4 ## Author......: Jens Steube <jens.steube@gmail.com>
10 use Digest
::MD4 qw
(md4 md4_hex
);
11 use Digest
::MD5 qw
(md5 md5_hex
);
12 use Digest
::SHA qw
(sha1 sha256 sha384 sha512 sha1_hex sha256_hex sha384_hex sha512_hex
);
13 use Digest
::HMAC qw
(hmac hmac_hex
);
14 use Digest
::Keccak qw
(keccak_256_hex
);
15 use Crypt
::MySQL qw
(password41
);
16 use Digest
::GOST qw
(gost gost_hex
);
17 use Digest
::HMAC_MD5 qw
(hmac_md5
);
18 use Digest
::CRC qw
(crc32
);
21 use Crypt
::ECB qw
(encrypt PADDING_AUTO PADDING_NONE
);
23 use Crypt
::Eksblowfish
::Bcrypt qw
(bcrypt en_base64
);
24 use Crypt
::Digest
::RIPEMD160 qw
(ripemd160_hex
);
25 use Crypt
::Digest
::Whirlpool qw
(whirlpool_hex
);
27 use Crypt
::ScryptKDF qw
(scrypt_hash scrypt_b64
);
30 use Crypt
::UnixCrypt_XS qw
(crypt_rounds fold_password base64_to_int24 block_to_base64 int24_to_base64
);
32 use Authen
::Passphrase
::NTHash
;
33 use Authen
::Passphrase
::MySQL323
;
34 use Authen
::Passphrase
::PHPass
;
35 use Authen
::Passphrase
::LANManager
;
37 use POSIX qw
(strftime
);
39 use Net
::DNS
::RR
::NSEC3
;
40 use Convert
::EBCDIC qw
(ascii2ebcdic
);
41 use Digest
::SipHash qw
/siphash/;
43 my $hashcat = "./oclHashcat";
47 my @modes = (0, 10, 11, 12, 20, 21, 22, 23, 30, 40, 50, 60, 100, 101, 110, 111, 112, 120, 121, 122, 130, 131, 132, 140, 141, 150, 160, 190, 200, 300, 400, 500, 900, 1000, 1100, 1400, 1410, 1420, 1430, 1440, 1441, 1450, 1460, 1500, 1600, 1700, 1710, 1711, 1720, 1730, 1740, 1722, 1731, 1750, 1760, 1800, 2100, 2400, 2410, 2500, 2600, 2611, 2612, 2711, 2811, 3000, 3100, 3200, 3710, 3711, 3300, 3500, 3610, 3720, 3800, 3910, 4010, 4110, 4210, 4300, 4400, 4500, 4600, 4700, 4800, 4900, 5000, 5100, 5300, 5400, 5500, 5600, 5700, 5800, 6000, 6100, 6300, 6400, 6500, 6600, 6700, 6800, 6900, 7100, 7200, 7300, 7400, 7500, 7600, 7700, 7800, 7900, 8000, 8100, 8200, 8300, 8400, 8500, 8600, 8700, 8900, 9100, 9200, 9300, 9400, 9500, 9600, 9700, 9800, 9900, 10000, 10100, 10200, 10300, 10400, 10500, 10600, 10700, 10800, 10900, 11000, 11100, 11200, 11300, 11400, 11500, 11600, 11900, 12000, 12100, 12200, 12300, 12400, 12600, 12700, 12800);
49 my %is_unicode = map { $_ => 1 } qw(30 40 130 131 132 140 141 1000 1100 1430 1440 1441 1730 1740 1731 5500 5600 8000 9400 9500 9600 9700 9800);
50 my %less_fifteen = map { $_ => 1 } qw(500 1600 1800 2400 2410 3200 6300 7400 10500 10700);
51 my %allow_long_salt = map { $_ => 1 } qw(2500 5500 5600 7100 7200 7300 9400 9500 9600 9700 9800 10400 10500 10600 10700 1100 11000 11200 11300 11400 11600 12600);
53 my @lotus_magic_table =
55 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a,
56 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0,
57 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b,
58 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a,
59 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda,
60 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36,
61 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8,
62 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c,
63 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17,
64 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60,
65 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72,
66 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa,
67 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd,
68 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e,
69 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b,
70 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf,
71 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77,
72 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6,
73 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3,
74 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3,
75 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e,
76 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c,
77 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d,
78 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2,
79 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46,
80 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5,
81 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97,
82 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5,
83 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef,
84 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f,
85 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf,
86 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab
91 0x28, 0xbf, 0x4e, 0x5e, 0x4e, 0x75, 0x8a, 0x41,
92 0x64, 0x00, 0x4e, 0x56, 0xff, 0xfa, 0x01, 0x08,
93 0x2e, 0x2e, 0x00, 0xb6, 0xd0, 0x68, 0x3e, 0x80,
94 0x2f, 0x0c, 0xa9, 0xfe, 0x64, 0x53, 0x69, 0x7a
97 my $CISCO_BASE64_MAPPING = {'A', '.', 'B', '/', 'C', '0', 'D', '1', 'E', '2', 'F', '3', 'G', '4', 'H', '5', 'I', '6', 'J', '7', 'K', '8', 'L', '9', 'M', 'A', 'N', 'B', 'O', 'C', 'P', 'D', 'Q', 'E', 'R', 'F', 'S', 'G', 'T', 'H', 'U', 'I', 'V', 'J', 'W', 'K', 'X', 'L', 'Y', 'M', 'Z', 'N', 'a', 'O', 'b', 'P', 'c', 'Q', 'd', 'R', 'e', 'S', 'f', 'T', 'g', 'U', 'h', 'V', 'i', 'W', 'j', 'X', 'k', 'Y', 'l', 'Z', 'm', 'a', 'n', 'b', 'o', 'c', 'p', 'd', 'q', 'e', 'r', 'f', 's', 'g', 't', 'h', 'u', 'i', 'v', 'j', 'w', 'k', 'x', 'l', 'y', 'm', 'z', 'n', '0', 'o', '1', 'p', '2', 'q', '3', 'r', '4', 's', '5', 't', '6', 'u', '7', 'v', '8', 'w', '9', 'x', '+', 'y', '/', 'z'};
110 if ($type ne "verify")
112 if (scalar @ARGV > 1)
117 elsif (scalar @ARGV == 1)
127 if ($type eq "single")
131 elsif ($type eq "passthrough")
142 if (scalar @ARGV != 4)
147 my $mode = shift @ARGV;
148 my $hash_file = shift @ARGV;
149 my $in_file = shift @ARGV;
150 my $out_file = shift @ARGV;
154 open (IN
, "<", $hash_file) or die ("$hash_file: $!\n");
156 # clever ? the resulting database could be huge
157 # but we need some way to map lines in hashfile w/ cracks
158 # maybe rli2 way would be more clever (needs sorted input)
160 while (my $line = <IN
>)
162 $line =~ s/[\n\r]*$//;
164 $db->{$line} = undef;
169 verify
($mode, $db, $in_file, $out_file);
177 my $out_file = shift;
196 open (IN
, "<", $in_file) or die ("$in_file: $!\n");
197 open (OUT
, ">", $out_file) or die ("$out_file: $!\n");
201 my $base64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
202 my $itoa64_1 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
203 my $itoa64_2 = "./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
205 while (my $line = <IN
>)
212 # remember always do "exists ($db->{$hash_in})" checks as soon as possible and don't forget it
215 if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 190 || $mode == 200 || $mode == 300 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3000 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 5700 || $mode == 6000 || $mode == 6100 || $mode == 6900 || $mode == 8600 || $mode == 9900 || $mode == 10800 || $mode == 11500)
217 my $index = index ($line, ":");
221 $hash_in = substr ($line, 0, $index);
223 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
225 $word = substr ($line, $index + 1);
228 elsif ($mode == 10 || $mode == 11 || $mode == 12 || $mode == 20 || $mode == 21 || $mode == 22 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 112 || $mode == 120 || $mode == 121 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1100 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 2410 || $mode == 2611 || $mode == 2711 || $mode == 2811 || $mode == 3100 || $mode == 3610 || $mode == 3710 || $mode == 3720 || $mode == 3800 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 4900 || $mode == 5800 || $mode == 7600 || $mode == 8400 || $mode == 11000 || $mode == 12600)
231 my $index1 = index ($line, ":");
235 $hash_in = substr ($line, 0, $index1);
237 # identify lenghts of both salt and plain
239 my $salt_plain = substr ($line, $index1 + 1);
241 my $num_cols = () = $salt_plain =~ /:/g;
250 foreach (my $i = 0; $i < $num_cols; $i++)
252 $index2 = index ($salt_plain, ":", $start);
256 $start = $index2 + 1;
258 $salt = substr ($salt_plain, 0, $index2);
259 $word = substr ($salt_plain, $index2 + 1);
261 # can't be true w/ wrong $hash:$salt, otherwise the
262 # algo must have many collisions
264 if (exists ($db->{$hash_in . ":" . $salt}))
266 $hash_in = $hash_in . ":" . $salt;
272 next unless ($matched); # therefore: true == exists ($db->{$hash_in}
273 next unless (! defined ($db->{$hash_in}));
276 elsif ($mode == 2100)
279 my $index1 = index ($line, "\$DCC2\$");
281 next if $index1 != 0;
284 my $index2 = index ($line, "#", $index1 + 1);
288 $iter = substr ($line, $index1 + 6, $index2 - $index1 - 6);
291 $index1 = index ($line, "#");
295 $hash_in = substr ($line, 0, $index1 + 1);
297 # identify lenghts of both salt and plain
299 my $salt_plain = substr ($line, $index2 + 1);
301 my $num_cols = () = $salt_plain =~ /:/g;
311 foreach (my $i = 0; $i < $num_cols; $i++)
313 $index2 = index ($salt_plain, ":", $start);
317 $start = $index2 + 1;
319 $index3 = rindex ($salt_plain, "#", $index2);
321 $raw_hash = substr ($salt_plain, $index3 + 1, $index2 - $index3 - 1);
322 $salt = substr ($salt_plain, 0, $index3);
323 $word = substr ($salt_plain, $index2 + 1);
325 if (exists ($db->{$hash_in . $salt . "#" .$raw_hash}))
327 $hash_in = $hash_in . $salt . "#" . $raw_hash;
333 next unless ($matched); # therefore: true == exists ($db->{$hash_in}
334 next unless (! defined ($db->{$hash_in}));
336 # salt:hash guaranteed only : because of hex salt
337 elsif ($mode == 7300)
339 # split hash and plain
340 my $index1 = index ($line, ":");
344 $salt = substr ($line, 0, $index1);
346 $salt = pack ("H*", $salt);
348 my $rest = substr ($line, $index1 + 1);
350 my $index2 = index ($rest, ":");
354 $hash_in = substr ($rest, 0, $index2);
356 $word = substr ($rest, $index2 + 1);
358 next unless (exists ($db->{$salt . ":" . $hash_in}) and (! defined ($db->{$hash_in})));
361 elsif ($mode == 8100)
363 # split hash and plain
364 $salt = substr ($line, 1, 8);
366 my $rest = substr ($line, 1 + 8);
368 my $index2 = index ($rest, ":");
372 $hash_in = substr ($rest, 0, $index2);
374 $word = substr ($rest, $index2 + 1);
376 next unless (exists ($db->{"1" . $salt . $hash_in}) and (! defined ($db->{$hash_in})));
378 # base64 and salt embedded SSHA1, salt length = total lenght - 20
381 # split hash and plain
382 my $index = index ($line, ":");
386 $hash_in = substr ($line, 0, $index);
387 $word = substr ($line, $index + 1);
389 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
392 my $plain_base64 = substr ($hash_in, 6);
394 # base64 decode to extract salt
395 my $decoded = decode_base64
($plain_base64);
397 $salt = substr ($decoded, 20);
399 # base64 and salt embedded SSHA512, salt length = total length - 64
400 elsif ($mode == 1711)
402 # split hash and plain
403 my $index = index ($line, ":");
407 $hash_in = substr ($line, 0, $index);
408 $word = substr ($line, $index + 1);
410 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
413 my $plain_base64 = substr ($hash_in, 9);
415 # base64 decode to extract salt
416 my $decoded = decode_base64
($plain_base64);
418 $salt = substr ($decoded, 64);
420 # OSX (first 8 hex chars is salt)
421 elsif ($mode == 122 || $mode == 1722)
423 my $index = index ($line, ":");
427 $hash_in = substr ($line, 0, $index);
428 $word = substr ($line, $index + 1);
430 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
432 $salt = substr ($hash_in, 0, 8);
434 # MSSQL (2000, 2005 AND 2012), salt after version number
435 elsif ($mode == 131 || $mode == 132 || $mode == 1731)
437 my $index = index ($line, ":");
441 $hash_in = substr ($line, 0, $index);
442 $word = substr ($line, $index + 1);
444 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
446 $salt = substr ($hash_in, 6, 8);
449 elsif ($mode == 8000)
451 my $index = index ($line, ":");
455 $hash_in = substr ($line, 0, $index);
456 $word = substr ($line, $index + 1);
458 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
460 $salt = substr ($hash_in, 6, 16);
463 elsif ($mode == 141 || $mode == 1441)
465 my $index1 = index ($line, ":");
469 $hash_in = substr ($line, 0, $index1);
470 $word = substr ($line, $index1 + 1);
472 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
474 my $index2 = index ($line, "*", 14);
476 #extract salt from base64
477 my $plain_base64 = substr ($hash_in, 14, $index2 - 14);
479 $salt = decode_base64
($plain_base64);
481 # phpass (first 8 after $P$/$H$ -- or $S$ with drupal7)
482 elsif ($mode == 400 || $mode == 7900)
484 my $index = index ($line, ":");
488 $hash_in = substr ($line, 0, $index);
489 $word = substr ($line, $index + 1);
491 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
493 $salt = substr ($hash_in, 4, 8);
495 # iterations = 2 ^ cost (where cost == $iter)
496 $iter = index ($itoa64_1, substr ($hash_in, 3, 1));
498 # $something$[rounds=iter$]salt$ (get last $, then check iter)
499 elsif ($mode == 500 || $mode == 1600 || $mode == 1800 || $mode == 3300 || $mode == 7400)
501 my $index1 = index ($line, ":", 30);
505 $hash_in = substr ($line, 0, $index1);
506 $word = substr ($line, $index1 + 1);
508 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
510 $index1 = index ($hash_in, ",", 1);
511 my $index2 = index ($hash_in, "\$", 1);
515 if ($index1 < $index2)
521 $param = substr ($hash_in, $index2, 1);
525 # rounds= if available
528 if (substr ($hash_in, $index2, 7) eq "rounds=")
530 my $old_index = $index2;
532 $index2 = index ($hash_in, "\$", $index2 + 1);
536 $iter = substr ($hash_in, $old_index + 7, $index2 - $old_index - 7);
542 my $index3 = rindex ($hash_in, "\$");
546 $salt = substr ($hash_in, $index2, $index3 - $index2);
548 # descrypt (salt in first 2 char)
549 elsif ($mode == 1500)
551 my $index = index ($line, ":");
555 $hash_in = substr ($line, 0, $index);
556 $word = substr ($line, $index + 1);
558 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
560 $salt = substr ($hash_in, 0, 2);
562 # bcrypt $something$something$salt.hash
563 elsif ($mode == 3200)
565 my $index1 = index ($line, ":", 33);
569 $hash_in = substr ($line, 0, $index1);
570 $word = substr ($line, $index1 + 1);
572 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
574 my $index2 = index ($hash_in, "\$", 4);
576 $iter = substr ($hash_in, 4, $index2 - 4);
578 my $plain_base64 = substr ($hash_in, $index2 + 1, 22);
583 for (my $i = 0; $i < length ($plain_base64); $i++)
585 my $char = substr ($plain_base64, $i, 1);
586 $encoded .= substr ($base64, index ($itoa64_2, $char), 1);
589 $salt = decode_base64
($encoded);
592 elsif ($mode == 4800)
594 my $index1 = index ($line, ":");
598 my $index2 = index ($line, ":", $index1 + 1);
602 my $index3 = index ($line, ":", $index2 + 1);
606 $salt = substr ($line, $index1 + 1, $index3 - $index1 - 1);
608 $word = substr ($line, $index3 + 1);
610 $hash_in = substr ($line, 0, $index3);
613 elsif ($mode == 5300 || $mode == 5400)
615 my $num_cols = () = $line =~ /:/g;
617 next unless ($num_cols >= 9);
622 for (my $j = 0; $j < 9; $j++)
624 $index1 = index ($line, ":", $index1 + 1);
635 $word = substr ($line, $index1 + 1);
637 $hash_in = substr ($line, 0, $index1);
639 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
641 my $index2 = rindex ($line, ":", $index1 - 1);
643 $salt = substr ($line, 0, $index2);
646 elsif ($mode == 5500)
648 my $index1 = index ($line, "::");
652 my $index2 = index ($line, ":", $index1 + 2);
656 $index2 = index ($line, ":", $index2 + 1);
660 $salt = substr ($line, 0, $index2);
662 $index2 = index ($line, ":", $index2 + 1);
666 $salt .= substr ($line, $index2 + 1, 16);
668 $index2 = index ($line, ":", $index2 + 1);
672 $hash_in = substr ($line, 0, $index2);
674 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
676 $word = substr ($line, $index2 + 1);
679 elsif ($mode == 5600)
681 my $index1 = index ($line, "::");
685 my $index2 = index ($line, ":", $index1 + 2);
689 $index2 = index ($line, ":", $index2 + 1);
693 $salt = substr ($line, 0, $index2);
695 $index1 = index ($line, ":", $index2 + 1);
699 $index2 = index ($line, ":", $index1 + 1);
703 $salt .= substr ($line, $index1 + 1, $index2 - $index1 - 1);
705 $hash_in = substr ($line, 0, $index2);
707 # do it later on for this hash mode:
708 # next unless ((exists ($db->{$hash_in}) and (! defined ($db->{$hash_in}))) or (exists ($db->{$mod}) and (! defined ($db->{$mod}))));
710 $word = substr ($line, $index2 + 1);
712 # AIX smd5 something BRACE salt$
713 elsif ($mode == 6300)
715 my $index1 = index ($line, ":");
719 $hash_in = substr ($line, 0, $index1);
720 $word = substr ($line, $index1 + 1);
722 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
724 my $index2 = index ($hash_in, "}");
725 my $index3 = rindex ($hash_in, "\$");
727 $salt = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
729 # AIX: something$salt$ (no $ at position 1)
730 elsif ($mode == 6400 || $mode == 6500 || $mode == 6700)
732 my $index1 = index ($line, ":");
736 $hash_in = substr ($line, 0, $index1);
737 $word = substr ($line, $index1 + 1);
739 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
741 my $index2 = index ($hash_in, "}");
742 my $index3 = index ($hash_in, "\$");
743 my $index4 = rindex ($hash_in, "\$");
745 $salt = substr ($hash_in, $index3 + 1, $index4 - $index3 - 1);
747 $iter = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
749 # 1Password, agilekeychain
750 elsif ($mode == 6600)
752 my $num_cols = () = $line =~ /:/g;
754 next unless ($num_cols > 2);
756 my $index1 = index ($line, ":");
760 $iter = substr ($line, 0, $index1);
762 my $index2 = index ($line, ":", $index1 + 1);
766 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
768 $index1 = index ($line, ":", $index2 + 1);
772 $salt .= substr ($line, $index2 + 1, $index1 - $index2 - 33);
774 $hash_in = substr ($line, 0, $index1);
776 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
778 $word = substr ($line, $index1 + 1);
780 # 1Password, cloudkeychain
781 elsif ($mode == 8200)
783 my @datas = split (":", $line);
785 next if scalar @datas < 4;
787 my $hash = shift @datas;
788 $salt = shift @datas;
789 $iter = shift @datas;
790 my $data = shift @datas;
792 $hash_in = $hash . ":" . $salt . ":" . $iter . ":" . $data;
796 $word = join (":", @datas);
798 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
800 # lastpass (hash:iter:salt)
801 elsif ($mode == 6800)
803 my $index1 = index ($line, ":", 34);
807 $hash_in = substr ($line, 0, $index1);
809 # identify lenghts of both salt and plain
811 my $salt_plain = substr ($line, $index1 + 1);
813 my $num_cols = () = $salt_plain =~ /:/g;
822 foreach (my $i = 0; $i < $num_cols; $i++)
824 $index2 = index ($salt_plain, ":", $start);
828 $start = $index2 + 1;
830 $salt = substr ($salt_plain, 0, $index2);
831 $word = substr ($salt_plain, $index2 + 1);
833 # can't be true w/ wrong $hash:$salt, otherwise the
834 # algo must have many collisions
836 if (exists ($db->{$hash_in . ":" . $salt}))
838 $hash_in = $hash_in . ":" . $salt;
844 next unless ($matched); # therefore: true == exists ($db->{$hash_in}
845 next unless (! defined ($db->{$hash_in}));
847 $index1 = index ($hash_in, ":");
848 $index2 = index ($hash_in, ":", $index1 + 1);
850 $iter = substr ($hash_in, $index1 + 1, $index2 - $index1 - 1);
851 $salt = substr ($hash_in, $index2 + 1);
853 # OSX 10.* : $something$iter$salt$
854 elsif ($mode == 7100)
856 my $index1 = index ($line, ":");
860 $hash_in = substr ($line, 0, $index1);
861 $word = substr ($line, $index1 + 1);
863 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
865 my $index2 = index ($hash_in, "\$", 5);
869 my $index3 = index ($hash_in, "\$", $index2 + 1);
871 $salt = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
873 $iter = substr ($hash_in, 4, $index2 - 4);
875 next if (int ($iter) < 1);
877 # grub: something1.something2.something3.iter.salt.
878 elsif ($mode == 7200)
880 my $index1 = index ($line, ":");
884 $hash_in = substr ($line, 0, $index1);
885 $word = substr ($line, $index1 + 1);
887 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
889 my $index2 = index ($hash_in, ".", 19);
893 my $index3 = index ($hash_in, ".", $index2 + 1);
895 $salt = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
897 $iter = substr ($hash_in, 19, $index2 - 19);
899 next if (int ($iter) < 1);
901 # $something1$something2$something3$something4$salt$
902 elsif ($mode == 7500 )
904 my $index1 = index ($line, "\$", 11);
908 my $index2 = index ($line, "\$", $index1 + 1);
912 my $index3 = index ($line, "\$", $index2 + 1);
916 $index2 = index ($line, ":", $index3 + 1);
920 $hash_in = substr ($line, 0, $index2);
921 $word = substr ($line, $index2 + 1);
923 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
925 $salt = substr ($hash_in, 11, $index3 - 10);
926 $salt .= substr ($hash_in, $index2 - 32) . "\$\$";
927 $salt .= substr ($hash_in, $index3 + 1, $index2 - $index3 - 32 - 1);
930 elsif ($mode == 7700 || $mode == 7800)
932 my $index1 = index ($line, ":");
936 my @split1 = split (":", $line);
938 my @split2 = split ('\$', $split1[0]);
940 next unless scalar @split2 == 2;
942 $hash_in = $split1[0];
944 if (scalar @split1 > 1)
953 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
958 elsif ($mode == 8300)
960 my @datas = split (":", $line);
962 next if scalar @datas != 5;
967 ($hash, $domain, $salt, $iter, $word) = @datas;
969 $hash_in = $hash . ":" . $domain . ":" . $salt . ":" . $iter;
971 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
973 $salt = $domain . ":" . $salt;
976 elsif ($mode == 8500)
978 my @line_elements = split (":", $line);
980 next if scalar @line_elements < 2;
984 $hash_in = shift @line_elements;
986 $word = join (":", @line_elements);
990 my @hash_elements = split ('\*', $hash_in);
992 next unless ($hash_elements[0] eq '$racf$');
994 $salt = $hash_elements[1];
996 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
999 elsif ($mode == 8700)
1001 # split hash and plain
1002 my $index = index ($line, ":");
1006 $hash_in = substr ($line, 0, $index);
1007 $word = substr ($line, $index + 1);
1009 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1011 my $plain_base64 = substr ($hash_in, 2, -1);
1013 ($_, $salt, $param) = domino_decode
($plain_base64);
1016 elsif ($mode == 2612)
1018 next unless (substr ($line, 0, 6) eq '$PHPS$');
1021 my $index1 = index ($line, "\$", 6);
1023 next if $index1 < 1;
1025 $salt = substr ($line, 6, $index1 - 6);
1027 $salt = pack ("H*", $salt);
1029 my $index2 = index ($line, "\:", $index1 + 1);
1031 next if $index2 < 1;
1033 $word = substr ($line, $index2 + 1);
1035 $hash_in = substr ($line, 0, $index2);
1037 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1040 elsif ($mode == 3711)
1042 next unless (substr ($line, 0, 3) eq '$B$');
1045 my $index1 = index ($line, "\$", 3);
1047 next if $index1 < 1;
1049 $salt = substr ($line, 3, $index1 - 3);
1051 my $index2 = index ($line, ":", $index1 + 1);
1053 next if $index2 < 1;
1055 $word = substr ($line, $index2 + 1);
1057 $hash_in = substr ($line, 0, $index2);
1059 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1062 elsif ($mode == 8900)
1064 next unless (substr ($line, 0, 7) eq 'SCRYPT:');
1067 my $index1 = index ($line, ":", 7);
1069 next if $index1 < 1;
1072 my $N = substr ($line, 7, $index1 - 7);
1074 my $index2 = index ($line, ":", $index1 + 1);
1076 next if $index2 < 1;
1079 my $r = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1081 $index1 = index ($line, ":", $index2 + 1);
1083 next if $index1 < 1;
1086 my $p = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1092 $index2 = index ($line, ":", $index1 + 1);
1094 next if $index2 < 1;
1097 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1099 $salt = decode_base64
($salt);
1101 $index1 = index ($line, ":", $index2 + 1);
1103 next if $index1 < 1;
1107 $word = substr ($line, $index1 + 1);
1108 $hash_in = substr ($line, 0, $index1);
1110 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1113 elsif ($mode == 9100)
1115 # split hash and plain
1116 my $index = index ($line, ":");
1120 $hash_in = substr ($line, 0, $index);
1121 $word = substr ($line, $index + 1);
1123 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1125 my $base64_part = substr ($hash_in, 2, -1);
1127 ($_, $salt, $iter, $param) = domino_85x_decode
($base64_part);
1129 next if ($iter < 1);
1131 # Cisco $8$ - PBKDF2-HMAC-SHA256
1132 elsif ($mode == 9200)
1134 next unless (substr ($line, 0, 3) eq '$8$');
1137 my $index1 = index ($line, "\$", 3);
1139 next if $index1 != 17;
1141 my $index2 = index ($line, "\$", $index1 + 1);
1144 $salt = substr ($line, 3, $index1 - 3);
1146 $index1 = index ($line, ":", $index1 + 1);
1148 next if $index1 < 1;
1152 $word = substr ($line, $index1 + 1);
1153 $hash_in = substr ($line, 0, $index1);
1155 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1157 # Cisco $9$ - scrypt
1158 elsif ($mode == 9300)
1160 next unless (substr ($line, 0, 3) eq '$9$');
1163 my $index1 = index ($line, "\$", 3);
1165 next if $index1 != 17;
1167 my $index2 = index ($line, "\$", $index1 + 1);
1170 $salt = substr ($line, 3, $index1 - 3);
1172 $index1 = index ($line, ":", $index1 + 1);
1174 next if $index1 < 1;
1178 $word = substr ($line, $index1 + 1);
1179 $hash_in = substr ($line, 0, $index1);
1181 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1184 elsif ($mode == 9400)
1186 ($hash_in, $word) = split ":", $line;
1188 next unless defined $hash_in;
1189 next unless defined $word;
1191 my @data = split /\*/, $hash_in;
1193 next unless scalar @data == 8;
1195 next unless (shift @data eq '$office$');
1196 next unless (shift @data eq '2007');
1197 next unless (shift @data eq '20');
1199 my $aes_key_size = shift @data;
1201 next unless (($aes_key_size eq '128') || ($aes_key_size eq '256'));
1202 next unless (shift @data eq '16');
1204 next unless (length $data[0] == 32);
1205 next unless (length $data[1] == 32);
1206 next unless (length $data[2] == 40);
1208 $salt = shift @data;
1209 $param = shift @data;
1210 $param2 = $aes_key_size;
1212 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1215 elsif ($mode == 9500)
1217 ($hash_in, $word) = split ":", $line;
1219 next unless defined $hash_in;
1220 next unless defined $word;
1222 my @data = split /\*/, $hash_in;
1224 next unless scalar @data == 8;
1226 next unless (shift @data eq '$office$');
1227 next unless (shift @data eq '2010');
1228 next unless (shift @data eq '100000');
1229 next unless (shift @data eq '128');
1230 next unless (shift @data eq '16');
1232 next unless (length $data[0] == 32);
1233 next unless (length $data[1] == 32);
1234 next unless (length $data[2] == 64);
1236 $salt = shift @data;
1237 $param = shift @data;
1239 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1242 elsif ($mode == 9600)
1244 ($hash_in, $word) = split ":", $line;
1246 next unless defined $hash_in;
1247 next unless defined $word;
1249 my @data = split /\*/, $hash_in;
1251 next unless scalar @data == 8;
1253 next unless (shift @data eq '$office$');
1254 next unless (shift @data eq '2013');
1255 next unless (shift @data eq '100000');
1256 next unless (shift @data eq '256');
1257 next unless (shift @data eq '16');
1259 next unless (length $data[0] == 32);
1260 next unless (length $data[1] == 32);
1261 next unless (length $data[2] == 64);
1263 $salt = shift @data;
1264 $param = shift @data;
1266 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1269 elsif ($mode == 9700)
1271 ($hash_in, $word) = split ":", $line;
1273 next unless defined $hash_in;
1274 next unless defined $word;
1276 my @data = split /\*/, $hash_in;
1278 next unless scalar @data == 4;
1280 my $signature = shift @data;
1282 next unless (($signature eq '$oldoffice$0') || ($signature eq '$oldoffice$1'));
1284 next unless (length $data[0] == 32);
1285 next unless (length $data[1] == 32);
1286 next unless (length $data[2] == 32);
1288 $salt = shift @data;
1289 $param = shift @data;
1290 $param2 = substr ($signature, 11, 1);
1292 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1295 elsif ($mode == 9800)
1297 ($hash_in, $word) = split ":", $line;
1299 next unless defined $hash_in;
1300 next unless defined $word;
1302 my @data = split /\*/, $hash_in;
1304 next unless scalar @data == 4;
1306 my $signature = shift @data;
1308 next unless (($signature eq '$oldoffice$3') || ($signature eq '$oldoffice$4'));
1310 next unless (length $data[0] == 32);
1311 next unless (length $data[1] == 32);
1312 next unless (length $data[2] == 40);
1314 $salt = shift @data;
1315 $param = shift @data;
1316 $param2 = substr ($signature, 11, 1);
1318 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1320 # Django (PBKDF2-SHA256)
1321 elsif ($mode == 10000)
1323 next unless (substr ($line, 0, 14) eq 'pbkdf2_sha256$');
1326 my $index1 = index ($line, "\$", 14);
1328 next if $index1 < 1;
1330 my $index2 = index ($line, "\$", $index1 + 1);
1334 $iter = substr ($line, 14, $index1 - 14);
1338 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1342 $index1 = index ($line, ":", $index2 + 1);
1344 next if $index1 < 1;
1346 $word = substr ($line, $index1 + 1);
1347 $hash_in = substr ($line, 0, $index1);
1349 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1352 elsif ($mode == 10100)
1356 ($hash, undef, undef, $salt, $word) = split ":", $line;
1358 next unless defined $hash;
1359 next unless defined $salt;
1360 next unless defined $word;
1362 next unless (length $hash == 16);
1363 next unless (length $salt == 32);
1365 my $hash_in = sprintf ("%s:2:4:%s", $hash, $salt);
1367 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1370 elsif ($mode == 10200)
1372 next unless (substr ($line, 0, 10) eq '$cram_md5$');
1375 my $index1 = index ($line, "\$", 10);
1377 next if $index1 < 1;
1381 my $challengeb64 = substr ($line, 10, $index1 - 10);
1382 $salt = decode_base64
($challengeb64);
1386 my $index2 = index ($line, ":", $index1 + 1);
1388 next if $index2 < 1;
1390 my $responseb64 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1391 my $response = decode_base64
($responseb64);
1393 $param = substr ($response, 0, length ($response) - 32 - 1); # -1 is for space
1395 $word = substr ($line, $index2 + 1);
1396 $hash_in = substr ($line, 0, $index2);
1398 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1400 # SAP CODVN H (PWDSALTEDHASH) iSSHA-1
1401 elsif ($mode == 10300)
1403 next unless (substr ($line, 0, 10) eq '{x-issha, ');
1407 my $index1 = index ($line, "}", 10);
1409 next if $index1 < 1;
1411 $iter = substr ($line, 10, $index1 - 10);
1413 $iter = int ($iter);
1417 my $base64_encoded = substr ($line, $index1 + 1);
1418 my $base64_decoded = decode_base64
($base64_encoded);
1420 $salt = substr ($base64_decoded, 20);
1422 my $index2 = index ($line, ":", $index1 + 1);
1424 next if $index2 < 1;
1426 $word = substr ($line, $index2 + 1);
1427 $hash_in = substr ($line, 0, $index2);
1429 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1431 # PDF 1.1 - 1.3 (Acrobat 2 - 4)
1432 elsif ($mode == 10400)
1434 ($hash_in, $word) = split ":", $line;
1436 next unless defined $hash_in;
1437 next unless defined $word;
1439 my @data = split /\*/, $hash_in;
1441 next unless scalar @data == 11;
1443 next unless (shift @data eq '$pdf$1');
1444 next unless (shift @data eq '2');
1445 next unless (shift @data eq '40');
1446 my $P = shift @data;
1447 next unless (shift @data eq '0');
1448 next unless (shift @data eq '16');
1449 my $id = shift @data;
1450 next unless (shift @data eq '32');
1451 my $u = shift @data;
1452 next unless (shift @data eq '32');
1453 my $o = shift @data;
1460 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1462 # PDF 1.4 - 1.6 (Acrobat 5 - 8)
1463 elsif ($mode == 10500)
1465 ($hash_in, $word) = split ":", $line;
1467 next unless defined $hash_in;
1468 next unless defined $word;
1470 my @data = split /\*/, $hash_in;
1472 next unless scalar @data == 11;
1474 my $V = shift @data; $V = substr ($V, 5, 1);
1475 my $R = shift @data;
1476 next unless (shift @data eq '128');
1477 my $P = shift @data;
1478 my $enc = shift @data;
1479 next unless (shift @data eq '16');
1480 my $id = shift @data;
1481 next unless (shift @data eq '32');
1482 my $u = shift @data;
1483 next unless (shift @data eq '32');
1484 my $o = shift @data;
1494 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1496 # PDF 1.7 Level 3 (Acrobat 9)
1497 elsif ($mode == 10600)
1499 ($hash_in, $word) = split ":", $line;
1501 next unless defined $hash_in;
1502 next unless defined $word;
1504 my @data = split /\*/, $hash_in;
1506 next unless scalar @data >= 11;
1508 next unless (shift @data eq '$pdf$5');
1509 next unless (shift @data eq '5');
1510 next unless (shift @data eq '256');
1511 next unless (shift @data eq '-1028');
1512 next unless (shift @data eq '1');
1513 next unless (shift @data eq '16');
1514 my $id = shift @data;
1515 my $rest = join "*", @data;
1520 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1522 # PDF 1.7 Level 8 (Acrobat 10 - 11)
1523 elsif ($mode == 10700)
1525 ($hash_in, $word) = split ":", $line;
1527 next unless defined $hash_in;
1528 next unless defined $word;
1530 my @data = split /\*/, $hash_in;
1532 next unless scalar @data >= 11;
1534 next unless (shift @data eq '$pdf$5');
1535 next unless (shift @data eq '6');
1536 next unless (shift @data eq '256');
1537 next unless (shift @data eq '-1028');
1538 next unless (shift @data eq '1');
1539 next unless (shift @data eq '16');
1540 my $id = shift @data;
1541 my $rest = join "*", @data;
1546 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1548 # PBKDF2-HMAC-SHA256
1549 elsif ($mode == 10900)
1551 next unless (substr ($line, 0, 7) eq 'sha256:');
1554 my $index1 = index ($line, ":", 7);
1556 next if $index1 < 1;
1558 $iter = substr ($line, 7, $index1 - 7);
1562 my $index2 = index ($line, ":", $index1 + 1);
1564 next if $index2 < 1;
1566 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1568 $salt = decode_base64
($salt);
1572 $index1 = index ($line, ":", $index2 + 1);
1574 next if $index1 < 1;
1576 # additional param = output len of pbkdf2
1578 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1580 my $digest = decode_base64
($digest64_encoded);
1582 $param = length ($digest);
1586 $word = substr ($line, $index1 + 1);
1587 $hash_in = substr ($line, 0, $index1);
1589 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1591 # PostgreSQL MD5 Authentication
1592 elsif ($mode == 11100)
1594 next unless (substr ($line, 0, 10) eq '$postgres$');
1596 my $index1 = index ($line, "*", 10);
1598 next if $index1 < 1;
1602 $param = substr ($line, 10, $index1 - 10);
1604 # get the 4 byte salt
1606 my $index2 = index ($line, "*", $index1 + 1);
1608 next if $index2 < 1;
1610 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1614 $index1 = index ($line, ":", $index2 + 1);
1616 next if $index1 < 1;
1618 $word = substr ($line, $index1 + 1);
1619 $hash_in = substr ($line, 0, $index1);
1621 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1623 # MySQL MD5 Authentication
1624 elsif ($mode == 11200)
1626 next unless (substr ($line, 0, 9) eq '$mysqlna$');
1628 my $index1 = index ($line, "*", 9);
1630 next if $index1 < 1;
1634 $salt = substr ($line, 9, $index1 - 9);
1638 $index1 = index ($line, ":", $index1 + 1);
1640 next if $index1 < 1;
1642 $word = substr ($line, $index1 + 1);
1643 $hash_in = substr ($line, 0, $index1);
1645 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1648 elsif ($mode == 2500)
1650 print "ERROR: verify currently not supported for WPA/WPA2 (because of oclHashcat's output format)\n";
1654 # Bitcoin/Litecoin wallet.dat
1655 elsif ($mode == 11300)
1657 print "ERROR: verify currently not supported for Bitcoin/Litecoin wallet.dat because of unknown crypt data\n";
1661 # SIP digest authentication (MD5)
1662 elsif ($mode == 11400)
1664 next unless (substr ($line, 0, 6) eq '$sip$*');
1668 my $index1 = index ($line, "*", 6);
1670 next if $index1 < 0;
1672 $param10 = substr ($line, 6, $index1 - 6);
1674 next if (length ($param10) > 32);
1678 my $index2 = index ($line, "*", $index1 + 1);
1680 next if $index2 < 0;
1682 $param11 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1684 next if (length ($param11) > 32);
1688 $index1 = index ($line, "*", $index2 + 1);
1690 next if $index1 < 0;
1692 $param = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1694 next if (length ($param) > 12);
1698 $index2 = index ($line, "*", $index1 + 1);
1700 next if $index2 < 0;
1702 $param2 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1704 next if (length ($param2) > 20);
1708 $index1 = index ($line, "*", $index2 + 1);
1710 next if $index1 < 0;
1712 $param6 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1714 next if (length ($param6) > 24);
1718 $index2 = index ($line, "*", $index1 + 1);
1720 next if $index2 < 0;
1722 $param7 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1724 next if (length ($param7) > 10);
1728 $index1 = index ($line, "*", $index2 + 1);
1730 next if $index1 < 0;
1732 $param8 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1734 next if (length ($param8) > 32);
1738 $index2 = index ($line, "*", $index1 + 1);
1740 next if $index2 < 0;
1742 $param9 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1744 next if (length ($param9) > 32);
1748 $index1 = index ($line, "*", $index2 + 1);
1750 next if $index1 < 0;
1752 $salt = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1754 next if (length ($salt) > 34);
1758 $index2 = index ($line, "*", $index1 + 1);
1760 next if $index2 < 0;
1762 $param4 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1764 next if (length ($param4) > 12);
1768 $index1 = index ($line, "*", $index2 + 1);
1770 next if $index1 < 0;
1772 $param3 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1774 next if (length ($param3) > 10);
1778 $index2 = index ($line, "*", $index1 + 1);
1780 next if $index2 < 0;
1782 $param5 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1784 next if (length ($param5) > 8);
1788 $index1 = index ($line, "*", $index2 + 1);
1790 next if $index1 < 0;
1792 my $directive = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1794 next unless ($directive eq "MD5");
1798 $index2 = index ($line, ":", $index1 + 1);
1800 next if $index2 < 0;
1802 my $hex_digest = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1804 next unless (length ($hex_digest) == 32);
1806 $word = substr ($line, $index2 + 1);
1807 $hash_in = substr ($line, 0, $index2);
1809 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1812 elsif ($mode == 11600)
1814 next unless (substr ($line, 0, 4) eq '$7z$');
1818 my $index1 = index ($line, '$', 4);
1820 next if $index1 < 0;
1822 my $p = substr ($line, 4, $index1 - 4);
1824 next unless ($p eq "0");
1828 my $index2 = index ($line, '$', $index1 + 1);
1830 next if $index2 < 0;
1832 $iter = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1834 # seven zip salt length
1836 $index1 = index ($line, '$', $index2 + 1);
1838 next if $index1 < 0;
1840 $param = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1844 $index2 = index ($line, '$', $index1 + 1);
1846 next if $index2 < 0;
1848 $param2 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1852 $index1 = index ($line, '$', $index2 + 1);
1854 next if $index1 < 0;
1856 $param3 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1860 $index2 = index ($line, '$', $index1 + 1);
1862 next if $index2 < 0;
1864 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1866 $salt = pack ("H*", $salt);
1870 $index1 = index ($line, '$', $index2 + 1);
1872 next if $index1 < 0;
1874 my $crc = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1876 # ignore this crc, we don't need to pass it to gen_hash ()
1880 $index2 = index ($line, '$', $index1 + 1);
1882 next if $index2 < 0;
1884 $param4 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1888 $index1 = index ($line, '$', $index2 + 1);
1890 next if $index1 < 0;
1892 $param5 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1896 $index2 = index ($line, ':', $index1 + 1);
1898 next if $index2 < 0;
1900 $param6 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1901 $param6 = pack ("H*", $param6);
1903 $word = substr ($line, $index2 + 1);
1904 $hash_in = substr ($line, 0, $index2);
1906 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1909 elsif ($mode == 11900)
1911 next unless (substr ($line, 0, 4) eq 'md5:');
1914 my $index1 = index ($line, ":", 4);
1916 next if $index1 < 1;
1918 $iter = substr ($line, 4, $index1 - 4);
1922 my $index2 = index ($line, ":", $index1 + 1);
1924 next if $index2 < 1;
1926 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1928 $salt = decode_base64
($salt);
1932 $index1 = index ($line, ":", $index2 + 1);
1934 next if $index1 < 1;
1936 # additional param = output len of pbkdf2
1938 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1940 my $digest = decode_base64
($digest64_encoded);
1942 $param = length ($digest);
1946 $word = substr ($line, $index1 + 1);
1947 $hash_in = substr ($line, 0, $index1);
1949 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1952 elsif ($mode == 12000)
1954 next unless (substr ($line, 0, 5) eq 'sha1:');
1957 my $index1 = index ($line, ":", 5);
1959 next if $index1 < 1;
1961 $iter = substr ($line, 5, $index1 - 5);
1965 my $index2 = index ($line, ":", $index1 + 1);
1967 next if $index2 < 1;
1969 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1971 $salt = decode_base64
($salt);
1975 $index1 = index ($line, ":", $index2 + 1);
1977 next if $index1 < 1;
1979 # additional param = output len of pbkdf2
1981 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1983 my $digest = decode_base64
($digest64_encoded);
1985 $param = length ($digest);
1989 $word = substr ($line, $index1 + 1);
1990 $hash_in = substr ($line, 0, $index1);
1992 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1994 # PBKDF2-HMAC-SHA512
1995 elsif ($mode == 12100)
1997 next unless (substr ($line, 0, 7) eq 'sha512:');
2000 my $index1 = index ($line, ":", 7);
2002 next if $index1 < 1;
2004 $iter = substr ($line, 7, $index1 - 7);
2008 my $index2 = index ($line, ":", $index1 + 1);
2010 next if $index2 < 1;
2012 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
2014 $salt = decode_base64
($salt);
2018 $index1 = index ($line, ":", $index2 + 1);
2020 next if $index1 < 1;
2022 # additional param = output len of pbkdf2
2024 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
2026 my $digest = decode_base64
($digest64_encoded);
2028 $param = length ($digest);
2032 $word = substr ($line, $index1 + 1);
2033 $hash_in = substr ($line, 0, $index1);
2035 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2038 elsif ($mode == 12200)
2040 next unless (substr ($line, 0, 12) eq '$ecryptfs$0$');
2042 # check if default salt
2046 $param = 0 if (substr ($line, 12, 2) eq '1$');
2054 if ($param == 0) # we need to extract the salt
2056 $index1 = index ($line, '$', $index1);
2058 next if $index1 < 1;
2060 my $index2 = index ($line, '$', $index1 + 1);
2062 next if $index2 < 1;
2064 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
2069 $index1 = index ($line, ':', $index1 + 1);
2071 next if $index1 < 1;
2075 $word = substr ($line, $index1 + 1);
2076 $hash_in = substr ($line, 0, $index1);
2078 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2080 # Oracle T: Type (Oracle 12+)
2081 elsif ($mode == 12300)
2083 my $index1 = index ($line, ':');
2085 next if ($index1 != 160);
2089 $salt = substr ($line, 128, 32);
2093 $word = substr ($line, $index1 + 1);
2094 $hash_in = substr ($line, 0, $index1);
2096 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2098 # BSDiCrypt, Extended DES
2099 elsif ($mode == 12400)
2101 next unless (substr ($line, 0, 1) eq '_');
2103 my $index1 = index ($line, ':', 20);
2105 next if ($index1 != 20);
2109 $iter = substr ($line, 1, 4);
2111 $iter = base64_to_int24
($iter);
2115 $salt = substr ($line, 5, 4);
2119 $word = substr ($line, $index1 + 1);
2120 $hash_in = substr ($line, 0, $index1);
2122 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2124 # Blockchain, My Wallet
2125 elsif ($mode == 12700)
2127 my $index1 = index ($line, ':');
2129 next if ($index1 < 0);
2131 $hash_in = substr ($line, 0, $index1);
2132 $word = substr ($line, $index1 + 1);
2134 my (undef, $signature, $data_len, $data_buf) = split '\$', $hash_in;
2136 next unless ($signature eq "blockchain");
2138 next unless (($data_len * 2) == length $data_buf);
2140 $salt = substr ($data_buf, 0, 32);
2141 $param = substr ($data_buf, 32);
2143 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2145 elsif ($mode == 12800)
2147 ($hash_in, $word) = split ":", $line;
2149 next unless defined $hash_in;
2150 next unless defined $word;
2152 my @data = split /\,/, $hash_in;
2154 next unless scalar @data == 4;
2156 next unless (shift @data eq 'v1;PPH1_MD4');
2158 $salt = shift @data;
2159 $iter = shift @data;
2161 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2165 print "ERROR: hash mode is not supported\n";
2170 if ($word =~ m/^\$HEX\[[0-9a-fA-F]*\]$/)
2172 $word = pack ("H*", substr ($word, 5, -1));
2175 # finally generate the hash
2180 # check both variations
2181 $hash_out = gen_hash
($mode, $word, $salt, $iter, 1);
2183 $len = length $hash_out; # == length $alternative
2185 if (substr ($line, 0, $len) ne $hash_out)
2187 my $alternative = gen_hash
($mode, $word, $salt, $iter, 2);
2189 return unless (substr ($line, 0, $len) eq $alternative);
2192 elsif ($mode == 8700)
2194 $hash_out = gen_hash
($mode, $word, $salt, 0, $param);
2196 $len = length $hash_out;
2198 return unless (substr ($line, 0, $len) eq $hash_out);
2200 elsif ($mode == 8900)
2202 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2, $param3);
2204 $len = length $hash_out;
2206 return unless (substr ($line, 0, $len) eq $hash_out);
2208 elsif ($mode == 9100)
2210 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2212 $len = length $hash_out;
2214 return unless (substr ($line, 0, $len) eq $hash_out);
2216 elsif ($mode == 190)
2218 $hash_out = gen_hash
($mode, $word, $salt, $iter, 0);
2220 $len = length $hash_out; # == length $alternative
2222 if (substr ($line, 0, $len) ne $hash_out)
2224 my $alternative = gen_hash
($mode, $word, $salt, $iter, 1);
2226 return unless (substr ($line, 0, $len) eq $alternative);
2229 elsif ($mode == 3300)
2231 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2233 $len = length $hash_out;
2235 return unless (substr ($line, 0, $len) eq $hash_out);
2237 elsif ($mode == 5100)
2239 # check 3 variants (start, middle, end)
2243 $hash_out = gen_hash
($mode, $word, $salt, $iter, $idx++);
2245 $len = length $hash_out; # == length $alternative
2247 if (substr ($line, 0, $len) ne $hash_out)
2249 my $alternative = gen_hash
($mode, $word, $salt, $iter, $idx++);
2251 if (substr ($line, 0, $len) ne $alternative)
2253 my $alternative = gen_hash
($mode, $word, $salt, $iter, $idx++);
2255 return unless (substr ($line, 0, $len) eq $alternative);
2259 elsif ($mode == 9400)
2261 $hash_out = gen_hash
($mode, $word, $salt, 50000, $param, $param2);
2263 $len = length $hash_out;
2265 return unless (substr ($line, 0, $len) eq $hash_out);
2267 elsif ($mode == 9500)
2269 $hash_out = gen_hash
($mode, $word, $salt, 100000, $param);
2271 $len = length $hash_out;
2273 return unless (substr ($line, 0, $len) eq $hash_out);
2275 elsif ($mode == 9600)
2277 $hash_out = gen_hash
($mode, $word, $salt, 100000, $param);
2279 $len = length $hash_out;
2281 return unless (substr ($line, 0, $len) eq $hash_out);
2283 elsif ($mode == 9700)
2285 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2);
2287 $len = length $hash_out;
2289 return unless (substr ($line, 0, $len) eq $hash_out);
2291 elsif ($mode == 9800)
2293 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2);
2295 $len = length $hash_out;
2297 return unless (substr ($line, 0, $len) eq $hash_out);
2299 elsif ($mode == 10400)
2301 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2, $param3);
2303 $len = length $hash_out;
2305 return unless (substr ($line, 0, $len) eq $hash_out);
2307 elsif ($mode == 10500)
2309 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2, $param3, $param4, $param5, $param6);
2311 $len = length $hash_out;
2313 return unless (substr ($line, 0, $len) eq $hash_out);
2315 elsif ($mode == 10600)
2317 $hash_out = gen_hash
($mode, $word, $salt, 0, $param);
2319 $len = length $hash_out;
2321 return unless (substr ($line, 0, $len) eq $hash_out);
2323 elsif ($mode == 10700)
2325 $hash_out = gen_hash
($mode, $word, $salt, 0, $param);
2327 $len = length $hash_out;
2329 return unless (substr ($line, 0, $len) eq $hash_out);
2331 elsif ($mode == 10900)
2333 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2335 $len = length $hash_out;
2337 return unless (substr ($line, 0, $len) eq $hash_out);
2339 elsif ($mode == 11100)
2341 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2343 $len = length $hash_out;
2345 return unless (substr ($line, 0, $len) eq $hash_out);
2347 elsif ($mode == 11400)
2349 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param, $param2, $param3, $param4, $param5, $param6, $param7, $param8, $param9, $param10, $param11);
2351 $len = length $hash_out;
2353 return unless (substr ($line, 0, $len) eq $hash_out);
2355 elsif ($mode == 11600)
2357 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param, $param2, $param3, $param4, $param5, $param6);
2359 $len = length $hash_out;
2361 return unless (substr ($line, 0, $len) eq $hash_out);
2363 elsif ($mode == 11900)
2365 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2367 $len = length $hash_out;
2369 return unless (substr ($line, 0, $len) eq $hash_out);
2371 elsif ($mode == 12000)
2373 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2375 $len = length $hash_out;
2377 return unless (substr ($line, 0, $len) eq $hash_out);
2379 elsif ($mode == 12100)
2381 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2383 $len = length $hash_out;
2385 return unless (substr ($line, 0, $len) eq $hash_out);
2387 elsif ($mode == 12200)
2389 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2391 $len = length $hash_out;
2393 return unless (substr ($line, 0, $len) eq $hash_out);
2395 elsif ($mode == 12700)
2397 # this is very special, we can't call gen_hash () because the param part is not always the same
2398 # we only know that it should contain the letters "guid" at the beginning of the decryted string
2400 my $pbkdf2 = Crypt
::PBKDF2
->new (
2401 hash_class
=> 'HMACSHA1',
2406 my $salt_bin = pack ("H*", $salt);
2408 my $key = $pbkdf2->PBKDF2 ($salt_bin, $word);
2410 my $cipher = Crypt
::CBC
->new({
2412 cipher
=> "Crypt::Rijndael",
2419 my $param_bin = pack ("H*", $param);
2421 my $decrypted = $cipher->decrypt ($param_bin);
2423 my $decrypted_part = substr ($decrypted, 1, 16);
2425 return unless ($decrypted_part =~ /"guid"/);
2427 $hash_out = $hash_in;
2431 $hash_out = gen_hash
($mode, $word, $salt, $iter);
2433 $len = length $hash_out;
2438 # allow $P$ and $H$ for -m 400
2439 next unless (substr ($line, 3, $len - 3) eq substr ($hash_out, 3));
2441 elsif ($mode == 5600)
2443 # oclHashcat outputs the user name always upper-case, we need
2444 next unless (substr ($line, 0, $len) eq $hash_out);
2448 my $hash_out_lower = lc ($hash_out);
2450 for my $key (keys %{$db})
2452 if (lc ($key) eq $hash_out_lower)
2464 next unless (substr ($line, 0, $len) eq $hash_out);
2468 # do not forget "exists ($db->$hash_out)" should be done above!
2469 $db->{$hash_out} = $word;
2470 print OUT
$line . "\n";
2479 my $mode = shift || 0;
2481 while (my $word_buf = <>)
2485 next if length ($word_buf) > 31;
2493 for (my $i = 0; $i < 256; $i++)
2495 my $c = get_random_chr
(0x30, 0x39);
2497 push (@salt_arr, $c);
2500 my $salt_buf = join ("", @salt_arr);
2508 if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 190 || $mode == 200 || $mode == 300 || $mode == 600 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 6000 || $mode == 6100 || $mode == 6900 || $mode == 5700 || $mode == 9900 || $mode == 10800 || $mode == 11500)
2510 $tmp_hash = gen_hash
($mode, $word_buf, "");
2512 elsif ($mode == 10 || $mode == 20 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 120 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1711 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 3610 || $mode == 3710 || $mode == 3711 || $mode == 3720 || $mode == 3800 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 4900 || $mode == 8900 || $mode == 10000 || $mode == 10200 || $mode == 10900 || $mode == 11900 || $mode == 12000 || $mode == 12100)
2514 my $salt_len = get_random_num
(1, 15);
2516 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2518 elsif ($mode == 11 || $mode == 12 || $mode == 7600 || $mode == 12300)
2520 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
2524 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 2));
2528 my $salt_len = get_random_num
(1, 11);
2530 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2532 elsif ($mode == 111 || $mode == 122 || $mode == 131 || $mode == 132 || $mode == 400 || $mode == 500 || $mode == 1600 || $mode == 1722 || $mode == 1731 || $mode == 1800 || $mode == 6300 || $mode == 7900 || $mode == 8100 || $mode == 11100)
2534 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 8));
2536 elsif ($mode == 112)
2538 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 20));
2540 elsif ($mode == 121)
2542 my $salt_len = get_random_num
(1, 9);
2544 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2546 elsif ($mode == 141 || $mode == 1441)
2548 my $salt_len = get_random_num
(1, 15);
2550 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2552 elsif ($mode == 1100)
2554 my $salt_len = get_random_num
(1, 19);
2556 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2558 elsif ($mode == 1500)
2560 next if length ($word_buf) > 8;
2562 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 2));
2564 elsif ($mode == 2100)
2566 next if length ($word_buf) > 13;
2568 my $salt_len = get_random_num
(1, 19);
2570 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2572 elsif ($mode == 2410)
2574 next if length ($word_buf) > 15;
2576 my $salt_len = get_random_num
(1, 15);
2578 my $word_len = length ($word_buf);
2580 $salt_len = min
($salt_len, 15 - $word_len);
2582 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2584 elsif ($mode == 2500)
2586 next if length ($word_buf) < 8;
2588 my $salt_len = get_random_num
(0, 32);
2590 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2592 elsif ($mode == 2611)
2594 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 3));
2596 elsif ($mode == 2612)
2598 my $salt_len = get_random_num
(1, 22);
2600 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2602 elsif ($mode == 2711)
2604 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 30));
2606 elsif ($mode == 2811)
2608 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 5));
2610 elsif ($mode == 3000)
2612 next if length ($word_buf) > 7;
2614 $tmp_hash = gen_hash
($mode, $word_buf, "");
2616 elsif ($mode == 3100)
2618 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 10));
2620 elsif ($mode == 3200 || $mode == 5800 || $mode == 6400 || $mode == 6500 || $mode == 6700 || $mode == 7400 || $mode == 3300 || $mode == 8000 || $mode == 9100 || $mode == 12200)
2622 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 16));
2624 elsif ($mode == 3800 || $mode == 4900)
2626 my $salt_len = get_random_num
(1, 11);
2628 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2630 elsif ($mode == 4800)
2632 $salt_buf = get_random_md5chap_salt
(substr ($salt_buf, 0, 16));
2634 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2636 elsif ($mode == 5300 || $mode == 5400)
2638 $salt_buf = get_random_ike_salt
();
2640 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2642 elsif ($mode == 5500)
2644 my $user_len = get_random_num
(0, 15);
2645 my $domain_len = get_random_num
(0, 15);
2647 $salt_buf = get_random_netntlmv1_salt
($user_len, $domain_len);
2649 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2651 elsif ($mode == 5600)
2653 my $user_len = get_random_num
(0, 15);
2654 my $domain_len = get_random_num
(0, 15);
2656 $salt_buf = get_random_netntlmv2_salt
($user_len, $domain_len);
2658 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2660 elsif ($mode == 6600)
2662 $salt_buf = get_random_agilekeychain_salt
();
2664 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2666 elsif ($mode == 6800)
2668 my $email_len = get_random_num
(1, 15);
2672 for (my $i = 0; $i < $email_len; $i++)
2674 $email .= get_random_chr
(0x61, 0x7a);
2677 $email .= '@trash-mail.com';
2679 $tmp_hash = gen_hash
($mode, $word_buf, $email);
2681 elsif ($mode == 7100)
2683 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 64));
2685 elsif ($mode == 7200)
2687 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 128));
2689 elsif ($mode == 7300)
2691 my $salt_len = get_random_num
(32, 256);
2693 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2695 elsif ($mode == 7500)
2697 $salt_buf = get_random_kerberos5_salt
(substr ($salt_buf, 0, 16));
2699 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2701 elsif ($mode == 7700)
2703 next if length ($word_buf) > 8;
2705 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 12));
2707 elsif ($mode == 7800)
2709 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 12));
2711 elsif ($mode == 8200)
2713 $salt_buf = get_random_cloudkeychain_salt
();
2715 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2717 elsif ($mode == 8300)
2719 $salt_buf = get_random_dnssec_salt
();
2721 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2723 elsif ($mode == 8400 || $mode == 11200)
2725 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 40));
2727 elsif ($mode == 8500)
2729 next if length ($word_buf) > 8;
2731 my $salt_len = get_random_num
(1, 9);
2733 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2735 elsif ($mode == 8600)
2737 next if length ($word_buf) > 16;
2739 $tmp_hash = gen_hash
($mode, $word_buf, "");
2741 elsif ($mode == 8700)
2743 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 5));
2745 elsif ($mode == 9200 || $mode == 9300)
2749 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2751 elsif ($mode == 9400 || $mode == 9500 || $mode == 9600 || $mode == 9700 || $mode == 9800)
2753 next if length ($word_buf) > 19;
2757 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2759 elsif ($mode == 10100)
2761 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
2763 elsif ($mode == 10300)
2765 my $salt_len = get_random_num
(4, 15);
2767 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2769 elsif ($mode == 10400)
2771 next if length ($word_buf) > 31;
2775 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2777 elsif ($mode == 10500)
2779 next if length ($word_buf) > 15;
2783 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2785 elsif ($mode == 10600)
2787 next if length ($word_buf) > 31;
2791 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2793 elsif ($mode == 10700)
2795 next if length ($word_buf) > 15;
2799 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2801 elsif ($mode == 11000)
2803 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 56));
2805 elsif ($mode == 11300)
2807 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 16));
2809 elsif ($mode == 11400)
2811 next if length ($word_buf) > 24;
2813 my $salt_len = get_random_num
(1, 15);
2815 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2817 elsif ($mode == 11600)
2819 my $salt_len = get_random_num
(0, 16);
2821 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2823 elsif ($mode == 12400)
2825 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 4));
2827 elsif ($mode == 12600)
2829 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 64));
2831 elsif ($mode == 12700)
2833 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
2835 elsif ($mode == 12800)
2837 next if length ($word_buf) > 24;
2839 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 20));
2843 print "ERROR: Unsupported hash type\n";
2848 print $tmp_hash, "\n";
2861 for (my $j = 0; $j < scalar @modes; $j++)
2863 my $mode = $modes[$j];
2865 if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 190 || $mode == 200 || $mode == 300 || $mode == 600 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 5300 || $mode == 5400 || $mode == 6000 || $mode == 6100 || $mode == 6600 || $mode == 6900 || $mode == 5700 || $mode == 8200 || $mode == 8300 || $mode == 9900 || $mode == 10800 || $mode == 11500)
2867 for (my $i = 1; $i < 32; $i++)
2871 rnd
($mode, $len, 0);
2879 elsif ($mode == 10 || $mode == 20 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 120 || $mode == 121 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1711 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 2410 || $mode == 3610 || $mode == 3710 || $mode == 3711 || $mode == 3720 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 8900 || $mode == 10000 || $mode == 10200 || $mode == 10900 || $mode == 11900 || $mode == 12000 || $mode == 12100)
2881 my $salt_len = get_random_num
(1, 15);
2883 for (my $i = 1; $i < 32; $i++)
2887 rnd
($mode, $len, $salt_len);
2891 rnd
($mode, $i, $salt_len);
2895 elsif ($mode == 11 || $mode == 12 || $mode == 7600 || $mode == 12300)
2897 for (my $i = 1; $i < 32; $i++)
2901 rnd
($mode, $len, 32);
2905 rnd
($mode, $i, 32);
2909 elsif ($mode == 21 || $mode == 22)
2911 for (my $i = 1; $i < 32; $i++)
2915 rnd
($mode, $len, 2);
2923 elsif ($mode == 111 || $mode == 122 || $mode == 131 || $mode == 132 || $mode == 400 || $mode == 500 || $mode == 1600 || $mode == 1722 || $mode == 1731 || $mode == 6300 || $mode == 7900 || $mode == 8100 || $mode == 11100)
2925 for (my $i = 1; $i < 32; $i++)
2929 rnd
($mode, $len, 8);
2937 elsif ($mode == 112)
2939 for (my $i = 1; $i < 32; $i++)
2943 rnd
($mode, $len, 20);
2947 rnd
($mode, $i, 20);
2951 elsif ($mode == 141 || $mode == 3300 || $mode == 1441 || $mode == 1800 || $mode == 3200 || $mode == 4800 || $mode == 6400 || $mode == 6500 || $mode == 6700 || $mode == 7400 || $mode == 8000 || $mode == 9100 || $mode == 12200)
2953 for (my $i = 1; $i < 32; $i++)
2957 rnd
($mode, $len, 16);
2961 rnd
($mode, $i, 16);
2967 my $salt_len = get_random_num
(1, 19);
2969 for (my $i = 1; $i < 32; $i++)
2973 rnd
($mode, $len, $salt_len);
2977 rnd
($mode, $i, $salt_len);
2981 elsif ($mode == 1500)
2983 for (my $i = 1; $i < 9; $i++)
2987 rnd
($mode, $len, 2);
2995 elsif ($mode == 2100)
2997 my $salt_len = get_random_num
(1, 19);
2999 for (my $i = 1; $i < 13; $i++)
3003 rnd
($mode, $len, $salt_len);
3007 rnd
($mode, $i, $salt_len);
3011 elsif ($mode == 2500)
3013 my $salt_len = get_random_num
(0, 32);
3015 for (my $i = 8; $i < 16; $i++)
3017 my $generate_from_len = 0;
3026 rnd
($mode, $len, $salt_len);
3030 rnd
($mode, $i, $salt_len);
3034 elsif ($mode == 2611)
3036 for (my $i = 1; $i < 32; $i++)
3040 rnd
($mode, $len, 3);
3048 elsif ($mode == 2612)
3050 my $salt_len = get_random_num
(1, 22);
3052 for (my $i = 1; $i < 32; $i++)
3056 rnd
($mode, $len, $salt_len);
3060 rnd
($mode, $i, $salt_len);
3064 elsif ($mode == 2711)
3066 for (my $i = 1; $i < 32; $i++)
3070 rnd
($mode, $len, 30);
3074 rnd
($mode, $i, 30);
3078 elsif ($mode == 2811)
3080 for (my $i = 1; $i < 32; $i++)
3084 rnd
($mode, $len, 5);
3092 elsif ($mode == 3000)
3094 for (my $i = 1; $i < 8; $i++)
3098 rnd
($mode, $len, 0);
3106 elsif ($mode == 3100)
3108 for (my $i = 1; $i < 32; $i++)
3112 rnd
($mode, $len, 10);
3116 rnd
($mode, $i, 10);
3120 elsif ($mode == 3800 || $mode == 4900)
3122 my $salt_len = get_random_num
(1, 11);
3124 for (my $i = 1; $i < 32; $i++)
3128 rnd
($mode, $len, $salt_len);
3132 rnd
($mode, $i, $salt_len);
3136 elsif ($mode == 5500 || $mode == 5600)
3140 for (my $i = 1; $i < 27; $i++)
3142 $salt_len = get_random_num
(1, 15);
3146 rnd
($mode, $len, $salt_len);
3150 rnd
($mode, $i, $salt_len);
3154 elsif ($mode == 5800)
3156 for (my $i = 1; $i < 14; $i++)
3160 rnd
($mode, $len, 16);
3164 rnd
($mode, $i, 16);
3168 elsif ($mode == 6800)
3170 my $salt_len = get_random_num
(8, 25);
3172 for (my $i = 1; $i < 32; $i++)
3176 rnd
($mode, $len, $salt_len);
3180 rnd
($mode, $i, $salt_len);
3184 elsif ($mode == 7100)
3186 for (my $i = 1; $i < 32; $i++)
3190 rnd
($mode, $len, 64);
3194 rnd
($mode, $i, 64);
3198 elsif ($mode == 7200)
3200 for (my $i = 1; $i < 32; $i++)
3204 rnd
($mode, $len, 128);
3208 rnd
($mode, $i, 128);
3212 elsif ($mode == 7300)
3214 my $salt_len = get_random_num
(32, 255);
3216 for (my $i = 1; $i < 32; $i++)
3220 rnd
($mode, $len, $salt_len);
3224 rnd
($mode, $i, $salt_len);
3228 elsif ($mode == 7500)
3230 for (my $i = 1; $i < 27; $i++)
3234 rnd
($mode, $len, 16);
3238 rnd
($mode, $i, 16);
3242 elsif ($mode == 7700)
3244 my $salt_len = get_random_num
(1, 12);
3246 for (my $i = 1; $i < 9; $i++)
3250 rnd
($mode, $len, $salt_len);
3254 rnd
($mode, $i, $salt_len);
3258 elsif ($mode == 7800)
3260 my $salt_len = get_random_num
(1, 12);
3262 for (my $i = 1; $i < 32; $i++)
3266 rnd
($mode, $len, $salt_len);
3270 rnd
($mode, $i, $salt_len);
3274 elsif ($mode == 8400 || $mode == 11200)
3276 for (my $i = 1; $i < 32; $i++)
3280 rnd
($mode, $len, 40);
3284 rnd
($mode, $i, 40);
3288 elsif ($mode == 8500)
3290 my $salt_len = get_random_num
(1, 8);
3292 for (my $i = 1; $i < 9; $i++)
3296 rnd
($mode, $len, $salt_len);
3300 rnd
($mode, $i, $salt_len);
3304 elsif ($mode == 8600)
3306 for (my $i = 1; $i < 17; $i++)
3310 rnd
($mode, $len, 0);
3318 elsif ($mode == 8700)
3320 for (my $i = 1; $i < 32; $i++)
3324 rnd
($mode, $len, 5);
3332 elsif ($mode == 9200 || $mode == 9300)
3336 for (my $i = 1; $i < 32; $i++)
3340 rnd
($mode, $len, $salt_len);
3344 rnd
($mode, $i, $salt_len);
3348 elsif ($mode == 9400 || $mode == 9500 || $mode == 9600 || $mode == 9700 || $mode == 9800)
3352 for (my $i = 1; $i < 20; $i++)
3356 rnd
($mode, $len, $salt_len);
3360 rnd
($mode, $i, $salt_len);
3364 elsif ($mode == 10100)
3366 for (my $i = 1; $i < 32; $i++)
3370 rnd
($mode, $len, 32);
3374 rnd
($mode, $i, 32);
3378 elsif ($mode == 10300)
3380 my $salt_len = get_random_num
(4, 15);
3382 for (my $i = 1; $i < 32; $i++)
3386 rnd
($mode, $len, $salt_len);
3390 rnd
($mode, $i, $salt_len);
3394 elsif ($mode == 10400 || $mode == 10600)
3398 for (my $i = 1; $i < 32; $i++)
3402 rnd
($mode, $len, $salt_len);
3406 rnd
($mode, $i, $salt_len);
3410 elsif ($mode == 10500 || $mode == 10700)
3414 for (my $i = 1; $i < 16; $i++)
3418 rnd
($mode, $len, $salt_len);
3422 rnd
($mode, $i, $salt_len);
3426 elsif ($mode == 11000)
3428 for (my $i = 1; $i < 32; $i++)
3432 rnd
($mode, $len, 56);
3436 rnd
($mode, $i, 56);
3440 elsif ($mode == 11300)
3442 for (my $i = 1; $i < 32; $i++)
3446 rnd
($mode, $len, 16);
3450 rnd
($mode, $i, 16);
3454 elsif ($mode == 11400)
3456 for (my $i = 1; $i < 24; $i++)
3460 rnd
($mode, $len, 16);
3464 rnd
($mode, $i, 16);
3468 elsif ($mode == 11600)
3470 my $salt_len = get_random_num
(0, 16);
3472 for (my $i = 1; $i < 32; $i++)
3476 rnd
($mode, $len, $salt_len);
3480 rnd
($mode, $i, $salt_len);
3484 elsif ($mode == 12400)
3486 for (my $i = 1; $i < 32; $i++)
3490 rnd
($mode, $len, 4);
3498 elsif ($mode == 12600)
3500 for (my $i = 1; $i < 32; $i++)
3504 rnd
($mode, $len, 64);
3508 rnd
($mode, $i, 64);
3512 elsif ($mode == 12700)
3514 for (my $i = 1; $i < 32; $i++)
3518 rnd
($mode, $len, 32);
3522 rnd
($mode, $i, 32);
3526 elsif ($mode == 12800)
3528 for (my $i = 1; $i < 25; $i++)
3532 rnd
($mode, $len, 20);
3536 rnd
($mode, $i, 20);
3549 my $word_buf = shift;
3551 my $salt_buf = shift;
3555 my $additional_param = shift;
3557 my $additional_param2 = shift;
3559 my $additional_param3 = shift;
3561 my $additional_param4 = shift;
3563 my $additional_param5 = shift;
3565 my $additional_param6 = shift;
3567 my $additional_param7 = shift;
3569 my $additional_param8 = shift;
3571 my $additional_param9 = shift;
3573 my $additional_param10 = shift;
3575 my $additional_param11 = shift;
3587 $hash_buf = md5_hex
($word_buf);
3589 $tmp_hash = sprintf ("%s", $hash_buf);
3593 $hash_buf = md5_hex
($word_buf . $salt_buf);
3595 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3599 $hash_buf = md5_hex
($word_buf . $salt_buf);
3601 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3605 $hash_buf = md5_hex
($word_buf . $salt_buf);
3607 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3611 $hash_buf = md5_hex
($salt_buf . $word_buf);
3613 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3617 $hash_buf = md5_hex
($salt_buf . $word_buf);
3619 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3623 my $itoa64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
3624 my $salt_suffix = "Administration Tools";
3626 my $pass = sprintf ("%s:%s:%s", $salt_buf, $salt_suffix, $word_buf);
3628 $hash_buf = md5
($pass);
3632 for (my $pos = 0; $pos < 16; $pos += 2)
3634 my $octet1 = ord (substr ($hash_buf, $pos + 0, 1));
3635 my $octet2 = ord (substr ($hash_buf, $pos + 1, 1));
3637 my $num = ($octet1 <<8 & 0xff00) | ($octet2 & 0xff);
3639 my $idx1 = $num >> 12 & 0x0f;
3640 my $idx2 = $num >> 6 & 0x3f;
3641 my $idx3 = $num & 0x3f;
3643 $res = $res . substr ($itoa64, $idx1, 1) . substr ($itoa64, $idx2, 1) . substr ($itoa64, $idx3, 1);
3646 my $obfuscate_str = "nrcstn";
3647 my @obfuscate_pos = (0, 6, 12, 17, 23, 29);
3649 foreach my $pos (keys @obfuscate_pos)
3651 my $idx = $obfuscate_pos[$pos];
3652 my $before = substr ($res, 0, $idx);
3653 my $char = substr ($obfuscate_str, $pos, 1);
3654 my $after = substr ($res, $idx);
3656 $res = sprintf ("%s%s%s", $before, $char, $after);
3659 $tmp_hash = sprintf ("%s:%s", $res, $salt_buf);
3663 $hash_buf = md5_hex
($salt_buf . "\nskyper\n" . $word_buf);
3665 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3669 $hash_buf = md5_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
3671 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3675 $hash_buf = md5_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
3677 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3681 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&md5
, 64);
3683 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3687 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&md5
, 64);
3689 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3691 elsif ($mode == 100)
3693 $hash_buf = sha1_hex
($word_buf);
3695 $tmp_hash = sprintf ("%s", $hash_buf);
3697 elsif ($mode == 101)
3699 $hash_buf = sha1
($word_buf);
3701 my $base64_buf = encode_base64
($hash_buf);
3703 chomp ($base64_buf);
3705 $tmp_hash = sprintf ("{SHA}%s", $base64_buf);
3707 elsif ($mode == 110)
3709 $hash_buf = sha1_hex
($word_buf . $salt_buf);
3711 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3713 elsif ($mode == 111)
3715 $hash_buf = sha1
($word_buf . $salt_buf);
3717 my $base64_buf = encode_base64
($hash_buf . $salt_buf);
3719 chomp ($base64_buf);
3721 $tmp_hash = sprintf ("{SSHA}%s", $base64_buf);
3723 elsif ($mode == 112)
3725 my $salt_buf_bin = pack ("H*", $salt_buf);
3727 $hash_buf = sha1_hex
($word_buf . $salt_buf_bin);
3729 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3731 elsif ($mode == 120)
3733 $hash_buf = sha1_hex
($salt_buf . $word_buf);
3735 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3737 elsif ($mode == 121)
3739 $hash_buf = sha1_hex
(lc ($salt_buf) . $word_buf);
3741 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3743 elsif ($mode == 122)
3745 my $salt_buf_bin = pack ("H*", $salt_buf);
3747 $hash_buf = sha1_hex
($salt_buf_bin . $word_buf);
3749 $tmp_hash = sprintf ("%s%s", $salt_buf, $hash_buf);
3751 elsif ($mode == 130)
3753 $hash_buf = sha1_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
3755 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3757 elsif ($mode == 131)
3759 my $salt_buf_bin = pack ("H*", $salt_buf);
3761 $hash_buf = sha1_hex
(encode
("UTF-16LE", uc ($word_buf)) . $salt_buf_bin);
3763 $tmp_hash = sprintf ("0x0100%s%s%s", $salt_buf, "0" x
40, $hash_buf);
3765 elsif ($mode == 132)
3767 my $salt_buf_bin = pack ("H*", $salt_buf);
3769 $hash_buf = sha1_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf_bin);
3771 $tmp_hash = sprintf ("0x0100%s%s", $salt_buf, $hash_buf);
3773 elsif ($mode == 140)
3775 $hash_buf = sha1_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
3777 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3779 elsif ($mode == 141)
3781 $hash_buf = sha1
($salt_buf . encode
("UTF-16LE", $word_buf));
3783 my $base64_salt_buf = encode_base64
($salt_buf);
3785 chomp ($base64_salt_buf);
3787 my $base64_hash_buf = encode_base64
($hash_buf);
3789 $base64_hash_buf = substr ($base64_hash_buf, 0, 27);
3791 $tmp_hash = sprintf ("\$episerver\$*0*%s*%s", $base64_salt_buf, $base64_hash_buf);
3793 elsif ($mode == 150)
3795 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha1
, 64);
3797 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3799 elsif ($mode == 160)
3801 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&sha1
, 64);
3803 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3805 elsif ($mode == 190)
3807 $hash_buf = sha1_hex
($word_buf);
3809 my $variant = int (rand (2));
3811 if (defined ($additional_param))
3813 $variant = $additional_param;
3818 substr ($hash_buf, 0, 5) = "00000";
3821 $tmp_hash = sprintf ("%s", $hash_buf);
3823 elsif ($mode == 200)
3825 my $ppr = Authen
::Passphrase
::MySQL323
->new (passphrase
=> $word_buf);
3827 $hash_buf = $ppr->hash_hex;
3829 $tmp_hash = sprintf ("%s", $hash_buf);
3831 elsif ($mode == 300)
3833 $hash_buf = substr (password41
($word_buf), 1);
3835 $hash_buf = lc ($hash_buf); # useful for 'not matched' check only
3837 $tmp_hash = sprintf ("%s", $hash_buf);
3839 elsif ($mode == 400)
3848 my $ppr = Authen
::Passphrase
::PHPass
->new
3852 passphrase
=> $word_buf,
3855 $hash_buf = $ppr->as_rfc2307;
3857 $tmp_hash = sprintf ("%s", substr ($hash_buf, 7));
3859 elsif ($mode == 500)
3861 my $iterations = 1000;
3863 if (defined ($iter))
3867 $iterations = int ($iter);
3871 $hash_buf = md5_crypt
('$1$', $iterations, $word_buf, $salt_buf);
3873 $tmp_hash = sprintf ("%s", $hash_buf);
3875 elsif ($mode == 900)
3877 $hash_buf = md4_hex
($word_buf);
3879 $tmp_hash = sprintf ("%s", $hash_buf);
3881 elsif ($mode == 1000)
3883 $hash_buf = md4_hex
(encode
("UTF-16LE", $word_buf));
3885 $tmp_hash = sprintf ("%s", $hash_buf);
3887 elsif ($mode == 1100)
3889 $hash_buf = md4_hex
(md4
(encode
("UTF-16LE", $word_buf)) . encode
("UTF-16LE", lc ($salt_buf)));
3891 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3893 elsif ($mode == 1400)
3895 $hash_buf = sha256_hex
($word_buf);
3897 $tmp_hash = sprintf ("%s", $hash_buf);
3899 elsif ($mode == 1410)
3901 $hash_buf = sha256_hex
($word_buf . $salt_buf);
3903 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3905 elsif ($mode == 1420)
3907 $hash_buf = sha256_hex
($salt_buf . $word_buf);
3909 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3911 elsif ($mode == 1430)
3913 $hash_buf = sha256_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
3915 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3917 elsif ($mode == 1440)
3919 $hash_buf = sha256_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
3921 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3923 elsif ($mode == 1441)
3925 $hash_buf = sha256
($salt_buf . encode
("UTF-16LE", $word_buf));
3927 my $base64_salt_buf = encode_base64
($salt_buf);
3929 chomp ($base64_salt_buf);
3931 my $base64_hash_buf = encode_base64
($hash_buf);
3933 chomp ($base64_hash_buf);
3935 $base64_hash_buf = substr ($base64_hash_buf, 0, 43);
3937 $tmp_hash = sprintf ("\$episerver\$*1*%s*%s", $base64_salt_buf, $base64_hash_buf);
3939 elsif ($mode == 1450)
3941 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha256
, 64);
3943 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3945 elsif ($mode == 1460)
3947 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&sha256
, 64);
3949 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3951 elsif ($mode == 1500)
3953 $hash_buf = crypt ($word_buf, $salt_buf);
3955 $tmp_hash = sprintf ("%s", $hash_buf);
3957 elsif ($mode == 1600)
3959 my $iterations = 1000;
3961 if (defined ($iter))
3965 $iterations = int ($iter);
3969 $hash_buf = md5_crypt
('$apr1$', $iterations, $word_buf, $salt_buf);
3971 $tmp_hash = sprintf ("%s", $hash_buf);
3973 elsif ($mode == 1700)
3975 $hash_buf = sha512_hex
($word_buf);
3977 $tmp_hash = sprintf ("%s", $hash_buf);
3979 elsif ($mode == 1710)
3981 $hash_buf = sha512_hex
($word_buf . $salt_buf);
3983 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3985 elsif ($mode == 1711)
3987 $hash_buf = sha512_hex
($word_buf . $salt_buf);
3989 my $base64_buf = encode_base64
(pack ("H*", $hash_buf) . $salt_buf);
3991 $base64_buf =~ s/[ \n]//g;
3993 $tmp_hash = sprintf ("{SSHA512}%s", $base64_buf);
3995 elsif ($mode == 1720)
3997 $hash_buf = sha512_hex
($salt_buf . $word_buf);
3999 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4001 elsif ($mode == 1730)
4003 $hash_buf = sha512_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
4005 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4007 elsif ($mode == 1740)
4009 $hash_buf = sha512_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
4011 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4013 elsif ($mode == 1722)
4015 my $salt_buf_bin = pack ("H*", $salt_buf);
4017 $hash_buf = sha512_hex
($salt_buf_bin . $word_buf);
4019 $tmp_hash = sprintf ("%s%s", $salt_buf, $hash_buf);
4021 elsif ($mode == 1731)
4023 my $salt_buf_bin = pack ("H*", $salt_buf);
4025 $hash_buf = sha512_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf_bin);
4027 $tmp_hash = sprintf ("0x0200%s%s", $salt_buf, $hash_buf);
4029 elsif ($mode == 1750)
4031 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha512
, 128);
4033 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4035 elsif ($mode == 1760)
4037 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&sha512
, 128);
4039 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4041 elsif ($mode == 1800)
4043 my $iterations = 5000;
4045 if (defined ($iter))
4049 $iterations = int ($iter);
4053 $hash_buf = sha512_crypt
($iterations, $word_buf, $salt_buf);
4055 $tmp_hash = sprintf ("%s", $hash_buf);
4057 elsif ($mode == 2100)
4059 my $iterations = 10240;
4063 $iterations = int ($iter);
4066 my $salt = encode
("UTF-16LE", lc ($salt_buf));
4068 my $pbkdf2 = Crypt
::PBKDF2
->new
4070 hash_class
=> 'HMACSHA1',
4071 iterations
=> $iterations,
4073 salt_len
=> length ($salt),
4076 $hash_buf = unpack ("H*", $pbkdf2->PBKDF2 ($salt, md4
(md4
(encode
("UTF-16LE", $word_buf)) . $salt)));
4078 $tmp_hash = sprintf ("\$DCC2\$%i#%s#%s", $iterations, $salt_buf, $hash_buf);
4080 elsif ($mode == 2400)
4082 $tmp_hash = sprintf ("%s", pseudo_base64
(Digest
::MD5
::md5
($word_buf . "\0" x
(16 - length ($word_buf)))));
4084 elsif ($mode == 2410)
4086 my $salt_len = length ($salt_buf);
4088 my $salt_len_max4 = ($salt_len < 4) ?
$salt_len : 4;
4090 my $hash_buf = pseudo_base64
(Digest
::MD5
::md5
($word_buf . substr ($salt_buf, 0, $salt_len_max4) . "\0" x
(16 - length ($word_buf) - $salt_len_max4)));
4092 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4094 elsif ($mode == 2500)
4096 my ($bssid, $stmac, $snonce, $anonce, $eapol, $keyver, $eapol_size);
4098 if (! defined ($additional_param))
4102 $bssid = randbytes
(6);
4103 $stmac = randbytes
(6);
4104 $snonce = randbytes
(32);
4105 $anonce = randbytes
(32);
4107 $keyver = get_random_num
(1, 3); # 1 or 2
4110 # should be "validly" generated, but in theory could be anything for us also:
4111 # $eapol = "\x00" x 121; # works too, but let's generate it correctly
4113 $eapol = gen_random_wpa_eapol
($keyver, $snonce);
4117 $bssid = $additional_param;
4118 $stmac = $additional_param2;
4119 $snonce = $additional_param3;
4120 $anonce = $additional_param4;
4121 $keyver = $additional_param5;
4122 $eapol = $additional_param6;
4125 $eapol_size = length ($eapol);
4129 my $iterations = 4096;
4135 # generate the Pairwise Master Key (PMK)
4137 my $pbkdf2 = Crypt
::PBKDF2
->new
4139 hash_class
=> 'HMACSHA1',
4140 iterations
=> $iterations,
4144 my $pmk = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
4146 # Pairwise Transient Key (PTK) transformation
4148 my $ptk = wpa_prf_512
($pmk, $stmac, $bssid, $snonce, $anonce);
4150 # generate the Message Integrity Code (MIC)
4154 if ($keyver == 1) # WPA1 => MD5
4156 $mic = hmac
($eapol, $ptk, \
&md5
);
4160 $mic = hmac
($eapol, $ptk, \
&sha1
);
4163 $mic = substr ($mic, 0, 16);
4166 # format the binary output
4171 # first the essid (NULL-padded up to the first 36 bytes)
4173 $hash_buf .= $salt_buf;
4174 $hash_buf .= "\x00" x
(36 - length ($salt_buf));
4176 # the 2 MAC addresses
4178 $hash_buf .= $bssid;
4179 $hash_buf .= $stmac;
4183 $hash_buf .= $snonce;
4184 $hash_buf .= $anonce;
4188 $hash_buf .= $eapol;
4189 $hash_buf .= "\x00" x
(256 - $eapol_size);
4193 $hash_buf .= pack ("L*", $eapol_size);
4197 $hash_buf .= pack ("L*", $keyver);
4199 # and finally: the key mic
4203 # base64 encode the output
4205 $tmp_hash = encode_base64
($hash_buf, '');
4207 elsif ($mode == 2600)
4209 $hash_buf = md5_hex
(md5_hex
($word_buf));
4211 $tmp_hash = sprintf ("%s", $hash_buf);
4213 elsif ($mode == 2611)
4215 $hash_buf = md5_hex
(md5_hex
($word_buf) . $salt_buf);
4217 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4219 elsif ($mode == 2612)
4221 my $salt_buf_hex = unpack ("H*", $salt_buf);
4223 $hash_buf = md5_hex
(md5_hex
($word_buf) . $salt_buf);
4225 $tmp_hash = sprintf ("\$PHPS\$%s\$%s", $salt_buf_hex, $hash_buf);
4227 elsif ($mode == 2711)
4229 $hash_buf = md5_hex
(md5_hex
($word_buf) . $salt_buf);
4231 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4233 elsif ($mode == 2811)
4235 $hash_buf = md5_hex
(md5_hex
($salt_buf) . md5_hex
($word_buf));
4237 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4239 elsif ($mode == 3000)
4241 my $ppr = Authen
::Passphrase
::LANManager
->new ("passphrase" => $word_buf);
4243 $hash_buf = $ppr->hash_hex;
4245 $tmp_hash = sprintf ("%s", substr ($hash_buf, 0, 16));
4247 elsif ($mode == 3100)
4249 $hash_buf = oracle_hash
($salt_buf, $word_buf);
4251 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4253 elsif ($mode == 3200)
4262 $tmp_hash = bcrypt
($word_buf, sprintf ('$2a$%s$%s$', $cost, en_base64
($salt_buf)));
4264 elsif ($mode == 3300)
4266 my $iterations = 904;
4270 $iterations = int ($iter);
4275 if (defined ($additional_param))
4277 $variant = $additional_param;
4280 my $prefix = sprintf ("\$md5%srounds=%i\$%s", $variant, $iterations, $salt_buf);
4282 $iterations += 4096;
4284 $hash_buf = sun_md5
($word_buf, $prefix, $iterations);
4286 $tmp_hash = sprintf ("%s\$%s", $prefix, $hash_buf);
4288 elsif ($mode == 3500)
4290 $hash_buf = md5_hex
(md5_hex
(md5_hex
($word_buf)));
4292 $tmp_hash = sprintf ("%s", $hash_buf);
4294 elsif ($mode == 3610)
4296 $hash_buf = md5_hex
(md5_hex
($salt_buf) . $word_buf);
4298 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4300 elsif ($mode == 3710)
4302 $hash_buf = md5_hex
($salt_buf . md5_hex
($word_buf));
4304 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4306 elsif ($mode == 3711)
4308 $hash_buf = md5_hex
($salt_buf . "-" . md5_hex
($word_buf));
4310 $tmp_hash = sprintf ("\$B\$%s\$%s", $salt_buf, $hash_buf);
4312 elsif ($mode == 3720)
4314 $hash_buf = md5_hex
($word_buf . md5_hex
($salt_buf));
4316 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4318 elsif ($mode == 3800)
4320 $hash_buf = md5_hex
($salt_buf . $word_buf . $salt_buf);
4322 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4324 elsif ($mode == 3910)
4326 $hash_buf = md5_hex
(md5_hex
($word_buf) . md5_hex
($salt_buf));
4328 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4330 elsif ($mode == 4010)
4332 $hash_buf = md5_hex
($salt_buf . md5_hex
($salt_buf . $word_buf));
4334 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4336 elsif ($mode == 4110)
4338 $hash_buf = md5_hex
($salt_buf . md5_hex
($word_buf . $salt_buf));
4340 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4342 elsif ($mode == 4210)
4344 $hash_buf = md5_hex
($salt_buf . "\x00" . $word_buf);
4346 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4348 elsif ($mode == 4300)
4350 $hash_buf = md5_hex
(uc (md5_hex
($word_buf)));
4352 $tmp_hash = sprintf ("%s", $hash_buf);
4354 elsif ($mode == 4400)
4356 $hash_buf = md5_hex
(sha1_hex
($word_buf));
4358 $tmp_hash = sprintf ("%s", $hash_buf);
4360 elsif ($mode == 4500)
4362 $hash_buf = sha1_hex
(sha1_hex
($word_buf));
4364 $tmp_hash = sprintf ("%s", $hash_buf);
4366 elsif ($mode == 4600)
4368 $hash_buf = sha1_hex
(sha1_hex
(sha1_hex
($word_buf)));
4370 $tmp_hash = sprintf ("%s", $hash_buf);
4372 elsif ($mode == 4700)
4374 $hash_buf = sha1_hex
(md5_hex
($word_buf));
4376 $tmp_hash = sprintf ("%s", $hash_buf);
4378 elsif ($mode == 4800)
4380 my $index = rindex ($salt_buf, ":");
4382 my $salt = substr ($salt_buf, 0, $index);
4383 my $salt_bin = pack ("H*", $salt);
4384 my $chap_sign = substr ($salt_buf, $index + 1);
4385 my $chap_sign_bin = pack ("H*", $chap_sign);
4387 $hash_buf = md5_hex
($chap_sign_bin . $word_buf . $salt_bin);
4389 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4391 elsif ($mode == 4900)
4393 $hash_buf = sha1_hex
($salt_buf . $word_buf . $salt_buf);
4395 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4397 elsif ($mode == 5000)
4399 $hash_buf = keccak_256_hex
($word_buf);
4401 $tmp_hash = sprintf ("%s", $hash_buf);
4403 elsif ($mode == 5100)
4407 if (! defined ($additional_param))
4413 $pos = $additional_param * 8 unless ($additional_param > 2);
4416 $hash_buf = md5_hex
($word_buf);
4418 $tmp_hash = sprintf ("%s", substr ($hash_buf, $pos, 16));
4420 elsif ($mode == 5300)
4422 my @salt_arr = split (":", $salt_buf);
4424 my $msg_buf = pack ("H*", $salt_arr[0] . $salt_arr[1] . $salt_arr[2] . $salt_arr[3] . $salt_arr[4] . $salt_arr[5]);
4425 my $nr_buf = pack ("H*", $salt_arr[6] . $salt_arr[7]);
4427 my $hash_buf = hmac
($nr_buf , $word_buf, \
&md5
, 64);
4428 $hash_buf = hmac_hex
($msg_buf, $hash_buf, \
&md5
, 64);
4430 $tmp_hash = sprintf ("%s:%s", $salt_buf, $hash_buf);
4432 elsif ($mode == 5400)
4434 my @salt_arr = split (":", $salt_buf);
4436 my $msg_buf = pack ("H*", $salt_arr[0] . $salt_arr[1] . $salt_arr[2] . $salt_arr[3] . $salt_arr[4] . $salt_arr[5]);
4437 my $nr_buf = pack ("H*", $salt_arr[6] . $salt_arr[7]);
4439 my $hash_buf = hmac
($nr_buf , $word_buf, \
&sha1
, 64);
4440 $hash_buf = hmac_hex
($msg_buf, $hash_buf, \
&sha1
, 64);
4442 $tmp_hash = sprintf ("%s:%s", $salt_buf, $hash_buf);
4444 elsif ($mode == 5500)
4446 my $index1 = index ($salt_buf, "::");
4447 my $user = substr ($salt_buf, 0, $index1);
4449 my $index2 = index ($salt_buf, ":", $index1 + 2);
4450 my $domain = substr ($salt_buf, $index1 + 2, $index2 - $index1 - 2);
4452 my $len = length (substr ($salt_buf, $index2 + 1));
4454 my $c_challenge_hex;
4458 $c_challenge_hex = substr ($salt_buf, $index2 + 1, 48);
4463 $c_challenge_hex = substr ($salt_buf, $index2 + 1, 16);
4464 $c_challenge_hex .= 00 x
32;
4467 my $c_challenge = pack ("H*", substr ($c_challenge_hex, 0, 16));
4468 my $s_challenge_hex = substr ($salt_buf, $index2 + 17, 16);
4469 my $s_challenge = pack ("H*", $s_challenge_hex);
4471 my $challenge = substr (md5
($s_challenge . $c_challenge), 0, 8);
4475 my $nthash = Authen
::Passphrase
::NTHash
->new (passphrase
=> $word_buf)->hash . "\x00" x
5;
4477 $ntresp .= Crypt
::ECB
::encrypt
(setup_des_key
(substr ($nthash, 0, 7)), "DES", $challenge, PADDING_NONE
);
4478 $ntresp .= Crypt
::ECB
::encrypt
(setup_des_key
(substr ($nthash, 7, 7)), "DES", $challenge, PADDING_NONE
);
4479 $ntresp .= Crypt
::ECB
::encrypt
(setup_des_key
(substr ($nthash, 14, 7)), "DES", $challenge, PADDING_NONE
);
4481 $tmp_hash = sprintf ("%s::%s:%s:%s:%s", $user, $domain, $c_challenge_hex, unpack ("H*", $ntresp), $s_challenge_hex);
4483 elsif ($mode == 5600)
4485 my $index1 = index ($salt_buf, "::");
4486 my $user = substr ($salt_buf, 0, $index1);
4488 my $index2 = index ($salt_buf, ":", $index1 + 2);
4489 my $domain = substr ($salt_buf, $index1 + 2, $index2 - $index1 - 2);
4491 my $s_challenge_hex = substr ($salt_buf, $index2 + 1, 16);
4492 my $s_challenge = pack ("H*", $s_challenge_hex);
4494 my $temp_hex = substr ($salt_buf, $index2 + 17);
4495 my $temp = pack ("H*", $temp_hex);
4497 my $nthash = Authen
::Passphrase
::NTHash
->new (passphrase
=> $word_buf)->hash;
4498 my $identity = Encode
::encode
("UTF-16LE", uc ($user) . $domain);
4500 $hash_buf = hmac_hex
($s_challenge . $temp, hmac
($identity, $nthash, \
&md5
, 64), \
&md5
, 64);
4502 $tmp_hash = sprintf ("%s::%s:%s:%s:%s", $user, $domain, $s_challenge_hex, $hash_buf, $temp_hex);
4504 elsif ($mode == 5700)
4506 $hash_buf = sha256
($word_buf);
4508 my $base64_buf = encode_base64
($hash_buf);
4512 for (my $i = 0; $i < 43; $i++)
4514 $tmp_hash .= $CISCO_BASE64_MAPPING->{substr ($base64_buf, $i, 1)};
4517 elsif ($mode == 5800)
4519 $hash_buf = androidpin_hash
($word_buf, $salt_buf);
4521 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4523 elsif ($mode == 6000)
4525 $hash_buf = ripemd160_hex
($word_buf);
4527 $tmp_hash = sprintf ("%s", $hash_buf);
4529 elsif ($mode == 6100)
4531 $hash_buf = whirlpool_hex
($word_buf);
4533 $tmp_hash = sprintf ("%s", $hash_buf);
4535 elsif ($mode == 6300)
4537 my $iterations = 1000; # hard coded by the AIX format
4539 $hash_buf = md5_crypt
('', $iterations, $word_buf, $salt_buf);
4541 $tmp_hash = sprintf ("{smd5}%s", $hash_buf);
4543 elsif ($mode == 6400)
4545 my $iterations = 64;
4549 $iterations = 1 << int ($iter);
4552 $hash_buf = aix_ssha256_pbkdf2
($word_buf, $salt_buf, $iterations);
4554 $tmp_hash = sprintf ("{ssha256}%02i\$%s\$%s", log ($iterations) / log (2), $salt_buf, $hash_buf);
4556 elsif ($mode == 6500)
4558 my $iterations = 64;
4562 $iterations = 1 << int ($iter);
4565 $hash_buf = aix_ssha512_pbkdf2
($word_buf, $salt_buf, $iterations);
4567 $tmp_hash = sprintf ("{ssha512}%02i\$%s\$%s", log ($iterations) / log (2), $salt_buf, $hash_buf);
4569 elsif ($mode == 6600)
4571 my $iterations = 1000;
4575 $iterations = int ($iter);
4578 my $salt_hex = substr ($salt_buf, 0, 16);
4579 my $salt = pack ("H*", $salt_hex);
4581 my $prefix = substr ($salt_buf, 16, 2016);
4583 my $iv_hex = substr ($salt_buf, 2032);
4584 my $iv = pack ("H*", $iv_hex);
4586 my $data = pack ("H*", "10101010101010101010101010101010");
4588 my $hasher = Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA1');
4590 my $pbkdf2 = Crypt
::PBKDF2
->new (
4592 iterations
=> $iterations,
4596 my $key = $pbkdf2->PBKDF2 ($salt, $word_buf);
4598 my $cipher = Crypt
::CBC
->new({
4600 cipher
=> "Crypt::Rijndael",
4607 my $encrypted = unpack ("H*", $cipher->encrypt ($data));
4609 $hash_buf = substr ($encrypted, 0, 32);
4611 $tmp_hash = sprintf ("%i:%s:%s%s%s", $iterations, $salt_hex, $prefix, $iv_hex, $hash_buf);
4613 elsif ($mode == 6700)
4615 my $iterations = 64;
4619 $iterations = 1 << int ($iter);
4622 $hash_buf = aix_ssha1_pbkdf2
($word_buf, $salt_buf, $iterations);
4624 $tmp_hash = sprintf ("{ssha1}%02i\$%s\$%s", log ($iterations) / log (2), $salt_buf, $hash_buf);
4626 elsif ($mode == 6800)
4628 my $variant = $additional_param;
4630 if (! defined ($variant))
4632 $variant = int (rand (2));
4635 my $iterations = 500;
4639 $iterations = int ($iter);
4642 my $iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
4644 my $hasher = Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256);
4646 my $pbkdf2 = Crypt
::PBKDF2
->new (
4648 iterations
=> $iterations,
4652 my $key = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
4654 my $cipher = Crypt
::CBC
->new({
4656 cipher
=> "Crypt::Rijndael",
4665 my $encrypt = $cipher->encrypt (substr ($salt_buf, 0, 16));
4667 $hash_buf = substr (unpack ("H*", $encrypt), 0, 32);
4671 my $verifier = "lastpass rocks\x02\x02";
4673 $hash_buf = unpack ("H*", substr ($cipher->encrypt ($verifier), 0, 16));
4676 $tmp_hash = sprintf ("%s:%i:%s", $hash_buf, $iterations, $salt_buf);
4678 elsif ($mode == 6900)
4680 $hash_buf = gost_hex
($word_buf);
4682 $tmp_hash = sprintf ("%s", $hash_buf);
4684 elsif ($mode == 7100)
4686 my $iterations = 1024;
4690 $iterations = int ($iter);
4693 my $pbkdf2 = Crypt
::PBKDF2
->new
4695 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 512),
4696 iterations
=> $iterations
4699 $hash_buf = unpack ("H*", $pbkdf2->PBKDF2 (pack ("H*", $salt_buf), $word_buf));
4701 $tmp_hash = sprintf ("\$ml\$%i\$%s\$%0128s", $iterations, $salt_buf, $hash_buf);
4703 elsif ($mode == 7200)
4705 my $iterations = 1024;
4709 $iterations = int ($iter);
4712 my $pbkdf2 = Crypt
::PBKDF2
->new (
4713 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 512),
4714 iterations
=> $iterations
4717 $hash_buf = unpack ("H*", $pbkdf2->PBKDF2 (pack ("H*", $salt_buf), $word_buf));
4719 $tmp_hash = sprintf ("grub.pbkdf2.sha512.%i.%s.%0128s", $iterations, $salt_buf, $hash_buf);
4721 elsif ($mode == 7300)
4723 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha1
);
4725 $tmp_hash = sprintf ("%s:%s", unpack ("H*", $salt_buf), $hash_buf);
4727 elsif ($mode == 7400)
4729 my $iterations = 5000;
4731 if (defined ($iter))
4735 $iterations = int ($iter);
4739 $hash_buf = sha256_crypt
($iterations, $word_buf, $salt_buf);
4741 $tmp_hash = sprintf ("%s", $hash_buf);
4743 elsif ($mode == 7500)
4745 my @salt_arr = split ("\\\$", $salt_buf);
4747 my $user = $salt_arr[0];
4749 my $realm = $salt_arr[1];
4751 my $salt = $salt_arr[2];
4753 my $hmac_salt = $salt_arr[3];
4754 my $hmac_salt_bin = pack ("H*", $hmac_salt);
4756 my $clear_data = $salt_arr[4];
4758 my $k = md4
(encode
("UTF-16LE", $word_buf));
4760 my $k1 = hmac_md5
("\x01\x00\x00\x00", $k);
4762 my $k3 = hmac_md5
($hmac_salt_bin, $k1);
4764 if (length ($clear_data) > 1)
4766 my $clear_data_bin = pack ("H*", $clear_data);
4768 $hash_buf = RC4
($k3, $clear_data_bin);
4772 my $hash = $salt_arr[5];
4774 my $hash_bin = pack ("H*", $hash);
4776 my $clear_data = RC4
($k3, $hash_bin);
4778 my $timestamp = substr ($clear_data, 14, 14);
4783 if ($timestamp !~ /^[[:digit:]]{14}$/)
4790 $hash_buf = "\x00" x
36;
4792 if ($hash_buf eq $hash_bin)
4794 $hash_buf = "\x01" x
36;
4799 $hash_buf = $hash_bin;
4803 $tmp_hash = sprintf ("\$krb5pa\$23\$%s\$%s\$%s\$%s%s", $user, $realm, $salt, unpack ("H*", $hash_buf), $hmac_salt);
4805 elsif ($mode == 7600)
4807 $hash_buf = sha1_hex
($salt_buf . sha1_hex
($word_buf));
4809 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4811 elsif ($mode == 7700)
4813 $word_buf = uc $word_buf;
4814 $salt_buf = uc $salt_buf;
4816 my $word_buf_t = sapb_transcode
($word_buf);
4817 my $salt_buf_t = sapb_transcode
($salt_buf);
4819 my $digest1 = md5
($word_buf_t . $salt_buf_t);
4821 my $data = sapb_waldorf
($digest1, $word_buf_t, $salt_buf_t);
4823 my $digest2 = md5
($data);
4825 my ($a, $b, $c, $d) = unpack ("N4", $digest2);
4830 $tmp_hash = sprintf ("%s\$%08X%08X", $salt_buf, $a, $b);
4832 elsif ($mode == 7800)
4834 my $theMagicArray_s =
4835 "\x91\xac\x51\x14\x9f\x67\x54\x43\x24\xe7\x3b\xe0\x28\x74\x7b\xc2" .
4836 "\x86\x33\x13\xeb\x5a\x4f\xcb\x5c\x08\x0a\x73\x37\x0e\x5d\x1c\x2f" .
4837 "\x33\x8f\xe6\xe5\xf8\x9b\xae\xdd\x16\xf2\x4b\x8d\x2c\xe1\xd4\xdc" .
4838 "\xb0\xcb\xdf\x9d\xd4\x70\x6d\x17\xf9\x4d\x42\x3f\x9b\x1b\x11\x94" .
4839 "\x9f\x5b\xc1\x9b\x06\x05\x9d\x03\x9d\x5e\x13\x8a\x1e\x9a\x6a\xe8" .
4840 "\xd9\x7c\x14\x17\x58\xc7\x2a\xf6\xa1\x99\x63\x0a\xd7\xfd\x70\xc3" .
4841 "\xf6\x5e\x74\x13\x03\xc9\x0b\x04\x26\x98\xf7\x26\x8a\x92\x93\x25" .
4842 "\xb0\xa2\x0d\x23\xed\x63\x79\x6d\x13\x32\xfa\x3c\x35\x02\x9a\xa3" .
4843 "\xb3\xdd\x8e\x0a\x24\xbf\x51\xc3\x7c\xcd\x55\x9f\x37\xaf\x94\x4c" .
4844 "\x29\x08\x52\x82\xb2\x3b\x4e\x37\x9f\x17\x07\x91\x11\x3b\xfd\xcd";
4846 $salt_buf = uc $salt_buf;
4848 my $digest = sha1
($word_buf . $salt_buf);
4850 my ($a, $b, $c, $d, $e) = unpack ("I*", $digest);
4852 my $lengthMagicArray = 0x20;
4853 my $offsetMagicArray = 0;
4855 $lengthMagicArray += (($a >> 0) & 0xff) % 6;
4856 $lengthMagicArray += (($a >> 8) & 0xff) % 6;
4857 $lengthMagicArray += (($a >> 16) & 0xff) % 6;
4858 $lengthMagicArray += (($a >> 24) & 0xff) % 6;
4859 $lengthMagicArray += (($b >> 0) & 0xff) % 6;
4860 $lengthMagicArray += (($b >> 8) & 0xff) % 6;
4861 $lengthMagicArray += (($b >> 16) & 0xff) % 6;
4862 $lengthMagicArray += (($b >> 24) & 0xff) % 6;
4863 $lengthMagicArray += (($c >> 0) & 0xff) % 6;
4864 $lengthMagicArray += (($c >> 8) & 0xff) % 6;
4865 $offsetMagicArray += (($c >> 16) & 0xff) % 8;
4866 $offsetMagicArray += (($c >> 24) & 0xff) % 8;
4867 $offsetMagicArray += (($d >> 0) & 0xff) % 8;
4868 $offsetMagicArray += (($d >> 8) & 0xff) % 8;
4869 $offsetMagicArray += (($d >> 16) & 0xff) % 8;
4870 $offsetMagicArray += (($d >> 24) & 0xff) % 8;
4871 $offsetMagicArray += (($e >> 0) & 0xff) % 8;
4872 $offsetMagicArray += (($e >> 8) & 0xff) % 8;
4873 $offsetMagicArray += (($e >> 16) & 0xff) % 8;
4874 $offsetMagicArray += (($e >> 24) & 0xff) % 8;
4876 my $hash_buf = sha1_hex
($word_buf . substr ($theMagicArray_s, $offsetMagicArray, $lengthMagicArray) . $salt_buf);
4878 $tmp_hash = sprintf ("%s\$%s", $salt_buf, uc $hash_buf);
4880 elsif ($mode == 7900)
4889 my $phpass_it = 1 << $cost;
4891 $hash_buf = sha512
($salt_buf . $word_buf);
4893 for (my $i = 0; $i < $phpass_it; $i++)
4895 $hash_buf = sha512
($hash_buf . $word_buf);
4898 my $base64_buf = substr (Authen
::Passphrase
::PHPass
::_en_base64
($hash_buf), 0, 43);
4900 my $base64_digits = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
4902 my $cost_str = substr ($base64_digits , $cost, 1);
4904 $tmp_hash = sprintf ('$S$%s%s%s', $cost_str, $salt_buf, $base64_buf);
4906 elsif ($mode == 8000)
4908 my $salt_buf_bin = pack ("H*", $salt_buf);
4910 my $word_buf_utf = encode
("UTF-16BE", $word_buf);
4912 $hash_buf = sha256_hex
($word_buf_utf . "\x00" x
(510 - (length ($word_buf) * 2)) . $salt_buf_bin);
4914 $tmp_hash = sprintf ("0xc007%s%s", $salt_buf, $hash_buf);
4916 elsif ($mode == 8100)
4918 $hash_buf = sha1_hex
($salt_buf . $word_buf . "\x00");
4920 $tmp_hash = sprintf ("1%s%s", $salt_buf, $hash_buf);
4922 elsif ($mode == 8200)
4924 my $iterations = 40000;
4926 if (defined ($iter))
4928 $iterations = $iter;
4931 my $salt_hex = substr ($salt_buf, 0, 32);
4932 my $salt = pack ("H*", $salt_hex);
4934 my $data_hex = substr ($salt_buf, 32);
4935 my $data = pack ("H*", $data_hex);
4937 my $pbkdf2 = Crypt
::PBKDF2
->new
4939 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 512),
4940 iterations
=> int $iterations
4943 my $key = $pbkdf2->PBKDF2 ($salt, $word_buf);
4945 $hash_buf = hmac_hex
($data, substr ($key, 32, 32), \
&sha256
, 64);
4947 $tmp_hash = sprintf ("%s:%s:%d:%s", $hash_buf, $salt_hex, $iterations, $data_hex);
4949 elsif ($mode == 8300)
4951 my ($domain, $salt_hex) = split (":", $salt_buf);
4953 my $hashalg = Net
::DNS
::SEC
->digtype ("SHA1");
4955 my $salt = pack ("H*", $salt_hex);
4959 if (defined ($iter))
4961 $iterations = $iter;
4964 my $name = lc ($word_buf . $domain);
4966 my $hash_buf = Net
::DNS
::RR
::NSEC3
::name2hash
($hashalg, $name, $iterations, $salt);
4968 $tmp_hash = sprintf ("%s:%s:%s:%d", $hash_buf, $domain, $salt_hex, $iterations);
4970 elsif ($mode == 8400)
4972 $hash_buf = sha1_hex
($salt_buf . sha1_hex
($salt_buf . sha1_hex
($word_buf)));
4974 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4976 elsif ($mode == 8500)
4978 $hash_buf = racf_hash
(uc $salt_buf, $word_buf);
4980 $tmp_hash = sprintf ('$racf$*%s*%s', uc $salt_buf, uc $hash_buf);
4982 elsif ($mode == 8600)
4984 my @saved_key = map { ord $_; } split "", $word_buf;
4986 my $len = scalar @saved_key;
4988 my @state = domino_big_md
(\
@saved_key, $len);
4990 $tmp_hash = sprintf ('%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x',
5009 elsif ($mode == 8700)
5011 my $domino_char = undef;
5013 if (defined ($additional_param))
5015 $domino_char = $additional_param;
5018 my @saved_key = map { ord $_; } split "", $word_buf;
5020 my $len = scalar @saved_key;
5022 my @state = domino_big_md
(\
@saved_key, $len);
5024 my $str = "(" . unpack ("H*", join ("", (map { chr $_; } @state))) . ")";
5026 @saved_key = map { ord $_; } split "", $salt_buf . uc $str;
5028 @state = domino_big_md
(\
@saved_key, 34);
5030 $hash_buf = join ("", (map { chr $_; } @state));
5032 $tmp_hash = sprintf ('(G%s)', domino_encode
($salt_buf . $hash_buf, $domino_char));
5034 elsif ($mode == 8900)
5040 if (defined ($additional_param))
5042 $N = $additional_param;
5043 $r = $additional_param2;
5044 $p = $additional_param3;
5047 $hash_buf = scrypt_hash
($word_buf, $salt_buf, $N, $r, $p, 32);
5049 $tmp_hash = sprintf ('%s', $hash_buf);
5051 elsif ($mode == 9100)
5053 my $iterations = 5000;
5055 if (defined ($iter))
5057 $iterations = $iter;
5060 my $domino_char = undef;
5062 # domino 5 hash - SEC_pwddigest_V1 - -m 8600
5064 my @saved_key = map { ord $_; } split "", $word_buf;
5066 my $len = scalar @saved_key;
5068 my @state = domino_big_md
(\
@saved_key, $len);
5071 # domino 6 hash - SEC_pwddigest_V2 - -m 8700
5073 my $salt_part = substr ($salt_buf, 0, 5);
5075 my $str = "(" . unpack ("H*", join ("", (map { chr $_; } @state))) . ")";
5077 @saved_key = map { ord $_; } split "", $salt_part . uc $str;
5079 @state = domino_big_md
(\
@saved_key, 34);
5081 $hash_buf = join ("", (map { chr $_; } @state));
5083 $tmp_hash = sprintf ('(G%s)', domino_encode
($salt_part . $hash_buf, $domino_char));
5086 # domino 8(.5.x) hash - SEC_pwddigest_V3 - -m 9100
5088 my $pbkdf2 = Crypt
::PBKDF2
->new
5090 hash_class
=> 'HMACSHA1',
5091 iterations
=> $iterations,
5098 if (defined ($additional_param))
5100 $chars = $additional_param;
5103 my $digest_new = $pbkdf2->PBKDF2 ($salt_buf, $tmp_hash);
5105 my $iteration_str = "" . $iterations;
5107 for (my $i = length ($iterations); $i < 10; $i++)
5109 $iterations = "0" . $iterations;
5112 $tmp_hash = sprintf ('(H%s)', domino_85x_encode
($salt_buf . $iterations . $chars . $digest_new, $domino_char));
5114 elsif ($mode == 9200)
5116 my $iterations = 20000;
5118 my $pbkdf2 = Crypt
::PBKDF2
->new
5120 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256),
5121 iterations
=> $iterations
5124 $hash_buf = encode_base64
($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
5128 for (my $i = 0; $i < 43; $i++)
5130 $tmp_hash .= $CISCO_BASE64_MAPPING->{substr ($hash_buf, $i, 1)};
5133 $tmp_hash = sprintf ("\$8\$%s\$%s", $salt_buf, $tmp_hash);
5135 elsif ($mode == 9300)
5141 $hash_buf = scrypt_b64
($word_buf, $salt_buf, $N, $r, $p, 32);
5145 for (my $i = 0; $i < 43; $i++)
5147 $tmp_hash .= $CISCO_BASE64_MAPPING->{substr ($hash_buf, $i, 1)};
5150 $tmp_hash = sprintf ('$9$%s$%s', $salt_buf, $tmp_hash);
5152 elsif ($mode == 9400)
5154 my $iterations = 50000;
5158 $iterations = int ($iter);
5161 my $aes_key_size = 128; # or 256
5163 if (defined ($additional_param2))
5165 $aes_key_size = $additional_param2;
5168 $salt_buf = pack ("H*", $salt_buf);
5170 my $tmp = sha1
($salt_buf . encode
("UTF-16LE", $word_buf));
5172 for (my $i = 0; $i < $iterations; $i++)
5174 my $num32 = pack ("L", $i);
5176 $tmp = sha1
($num32 . $tmp);
5179 my $zero32 = pack ("L", 0x00);
5181 my $derivation_array1 = pack ("C", 0x36) x
64;
5182 my $derivation_array2 = pack ("C", 0x5C) x
64;
5184 $tmp = sha1
($tmp . $zero32);
5186 my $tmp2 = sha1
($derivation_array1 ^ $tmp);
5187 my $tmp3 = sha1
($derivation_array2 ^ $tmp);
5189 my $key = substr ($tmp2 . $tmp3, 0, $aes_key_size / 8);
5191 my $m = Crypt
::Mode
::ECB
->new ('AES', 0);
5195 if (defined $additional_param)
5197 $encdata = $m->decrypt (pack ("H*", $additional_param), $key);
5201 $encdata = "A" x
16; ## can be anything
5204 my $data1_buf = $encdata;
5205 my $data2_buf = sha1
(substr ($data1_buf, 0, 16));
5207 $data1_buf = substr ($data1_buf . ("\x00" x
16), 0, 16);
5208 $data2_buf = substr ($data2_buf . ("\x00" x
16), 0, 32);
5210 my $encrypted1 = unpack ("H*", $m->encrypt ($data1_buf, $key));
5211 my $encrypted2 = unpack ("H*", $m->encrypt ($data2_buf, $key));
5213 $encrypted1 = substr ($encrypted1, 0, 32);
5214 $encrypted2 = substr ($encrypted2, 0, 40);
5216 $tmp_hash = sprintf ("\$office\$*%d*%d*%d*%d*%s*%s*%s", 2007, 20, $aes_key_size, 16, unpack ("H*", $salt_buf), $encrypted1, $encrypted2);
5218 elsif ($mode == 9500)
5220 my $iterations = 100000;
5224 $iterations = int ($iter);
5227 $salt_buf = pack ("H*", $salt_buf);
5229 my $tmp = sha1
($salt_buf . encode
("UTF-16LE", $word_buf));
5231 for (my $i = 0; $i < $iterations; $i++)
5233 my $num32 = pack ("L", $i);
5235 $tmp = sha1
($num32 . $tmp);
5238 my $encryptedVerifierHashInputBlockKey = "\xfe\xa7\xd2\x76\x3b\x4b\x9e\x79";
5239 my $encryptedVerifierHashValueBlockKey = "\xd7\xaa\x0f\x6d\x30\x61\x34\x4e";
5241 my $final1 = sha1
($tmp . $encryptedVerifierHashInputBlockKey);
5242 my $final2 = sha1
($tmp . $encryptedVerifierHashValueBlockKey);
5244 my $key1 = substr ($final1, 0, 16);
5245 my $key2 = substr ($final2, 0, 16);
5247 my $cipher1 = Crypt
::CBC
->new({
5249 cipher
=> "Crypt::Rijndael",
5257 my $cipher2 = Crypt
::CBC
->new({
5259 cipher
=> "Crypt::Rijndael",
5269 if (defined $additional_param)
5271 $encdata = $cipher1->decrypt (pack ("H*", $additional_param));
5275 $encdata = "A" x
16; ## can be anything
5278 my $data1_buf = $encdata;
5279 my $data2_buf = sha1
(substr ($data1_buf, 0, 16));
5281 my $encrypted1 = unpack ("H*", $cipher1->encrypt ($data1_buf));
5282 my $encrypted2 = unpack ("H*", $cipher2->encrypt ($data2_buf));
5284 $encrypted2 = substr ($encrypted2, 0, 64);
5286 $tmp_hash = sprintf ("\$office\$*%d*%d*%d*%d*%s*%s*%s", 2010, 100000, 128, 16, unpack ("H*", $salt_buf), $encrypted1, $encrypted2);
5288 elsif ($mode == 9600)
5290 my $iterations = 100000;
5294 $iterations = int ($iter);
5297 $salt_buf = pack ("H*", $salt_buf);
5299 my $tmp = sha512
($salt_buf . encode
("UTF-16LE", $word_buf));
5301 for (my $i = 0; $i < $iterations; $i++)
5303 my $num32 = pack ("L", $i);
5305 $tmp = sha512
($num32 . $tmp);
5308 my $encryptedVerifierHashInputBlockKey = "\xfe\xa7\xd2\x76\x3b\x4b\x9e\x79";
5309 my $encryptedVerifierHashValueBlockKey = "\xd7\xaa\x0f\x6d\x30\x61\x34\x4e";
5311 my $final1 = sha512
($tmp . $encryptedVerifierHashInputBlockKey);
5312 my $final2 = sha512
($tmp . $encryptedVerifierHashValueBlockKey);
5314 my $key1 = substr ($final1, 0, 32);
5315 my $key2 = substr ($final2, 0, 32);
5317 my $cipher1 = Crypt
::CBC
->new({
5319 cipher
=> "Crypt::Rijndael",
5327 my $cipher2 = Crypt
::CBC
->new({
5329 cipher
=> "Crypt::Rijndael",
5339 if (defined $additional_param)
5341 $encdata = $cipher1->decrypt (pack ("H*", $additional_param));
5345 $encdata = "A" x
16; ## can be anything
5348 my $data1_buf = $encdata;
5349 my $data2_buf = sha512
(substr ($data1_buf, 0, 16));
5351 my $encrypted1 = unpack ("H*", $cipher1->encrypt ($data1_buf));
5352 my $encrypted2 = unpack ("H*", $cipher2->encrypt ($data2_buf));
5354 $encrypted2 = substr ($encrypted2, 0, 64);
5356 $tmp_hash = sprintf ("\$office\$*%d*%d*%d*%d*%s*%s*%s", 2013, 100000, 256, 16, unpack ("H*", $salt_buf), $encrypted1, $encrypted2);
5358 elsif ($mode == 9700)
5360 $salt_buf = pack ("H*", $salt_buf);
5362 my $tmp = md5
(encode
("UTF-16LE", $word_buf));
5364 $tmp = substr ($tmp, 0, 5);
5368 for (my $i = 0; $i < 16; $i++)
5376 $tmp = substr ($tmp, 0, 5);
5380 if (defined $additional_param2)
5382 $version = $additional_param2;
5386 $version = (unpack ("L", $tmp) & 1) ?
0 : 1;
5389 my $rc4_key = md5
($tmp . "\x00\x00\x00\x00");
5391 my $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5395 if (defined $additional_param)
5397 $encdata = $m->RC4 (pack ("H*", $additional_param));
5401 $encdata = "A" x
16; ## can be anything
5404 my $data1_buf = $encdata;
5405 my $data2_buf = md5
(substr ($data1_buf, 0, 16));
5407 $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5409 my $encrypted1 = $m->RC4 ($data1_buf);
5410 my $encrypted2 = $m->RC4 ($data2_buf);
5412 $tmp_hash = sprintf ("\$oldoffice\$%d*%s*%s*%s", $version, unpack ("H*", $salt_buf), unpack ("H*", $encrypted1), unpack ("H*", $encrypted2));
5414 elsif ($mode == 9800)
5416 $salt_buf = pack ("H*", $salt_buf);
5418 my $tmp = sha1
($salt_buf. encode
("UTF-16LE", $word_buf));
5422 if (defined $additional_param2)
5424 $version = $additional_param2;
5428 $version = (unpack ("L", $tmp) & 1) ?
3 : 4;
5431 my $rc4_key = sha1
($tmp . "\x00\x00\x00\x00");
5435 $rc4_key = substr ($rc4_key, 0, 5) . "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
5438 my $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5442 if (defined $additional_param)
5444 $encdata = $m->RC4 (pack ("H*", $additional_param));
5448 $encdata = "A" x
16; ## can be anything
5451 my $data1_buf = $encdata;
5452 my $data2_buf = sha1
(substr ($data1_buf, 0, 16));
5454 $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5456 my $encrypted1 = $m->RC4 ($data1_buf);
5457 my $encrypted2 = $m->RC4 ($data2_buf);
5459 $tmp_hash = sprintf ("\$oldoffice\$%d*%s*%s*%s", $version, unpack ("H*", $salt_buf), unpack ("H*", $encrypted1), unpack ("H*", $encrypted2));
5461 elsif ($mode == 9900)
5463 $tmp_hash = sprintf ("%s", md5_hex
($word_buf . "\0" x
(100 - length ($word_buf))));
5465 elsif ($mode == 10000)
5467 my $iterations = 10000;
5471 $iterations = int ($iter);
5474 my $pbkdf2 = Crypt
::PBKDF2
->new
5476 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256),
5477 iterations
=> $iterations
5480 $hash_buf = encode_base64
($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
5481 $hash_buf =~ s/[\r\n]//g;
5483 $tmp_hash = sprintf ("pbkdf2_sha256\$%i\$%s\$%s", $iterations, $salt_buf, $hash_buf);
5485 elsif ($mode == 10100)
5487 my $seed = pack ("H*", $salt_buf);
5489 my ($hi, $lo) = siphash
($word_buf, $seed);
5491 my $hi_s = sprintf ("%08x", $hi);
5492 my $lo_s = sprintf ("%08x", $lo);
5494 $hi_s =~ s/^(..)(..)(..)(..)$/$4$3$2$1/;
5495 $lo_s =~ s/^(..)(..)(..)(..)$/$4$3$2$1/;
5497 $tmp_hash = sprintf ("%s%s:2:4:%s", $hi_s, $lo_s, $salt_buf);
5499 elsif ($mode == 10200)
5501 my $challengeb64 = encode_base64
($salt_buf);
5502 $challengeb64 =~ s/[\r\n]//g;
5506 if (defined $additional_param)
5508 $username = $additional_param;
5515 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&md5
);
5517 my $responseb64 = encode_base64
($username . " " . $hash_buf);
5518 $responseb64 =~ s/[\r\n]//g;
5520 $tmp_hash = sprintf ('$cram_md5$%s$%s', $challengeb64, $responseb64);
5522 elsif ($mode == 10300)
5524 my $iterations = 1024;
5528 $iterations = int ($iter);
5531 my $hash_buf = $salt_buf;
5533 for (my $pos = 0; $pos < $iterations; $pos++)
5535 $hash_buf = sha1
($word_buf . $hash_buf);
5538 $hash_buf = encode_base64
($hash_buf . $salt_buf);
5539 $hash_buf =~ s/[\r\n]//g;
5541 $tmp_hash = sprintf ("{x-issha, %i}%s", $iterations, $hash_buf);
5543 elsif ($mode == 10400)
5546 my $u = $additional_param;
5547 my $o = $additional_param2;
5548 my $P = $additional_param3;
5550 if (defined $u == 0)
5555 if (defined $o == 0)
5560 if (defined $P == 0)
5567 for (my $i = 0; $i < 32; $i++)
5569 $padding .= pack ("C", $pdf_padding[$i]);
5572 my $res = pdf_compute_encryption_key
($word_buf, $padding, $id, $u, $o, $P, 1, 2, 0);
5574 my $m = Crypt
::RC4
->new (substr ($res, 0, 5));
5576 $u = $m->RC4 ($padding);
5578 $tmp_hash = sprintf ('$pdf$%d*%d*40*%d*%d*16*%s*32*%s*32*%s', 1, 2, $P, 0, $id, unpack ("H*", $u), $o);
5580 elsif ($mode == 10500)
5583 my $u = $additional_param;
5584 my $o = $additional_param2;
5585 my $P = $additional_param3;
5586 my $V = $additional_param4;
5587 my $R = $additional_param5;
5588 my $enc = $additional_param6;
5590 if (defined $u == 0)
5597 if (defined $o == 0)
5602 if (defined $R == 0)
5604 $R = get_random_num
(3, 5);
5607 if (defined $V == 0)
5609 $V = ($R == 3) ?
2 : 4;
5612 if (defined $P == 0)
5614 $P = ($R == 3) ?
-4 : -1028;
5617 if (defined $enc == 0)
5619 $enc = ($R == 3) ?
1 : get_random_num
(0, 2);
5624 for (my $i = 0; $i < 32; $i++)
5626 $padding .= pack ("C", $pdf_padding[$i]);
5629 my $res = pdf_compute_encryption_key
($word_buf, $padding, $id, $u, $o, $P, $V, $R, $enc);
5631 my $digest = md5
($padding . pack ("H*", $id));
5633 my $m = Crypt
::RC4
->new ($res);
5635 $u = $m->RC4 ($digest);
5637 my @ress = split "", $res;
5639 for (my $x = 1; $x <= 19; $x++)
5643 for (my $i = 0; $i < 16; $i++)
5645 $xor[$i] = chr (ord ($ress[$i]) ^ $x);
5648 my $s = join ("", @xor);
5650 my $m2 = Crypt
::RC4
->new ($s);
5655 $u .= substr (pack ("H*", $u_save), 16, 16);
5657 $tmp_hash = sprintf ('$pdf$%d*%d*128*%d*%d*16*%s*32*%s*32*%s', $V, $R, $P, $enc, $id, unpack ("H*", $u), $o);
5659 elsif ($mode == 10600)
5662 my $rest = $additional_param;
5664 if (defined $id == 0)
5669 if (defined $rest == 0)
5675 $rest .= "*127*00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000";
5678 my @data = split /\*/, $rest;
5680 my $u = pack ("H*", $data[1]);
5682 my $h = sha256
($word_buf . substr ($u, 32, 8));
5684 $data[1] = unpack ("H*", $h . substr ($u, 32));
5686 $rest = join ("*", @data);
5688 $tmp_hash = sprintf ('$pdf$5*5*256*-1028*1*16*%s*%s', $id, $rest);
5690 elsif ($mode == 10700)
5693 my $rest = $additional_param;
5695 if (defined $id == 0)
5700 if (defined $rest == 0)
5706 $rest .= "*127*00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000";
5709 my @datax = split /\*/, $rest;
5711 my $u = pack ("H*", $datax[1]);
5713 my $block = sha256
($word_buf . substr ($u, 32, 8));
5715 my $block_size = 32;
5717 my $data = 0x00 x
64;
5723 for (my $i = 0; $i < 64 || $i < $data63 + 32; $i++)
5725 $data = $word_buf . $block;
5727 $data_len = length ($data);
5729 for (my $k = 1; $k < 64; $k++)
5731 $data .= $word_buf . $block;
5734 my $aes = Crypt
::CBC
->new({
5735 key
=> substr ($block, 0, 16),
5736 cipher
=> "Crypt::Rijndael",
5737 iv
=> substr ($block, 16, 16),
5744 my $data = $aes->encrypt ($data);
5748 for (my $j = 0; $j < 16; $j++)
5750 $sum += ord (substr ($data, $j, 1));
5753 $block_size = 32 + ($sum % 3) * 16;
5755 if ($block_size == 32)
5757 $block = sha256
(substr ($data, 0, $data_len * 64));
5759 elsif ($block_size == 48)
5761 $block = sha384
(substr ($data, 0, $data_len * 64));
5763 elsif ($block_size == 64)
5765 $block = sha512
(substr ($data, 0, $data_len * 64));
5768 $data63 = ord (substr ($data, $data_len * 64 - 1, 1));
5771 $datax[1] = unpack ("H*", substr ($block, 0, 32) . substr ($u, 32));
5773 $rest = join ("*", @datax);
5775 $tmp_hash = sprintf ('$pdf$5*6*256*-1028*1*16*%s*%s', $id, $rest);
5777 elsif ($mode == 10800)
5779 $hash_buf = sha384_hex
($word_buf);
5781 $tmp_hash = sprintf ("%s", $hash_buf);
5783 elsif ($mode == 10900)
5785 my $iterations = 1000;
5789 $iterations = int ($iter);
5794 if (defined $additional_param)
5796 $out_len = $additional_param;
5799 my $pbkdf2 = Crypt
::PBKDF2
->new
5801 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256),
5802 iterations
=> $iterations,
5803 output_len
=> $out_len
5806 $hash_buf = encode_base64
($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
5807 $hash_buf =~ s/[\r\n]//g;
5809 my $base64_salt_buf = encode_base64
($salt_buf);
5811 chomp ($base64_salt_buf);
5813 $tmp_hash = sprintf ("sha256:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
5815 elsif ($mode == 11000)
5817 $hash_buf = md5_hex
($salt_buf . $word_buf);
5819 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
5821 elsif ($mode == 11100)
5823 my $user = "postgres";
5825 if (defined $additional_param)
5827 $user = $additional_param;
5830 $hash_buf = md5_hex
(md5_hex
($word_buf . $user) . pack ("H*", $salt_buf));
5832 $tmp_hash = sprintf ("\$postgres\$%s*%s*%s", $user, $salt_buf, $hash_buf);
5834 elsif ($mode == 11200)
5836 my $sha1_pass = sha1
($word_buf);
5837 my $double_sha1 = sha1
($sha1_pass);
5839 my $xor_part1 = $sha1_pass;
5840 my $xor_part2 = sha1
(pack ("H*", $salt_buf) . $double_sha1);
5844 for (my $i = 0; $i < 20; $i++)
5846 my $first_byte = substr ($xor_part1, $i, 1);
5847 my $second_byte = substr ($xor_part2, $i, 1);
5849 my $xor_result = $first_byte ^ $second_byte;
5851 $hash_buf .= unpack ("H*", $xor_result);
5854 $tmp_hash = sprintf ("\$mysqlna\$%s*%s", $salt_buf, $hash_buf);
5856 elsif ($mode == 11300)
5858 my $ckey_buf = get_random_string
(96);
5860 if (length ($additional_param))
5862 $ckey_buf = $additional_param;
5865 my $public_key_buf = get_random_string
(66);
5867 if (length ($additional_param2))
5869 $public_key_buf = $additional_param2;
5872 my $salt_iter = get_random_num
(150000, 250000);
5876 $salt_iter = int ($iter);
5879 my $hash_buf = sha512
($word_buf . pack ("H*", $salt_buf));
5881 for (my $i = 1; $i < $salt_iter; $i++)
5883 $hash_buf = sha512
($hash_buf);
5886 my $data = get_random_string
(32);
5888 my $aes = Crypt
::CBC
->new({
5889 key
=> substr ($hash_buf, 0, 32),
5890 cipher
=> "Crypt::Rijndael",
5891 iv
=> substr ($hash_buf, 32, 16),
5895 padding
=> "standard",
5898 my $cry_master_buf = (unpack ("H*", $aes->encrypt ($data)));
5900 $tmp_hash = sprintf ('$bitcoin$%d$%s$%d$%s$%d$%d$%s$%d$%s',
5901 length ($cry_master_buf),
5908 length ($public_key_buf),
5911 elsif ($mode == 11400)
5913 my ($directive, $URI_server, $URI_client, $user, $realm, $nonce, $nonce_count, $nonce_client, $qop, $method, $URI, $URI_prefix, $URI_resource, $URI_suffix);
5915 $directive = "MD5"; # only directive currently supported
5917 if (defined ($additional_param))
5919 $user = $additional_param;
5920 $realm = $additional_param2;
5922 $nonce_count = $additional_param3;
5923 $nonce_client = $additional_param4;
5924 $qop = $additional_param5;
5925 $method = $additional_param6;
5927 $URI_prefix = $additional_param7;
5928 $URI_resource = $additional_param8;
5929 $URI_suffix = $additional_param9;
5931 # not needed information
5933 $URI_server = $additional_param10;
5934 $URI_client = $additional_param11;
5938 $user = get_random_string
(get_random_num
(0, 12 + 1));
5940 # special limit: (user_len + 1 + realm_len + 1 + word_buf_len) < 56
5941 my $realm_max_len = 55 - length ($user) - 1 - length ($word_buf) - 1;
5943 if ($realm_max_len < 1) # should never happen
5948 $realm_max_len = min
(20, $realm_max_len);
5950 $realm = get_random_string
(get_random_num
(0, $realm_max_len + 1));
5954 if (get_random_num
(0, 1 + 1) == 1)
5958 $nonce_count = get_random_string
(get_random_num
(0, 10 + 1));
5959 $nonce_client = get_random_string
(get_random_num
(0, 12 + 1));
5969 $method = get_random_string
(get_random_num
(0, 24 + 1));
5971 $URI_prefix = get_random_string
(get_random_num
(0, 10 + 1));
5972 $URI_resource = get_random_string
(get_random_num
(1, 32 + 1));
5973 $URI_suffix = get_random_string
(get_random_num
(0, 32 + 1));
5975 # not needed information
5977 $URI_server = get_random_string
(get_random_num
(0, 32 + 1));
5978 $URI_client = $URI_resource; # simplification
5985 if (length ($URI_prefix) > 0)
5987 $URI = $URI_prefix . ":";
5990 $URI .= $URI_resource;
5992 if (length ($URI_suffix) > 0)
5994 $URI .= ":" . $URI_suffix;
5997 my $HA2 = md5_hex
($method . ":" . $URI);
5999 my $HA1 = md5_hex
($user . ":" . $realm . ":" . $word_buf);
6003 if (($qop eq "auth") || ($qop eq "auth-int"))
6005 $tmp_buf = $nonce . ":" . $nonce_count . ":" . $nonce_client . ":" . $qop;
6012 my $hash_buf = md5_hex
($HA1 . ":" . $tmp_buf . ":" . $HA2);
6014 $tmp_hash = sprintf ("\$sip\$*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s", $URI_server, $URI_resource, $user, $realm, $method, $URI_prefix, $URI_resource, $URI_suffix, $nonce, $nonce_client, $nonce_count, $qop, $directive, $hash_buf);
6016 elsif ($mode == 11500)
6018 $hash_buf = crc32
($word_buf);
6020 $tmp_hash = sprintf ("%08x:00000000", $hash_buf);
6022 elsif ($mode == 11600)
6024 my ($p, $num_cycle_power, $seven_zip_salt_len, $seven_zip_salt_buf, $salt_len, $data_len, $unpack_size, $data_buf);
6028 my $validation_only = 0;
6030 $validation_only = 1 if (defined ($additional_param));
6032 if ($validation_only == 1)
6034 $num_cycle_power = int ($iter);
6035 $seven_zip_salt_len = $additional_param;
6036 $seven_zip_salt_buf = $additional_param2;
6037 $salt_len = $additional_param3;
6038 # $salt_buf set in parser
6039 # $hash_buf (resulting crc)
6040 $data_len = $additional_param4;
6041 $unpack_size = $additional_param5;
6042 $data_buf = $additional_param6;
6046 $num_cycle_power = 14; # by default it is 19
6047 $seven_zip_salt_len = 0;
6048 $seven_zip_salt_buf = "";
6049 $salt_len = length ($salt_buf);
6050 # $salt_buf set automatically
6051 # $hash_buf (resulting crc)
6052 # $data_len will be set when encrypting
6053 $unpack_size = get_random_num
(1, 32 + 1);
6054 $data_buf = get_random_string
($unpack_size);
6058 # 2 ^ NumCyclesPower "iterations" of SHA256 (only one final SHA256)
6061 $word_buf = encode
("UTF-16LE", $word_buf);
6063 my $rounds = 1 << $num_cycle_power;
6067 for (my $i = 0; $i < $rounds; $i++)
6071 $num_buf .= pack ("V", $i);
6072 $num_buf .= "\x00" x
4;
6074 # this would be better but only works on 64-bit systems:
6075 # $num_buf = pack ("q", $i);
6077 $pass_buf .= sprintf ("%s%s", $word_buf, $num_buf);
6080 my $key = sha256
($pass_buf);
6082 # the salt_buf is our IV for AES CBC
6085 my $salt_buf_len = length ($salt_buf);
6086 my $salt_padding_len = 0;
6088 if ($salt_buf_len < 16)
6090 $salt_padding_len = 16 - $salt_buf_len;
6093 $salt_buf .= "\x00" x
$salt_padding_len;
6095 my $aes = Crypt
::CBC
->new({
6096 cipher
=> "Crypt::Rijndael",
6104 if ($validation_only == 1)
6108 my $decrypted_data = $aes->decrypt ($data_buf);
6110 $decrypted_data = substr ($decrypted_data, 0, $unpack_size);
6112 $hash_buf = crc32
($decrypted_data);
6118 $hash_buf = crc32
($data_buf);
6120 $data_buf = $aes->encrypt ($data_buf);
6122 $data_len = length ($data_buf);
6125 $tmp_hash = sprintf ("\$7z\$%i\$%i\$%i\$%s\$%i\$%08s\$%u\$%u\$%u\$%s", $p, $num_cycle_power, $seven_zip_salt_len, $seven_zip_salt_buf, $salt_len, unpack ("H*", $salt_buf), $hash_buf, $data_len, $unpack_size, unpack ("H*", $data_buf));
6127 elsif ($mode == 11900)
6129 my $iterations = 1000;
6133 $iterations = int ($iter);
6138 if (defined $additional_param)
6140 $out_len = $additional_param;
6144 # call PHP here - WTF
6147 # sanitize $word_buf and $salt_buf:
6149 my $word_buf_base64 = encode_base64
($word_buf);
6150 $word_buf_base64 =~ s/[\r\n]//g;
6152 my $salt_buf_base64 = encode_base64
($salt_buf);
6153 $salt_buf_base64 =~ s/[\r\n]//g;
6157 $out_len = int ($out_len);
6159 # output is in hex encoding, otherwise it could be screwed (but shouldn't)
6161 my $php_code = <<'END_CODE';
6163 function pbkdf2 ($algorithm, $password, $salt, $count, $key_length, $raw_output = false)
6165 $algorithm = strtolower ($algorithm);
6167 if(! in_array ($algorithm, hash_algos (), true))
6169 trigger_error ("PBKDF2 ERROR: Invalid hash algorithm.", E_USER_ERROR);
6172 if ($count <= 0 || $key_length <= 0)
6174 trigger_error ("PBKDF2 ERROR: Invalid parameters.", E_USER_ERROR);
6177 if (function_exists ("hash_pbkdf2"))
6181 $key_length = $key_length * 2;
6184 return hash_pbkdf2 ($algorithm, $password, $salt, $count, $key_length, $raw_output);
6187 $hash_length = strlen (hash ($algorithm, "", true));
6188 $block_count = ceil ($key_length / $hash_length);
6192 for ($i = 1; $i <= $block_count; $i++)
6194 $last = $salt . pack ("N", $i);
6196 $last = $xorsum = hash_hmac ($algorithm, $last, $password, true);
6198 for ($j = 1; $j < $count; $j++)
6200 $xorsum ^= ($last = hash_hmac ($algorithm, $last, $password, true));
6208 return substr ($output, 0, $key_length);
6212 return bin2hex (substr ($output, 0, $key_length));
6216 print pbkdf2 ("md5", base64_decode ("$word_buf_base64"), base64_decode ("$salt_buf_base64"), $iterations, $out_len, False);
6220 # replace with these command line arguments
6222 $php_code =~ s/\$word_buf_base64/$word_buf_base64/;
6223 $php_code =~ s/\$salt_buf_base64/$salt_buf_base64/;
6224 $php_code =~ s/\$iterations/$iterations/;
6225 $php_code =~ s/\$out_len/$out_len/;
6227 my $php_output = `php -r '$php_code'`;
6229 $hash_buf = pack ("H*", $php_output);
6231 $hash_buf = encode_base64 ($hash_buf);
6232 $hash_buf =~ s/[\r\n]//g;
6234 my $base64_salt_buf = encode_base64 ($salt_buf);
6236 chomp ($base64_salt_buf);
6238 $tmp_hash = sprintf ("md5:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6240 elsif ($mode == 12000)
6242 my $iterations = 1000;
6246 $iterations = int ($iter);
6251 if (defined $additional_param)
6253 $out_len = $additional_param;
6256 my $pbkdf2 = Crypt::PBKDF2->new
6258 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1'),
6259 iterations => $iterations,
6260 output_len => $out_len
6263 $hash_buf = encode_base64 ($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
6264 $hash_buf =~ s/[\r\n]//g;
6266 my $base64_salt_buf = encode_base64 ($salt_buf);
6268 chomp ($base64_salt_buf);
6270 $tmp_hash = sprintf ("sha1:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6272 elsif ($mode == 12100)
6274 my $iterations = 1000;
6278 $iterations = int ($iter);
6283 if (defined $additional_param)
6285 $out_len = $additional_param;
6288 my $pbkdf2 = Crypt::PBKDF2->new
6290 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 512),
6291 iterations => $iterations,
6292 output_len => $out_len
6295 $hash_buf = encode_base64 ($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
6296 $hash_buf =~ s/[\r\n]//g;
6298 my $base64_salt_buf = encode_base64 ($salt_buf);
6300 chomp ($base64_salt_buf);
6302 $tmp_hash = sprintf ("sha512:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6304 elsif ($mode == 12200)
6306 my $iterations = 65536;
6308 my $default_salt = 0;
6310 if (defined $additional_param)
6312 $default_salt = int ($additional_param);
6315 if ($default_salt == 1)
6317 $salt_buf = "0011223344556677";
6320 $hash_buf = sha512 (pack ("H*", $salt_buf) . $word_buf);
6322 for (my $i = 0; $i < $iterations; $i++)
6324 $hash_buf = sha512 ($hash_buf);
6327 $hash_buf = unpack ("H*", $hash_buf);
6328 $hash_buf = substr ($hash_buf, 0, 16);
6330 if ($default_salt == 0)
6332 $tmp_hash = sprintf ("\$ecryptfs\$0\$1\$%s\$%s", $salt_buf, $hash_buf);
6336 $tmp_hash = sprintf ("\$ecryptfs\$0\$%s", $hash_buf);
6339 elsif ($mode == 12300)
6341 my $iterations = 4096;
6343 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 512);
6345 my $pbkdf2 = Crypt::PBKDF2->new (
6347 iterations => $iterations,
6351 my $salt_bin = pack ("H*", $salt_buf);
6353 my $key = $pbkdf2->PBKDF2 ($salt_bin. "AUTH_PBKDF2_SPEEDY_KEY", $word_buf);
6355 $hash_buf = sha512_hex ($key . $salt_bin);
6357 $tmp_hash = sprintf ("%s%s", uc ($hash_buf), uc ($salt_buf));
6359 elsif ($mode == 12400)
6365 $iterations = int ($iter);
6369 $iterations = get_random_num (1, 5001 + 1);
6372 my $key_value = fold_password ($word_buf);
6374 my $data = "\x00\x00\x00\x00\x00\x00\x00\x00";
6375 my $salt_value = base64_to_int24 ($salt_buf);
6377 $hash_buf = crypt_rounds ($key_value, $iterations, $salt_value, $data);
6379 $tmp_hash = sprintf ("_%s%s%s", int24_to_base64 ($iterations), $salt_buf, block_to_base64 ($hash_buf));
6381 elsif ($mode == 12600)
6383 $hash_buf = sha1_hex ($word_buf);
6385 $hash_buf = sha256_hex ($salt_buf . uc $hash_buf);
6387 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
6389 elsif ($mode == 12700)
6391 my $iterations = 10;
6394 "guid" : "00000000-0000-0000-0000-000000000000",
6395 "sharedKey" : "00000000-0000-0000-0000-000000000000",
6396 "options" : {"pbkdf2_iterations":10,"fee_policy":0,"html5_notifications":false,"logout_time":600000,"tx_display":0,"always_keep_local_backup":false}|;
6398 my $salt_buf_bin = pack ("H*", $salt_buf);
6400 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1');
6402 my $pbkdf2 = Crypt::PBKDF2->new (
6404 iterations => $iterations,
6408 my $key = $pbkdf2->PBKDF2 ($salt_buf_bin, $word_buf);
6410 my $cipher = Crypt::CBC->new({
6412 cipher => "Crypt::Rijndael",
6413 iv => $salt_buf_bin,
6419 my $encrypted = unpack ("H*", $cipher->encrypt ($data));
6421 $tmp_hash = sprintf ("\$blockchain\$%s\$%s", length ($salt_buf . $encrypted) / 2, $salt_buf . $encrypted);
6423 elsif ($mode == 12800)
6425 my $iterations = 100;
6429 $iterations = int ($iter);
6432 my $nt = md4_hex (encode ("UTF-16LE", $word_buf));
6434 my $pbkdf2 = Crypt::PBKDF2->new
6436 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
6437 iterations => $iterations,
6441 my $salt_buf_bin = pack ("H*", $salt_buf);
6443 my $hash = $pbkdf2->PBKDF2 ($salt_buf_bin, uc (encode ("UTF-16LE", $nt)));
6445 $tmp_hash = sprintf ("v1;PPH1_MD4,%s,%d,%s", $salt_buf, $iterations, unpack ("H*", $hash));
6455 my $word_len = shift;
6457 my $salt_len = shift;
6461 $max = 15 if ($mode == 2410);
6463 if ($is_unicode{$mode})
6465 if (! $allow_long_salt{$mode})
6467 $word_len = min ($word_len, int ($max / 2) - $salt_len);
6471 $word_len = min ($word_len, int ($max / 2));
6474 elsif ($less_fifteen{$mode})
6476 $word_len = min ($word_len, 15);
6480 $salt_len = min ($salt_len, 15 - $word_len);
6485 if (! $allow_long_salt{$mode})
6487 $word_len = min ($word_len, $max - $salt_len);
6506 for (my $i = 0; $i < $salt_len; $i++)
6508 my $c = get_random_chr (0x30, 0x39);
6510 push (@salt_arr, $c);
6513 $salt_buf = join ("", @salt_arr);
6515 $salt_buf = get_random_md5chap_salt ($salt_buf);
6517 elsif ($mode == 5300 || $mode == 5400)
6519 $salt_buf = get_random_ike_salt ();
6521 elsif ($mode == 5500)
6523 $salt_buf = get_random_netntlmv1_salt ($salt_len, $salt_len);
6525 elsif ($mode == 5600)
6527 $salt_buf = get_random_netntlmv2_salt ($salt_len, $salt_len);
6529 elsif ($mode == 6600)
6531 $salt_buf = get_random_agilekeychain_salt ();
6533 elsif ($mode == 8200)
6535 $salt_buf = get_random_cloudkeychain_salt ();
6537 elsif ($mode == 8300)
6539 $salt_buf = get_random_dnssec_salt ();
6545 for (my $i = 0; $i < $salt_len; $i++)
6547 my $c = get_random_chr (0x30, 0x39);
6549 push (@salt_arr, $c);
6552 $salt_buf = join ("", @salt_arr);
6556 $salt_buf = get_random_kerberos5_salt ($salt_buf);
6566 for (my $i = 0; $i < $word_len; $i++)
6568 my $c = get_random_chr (0x30, 0x39);
6570 push (@word_arr, $c);
6573 my $word_buf = join ("", @word_arr);
6579 my $tmp_hash = gen_hash ($mode, $word_buf, $salt_buf);
6592 print sprintf ("echo -n %-20s | %s \${OPTS} %s %4d '%s'\n", $word_buf, @cmd);
6604 sub get_random_string
6610 for (my $i = 0; $i < $len; $i++)
6612 my $c = get_random_chr (0x30, 0x39);
6617 my $buf = join ("", @arr);
6627 return int ((rand ($max - $min)) + $min);
6632 return chr get_random_num (@_);
6641 for (my $i = 0; $i < length ($str); $i += 4)
6643 my $num = domino_base64_decode (substr ($str, $i, 4), 4);
6645 $decoded .= chr (($num >> 16) & 0xff) . chr (($num >> 8) & 0xff) . chr ($num & 0xff);
6652 $salt = substr ($decoded, 0, 5);
6654 my $byte10 = (ord (substr ($salt, 3, 1)) - 4);
6658 $byte10 = 256 + $byte10;
6661 substr ($salt, 3, 1) = chr ($byte10);
6663 $digest = substr ($decoded, 5, 9);
6664 $char = substr ($str, 18, 1);
6666 return ($digest, $salt, $char);
6669 sub domino_85x_decode
6675 for (my $i = 0; $i < length ($str); $i += 4)
6677 my $num = domino_base64_decode (substr ($str, $i, 4), 4);
6679 $decoded .= chr (($num >> 16) & 0xff) . chr (($num >> 8) & 0xff) . chr ($num & 0xff);
6684 my $iterations = -1;
6687 $salt = substr ($decoded, 0, 16); # longer than -m 8700 (5 vs 16 <- new)
6689 my $byte10 = (ord (substr ($salt, 3, 1)) - 4);
6693 $byte10 = 256 + $byte10;
6696 substr ($salt, 3, 1) = chr ($byte10);
6698 $iterations = substr ($decoded, 16, 10);
6700 if ($iterations =~ /^?d*$/)
6704 $iterations = $iterations + 0; # hack: make sure it is an int now (atoi ())
6705 $chars = substr ($decoded, 26, 2); # in my example it is "02"
6706 $digest = substr ($decoded, 28, 8); # only of length of 8 vs 20 SHA1 bytes
6709 return ($digest, $salt, $iterations, $chars);
6712 sub domino_base64_decode
6717 my $itoa64 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
6725 my $idx = (index ($itoa64, substr ($v, $n - $i, 1))) & 0x3f;
6727 $ret += ($idx << (6 * ($i - 1)));
6740 my $byte10 = (ord (substr ($final, 3, 1)) + 4);
6744 $byte10 = $byte10 - 256;
6747 substr ($final, 3, 1) = chr ($byte10);
6751 $passwd .= domino_base64_encode ((int (ord (substr ($final, 0, 1))) << 16) | (int (ord (substr ($final, 1, 1))) << 8) | (int (ord (substr ($final, 2, 1)))), 4);
6752 $passwd .= domino_base64_encode ((int (ord (substr ($final, 3, 1))) << 16) | (int (ord (substr ($final, 4, 1))) << 8) | (int (ord (substr ($final, 5, 1)))), 4);
6753 $passwd .= domino_base64_encode ((int (ord (substr ($final, 6, 1))) << 16) | (int (ord (substr ($final, 7, 1))) << 8) | (int (ord (substr ($final, 8, 1)))), 4);
6754 $passwd .= domino_base64_encode ((int (ord (substr ($final, 9, 1))) << 16) | (int (ord (substr ($final, 10, 1))) << 8) | (int (ord (substr ($final, 11, 1)))), 4);
6755 $passwd .= domino_base64_encode ((int (ord (substr ($final, 12, 1))) << 16) | (int (ord (substr ($final, 13, 1))) << 8) | (int (ord (substr ($final, 14, 1)))), 4);
6757 if (defined ($char))
6759 substr ($passwd, 18, 1) = $char;
6761 substr ($passwd, 19, 1) = "";
6766 sub domino_85x_encode
6771 my $byte10 = (ord (substr ($final, 3, 1)) + 4);
6775 $byte10 = $byte10 - 256;
6778 substr ($final, 3, 1) = chr ($byte10);
6782 $passwd .= domino_base64_encode ((int (ord (substr ($final, 0, 1))) << 16) | (int (ord (substr ($final, 1, 1))) << 8) | (int (ord (substr ($final, 2, 1)))), 4);
6783 $passwd .= domino_base64_encode ((int (ord (substr ($final, 3, 1))) << 16) | (int (ord (substr ($final, 4, 1))) << 8) | (int (ord (substr ($final, 5, 1)))), 4);
6784 $passwd .= domino_base64_encode ((int (ord (substr ($final, 6, 1))) << 16) | (int (ord (substr ($final, 7, 1))) << 8) | (int (ord (substr ($final, 8, 1)))), 4);
6785 $passwd .= domino_base64_encode ((int (ord (substr ($final, 9, 1))) << 16) | (int (ord (substr ($final, 10, 1))) << 8) | (int (ord (substr ($final, 11, 1)))), 4);
6786 $passwd .= domino_base64_encode ((int (ord (substr ($final, 12, 1))) << 16) | (int (ord (substr ($final, 13, 1))) << 8) | (int (ord (substr ($final, 14, 1)))), 4);
6787 $passwd .= domino_base64_encode ((int (ord (substr ($final, 15, 1))) << 16) | (int (ord (substr ($final, 16, 1))) << 8) | (int (ord (substr ($final, 17, 1)))), 4);
6788 $passwd .= domino_base64_encode ((int (ord (substr ($final, 18, 1))) << 16) | (int (ord (substr ($final, 19, 1))) << 8) | (int (ord (substr ($final, 20, 1)))), 4);
6789 $passwd .= domino_base64_encode ((int (ord (substr ($final, 21, 1))) << 16) | (int (ord (substr ($final, 22, 1))) << 8) | (int (ord (substr ($final, 23, 1)))), 4);
6790 $passwd .= domino_base64_encode ((int (ord (substr ($final, 24, 1))) << 16) | (int (ord (substr ($final, 25, 1))) << 8) | (int (ord (substr ($final, 26, 1)))), 4);
6791 $passwd .= domino_base64_encode ((int (ord (substr ($final, 27, 1))) << 16) | (int (ord (substr ($final, 28, 1))) << 8) | (int (ord (substr ($final, 29, 1)))), 4);
6792 $passwd .= domino_base64_encode ((int (ord (substr ($final, 30, 1))) << 16) | (int (ord (substr ($final, 31, 1))) << 8) | (int (ord (substr ($final, 32, 1)))), 4);
6793 $passwd .= domino_base64_encode ((int (ord (substr ($final, 33, 1))) << 16) | (int (ord (substr ($final, 34, 1))) << 8) | (int (ord (substr ($final, 35, 1)))), 4);
6795 if (defined ($char))
6797 substr ($passwd, 18, 1) = $char;
6803 sub domino_base64_encode
6808 my $itoa64 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
6812 while (($n - 1) >= 0)
6816 $ret = substr ($itoa64, $v & 0x3f, 1) . $ret;
6826 my $itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
6831 my $v = unpack "V", substr($md5, $i*4, 4);
6833 $s64 .= substr($itoa64, $v & 0x3f, 1);
6842 my ($username, $password) = @_;
6844 $username = substr ($username . " " x 8, 0, 8);
6845 $password = substr ($password . " " x 8, 0, 8);
6847 my $username_ebc = ascii2ebcdic ($username);
6848 my $password_ebc = ascii2ebcdic ($password);
6850 my @pw = split ("", $password_ebc);
6852 for (my $i = 0; $i < 8; $i++)
6854 $pw[$i] = unpack ("C", $pw[$i]);
6857 $pw[$i] = pack ("C", $pw[$i] & 0xff);
6860 my $key = join ("", @pw);
6862 my $cipher = new Crypt::DES $key;
6864 my $ciphertext = $cipher->encrypt ($username_ebc);
6866 my $ct = unpack ("H16", $ciphertext);
6873 my ($username, $password) = @_;
6875 my $userpass = pack('n*', unpack('C*', uc($username.$password)));
6876 $userpass .= pack('C', 0) while (length($userpass) % 8);
6878 my $key = pack('H*', "0123456789ABCDEF");
6879 my $iv = pack('H*', "0000000000000000");
6881 my $c = new Crypt::CBC(
6888 my $key2 = substr($c->encrypt($userpass), length($userpass)-8, 8);
6890 my $c2 = new Crypt::CBC(
6897 my $hash = substr($c2->encrypt($userpass), length($userpass)-8, 8);
6899 return uc(unpack('H*', $hash));
6904 my $word_buf = shift;
6906 my $salt_buf = shift;
6908 my $w = sprintf ("%d%s%s", 0, $word_buf, $salt_buf);
6910 my $digest = sha1 ($w);
6912 for (my $i = 1; $i < 1024; $i++)
6914 $w = $digest . sprintf ("%d%s%s", $i, $word_buf, $salt_buf);
6916 $digest = sha1 ($w);
6919 my ($A, $B, $C, $D, $E) = unpack ("N5", $digest);
6921 return sprintf ("%08x%08x%08x%08x%08x", $A, $B, $C, $D, $E);
6929 my $itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
6933 while (($n - 1) >= 0)
6937 $ret .= substr ($itoa64, $v & 0x3f, 1);
6953 my $hash = ""; # hash to be returned by this function
6955 my $final = md5 ($pass . $salt . $pass);
6957 $salt = substr ($salt, 0, 8);
6959 my $tmp = $pass . $magic . $salt;
6961 my $pass_len = length ($pass);
6965 for ($i = $pass_len; $i > 0; $i -= 16)
6974 $tmp .= substr ($final, 0, $len);
6987 $tmp .= substr ($pass, 0, 1);
6993 $final = md5 ($tmp);
6995 for ($i = 0; $i < $iter; $i++)
7027 $final = md5 ($tmp);
7031 # now format the output sting ("hash")
7035 $hash = to64 ((ord (substr ($final, 0, 1)) << 16) | (ord (substr ($final, 6, 1)) << 8) | (ord (substr ($final, 12, 1))), 4);
7036 $hash .= to64 ((ord (substr ($final, 1, 1)) << 16) | (ord (substr ($final, 7, 1)) << 8) | (ord (substr ($final, 13, 1))), 4);
7037 $hash .= to64 ((ord (substr ($final, 2, 1)) << 16) | (ord (substr ($final, 8, 1)) << 8) | (ord (substr ($final, 14, 1))), 4);
7038 $hash .= to64 ((ord (substr ($final, 3, 1)) << 16) | (ord (substr ($final, 9, 1)) << 8) | (ord (substr ($final, 15, 1))), 4);
7039 $hash .= to64 ((ord (substr ($final, 4, 1)) << 16) | (ord (substr ($final, 10, 1)) << 8) | (ord (substr ($final, 5, 1))), 4);
7040 $hash .= to64 (ord (substr ($final, 11, 1)), 2);
7042 if ($iter == 1000) # default
7044 $hash_buf = sprintf ("%s%s\$%s", $magic , $salt , $hash);
7048 $hash_buf = sprintf ("%srounds=%i\$%s\$%s", $magic, $iter, $salt , $hash);
7060 my $hash = ""; # hash to be returned by this function
7062 my $final = sha512 ($pass . $salt . $pass);
7064 $salt = substr ($salt, 0, 16);
7066 my $tmp = $pass . $salt;
7068 my $pass_len = length ($pass);
7069 my $salt_len = length ($salt);
7073 for ($i = $pass_len; $i > 0; $i -= 16)
7082 $tmp .= substr ($final, 0, $len);
7101 $final = sha512 ($tmp);
7107 for ($i = 0; $i < $pass_len; $i++)
7112 $p_bytes = sha512 ($p_bytes);
7113 $p_bytes = substr ($p_bytes, 0, $pass_len);
7117 my $final_first_byte = ord (substr ($final, 0, 1));
7121 for ($i = 0; $i < (16 + $final_first_byte); $i++)
7126 $s_bytes = sha512 ($s_bytes);
7127 $s_bytes = substr ($s_bytes, 0, $salt_len);
7129 for ($i = 0; $i < $iter; $i++)
7161 $final = sha512 ($tmp);
7165 # now format the output string ("hash")
7169 $hash .= to64 ((ord (substr ($final, 0, 1)) << 16) | (ord (substr ($final, 21, 1)) << 8) | (ord (substr ($final, 42, 1))), 4);
7170 $hash .= to64 ((ord (substr ($final, 22, 1)) << 16) | (ord (substr ($final, 43, 1)) << 8) | (ord (substr ($final, 1, 1))), 4);
7171 $hash .= to64 ((ord (substr ($final, 44, 1)) << 16) | (ord (substr ($final, 2, 1)) << 8) | (ord (substr ($final, 23, 1))), 4);
7172 $hash .= to64 ((ord (substr ($final, 3, 1)) << 16) | (ord (substr ($final, 24, 1)) << 8) | (ord (substr ($final, 45, 1))), 4);
7173 $hash .= to64 ((ord (substr ($final, 25, 1)) << 16) | (ord (substr ($final, 46, 1)) << 8) | (ord (substr ($final, 4, 1))), 4);
7174 $hash .= to64 ((ord (substr ($final, 47, 1)) << 16) | (ord (substr ($final, 5, 1)) << 8) | (ord (substr ($final, 26, 1))), 4);
7175 $hash .= to64 ((ord (substr ($final, 6, 1)) << 16) | (ord (substr ($final, 27, 1)) << 8) | (ord (substr ($final, 48, 1))), 4);
7176 $hash .= to64 ((ord (substr ($final, 28, 1)) << 16) | (ord (substr ($final, 49, 1)) << 8) | (ord (substr ($final, 7, 1))), 4);
7177 $hash .= to64 ((ord (substr ($final, 50, 1)) << 16) | (ord (substr ($final, 8, 1)) << 8) | (ord (substr ($final, 29, 1))), 4);
7178 $hash .= to64 ((ord (substr ($final, 9, 1)) << 16) | (ord (substr ($final, 30, 1)) << 8) | (ord (substr ($final, 51, 1))), 4);
7179 $hash .= to64 ((ord (substr ($final, 31, 1)) << 16) | (ord (substr ($final, 52, 1)) << 8) | (ord (substr ($final, 10, 1))), 4);
7180 $hash .= to64 ((ord (substr ($final, 53, 1)) << 16) | (ord (substr ($final, 11, 1)) << 8) | (ord (substr ($final, 32, 1))), 4);
7181 $hash .= to64 ((ord (substr ($final, 12, 1)) << 16) | (ord (substr ($final, 33, 1)) << 8) | (ord (substr ($final, 54, 1))), 4);
7182 $hash .= to64 ((ord (substr ($final, 34, 1)) << 16) | (ord (substr ($final, 55, 1)) << 8) | (ord (substr ($final, 13, 1))), 4);
7183 $hash .= to64 ((ord (substr ($final, 56, 1)) << 16) | (ord (substr ($final, 14, 1)) << 8) | (ord (substr ($final, 35, 1))), 4);
7184 $hash .= to64 ((ord (substr ($final, 15, 1)) << 16) | (ord (substr ($final, 36, 1)) << 8) | (ord (substr ($final, 57, 1))), 4);
7185 $hash .= to64 ((ord (substr ($final, 37, 1)) << 16) | (ord (substr ($final, 58, 1)) << 8) | (ord (substr ($final, 16, 1))), 4);
7186 $hash .= to64 ((ord (substr ($final, 59, 1)) << 16) | (ord (substr ($final, 17, 1)) << 8) | (ord (substr ($final, 38, 1))), 4);
7187 $hash .= to64 ((ord (substr ($final, 18, 1)) << 16) | (ord (substr ($final, 39, 1)) << 8) | (ord (substr ($final, 60, 1))), 4);
7188 $hash .= to64 ((ord (substr ($final, 40, 1)) << 16) | (ord (substr ($final, 61, 1)) << 8) | (ord (substr ($final, 19, 1))), 4);
7189 $hash .= to64 ((ord (substr ($final, 62, 1)) << 16) | (ord (substr ($final, 20, 1)) << 8) | (ord (substr ($final, 41, 1))), 4);
7190 $hash .= to64 (ord (substr ($final, 63, 1)), 2);
7194 if ($iter == 5000) # default
7196 $hash_buf = sprintf ("%s%s\$%s", $magic, $salt , $hash);
7200 $hash_buf = sprintf ("%srounds=%i\$%s\$%s", $magic, $iter, $salt , $hash);
7212 my $hash = ""; # hash to be returned by this function
7214 my $final = sha256 ($pass . $salt . $pass);
7216 $salt = substr ($salt, 0, 16);
7218 my $tmp = $pass . $salt;
7220 my $pass_len = length ($pass);
7221 my $salt_len = length ($salt);
7225 for ($i = $pass_len; $i > 0; $i -= 16)
7234 $tmp .= substr ($final, 0, $len);
7253 $final = sha256 ($tmp);
7259 for ($i = 0; $i < $pass_len; $i++)
7264 $p_bytes = sha256 ($p_bytes);
7265 $p_bytes = substr ($p_bytes, 0, $pass_len);
7269 my $final_first_byte = ord (substr ($final, 0, 1));
7273 for ($i = 0; $i < (16 + $final_first_byte); $i++)
7278 $s_bytes = sha256 ($s_bytes);
7279 $s_bytes = substr ($s_bytes, 0, $salt_len);
7281 for ($i = 0; $i < $iter; $i++)
7313 $final = sha256 ($tmp);
7317 # now format the output string ("hash")
7321 $hash .= to64 ((ord (substr ($final, 0, 1)) << 16) | (ord (substr ($final, 10, 1)) << 8) | (ord (substr ($final, 20, 1))), 4);
7322 $hash .= to64 ((ord (substr ($final, 21, 1)) << 16) | (ord (substr ($final, 1, 1)) << 8) | (ord (substr ($final, 11, 1))), 4);
7323 $hash .= to64 ((ord (substr ($final, 12, 1)) << 16) | (ord (substr ($final, 22, 1)) << 8) | (ord (substr ($final, 2, 1))), 4);
7324 $hash .= to64 ((ord (substr ($final, 3, 1)) << 16) | (ord (substr ($final, 13, 1)) << 8) | (ord (substr ($final, 23, 1))), 4);
7325 $hash .= to64 ((ord (substr ($final, 24, 1)) << 16) | (ord (substr ($final, 4, 1)) << 8) | (ord (substr ($final, 14, 1))), 4);
7326 $hash .= to64 ((ord (substr ($final, 15, 1)) << 16) | (ord (substr ($final, 25, 1)) << 8) | (ord (substr ($final, 5, 1))), 4);
7327 $hash .= to64 ((ord (substr ($final, 6, 1)) << 16) | (ord (substr ($final, 16, 1)) << 8) | (ord (substr ($final, 26, 1))), 4);
7328 $hash .= to64 ((ord (substr ($final, 27, 1)) << 16) | (ord (substr ($final, 7, 1)) << 8) | (ord (substr ($final, 17, 1))), 4);
7329 $hash .= to64 ((ord (substr ($final, 18, 1)) << 16) | (ord (substr ($final, 28, 1)) << 8) | (ord (substr ($final, 8, 1))), 4);
7330 $hash .= to64 ((ord (substr ($final, 9, 1)) << 16) | (ord (substr ($final, 19, 1)) << 8) | (ord (substr ($final, 29, 1))), 4);
7331 $hash .= to64 ((ord (substr ($final, 31, 1)) << 8) | (ord (substr ($final, 30, 1))), 3);
7335 if ($iter == 5000) # default
7337 $hash_buf = sprintf ("%s%s\$%s", $magic, $salt , $hash);
7341 $hash_buf = sprintf ("%srounds=%i\$%s\$%s", $magic, $iter, $salt , $hash);
7347 sub aix_ssha256_pbkdf2
7349 my $word_buf = shift;
7350 my $salt_buf = shift;
7351 my $iterations = shift;
7353 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256);
7355 my $pbkdf2 = Crypt::PBKDF2->new (
7357 iterations => $iterations,
7361 my $hash_buf = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
7365 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 1, 1))) << 8) | (int (ord (substr ($hash_buf, 2, 1)))), 4);
7366 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 4, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
7367 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 6, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 8, 1)))), 4);
7368 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 9, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 11, 1)))), 4);
7369 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 12, 1))) << 16) | (int (ord (substr ($hash_buf, 13, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
7370 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 15, 1))) << 16) | (int (ord (substr ($hash_buf, 16, 1))) << 8) | (int (ord (substr ($hash_buf, 17, 1)))), 4);
7371 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 18, 1))) << 16) | (int (ord (substr ($hash_buf, 19, 1))) << 8) | (int (ord (substr ($hash_buf, 20, 1)))), 4);
7372 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 21, 1))) << 16) | (int (ord (substr ($hash_buf, 22, 1))) << 8) | (int (ord (substr ($hash_buf, 23, 1)))), 4);
7373 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 24, 1))) << 16) | (int (ord (substr ($hash_buf, 25, 1))) << 8) | (int (ord (substr ($hash_buf, 26, 1)))), 4);
7374 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 27, 1))) << 16) | (int (ord (substr ($hash_buf, 28, 1))) << 8) | (int (ord (substr ($hash_buf, 29, 1)))), 4);
7375 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 30, 1))) << 16) | (int (ord (substr ($hash_buf, 31, 1))) << 8) , 3);
7380 sub aix_ssha512_pbkdf2
7382 my $word_buf = shift;
7383 my $salt_buf = shift;
7384 my $iterations = shift;
7386 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 512);
7388 my $pbkdf2 = Crypt::PBKDF2->new (
7390 iterations => $iterations,
7393 my $hash_buf = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
7397 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 1, 1))) << 8) | (int (ord (substr ($hash_buf, 2, 1)))), 4);
7398 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 4, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
7399 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 6, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 8, 1)))), 4);
7400 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 9, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 11, 1)))), 4);
7401 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 12, 1))) << 16) | (int (ord (substr ($hash_buf, 13, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
7402 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 15, 1))) << 16) | (int (ord (substr ($hash_buf, 16, 1))) << 8) | (int (ord (substr ($hash_buf, 17, 1)))), 4);
7403 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 18, 1))) << 16) | (int (ord (substr ($hash_buf, 19, 1))) << 8) | (int (ord (substr ($hash_buf, 20, 1)))), 4);
7404 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 21, 1))) << 16) | (int (ord (substr ($hash_buf, 22, 1))) << 8) | (int (ord (substr ($hash_buf, 23, 1)))), 4);
7405 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 24, 1))) << 16) | (int (ord (substr ($hash_buf, 25, 1))) << 8) | (int (ord (substr ($hash_buf, 26, 1)))), 4);
7406 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 27, 1))) << 16) | (int (ord (substr ($hash_buf, 28, 1))) << 8) | (int (ord (substr ($hash_buf, 29, 1)))), 4);
7407 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 30, 1))) << 16) | (int (ord (substr ($hash_buf, 31, 1))) << 8) | (int (ord (substr ($hash_buf, 32, 1)))), 4);
7408 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 33, 1))) << 16) | (int (ord (substr ($hash_buf, 34, 1))) << 8) | (int (ord (substr ($hash_buf, 35, 1)))), 4);
7409 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 36, 1))) << 16) | (int (ord (substr ($hash_buf, 37, 1))) << 8) | (int (ord (substr ($hash_buf, 38, 1)))), 4);
7410 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 39, 1))) << 16) | (int (ord (substr ($hash_buf, 40, 1))) << 8) | (int (ord (substr ($hash_buf, 41, 1)))), 4);
7411 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 42, 1))) << 16) | (int (ord (substr ($hash_buf, 43, 1))) << 8) | (int (ord (substr ($hash_buf, 44, 1)))), 4);
7412 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 45, 1))) << 16) | (int (ord (substr ($hash_buf, 46, 1))) << 8) | (int (ord (substr ($hash_buf, 47, 1)))), 4);
7413 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 48, 1))) << 16) | (int (ord (substr ($hash_buf, 49, 1))) << 8) | (int (ord (substr ($hash_buf, 50, 1)))), 4);
7414 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 51, 1))) << 16) | (int (ord (substr ($hash_buf, 52, 1))) << 8) | (int (ord (substr ($hash_buf, 53, 1)))), 4);
7415 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 54, 1))) << 16) | (int (ord (substr ($hash_buf, 55, 1))) << 8) | (int (ord (substr ($hash_buf, 56, 1)))), 4);
7416 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 57, 1))) << 16) | (int (ord (substr ($hash_buf, 58, 1))) << 8) | (int (ord (substr ($hash_buf, 59, 1)))), 4);
7417 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 60, 1))) << 16) | (int (ord (substr ($hash_buf, 61, 1))) << 8) | (int (ord (substr ($hash_buf, 62, 1)))), 4);
7418 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 63, 1))) << 16) , 2);
7423 sub aix_ssha1_pbkdf2
7425 my $word_buf = shift;
7426 my $salt_buf = shift;
7427 my $iterations = shift;
7429 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1');
7431 my $pbkdf2 = Crypt::PBKDF2->new (
7433 iterations => $iterations,
7436 my $hash_buf = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
7440 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 1, 1))) << 8) | (int (ord (substr ($hash_buf, 2, 1)))), 4);
7441 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 4, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
7442 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 6, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 8, 1)))), 4);
7443 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 9, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 11, 1)))), 4);
7444 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 12, 1))) << 16) | (int (ord (substr ($hash_buf, 13, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
7445 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 15, 1))) << 16) | (int (ord (substr ($hash_buf, 16, 1))) << 8) | (int (ord (substr ($hash_buf, 17, 1)))), 4);
7446 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 18, 1))) << 16) | (int (ord (substr ($hash_buf, 19, 1))) << 8) , 3);
7455 my @data = split "", $data_s;
7458 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
7459 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
7460 "\x3f\x40\x41\x50\x43\x44\x45\x4b\x47\x48\x4d\x4e\x54\x51\x53\x46" .
7461 "\x35\x36\x37\x38\x39\x3a\x3b\x3c\x3d\x3e\x56\x55\x5c\x49\x5d\x4a" .
7462 "\x42\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" .
7463 "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x58\x5b\x59\xff\x52" .
7464 "\x4c\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" .
7465 "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x57\x5e\x5a\x4f\xff" .
7466 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
7467 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
7468 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
7469 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
7470 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
7471 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
7472 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
7473 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff";
7475 my @transTable = unpack ("C256", $transTable_s);
7479 for (my $i = 0; $i < scalar @data; $i++)
7481 $out[$i] = $transTable[int (ord ($data[$i]))];
7484 return pack ("C*", @out);
7489 my $digest_s = shift;
7494 my @w = unpack "C*", $w_s;
7495 my @s = unpack "C*", $s_s;
7498 "\x14\x77\xf3\xd4\xbb\x71\x23\xd0\x03\xff\x47\x93\x55\xaa\x66\x91" .
7499 "\xf2\x88\x6b\x99\xbf\xcb\x32\x1a\x19\xd9\xa7\x82\x22\x49\xa2\x51" .
7500 "\xe2\xb7\x33\x71\x8b\x9f\x5d\x01\x44\x70\xae\x11\xef\x28\xf0\x0d";
7502 my @bcodeTable = unpack ("C48", $bcodeTable_s);
7504 my @abcd = unpack ("C16", $digest_s);
7506 my $sum20 = ($abcd[0] & 3)
7516 for (my $i2 = 0; $i2 < $sum20; $i2++)
7521 for (my $i1 = 0, my $i2 = 0, my $i3 = 0; $i2 < $sum20; $i2++, $i2++)
7523 if ($i1 < length $w_s)
7525 if ($abcd[15 - $i1] & 1)
7527 $out[$i2] = $bcodeTable[48 - 1 - $i1];
7532 $out[$i2] = $w[$i1];
7538 if ($i3 < length $s_s)
7540 $out[$i2] = $s[$i3];
7546 $out[$i2] = $bcodeTable[$i2 - $i1 - $i3];
7549 return substr (pack ("C*", @out), 0, $sum20);
7554 my @key_56 = split (//, shift);
7560 $key .= chr(((ord($key_56[0]) << 7) | (ord($key_56[1]) >> 1)) & 255);
7561 $key .= chr(((ord($key_56[1]) << 6) | (ord($key_56[2]) >> 2)) & 255);
7562 $key .= chr(((ord($key_56[2]) << 5) | (ord($key_56[3]) >> 3)) & 255);
7563 $key .= chr(((ord($key_56[3]) << 4) | (ord($key_56[4]) >> 4)) & 255);
7564 $key .= chr(((ord($key_56[4]) << 3) | (ord($key_56[5]) >> 5)) & 255);
7565 $key .= chr(((ord($key_56[5]) << 2) | (ord($key_56[6]) >> 6)) & 255);
7566 $key .= chr(( ord($key_56[6]) << 1) & 255);
7577 for (my $i = 0; $i < $len; $i++)
7579 my $c = get_random_chr (0, 255);
7584 return join ("", @arr);
7587 sub get_random_netntlmv1_salt
7589 my $len_user = shift;
7590 my $len_domain = shift;
7596 for (my $i = 0; $i < $len_user; $i++)
7598 $type = get_random_num (1, 3);
7602 $char = get_random_chr (0x30, 0x39);
7606 $char = get_random_chr (0x41, 0x5A);
7610 $char = get_random_chr (0x61, 0x7A);
7618 for (my $i = 0; $i < $len_domain; $i++)
7620 $type = get_random_num (1, 3);
7624 $char = get_random_chr (0x30, 0x39);
7628 $char = get_random_chr (0x41, 0x5A);
7632 $char = get_random_chr (0x61, 0x7A);
7638 my $c_challenge = randbytes (8);
7639 my $s_challenge = randbytes (8);
7641 my $salt_buf = $user . "::" . $domain . ":" . unpack ("H*", $c_challenge) . unpack ("H*", $s_challenge);
7646 sub get_random_netntlmv2_salt
7648 my $len_user = shift;
7649 my $len_domain = shift;
7655 if ($len_user + $len_domain > 27)
7657 if ($len_user > $len_domain)
7659 $len_user = 27 - $len_domain;
7663 $len_domain = 27 - $len_user;
7667 for (my $i = 0; $i < $len_user; $i++)
7669 $type = get_random_num (1, 3);
7673 $char = get_random_chr (0x30, 0x39);
7677 $char = get_random_chr (0x41, 0x5A);
7681 $char = get_random_chr (0x61, 0x7A);
7689 for (my $i = 0; $i < $len_domain; $i++)
7691 $type = get_random_num (1, 3);
7695 $char = get_random_chr (0x30, 0x39);
7699 $char = get_random_chr (0x41, 0x5A);
7703 $char = get_random_chr (0x61, 0x7A);
7709 my $c_challenge = randbytes (8);
7710 my $s_challenge = randbytes (8);
7712 my $temp = "\x01\x01" .
7717 randbytes (20 * rand () + 1) .
7720 my $salt_buf = $user . "::" . $domain . ":" . unpack ("H*", $s_challenge) . unpack ("H*", $temp);
7725 sub get_random_ike_salt
7729 for (my $i = 0; $i < 40; $i++)
7731 $nr_buf .= get_random_chr (0, 0xff);
7736 for (my $i = 0; $i < 440; $i++)
7738 $msg_buf .= get_random_chr (0, 0xff);
7741 my $nr_buf_hex = unpack ("H*", $nr_buf);
7742 my $msg_buf_hex = unpack ("H*", $msg_buf);
7744 my $salt_buf = sprintf ("%s:%s:%s:%s:%s:%s:%s:%s", substr ($msg_buf_hex, 0, 256), substr ($msg_buf_hex, 256, 256), substr ($msg_buf_hex, 512, 16), substr ($msg_buf_hex, 528, 16), substr ($msg_buf_hex, 544, 320), substr ($msg_buf_hex, 864, 16), substr ($nr_buf_hex, 0, 40), substr ($nr_buf_hex, 40, 40));
7749 sub get_random_agilekeychain_salt
7753 for (my $i = 0; $i < 8; $i++)
7755 $salt_buf .= get_random_chr (0x0, 0xff);
7760 for (my $i = 0; $i < 16; $i++)
7762 $iv .= get_random_chr (0x0, 0xff);
7765 my $prefix = "\x00" x 1008;
7767 my $ret = unpack ("H*", $salt_buf . $prefix . $iv);
7772 sub get_random_cloudkeychain_salt
7776 for (my $i = 0; $i < 16; $i++)
7778 $salt_buf .= get_random_chr (0x0, 0xff);
7781 for (my $i = 0; $i < 304; $i++)
7783 $salt_buf .= get_random_chr (0x0, 0xff);
7786 my $ret = unpack ("H*", $salt_buf);
7791 sub get_random_kerberos5_salt
7793 my $custom_salt = shift;
7795 my $clear_data = randbytes (14) .
7796 strftime ("%Y%m%d%H%M%S", localtime) .
7800 my $realm = "realm";
7803 my $salt_buf = $user . "\$" . $realm . "\$" . $salt . "\$" . unpack ("H*", $custom_salt) . "\$" . unpack ("H*", $clear_data) . "\$";
7808 sub get_random_md5chap_salt
7810 my $salt_buf = shift;
7812 my $salt = unpack ("H*", $salt_buf);
7816 $salt .= unpack ("H*", randbytes (1));
7821 sub get_random_dnssec_salt
7827 for (my $i = 0; $i < 8; $i++)
7829 $salt_buf .= get_random_chr (0x61, 0x7a);
7832 $salt_buf .= ".net";
7836 for (my $i = 0; $i < 8; $i++)
7838 $salt_buf .= get_random_chr (0x30, 0x39);
7851 my $byte_off = int ($bit / 8);
7852 my $bit_off = int ($bit % 8);
7854 my $char = substr ($digest, $byte_off, 1);
7855 my $num = ord ($char);
7857 return (($num & (1 << $bit_off)) ? 1 : 0);
7866 my $constant_phrase =
7867 "To be, or not to be,--that is the question:--\n" .
7868 "Whether 'tis nobler in the mind to suffer\n" .
7869 "The slings and arrows of outrageous fortune\n" .
7870 "Or to take arms against a sea of troubles,\n" .
7871 "And by opposing end them?--To die,--to sleep,--\n" .
7872 "No more; and by a sleep to say we end\n" .
7873 "The heartache, and the thousand natural shocks\n" .
7874 "That flesh is heir to,--'tis a consummation\n" .
7875 "Devoutly to be wish'd. To die,--to sleep;--\n" .
7876 "To sleep! perchance to dream:--ay, there's the rub;\n" .
7877 "For in that sleep of death what dreams may come,\n" .
7878 "When we have shuffled off this mortal coil,\n" .
7879 "Must give us pause: there's the respect\n" .
7880 "That makes calamity of so long life;\n" .
7881 "For who would bear the whips and scorns of time,\n" .
7882 "The oppressor's wrong, the proud man's contumely,\n" .
7883 "The pangs of despis'd love, the law's delay,\n" .
7884 "The insolence of office, and the spurns\n" .
7885 "That patient merit of the unworthy takes,\n" .
7886 "When he himself might his quietus make\n" .
7887 "With a bare bodkin? who would these fardels bear,\n" .
7888 "To grunt and sweat under a weary life,\n" .
7889 "But that the dread of something after death,--\n" .
7890 "The undiscover'd country, from whose bourn\n" .
7891 "No traveller returns,--puzzles the will,\n" .
7892 "And makes us rather bear those ills we have\n" .
7893 "Than fly to others that we know not of?\n" .
7894 "Thus conscience does make cowards of us all;\n" .
7895 "And thus the native hue of resolution\n" .
7896 "Is sicklied o'er with the pale cast of thought;\n" .
7897 "And enterprises of great pith and moment,\n" .
7898 "With this regard, their currents turn awry,\n" .
7899 "And lose the name of action.--Soft you now!\n" .
7900 "The fair Ophelia!--Nymph, in thy orisons\n" .
7901 "Be all my sins remember'd.\n\x00";
7903 my $constant_len = length ($constant_phrase);
7905 my $hash_buf = md5 ($pw . $salt);
7911 for (my $round = 0; $round < $iter; $round++)
7913 my $shift_a = md5bit ($hash_buf, $round + 0);
7914 my $shift_b = md5bit ($hash_buf, $round + 64);
7919 for (my $k = 0; $k < 16; $k++)
7921 my $s7shift = ord (substr ($hash_buf, $k, 1)) % 8;
7923 my $l = ($k + 3) % 16;
7925 my $num = ord (substr ($hash_buf, $l, 1));
7927 $shift_4[$k] = $num % 5;
7929 $shift_7[$k] = ($num >> $s7shift) & 1;
7934 for (my $k = 0; $k < 16; $k++)
7936 $indirect_4[$k] = (ord (substr ($hash_buf, $k, 1)) >> $shift_4[$k]) & 0xf;
7941 for (my $k = 0; $k < 16; $k++)
7943 $indirect_7[$k] = (ord (substr ($hash_buf, $indirect_4[$k], 1)) >> $shift_7[$k]) & 0x7f;
7949 for (my $k = 0; $k < 8; $k++)
7951 $indirect_a |= md5bit ($hash_buf, $indirect_7[$k + 0]) << $k;
7953 $indirect_b |= md5bit ($hash_buf, $indirect_7[$k + 8]) << $k;
7956 $indirect_a = ($indirect_a >> $shift_a) & 0x7f;
7957 $indirect_b = ($indirect_b >> $shift_b) & 0x7f;
7959 my $bit_a = md5bit ($hash_buf, $indirect_a);
7960 my $bit_b = md5bit ($hash_buf, $indirect_b);
7970 if ($bit_a ^ $bit_b)
7972 substr ($W, 16, 48) = substr ($constant_phrase, 0, 48);
7976 $to_hash .= substr ($W, 0, 64);
7980 for ($constant_off = 48; $constant_off < $constant_len - 64; $constant_off += 64)
7982 substr ($W, 0, 64) = substr ($constant_phrase, $constant_off, 64);
7986 $to_hash .= substr ($W, 0, 64);
7989 $pos = $constant_len - $constant_off;
7993 substr ($W, 0, $pos) = substr ($constant_phrase, $constant_off, $pos);
8008 my $round_div = int ($tmp / 10);
8009 my $round_mod = int ($tmp % 10);
8013 $a_buf[int ($a_len / 4)] = (($round_mod + 0x30) | ($a_buf[int ($a_len / 4)] << 8));
8023 for ($g = 0; $g < $a_len; $g++)
8025 my $remainder = $a_buf[$g];
8031 while ($remainder > 0)
8033 $sub = $remainder >> (8 * $factor);
8035 if ($started != 1 || $sub > 0)
8039 $tmp_str = chr ($sub) . $tmp_str;
8041 $remainder -= ($sub << (8 * $factor));
8049 substr ($W, $pos, $a_len) = $tmp_str;
8055 $to_hash .= substr ($W, 0, $pos);
8057 $to_hash = substr ($to_hash, 0, $total);
8059 $hash_buf = md5 ($to_hash);
8064 $passwd .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 6, 1))) << 8) | (int (ord (substr ($hash_buf, 12, 1)))), 4);
8065 $passwd .= to64 ((int (ord (substr ($hash_buf, 1, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 13, 1)))), 4);
8066 $passwd .= to64 ((int (ord (substr ($hash_buf, 2, 1))) << 16) | (int (ord (substr ($hash_buf, 8, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
8067 $passwd .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 9, 1))) << 8) | (int (ord (substr ($hash_buf, 15, 1)))), 4);
8068 $passwd .= to64 ((int (ord (substr ($hash_buf, 4, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
8069 $passwd .= to64 ((int (ord (substr ($hash_buf, 11, 1)))), 2);
8076 die ("usage: $0 single|passthrough| [mode] [len]\n" .
8078 " $0 verify [mode] [hashfile] [cracks] [outfile]\n");
8083 my $block_ref = shift;
8087 my $value = 16 - $offset;
8089 for (my $i = $offset; $i < 16; $i++)
8091 push @{$block_ref}, $value;
8101 for (my $i = 0; $i < 18; $i++)
8103 for (my $j = 0; $j < 48; $j++)
8105 $p = ($p + 48 - $j) & 0xff;
8107 my $c = $lotus_magic_table[$p];
8109 $p = $in_ref->[$j] ^ $c;
8116 sub lotus_transform_password
8119 my $out_ref = shift;
8121 my $t = $out_ref->[15];
8123 for (my $i = 0; $i < 16; $i++)
8125 $t ^= $in_ref->[$i];
8127 my $c = $lotus_magic_table[$t];
8129 $out_ref->[$i] ^= $c;
8131 $t = $out_ref->[$i];
8135 sub mdtransform_norecalc
8137 my $state_ref = shift;
8138 my $block_ref = shift;
8142 push (@x, @{$state_ref});
8143 push (@x, @{$block_ref});
8145 for (my $i = 0; $i < 16; $i++)
8147 push (@x, $x[0 + $i] ^ $x[16 + $i]);
8152 for (my $i = 0; $i < 16; $i++)
8154 $state_ref->[$i] = $x[$i];
8160 my $state_ref = shift;
8161 my $checksum_ref = shift;
8162 my $block_ref = shift;
8164 mdtransform_norecalc ($state_ref, $block_ref);
8166 lotus_transform_password ($block_ref, $checksum_ref);
8171 my $saved_key_ref = shift;
8175 @{$saved_key_ref} = splice (@{$saved_key_ref}, 0, $size);
8177 my @state = (0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
8183 for ($curpos = 0; $curpos + 16 < $size; $curpos += 16)
8185 my $curpos16 = $curpos + 16;
8187 my @block = splice (@{$saved_key_ref}, 0, 16);
8189 mdtransform (\@state, \@checksum, \@block);
8192 my $left = $size - $curpos;
8194 my @block = splice (@{$saved_key_ref}, 0, 16);
8196 pad16 (\@block, $left);
8198 mdtransform (\@state, \@checksum, \@block);
8200 mdtransform_norecalc (\@state, \@checksum);
8205 sub pdf_compute_encryption_key
8207 my $word_buf = shift;
8208 my $padding = shift;
8223 $data .= substr ($padding, 0, 32 - length $word_buf);
8225 $data .= pack ("H*", $o);
8227 $data .= pack ("I", $P);
8229 $data .= pack ("H*", $id);
8235 $data .= pack ("I", -1);
8239 my $res = md5 ($data);
8243 for (my $i = 0; $i < 50; $i++)
8252 sub gen_random_wpa_eapol
8261 my $version = 1; # 802.1X-2001
8263 $ret .= pack ("C*", $version);
8265 my $type = 3; # means that this EAPOL frame is used to transfer key information
8267 $ret .= pack ("C*", $type);
8269 my $length; # length of remaining data
8280 $ret .= pack ("n*", $length);
8282 my $descriptor_type;
8286 $descriptor_type = 254; # EAPOL WPA key
8290 $descriptor_type = 1; # EAPOL RSN key
8293 $ret .= pack ("C*", $descriptor_type);
8295 # key_info is a bit vector:
8296 # generated from these 13 bits: encrypted key data, request, error, secure, key mic, key ack, install, key index (2), key type, key descriptor (3)
8300 $key_info |= 1 << 8; # set key MIC
8301 $key_info |= 1 << 3; # set if it is a pairwise key
8305 $key_info |= 1 << 0; # RC4 Cipher, HMAC-MD5 MIC
8309 $key_info |= 1 << 1; # AES Cipher, HMAC-SHA1 MIC
8312 $ret .= pack ("n*", $key_info);
8325 $ret .= pack ("n*", $key_length);
8327 my $replay_counter = 1;
8329 $ret .= pack ("Q>*", $replay_counter);
8333 my $key_iv = "\x00" x 16;
8337 my $key_rsc = "\x00" x 8;
8341 my $key_id = "\x00" x 8;
8345 my $key_mic = "\x00" x 16;
8353 $key_data_len = 24; # length of the key_data (== WPA info)
8357 $key_data_len = 22; # length of the key_data (== RSN info)
8360 $ret .= pack ("n*", $key_data_len);
8370 my $vendor_specific_data = "";
8372 my $tag_number = 221; # means it is a vendor specific tag
8374 $vendor_specific_data .= pack ("C*", $tag_number);
8376 my $tag_len = 22; # length of the remaining "tag data"
8378 $vendor_specific_data .= pack ("C*", $tag_len);
8380 my $vendor_specific_oui = pack ("H*", "0050f2"); # microsoft
8382 $vendor_specific_data .= $vendor_specific_oui;
8384 my $vendor_specific_oui_type = 1; # WPA Information Element
8386 $vendor_specific_data .= pack ("C*", $vendor_specific_oui_type);
8388 my $vendor_specific_wpa_version = 1;
8390 $vendor_specific_data .= pack ("v*", $vendor_specific_wpa_version);
8394 my $vendor_specific_multicast_oui = pack ("H*", "0050f2");
8396 $vendor_specific_data .= $vendor_specific_multicast_oui;
8398 my $vendor_specific_multicast_type = 2; # TKIP
8400 $vendor_specific_data .= pack ("C*", $vendor_specific_multicast_type);
8404 my $vendor_specific_unicast_count = 1;
8406 $vendor_specific_data .= pack ("v*", $vendor_specific_unicast_count);
8408 my $vendor_specific_unicast_oui = pack ("H*", "0050f2");
8410 $vendor_specific_data .= $vendor_specific_multicast_oui;
8412 my $vendor_specific_unicast_type = 2; # TKIP
8414 $vendor_specific_data .= pack ("C*", $vendor_specific_unicast_type);
8416 # Auth Key Management (AKM)
8418 my $auth_key_management_count = 1;
8420 $vendor_specific_data .= pack ("v*", $auth_key_management_count);
8422 my $auth_key_management_oui = pack ("H*", "0050f2");
8424 $vendor_specific_data .= $auth_key_management_oui;
8426 my $auth_key_management_type = 2; # Pre-Shared Key (PSK)
8428 $vendor_specific_data .= pack ("C*", $auth_key_management_type);
8430 $wpa_info = $vendor_specific_data;
8432 $key_data = $wpa_info;
8440 my $tag_number = 48; # RSN info
8442 $rsn_info .= pack ("C*", $tag_number);
8444 my $tag_len = 20; # length of the remaining "tag_data"
8446 $rsn_info .= pack ("C*", $tag_len);
8448 my $rsn_version = 1;
8450 $rsn_info .= pack ("v*", $rsn_version);
8452 # group cipher suite
8454 my $group_cipher_suite_oui = pack ("H*", "000fac"); # Ieee8021
8456 $rsn_info .= $group_cipher_suite_oui;
8458 my $group_cipher_suite_type = 4; # AES (CCM)
8460 $rsn_info .= pack ("C*", $group_cipher_suite_type);
8462 # pairwise cipher suite
8464 my $pairwise_cipher_suite_count = 1;
8466 $rsn_info .= pack ("v*", $pairwise_cipher_suite_count);
8468 my $pairwise_cipher_suite_oui = pack ("H*", "000fac"); # Ieee8021
8470 $rsn_info .= $pairwise_cipher_suite_oui;
8472 my $pairwise_cipher_suite_type = 4; # AES (CCM)
8474 $rsn_info .= pack ("C*", $pairwise_cipher_suite_type);
8476 # Auth Key Management (AKM)
8478 my $auth_key_management_count = 1;
8480 $rsn_info .= pack ("v*", $auth_key_management_count);
8482 my $auth_key_management_oui = pack ("H*", "000fac"); # Ieee8021
8484 $rsn_info .= $auth_key_management_oui;
8486 my $auth_key_management_type = 2; # Pre-Shared Key (PSK)
8488 $rsn_info .= pack ("C*", $auth_key_management_type);
8492 # bit vector of these 9 bits: peerkey enabled, management frame protection (MFP) capable, MFP required,
8493 # RSN GTKSA Capabilities (2), RSN PTKSA Capabilities (2), no pairwise Capabilities, Pre-Auth Capabilities
8495 my $rsn_capabilities = pack ("H*", "0000");
8497 $rsn_info .= $rsn_capabilities;
8499 $key_data = $rsn_info;
8515 my $data = "Pairwise key expansion";
8520 # Min(AA, SPA) || Max(AA, SPA)
8523 # compare if greater: Min()/Max() on the MACs (6 bytes)
8525 if (memcmp ($stmac, $bssid, 6) < 0)
8537 # Min(ANonce,SNonce) || Max(ANonce,SNonce)
8540 # compare if greater: Min()/Max() on the nonces (32 bytes)
8542 if (memcmp ($snonce, $anonce, 32) < 0)
8555 my $prf_buf = hmac ($data, $pmk, \&sha1);
8557 $prf_buf = substr ($prf_buf, 0, 16);
8568 my $len_str1 = length ($str1);
8569 my $len_str2 = length ($str2);
8571 if (($len > $len_str1) || ($len > $len_str2))
8573 print "ERROR: memcmp () lengths wrong";
8578 for (my $i = 0; $i < $len; $i++)
8580 my $c_1 = ord (substr ($str1, $i, 1));
8581 my $c_2 = ord (substr ($str2, $i, 1));
8583 return -1 if ($c_1 < $c_2);
8584 return 1 if ($c_1 > $c_2);