R = ('', "\x00" x 8, "\x00" x 8); + + $A = "\x00" x 16; + } + } + else + { + my $DEK = randbytes (16); + + @R = ('', substr (pack ("H*", $DEK), 0, 8), substr (pack ("H*", $DEK), 8, 16)); + + $A = pack ("H*", $iv); + } for (my $j = 0; $j < $iteration; $j++) { @@ -7051,11 +7122,11 @@ END_CODE { my @salt_arr = split ('\*', $salt_buf); - my $version = $salt_arr[0]; + my $version = $salt_arr[0]; - my $iteration = $salt_arr[1]; + my $iteration = $salt_arr[1]; - my $algorithm = $salt_arr[2]; + my $algorithm = $salt_arr[2]; my $final_random_seed = $salt_arr[3]; @@ -7090,13 +7161,17 @@ END_CODE if ($version == 1) { $contents_hash = $salt_arr[6]; + $contents_hash = pack ("H*", $contents_hash); $inline_flag = $salt_arr[7]; + $contents_len = $salt_arr[8]; + $contents = $salt_arr[9]; + $contents = pack ("H*", $contents); # keyfile handling @@ -7114,6 +7189,7 @@ END_CODE . "*" . $keyfile_content; $intermediate_hash = $intermediate_hash . pack ("H*", $keyfile_content); + $intermediate_hash = sha256 ($intermediate_hash); } } @@ -7136,6 +7212,7 @@ END_CODE . "*" . $keyfile_content; } + $intermediate_hash = sha256 ($intermediate_hash); } @@ -7174,9 +7251,30 @@ END_CODE if ($version == 1) { - $contents_hash = sha256 ($contents); + if (defined $additional_param) + { + # if we try to verify the crack, we need to decrypt the contents instead of only encrypting it: + + $contents = $cipher->decrypt ($contents); + + # and check the output + + my $contents_hash_old = $contents_hash; - $contents = $cipher->encrypt($contents); + $contents_hash = sha256 ($contents); + + if ($contents_hash_old ne $contents_hash) + { + # fake content + $contents = "\x00" x length ($contents); + } + } + else + { + $contents_hash = sha256 ($contents); + } + + $contents = $cipher->encrypt ($contents); $tmp_hash = sprintf ('$keepass$*%d*%d*%d*%s*%s*%s*%s*%d*%d*%s%s', $version, @@ -7193,12 +7291,12 @@ END_CODE } if ($version == 2) { - $expected_bytes = $salt_arr[6]; + $expected_bytes = $salt_arr[6]; $contents_hash = $salt_arr[7]; $contents_hash = pack ("H*", $contents_hash); - $expected_bytes = $cipher->decrypt($contents_hash); + $expected_bytes = $cipher->decrypt ($contents_hash); $tmp_hash = sprintf ('$keepass$*%d*%d*%d*%s*%s*%s*%s*%s%s', $version, @@ -7291,6 +7389,16 @@ END_CODE $tmp_hash = sprintf ('$zip2$*%u*%u*%u*%s*%s*%u*%s*%s*$/zip2$', $type, $mode, $magic, $salt_buf, $verify_bytes, $compress_length, $data, substr ($auth, 0, 20)); } + elsif ($mode == 13800) + { + my $word_buf_unicode = encode ("UTF-16LE", $word_buf); + + my $salt_buf_bin = pack ("H*", $salt_buf); + + $hash_buf = sha256_hex ($word_buf_unicode . $salt_buf_bin); + + $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf); + } return ($tmp_hash); } @@ -8676,7 +8784,7 @@ sub get_random_kerberos5_tgs_salt my $realm = "realm"; my $spn = "test/spn"; - my $salt_buf = $user . "\$" . $realm . "\$" . $spn . "\$" . unpack ("H*",$nonce); + my $salt_buf = $user . "\$" . $realm . "\$" . $spn . "\$" . unpack ("H*", $nonce); return $salt_buf; }