4 ## Author......: Jens Steube <jens.steube@gmail.com>
10 use Digest
::MD4 qw
(md4 md4_hex
);
11 use Digest
::MD5 qw
(md5 md5_hex
);
12 use Digest
::SHA qw
(sha1 sha256 sha384 sha512 sha1_hex sha256_hex sha384_hex sha512_hex
);
13 use Digest
::HMAC qw
(hmac hmac_hex
);
14 use Digest
::Keccak qw
(keccak_256_hex
);
15 use Crypt
::MySQL qw
(password41
);
16 use Digest
::GOST qw
(gost gost_hex
);
17 use Digest
::HMAC_MD5 qw
(hmac_md5
);
18 use Digest
::CRC qw
(crc32
);
21 use Crypt
::ECB qw
(encrypt PADDING_AUTO PADDING_NONE
);
23 use Crypt
::Eksblowfish
::Bcrypt qw
(bcrypt en_base64
);
24 use Crypt
::Digest
::RIPEMD160 qw
(ripemd160_hex
);
25 use Crypt
::Digest
::Whirlpool qw
(whirlpool_hex
);
27 use Crypt
::ScryptKDF qw
(scrypt_hash scrypt_b64
);
30 use Crypt
::UnixCrypt_XS qw
(crypt_rounds fold_password base64_to_int24 block_to_base64 int24_to_base64
);
32 use Authen
::Passphrase
::NTHash
;
33 use Authen
::Passphrase
::MySQL323
;
34 use Authen
::Passphrase
::PHPass
;
35 use Authen
::Passphrase
::LANManager
;
37 use POSIX qw
(strftime
);
39 use Net
::DNS
::RR
::NSEC3
;
40 use Convert
::EBCDIC qw
(ascii2ebcdic
);
41 use Digest
::SipHash qw
/siphash/;
43 my $hashcat = "./oclHashcat";
47 my @modes = (0, 10, 11, 12, 20, 21, 22, 23, 30, 40, 50, 60, 100, 101, 110, 111, 112, 120, 121, 122, 130, 131, 132, 140, 141, 150, 160, 190, 200, 300, 400, 500, 900, 1000, 1100, 1400, 1410, 1420, 1430, 1440, 1441, 1450, 1460, 1500, 1600, 1700, 1710, 1711, 1720, 1730, 1740, 1722, 1731, 1750, 1760, 1800, 2100, 2400, 2410, 2500, 2600, 2611, 2612, 2711, 2811, 3000, 3100, 3200, 3710, 3711, 3300, 3500, 3610, 3720, 3800, 3910, 4010, 4110, 4210, 4300, 4400, 4500, 4600, 4700, 4800, 4900, 5000, 5100, 5300, 5400, 5500, 5600, 5700, 5800, 6000, 6100, 6300, 6400, 6500, 6600, 6700, 6800, 6900, 7100, 7200, 7300, 7400, 7500, 7600, 7700, 7800, 7900, 8000, 8100, 8200, 8300, 8400, 8500, 8600, 8700, 8900, 9100, 9200, 9300, 9400, 9500, 9600, 9700, 9800, 9900, 10000, 10100, 10200, 10300, 10400, 10500, 10600, 10700, 10800, 10900, 11000, 11100, 11200, 11300, 11400, 11500, 11600, 11900, 12000, 12100, 12200, 12300, 12400, 12600, 12700, 12800, 12900);
49 my %is_unicode = map { $_ => 1 } qw(30 40 130 131 132 140 141 1000 1100 1430 1440 1441 1730 1740 1731 5500 5600 8000 9400 9500 9600 9700 9800);
50 my %less_fifteen = map { $_ => 1 } qw(500 1600 1800 2400 2410 3200 6300 7400 10500 10700);
51 my %allow_long_salt = map { $_ => 1 } qw(2500 5500 5600 7100 7200 7300 9400 9500 9600 9700 9800 10400 10500 10600 10700 1100 11000 11200 11300 11400 11600 12600);
53 my @lotus_magic_table =
55 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a,
56 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0,
57 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b,
58 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a,
59 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda,
60 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36,
61 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8,
62 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c,
63 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17,
64 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60,
65 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72,
66 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa,
67 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd,
68 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e,
69 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b,
70 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf,
71 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77,
72 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6,
73 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3,
74 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3,
75 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e,
76 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c,
77 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d,
78 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2,
79 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46,
80 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5,
81 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97,
82 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5,
83 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef,
84 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f,
85 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf,
86 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab
91 0x28, 0xbf, 0x4e, 0x5e, 0x4e, 0x75, 0x8a, 0x41,
92 0x64, 0x00, 0x4e, 0x56, 0xff, 0xfa, 0x01, 0x08,
93 0x2e, 0x2e, 0x00, 0xb6, 0xd0, 0x68, 0x3e, 0x80,
94 0x2f, 0x0c, 0xa9, 0xfe, 0x64, 0x53, 0x69, 0x7a
97 my $CISCO_BASE64_MAPPING = {'A', '.', 'B', '/', 'C', '0', 'D', '1', 'E', '2', 'F', '3', 'G', '4', 'H', '5', 'I', '6', 'J', '7', 'K', '8', 'L', '9', 'M', 'A', 'N', 'B', 'O', 'C', 'P', 'D', 'Q', 'E', 'R', 'F', 'S', 'G', 'T', 'H', 'U', 'I', 'V', 'J', 'W', 'K', 'X', 'L', 'Y', 'M', 'Z', 'N', 'a', 'O', 'b', 'P', 'c', 'Q', 'd', 'R', 'e', 'S', 'f', 'T', 'g', 'U', 'h', 'V', 'i', 'W', 'j', 'X', 'k', 'Y', 'l', 'Z', 'm', 'a', 'n', 'b', 'o', 'c', 'p', 'd', 'q', 'e', 'r', 'f', 's', 'g', 't', 'h', 'u', 'i', 'v', 'j', 'w', 'k', 'x', 'l', 'y', 'm', 'z', 'n', '0', 'o', '1', 'p', '2', 'q', '3', 'r', '4', 's', '5', 't', '6', 'u', '7', 'v', '8', 'w', '9', 'x', '+', 'y', '/', 'z'};
110 if ($type ne "verify")
112 if (scalar @ARGV > 1)
117 elsif (scalar @ARGV == 1)
127 if ($type eq "single")
131 elsif ($type eq "passthrough")
142 if (scalar @ARGV != 4)
147 my $mode = shift @ARGV;
148 my $hash_file = shift @ARGV;
149 my $in_file = shift @ARGV;
150 my $out_file = shift @ARGV;
154 open (IN
, "<", $hash_file) or die ("$hash_file: $!\n");
156 # clever ? the resulting database could be huge
157 # but we need some way to map lines in hashfile w/ cracks
158 # maybe rli2 way would be more clever (needs sorted input)
160 while (my $line = <IN
>)
162 $line =~ s/[\n\r]*$//;
164 $db->{$line} = undef;
169 verify
($mode, $db, $in_file, $out_file);
177 my $out_file = shift;
196 open (IN
, "<", $in_file) or die ("$in_file: $!\n");
197 open (OUT
, ">", $out_file) or die ("$out_file: $!\n");
201 my $base64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
202 my $itoa64_1 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
203 my $itoa64_2 = "./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
205 while (my $line = <IN
>)
212 # remember always do "exists ($db->{$hash_in})" checks as soon as possible and don't forget it
215 if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 190 || $mode == 200 || $mode == 300 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3000 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 5700 || $mode == 6000 || $mode == 6100 || $mode == 6900 || $mode == 8600 || $mode == 9900 || $mode == 10800 || $mode == 11500)
217 my $index = index ($line, ":");
221 $hash_in = substr ($line, 0, $index);
223 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
225 $word = substr ($line, $index + 1);
228 elsif ($mode == 10 || $mode == 11 || $mode == 12 || $mode == 20 || $mode == 21 || $mode == 22 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 112 || $mode == 120 || $mode == 121 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1100 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 2410 || $mode == 2611 || $mode == 2711 || $mode == 2811 || $mode == 3100 || $mode == 3610 || $mode == 3710 || $mode == 3720 || $mode == 3800 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 4900 || $mode == 5800 || $mode == 7600 || $mode == 8400 || $mode == 11000 || $mode == 12600)
231 my $index1 = index ($line, ":");
235 $hash_in = substr ($line, 0, $index1);
237 # identify lenghts of both salt and plain
239 my $salt_plain = substr ($line, $index1 + 1);
241 my $num_cols = () = $salt_plain =~ /:/g;
250 foreach (my $i = 0; $i < $num_cols; $i++)
252 $index2 = index ($salt_plain, ":", $start);
256 $start = $index2 + 1;
258 $salt = substr ($salt_plain, 0, $index2);
259 $word = substr ($salt_plain, $index2 + 1);
261 # can't be true w/ wrong $hash:$salt, otherwise the
262 # algo must have many collisions
264 if (exists ($db->{$hash_in . ":" . $salt}))
266 $hash_in = $hash_in . ":" . $salt;
272 next unless ($matched); # therefore: true == exists ($db->{$hash_in}
273 next unless (! defined ($db->{$hash_in}));
276 elsif ($mode == 2100)
279 my $index1 = index ($line, "\$DCC2\$");
281 next if $index1 != 0;
284 my $index2 = index ($line, "#", $index1 + 1);
288 $iter = substr ($line, $index1 + 6, $index2 - $index1 - 6);
291 $index1 = index ($line, "#");
295 $hash_in = substr ($line, 0, $index1 + 1);
297 # identify lenghts of both salt and plain
299 my $salt_plain = substr ($line, $index2 + 1);
301 my $num_cols = () = $salt_plain =~ /:/g;
311 foreach (my $i = 0; $i < $num_cols; $i++)
313 $index2 = index ($salt_plain, ":", $start);
317 $start = $index2 + 1;
319 $index3 = rindex ($salt_plain, "#", $index2);
321 $raw_hash = substr ($salt_plain, $index3 + 1, $index2 - $index3 - 1);
322 $salt = substr ($salt_plain, 0, $index3);
323 $word = substr ($salt_plain, $index2 + 1);
325 if (exists ($db->{$hash_in . $salt . "#" .$raw_hash}))
327 $hash_in = $hash_in . $salt . "#" . $raw_hash;
333 next unless ($matched); # therefore: true == exists ($db->{$hash_in}
334 next unless (! defined ($db->{$hash_in}));
336 # salt:hash guaranteed only : because of hex salt
337 elsif ($mode == 7300)
339 # split hash and plain
340 my $index1 = index ($line, ":");
344 $salt = substr ($line, 0, $index1);
346 $salt = pack ("H*", $salt);
348 my $rest = substr ($line, $index1 + 1);
350 my $index2 = index ($rest, ":");
354 $hash_in = substr ($rest, 0, $index2);
356 $word = substr ($rest, $index2 + 1);
358 next unless (exists ($db->{$salt . ":" . $hash_in}) and (! defined ($db->{$hash_in})));
361 elsif ($mode == 8100)
363 # split hash and plain
364 $salt = substr ($line, 1, 8);
366 my $rest = substr ($line, 1 + 8);
368 my $index2 = index ($rest, ":");
372 $hash_in = substr ($rest, 0, $index2);
374 $word = substr ($rest, $index2 + 1);
376 next unless (exists ($db->{"1" . $salt . $hash_in}) and (! defined ($db->{$hash_in})));
378 # base64 and salt embedded SSHA1, salt length = total lenght - 20
381 # split hash and plain
382 my $index = index ($line, ":");
386 $hash_in = substr ($line, 0, $index);
387 $word = substr ($line, $index + 1);
389 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
392 my $plain_base64 = substr ($hash_in, 6);
394 # base64 decode to extract salt
395 my $decoded = decode_base64
($plain_base64);
397 $salt = substr ($decoded, 20);
399 # base64 and salt embedded SSHA512, salt length = total length - 64
400 elsif ($mode == 1711)
402 # split hash and plain
403 my $index = index ($line, ":");
407 $hash_in = substr ($line, 0, $index);
408 $word = substr ($line, $index + 1);
410 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
413 my $plain_base64 = substr ($hash_in, 9);
415 # base64 decode to extract salt
416 my $decoded = decode_base64
($plain_base64);
418 $salt = substr ($decoded, 64);
420 # OSX (first 8 hex chars is salt)
421 elsif ($mode == 122 || $mode == 1722)
423 my $index = index ($line, ":");
427 $hash_in = substr ($line, 0, $index);
428 $word = substr ($line, $index + 1);
430 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
432 $salt = substr ($hash_in, 0, 8);
434 # MSSQL (2000, 2005 AND 2012), salt after version number
435 elsif ($mode == 131 || $mode == 132 || $mode == 1731)
437 my $index = index ($line, ":");
441 $hash_in = substr ($line, 0, $index);
442 $word = substr ($line, $index + 1);
444 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
446 $salt = substr ($hash_in, 6, 8);
449 elsif ($mode == 8000)
451 my $index = index ($line, ":");
455 $hash_in = substr ($line, 0, $index);
456 $word = substr ($line, $index + 1);
458 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
460 $salt = substr ($hash_in, 6, 16);
463 elsif ($mode == 141 || $mode == 1441)
465 my $index1 = index ($line, ":");
469 $hash_in = substr ($line, 0, $index1);
470 $word = substr ($line, $index1 + 1);
472 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
474 my $index2 = index ($line, "*", 14);
476 #extract salt from base64
477 my $plain_base64 = substr ($hash_in, 14, $index2 - 14);
479 $salt = decode_base64
($plain_base64);
481 # phpass (first 8 after $P$/$H$ -- or $S$ with drupal7)
482 elsif ($mode == 400 || $mode == 7900)
484 my $index = index ($line, ":");
488 $hash_in = substr ($line, 0, $index);
489 $word = substr ($line, $index + 1);
491 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
493 $salt = substr ($hash_in, 4, 8);
495 # iterations = 2 ^ cost (where cost == $iter)
496 $iter = index ($itoa64_1, substr ($hash_in, 3, 1));
498 # $something$[rounds=iter$]salt$ (get last $, then check iter)
499 elsif ($mode == 500 || $mode == 1600 || $mode == 1800 || $mode == 3300 || $mode == 7400)
501 my $index1 = index ($line, ":", 30);
505 $hash_in = substr ($line, 0, $index1);
506 $word = substr ($line, $index1 + 1);
508 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
510 $index1 = index ($hash_in, ",", 1);
511 my $index2 = index ($hash_in, "\$", 1);
515 if ($index1 < $index2)
521 $param = substr ($hash_in, $index2, 1);
525 # rounds= if available
528 if (substr ($hash_in, $index2, 7) eq "rounds=")
530 my $old_index = $index2;
532 $index2 = index ($hash_in, "\$", $index2 + 1);
536 $iter = substr ($hash_in, $old_index + 7, $index2 - $old_index - 7);
542 my $index3 = rindex ($hash_in, "\$");
546 $salt = substr ($hash_in, $index2, $index3 - $index2);
548 # descrypt (salt in first 2 char)
549 elsif ($mode == 1500)
551 my $index = index ($line, ":");
555 $hash_in = substr ($line, 0, $index);
556 $word = substr ($line, $index + 1);
558 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
560 $salt = substr ($hash_in, 0, 2);
562 # bcrypt $something$something$salt.hash
563 elsif ($mode == 3200)
565 my $index1 = index ($line, ":", 33);
569 $hash_in = substr ($line, 0, $index1);
570 $word = substr ($line, $index1 + 1);
572 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
574 my $index2 = index ($hash_in, "\$", 4);
576 $iter = substr ($hash_in, 4, $index2 - 4);
578 my $plain_base64 = substr ($hash_in, $index2 + 1, 22);
583 for (my $i = 0; $i < length ($plain_base64); $i++)
585 my $char = substr ($plain_base64, $i, 1);
586 $encoded .= substr ($base64, index ($itoa64_2, $char), 1);
589 $salt = decode_base64
($encoded);
592 elsif ($mode == 4800)
594 my $index1 = index ($line, ":");
598 my $index2 = index ($line, ":", $index1 + 1);
602 my $index3 = index ($line, ":", $index2 + 1);
606 $salt = substr ($line, $index1 + 1, $index3 - $index1 - 1);
608 $word = substr ($line, $index3 + 1);
610 $hash_in = substr ($line, 0, $index3);
613 elsif ($mode == 5300 || $mode == 5400)
615 my $num_cols = () = $line =~ /:/g;
617 next unless ($num_cols >= 9);
622 for (my $j = 0; $j < 9; $j++)
624 $index1 = index ($line, ":", $index1 + 1);
635 $word = substr ($line, $index1 + 1);
637 $hash_in = substr ($line, 0, $index1);
639 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
641 my $index2 = rindex ($line, ":", $index1 - 1);
643 $salt = substr ($line, 0, $index2);
646 elsif ($mode == 5500)
648 my $index1 = index ($line, "::");
652 my $index2 = index ($line, ":", $index1 + 2);
656 $index2 = index ($line, ":", $index2 + 1);
660 $salt = substr ($line, 0, $index2);
662 $index2 = index ($line, ":", $index2 + 1);
666 $salt .= substr ($line, $index2 + 1, 16);
668 $index2 = index ($line, ":", $index2 + 1);
672 $hash_in = substr ($line, 0, $index2);
674 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
676 $word = substr ($line, $index2 + 1);
679 elsif ($mode == 5600)
681 my $index1 = index ($line, "::");
685 my $index2 = index ($line, ":", $index1 + 2);
689 $index2 = index ($line, ":", $index2 + 1);
693 $salt = substr ($line, 0, $index2);
695 $index1 = index ($line, ":", $index2 + 1);
699 $index2 = index ($line, ":", $index1 + 1);
703 $salt .= substr ($line, $index1 + 1, $index2 - $index1 - 1);
705 $hash_in = substr ($line, 0, $index2);
707 # do it later on for this hash mode:
708 # next unless ((exists ($db->{$hash_in}) and (! defined ($db->{$hash_in}))) or (exists ($db->{$mod}) and (! defined ($db->{$mod}))));
710 $word = substr ($line, $index2 + 1);
712 # AIX smd5 something BRACE salt$
713 elsif ($mode == 6300)
715 my $index1 = index ($line, ":");
719 $hash_in = substr ($line, 0, $index1);
720 $word = substr ($line, $index1 + 1);
722 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
724 my $index2 = index ($hash_in, "}");
725 my $index3 = rindex ($hash_in, "\$");
727 $salt = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
729 # AIX: something$salt$ (no $ at position 1)
730 elsif ($mode == 6400 || $mode == 6500 || $mode == 6700)
732 my $index1 = index ($line, ":");
736 $hash_in = substr ($line, 0, $index1);
737 $word = substr ($line, $index1 + 1);
739 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
741 my $index2 = index ($hash_in, "}");
742 my $index3 = index ($hash_in, "\$");
743 my $index4 = rindex ($hash_in, "\$");
745 $salt = substr ($hash_in, $index3 + 1, $index4 - $index3 - 1);
747 $iter = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
749 # 1Password, agilekeychain
750 elsif ($mode == 6600)
752 my $num_cols = () = $line =~ /:/g;
754 next unless ($num_cols > 2);
756 my $index1 = index ($line, ":");
760 $iter = substr ($line, 0, $index1);
762 my $index2 = index ($line, ":", $index1 + 1);
766 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
768 $index1 = index ($line, ":", $index2 + 1);
772 $salt .= substr ($line, $index2 + 1, $index1 - $index2 - 33);
774 $hash_in = substr ($line, 0, $index1);
776 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
778 $word = substr ($line, $index1 + 1);
780 # 1Password, cloudkeychain
781 elsif ($mode == 8200)
783 my @datas = split (":", $line);
785 next if scalar @datas < 4;
787 my $hash = shift @datas;
788 $salt = shift @datas;
789 $iter = shift @datas;
790 my $data = shift @datas;
792 $hash_in = $hash . ":" . $salt . ":" . $iter . ":" . $data;
796 $word = join (":", @datas);
798 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
800 # lastpass (hash:iter:salt)
801 elsif ($mode == 6800)
803 my $index1 = index ($line, ":", 34);
807 $hash_in = substr ($line, 0, $index1);
809 # identify lenghts of both salt and plain
811 my $salt_plain = substr ($line, $index1 + 1);
813 my $num_cols = () = $salt_plain =~ /:/g;
822 foreach (my $i = 0; $i < $num_cols; $i++)
824 $index2 = index ($salt_plain, ":", $start);
828 $start = $index2 + 1;
830 $salt = substr ($salt_plain, 0, $index2);
831 $word = substr ($salt_plain, $index2 + 1);
833 # can't be true w/ wrong $hash:$salt, otherwise the
834 # algo must have many collisions
836 if (exists ($db->{$hash_in . ":" . $salt}))
838 $hash_in = $hash_in . ":" . $salt;
844 next unless ($matched); # therefore: true == exists ($db->{$hash_in}
845 next unless (! defined ($db->{$hash_in}));
847 $index1 = index ($hash_in, ":");
848 $index2 = index ($hash_in, ":", $index1 + 1);
850 $iter = substr ($hash_in, $index1 + 1, $index2 - $index1 - 1);
851 $salt = substr ($hash_in, $index2 + 1);
853 # OSX 10.* : $something$iter$salt$
854 elsif ($mode == 7100)
856 my $index1 = index ($line, ":");
860 $hash_in = substr ($line, 0, $index1);
861 $word = substr ($line, $index1 + 1);
863 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
865 my $index2 = index ($hash_in, "\$", 5);
869 my $index3 = index ($hash_in, "\$", $index2 + 1);
871 $salt = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
873 $iter = substr ($hash_in, 4, $index2 - 4);
875 next if (int ($iter) < 1);
877 # grub: something1.something2.something3.iter.salt.
878 elsif ($mode == 7200)
880 my $index1 = index ($line, ":");
884 $hash_in = substr ($line, 0, $index1);
885 $word = substr ($line, $index1 + 1);
887 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
889 my $index2 = index ($hash_in, ".", 19);
893 my $index3 = index ($hash_in, ".", $index2 + 1);
895 $salt = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
897 $iter = substr ($hash_in, 19, $index2 - 19);
899 next if (int ($iter) < 1);
901 # $something1$something2$something3$something4$salt$
902 elsif ($mode == 7500 )
904 my $index1 = index ($line, "\$", 11);
908 my $index2 = index ($line, "\$", $index1 + 1);
912 my $index3 = index ($line, "\$", $index2 + 1);
916 $index2 = index ($line, ":", $index3 + 1);
920 $hash_in = substr ($line, 0, $index2);
921 $word = substr ($line, $index2 + 1);
923 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
925 $salt = substr ($hash_in, 11, $index3 - 10);
926 $salt .= substr ($hash_in, $index2 - 32) . "\$\$";
927 $salt .= substr ($hash_in, $index3 + 1, $index2 - $index3 - 32 - 1);
930 elsif ($mode == 7700 || $mode == 7800)
932 my $index1 = index ($line, ":");
936 my @split1 = split (":", $line);
938 my @split2 = split ('\$', $split1[0]);
940 next unless scalar @split2 == 2;
942 $hash_in = $split1[0];
944 if (scalar @split1 > 1)
953 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
958 elsif ($mode == 8300)
960 my @datas = split (":", $line);
962 next if scalar @datas != 5;
967 ($hash, $domain, $salt, $iter, $word) = @datas;
969 $hash_in = $hash . ":" . $domain . ":" . $salt . ":" . $iter;
971 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
973 $salt = $domain . ":" . $salt;
976 elsif ($mode == 8500)
978 my @line_elements = split (":", $line);
980 next if scalar @line_elements < 2;
984 $hash_in = shift @line_elements;
986 $word = join (":", @line_elements);
990 my @hash_elements = split ('\*', $hash_in);
992 next unless ($hash_elements[0] eq '$racf$');
994 $salt = $hash_elements[1];
996 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
999 elsif ($mode == 8700)
1001 # split hash and plain
1002 my $index = index ($line, ":");
1006 $hash_in = substr ($line, 0, $index);
1007 $word = substr ($line, $index + 1);
1009 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1011 my $plain_base64 = substr ($hash_in, 2, -1);
1013 ($_, $salt, $param) = domino_decode
($plain_base64);
1016 elsif ($mode == 2612)
1018 next unless (substr ($line, 0, 6) eq '$PHPS$');
1021 my $index1 = index ($line, "\$", 6);
1023 next if $index1 < 1;
1025 $salt = substr ($line, 6, $index1 - 6);
1027 $salt = pack ("H*", $salt);
1029 my $index2 = index ($line, "\:", $index1 + 1);
1031 next if $index2 < 1;
1033 $word = substr ($line, $index2 + 1);
1035 $hash_in = substr ($line, 0, $index2);
1037 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1040 elsif ($mode == 3711)
1042 next unless (substr ($line, 0, 3) eq '$B$');
1045 my $index1 = index ($line, "\$", 3);
1047 next if $index1 < 1;
1049 $salt = substr ($line, 3, $index1 - 3);
1051 my $index2 = index ($line, ":", $index1 + 1);
1053 next if $index2 < 1;
1055 $word = substr ($line, $index2 + 1);
1057 $hash_in = substr ($line, 0, $index2);
1059 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1062 elsif ($mode == 8900)
1064 next unless (substr ($line, 0, 7) eq 'SCRYPT:');
1067 my $index1 = index ($line, ":", 7);
1069 next if $index1 < 1;
1072 my $N = substr ($line, 7, $index1 - 7);
1074 my $index2 = index ($line, ":", $index1 + 1);
1076 next if $index2 < 1;
1079 my $r = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1081 $index1 = index ($line, ":", $index2 + 1);
1083 next if $index1 < 1;
1086 my $p = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1092 $index2 = index ($line, ":", $index1 + 1);
1094 next if $index2 < 1;
1097 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1099 $salt = decode_base64
($salt);
1101 $index1 = index ($line, ":", $index2 + 1);
1103 next if $index1 < 1;
1107 $word = substr ($line, $index1 + 1);
1108 $hash_in = substr ($line, 0, $index1);
1110 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1113 elsif ($mode == 9100)
1115 # split hash and plain
1116 my $index = index ($line, ":");
1120 $hash_in = substr ($line, 0, $index);
1121 $word = substr ($line, $index + 1);
1123 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1125 my $base64_part = substr ($hash_in, 2, -1);
1127 ($_, $salt, $iter, $param) = domino_85x_decode
($base64_part);
1129 next if ($iter < 1);
1131 # Cisco $8$ - PBKDF2-HMAC-SHA256
1132 elsif ($mode == 9200)
1134 next unless (substr ($line, 0, 3) eq '$8$');
1137 my $index1 = index ($line, "\$", 3);
1139 next if $index1 != 17;
1141 my $index2 = index ($line, "\$", $index1 + 1);
1144 $salt = substr ($line, 3, $index1 - 3);
1146 $index1 = index ($line, ":", $index1 + 1);
1148 next if $index1 < 1;
1152 $word = substr ($line, $index1 + 1);
1153 $hash_in = substr ($line, 0, $index1);
1155 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1157 # Cisco $9$ - scrypt
1158 elsif ($mode == 9300)
1160 next unless (substr ($line, 0, 3) eq '$9$');
1163 my $index1 = index ($line, "\$", 3);
1165 next if $index1 != 17;
1167 my $index2 = index ($line, "\$", $index1 + 1);
1170 $salt = substr ($line, 3, $index1 - 3);
1172 $index1 = index ($line, ":", $index1 + 1);
1174 next if $index1 < 1;
1178 $word = substr ($line, $index1 + 1);
1179 $hash_in = substr ($line, 0, $index1);
1181 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1184 elsif ($mode == 9400)
1186 ($hash_in, $word) = split ":", $line;
1188 next unless defined $hash_in;
1189 next unless defined $word;
1191 my @data = split /\*/, $hash_in;
1193 next unless scalar @data == 8;
1195 next unless (shift @data eq '$office$');
1196 next unless (shift @data eq '2007');
1197 next unless (shift @data eq '20');
1199 my $aes_key_size = shift @data;
1201 next unless (($aes_key_size eq '128') || ($aes_key_size eq '256'));
1202 next unless (shift @data eq '16');
1204 next unless (length $data[0] == 32);
1205 next unless (length $data[1] == 32);
1206 next unless (length $data[2] == 40);
1208 $salt = shift @data;
1209 $param = shift @data;
1210 $param2 = $aes_key_size;
1212 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1215 elsif ($mode == 9500)
1217 ($hash_in, $word) = split ":", $line;
1219 next unless defined $hash_in;
1220 next unless defined $word;
1222 my @data = split /\*/, $hash_in;
1224 next unless scalar @data == 8;
1226 next unless (shift @data eq '$office$');
1227 next unless (shift @data eq '2010');
1228 next unless (shift @data eq '100000');
1229 next unless (shift @data eq '128');
1230 next unless (shift @data eq '16');
1232 next unless (length $data[0] == 32);
1233 next unless (length $data[1] == 32);
1234 next unless (length $data[2] == 64);
1236 $salt = shift @data;
1237 $param = shift @data;
1239 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1242 elsif ($mode == 9600)
1244 ($hash_in, $word) = split ":", $line;
1246 next unless defined $hash_in;
1247 next unless defined $word;
1249 my @data = split /\*/, $hash_in;
1251 next unless scalar @data == 8;
1253 next unless (shift @data eq '$office$');
1254 next unless (shift @data eq '2013');
1255 next unless (shift @data eq '100000');
1256 next unless (shift @data eq '256');
1257 next unless (shift @data eq '16');
1259 next unless (length $data[0] == 32);
1260 next unless (length $data[1] == 32);
1261 next unless (length $data[2] == 64);
1263 $salt = shift @data;
1264 $param = shift @data;
1266 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1269 elsif ($mode == 9700)
1271 ($hash_in, $word) = split ":", $line;
1273 next unless defined $hash_in;
1274 next unless defined $word;
1276 my @data = split /\*/, $hash_in;
1278 next unless scalar @data == 4;
1280 my $signature = shift @data;
1282 next unless (($signature eq '$oldoffice$0') || ($signature eq '$oldoffice$1'));
1284 next unless (length $data[0] == 32);
1285 next unless (length $data[1] == 32);
1286 next unless (length $data[2] == 32);
1288 $salt = shift @data;
1289 $param = shift @data;
1290 $param2 = substr ($signature, 11, 1);
1292 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1295 elsif ($mode == 9800)
1297 ($hash_in, $word) = split ":", $line;
1299 next unless defined $hash_in;
1300 next unless defined $word;
1302 my @data = split /\*/, $hash_in;
1304 next unless scalar @data == 4;
1306 my $signature = shift @data;
1308 next unless (($signature eq '$oldoffice$3') || ($signature eq '$oldoffice$4'));
1310 next unless (length $data[0] == 32);
1311 next unless (length $data[1] == 32);
1312 next unless (length $data[2] == 40);
1314 $salt = shift @data;
1315 $param = shift @data;
1316 $param2 = substr ($signature, 11, 1);
1318 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1320 # Django (PBKDF2-SHA256)
1321 elsif ($mode == 10000)
1323 next unless (substr ($line, 0, 14) eq 'pbkdf2_sha256$');
1326 my $index1 = index ($line, "\$", 14);
1328 next if $index1 < 1;
1330 my $index2 = index ($line, "\$", $index1 + 1);
1334 $iter = substr ($line, 14, $index1 - 14);
1338 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1342 $index1 = index ($line, ":", $index2 + 1);
1344 next if $index1 < 1;
1346 $word = substr ($line, $index1 + 1);
1347 $hash_in = substr ($line, 0, $index1);
1349 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1352 elsif ($mode == 10100)
1356 ($hash, undef, undef, $salt, $word) = split ":", $line;
1358 next unless defined $hash;
1359 next unless defined $salt;
1360 next unless defined $word;
1362 next unless (length $hash == 16);
1363 next unless (length $salt == 32);
1365 my $hash_in = sprintf ("%s:2:4:%s", $hash, $salt);
1367 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1370 elsif ($mode == 10200)
1372 next unless (substr ($line, 0, 10) eq '$cram_md5$');
1375 my $index1 = index ($line, "\$", 10);
1377 next if $index1 < 1;
1381 my $challengeb64 = substr ($line, 10, $index1 - 10);
1382 $salt = decode_base64
($challengeb64);
1386 my $index2 = index ($line, ":", $index1 + 1);
1388 next if $index2 < 1;
1390 my $responseb64 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1391 my $response = decode_base64
($responseb64);
1393 $param = substr ($response, 0, length ($response) - 32 - 1); # -1 is for space
1395 $word = substr ($line, $index2 + 1);
1396 $hash_in = substr ($line, 0, $index2);
1398 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1400 # SAP CODVN H (PWDSALTEDHASH) iSSHA-1
1401 elsif ($mode == 10300)
1403 next unless (substr ($line, 0, 10) eq '{x-issha, ');
1407 my $index1 = index ($line, "}", 10);
1409 next if $index1 < 1;
1411 $iter = substr ($line, 10, $index1 - 10);
1413 $iter = int ($iter);
1417 my $base64_encoded = substr ($line, $index1 + 1);
1418 my $base64_decoded = decode_base64
($base64_encoded);
1420 $salt = substr ($base64_decoded, 20);
1422 my $index2 = index ($line, ":", $index1 + 1);
1424 next if $index2 < 1;
1426 $word = substr ($line, $index2 + 1);
1427 $hash_in = substr ($line, 0, $index2);
1429 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1431 # PDF 1.1 - 1.3 (Acrobat 2 - 4)
1432 elsif ($mode == 10400)
1434 ($hash_in, $word) = split ":", $line;
1436 next unless defined $hash_in;
1437 next unless defined $word;
1439 my @data = split /\*/, $hash_in;
1441 next unless scalar @data == 11;
1443 next unless (shift @data eq '$pdf$1');
1444 next unless (shift @data eq '2');
1445 next unless (shift @data eq '40');
1446 my $P = shift @data;
1447 next unless (shift @data eq '0');
1448 next unless (shift @data eq '16');
1449 my $id = shift @data;
1450 next unless (shift @data eq '32');
1451 my $u = shift @data;
1452 next unless (shift @data eq '32');
1453 my $o = shift @data;
1460 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1462 # PDF 1.4 - 1.6 (Acrobat 5 - 8)
1463 elsif ($mode == 10500)
1465 ($hash_in, $word) = split ":", $line;
1467 next unless defined $hash_in;
1468 next unless defined $word;
1470 my @data = split /\*/, $hash_in;
1472 next unless scalar @data == 11;
1474 my $V = shift @data; $V = substr ($V, 5, 1);
1475 my $R = shift @data;
1476 next unless (shift @data eq '128');
1477 my $P = shift @data;
1478 my $enc = shift @data;
1479 next unless (shift @data eq '16');
1480 my $id = shift @data;
1481 next unless (shift @data eq '32');
1482 my $u = shift @data;
1483 next unless (shift @data eq '32');
1484 my $o = shift @data;
1494 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1496 # PDF 1.7 Level 3 (Acrobat 9)
1497 elsif ($mode == 10600)
1499 ($hash_in, $word) = split ":", $line;
1501 next unless defined $hash_in;
1502 next unless defined $word;
1504 my @data = split /\*/, $hash_in;
1506 next unless scalar @data >= 11;
1508 next unless (shift @data eq '$pdf$5');
1509 next unless (shift @data eq '5');
1510 next unless (shift @data eq '256');
1511 next unless (shift @data eq '-1028');
1512 next unless (shift @data eq '1');
1513 next unless (shift @data eq '16');
1514 my $id = shift @data;
1515 my $rest = join "*", @data;
1520 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1522 # PDF 1.7 Level 8 (Acrobat 10 - 11)
1523 elsif ($mode == 10700)
1525 ($hash_in, $word) = split ":", $line;
1527 next unless defined $hash_in;
1528 next unless defined $word;
1530 my @data = split /\*/, $hash_in;
1532 next unless scalar @data >= 11;
1534 next unless (shift @data eq '$pdf$5');
1535 next unless (shift @data eq '6');
1536 next unless (shift @data eq '256');
1537 next unless (shift @data eq '-1028');
1538 next unless (shift @data eq '1');
1539 next unless (shift @data eq '16');
1540 my $id = shift @data;
1541 my $rest = join "*", @data;
1546 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1548 # PBKDF2-HMAC-SHA256
1549 elsif ($mode == 10900)
1551 next unless (substr ($line, 0, 7) eq 'sha256:');
1554 my $index1 = index ($line, ":", 7);
1556 next if $index1 < 1;
1558 $iter = substr ($line, 7, $index1 - 7);
1562 my $index2 = index ($line, ":", $index1 + 1);
1564 next if $index2 < 1;
1566 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1568 $salt = decode_base64
($salt);
1572 $index1 = index ($line, ":", $index2 + 1);
1574 next if $index1 < 1;
1576 # additional param = output len of pbkdf2
1578 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1580 my $digest = decode_base64
($digest64_encoded);
1582 $param = length ($digest);
1586 $word = substr ($line, $index1 + 1);
1587 $hash_in = substr ($line, 0, $index1);
1589 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1591 # PostgreSQL MD5 Authentication
1592 elsif ($mode == 11100)
1594 next unless (substr ($line, 0, 10) eq '$postgres$');
1596 my $index1 = index ($line, "*", 10);
1598 next if $index1 < 1;
1602 $param = substr ($line, 10, $index1 - 10);
1604 # get the 4 byte salt
1606 my $index2 = index ($line, "*", $index1 + 1);
1608 next if $index2 < 1;
1610 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1614 $index1 = index ($line, ":", $index2 + 1);
1616 next if $index1 < 1;
1618 $word = substr ($line, $index1 + 1);
1619 $hash_in = substr ($line, 0, $index1);
1621 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1623 # MySQL MD5 Authentication
1624 elsif ($mode == 11200)
1626 next unless (substr ($line, 0, 9) eq '$mysqlna$');
1628 my $index1 = index ($line, "*", 9);
1630 next if $index1 < 1;
1634 $salt = substr ($line, 9, $index1 - 9);
1638 $index1 = index ($line, ":", $index1 + 1);
1640 next if $index1 < 1;
1642 $word = substr ($line, $index1 + 1);
1643 $hash_in = substr ($line, 0, $index1);
1645 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1648 elsif ($mode == 2500)
1650 print "ERROR: verify currently not supported for WPA/WPA2 (because of oclHashcat's output format)\n";
1654 # Bitcoin/Litecoin wallet.dat
1655 elsif ($mode == 11300)
1657 print "ERROR: verify currently not supported for Bitcoin/Litecoin wallet.dat because of unknown crypt data\n";
1661 # SIP digest authentication (MD5)
1662 elsif ($mode == 11400)
1664 next unless (substr ($line, 0, 6) eq '$sip$*');
1668 my $index1 = index ($line, "*", 6);
1670 next if $index1 < 0;
1672 $param10 = substr ($line, 6, $index1 - 6);
1674 next if (length ($param10) > 32);
1678 my $index2 = index ($line, "*", $index1 + 1);
1680 next if $index2 < 0;
1682 $param11 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1684 next if (length ($param11) > 32);
1688 $index1 = index ($line, "*", $index2 + 1);
1690 next if $index1 < 0;
1692 $param = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1694 next if (length ($param) > 12);
1698 $index2 = index ($line, "*", $index1 + 1);
1700 next if $index2 < 0;
1702 $param2 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1704 next if (length ($param2) > 20);
1708 $index1 = index ($line, "*", $index2 + 1);
1710 next if $index1 < 0;
1712 $param6 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1714 next if (length ($param6) > 24);
1718 $index2 = index ($line, "*", $index1 + 1);
1720 next if $index2 < 0;
1722 $param7 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1724 next if (length ($param7) > 10);
1728 $index1 = index ($line, "*", $index2 + 1);
1730 next if $index1 < 0;
1732 $param8 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1734 next if (length ($param8) > 32);
1738 $index2 = index ($line, "*", $index1 + 1);
1740 next if $index2 < 0;
1742 $param9 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1744 next if (length ($param9) > 32);
1748 $index1 = index ($line, "*", $index2 + 1);
1750 next if $index1 < 0;
1752 $salt = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1754 next if (length ($salt) > 34);
1758 $index2 = index ($line, "*", $index1 + 1);
1760 next if $index2 < 0;
1762 $param4 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1764 next if (length ($param4) > 12);
1768 $index1 = index ($line, "*", $index2 + 1);
1770 next if $index1 < 0;
1772 $param3 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1774 next if (length ($param3) > 10);
1778 $index2 = index ($line, "*", $index1 + 1);
1780 next if $index2 < 0;
1782 $param5 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1784 next if (length ($param5) > 8);
1788 $index1 = index ($line, "*", $index2 + 1);
1790 next if $index1 < 0;
1792 my $directive = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1794 next unless ($directive eq "MD5");
1798 $index2 = index ($line, ":", $index1 + 1);
1800 next if $index2 < 0;
1802 my $hex_digest = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1804 next unless (length ($hex_digest) == 32);
1806 $word = substr ($line, $index2 + 1);
1807 $hash_in = substr ($line, 0, $index2);
1809 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1812 elsif ($mode == 11600)
1814 next unless (substr ($line, 0, 4) eq '$7z$');
1818 my $index1 = index ($line, '$', 4);
1820 next if $index1 < 0;
1822 my $p = substr ($line, 4, $index1 - 4);
1824 next unless ($p eq "0");
1828 my $index2 = index ($line, '$', $index1 + 1);
1830 next if $index2 < 0;
1832 $iter = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1834 # seven zip salt length
1836 $index1 = index ($line, '$', $index2 + 1);
1838 next if $index1 < 0;
1840 $param = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1844 $index2 = index ($line, '$', $index1 + 1);
1846 next if $index2 < 0;
1848 $param2 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1852 $index1 = index ($line, '$', $index2 + 1);
1854 next if $index1 < 0;
1856 $param3 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1860 $index2 = index ($line, '$', $index1 + 1);
1862 next if $index2 < 0;
1864 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1866 $salt = pack ("H*", $salt);
1870 $index1 = index ($line, '$', $index2 + 1);
1872 next if $index1 < 0;
1874 my $crc = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1876 # ignore this crc, we don't need to pass it to gen_hash ()
1880 $index2 = index ($line, '$', $index1 + 1);
1882 next if $index2 < 0;
1884 $param4 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1888 $index1 = index ($line, '$', $index2 + 1);
1890 next if $index1 < 0;
1892 $param5 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1896 $index2 = index ($line, ':', $index1 + 1);
1898 next if $index2 < 0;
1900 $param6 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1901 $param6 = pack ("H*", $param6);
1903 $word = substr ($line, $index2 + 1);
1904 $hash_in = substr ($line, 0, $index2);
1906 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1909 elsif ($mode == 11900)
1911 next unless (substr ($line, 0, 4) eq 'md5:');
1914 my $index1 = index ($line, ":", 4);
1916 next if $index1 < 1;
1918 $iter = substr ($line, 4, $index1 - 4);
1922 my $index2 = index ($line, ":", $index1 + 1);
1924 next if $index2 < 1;
1926 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1928 $salt = decode_base64
($salt);
1932 $index1 = index ($line, ":", $index2 + 1);
1934 next if $index1 < 1;
1936 # additional param = output len of pbkdf2
1938 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1940 my $digest = decode_base64
($digest64_encoded);
1942 $param = length ($digest);
1946 $word = substr ($line, $index1 + 1);
1947 $hash_in = substr ($line, 0, $index1);
1949 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1952 elsif ($mode == 12000)
1954 next unless (substr ($line, 0, 5) eq 'sha1:');
1957 my $index1 = index ($line, ":", 5);
1959 next if $index1 < 1;
1961 $iter = substr ($line, 5, $index1 - 5);
1965 my $index2 = index ($line, ":", $index1 + 1);
1967 next if $index2 < 1;
1969 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1971 $salt = decode_base64
($salt);
1975 $index1 = index ($line, ":", $index2 + 1);
1977 next if $index1 < 1;
1979 # additional param = output len of pbkdf2
1981 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1983 my $digest = decode_base64
($digest64_encoded);
1985 $param = length ($digest);
1989 $word = substr ($line, $index1 + 1);
1990 $hash_in = substr ($line, 0, $index1);
1992 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1994 # PBKDF2-HMAC-SHA512
1995 elsif ($mode == 12100)
1997 next unless (substr ($line, 0, 7) eq 'sha512:');
2000 my $index1 = index ($line, ":", 7);
2002 next if $index1 < 1;
2004 $iter = substr ($line, 7, $index1 - 7);
2008 my $index2 = index ($line, ":", $index1 + 1);
2010 next if $index2 < 1;
2012 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
2014 $salt = decode_base64
($salt);
2018 $index1 = index ($line, ":", $index2 + 1);
2020 next if $index1 < 1;
2022 # additional param = output len of pbkdf2
2024 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
2026 my $digest = decode_base64
($digest64_encoded);
2028 $param = length ($digest);
2032 $word = substr ($line, $index1 + 1);
2033 $hash_in = substr ($line, 0, $index1);
2035 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2038 elsif ($mode == 12200)
2040 next unless (substr ($line, 0, 12) eq '$ecryptfs$0$');
2042 # check if default salt
2046 $param = 0 if (substr ($line, 12, 2) eq '1$');
2054 if ($param == 0) # we need to extract the salt
2056 $index1 = index ($line, '$', $index1);
2058 next if $index1 < 1;
2060 my $index2 = index ($line, '$', $index1 + 1);
2062 next if $index2 < 1;
2064 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
2069 $index1 = index ($line, ':', $index1 + 1);
2071 next if $index1 < 1;
2075 $word = substr ($line, $index1 + 1);
2076 $hash_in = substr ($line, 0, $index1);
2078 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2080 # Oracle T: Type (Oracle 12+)
2081 elsif ($mode == 12300)
2083 my $index1 = index ($line, ':');
2085 next if ($index1 != 160);
2089 $salt = substr ($line, 128, 32);
2093 $word = substr ($line, $index1 + 1);
2094 $hash_in = substr ($line, 0, $index1);
2096 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2098 # BSDiCrypt, Extended DES
2099 elsif ($mode == 12400)
2101 next unless (substr ($line, 0, 1) eq '_');
2103 my $index1 = index ($line, ':', 20);
2105 next if ($index1 != 20);
2109 $iter = substr ($line, 1, 4);
2111 $iter = base64_to_int24
($iter);
2115 $salt = substr ($line, 5, 4);
2119 $word = substr ($line, $index1 + 1);
2120 $hash_in = substr ($line, 0, $index1);
2122 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2124 # Blockchain, My Wallet
2125 elsif ($mode == 12700)
2127 my $index1 = index ($line, ':');
2129 next if ($index1 < 0);
2131 $hash_in = substr ($line, 0, $index1);
2132 $word = substr ($line, $index1 + 1);
2134 my (undef, $signature, $data_len, $data_buf) = split '\$', $hash_in;
2136 next unless ($signature eq "blockchain");
2138 next unless (($data_len * 2) == length $data_buf);
2140 $salt = substr ($data_buf, 0, 32);
2141 $param = substr ($data_buf, 32);
2143 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2145 elsif ($mode == 12800)
2147 ($hash_in, $word) = split ":", $line;
2149 next unless defined $hash_in;
2150 next unless defined $word;
2152 my @data = split /\,/, $hash_in;
2154 next unless scalar @data == 4;
2156 next unless (shift @data eq 'v1;PPH1_MD4');
2158 $salt = shift @data;
2159 $iter = shift @data;
2161 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2163 elsif ($mode == 12900)
2165 ($hash_in, $word) = split ":", $line;
2167 next unless defined $hash_in;
2168 next unless defined $word;
2170 next unless length $hash_in == 160;
2172 $param = substr ($hash_in, 0, 64);
2173 $salt = substr ($hash_in, 128, 32);
2176 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2180 print "ERROR: hash mode is not supported\n";
2185 if ($word =~ m/^\$HEX\[[0-9a-fA-F]*\]$/)
2187 $word = pack ("H*", substr ($word, 5, -1));
2190 # finally generate the hash
2195 # check both variations
2196 $hash_out = gen_hash
($mode, $word, $salt, $iter, 1);
2198 $len = length $hash_out; # == length $alternative
2200 if (substr ($line, 0, $len) ne $hash_out)
2202 my $alternative = gen_hash
($mode, $word, $salt, $iter, 2);
2204 return unless (substr ($line, 0, $len) eq $alternative);
2207 elsif ($mode == 8700)
2209 $hash_out = gen_hash
($mode, $word, $salt, 0, $param);
2211 $len = length $hash_out;
2213 return unless (substr ($line, 0, $len) eq $hash_out);
2215 elsif ($mode == 8900)
2217 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2, $param3);
2219 $len = length $hash_out;
2221 return unless (substr ($line, 0, $len) eq $hash_out);
2223 elsif ($mode == 9100)
2225 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2227 $len = length $hash_out;
2229 return unless (substr ($line, 0, $len) eq $hash_out);
2231 elsif ($mode == 190)
2233 $hash_out = gen_hash
($mode, $word, $salt, $iter, 0);
2235 $len = length $hash_out; # == length $alternative
2237 if (substr ($line, 0, $len) ne $hash_out)
2239 my $alternative = gen_hash
($mode, $word, $salt, $iter, 1);
2241 return unless (substr ($line, 0, $len) eq $alternative);
2244 elsif ($mode == 3300)
2246 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2248 $len = length $hash_out;
2250 return unless (substr ($line, 0, $len) eq $hash_out);
2252 elsif ($mode == 5100)
2254 # check 3 variants (start, middle, end)
2258 $hash_out = gen_hash
($mode, $word, $salt, $iter, $idx++);
2260 $len = length $hash_out; # == length $alternative
2262 if (substr ($line, 0, $len) ne $hash_out)
2264 my $alternative = gen_hash
($mode, $word, $salt, $iter, $idx++);
2266 if (substr ($line, 0, $len) ne $alternative)
2268 my $alternative = gen_hash
($mode, $word, $salt, $iter, $idx++);
2270 return unless (substr ($line, 0, $len) eq $alternative);
2274 elsif ($mode == 9400)
2276 $hash_out = gen_hash
($mode, $word, $salt, 50000, $param, $param2);
2278 $len = length $hash_out;
2280 return unless (substr ($line, 0, $len) eq $hash_out);
2282 elsif ($mode == 9500)
2284 $hash_out = gen_hash
($mode, $word, $salt, 100000, $param);
2286 $len = length $hash_out;
2288 return unless (substr ($line, 0, $len) eq $hash_out);
2290 elsif ($mode == 9600)
2292 $hash_out = gen_hash
($mode, $word, $salt, 100000, $param);
2294 $len = length $hash_out;
2296 return unless (substr ($line, 0, $len) eq $hash_out);
2298 elsif ($mode == 9700)
2300 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2);
2302 $len = length $hash_out;
2304 return unless (substr ($line, 0, $len) eq $hash_out);
2306 elsif ($mode == 9800)
2308 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2);
2310 $len = length $hash_out;
2312 return unless (substr ($line, 0, $len) eq $hash_out);
2314 elsif ($mode == 10400)
2316 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2, $param3);
2318 $len = length $hash_out;
2320 return unless (substr ($line, 0, $len) eq $hash_out);
2322 elsif ($mode == 10500)
2324 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2, $param3, $param4, $param5, $param6);
2326 $len = length $hash_out;
2328 return unless (substr ($line, 0, $len) eq $hash_out);
2330 elsif ($mode == 10600)
2332 $hash_out = gen_hash
($mode, $word, $salt, 0, $param);
2334 $len = length $hash_out;
2336 return unless (substr ($line, 0, $len) eq $hash_out);
2338 elsif ($mode == 10700)
2340 $hash_out = gen_hash
($mode, $word, $salt, 0, $param);
2342 $len = length $hash_out;
2344 return unless (substr ($line, 0, $len) eq $hash_out);
2346 elsif ($mode == 10900)
2348 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2350 $len = length $hash_out;
2352 return unless (substr ($line, 0, $len) eq $hash_out);
2354 elsif ($mode == 11100)
2356 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2358 $len = length $hash_out;
2360 return unless (substr ($line, 0, $len) eq $hash_out);
2362 elsif ($mode == 11400)
2364 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param, $param2, $param3, $param4, $param5, $param6, $param7, $param8, $param9, $param10, $param11);
2366 $len = length $hash_out;
2368 return unless (substr ($line, 0, $len) eq $hash_out);
2370 elsif ($mode == 11600)
2372 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param, $param2, $param3, $param4, $param5, $param6);
2374 $len = length $hash_out;
2376 return unless (substr ($line, 0, $len) eq $hash_out);
2378 elsif ($mode == 11900)
2380 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2382 $len = length $hash_out;
2384 return unless (substr ($line, 0, $len) eq $hash_out);
2386 elsif ($mode == 12000)
2388 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2390 $len = length $hash_out;
2392 return unless (substr ($line, 0, $len) eq $hash_out);
2394 elsif ($mode == 12100)
2396 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2398 $len = length $hash_out;
2400 return unless (substr ($line, 0, $len) eq $hash_out);
2402 elsif ($mode == 12200)
2404 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2406 $len = length $hash_out;
2408 return unless (substr ($line, 0, $len) eq $hash_out);
2410 elsif ($mode == 12700)
2412 # this is very special, we can't call gen_hash () because the param part is not always the same
2413 # we only know that it should contain the letters "guid" at the beginning of the decryted string
2415 my $pbkdf2 = Crypt
::PBKDF2
->new (
2416 hash_class
=> 'HMACSHA1',
2421 my $salt_bin = pack ("H*", $salt);
2423 my $key = $pbkdf2->PBKDF2 ($salt_bin, $word);
2425 my $cipher = Crypt
::CBC
->new({
2427 cipher
=> "Crypt::Rijndael",
2434 my $param_bin = pack ("H*", $param);
2436 my $decrypted = $cipher->decrypt ($param_bin);
2438 my $decrypted_part = substr ($decrypted, 1, 16);
2440 return unless ($decrypted_part =~ /"guid"/);
2442 $hash_out = $hash_in;
2444 elsif ($mode == 12900)
2446 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2448 $len = length $hash_out;
2450 return unless (substr ($line, 0, $len) eq $hash_out);
2454 $hash_out = gen_hash
($mode, $word, $salt, $iter);
2456 $len = length $hash_out;
2461 # allow $P$ and $H$ for -m 400
2462 next unless (substr ($line, 3, $len - 3) eq substr ($hash_out, 3));
2464 elsif ($mode == 5600)
2466 # oclHashcat outputs the user name always upper-case, we need
2467 next unless (substr ($line, 0, $len) eq $hash_out);
2471 my $hash_out_lower = lc ($hash_out);
2473 for my $key (keys %{$db})
2475 if (lc ($key) eq $hash_out_lower)
2487 next unless (substr ($line, 0, $len) eq $hash_out);
2491 # do not forget "exists ($db->$hash_out)" should be done above!
2492 $db->{$hash_out} = $word;
2493 print OUT
$line . "\n";
2502 my $mode = shift || 0;
2504 while (my $word_buf = <>)
2508 next if length ($word_buf) > 31;
2516 for (my $i = 0; $i < 256; $i++)
2518 my $c = get_random_chr
(0x30, 0x39);
2520 push (@salt_arr, $c);
2523 my $salt_buf = join ("", @salt_arr);
2531 if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 190 || $mode == 200 || $mode == 300 || $mode == 600 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 6000 || $mode == 6100 || $mode == 6900 || $mode == 5700 || $mode == 9900 || $mode == 10800 || $mode == 11500)
2533 $tmp_hash = gen_hash
($mode, $word_buf, "");
2535 elsif ($mode == 10 || $mode == 20 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 120 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1711 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 3610 || $mode == 3710 || $mode == 3711 || $mode == 3720 || $mode == 3800 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 4900 || $mode == 8900 || $mode == 10000 || $mode == 10200 || $mode == 10900 || $mode == 11900 || $mode == 12000 || $mode == 12100)
2537 my $salt_len = get_random_num
(1, 15);
2539 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2541 elsif ($mode == 11 || $mode == 12 || $mode == 7600 || $mode == 12300)
2543 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
2547 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 2));
2551 my $salt_len = get_random_num
(1, 11);
2553 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2555 elsif ($mode == 111 || $mode == 122 || $mode == 131 || $mode == 132 || $mode == 400 || $mode == 500 || $mode == 1600 || $mode == 1722 || $mode == 1731 || $mode == 1800 || $mode == 6300 || $mode == 7900 || $mode == 8100 || $mode == 11100)
2557 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 8));
2559 elsif ($mode == 112)
2561 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 20));
2563 elsif ($mode == 121)
2565 my $salt_len = get_random_num
(1, 9);
2567 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2569 elsif ($mode == 141 || $mode == 1441)
2571 my $salt_len = get_random_num
(1, 15);
2573 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2575 elsif ($mode == 1100)
2577 my $salt_len = get_random_num
(1, 19);
2579 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2581 elsif ($mode == 1500)
2583 next if length ($word_buf) > 8;
2585 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 2));
2587 elsif ($mode == 2100)
2589 next if length ($word_buf) > 13;
2591 my $salt_len = get_random_num
(1, 19);
2593 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2595 elsif ($mode == 2410)
2597 next if length ($word_buf) > 15;
2599 my $salt_len = get_random_num
(1, 15);
2601 my $word_len = length ($word_buf);
2603 $salt_len = min
($salt_len, 15 - $word_len);
2605 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2607 elsif ($mode == 2500)
2609 next if length ($word_buf) < 8;
2611 my $salt_len = get_random_num
(0, 32);
2613 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2615 elsif ($mode == 2611)
2617 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 3));
2619 elsif ($mode == 2612)
2621 my $salt_len = get_random_num
(1, 22);
2623 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2625 elsif ($mode == 2711)
2627 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 30));
2629 elsif ($mode == 2811)
2631 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 5));
2633 elsif ($mode == 3000)
2635 next if length ($word_buf) > 7;
2637 $tmp_hash = gen_hash
($mode, $word_buf, "");
2639 elsif ($mode == 3100)
2641 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 10));
2643 elsif ($mode == 3200 || $mode == 5800 || $mode == 6400 || $mode == 6500 || $mode == 6700 || $mode == 7400 || $mode == 3300 || $mode == 8000 || $mode == 9100 || $mode == 12200)
2645 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 16));
2647 elsif ($mode == 3800 || $mode == 4900)
2649 my $salt_len = get_random_num
(1, 11);
2651 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2653 elsif ($mode == 4800)
2655 $salt_buf = get_random_md5chap_salt
(substr ($salt_buf, 0, 16));
2657 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2659 elsif ($mode == 5300 || $mode == 5400)
2661 $salt_buf = get_random_ike_salt
();
2663 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2665 elsif ($mode == 5500)
2667 my $user_len = get_random_num
(0, 15);
2668 my $domain_len = get_random_num
(0, 15);
2670 $salt_buf = get_random_netntlmv1_salt
($user_len, $domain_len);
2672 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2674 elsif ($mode == 5600)
2676 my $user_len = get_random_num
(0, 15);
2677 my $domain_len = get_random_num
(0, 15);
2679 $salt_buf = get_random_netntlmv2_salt
($user_len, $domain_len);
2681 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2683 elsif ($mode == 6600)
2685 $salt_buf = get_random_agilekeychain_salt
();
2687 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2689 elsif ($mode == 6800)
2691 my $email_len = get_random_num
(1, 15);
2695 for (my $i = 0; $i < $email_len; $i++)
2697 $email .= get_random_chr
(0x61, 0x7a);
2700 $email .= '@trash-mail.com';
2702 $tmp_hash = gen_hash
($mode, $word_buf, $email);
2704 elsif ($mode == 7100)
2706 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 64));
2708 elsif ($mode == 7200)
2710 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 128));
2712 elsif ($mode == 7300)
2714 my $salt_len = get_random_num
(32, 256);
2716 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2718 elsif ($mode == 7500)
2720 $salt_buf = get_random_kerberos5_salt
(substr ($salt_buf, 0, 16));
2722 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2724 elsif ($mode == 7700)
2726 next if length ($word_buf) > 8;
2728 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 12));
2730 elsif ($mode == 7800)
2732 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 12));
2734 elsif ($mode == 8200)
2736 $salt_buf = get_random_cloudkeychain_salt
();
2738 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2740 elsif ($mode == 8300)
2742 $salt_buf = get_random_dnssec_salt
();
2744 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2746 elsif ($mode == 8400 || $mode == 11200)
2748 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 40));
2750 elsif ($mode == 8500)
2752 next if length ($word_buf) > 8;
2754 my $salt_len = get_random_num
(1, 9);
2756 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2758 elsif ($mode == 8600)
2760 next if length ($word_buf) > 16;
2762 $tmp_hash = gen_hash
($mode, $word_buf, "");
2764 elsif ($mode == 8700)
2766 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 5));
2768 elsif ($mode == 9200 || $mode == 9300)
2772 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2774 elsif ($mode == 9400 || $mode == 9500 || $mode == 9600 || $mode == 9700 || $mode == 9800)
2776 next if length ($word_buf) > 19;
2780 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2782 elsif ($mode == 10100)
2784 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
2786 elsif ($mode == 10300)
2788 my $salt_len = get_random_num
(4, 15);
2790 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2792 elsif ($mode == 10400)
2794 next if length ($word_buf) > 31;
2798 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2800 elsif ($mode == 10500)
2802 next if length ($word_buf) > 15;
2806 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2808 elsif ($mode == 10600)
2810 next if length ($word_buf) > 31;
2814 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2816 elsif ($mode == 10700)
2818 next if length ($word_buf) > 15;
2822 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2824 elsif ($mode == 11000)
2826 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 56));
2828 elsif ($mode == 11300)
2830 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 16));
2832 elsif ($mode == 11400)
2834 next if length ($word_buf) > 24;
2836 my $salt_len = get_random_num
(1, 15);
2838 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2840 elsif ($mode == 11600)
2842 my $salt_len = get_random_num
(0, 16);
2844 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2846 elsif ($mode == 12400)
2848 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 4));
2850 elsif ($mode == 12600)
2852 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 64));
2854 elsif ($mode == 12700)
2856 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
2858 elsif ($mode == 12800)
2860 next if length ($word_buf) > 24;
2862 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 20));
2864 elsif ($mode == 12900)
2866 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
2870 print "ERROR: Unsupported hash type\n";
2875 print $tmp_hash, "\n";
2888 for (my $j = 0; $j < scalar @modes; $j++)
2890 my $mode = $modes[$j];
2892 if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 190 || $mode == 200 || $mode == 300 || $mode == 600 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 5300 || $mode == 5400 || $mode == 6000 || $mode == 6100 || $mode == 6600 || $mode == 6900 || $mode == 5700 || $mode == 8200 || $mode == 8300 || $mode == 9900 || $mode == 10800 || $mode == 11500)
2894 for (my $i = 1; $i < 32; $i++)
2898 rnd
($mode, $len, 0);
2906 elsif ($mode == 10 || $mode == 20 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 120 || $mode == 121 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1711 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 2410 || $mode == 3610 || $mode == 3710 || $mode == 3711 || $mode == 3720 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 8900 || $mode == 10000 || $mode == 10200 || $mode == 10900 || $mode == 11900 || $mode == 12000 || $mode == 12100)
2908 my $salt_len = get_random_num
(1, 15);
2910 for (my $i = 1; $i < 32; $i++)
2914 rnd
($mode, $len, $salt_len);
2918 rnd
($mode, $i, $salt_len);
2922 elsif ($mode == 11 || $mode == 12 || $mode == 7600 || $mode == 12300)
2924 for (my $i = 1; $i < 32; $i++)
2928 rnd
($mode, $len, 32);
2932 rnd
($mode, $i, 32);
2936 elsif ($mode == 21 || $mode == 22)
2938 for (my $i = 1; $i < 32; $i++)
2942 rnd
($mode, $len, 2);
2950 elsif ($mode == 111 || $mode == 122 || $mode == 131 || $mode == 132 || $mode == 400 || $mode == 500 || $mode == 1600 || $mode == 1722 || $mode == 1731 || $mode == 6300 || $mode == 7900 || $mode == 8100 || $mode == 11100)
2952 for (my $i = 1; $i < 32; $i++)
2956 rnd
($mode, $len, 8);
2964 elsif ($mode == 112)
2966 for (my $i = 1; $i < 32; $i++)
2970 rnd
($mode, $len, 20);
2974 rnd
($mode, $i, 20);
2978 elsif ($mode == 141 || $mode == 3300 || $mode == 1441 || $mode == 1800 || $mode == 3200 || $mode == 4800 || $mode == 6400 || $mode == 6500 || $mode == 6700 || $mode == 7400 || $mode == 8000 || $mode == 9100 || $mode == 12200)
2980 for (my $i = 1; $i < 32; $i++)
2984 rnd
($mode, $len, 16);
2988 rnd
($mode, $i, 16);
2994 my $salt_len = get_random_num
(1, 19);
2996 for (my $i = 1; $i < 32; $i++)
3000 rnd
($mode, $len, $salt_len);
3004 rnd
($mode, $i, $salt_len);
3008 elsif ($mode == 1500)
3010 for (my $i = 1; $i < 9; $i++)
3014 rnd
($mode, $len, 2);
3022 elsif ($mode == 2100)
3024 my $salt_len = get_random_num
(1, 19);
3026 for (my $i = 1; $i < 13; $i++)
3030 rnd
($mode, $len, $salt_len);
3034 rnd
($mode, $i, $salt_len);
3038 elsif ($mode == 2500)
3040 my $salt_len = get_random_num
(0, 32);
3042 for (my $i = 8; $i < 16; $i++)
3044 my $generate_from_len = 0;
3053 rnd
($mode, $len, $salt_len);
3057 rnd
($mode, $i, $salt_len);
3061 elsif ($mode == 2611)
3063 for (my $i = 1; $i < 32; $i++)
3067 rnd
($mode, $len, 3);
3075 elsif ($mode == 2612)
3077 my $salt_len = get_random_num
(1, 22);
3079 for (my $i = 1; $i < 32; $i++)
3083 rnd
($mode, $len, $salt_len);
3087 rnd
($mode, $i, $salt_len);
3091 elsif ($mode == 2711)
3093 for (my $i = 1; $i < 32; $i++)
3097 rnd
($mode, $len, 30);
3101 rnd
($mode, $i, 30);
3105 elsif ($mode == 2811)
3107 for (my $i = 1; $i < 32; $i++)
3111 rnd
($mode, $len, 5);
3119 elsif ($mode == 3000)
3121 for (my $i = 1; $i < 8; $i++)
3125 rnd
($mode, $len, 0);
3133 elsif ($mode == 3100)
3135 for (my $i = 1; $i < 32; $i++)
3139 rnd
($mode, $len, 10);
3143 rnd
($mode, $i, 10);
3147 elsif ($mode == 3800 || $mode == 4900)
3149 my $salt_len = get_random_num
(1, 11);
3151 for (my $i = 1; $i < 32; $i++)
3155 rnd
($mode, $len, $salt_len);
3159 rnd
($mode, $i, $salt_len);
3163 elsif ($mode == 5500 || $mode == 5600)
3167 for (my $i = 1; $i < 27; $i++)
3169 $salt_len = get_random_num
(1, 15);
3173 rnd
($mode, $len, $salt_len);
3177 rnd
($mode, $i, $salt_len);
3181 elsif ($mode == 5800)
3183 for (my $i = 1; $i < 14; $i++)
3187 rnd
($mode, $len, 16);
3191 rnd
($mode, $i, 16);
3195 elsif ($mode == 6800)
3197 my $salt_len = get_random_num
(8, 25);
3199 for (my $i = 1; $i < 32; $i++)
3203 rnd
($mode, $len, $salt_len);
3207 rnd
($mode, $i, $salt_len);
3211 elsif ($mode == 7100)
3213 for (my $i = 1; $i < 32; $i++)
3217 rnd
($mode, $len, 64);
3221 rnd
($mode, $i, 64);
3225 elsif ($mode == 7200)
3227 for (my $i = 1; $i < 32; $i++)
3231 rnd
($mode, $len, 128);
3235 rnd
($mode, $i, 128);
3239 elsif ($mode == 7300)
3241 my $salt_len = get_random_num
(32, 255);
3243 for (my $i = 1; $i < 32; $i++)
3247 rnd
($mode, $len, $salt_len);
3251 rnd
($mode, $i, $salt_len);
3255 elsif ($mode == 7500)
3257 for (my $i = 1; $i < 27; $i++)
3261 rnd
($mode, $len, 16);
3265 rnd
($mode, $i, 16);
3269 elsif ($mode == 7700)
3271 my $salt_len = get_random_num
(1, 12);
3273 for (my $i = 1; $i < 9; $i++)
3277 rnd
($mode, $len, $salt_len);
3281 rnd
($mode, $i, $salt_len);
3285 elsif ($mode == 7800)
3287 my $salt_len = get_random_num
(1, 12);
3289 for (my $i = 1; $i < 32; $i++)
3293 rnd
($mode, $len, $salt_len);
3297 rnd
($mode, $i, $salt_len);
3301 elsif ($mode == 8400 || $mode == 11200)
3303 for (my $i = 1; $i < 32; $i++)
3307 rnd
($mode, $len, 40);
3311 rnd
($mode, $i, 40);
3315 elsif ($mode == 8500)
3317 my $salt_len = get_random_num
(1, 8);
3319 for (my $i = 1; $i < 9; $i++)
3323 rnd
($mode, $len, $salt_len);
3327 rnd
($mode, $i, $salt_len);
3331 elsif ($mode == 8600)
3333 for (my $i = 1; $i < 17; $i++)
3337 rnd
($mode, $len, 0);
3345 elsif ($mode == 8700)
3347 for (my $i = 1; $i < 32; $i++)
3351 rnd
($mode, $len, 5);
3359 elsif ($mode == 9200 || $mode == 9300)
3363 for (my $i = 1; $i < 32; $i++)
3367 rnd
($mode, $len, $salt_len);
3371 rnd
($mode, $i, $salt_len);
3375 elsif ($mode == 9400 || $mode == 9500 || $mode == 9600 || $mode == 9700 || $mode == 9800)
3379 for (my $i = 1; $i < 20; $i++)
3383 rnd
($mode, $len, $salt_len);
3387 rnd
($mode, $i, $salt_len);
3391 elsif ($mode == 10100)
3393 for (my $i = 1; $i < 32; $i++)
3397 rnd
($mode, $len, 32);
3401 rnd
($mode, $i, 32);
3405 elsif ($mode == 10300)
3407 my $salt_len = get_random_num
(4, 15);
3409 for (my $i = 1; $i < 32; $i++)
3413 rnd
($mode, $len, $salt_len);
3417 rnd
($mode, $i, $salt_len);
3421 elsif ($mode == 10400 || $mode == 10600)
3425 for (my $i = 1; $i < 32; $i++)
3429 rnd
($mode, $len, $salt_len);
3433 rnd
($mode, $i, $salt_len);
3437 elsif ($mode == 10500 || $mode == 10700)
3441 for (my $i = 1; $i < 16; $i++)
3445 rnd
($mode, $len, $salt_len);
3449 rnd
($mode, $i, $salt_len);
3453 elsif ($mode == 11000)
3455 for (my $i = 1; $i < 32; $i++)
3459 rnd
($mode, $len, 56);
3463 rnd
($mode, $i, 56);
3467 elsif ($mode == 11300)
3469 for (my $i = 1; $i < 32; $i++)
3473 rnd
($mode, $len, 16);
3477 rnd
($mode, $i, 16);
3481 elsif ($mode == 11400)
3483 for (my $i = 1; $i < 24; $i++)
3487 rnd
($mode, $len, 16);
3491 rnd
($mode, $i, 16);
3495 elsif ($mode == 11600)
3497 my $salt_len = get_random_num
(0, 16);
3499 for (my $i = 1; $i < 32; $i++)
3503 rnd
($mode, $len, $salt_len);
3507 rnd
($mode, $i, $salt_len);
3511 elsif ($mode == 12400)
3513 for (my $i = 1; $i < 32; $i++)
3517 rnd
($mode, $len, 4);
3525 elsif ($mode == 12600)
3527 for (my $i = 1; $i < 32; $i++)
3531 rnd
($mode, $len, 64);
3535 rnd
($mode, $i, 64);
3539 elsif ($mode == 12700)
3541 for (my $i = 1; $i < 32; $i++)
3545 rnd
($mode, $len, 32);
3549 rnd
($mode, $i, 32);
3553 elsif ($mode == 12800)
3555 for (my $i = 1; $i < 25; $i++)
3559 rnd
($mode, $len, 20);
3563 rnd
($mode, $i, 20);
3567 elsif ($mode == 12900)
3569 for (my $i = 1; $i < 32; $i++)
3573 rnd
($mode, $len, 32);
3577 rnd
($mode, $i, 32);
3590 my $word_buf = shift;
3592 my $salt_buf = shift;
3596 my $additional_param = shift;
3598 my $additional_param2 = shift;
3600 my $additional_param3 = shift;
3602 my $additional_param4 = shift;
3604 my $additional_param5 = shift;
3606 my $additional_param6 = shift;
3608 my $additional_param7 = shift;
3610 my $additional_param8 = shift;
3612 my $additional_param9 = shift;
3614 my $additional_param10 = shift;
3616 my $additional_param11 = shift;
3628 $hash_buf = md5_hex
($word_buf);
3630 $tmp_hash = sprintf ("%s", $hash_buf);
3634 $hash_buf = md5_hex
($word_buf . $salt_buf);
3636 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3640 $hash_buf = md5_hex
($word_buf . $salt_buf);
3642 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3646 $hash_buf = md5_hex
($word_buf . $salt_buf);
3648 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3652 $hash_buf = md5_hex
($salt_buf . $word_buf);
3654 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3658 $hash_buf = md5_hex
($salt_buf . $word_buf);
3660 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3664 my $itoa64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
3665 my $salt_suffix = "Administration Tools";
3667 my $pass = sprintf ("%s:%s:%s", $salt_buf, $salt_suffix, $word_buf);
3669 $hash_buf = md5
($pass);
3673 for (my $pos = 0; $pos < 16; $pos += 2)
3675 my $octet1 = ord (substr ($hash_buf, $pos + 0, 1));
3676 my $octet2 = ord (substr ($hash_buf, $pos + 1, 1));
3678 my $num = ($octet1 <<8 & 0xff00) | ($octet2 & 0xff);
3680 my $idx1 = $num >> 12 & 0x0f;
3681 my $idx2 = $num >> 6 & 0x3f;
3682 my $idx3 = $num & 0x3f;
3684 $res = $res . substr ($itoa64, $idx1, 1) . substr ($itoa64, $idx2, 1) . substr ($itoa64, $idx3, 1);
3687 my $obfuscate_str = "nrcstn";
3688 my @obfuscate_pos = (0, 6, 12, 17, 23, 29);
3690 foreach my $pos (keys @obfuscate_pos)
3692 my $idx = $obfuscate_pos[$pos];
3693 my $before = substr ($res, 0, $idx);
3694 my $char = substr ($obfuscate_str, $pos, 1);
3695 my $after = substr ($res, $idx);
3697 $res = sprintf ("%s%s%s", $before, $char, $after);
3700 $tmp_hash = sprintf ("%s:%s", $res, $salt_buf);
3704 $hash_buf = md5_hex
($salt_buf . "\nskyper\n" . $word_buf);
3706 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3710 $hash_buf = md5_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
3712 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3716 $hash_buf = md5_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
3718 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3722 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&md5
, 64);
3724 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3728 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&md5
, 64);
3730 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3732 elsif ($mode == 100)
3734 $hash_buf = sha1_hex
($word_buf);
3736 $tmp_hash = sprintf ("%s", $hash_buf);
3738 elsif ($mode == 101)
3740 $hash_buf = sha1
($word_buf);
3742 my $base64_buf = encode_base64
($hash_buf);
3744 chomp ($base64_buf);
3746 $tmp_hash = sprintf ("{SHA}%s", $base64_buf);
3748 elsif ($mode == 110)
3750 $hash_buf = sha1_hex
($word_buf . $salt_buf);
3752 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3754 elsif ($mode == 111)
3756 $hash_buf = sha1
($word_buf . $salt_buf);
3758 my $base64_buf = encode_base64
($hash_buf . $salt_buf);
3760 chomp ($base64_buf);
3762 $tmp_hash = sprintf ("{SSHA}%s", $base64_buf);
3764 elsif ($mode == 112)
3766 my $salt_buf_bin = pack ("H*", $salt_buf);
3768 $hash_buf = sha1_hex
($word_buf . $salt_buf_bin);
3770 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3772 elsif ($mode == 120)
3774 $hash_buf = sha1_hex
($salt_buf . $word_buf);
3776 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3778 elsif ($mode == 121)
3780 $hash_buf = sha1_hex
(lc ($salt_buf) . $word_buf);
3782 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3784 elsif ($mode == 122)
3786 my $salt_buf_bin = pack ("H*", $salt_buf);
3788 $hash_buf = sha1_hex
($salt_buf_bin . $word_buf);
3790 $tmp_hash = sprintf ("%s%s", $salt_buf, $hash_buf);
3792 elsif ($mode == 130)
3794 $hash_buf = sha1_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
3796 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3798 elsif ($mode == 131)
3800 my $salt_buf_bin = pack ("H*", $salt_buf);
3802 $hash_buf = sha1_hex
(encode
("UTF-16LE", uc ($word_buf)) . $salt_buf_bin);
3804 $tmp_hash = sprintf ("0x0100%s%s%s", $salt_buf, "0" x
40, $hash_buf);
3806 elsif ($mode == 132)
3808 my $salt_buf_bin = pack ("H*", $salt_buf);
3810 $hash_buf = sha1_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf_bin);
3812 $tmp_hash = sprintf ("0x0100%s%s", $salt_buf, $hash_buf);
3814 elsif ($mode == 140)
3816 $hash_buf = sha1_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
3818 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3820 elsif ($mode == 141)
3822 $hash_buf = sha1
($salt_buf . encode
("UTF-16LE", $word_buf));
3824 my $base64_salt_buf = encode_base64
($salt_buf);
3826 chomp ($base64_salt_buf);
3828 my $base64_hash_buf = encode_base64
($hash_buf);
3830 $base64_hash_buf = substr ($base64_hash_buf, 0, 27);
3832 $tmp_hash = sprintf ("\$episerver\$*0*%s*%s", $base64_salt_buf, $base64_hash_buf);
3834 elsif ($mode == 150)
3836 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha1
, 64);
3838 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3840 elsif ($mode == 160)
3842 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&sha1
, 64);
3844 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3846 elsif ($mode == 190)
3848 $hash_buf = sha1_hex
($word_buf);
3850 my $variant = int (rand (2));
3852 if (defined ($additional_param))
3854 $variant = $additional_param;
3859 substr ($hash_buf, 0, 5) = "00000";
3862 $tmp_hash = sprintf ("%s", $hash_buf);
3864 elsif ($mode == 200)
3866 my $ppr = Authen
::Passphrase
::MySQL323
->new (passphrase
=> $word_buf);
3868 $hash_buf = $ppr->hash_hex;
3870 $tmp_hash = sprintf ("%s", $hash_buf);
3872 elsif ($mode == 300)
3874 $hash_buf = substr (password41
($word_buf), 1);
3876 $hash_buf = lc ($hash_buf); # useful for 'not matched' check only
3878 $tmp_hash = sprintf ("%s", $hash_buf);
3880 elsif ($mode == 400)
3889 my $ppr = Authen
::Passphrase
::PHPass
->new
3893 passphrase
=> $word_buf,
3896 $hash_buf = $ppr->as_rfc2307;
3898 $tmp_hash = sprintf ("%s", substr ($hash_buf, 7));
3900 elsif ($mode == 500)
3902 my $iterations = 1000;
3904 if (defined ($iter))
3908 $iterations = int ($iter);
3912 $hash_buf = md5_crypt
('$1$', $iterations, $word_buf, $salt_buf);
3914 $tmp_hash = sprintf ("%s", $hash_buf);
3916 elsif ($mode == 900)
3918 $hash_buf = md4_hex
($word_buf);
3920 $tmp_hash = sprintf ("%s", $hash_buf);
3922 elsif ($mode == 1000)
3924 $hash_buf = md4_hex
(encode
("UTF-16LE", $word_buf));
3926 $tmp_hash = sprintf ("%s", $hash_buf);
3928 elsif ($mode == 1100)
3930 $hash_buf = md4_hex
(md4
(encode
("UTF-16LE", $word_buf)) . encode
("UTF-16LE", lc ($salt_buf)));
3932 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3934 elsif ($mode == 1400)
3936 $hash_buf = sha256_hex
($word_buf);
3938 $tmp_hash = sprintf ("%s", $hash_buf);
3940 elsif ($mode == 1410)
3942 $hash_buf = sha256_hex
($word_buf . $salt_buf);
3944 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3946 elsif ($mode == 1420)
3948 $hash_buf = sha256_hex
($salt_buf . $word_buf);
3950 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3952 elsif ($mode == 1430)
3954 $hash_buf = sha256_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
3956 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3958 elsif ($mode == 1440)
3960 $hash_buf = sha256_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
3962 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3964 elsif ($mode == 1441)
3966 $hash_buf = sha256
($salt_buf . encode
("UTF-16LE", $word_buf));
3968 my $base64_salt_buf = encode_base64
($salt_buf);
3970 chomp ($base64_salt_buf);
3972 my $base64_hash_buf = encode_base64
($hash_buf);
3974 chomp ($base64_hash_buf);
3976 $base64_hash_buf = substr ($base64_hash_buf, 0, 43);
3978 $tmp_hash = sprintf ("\$episerver\$*1*%s*%s", $base64_salt_buf, $base64_hash_buf);
3980 elsif ($mode == 1450)
3982 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha256
, 64);
3984 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3986 elsif ($mode == 1460)
3988 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&sha256
, 64);
3990 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3992 elsif ($mode == 1500)
3994 $hash_buf = crypt ($word_buf, $salt_buf);
3996 $tmp_hash = sprintf ("%s", $hash_buf);
3998 elsif ($mode == 1600)
4000 my $iterations = 1000;
4002 if (defined ($iter))
4006 $iterations = int ($iter);
4010 $hash_buf = md5_crypt
('$apr1$', $iterations, $word_buf, $salt_buf);
4012 $tmp_hash = sprintf ("%s", $hash_buf);
4014 elsif ($mode == 1700)
4016 $hash_buf = sha512_hex
($word_buf);
4018 $tmp_hash = sprintf ("%s", $hash_buf);
4020 elsif ($mode == 1710)
4022 $hash_buf = sha512_hex
($word_buf . $salt_buf);
4024 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4026 elsif ($mode == 1711)
4028 $hash_buf = sha512_hex
($word_buf . $salt_buf);
4030 my $base64_buf = encode_base64
(pack ("H*", $hash_buf) . $salt_buf);
4032 $base64_buf =~ s/[ \n]//g;
4034 $tmp_hash = sprintf ("{SSHA512}%s", $base64_buf);
4036 elsif ($mode == 1720)
4038 $hash_buf = sha512_hex
($salt_buf . $word_buf);
4040 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4042 elsif ($mode == 1730)
4044 $hash_buf = sha512_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
4046 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4048 elsif ($mode == 1740)
4050 $hash_buf = sha512_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
4052 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4054 elsif ($mode == 1722)
4056 my $salt_buf_bin = pack ("H*", $salt_buf);
4058 $hash_buf = sha512_hex
($salt_buf_bin . $word_buf);
4060 $tmp_hash = sprintf ("%s%s", $salt_buf, $hash_buf);
4062 elsif ($mode == 1731)
4064 my $salt_buf_bin = pack ("H*", $salt_buf);
4066 $hash_buf = sha512_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf_bin);
4068 $tmp_hash = sprintf ("0x0200%s%s", $salt_buf, $hash_buf);
4070 elsif ($mode == 1750)
4072 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha512
, 128);
4074 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4076 elsif ($mode == 1760)
4078 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&sha512
, 128);
4080 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4082 elsif ($mode == 1800)
4084 my $iterations = 5000;
4086 if (defined ($iter))
4090 $iterations = int ($iter);
4094 $hash_buf = sha512_crypt
($iterations, $word_buf, $salt_buf);
4096 $tmp_hash = sprintf ("%s", $hash_buf);
4098 elsif ($mode == 2100)
4100 my $iterations = 10240;
4104 $iterations = int ($iter);
4107 my $salt = encode
("UTF-16LE", lc ($salt_buf));
4109 my $pbkdf2 = Crypt
::PBKDF2
->new
4111 hash_class
=> 'HMACSHA1',
4112 iterations
=> $iterations,
4114 salt_len
=> length ($salt),
4117 $hash_buf = unpack ("H*", $pbkdf2->PBKDF2 ($salt, md4
(md4
(encode
("UTF-16LE", $word_buf)) . $salt)));
4119 $tmp_hash = sprintf ("\$DCC2\$%i#%s#%s", $iterations, $salt_buf, $hash_buf);
4121 elsif ($mode == 2400)
4123 $tmp_hash = sprintf ("%s", pseudo_base64
(Digest
::MD5
::md5
($word_buf . "\0" x
(16 - length ($word_buf)))));
4125 elsif ($mode == 2410)
4127 my $salt_len = length ($salt_buf);
4129 my $salt_len_max4 = ($salt_len < 4) ?
$salt_len : 4;
4131 my $hash_buf = pseudo_base64
(Digest
::MD5
::md5
($word_buf . substr ($salt_buf, 0, $salt_len_max4) . "\0" x
(16 - length ($word_buf) - $salt_len_max4)));
4133 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4135 elsif ($mode == 2500)
4137 my ($bssid, $stmac, $snonce, $anonce, $eapol, $keyver, $eapol_size);
4139 if (! defined ($additional_param))
4143 $bssid = randbytes
(6);
4144 $stmac = randbytes
(6);
4145 $snonce = randbytes
(32);
4146 $anonce = randbytes
(32);
4148 $keyver = get_random_num
(1, 3); # 1 or 2
4151 # should be "validly" generated, but in theory could be anything for us also:
4152 # $eapol = "\x00" x 121; # works too, but let's generate it correctly
4154 $eapol = gen_random_wpa_eapol
($keyver, $snonce);
4158 $bssid = $additional_param;
4159 $stmac = $additional_param2;
4160 $snonce = $additional_param3;
4161 $anonce = $additional_param4;
4162 $keyver = $additional_param5;
4163 $eapol = $additional_param6;
4166 $eapol_size = length ($eapol);
4170 my $iterations = 4096;
4176 # generate the Pairwise Master Key (PMK)
4178 my $pbkdf2 = Crypt
::PBKDF2
->new
4180 hash_class
=> 'HMACSHA1',
4181 iterations
=> $iterations,
4185 my $pmk = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
4187 # Pairwise Transient Key (PTK) transformation
4189 my $ptk = wpa_prf_512
($pmk, $stmac, $bssid, $snonce, $anonce);
4191 # generate the Message Integrity Code (MIC)
4195 if ($keyver == 1) # WPA1 => MD5
4197 $mic = hmac
($eapol, $ptk, \
&md5
);
4201 $mic = hmac
($eapol, $ptk, \
&sha1
);
4204 $mic = substr ($mic, 0, 16);
4207 # format the binary output
4212 # first the essid (NULL-padded up to the first 36 bytes)
4214 $hash_buf .= $salt_buf;
4215 $hash_buf .= "\x00" x
(36 - length ($salt_buf));
4217 # the 2 MAC addresses
4219 $hash_buf .= $bssid;
4220 $hash_buf .= $stmac;
4224 $hash_buf .= $snonce;
4225 $hash_buf .= $anonce;
4229 $hash_buf .= $eapol;
4230 $hash_buf .= "\x00" x
(256 - $eapol_size);
4234 $hash_buf .= pack ("L*", $eapol_size);
4238 $hash_buf .= pack ("L*", $keyver);
4240 # and finally: the key mic
4244 # base64 encode the output
4246 $tmp_hash = encode_base64
($hash_buf, '');
4248 elsif ($mode == 2600)
4250 $hash_buf = md5_hex
(md5_hex
($word_buf));
4252 $tmp_hash = sprintf ("%s", $hash_buf);
4254 elsif ($mode == 2611)
4256 $hash_buf = md5_hex
(md5_hex
($word_buf) . $salt_buf);
4258 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4260 elsif ($mode == 2612)
4262 my $salt_buf_hex = unpack ("H*", $salt_buf);
4264 $hash_buf = md5_hex
(md5_hex
($word_buf) . $salt_buf);
4266 $tmp_hash = sprintf ("\$PHPS\$%s\$%s", $salt_buf_hex, $hash_buf);
4268 elsif ($mode == 2711)
4270 $hash_buf = md5_hex
(md5_hex
($word_buf) . $salt_buf);
4272 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4274 elsif ($mode == 2811)
4276 $hash_buf = md5_hex
(md5_hex
($salt_buf) . md5_hex
($word_buf));
4278 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4280 elsif ($mode == 3000)
4282 my $ppr = Authen
::Passphrase
::LANManager
->new ("passphrase" => $word_buf);
4284 $hash_buf = $ppr->hash_hex;
4286 $tmp_hash = sprintf ("%s", substr ($hash_buf, 0, 16));
4288 elsif ($mode == 3100)
4290 $hash_buf = oracle_hash
($salt_buf, $word_buf);
4292 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4294 elsif ($mode == 3200)
4303 $tmp_hash = bcrypt
($word_buf, sprintf ('$2a$%s$%s$', $cost, en_base64
($salt_buf)));
4305 elsif ($mode == 3300)
4307 my $iterations = 904;
4311 $iterations = int ($iter);
4316 if (defined ($additional_param))
4318 $variant = $additional_param;
4321 my $prefix = sprintf ("\$md5%srounds=%i\$%s", $variant, $iterations, $salt_buf);
4323 $iterations += 4096;
4325 $hash_buf = sun_md5
($word_buf, $prefix, $iterations);
4327 $tmp_hash = sprintf ("%s\$%s", $prefix, $hash_buf);
4329 elsif ($mode == 3500)
4331 $hash_buf = md5_hex
(md5_hex
(md5_hex
($word_buf)));
4333 $tmp_hash = sprintf ("%s", $hash_buf);
4335 elsif ($mode == 3610)
4337 $hash_buf = md5_hex
(md5_hex
($salt_buf) . $word_buf);
4339 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4341 elsif ($mode == 3710)
4343 $hash_buf = md5_hex
($salt_buf . md5_hex
($word_buf));
4345 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4347 elsif ($mode == 3711)
4349 $hash_buf = md5_hex
($salt_buf . "-" . md5_hex
($word_buf));
4351 $tmp_hash = sprintf ("\$B\$%s\$%s", $salt_buf, $hash_buf);
4353 elsif ($mode == 3720)
4355 $hash_buf = md5_hex
($word_buf . md5_hex
($salt_buf));
4357 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4359 elsif ($mode == 3800)
4361 $hash_buf = md5_hex
($salt_buf . $word_buf . $salt_buf);
4363 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4365 elsif ($mode == 3910)
4367 $hash_buf = md5_hex
(md5_hex
($word_buf) . md5_hex
($salt_buf));
4369 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4371 elsif ($mode == 4010)
4373 $hash_buf = md5_hex
($salt_buf . md5_hex
($salt_buf . $word_buf));
4375 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4377 elsif ($mode == 4110)
4379 $hash_buf = md5_hex
($salt_buf . md5_hex
($word_buf . $salt_buf));
4381 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4383 elsif ($mode == 4210)
4385 $hash_buf = md5_hex
($salt_buf . "\x00" . $word_buf);
4387 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4389 elsif ($mode == 4300)
4391 $hash_buf = md5_hex
(uc (md5_hex
($word_buf)));
4393 $tmp_hash = sprintf ("%s", $hash_buf);
4395 elsif ($mode == 4400)
4397 $hash_buf = md5_hex
(sha1_hex
($word_buf));
4399 $tmp_hash = sprintf ("%s", $hash_buf);
4401 elsif ($mode == 4500)
4403 $hash_buf = sha1_hex
(sha1_hex
($word_buf));
4405 $tmp_hash = sprintf ("%s", $hash_buf);
4407 elsif ($mode == 4600)
4409 $hash_buf = sha1_hex
(sha1_hex
(sha1_hex
($word_buf)));
4411 $tmp_hash = sprintf ("%s", $hash_buf);
4413 elsif ($mode == 4700)
4415 $hash_buf = sha1_hex
(md5_hex
($word_buf));
4417 $tmp_hash = sprintf ("%s", $hash_buf);
4419 elsif ($mode == 4800)
4421 my $index = rindex ($salt_buf, ":");
4423 my $salt = substr ($salt_buf, 0, $index);
4424 my $salt_bin = pack ("H*", $salt);
4425 my $chap_sign = substr ($salt_buf, $index + 1);
4426 my $chap_sign_bin = pack ("H*", $chap_sign);
4428 $hash_buf = md5_hex
($chap_sign_bin . $word_buf . $salt_bin);
4430 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4432 elsif ($mode == 4900)
4434 $hash_buf = sha1_hex
($salt_buf . $word_buf . $salt_buf);
4436 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4438 elsif ($mode == 5000)
4440 $hash_buf = keccak_256_hex
($word_buf);
4442 $tmp_hash = sprintf ("%s", $hash_buf);
4444 elsif ($mode == 5100)
4448 if (! defined ($additional_param))
4454 $pos = $additional_param * 8 unless ($additional_param > 2);
4457 $hash_buf = md5_hex
($word_buf);
4459 $tmp_hash = sprintf ("%s", substr ($hash_buf, $pos, 16));
4461 elsif ($mode == 5300)
4463 my @salt_arr = split (":", $salt_buf);
4465 my $msg_buf = pack ("H*", $salt_arr[0] . $salt_arr[1] . $salt_arr[2] . $salt_arr[3] . $salt_arr[4] . $salt_arr[5]);
4466 my $nr_buf = pack ("H*", $salt_arr[6] . $salt_arr[7]);
4468 my $hash_buf = hmac
($nr_buf , $word_buf, \
&md5
, 64);
4469 $hash_buf = hmac_hex
($msg_buf, $hash_buf, \
&md5
, 64);
4471 $tmp_hash = sprintf ("%s:%s", $salt_buf, $hash_buf);
4473 elsif ($mode == 5400)
4475 my @salt_arr = split (":", $salt_buf);
4477 my $msg_buf = pack ("H*", $salt_arr[0] . $salt_arr[1] . $salt_arr[2] . $salt_arr[3] . $salt_arr[4] . $salt_arr[5]);
4478 my $nr_buf = pack ("H*", $salt_arr[6] . $salt_arr[7]);
4480 my $hash_buf = hmac
($nr_buf , $word_buf, \
&sha1
, 64);
4481 $hash_buf = hmac_hex
($msg_buf, $hash_buf, \
&sha1
, 64);
4483 $tmp_hash = sprintf ("%s:%s", $salt_buf, $hash_buf);
4485 elsif ($mode == 5500)
4487 my $index1 = index ($salt_buf, "::");
4488 my $user = substr ($salt_buf, 0, $index1);
4490 my $index2 = index ($salt_buf, ":", $index1 + 2);
4491 my $domain = substr ($salt_buf, $index1 + 2, $index2 - $index1 - 2);
4493 my $len = length (substr ($salt_buf, $index2 + 1));
4495 my $c_challenge_hex;
4499 $c_challenge_hex = substr ($salt_buf, $index2 + 1, 48);
4504 $c_challenge_hex = substr ($salt_buf, $index2 + 1, 16);
4505 $c_challenge_hex .= 00 x
32;
4508 my $c_challenge = pack ("H*", substr ($c_challenge_hex, 0, 16));
4509 my $s_challenge_hex = substr ($salt_buf, $index2 + 17, 16);
4510 my $s_challenge = pack ("H*", $s_challenge_hex);
4512 my $challenge = substr (md5
($s_challenge . $c_challenge), 0, 8);
4516 my $nthash = Authen
::Passphrase
::NTHash
->new (passphrase
=> $word_buf)->hash . "\x00" x
5;
4518 $ntresp .= Crypt
::ECB
::encrypt
(setup_des_key
(substr ($nthash, 0, 7)), "DES", $challenge, PADDING_NONE
);
4519 $ntresp .= Crypt
::ECB
::encrypt
(setup_des_key
(substr ($nthash, 7, 7)), "DES", $challenge, PADDING_NONE
);
4520 $ntresp .= Crypt
::ECB
::encrypt
(setup_des_key
(substr ($nthash, 14, 7)), "DES", $challenge, PADDING_NONE
);
4522 $tmp_hash = sprintf ("%s::%s:%s:%s:%s", $user, $domain, $c_challenge_hex, unpack ("H*", $ntresp), $s_challenge_hex);
4524 elsif ($mode == 5600)
4526 my $index1 = index ($salt_buf, "::");
4527 my $user = substr ($salt_buf, 0, $index1);
4529 my $index2 = index ($salt_buf, ":", $index1 + 2);
4530 my $domain = substr ($salt_buf, $index1 + 2, $index2 - $index1 - 2);
4532 my $s_challenge_hex = substr ($salt_buf, $index2 + 1, 16);
4533 my $s_challenge = pack ("H*", $s_challenge_hex);
4535 my $temp_hex = substr ($salt_buf, $index2 + 17);
4536 my $temp = pack ("H*", $temp_hex);
4538 my $nthash = Authen
::Passphrase
::NTHash
->new (passphrase
=> $word_buf)->hash;
4539 my $identity = Encode
::encode
("UTF-16LE", uc ($user) . $domain);
4541 $hash_buf = hmac_hex
($s_challenge . $temp, hmac
($identity, $nthash, \
&md5
, 64), \
&md5
, 64);
4543 $tmp_hash = sprintf ("%s::%s:%s:%s:%s", $user, $domain, $s_challenge_hex, $hash_buf, $temp_hex);
4545 elsif ($mode == 5700)
4547 $hash_buf = sha256
($word_buf);
4549 my $base64_buf = encode_base64
($hash_buf);
4553 for (my $i = 0; $i < 43; $i++)
4555 $tmp_hash .= $CISCO_BASE64_MAPPING->{substr ($base64_buf, $i, 1)};
4558 elsif ($mode == 5800)
4560 $hash_buf = androidpin_hash
($word_buf, $salt_buf);
4562 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4564 elsif ($mode == 6000)
4566 $hash_buf = ripemd160_hex
($word_buf);
4568 $tmp_hash = sprintf ("%s", $hash_buf);
4570 elsif ($mode == 6100)
4572 $hash_buf = whirlpool_hex
($word_buf);
4574 $tmp_hash = sprintf ("%s", $hash_buf);
4576 elsif ($mode == 6300)
4578 my $iterations = 1000; # hard coded by the AIX format
4580 $hash_buf = md5_crypt
('', $iterations, $word_buf, $salt_buf);
4582 $tmp_hash = sprintf ("{smd5}%s", $hash_buf);
4584 elsif ($mode == 6400)
4586 my $iterations = 64;
4590 $iterations = 1 << int ($iter);
4593 $hash_buf = aix_ssha256_pbkdf2
($word_buf, $salt_buf, $iterations);
4595 $tmp_hash = sprintf ("{ssha256}%02i\$%s\$%s", log ($iterations) / log (2), $salt_buf, $hash_buf);
4597 elsif ($mode == 6500)
4599 my $iterations = 64;
4603 $iterations = 1 << int ($iter);
4606 $hash_buf = aix_ssha512_pbkdf2
($word_buf, $salt_buf, $iterations);
4608 $tmp_hash = sprintf ("{ssha512}%02i\$%s\$%s", log ($iterations) / log (2), $salt_buf, $hash_buf);
4610 elsif ($mode == 6600)
4612 my $iterations = 1000;
4616 $iterations = int ($iter);
4619 my $salt_hex = substr ($salt_buf, 0, 16);
4620 my $salt = pack ("H*", $salt_hex);
4622 my $prefix = substr ($salt_buf, 16, 2016);
4624 my $iv_hex = substr ($salt_buf, 2032);
4625 my $iv = pack ("H*", $iv_hex);
4627 my $data = pack ("H*", "10101010101010101010101010101010");
4629 my $hasher = Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA1');
4631 my $pbkdf2 = Crypt
::PBKDF2
->new (
4633 iterations
=> $iterations,
4637 my $key = $pbkdf2->PBKDF2 ($salt, $word_buf);
4639 my $cipher = Crypt
::CBC
->new({
4641 cipher
=> "Crypt::Rijndael",
4648 my $encrypted = unpack ("H*", $cipher->encrypt ($data));
4650 $hash_buf = substr ($encrypted, 0, 32);
4652 $tmp_hash = sprintf ("%i:%s:%s%s%s", $iterations, $salt_hex, $prefix, $iv_hex, $hash_buf);
4654 elsif ($mode == 6700)
4656 my $iterations = 64;
4660 $iterations = 1 << int ($iter);
4663 $hash_buf = aix_ssha1_pbkdf2
($word_buf, $salt_buf, $iterations);
4665 $tmp_hash = sprintf ("{ssha1}%02i\$%s\$%s", log ($iterations) / log (2), $salt_buf, $hash_buf);
4667 elsif ($mode == 6800)
4669 my $variant = $additional_param;
4671 if (! defined ($variant))
4673 $variant = int (rand (2));
4676 my $iterations = 500;
4680 $iterations = int ($iter);
4683 my $iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
4685 my $hasher = Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256);
4687 my $pbkdf2 = Crypt
::PBKDF2
->new (
4689 iterations
=> $iterations,
4693 my $key = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
4695 my $cipher = Crypt
::CBC
->new({
4697 cipher
=> "Crypt::Rijndael",
4706 my $encrypt = $cipher->encrypt (substr ($salt_buf, 0, 16));
4708 $hash_buf = substr (unpack ("H*", $encrypt), 0, 32);
4712 my $verifier = "lastpass rocks\x02\x02";
4714 $hash_buf = unpack ("H*", substr ($cipher->encrypt ($verifier), 0, 16));
4717 $tmp_hash = sprintf ("%s:%i:%s", $hash_buf, $iterations, $salt_buf);
4719 elsif ($mode == 6900)
4721 $hash_buf = gost_hex
($word_buf);
4723 $tmp_hash = sprintf ("%s", $hash_buf);
4725 elsif ($mode == 7100)
4727 my $iterations = 1024;
4731 $iterations = int ($iter);
4734 my $pbkdf2 = Crypt
::PBKDF2
->new
4736 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 512),
4737 iterations
=> $iterations
4740 $hash_buf = unpack ("H*", $pbkdf2->PBKDF2 (pack ("H*", $salt_buf), $word_buf));
4742 $tmp_hash = sprintf ("\$ml\$%i\$%s\$%0128s", $iterations, $salt_buf, $hash_buf);
4744 elsif ($mode == 7200)
4746 my $iterations = 1024;
4750 $iterations = int ($iter);
4753 my $pbkdf2 = Crypt
::PBKDF2
->new (
4754 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 512),
4755 iterations
=> $iterations
4758 $hash_buf = unpack ("H*", $pbkdf2->PBKDF2 (pack ("H*", $salt_buf), $word_buf));
4760 $tmp_hash = sprintf ("grub.pbkdf2.sha512.%i.%s.%0128s", $iterations, $salt_buf, $hash_buf);
4762 elsif ($mode == 7300)
4764 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha1
);
4766 $tmp_hash = sprintf ("%s:%s", unpack ("H*", $salt_buf), $hash_buf);
4768 elsif ($mode == 7400)
4770 my $iterations = 5000;
4772 if (defined ($iter))
4776 $iterations = int ($iter);
4780 $hash_buf = sha256_crypt
($iterations, $word_buf, $salt_buf);
4782 $tmp_hash = sprintf ("%s", $hash_buf);
4784 elsif ($mode == 7500)
4786 my @salt_arr = split ("\\\$", $salt_buf);
4788 my $user = $salt_arr[0];
4790 my $realm = $salt_arr[1];
4792 my $salt = $salt_arr[2];
4794 my $hmac_salt = $salt_arr[3];
4795 my $hmac_salt_bin = pack ("H*", $hmac_salt);
4797 my $clear_data = $salt_arr[4];
4799 my $k = md4
(encode
("UTF-16LE", $word_buf));
4801 my $k1 = hmac_md5
("\x01\x00\x00\x00", $k);
4803 my $k3 = hmac_md5
($hmac_salt_bin, $k1);
4805 if (length ($clear_data) > 1)
4807 my $clear_data_bin = pack ("H*", $clear_data);
4809 $hash_buf = RC4
($k3, $clear_data_bin);
4813 my $hash = $salt_arr[5];
4815 my $hash_bin = pack ("H*", $hash);
4817 my $clear_data = RC4
($k3, $hash_bin);
4819 my $timestamp = substr ($clear_data, 14, 14);
4824 if ($timestamp !~ /^[[:digit:]]{14}$/)
4831 $hash_buf = "\x00" x
36;
4833 if ($hash_buf eq $hash_bin)
4835 $hash_buf = "\x01" x
36;
4840 $hash_buf = $hash_bin;
4844 $tmp_hash = sprintf ("\$krb5pa\$23\$%s\$%s\$%s\$%s%s", $user, $realm, $salt, unpack ("H*", $hash_buf), $hmac_salt);
4846 elsif ($mode == 7600)
4848 $hash_buf = sha1_hex
($salt_buf . sha1_hex
($word_buf));
4850 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4852 elsif ($mode == 7700)
4854 $word_buf = uc $word_buf;
4855 $salt_buf = uc $salt_buf;
4857 my $word_buf_t = sapb_transcode
($word_buf);
4858 my $salt_buf_t = sapb_transcode
($salt_buf);
4860 my $digest1 = md5
($word_buf_t . $salt_buf_t);
4862 my $data = sapb_waldorf
($digest1, $word_buf_t, $salt_buf_t);
4864 my $digest2 = md5
($data);
4866 my ($a, $b, $c, $d) = unpack ("N4", $digest2);
4871 $tmp_hash = sprintf ("%s\$%08X%08X", $salt_buf, $a, $b);
4873 elsif ($mode == 7800)
4875 my $theMagicArray_s =
4876 "\x91\xac\x51\x14\x9f\x67\x54\x43\x24\xe7\x3b\xe0\x28\x74\x7b\xc2" .
4877 "\x86\x33\x13\xeb\x5a\x4f\xcb\x5c\x08\x0a\x73\x37\x0e\x5d\x1c\x2f" .
4878 "\x33\x8f\xe6\xe5\xf8\x9b\xae\xdd\x16\xf2\x4b\x8d\x2c\xe1\xd4\xdc" .
4879 "\xb0\xcb\xdf\x9d\xd4\x70\x6d\x17\xf9\x4d\x42\x3f\x9b\x1b\x11\x94" .
4880 "\x9f\x5b\xc1\x9b\x06\x05\x9d\x03\x9d\x5e\x13\x8a\x1e\x9a\x6a\xe8" .
4881 "\xd9\x7c\x14\x17\x58\xc7\x2a\xf6\xa1\x99\x63\x0a\xd7\xfd\x70\xc3" .
4882 "\xf6\x5e\x74\x13\x03\xc9\x0b\x04\x26\x98\xf7\x26\x8a\x92\x93\x25" .
4883 "\xb0\xa2\x0d\x23\xed\x63\x79\x6d\x13\x32\xfa\x3c\x35\x02\x9a\xa3" .
4884 "\xb3\xdd\x8e\x0a\x24\xbf\x51\xc3\x7c\xcd\x55\x9f\x37\xaf\x94\x4c" .
4885 "\x29\x08\x52\x82\xb2\x3b\x4e\x37\x9f\x17\x07\x91\x11\x3b\xfd\xcd";
4887 $salt_buf = uc $salt_buf;
4889 my $digest = sha1
($word_buf . $salt_buf);
4891 my ($a, $b, $c, $d, $e) = unpack ("I*", $digest);
4893 my $lengthMagicArray = 0x20;
4894 my $offsetMagicArray = 0;
4896 $lengthMagicArray += (($a >> 0) & 0xff) % 6;
4897 $lengthMagicArray += (($a >> 8) & 0xff) % 6;
4898 $lengthMagicArray += (($a >> 16) & 0xff) % 6;
4899 $lengthMagicArray += (($a >> 24) & 0xff) % 6;
4900 $lengthMagicArray += (($b >> 0) & 0xff) % 6;
4901 $lengthMagicArray += (($b >> 8) & 0xff) % 6;
4902 $lengthMagicArray += (($b >> 16) & 0xff) % 6;
4903 $lengthMagicArray += (($b >> 24) & 0xff) % 6;
4904 $lengthMagicArray += (($c >> 0) & 0xff) % 6;
4905 $lengthMagicArray += (($c >> 8) & 0xff) % 6;
4906 $offsetMagicArray += (($c >> 16) & 0xff) % 8;
4907 $offsetMagicArray += (($c >> 24) & 0xff) % 8;
4908 $offsetMagicArray += (($d >> 0) & 0xff) % 8;
4909 $offsetMagicArray += (($d >> 8) & 0xff) % 8;
4910 $offsetMagicArray += (($d >> 16) & 0xff) % 8;
4911 $offsetMagicArray += (($d >> 24) & 0xff) % 8;
4912 $offsetMagicArray += (($e >> 0) & 0xff) % 8;
4913 $offsetMagicArray += (($e >> 8) & 0xff) % 8;
4914 $offsetMagicArray += (($e >> 16) & 0xff) % 8;
4915 $offsetMagicArray += (($e >> 24) & 0xff) % 8;
4917 my $hash_buf = sha1_hex
($word_buf . substr ($theMagicArray_s, $offsetMagicArray, $lengthMagicArray) . $salt_buf);
4919 $tmp_hash = sprintf ("%s\$%s", $salt_buf, uc $hash_buf);
4921 elsif ($mode == 7900)
4930 my $phpass_it = 1 << $cost;
4932 $hash_buf = sha512
($salt_buf . $word_buf);
4934 for (my $i = 0; $i < $phpass_it; $i++)
4936 $hash_buf = sha512
($hash_buf . $word_buf);
4939 my $base64_buf = substr (Authen
::Passphrase
::PHPass
::_en_base64
($hash_buf), 0, 43);
4941 my $base64_digits = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
4943 my $cost_str = substr ($base64_digits , $cost, 1);
4945 $tmp_hash = sprintf ('$S$%s%s%s', $cost_str, $salt_buf, $base64_buf);
4947 elsif ($mode == 8000)
4949 my $salt_buf_bin = pack ("H*", $salt_buf);
4951 my $word_buf_utf = encode
("UTF-16BE", $word_buf);
4953 $hash_buf = sha256_hex
($word_buf_utf . "\x00" x
(510 - (length ($word_buf) * 2)) . $salt_buf_bin);
4955 $tmp_hash = sprintf ("0xc007%s%s", $salt_buf, $hash_buf);
4957 elsif ($mode == 8100)
4959 $hash_buf = sha1_hex
($salt_buf . $word_buf . "\x00");
4961 $tmp_hash = sprintf ("1%s%s", $salt_buf, $hash_buf);
4963 elsif ($mode == 8200)
4965 my $iterations = 40000;
4967 if (defined ($iter))
4969 $iterations = $iter;
4972 my $salt_hex = substr ($salt_buf, 0, 32);
4973 my $salt = pack ("H*", $salt_hex);
4975 my $data_hex = substr ($salt_buf, 32);
4976 my $data = pack ("H*", $data_hex);
4978 my $pbkdf2 = Crypt
::PBKDF2
->new
4980 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 512),
4981 iterations
=> int $iterations
4984 my $key = $pbkdf2->PBKDF2 ($salt, $word_buf);
4986 $hash_buf = hmac_hex
($data, substr ($key, 32, 32), \
&sha256
, 64);
4988 $tmp_hash = sprintf ("%s:%s:%d:%s", $hash_buf, $salt_hex, $iterations, $data_hex);
4990 elsif ($mode == 8300)
4992 my ($domain, $salt_hex) = split (":", $salt_buf);
4994 my $hashalg = Net
::DNS
::SEC
->digtype ("SHA1");
4996 my $salt = pack ("H*", $salt_hex);
5000 if (defined ($iter))
5002 $iterations = $iter;
5005 my $name = lc ($word_buf . $domain);
5007 my $hash_buf = Net
::DNS
::RR
::NSEC3
::name2hash
($hashalg, $name, $iterations, $salt);
5009 $tmp_hash = sprintf ("%s:%s:%s:%d", $hash_buf, $domain, $salt_hex, $iterations);
5011 elsif ($mode == 8400)
5013 $hash_buf = sha1_hex
($salt_buf . sha1_hex
($salt_buf . sha1_hex
($word_buf)));
5015 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
5017 elsif ($mode == 8500)
5019 $hash_buf = racf_hash
(uc $salt_buf, $word_buf);
5021 $tmp_hash = sprintf ('$racf$*%s*%s', uc $salt_buf, uc $hash_buf);
5023 elsif ($mode == 8600)
5025 my @saved_key = map { ord $_; } split "", $word_buf;
5027 my $len = scalar @saved_key;
5029 my @state = domino_big_md
(\
@saved_key, $len);
5031 $tmp_hash = sprintf ('%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x',
5050 elsif ($mode == 8700)
5052 my $domino_char = undef;
5054 if (defined ($additional_param))
5056 $domino_char = $additional_param;
5059 my @saved_key = map { ord $_; } split "", $word_buf;
5061 my $len = scalar @saved_key;
5063 my @state = domino_big_md
(\
@saved_key, $len);
5065 my $str = "(" . unpack ("H*", join ("", (map { chr $_; } @state))) . ")";
5067 @saved_key = map { ord $_; } split "", $salt_buf . uc $str;
5069 @state = domino_big_md
(\
@saved_key, 34);
5071 $hash_buf = join ("", (map { chr $_; } @state));
5073 $tmp_hash = sprintf ('(G%s)', domino_encode
($salt_buf . $hash_buf, $domino_char));
5075 elsif ($mode == 8900)
5081 if (defined ($additional_param))
5083 $N = $additional_param;
5084 $r = $additional_param2;
5085 $p = $additional_param3;
5088 $hash_buf = scrypt_hash
($word_buf, $salt_buf, $N, $r, $p, 32);
5090 $tmp_hash = sprintf ('%s', $hash_buf);
5092 elsif ($mode == 9100)
5094 my $iterations = 5000;
5096 if (defined ($iter))
5098 $iterations = $iter;
5101 my $domino_char = undef;
5103 # domino 5 hash - SEC_pwddigest_V1 - -m 8600
5105 my @saved_key = map { ord $_; } split "", $word_buf;
5107 my $len = scalar @saved_key;
5109 my @state = domino_big_md
(\
@saved_key, $len);
5112 # domino 6 hash - SEC_pwddigest_V2 - -m 8700
5114 my $salt_part = substr ($salt_buf, 0, 5);
5116 my $str = "(" . unpack ("H*", join ("", (map { chr $_; } @state))) . ")";
5118 @saved_key = map { ord $_; } split "", $salt_part . uc $str;
5120 @state = domino_big_md
(\
@saved_key, 34);
5122 $hash_buf = join ("", (map { chr $_; } @state));
5124 $tmp_hash = sprintf ('(G%s)', domino_encode
($salt_part . $hash_buf, $domino_char));
5127 # domino 8(.5.x) hash - SEC_pwddigest_V3 - -m 9100
5129 my $pbkdf2 = Crypt
::PBKDF2
->new
5131 hash_class
=> 'HMACSHA1',
5132 iterations
=> $iterations,
5139 if (defined ($additional_param))
5141 $chars = $additional_param;
5144 my $digest_new = $pbkdf2->PBKDF2 ($salt_buf, $tmp_hash);
5146 my $iteration_str = "" . $iterations;
5148 for (my $i = length ($iterations); $i < 10; $i++)
5150 $iterations = "0" . $iterations;
5153 $tmp_hash = sprintf ('(H%s)', domino_85x_encode
($salt_buf . $iterations . $chars . $digest_new, $domino_char));
5155 elsif ($mode == 9200)
5157 my $iterations = 20000;
5159 my $pbkdf2 = Crypt
::PBKDF2
->new
5161 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256),
5162 iterations
=> $iterations
5165 $hash_buf = encode_base64
($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
5169 for (my $i = 0; $i < 43; $i++)
5171 $tmp_hash .= $CISCO_BASE64_MAPPING->{substr ($hash_buf, $i, 1)};
5174 $tmp_hash = sprintf ("\$8\$%s\$%s", $salt_buf, $tmp_hash);
5176 elsif ($mode == 9300)
5182 $hash_buf = scrypt_b64
($word_buf, $salt_buf, $N, $r, $p, 32);
5186 for (my $i = 0; $i < 43; $i++)
5188 $tmp_hash .= $CISCO_BASE64_MAPPING->{substr ($hash_buf, $i, 1)};
5191 $tmp_hash = sprintf ('$9$%s$%s', $salt_buf, $tmp_hash);
5193 elsif ($mode == 9400)
5195 my $iterations = 50000;
5199 $iterations = int ($iter);
5202 my $aes_key_size = 128; # or 256
5204 if (defined ($additional_param2))
5206 $aes_key_size = $additional_param2;
5209 $salt_buf = pack ("H*", $salt_buf);
5211 my $tmp = sha1
($salt_buf . encode
("UTF-16LE", $word_buf));
5213 for (my $i = 0; $i < $iterations; $i++)
5215 my $num32 = pack ("L", $i);
5217 $tmp = sha1
($num32 . $tmp);
5220 my $zero32 = pack ("L", 0x00);
5222 my $derivation_array1 = pack ("C", 0x36) x
64;
5223 my $derivation_array2 = pack ("C", 0x5C) x
64;
5225 $tmp = sha1
($tmp . $zero32);
5227 my $tmp2 = sha1
($derivation_array1 ^ $tmp);
5228 my $tmp3 = sha1
($derivation_array2 ^ $tmp);
5230 my $key = substr ($tmp2 . $tmp3, 0, $aes_key_size / 8);
5232 my $m = Crypt
::Mode
::ECB
->new ('AES', 0);
5236 if (defined $additional_param)
5238 $encdata = $m->decrypt (pack ("H*", $additional_param), $key);
5242 $encdata = "A" x
16; ## can be anything
5245 my $data1_buf = $encdata;
5246 my $data2_buf = sha1
(substr ($data1_buf, 0, 16));
5248 $data1_buf = substr ($data1_buf . ("\x00" x
16), 0, 16);
5249 $data2_buf = substr ($data2_buf . ("\x00" x
16), 0, 32);
5251 my $encrypted1 = unpack ("H*", $m->encrypt ($data1_buf, $key));
5252 my $encrypted2 = unpack ("H*", $m->encrypt ($data2_buf, $key));
5254 $encrypted1 = substr ($encrypted1, 0, 32);
5255 $encrypted2 = substr ($encrypted2, 0, 40);
5257 $tmp_hash = sprintf ("\$office\$*%d*%d*%d*%d*%s*%s*%s", 2007, 20, $aes_key_size, 16, unpack ("H*", $salt_buf), $encrypted1, $encrypted2);
5259 elsif ($mode == 9500)
5261 my $iterations = 100000;
5265 $iterations = int ($iter);
5268 $salt_buf = pack ("H*", $salt_buf);
5270 my $tmp = sha1
($salt_buf . encode
("UTF-16LE", $word_buf));
5272 for (my $i = 0; $i < $iterations; $i++)
5274 my $num32 = pack ("L", $i);
5276 $tmp = sha1
($num32 . $tmp);
5279 my $encryptedVerifierHashInputBlockKey = "\xfe\xa7\xd2\x76\x3b\x4b\x9e\x79";
5280 my $encryptedVerifierHashValueBlockKey = "\xd7\xaa\x0f\x6d\x30\x61\x34\x4e";
5282 my $final1 = sha1
($tmp . $encryptedVerifierHashInputBlockKey);
5283 my $final2 = sha1
($tmp . $encryptedVerifierHashValueBlockKey);
5285 my $key1 = substr ($final1, 0, 16);
5286 my $key2 = substr ($final2, 0, 16);
5288 my $cipher1 = Crypt
::CBC
->new({
5290 cipher
=> "Crypt::Rijndael",
5298 my $cipher2 = Crypt
::CBC
->new({
5300 cipher
=> "Crypt::Rijndael",
5310 if (defined $additional_param)
5312 $encdata = $cipher1->decrypt (pack ("H*", $additional_param));
5316 $encdata = "A" x
16; ## can be anything
5319 my $data1_buf = $encdata;
5320 my $data2_buf = sha1
(substr ($data1_buf, 0, 16));
5322 my $encrypted1 = unpack ("H*", $cipher1->encrypt ($data1_buf));
5323 my $encrypted2 = unpack ("H*", $cipher2->encrypt ($data2_buf));
5325 $encrypted2 = substr ($encrypted2, 0, 64);
5327 $tmp_hash = sprintf ("\$office\$*%d*%d*%d*%d*%s*%s*%s", 2010, 100000, 128, 16, unpack ("H*", $salt_buf), $encrypted1, $encrypted2);
5329 elsif ($mode == 9600)
5331 my $iterations = 100000;
5335 $iterations = int ($iter);
5338 $salt_buf = pack ("H*", $salt_buf);
5340 my $tmp = sha512
($salt_buf . encode
("UTF-16LE", $word_buf));
5342 for (my $i = 0; $i < $iterations; $i++)
5344 my $num32 = pack ("L", $i);
5346 $tmp = sha512
($num32 . $tmp);
5349 my $encryptedVerifierHashInputBlockKey = "\xfe\xa7\xd2\x76\x3b\x4b\x9e\x79";
5350 my $encryptedVerifierHashValueBlockKey = "\xd7\xaa\x0f\x6d\x30\x61\x34\x4e";
5352 my $final1 = sha512
($tmp . $encryptedVerifierHashInputBlockKey);
5353 my $final2 = sha512
($tmp . $encryptedVerifierHashValueBlockKey);
5355 my $key1 = substr ($final1, 0, 32);
5356 my $key2 = substr ($final2, 0, 32);
5358 my $cipher1 = Crypt
::CBC
->new({
5360 cipher
=> "Crypt::Rijndael",
5368 my $cipher2 = Crypt
::CBC
->new({
5370 cipher
=> "Crypt::Rijndael",
5380 if (defined $additional_param)
5382 $encdata = $cipher1->decrypt (pack ("H*", $additional_param));
5386 $encdata = "A" x
16; ## can be anything
5389 my $data1_buf = $encdata;
5390 my $data2_buf = sha512
(substr ($data1_buf, 0, 16));
5392 my $encrypted1 = unpack ("H*", $cipher1->encrypt ($data1_buf));
5393 my $encrypted2 = unpack ("H*", $cipher2->encrypt ($data2_buf));
5395 $encrypted2 = substr ($encrypted2, 0, 64);
5397 $tmp_hash = sprintf ("\$office\$*%d*%d*%d*%d*%s*%s*%s", 2013, 100000, 256, 16, unpack ("H*", $salt_buf), $encrypted1, $encrypted2);
5399 elsif ($mode == 9700)
5401 $salt_buf = pack ("H*", $salt_buf);
5403 my $tmp = md5
(encode
("UTF-16LE", $word_buf));
5405 $tmp = substr ($tmp, 0, 5);
5409 for (my $i = 0; $i < 16; $i++)
5417 $tmp = substr ($tmp, 0, 5);
5421 if (defined $additional_param2)
5423 $version = $additional_param2;
5427 $version = (unpack ("L", $tmp) & 1) ?
0 : 1;
5430 my $rc4_key = md5
($tmp . "\x00\x00\x00\x00");
5432 my $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5436 if (defined $additional_param)
5438 $encdata = $m->RC4 (pack ("H*", $additional_param));
5442 $encdata = "A" x
16; ## can be anything
5445 my $data1_buf = $encdata;
5446 my $data2_buf = md5
(substr ($data1_buf, 0, 16));
5448 $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5450 my $encrypted1 = $m->RC4 ($data1_buf);
5451 my $encrypted2 = $m->RC4 ($data2_buf);
5453 $tmp_hash = sprintf ("\$oldoffice\$%d*%s*%s*%s", $version, unpack ("H*", $salt_buf), unpack ("H*", $encrypted1), unpack ("H*", $encrypted2));
5455 elsif ($mode == 9800)
5457 $salt_buf = pack ("H*", $salt_buf);
5459 my $tmp = sha1
($salt_buf. encode
("UTF-16LE", $word_buf));
5463 if (defined $additional_param2)
5465 $version = $additional_param2;
5469 $version = (unpack ("L", $tmp) & 1) ?
3 : 4;
5472 my $rc4_key = sha1
($tmp . "\x00\x00\x00\x00");
5476 $rc4_key = substr ($rc4_key, 0, 5) . "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
5479 my $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5483 if (defined $additional_param)
5485 $encdata = $m->RC4 (pack ("H*", $additional_param));
5489 $encdata = "A" x
16; ## can be anything
5492 my $data1_buf = $encdata;
5493 my $data2_buf = sha1
(substr ($data1_buf, 0, 16));
5495 $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5497 my $encrypted1 = $m->RC4 ($data1_buf);
5498 my $encrypted2 = $m->RC4 ($data2_buf);
5500 $tmp_hash = sprintf ("\$oldoffice\$%d*%s*%s*%s", $version, unpack ("H*", $salt_buf), unpack ("H*", $encrypted1), unpack ("H*", $encrypted2));
5502 elsif ($mode == 9900)
5504 $tmp_hash = sprintf ("%s", md5_hex
($word_buf . "\0" x
(100 - length ($word_buf))));
5506 elsif ($mode == 10000)
5508 my $iterations = 10000;
5512 $iterations = int ($iter);
5515 my $pbkdf2 = Crypt
::PBKDF2
->new
5517 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256),
5518 iterations
=> $iterations
5521 $hash_buf = encode_base64
($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
5522 $hash_buf =~ s/[\r\n]//g;
5524 $tmp_hash = sprintf ("pbkdf2_sha256\$%i\$%s\$%s", $iterations, $salt_buf, $hash_buf);
5526 elsif ($mode == 10100)
5528 my $seed = pack ("H*", $salt_buf);
5530 my ($hi, $lo) = siphash
($word_buf, $seed);
5532 my $hi_s = sprintf ("%08x", $hi);
5533 my $lo_s = sprintf ("%08x", $lo);
5535 $hi_s =~ s/^(..)(..)(..)(..)$/$4$3$2$1/;
5536 $lo_s =~ s/^(..)(..)(..)(..)$/$4$3$2$1/;
5538 $tmp_hash = sprintf ("%s%s:2:4:%s", $hi_s, $lo_s, $salt_buf);
5540 elsif ($mode == 10200)
5542 my $challengeb64 = encode_base64
($salt_buf);
5543 $challengeb64 =~ s/[\r\n]//g;
5547 if (defined $additional_param)
5549 $username = $additional_param;
5556 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&md5
);
5558 my $responseb64 = encode_base64
($username . " " . $hash_buf);
5559 $responseb64 =~ s/[\r\n]//g;
5561 $tmp_hash = sprintf ('$cram_md5$%s$%s', $challengeb64, $responseb64);
5563 elsif ($mode == 10300)
5565 my $iterations = 1024;
5569 $iterations = int ($iter);
5572 my $hash_buf = $salt_buf;
5574 for (my $pos = 0; $pos < $iterations; $pos++)
5576 $hash_buf = sha1
($word_buf . $hash_buf);
5579 $hash_buf = encode_base64
($hash_buf . $salt_buf);
5580 $hash_buf =~ s/[\r\n]//g;
5582 $tmp_hash = sprintf ("{x-issha, %i}%s", $iterations, $hash_buf);
5584 elsif ($mode == 10400)
5587 my $u = $additional_param;
5588 my $o = $additional_param2;
5589 my $P = $additional_param3;
5591 if (defined $u == 0)
5596 if (defined $o == 0)
5601 if (defined $P == 0)
5608 for (my $i = 0; $i < 32; $i++)
5610 $padding .= pack ("C", $pdf_padding[$i]);
5613 my $res = pdf_compute_encryption_key
($word_buf, $padding, $id, $u, $o, $P, 1, 2, 0);
5615 my $m = Crypt
::RC4
->new (substr ($res, 0, 5));
5617 $u = $m->RC4 ($padding);
5619 $tmp_hash = sprintf ('$pdf$%d*%d*40*%d*%d*16*%s*32*%s*32*%s', 1, 2, $P, 0, $id, unpack ("H*", $u), $o);
5621 elsif ($mode == 10500)
5624 my $u = $additional_param;
5625 my $o = $additional_param2;
5626 my $P = $additional_param3;
5627 my $V = $additional_param4;
5628 my $R = $additional_param5;
5629 my $enc = $additional_param6;
5631 if (defined $u == 0)
5638 if (defined $o == 0)
5643 if (defined $R == 0)
5645 $R = get_random_num
(3, 5);
5648 if (defined $V == 0)
5650 $V = ($R == 3) ?
2 : 4;
5653 if (defined $P == 0)
5655 $P = ($R == 3) ?
-4 : -1028;
5658 if (defined $enc == 0)
5660 $enc = ($R == 3) ?
1 : get_random_num
(0, 2);
5665 for (my $i = 0; $i < 32; $i++)
5667 $padding .= pack ("C", $pdf_padding[$i]);
5670 my $res = pdf_compute_encryption_key
($word_buf, $padding, $id, $u, $o, $P, $V, $R, $enc);
5672 my $digest = md5
($padding . pack ("H*", $id));
5674 my $m = Crypt
::RC4
->new ($res);
5676 $u = $m->RC4 ($digest);
5678 my @ress = split "", $res;
5680 for (my $x = 1; $x <= 19; $x++)
5684 for (my $i = 0; $i < 16; $i++)
5686 $xor[$i] = chr (ord ($ress[$i]) ^ $x);
5689 my $s = join ("", @xor);
5691 my $m2 = Crypt
::RC4
->new ($s);
5696 $u .= substr (pack ("H*", $u_save), 16, 16);
5698 $tmp_hash = sprintf ('$pdf$%d*%d*128*%d*%d*16*%s*32*%s*32*%s', $V, $R, $P, $enc, $id, unpack ("H*", $u), $o);
5700 elsif ($mode == 10600)
5703 my $rest = $additional_param;
5705 if (defined $id == 0)
5710 if (defined $rest == 0)
5716 $rest .= "*127*00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000";
5719 my @data = split /\*/, $rest;
5721 my $u = pack ("H*", $data[1]);
5723 my $h = sha256
($word_buf . substr ($u, 32, 8));
5725 $data[1] = unpack ("H*", $h . substr ($u, 32));
5727 $rest = join ("*", @data);
5729 $tmp_hash = sprintf ('$pdf$5*5*256*-1028*1*16*%s*%s', $id, $rest);
5731 elsif ($mode == 10700)
5734 my $rest = $additional_param;
5736 if (defined $id == 0)
5741 if (defined $rest == 0)
5747 $rest .= "*127*00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000";
5750 my @datax = split /\*/, $rest;
5752 my $u = pack ("H*", $datax[1]);
5754 my $block = sha256
($word_buf . substr ($u, 32, 8));
5756 my $block_size = 32;
5758 my $data = 0x00 x
64;
5764 for (my $i = 0; $i < 64 || $i < $data63 + 32; $i++)
5766 $data = $word_buf . $block;
5768 $data_len = length ($data);
5770 for (my $k = 1; $k < 64; $k++)
5772 $data .= $word_buf . $block;
5775 my $aes = Crypt
::CBC
->new({
5776 key
=> substr ($block, 0, 16),
5777 cipher
=> "Crypt::Rijndael",
5778 iv
=> substr ($block, 16, 16),
5785 my $data = $aes->encrypt ($data);
5789 for (my $j = 0; $j < 16; $j++)
5791 $sum += ord (substr ($data, $j, 1));
5794 $block_size = 32 + ($sum % 3) * 16;
5796 if ($block_size == 32)
5798 $block = sha256
(substr ($data, 0, $data_len * 64));
5800 elsif ($block_size == 48)
5802 $block = sha384
(substr ($data, 0, $data_len * 64));
5804 elsif ($block_size == 64)
5806 $block = sha512
(substr ($data, 0, $data_len * 64));
5809 $data63 = ord (substr ($data, $data_len * 64 - 1, 1));
5812 $datax[1] = unpack ("H*", substr ($block, 0, 32) . substr ($u, 32));
5814 $rest = join ("*", @datax);
5816 $tmp_hash = sprintf ('$pdf$5*6*256*-1028*1*16*%s*%s', $id, $rest);
5818 elsif ($mode == 10800)
5820 $hash_buf = sha384_hex
($word_buf);
5822 $tmp_hash = sprintf ("%s", $hash_buf);
5824 elsif ($mode == 10900)
5826 my $iterations = 1000;
5830 $iterations = int ($iter);
5835 if (defined $additional_param)
5837 $out_len = $additional_param;
5840 my $pbkdf2 = Crypt
::PBKDF2
->new
5842 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256),
5843 iterations
=> $iterations,
5844 output_len
=> $out_len
5847 $hash_buf = encode_base64
($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
5848 $hash_buf =~ s/[\r\n]//g;
5850 my $base64_salt_buf = encode_base64
($salt_buf);
5852 chomp ($base64_salt_buf);
5854 $tmp_hash = sprintf ("sha256:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
5856 elsif ($mode == 11000)
5858 $hash_buf = md5_hex
($salt_buf . $word_buf);
5860 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
5862 elsif ($mode == 11100)
5864 my $user = "postgres";
5866 if (defined $additional_param)
5868 $user = $additional_param;
5871 $hash_buf = md5_hex
(md5_hex
($word_buf . $user) . pack ("H*", $salt_buf));
5873 $tmp_hash = sprintf ("\$postgres\$%s*%s*%s", $user, $salt_buf, $hash_buf);
5875 elsif ($mode == 11200)
5877 my $sha1_pass = sha1
($word_buf);
5878 my $double_sha1 = sha1
($sha1_pass);
5880 my $xor_part1 = $sha1_pass;
5881 my $xor_part2 = sha1
(pack ("H*", $salt_buf) . $double_sha1);
5885 for (my $i = 0; $i < 20; $i++)
5887 my $first_byte = substr ($xor_part1, $i, 1);
5888 my $second_byte = substr ($xor_part2, $i, 1);
5890 my $xor_result = $first_byte ^ $second_byte;
5892 $hash_buf .= unpack ("H*", $xor_result);
5895 $tmp_hash = sprintf ("\$mysqlna\$%s*%s", $salt_buf, $hash_buf);
5897 elsif ($mode == 11300)
5899 my $ckey_buf = get_random_string
(96);
5901 if (length ($additional_param))
5903 $ckey_buf = $additional_param;
5906 my $public_key_buf = get_random_string
(66);
5908 if (length ($additional_param2))
5910 $public_key_buf = $additional_param2;
5913 my $salt_iter = get_random_num
(150000, 250000);
5917 $salt_iter = int ($iter);
5920 my $hash_buf = sha512
($word_buf . pack ("H*", $salt_buf));
5922 for (my $i = 1; $i < $salt_iter; $i++)
5924 $hash_buf = sha512
($hash_buf);
5927 my $data = get_random_string
(32);
5929 my $aes = Crypt
::CBC
->new({
5930 key
=> substr ($hash_buf, 0, 32),
5931 cipher
=> "Crypt::Rijndael",
5932 iv
=> substr ($hash_buf, 32, 16),
5936 padding
=> "standard",
5939 my $cry_master_buf = (unpack ("H*", $aes->encrypt ($data)));
5941 $tmp_hash = sprintf ('$bitcoin$%d$%s$%d$%s$%d$%d$%s$%d$%s',
5942 length ($cry_master_buf),
5949 length ($public_key_buf),
5952 elsif ($mode == 11400)
5954 my ($directive, $URI_server, $URI_client, $user, $realm, $nonce, $nonce_count, $nonce_client, $qop, $method, $URI, $URI_prefix, $URI_resource, $URI_suffix);
5956 $directive = "MD5"; # only directive currently supported
5958 if (defined ($additional_param))
5960 $user = $additional_param;
5961 $realm = $additional_param2;
5963 $nonce_count = $additional_param3;
5964 $nonce_client = $additional_param4;
5965 $qop = $additional_param5;
5966 $method = $additional_param6;
5968 $URI_prefix = $additional_param7;
5969 $URI_resource = $additional_param8;
5970 $URI_suffix = $additional_param9;
5972 # not needed information
5974 $URI_server = $additional_param10;
5975 $URI_client = $additional_param11;
5979 $user = get_random_string
(get_random_num
(0, 12 + 1));
5981 # special limit: (user_len + 1 + realm_len + 1 + word_buf_len) < 56
5982 my $realm_max_len = 55 - length ($user) - 1 - length ($word_buf) - 1;
5984 if ($realm_max_len < 1) # should never happen
5989 $realm_max_len = min
(20, $realm_max_len);
5991 $realm = get_random_string
(get_random_num
(0, $realm_max_len + 1));
5995 if (get_random_num
(0, 1 + 1) == 1)
5999 $nonce_count = get_random_string
(get_random_num
(0, 10 + 1));
6000 $nonce_client = get_random_string
(get_random_num
(0, 12 + 1));
6010 $method = get_random_string
(get_random_num
(0, 24 + 1));
6012 $URI_prefix = get_random_string
(get_random_num
(0, 10 + 1));
6013 $URI_resource = get_random_string
(get_random_num
(1, 32 + 1));
6014 $URI_suffix = get_random_string
(get_random_num
(0, 32 + 1));
6016 # not needed information
6018 $URI_server = get_random_string
(get_random_num
(0, 32 + 1));
6019 $URI_client = $URI_resource; # simplification
6026 if (length ($URI_prefix) > 0)
6028 $URI = $URI_prefix . ":";
6031 $URI .= $URI_resource;
6033 if (length ($URI_suffix) > 0)
6035 $URI .= ":" . $URI_suffix;
6038 my $HA2 = md5_hex
($method . ":" . $URI);
6040 my $HA1 = md5_hex
($user . ":" . $realm . ":" . $word_buf);
6044 if (($qop eq "auth") || ($qop eq "auth-int"))
6046 $tmp_buf = $nonce . ":" . $nonce_count . ":" . $nonce_client . ":" . $qop;
6053 my $hash_buf = md5_hex
($HA1 . ":" . $tmp_buf . ":" . $HA2);
6055 $tmp_hash = sprintf ("\$sip\$*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s", $URI_server, $URI_resource, $user, $realm, $method, $URI_prefix, $URI_resource, $URI_suffix, $nonce, $nonce_client, $nonce_count, $qop, $directive, $hash_buf);
6057 elsif ($mode == 11500)
6059 $hash_buf = crc32
($word_buf);
6061 $tmp_hash = sprintf ("%08x:00000000", $hash_buf);
6063 elsif ($mode == 11600)
6065 my ($p, $num_cycle_power, $seven_zip_salt_len, $seven_zip_salt_buf, $salt_len, $data_len, $unpack_size, $data_buf);
6069 my $validation_only = 0;
6071 $validation_only = 1 if (defined ($additional_param));
6073 if ($validation_only == 1)
6075 $num_cycle_power = int ($iter);
6076 $seven_zip_salt_len = $additional_param;
6077 $seven_zip_salt_buf = $additional_param2;
6078 $salt_len = $additional_param3;
6079 # $salt_buf set in parser
6080 # $hash_buf (resulting crc)
6081 $data_len = $additional_param4;
6082 $unpack_size = $additional_param5;
6083 $data_buf = $additional_param6;
6087 $num_cycle_power = 14; # by default it is 19
6088 $seven_zip_salt_len = 0;
6089 $seven_zip_salt_buf = "";
6090 $salt_len = length ($salt_buf);
6091 # $salt_buf set automatically
6092 # $hash_buf (resulting crc)
6093 # $data_len will be set when encrypting
6094 $unpack_size = get_random_num
(1, 32 + 1);
6095 $data_buf = get_random_string
($unpack_size);
6099 # 2 ^ NumCyclesPower "iterations" of SHA256 (only one final SHA256)
6102 $word_buf = encode
("UTF-16LE", $word_buf);
6104 my $rounds = 1 << $num_cycle_power;
6108 for (my $i = 0; $i < $rounds; $i++)
6112 $num_buf .= pack ("V", $i);
6113 $num_buf .= "\x00" x
4;
6115 # this would be better but only works on 64-bit systems:
6116 # $num_buf = pack ("q", $i);
6118 $pass_buf .= sprintf ("%s%s", $word_buf, $num_buf);
6121 my $key = sha256
($pass_buf);
6123 # the salt_buf is our IV for AES CBC
6126 my $salt_buf_len = length ($salt_buf);
6127 my $salt_padding_len = 0;
6129 if ($salt_buf_len < 16)
6131 $salt_padding_len = 16 - $salt_buf_len;
6134 $salt_buf .= "\x00" x
$salt_padding_len;
6136 my $aes = Crypt
::CBC
->new({
6137 cipher
=> "Crypt::Rijndael",
6145 if ($validation_only == 1)
6149 my $decrypted_data = $aes->decrypt ($data_buf);
6151 $decrypted_data = substr ($decrypted_data, 0, $unpack_size);
6153 $hash_buf = crc32
($decrypted_data);
6159 $hash_buf = crc32
($data_buf);
6161 $data_buf = $aes->encrypt ($data_buf);
6163 $data_len = length ($data_buf);
6166 $tmp_hash = sprintf ("\$7z\$%i\$%i\$%i\$%s\$%i\$%08s\$%u\$%u\$%u\$%s", $p, $num_cycle_power, $seven_zip_salt_len, $seven_zip_salt_buf, $salt_len, unpack ("H*", $salt_buf), $hash_buf, $data_len, $unpack_size, unpack ("H*", $data_buf));
6168 elsif ($mode == 11900)
6170 my $iterations = 1000;
6174 $iterations = int ($iter);
6179 if (defined $additional_param)
6181 $out_len = $additional_param;
6185 # call PHP here - WTF
6188 # sanitize $word_buf and $salt_buf:
6190 my $word_buf_base64 = encode_base64
($word_buf);
6191 $word_buf_base64 =~ s/[\r\n]//g;
6193 my $salt_buf_base64 = encode_base64
($salt_buf);
6194 $salt_buf_base64 =~ s/[\r\n]//g;
6198 $out_len = int ($out_len);
6200 # output is in hex encoding, otherwise it could be screwed (but shouldn't)
6202 my $php_code = <<'END_CODE';
6204 function pbkdf2 ($algorithm, $password, $salt, $count, $key_length, $raw_output = false)
6206 $algorithm = strtolower ($algorithm);
6208 if(! in_array ($algorithm, hash_algos (), true))
6210 trigger_error ("PBKDF2 ERROR: Invalid hash algorithm.", E_USER_ERROR);
6213 if ($count <= 0 || $key_length <= 0)
6215 trigger_error ("PBKDF2 ERROR: Invalid parameters.", E_USER_ERROR);
6218 if (function_exists ("hash_pbkdf2"))
6222 $key_length = $key_length * 2;
6225 return hash_pbkdf2 ($algorithm, $password, $salt, $count, $key_length, $raw_output);
6228 $hash_length = strlen (hash ($algorithm, "", true));
6229 $block_count = ceil ($key_length / $hash_length);
6233 for ($i = 1; $i <= $block_count; $i++)
6235 $last = $salt . pack ("N", $i);
6237 $last = $xorsum = hash_hmac ($algorithm, $last, $password, true);
6239 for ($j = 1; $j < $count; $j++)
6241 $xorsum ^= ($last = hash_hmac ($algorithm, $last, $password, true));
6249 return substr ($output, 0, $key_length);
6253 return bin2hex (substr ($output, 0, $key_length));
6257 print pbkdf2 ("md5", base64_decode ("$word_buf_base64"), base64_decode ("$salt_buf_base64"), $iterations, $out_len, False);
6261 # replace with these command line arguments
6263 $php_code =~ s/\$word_buf_base64/$word_buf_base64/;
6264 $php_code =~ s/\$salt_buf_base64/$salt_buf_base64/;
6265 $php_code =~ s/\$iterations/$iterations/;
6266 $php_code =~ s/\$out_len/$out_len/;
6268 my $php_output = `php -r '$php_code'`;
6270 $hash_buf = pack ("H*", $php_output);
6272 $hash_buf = encode_base64 ($hash_buf);
6273 $hash_buf =~ s/[\r\n]//g;
6275 my $base64_salt_buf = encode_base64 ($salt_buf);
6277 chomp ($base64_salt_buf);
6279 $tmp_hash = sprintf ("md5:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6281 elsif ($mode == 12000)
6283 my $iterations = 1000;
6287 $iterations = int ($iter);
6292 if (defined $additional_param)
6294 $out_len = $additional_param;
6297 my $pbkdf2 = Crypt::PBKDF2->new
6299 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1'),
6300 iterations => $iterations,
6301 output_len => $out_len
6304 $hash_buf = encode_base64 ($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
6305 $hash_buf =~ s/[\r\n]//g;
6307 my $base64_salt_buf = encode_base64 ($salt_buf);
6309 chomp ($base64_salt_buf);
6311 $tmp_hash = sprintf ("sha1:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6313 elsif ($mode == 12100)
6315 my $iterations = 1000;
6319 $iterations = int ($iter);
6324 if (defined $additional_param)
6326 $out_len = $additional_param;
6329 my $pbkdf2 = Crypt::PBKDF2->new
6331 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 512),
6332 iterations => $iterations,
6333 output_len => $out_len
6336 $hash_buf = encode_base64 ($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
6337 $hash_buf =~ s/[\r\n]//g;
6339 my $base64_salt_buf = encode_base64 ($salt_buf);
6341 chomp ($base64_salt_buf);
6343 $tmp_hash = sprintf ("sha512:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6345 elsif ($mode == 12200)
6347 my $iterations = 65536;
6349 my $default_salt = 0;
6351 if (defined $additional_param)
6353 $default_salt = int ($additional_param);
6356 if ($default_salt == 1)
6358 $salt_buf = "0011223344556677";
6361 $hash_buf = sha512 (pack ("H*", $salt_buf) . $word_buf);
6363 for (my $i = 0; $i < $iterations; $i++)
6365 $hash_buf = sha512 ($hash_buf);
6368 $hash_buf = unpack ("H*", $hash_buf);
6369 $hash_buf = substr ($hash_buf, 0, 16);
6371 if ($default_salt == 0)
6373 $tmp_hash = sprintf ("\$ecryptfs\$0\$1\$%s\$%s", $salt_buf, $hash_buf);
6377 $tmp_hash = sprintf ("\$ecryptfs\$0\$%s", $hash_buf);
6380 elsif ($mode == 12300)
6382 my $iterations = 4096;
6384 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 512);
6386 my $pbkdf2 = Crypt::PBKDF2->new (
6388 iterations => $iterations,
6392 my $salt_bin = pack ("H*", $salt_buf);
6394 my $key = $pbkdf2->PBKDF2 ($salt_bin. "AUTH_PBKDF2_SPEEDY_KEY", $word_buf);
6396 $hash_buf = sha512_hex ($key . $salt_bin);
6398 $tmp_hash = sprintf ("%s%s", uc ($hash_buf), uc ($salt_buf));
6400 elsif ($mode == 12400)
6406 $iterations = int ($iter);
6410 $iterations = get_random_num (1, 5001 + 1);
6413 my $key_value = fold_password ($word_buf);
6415 my $data = "\x00\x00\x00\x00\x00\x00\x00\x00";
6416 my $salt_value = base64_to_int24 ($salt_buf);
6418 $hash_buf = crypt_rounds ($key_value, $iterations, $salt_value, $data);
6420 $tmp_hash = sprintf ("_%s%s%s", int24_to_base64 ($iterations), $salt_buf, block_to_base64 ($hash_buf));
6422 elsif ($mode == 12600)
6424 $hash_buf = sha1_hex ($word_buf);
6426 $hash_buf = sha256_hex ($salt_buf . uc $hash_buf);
6428 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
6430 elsif ($mode == 12700)
6432 my $iterations = 10;
6435 "guid" : "00000000-0000-0000-0000-000000000000",
6436 "sharedKey" : "00000000-0000-0000-0000-000000000000",
6437 "options" : {"pbkdf2_iterations":10,"fee_policy":0,"html5_notifications":false,"logout_time":600000,"tx_display":0,"always_keep_local_backup":false}|;
6439 my $salt_buf_bin = pack ("H*", $salt_buf);
6441 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1');
6443 my $pbkdf2 = Crypt::PBKDF2->new (
6445 iterations => $iterations,
6449 my $key = $pbkdf2->PBKDF2 ($salt_buf_bin, $word_buf);
6451 my $cipher = Crypt::CBC->new({
6453 cipher => "Crypt::Rijndael",
6454 iv => $salt_buf_bin,
6460 my $encrypted = unpack ("H*", $cipher->encrypt ($data));
6462 $tmp_hash = sprintf ("\$blockchain\$%s\$%s", length ($salt_buf . $encrypted) / 2, $salt_buf . $encrypted);
6464 elsif ($mode == 12800)
6466 my $iterations = 100;
6470 $iterations = int ($iter);
6473 my $nt = md4_hex (encode ("UTF-16LE", $word_buf));
6475 my $pbkdf2 = Crypt::PBKDF2->new
6477 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
6478 iterations => $iterations,
6482 my $salt_buf_bin = pack ("H*", $salt_buf);
6484 my $hash = $pbkdf2->PBKDF2 ($salt_buf_bin, uc (encode ("UTF-16LE", $nt)));
6486 $tmp_hash = sprintf ("v1;PPH1_MD4,%s,%d,%s", $salt_buf, $iterations, unpack ("H*", $hash));
6488 elsif ($mode == 12900)
6490 my $iterations = 4096;
6494 $iterations = int ($iter);
6497 my $salt2 = $salt_buf . $salt_buf;
6499 if (defined $additional_param)
6501 $salt2 = $additional_param;
6504 my $pbkdf2 = Crypt::PBKDF2->new
6506 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
6507 iterations => $iterations,
6511 my $salt_buf_bin = pack ("H*", $salt_buf);
6513 my $hash = $pbkdf2->PBKDF2 ($salt_buf_bin, $word_buf);
6515 my $salt2_bin = pack ("H*", $salt2);
6517 my $hash_hmac = hmac_hex ($salt2_bin, $hash, \&sha256, 64);
6519 $tmp_hash = sprintf ("%s%s%s", $salt2, $hash_hmac, $salt_buf);
6529 my $word_len = shift;
6531 my $salt_len = shift;
6535 $max = 15 if ($mode == 2410);
6537 if ($is_unicode{$mode})
6539 if (! $allow_long_salt{$mode})
6541 $word_len = min ($word_len, int ($max / 2) - $salt_len);
6545 $word_len = min ($word_len, int ($max / 2));
6548 elsif ($less_fifteen{$mode})
6550 $word_len = min ($word_len, 15);
6554 $salt_len = min ($salt_len, 15 - $word_len);
6559 if (! $allow_long_salt{$mode})
6561 $word_len = min ($word_len, $max - $salt_len);
6580 for (my $i = 0; $i < $salt_len; $i++)
6582 my $c = get_random_chr (0x30, 0x39);
6584 push (@salt_arr, $c);
6587 $salt_buf = join ("", @salt_arr);
6589 $salt_buf = get_random_md5chap_salt ($salt_buf);
6591 elsif ($mode == 5300 || $mode == 5400)
6593 $salt_buf = get_random_ike_salt ();
6595 elsif ($mode == 5500)
6597 $salt_buf = get_random_netntlmv1_salt ($salt_len, $salt_len);
6599 elsif ($mode == 5600)
6601 $salt_buf = get_random_netntlmv2_salt ($salt_len, $salt_len);
6603 elsif ($mode == 6600)
6605 $salt_buf = get_random_agilekeychain_salt ();
6607 elsif ($mode == 8200)
6609 $salt_buf = get_random_cloudkeychain_salt ();
6611 elsif ($mode == 8300)
6613 $salt_buf = get_random_dnssec_salt ();
6619 for (my $i = 0; $i < $salt_len; $i++)
6621 my $c = get_random_chr (0x30, 0x39);
6623 push (@salt_arr, $c);
6626 $salt_buf = join ("", @salt_arr);
6630 $salt_buf = get_random_kerberos5_salt ($salt_buf);
6640 for (my $i = 0; $i < $word_len; $i++)
6642 my $c = get_random_chr (0x30, 0x39);
6644 push (@word_arr, $c);
6647 my $word_buf = join ("", @word_arr);
6653 my $tmp_hash = gen_hash ($mode, $word_buf, $salt_buf);
6666 print sprintf ("echo -n %-20s | %s \${OPTS} %s %4d '%s'\n", $word_buf, @cmd);
6678 sub get_random_string
6684 for (my $i = 0; $i < $len; $i++)
6686 my $c = get_random_chr (0x30, 0x39);
6691 my $buf = join ("", @arr);
6701 return int ((rand ($max - $min)) + $min);
6706 return chr get_random_num (@_);
6715 for (my $i = 0; $i < length ($str); $i += 4)
6717 my $num = domino_base64_decode (substr ($str, $i, 4), 4);
6719 $decoded .= chr (($num >> 16) & 0xff) . chr (($num >> 8) & 0xff) . chr ($num & 0xff);
6726 $salt = substr ($decoded, 0, 5);
6728 my $byte10 = (ord (substr ($salt, 3, 1)) - 4);
6732 $byte10 = 256 + $byte10;
6735 substr ($salt, 3, 1) = chr ($byte10);
6737 $digest = substr ($decoded, 5, 9);
6738 $char = substr ($str, 18, 1);
6740 return ($digest, $salt, $char);
6743 sub domino_85x_decode
6749 for (my $i = 0; $i < length ($str); $i += 4)
6751 my $num = domino_base64_decode (substr ($str, $i, 4), 4);
6753 $decoded .= chr (($num >> 16) & 0xff) . chr (($num >> 8) & 0xff) . chr ($num & 0xff);
6758 my $iterations = -1;
6761 $salt = substr ($decoded, 0, 16); # longer than -m 8700 (5 vs 16 <- new)
6763 my $byte10 = (ord (substr ($salt, 3, 1)) - 4);
6767 $byte10 = 256 + $byte10;
6770 substr ($salt, 3, 1) = chr ($byte10);
6772 $iterations = substr ($decoded, 16, 10);
6774 if ($iterations =~ /^?d*$/)
6778 $iterations = $iterations + 0; # hack: make sure it is an int now (atoi ())
6779 $chars = substr ($decoded, 26, 2); # in my example it is "02"
6780 $digest = substr ($decoded, 28, 8); # only of length of 8 vs 20 SHA1 bytes
6783 return ($digest, $salt, $iterations, $chars);
6786 sub domino_base64_decode
6791 my $itoa64 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
6799 my $idx = (index ($itoa64, substr ($v, $n - $i, 1))) & 0x3f;
6801 $ret += ($idx << (6 * ($i - 1)));
6814 my $byte10 = (ord (substr ($final, 3, 1)) + 4);
6818 $byte10 = $byte10 - 256;
6821 substr ($final, 3, 1) = chr ($byte10);
6825 $passwd .= domino_base64_encode ((int (ord (substr ($final, 0, 1))) << 16) | (int (ord (substr ($final, 1, 1))) << 8) | (int (ord (substr ($final, 2, 1)))), 4);
6826 $passwd .= domino_base64_encode ((int (ord (substr ($final, 3, 1))) << 16) | (int (ord (substr ($final, 4, 1))) << 8) | (int (ord (substr ($final, 5, 1)))), 4);
6827 $passwd .= domino_base64_encode ((int (ord (substr ($final, 6, 1))) << 16) | (int (ord (substr ($final, 7, 1))) << 8) | (int (ord (substr ($final, 8, 1)))), 4);
6828 $passwd .= domino_base64_encode ((int (ord (substr ($final, 9, 1))) << 16) | (int (ord (substr ($final, 10, 1))) << 8) | (int (ord (substr ($final, 11, 1)))), 4);
6829 $passwd .= domino_base64_encode ((int (ord (substr ($final, 12, 1))) << 16) | (int (ord (substr ($final, 13, 1))) << 8) | (int (ord (substr ($final, 14, 1)))), 4);
6831 if (defined ($char))
6833 substr ($passwd, 18, 1) = $char;
6835 substr ($passwd, 19, 1) = "";
6840 sub domino_85x_encode
6845 my $byte10 = (ord (substr ($final, 3, 1)) + 4);
6849 $byte10 = $byte10 - 256;
6852 substr ($final, 3, 1) = chr ($byte10);
6856 $passwd .= domino_base64_encode ((int (ord (substr ($final, 0, 1))) << 16) | (int (ord (substr ($final, 1, 1))) << 8) | (int (ord (substr ($final, 2, 1)))), 4);
6857 $passwd .= domino_base64_encode ((int (ord (substr ($final, 3, 1))) << 16) | (int (ord (substr ($final, 4, 1))) << 8) | (int (ord (substr ($final, 5, 1)))), 4);
6858 $passwd .= domino_base64_encode ((int (ord (substr ($final, 6, 1))) << 16) | (int (ord (substr ($final, 7, 1))) << 8) | (int (ord (substr ($final, 8, 1)))), 4);
6859 $passwd .= domino_base64_encode ((int (ord (substr ($final, 9, 1))) << 16) | (int (ord (substr ($final, 10, 1))) << 8) | (int (ord (substr ($final, 11, 1)))), 4);
6860 $passwd .= domino_base64_encode ((int (ord (substr ($final, 12, 1))) << 16) | (int (ord (substr ($final, 13, 1))) << 8) | (int (ord (substr ($final, 14, 1)))), 4);
6861 $passwd .= domino_base64_encode ((int (ord (substr ($final, 15, 1))) << 16) | (int (ord (substr ($final, 16, 1))) << 8) | (int (ord (substr ($final, 17, 1)))), 4);
6862 $passwd .= domino_base64_encode ((int (ord (substr ($final, 18, 1))) << 16) | (int (ord (substr ($final, 19, 1))) << 8) | (int (ord (substr ($final, 20, 1)))), 4);
6863 $passwd .= domino_base64_encode ((int (ord (substr ($final, 21, 1))) << 16) | (int (ord (substr ($final, 22, 1))) << 8) | (int (ord (substr ($final, 23, 1)))), 4);
6864 $passwd .= domino_base64_encode ((int (ord (substr ($final, 24, 1))) << 16) | (int (ord (substr ($final, 25, 1))) << 8) | (int (ord (substr ($final, 26, 1)))), 4);
6865 $passwd .= domino_base64_encode ((int (ord (substr ($final, 27, 1))) << 16) | (int (ord (substr ($final, 28, 1))) << 8) | (int (ord (substr ($final, 29, 1)))), 4);
6866 $passwd .= domino_base64_encode ((int (ord (substr ($final, 30, 1))) << 16) | (int (ord (substr ($final, 31, 1))) << 8) | (int (ord (substr ($final, 32, 1)))), 4);
6867 $passwd .= domino_base64_encode ((int (ord (substr ($final, 33, 1))) << 16) | (int (ord (substr ($final, 34, 1))) << 8) | (int (ord (substr ($final, 35, 1)))), 4);
6869 if (defined ($char))
6871 substr ($passwd, 18, 1) = $char;
6877 sub domino_base64_encode
6882 my $itoa64 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
6886 while (($n - 1) >= 0)
6890 $ret = substr ($itoa64, $v & 0x3f, 1) . $ret;
6900 my $itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
6905 my $v = unpack "V", substr($md5, $i*4, 4);
6907 $s64 .= substr($itoa64, $v & 0x3f, 1);
6916 my ($username, $password) = @_;
6918 $username = substr ($username . " " x 8, 0, 8);
6919 $password = substr ($password . " " x 8, 0, 8);
6921 my $username_ebc = ascii2ebcdic ($username);
6922 my $password_ebc = ascii2ebcdic ($password);
6924 my @pw = split ("", $password_ebc);
6926 for (my $i = 0; $i < 8; $i++)
6928 $pw[$i] = unpack ("C", $pw[$i]);
6931 $pw[$i] = pack ("C", $pw[$i] & 0xff);
6934 my $key = join ("", @pw);
6936 my $cipher = new Crypt::DES $key;
6938 my $ciphertext = $cipher->encrypt ($username_ebc);
6940 my $ct = unpack ("H16", $ciphertext);
6947 my ($username, $password) = @_;
6949 my $userpass = pack('n*', unpack('C*', uc($username.$password)));
6950 $userpass .= pack('C', 0) while (length($userpass) % 8);
6952 my $key = pack('H*', "0123456789ABCDEF");
6953 my $iv = pack('H*', "0000000000000000");
6955 my $c = new Crypt::CBC(
6962 my $key2 = substr($c->encrypt($userpass), length($userpass)-8, 8);
6964 my $c2 = new Crypt::CBC(
6971 my $hash = substr($c2->encrypt($userpass), length($userpass)-8, 8);
6973 return uc(unpack('H*', $hash));
6978 my $word_buf = shift;
6980 my $salt_buf = shift;
6982 my $w = sprintf ("%d%s%s", 0, $word_buf, $salt_buf);
6984 my $digest = sha1 ($w);
6986 for (my $i = 1; $i < 1024; $i++)
6988 $w = $digest . sprintf ("%d%s%s", $i, $word_buf, $salt_buf);
6990 $digest = sha1 ($w);
6993 my ($A, $B, $C, $D, $E) = unpack ("N5", $digest);
6995 return sprintf ("%08x%08x%08x%08x%08x", $A, $B, $C, $D, $E);
7003 my $itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
7007 while (($n - 1) >= 0)
7011 $ret .= substr ($itoa64, $v & 0x3f, 1);
7027 my $hash = ""; # hash to be returned by this function
7029 my $final = md5 ($pass . $salt . $pass);
7031 $salt = substr ($salt, 0, 8);
7033 my $tmp = $pass . $magic . $salt;
7035 my $pass_len = length ($pass);
7039 for ($i = $pass_len; $i > 0; $i -= 16)
7048 $tmp .= substr ($final, 0, $len);
7061 $tmp .= substr ($pass, 0, 1);
7067 $final = md5 ($tmp);
7069 for ($i = 0; $i < $iter; $i++)
7101 $final = md5 ($tmp);
7105 # now format the output sting ("hash")
7109 $hash = to64 ((ord (substr ($final, 0, 1)) << 16) | (ord (substr ($final, 6, 1)) << 8) | (ord (substr ($final, 12, 1))), 4);
7110 $hash .= to64 ((ord (substr ($final, 1, 1)) << 16) | (ord (substr ($final, 7, 1)) << 8) | (ord (substr ($final, 13, 1))), 4);
7111 $hash .= to64 ((ord (substr ($final, 2, 1)) << 16) | (ord (substr ($final, 8, 1)) << 8) | (ord (substr ($final, 14, 1))), 4);
7112 $hash .= to64 ((ord (substr ($final, 3, 1)) << 16) | (ord (substr ($final, 9, 1)) << 8) | (ord (substr ($final, 15, 1))), 4);
7113 $hash .= to64 ((ord (substr ($final, 4, 1)) << 16) | (ord (substr ($final, 10, 1)) << 8) | (ord (substr ($final, 5, 1))), 4);
7114 $hash .= to64 (ord (substr ($final, 11, 1)), 2);
7116 if ($iter == 1000) # default
7118 $hash_buf = sprintf ("%s%s\$%s", $magic , $salt , $hash);
7122 $hash_buf = sprintf ("%srounds=%i\$%s\$%s", $magic, $iter, $salt , $hash);
7134 my $hash = ""; # hash to be returned by this function
7136 my $final = sha512 ($pass . $salt . $pass);
7138 $salt = substr ($salt, 0, 16);
7140 my $tmp = $pass . $salt;
7142 my $pass_len = length ($pass);
7143 my $salt_len = length ($salt);
7147 for ($i = $pass_len; $i > 0; $i -= 16)
7156 $tmp .= substr ($final, 0, $len);
7175 $final = sha512 ($tmp);
7181 for ($i = 0; $i < $pass_len; $i++)
7186 $p_bytes = sha512 ($p_bytes);
7187 $p_bytes = substr ($p_bytes, 0, $pass_len);
7191 my $final_first_byte = ord (substr ($final, 0, 1));
7195 for ($i = 0; $i < (16 + $final_first_byte); $i++)
7200 $s_bytes = sha512 ($s_bytes);
7201 $s_bytes = substr ($s_bytes, 0, $salt_len);
7203 for ($i = 0; $i < $iter; $i++)
7235 $final = sha512 ($tmp);
7239 # now format the output string ("hash")
7243 $hash .= to64 ((ord (substr ($final, 0, 1)) << 16) | (ord (substr ($final, 21, 1)) << 8) | (ord (substr ($final, 42, 1))), 4);
7244 $hash .= to64 ((ord (substr ($final, 22, 1)) << 16) | (ord (substr ($final, 43, 1)) << 8) | (ord (substr ($final, 1, 1))), 4);
7245 $hash .= to64 ((ord (substr ($final, 44, 1)) << 16) | (ord (substr ($final, 2, 1)) << 8) | (ord (substr ($final, 23, 1))), 4);
7246 $hash .= to64 ((ord (substr ($final, 3, 1)) << 16) | (ord (substr ($final, 24, 1)) << 8) | (ord (substr ($final, 45, 1))), 4);
7247 $hash .= to64 ((ord (substr ($final, 25, 1)) << 16) | (ord (substr ($final, 46, 1)) << 8) | (ord (substr ($final, 4, 1))), 4);
7248 $hash .= to64 ((ord (substr ($final, 47, 1)) << 16) | (ord (substr ($final, 5, 1)) << 8) | (ord (substr ($final, 26, 1))), 4);
7249 $hash .= to64 ((ord (substr ($final, 6, 1)) << 16) | (ord (substr ($final, 27, 1)) << 8) | (ord (substr ($final, 48, 1))), 4);
7250 $hash .= to64 ((ord (substr ($final, 28, 1)) << 16) | (ord (substr ($final, 49, 1)) << 8) | (ord (substr ($final, 7, 1))), 4);
7251 $hash .= to64 ((ord (substr ($final, 50, 1)) << 16) | (ord (substr ($final, 8, 1)) << 8) | (ord (substr ($final, 29, 1))), 4);
7252 $hash .= to64 ((ord (substr ($final, 9, 1)) << 16) | (ord (substr ($final, 30, 1)) << 8) | (ord (substr ($final, 51, 1))), 4);
7253 $hash .= to64 ((ord (substr ($final, 31, 1)) << 16) | (ord (substr ($final, 52, 1)) << 8) | (ord (substr ($final, 10, 1))), 4);
7254 $hash .= to64 ((ord (substr ($final, 53, 1)) << 16) | (ord (substr ($final, 11, 1)) << 8) | (ord (substr ($final, 32, 1))), 4);
7255 $hash .= to64 ((ord (substr ($final, 12, 1)) << 16) | (ord (substr ($final, 33, 1)) << 8) | (ord (substr ($final, 54, 1))), 4);
7256 $hash .= to64 ((ord (substr ($final, 34, 1)) << 16) | (ord (substr ($final, 55, 1)) << 8) | (ord (substr ($final, 13, 1))), 4);
7257 $hash .= to64 ((ord (substr ($final, 56, 1)) << 16) | (ord (substr ($final, 14, 1)) << 8) | (ord (substr ($final, 35, 1))), 4);
7258 $hash .= to64 ((ord (substr ($final, 15, 1)) << 16) | (ord (substr ($final, 36, 1)) << 8) | (ord (substr ($final, 57, 1))), 4);
7259 $hash .= to64 ((ord (substr ($final, 37, 1)) << 16) | (ord (substr ($final, 58, 1)) << 8) | (ord (substr ($final, 16, 1))), 4);
7260 $hash .= to64 ((ord (substr ($final, 59, 1)) << 16) | (ord (substr ($final, 17, 1)) << 8) | (ord (substr ($final, 38, 1))), 4);
7261 $hash .= to64 ((ord (substr ($final, 18, 1)) << 16) | (ord (substr ($final, 39, 1)) << 8) | (ord (substr ($final, 60, 1))), 4);
7262 $hash .= to64 ((ord (substr ($final, 40, 1)) << 16) | (ord (substr ($final, 61, 1)) << 8) | (ord (substr ($final, 19, 1))), 4);
7263 $hash .= to64 ((ord (substr ($final, 62, 1)) << 16) | (ord (substr ($final, 20, 1)) << 8) | (ord (substr ($final, 41, 1))), 4);
7264 $hash .= to64 (ord (substr ($final, 63, 1)), 2);
7268 if ($iter == 5000) # default
7270 $hash_buf = sprintf ("%s%s\$%s", $magic, $salt , $hash);
7274 $hash_buf = sprintf ("%srounds=%i\$%s\$%s", $magic, $iter, $salt , $hash);
7286 my $hash = ""; # hash to be returned by this function
7288 my $final = sha256 ($pass . $salt . $pass);
7290 $salt = substr ($salt, 0, 16);
7292 my $tmp = $pass . $salt;
7294 my $pass_len = length ($pass);
7295 my $salt_len = length ($salt);
7299 for ($i = $pass_len; $i > 0; $i -= 16)
7308 $tmp .= substr ($final, 0, $len);
7327 $final = sha256 ($tmp);
7333 for ($i = 0; $i < $pass_len; $i++)
7338 $p_bytes = sha256 ($p_bytes);
7339 $p_bytes = substr ($p_bytes, 0, $pass_len);
7343 my $final_first_byte = ord (substr ($final, 0, 1));
7347 for ($i = 0; $i < (16 + $final_first_byte); $i++)
7352 $s_bytes = sha256 ($s_bytes);
7353 $s_bytes = substr ($s_bytes, 0, $salt_len);
7355 for ($i = 0; $i < $iter; $i++)
7387 $final = sha256 ($tmp);
7391 # now format the output string ("hash")
7395 $hash .= to64 ((ord (substr ($final, 0, 1)) << 16) | (ord (substr ($final, 10, 1)) << 8) | (ord (substr ($final, 20, 1))), 4);
7396 $hash .= to64 ((ord (substr ($final, 21, 1)) << 16) | (ord (substr ($final, 1, 1)) << 8) | (ord (substr ($final, 11, 1))), 4);
7397 $hash .= to64 ((ord (substr ($final, 12, 1)) << 16) | (ord (substr ($final, 22, 1)) << 8) | (ord (substr ($final, 2, 1))), 4);
7398 $hash .= to64 ((ord (substr ($final, 3, 1)) << 16) | (ord (substr ($final, 13, 1)) << 8) | (ord (substr ($final, 23, 1))), 4);
7399 $hash .= to64 ((ord (substr ($final, 24, 1)) << 16) | (ord (substr ($final, 4, 1)) << 8) | (ord (substr ($final, 14, 1))), 4);
7400 $hash .= to64 ((ord (substr ($final, 15, 1)) << 16) | (ord (substr ($final, 25, 1)) << 8) | (ord (substr ($final, 5, 1))), 4);
7401 $hash .= to64 ((ord (substr ($final, 6, 1)) << 16) | (ord (substr ($final, 16, 1)) << 8) | (ord (substr ($final, 26, 1))), 4);
7402 $hash .= to64 ((ord (substr ($final, 27, 1)) << 16) | (ord (substr ($final, 7, 1)) << 8) | (ord (substr ($final, 17, 1))), 4);
7403 $hash .= to64 ((ord (substr ($final, 18, 1)) << 16) | (ord (substr ($final, 28, 1)) << 8) | (ord (substr ($final, 8, 1))), 4);
7404 $hash .= to64 ((ord (substr ($final, 9, 1)) << 16) | (ord (substr ($final, 19, 1)) << 8) | (ord (substr ($final, 29, 1))), 4);
7405 $hash .= to64 ((ord (substr ($final, 31, 1)) << 8) | (ord (substr ($final, 30, 1))), 3);
7409 if ($iter == 5000) # default
7411 $hash_buf = sprintf ("%s%s\$%s", $magic, $salt , $hash);
7415 $hash_buf = sprintf ("%srounds=%i\$%s\$%s", $magic, $iter, $salt , $hash);
7421 sub aix_ssha256_pbkdf2
7423 my $word_buf = shift;
7424 my $salt_buf = shift;
7425 my $iterations = shift;
7427 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256);
7429 my $pbkdf2 = Crypt::PBKDF2->new (
7431 iterations => $iterations,
7435 my $hash_buf = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
7439 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 1, 1))) << 8) | (int (ord (substr ($hash_buf, 2, 1)))), 4);
7440 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 4, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
7441 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 6, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 8, 1)))), 4);
7442 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 9, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 11, 1)))), 4);
7443 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 12, 1))) << 16) | (int (ord (substr ($hash_buf, 13, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
7444 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 15, 1))) << 16) | (int (ord (substr ($hash_buf, 16, 1))) << 8) | (int (ord (substr ($hash_buf, 17, 1)))), 4);
7445 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 18, 1))) << 16) | (int (ord (substr ($hash_buf, 19, 1))) << 8) | (int (ord (substr ($hash_buf, 20, 1)))), 4);
7446 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 21, 1))) << 16) | (int (ord (substr ($hash_buf, 22, 1))) << 8) | (int (ord (substr ($hash_buf, 23, 1)))), 4);
7447 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 24, 1))) << 16) | (int (ord (substr ($hash_buf, 25, 1))) << 8) | (int (ord (substr ($hash_buf, 26, 1)))), 4);
7448 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 27, 1))) << 16) | (int (ord (substr ($hash_buf, 28, 1))) << 8) | (int (ord (substr ($hash_buf, 29, 1)))), 4);
7449 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 30, 1))) << 16) | (int (ord (substr ($hash_buf, 31, 1))) << 8) , 3);
7454 sub aix_ssha512_pbkdf2
7456 my $word_buf = shift;
7457 my $salt_buf = shift;
7458 my $iterations = shift;
7460 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 512);
7462 my $pbkdf2 = Crypt::PBKDF2->new (
7464 iterations => $iterations,
7467 my $hash_buf = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
7471 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 1, 1))) << 8) | (int (ord (substr ($hash_buf, 2, 1)))), 4);
7472 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 4, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
7473 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 6, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 8, 1)))), 4);
7474 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 9, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 11, 1)))), 4);
7475 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 12, 1))) << 16) | (int (ord (substr ($hash_buf, 13, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
7476 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 15, 1))) << 16) | (int (ord (substr ($hash_buf, 16, 1))) << 8) | (int (ord (substr ($hash_buf, 17, 1)))), 4);
7477 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 18, 1))) << 16) | (int (ord (substr ($hash_buf, 19, 1))) << 8) | (int (ord (substr ($hash_buf, 20, 1)))), 4);
7478 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 21, 1))) << 16) | (int (ord (substr ($hash_buf, 22, 1))) << 8) | (int (ord (substr ($hash_buf, 23, 1)))), 4);
7479 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 24, 1))) << 16) | (int (ord (substr ($hash_buf, 25, 1))) << 8) | (int (ord (substr ($hash_buf, 26, 1)))), 4);
7480 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 27, 1))) << 16) | (int (ord (substr ($hash_buf, 28, 1))) << 8) | (int (ord (substr ($hash_buf, 29, 1)))), 4);
7481 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 30, 1))) << 16) | (int (ord (substr ($hash_buf, 31, 1))) << 8) | (int (ord (substr ($hash_buf, 32, 1)))), 4);
7482 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 33, 1))) << 16) | (int (ord (substr ($hash_buf, 34, 1))) << 8) | (int (ord (substr ($hash_buf, 35, 1)))), 4);
7483 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 36, 1))) << 16) | (int (ord (substr ($hash_buf, 37, 1))) << 8) | (int (ord (substr ($hash_buf, 38, 1)))), 4);
7484 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 39, 1))) << 16) | (int (ord (substr ($hash_buf, 40, 1))) << 8) | (int (ord (substr ($hash_buf, 41, 1)))), 4);
7485 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 42, 1))) << 16) | (int (ord (substr ($hash_buf, 43, 1))) << 8) | (int (ord (substr ($hash_buf, 44, 1)))), 4);
7486 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 45, 1))) << 16) | (int (ord (substr ($hash_buf, 46, 1))) << 8) | (int (ord (substr ($hash_buf, 47, 1)))), 4);
7487 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 48, 1))) << 16) | (int (ord (substr ($hash_buf, 49, 1))) << 8) | (int (ord (substr ($hash_buf, 50, 1)))), 4);
7488 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 51, 1))) << 16) | (int (ord (substr ($hash_buf, 52, 1))) << 8) | (int (ord (substr ($hash_buf, 53, 1)))), 4);
7489 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 54, 1))) << 16) | (int (ord (substr ($hash_buf, 55, 1))) << 8) | (int (ord (substr ($hash_buf, 56, 1)))), 4);
7490 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 57, 1))) << 16) | (int (ord (substr ($hash_buf, 58, 1))) << 8) | (int (ord (substr ($hash_buf, 59, 1)))), 4);
7491 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 60, 1))) << 16) | (int (ord (substr ($hash_buf, 61, 1))) << 8) | (int (ord (substr ($hash_buf, 62, 1)))), 4);
7492 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 63, 1))) << 16) , 2);
7497 sub aix_ssha1_pbkdf2
7499 my $word_buf = shift;
7500 my $salt_buf = shift;
7501 my $iterations = shift;
7503 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1');
7505 my $pbkdf2 = Crypt::PBKDF2->new (
7507 iterations => $iterations,
7510 my $hash_buf = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
7514 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 1, 1))) << 8) | (int (ord (substr ($hash_buf, 2, 1)))), 4);
7515 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 4, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
7516 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 6, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 8, 1)))), 4);
7517 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 9, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 11, 1)))), 4);
7518 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 12, 1))) << 16) | (int (ord (substr ($hash_buf, 13, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
7519 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 15, 1))) << 16) | (int (ord (substr ($hash_buf, 16, 1))) << 8) | (int (ord (substr ($hash_buf, 17, 1)))), 4);
7520 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 18, 1))) << 16) | (int (ord (substr ($hash_buf, 19, 1))) << 8) , 3);
7529 my @data = split "", $data_s;
7532 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
7533 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
7534 "\x3f\x40\x41\x50\x43\x44\x45\x4b\x47\x48\x4d\x4e\x54\x51\x53\x46" .
7535 "\x35\x36\x37\x38\x39\x3a\x3b\x3c\x3d\x3e\x56\x55\x5c\x49\x5d\x4a" .
7536 "\x42\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" .
7537 "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x58\x5b\x59\xff\x52" .
7538 "\x4c\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" .
7539 "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x57\x5e\x5a\x4f\xff" .
7540 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
7541 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
7542 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
7543 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
7544 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
7545 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
7546 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
7547 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff";
7549 my @transTable = unpack ("C256", $transTable_s);
7553 for (my $i = 0; $i < scalar @data; $i++)
7555 $out[$i] = $transTable[int (ord ($data[$i]))];
7558 return pack ("C*", @out);
7563 my $digest_s = shift;
7568 my @w = unpack "C*", $w_s;
7569 my @s = unpack "C*", $s_s;
7572 "\x14\x77\xf3\xd4\xbb\x71\x23\xd0\x03\xff\x47\x93\x55\xaa\x66\x91" .
7573 "\xf2\x88\x6b\x99\xbf\xcb\x32\x1a\x19\xd9\xa7\x82\x22\x49\xa2\x51" .
7574 "\xe2\xb7\x33\x71\x8b\x9f\x5d\x01\x44\x70\xae\x11\xef\x28\xf0\x0d";
7576 my @bcodeTable = unpack ("C48", $bcodeTable_s);
7578 my @abcd = unpack ("C16", $digest_s);
7580 my $sum20 = ($abcd[0] & 3)
7590 for (my $i2 = 0; $i2 < $sum20; $i2++)
7595 for (my $i1 = 0, my $i2 = 0, my $i3 = 0; $i2 < $sum20; $i2++, $i2++)
7597 if ($i1 < length $w_s)
7599 if ($abcd[15 - $i1] & 1)
7601 $out[$i2] = $bcodeTable[48 - 1 - $i1];
7606 $out[$i2] = $w[$i1];
7612 if ($i3 < length $s_s)
7614 $out[$i2] = $s[$i3];
7620 $out[$i2] = $bcodeTable[$i2 - $i1 - $i3];
7623 return substr (pack ("C*", @out), 0, $sum20);
7628 my @key_56 = split (//, shift);
7634 $key .= chr(((ord($key_56[0]) << 7) | (ord($key_56[1]) >> 1)) & 255);
7635 $key .= chr(((ord($key_56[1]) << 6) | (ord($key_56[2]) >> 2)) & 255);
7636 $key .= chr(((ord($key_56[2]) << 5) | (ord($key_56[3]) >> 3)) & 255);
7637 $key .= chr(((ord($key_56[3]) << 4) | (ord($key_56[4]) >> 4)) & 255);
7638 $key .= chr(((ord($key_56[4]) << 3) | (ord($key_56[5]) >> 5)) & 255);
7639 $key .= chr(((ord($key_56[5]) << 2) | (ord($key_56[6]) >> 6)) & 255);
7640 $key .= chr(( ord($key_56[6]) << 1) & 255);
7651 for (my $i = 0; $i < $len; $i++)
7653 my $c = get_random_chr (0, 255);
7658 return join ("", @arr);
7661 sub get_random_netntlmv1_salt
7663 my $len_user = shift;
7664 my $len_domain = shift;
7670 for (my $i = 0; $i < $len_user; $i++)
7672 $type = get_random_num (1, 3);
7676 $char = get_random_chr (0x30, 0x39);
7680 $char = get_random_chr (0x41, 0x5A);
7684 $char = get_random_chr (0x61, 0x7A);
7692 for (my $i = 0; $i < $len_domain; $i++)
7694 $type = get_random_num (1, 3);
7698 $char = get_random_chr (0x30, 0x39);
7702 $char = get_random_chr (0x41, 0x5A);
7706 $char = get_random_chr (0x61, 0x7A);
7712 my $c_challenge = randbytes (8);
7713 my $s_challenge = randbytes (8);
7715 my $salt_buf = $user . "::" . $domain . ":" . unpack ("H*", $c_challenge) . unpack ("H*", $s_challenge);
7720 sub get_random_netntlmv2_salt
7722 my $len_user = shift;
7723 my $len_domain = shift;
7729 if ($len_user + $len_domain > 27)
7731 if ($len_user > $len_domain)
7733 $len_user = 27 - $len_domain;
7737 $len_domain = 27 - $len_user;
7741 for (my $i = 0; $i < $len_user; $i++)
7743 $type = get_random_num (1, 3);
7747 $char = get_random_chr (0x30, 0x39);
7751 $char = get_random_chr (0x41, 0x5A);
7755 $char = get_random_chr (0x61, 0x7A);
7763 for (my $i = 0; $i < $len_domain; $i++)
7765 $type = get_random_num (1, 3);
7769 $char = get_random_chr (0x30, 0x39);
7773 $char = get_random_chr (0x41, 0x5A);
7777 $char = get_random_chr (0x61, 0x7A);
7783 my $c_challenge = randbytes (8);
7784 my $s_challenge = randbytes (8);
7786 my $temp = "\x01\x01" .
7791 randbytes (20 * rand () + 1) .
7794 my $salt_buf = $user . "::" . $domain . ":" . unpack ("H*", $s_challenge) . unpack ("H*", $temp);
7799 sub get_random_ike_salt
7803 for (my $i = 0; $i < 40; $i++)
7805 $nr_buf .= get_random_chr (0, 0xff);
7810 for (my $i = 0; $i < 440; $i++)
7812 $msg_buf .= get_random_chr (0, 0xff);
7815 my $nr_buf_hex = unpack ("H*", $nr_buf);
7816 my $msg_buf_hex = unpack ("H*", $msg_buf);
7818 my $salt_buf = sprintf ("%s:%s:%s:%s:%s:%s:%s:%s", substr ($msg_buf_hex, 0, 256), substr ($msg_buf_hex, 256, 256), substr ($msg_buf_hex, 512, 16), substr ($msg_buf_hex, 528, 16), substr ($msg_buf_hex, 544, 320), substr ($msg_buf_hex, 864, 16), substr ($nr_buf_hex, 0, 40), substr ($nr_buf_hex, 40, 40));
7823 sub get_random_agilekeychain_salt
7827 for (my $i = 0; $i < 8; $i++)
7829 $salt_buf .= get_random_chr (0x0, 0xff);
7834 for (my $i = 0; $i < 16; $i++)
7836 $iv .= get_random_chr (0x0, 0xff);
7839 my $prefix = "\x00" x 1008;
7841 my $ret = unpack ("H*", $salt_buf . $prefix . $iv);
7846 sub get_random_cloudkeychain_salt
7850 for (my $i = 0; $i < 16; $i++)
7852 $salt_buf .= get_random_chr (0x0, 0xff);
7855 for (my $i = 0; $i < 304; $i++)
7857 $salt_buf .= get_random_chr (0x0, 0xff);
7860 my $ret = unpack ("H*", $salt_buf);
7865 sub get_random_kerberos5_salt
7867 my $custom_salt = shift;
7869 my $clear_data = randbytes (14) .
7870 strftime ("%Y%m%d%H%M%S", localtime) .
7874 my $realm = "realm";
7877 my $salt_buf = $user . "\$" . $realm . "\$" . $salt . "\$" . unpack ("H*", $custom_salt) . "\$" . unpack ("H*", $clear_data) . "\$";
7882 sub get_random_md5chap_salt
7884 my $salt_buf = shift;
7886 my $salt = unpack ("H*", $salt_buf);
7890 $salt .= unpack ("H*", randbytes (1));
7895 sub get_random_dnssec_salt
7901 for (my $i = 0; $i < 8; $i++)
7903 $salt_buf .= get_random_chr (0x61, 0x7a);
7906 $salt_buf .= ".net";
7910 for (my $i = 0; $i < 8; $i++)
7912 $salt_buf .= get_random_chr (0x30, 0x39);
7925 my $byte_off = int ($bit / 8);
7926 my $bit_off = int ($bit % 8);
7928 my $char = substr ($digest, $byte_off, 1);
7929 my $num = ord ($char);
7931 return (($num & (1 << $bit_off)) ? 1 : 0);
7940 my $constant_phrase =
7941 "To be, or not to be,--that is the question:--\n" .
7942 "Whether 'tis nobler in the mind to suffer\n" .
7943 "The slings and arrows of outrageous fortune\n" .
7944 "Or to take arms against a sea of troubles,\n" .
7945 "And by opposing end them?--To die,--to sleep,--\n" .
7946 "No more; and by a sleep to say we end\n" .
7947 "The heartache, and the thousand natural shocks\n" .
7948 "That flesh is heir to,--'tis a consummation\n" .
7949 "Devoutly to be wish'd. To die,--to sleep;--\n" .
7950 "To sleep! perchance to dream:--ay, there's the rub;\n" .
7951 "For in that sleep of death what dreams may come,\n" .
7952 "When we have shuffled off this mortal coil,\n" .
7953 "Must give us pause: there's the respect\n" .
7954 "That makes calamity of so long life;\n" .
7955 "For who would bear the whips and scorns of time,\n" .
7956 "The oppressor's wrong, the proud man's contumely,\n" .
7957 "The pangs of despis'd love, the law's delay,\n" .
7958 "The insolence of office, and the spurns\n" .
7959 "That patient merit of the unworthy takes,\n" .
7960 "When he himself might his quietus make\n" .
7961 "With a bare bodkin? who would these fardels bear,\n" .
7962 "To grunt and sweat under a weary life,\n" .
7963 "But that the dread of something after death,--\n" .
7964 "The undiscover'd country, from whose bourn\n" .
7965 "No traveller returns,--puzzles the will,\n" .
7966 "And makes us rather bear those ills we have\n" .
7967 "Than fly to others that we know not of?\n" .
7968 "Thus conscience does make cowards of us all;\n" .
7969 "And thus the native hue of resolution\n" .
7970 "Is sicklied o'er with the pale cast of thought;\n" .
7971 "And enterprises of great pith and moment,\n" .
7972 "With this regard, their currents turn awry,\n" .
7973 "And lose the name of action.--Soft you now!\n" .
7974 "The fair Ophelia!--Nymph, in thy orisons\n" .
7975 "Be all my sins remember'd.\n\x00";
7977 my $constant_len = length ($constant_phrase);
7979 my $hash_buf = md5 ($pw . $salt);
7985 for (my $round = 0; $round < $iter; $round++)
7987 my $shift_a = md5bit ($hash_buf, $round + 0);
7988 my $shift_b = md5bit ($hash_buf, $round + 64);
7993 for (my $k = 0; $k < 16; $k++)
7995 my $s7shift = ord (substr ($hash_buf, $k, 1)) % 8;
7997 my $l = ($k + 3) % 16;
7999 my $num = ord (substr ($hash_buf, $l, 1));
8001 $shift_4[$k] = $num % 5;
8003 $shift_7[$k] = ($num >> $s7shift) & 1;
8008 for (my $k = 0; $k < 16; $k++)
8010 $indirect_4[$k] = (ord (substr ($hash_buf, $k, 1)) >> $shift_4[$k]) & 0xf;
8015 for (my $k = 0; $k < 16; $k++)
8017 $indirect_7[$k] = (ord (substr ($hash_buf, $indirect_4[$k], 1)) >> $shift_7[$k]) & 0x7f;
8023 for (my $k = 0; $k < 8; $k++)
8025 $indirect_a |= md5bit ($hash_buf, $indirect_7[$k + 0]) << $k;
8027 $indirect_b |= md5bit ($hash_buf, $indirect_7[$k + 8]) << $k;
8030 $indirect_a = ($indirect_a >> $shift_a) & 0x7f;
8031 $indirect_b = ($indirect_b >> $shift_b) & 0x7f;
8033 my $bit_a = md5bit ($hash_buf, $indirect_a);
8034 my $bit_b = md5bit ($hash_buf, $indirect_b);
8044 if ($bit_a ^ $bit_b)
8046 substr ($W, 16, 48) = substr ($constant_phrase, 0, 48);
8050 $to_hash .= substr ($W, 0, 64);
8054 for ($constant_off = 48; $constant_off < $constant_len - 64; $constant_off += 64)
8056 substr ($W, 0, 64) = substr ($constant_phrase, $constant_off, 64);
8060 $to_hash .= substr ($W, 0, 64);
8063 $pos = $constant_len - $constant_off;
8067 substr ($W, 0, $pos) = substr ($constant_phrase, $constant_off, $pos);
8082 my $round_div = int ($tmp / 10);
8083 my $round_mod = int ($tmp % 10);
8087 $a_buf[int ($a_len / 4)] = (($round_mod + 0x30) | ($a_buf[int ($a_len / 4)] << 8));
8097 for ($g = 0; $g < $a_len; $g++)
8099 my $remainder = $a_buf[$g];
8105 while ($remainder > 0)
8107 $sub = $remainder >> (8 * $factor);
8109 if ($started != 1 || $sub > 0)
8113 $tmp_str = chr ($sub) . $tmp_str;
8115 $remainder -= ($sub << (8 * $factor));
8123 substr ($W, $pos, $a_len) = $tmp_str;
8129 $to_hash .= substr ($W, 0, $pos);
8131 $to_hash = substr ($to_hash, 0, $total);
8133 $hash_buf = md5 ($to_hash);
8138 $passwd .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 6, 1))) << 8) | (int (ord (substr ($hash_buf, 12, 1)))), 4);
8139 $passwd .= to64 ((int (ord (substr ($hash_buf, 1, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 13, 1)))), 4);
8140 $passwd .= to64 ((int (ord (substr ($hash_buf, 2, 1))) << 16) | (int (ord (substr ($hash_buf, 8, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
8141 $passwd .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 9, 1))) << 8) | (int (ord (substr ($hash_buf, 15, 1)))), 4);
8142 $passwd .= to64 ((int (ord (substr ($hash_buf, 4, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
8143 $passwd .= to64 ((int (ord (substr ($hash_buf, 11, 1)))), 2);
8150 die ("usage: $0 single|passthrough| [mode] [len]\n" .
8152 " $0 verify [mode] [hashfile] [cracks] [outfile]\n");
8157 my $block_ref = shift;
8161 my $value = 16 - $offset;
8163 for (my $i = $offset; $i < 16; $i++)
8165 push @{$block_ref}, $value;
8175 for (my $i = 0; $i < 18; $i++)
8177 for (my $j = 0; $j < 48; $j++)
8179 $p = ($p + 48 - $j) & 0xff;
8181 my $c = $lotus_magic_table[$p];
8183 $p = $in_ref->[$j] ^ $c;
8190 sub lotus_transform_password
8193 my $out_ref = shift;
8195 my $t = $out_ref->[15];
8197 for (my $i = 0; $i < 16; $i++)
8199 $t ^= $in_ref->[$i];
8201 my $c = $lotus_magic_table[$t];
8203 $out_ref->[$i] ^= $c;
8205 $t = $out_ref->[$i];
8209 sub mdtransform_norecalc
8211 my $state_ref = shift;
8212 my $block_ref = shift;
8216 push (@x, @{$state_ref});
8217 push (@x, @{$block_ref});
8219 for (my $i = 0; $i < 16; $i++)
8221 push (@x, $x[0 + $i] ^ $x[16 + $i]);
8226 for (my $i = 0; $i < 16; $i++)
8228 $state_ref->[$i] = $x[$i];
8234 my $state_ref = shift;
8235 my $checksum_ref = shift;
8236 my $block_ref = shift;
8238 mdtransform_norecalc ($state_ref, $block_ref);
8240 lotus_transform_password ($block_ref, $checksum_ref);
8245 my $saved_key_ref = shift;
8249 @{$saved_key_ref} = splice (@{$saved_key_ref}, 0, $size);
8251 my @state = (0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
8257 for ($curpos = 0; $curpos + 16 < $size; $curpos += 16)
8259 my $curpos16 = $curpos + 16;
8261 my @block = splice (@{$saved_key_ref}, 0, 16);
8263 mdtransform (\@state, \@checksum, \@block);
8266 my $left = $size - $curpos;
8268 my @block = splice (@{$saved_key_ref}, 0, 16);
8270 pad16 (\@block, $left);
8272 mdtransform (\@state, \@checksum, \@block);
8274 mdtransform_norecalc (\@state, \@checksum);
8279 sub pdf_compute_encryption_key
8281 my $word_buf = shift;
8282 my $padding = shift;
8297 $data .= substr ($padding, 0, 32 - length $word_buf);
8299 $data .= pack ("H*", $o);
8301 $data .= pack ("I", $P);
8303 $data .= pack ("H*", $id);
8309 $data .= pack ("I", -1);
8313 my $res = md5 ($data);
8317 for (my $i = 0; $i < 50; $i++)
8326 sub gen_random_wpa_eapol
8335 my $version = 1; # 802.1X-2001
8337 $ret .= pack ("C*", $version);
8339 my $type = 3; # means that this EAPOL frame is used to transfer key information
8341 $ret .= pack ("C*", $type);
8343 my $length; # length of remaining data
8354 $ret .= pack ("n*", $length);
8356 my $descriptor_type;
8360 $descriptor_type = 254; # EAPOL WPA key
8364 $descriptor_type = 1; # EAPOL RSN key
8367 $ret .= pack ("C*", $descriptor_type);
8369 # key_info is a bit vector:
8370 # generated from these 13 bits: encrypted key data, request, error, secure, key mic, key ack, install, key index (2), key type, key descriptor (3)
8374 $key_info |= 1 << 8; # set key MIC
8375 $key_info |= 1 << 3; # set if it is a pairwise key
8379 $key_info |= 1 << 0; # RC4 Cipher, HMAC-MD5 MIC
8383 $key_info |= 1 << 1; # AES Cipher, HMAC-SHA1 MIC
8386 $ret .= pack ("n*", $key_info);
8399 $ret .= pack ("n*", $key_length);
8401 my $replay_counter = 1;
8403 $ret .= pack ("Q>*", $replay_counter);
8407 my $key_iv = "\x00" x 16;
8411 my $key_rsc = "\x00" x 8;
8415 my $key_id = "\x00" x 8;
8419 my $key_mic = "\x00" x 16;
8427 $key_data_len = 24; # length of the key_data (== WPA info)
8431 $key_data_len = 22; # length of the key_data (== RSN info)
8434 $ret .= pack ("n*", $key_data_len);
8444 my $vendor_specific_data = "";
8446 my $tag_number = 221; # means it is a vendor specific tag
8448 $vendor_specific_data .= pack ("C*", $tag_number);
8450 my $tag_len = 22; # length of the remaining "tag data"
8452 $vendor_specific_data .= pack ("C*", $tag_len);
8454 my $vendor_specific_oui = pack ("H*", "0050f2"); # microsoft
8456 $vendor_specific_data .= $vendor_specific_oui;
8458 my $vendor_specific_oui_type = 1; # WPA Information Element
8460 $vendor_specific_data .= pack ("C*", $vendor_specific_oui_type);
8462 my $vendor_specific_wpa_version = 1;
8464 $vendor_specific_data .= pack ("v*", $vendor_specific_wpa_version);
8468 my $vendor_specific_multicast_oui = pack ("H*", "0050f2");
8470 $vendor_specific_data .= $vendor_specific_multicast_oui;
8472 my $vendor_specific_multicast_type = 2; # TKIP
8474 $vendor_specific_data .= pack ("C*", $vendor_specific_multicast_type);
8478 my $vendor_specific_unicast_count = 1;
8480 $vendor_specific_data .= pack ("v*", $vendor_specific_unicast_count);
8482 my $vendor_specific_unicast_oui = pack ("H*", "0050f2");
8484 $vendor_specific_data .= $vendor_specific_multicast_oui;
8486 my $vendor_specific_unicast_type = 2; # TKIP
8488 $vendor_specific_data .= pack ("C*", $vendor_specific_unicast_type);
8490 # Auth Key Management (AKM)
8492 my $auth_key_management_count = 1;
8494 $vendor_specific_data .= pack ("v*", $auth_key_management_count);
8496 my $auth_key_management_oui = pack ("H*", "0050f2");
8498 $vendor_specific_data .= $auth_key_management_oui;
8500 my $auth_key_management_type = 2; # Pre-Shared Key (PSK)
8502 $vendor_specific_data .= pack ("C*", $auth_key_management_type);
8504 $wpa_info = $vendor_specific_data;
8506 $key_data = $wpa_info;
8514 my $tag_number = 48; # RSN info
8516 $rsn_info .= pack ("C*", $tag_number);
8518 my $tag_len = 20; # length of the remaining "tag_data"
8520 $rsn_info .= pack ("C*", $tag_len);
8522 my $rsn_version = 1;
8524 $rsn_info .= pack ("v*", $rsn_version);
8526 # group cipher suite
8528 my $group_cipher_suite_oui = pack ("H*", "000fac"); # Ieee8021
8530 $rsn_info .= $group_cipher_suite_oui;
8532 my $group_cipher_suite_type = 4; # AES (CCM)
8534 $rsn_info .= pack ("C*", $group_cipher_suite_type);
8536 # pairwise cipher suite
8538 my $pairwise_cipher_suite_count = 1;
8540 $rsn_info .= pack ("v*", $pairwise_cipher_suite_count);
8542 my $pairwise_cipher_suite_oui = pack ("H*", "000fac"); # Ieee8021
8544 $rsn_info .= $pairwise_cipher_suite_oui;
8546 my $pairwise_cipher_suite_type = 4; # AES (CCM)
8548 $rsn_info .= pack ("C*", $pairwise_cipher_suite_type);
8550 # Auth Key Management (AKM)
8552 my $auth_key_management_count = 1;
8554 $rsn_info .= pack ("v*", $auth_key_management_count);
8556 my $auth_key_management_oui = pack ("H*", "000fac"); # Ieee8021
8558 $rsn_info .= $auth_key_management_oui;
8560 my $auth_key_management_type = 2; # Pre-Shared Key (PSK)
8562 $rsn_info .= pack ("C*", $auth_key_management_type);
8566 # bit vector of these 9 bits: peerkey enabled, management frame protection (MFP) capable, MFP required,
8567 # RSN GTKSA Capabilities (2), RSN PTKSA Capabilities (2), no pairwise Capabilities, Pre-Auth Capabilities
8569 my $rsn_capabilities = pack ("H*", "0000");
8571 $rsn_info .= $rsn_capabilities;
8573 $key_data = $rsn_info;
8589 my $data = "Pairwise key expansion";
8594 # Min(AA, SPA) || Max(AA, SPA)
8597 # compare if greater: Min()/Max() on the MACs (6 bytes)
8599 if (memcmp ($stmac, $bssid, 6) < 0)
8611 # Min(ANonce,SNonce) || Max(ANonce,SNonce)
8614 # compare if greater: Min()/Max() on the nonces (32 bytes)
8616 if (memcmp ($snonce, $anonce, 32) < 0)
8629 my $prf_buf = hmac ($data, $pmk, \&sha1);
8631 $prf_buf = substr ($prf_buf, 0, 16);
8642 my $len_str1 = length ($str1);
8643 my $len_str2 = length ($str2);
8645 if (($len > $len_str1) || ($len > $len_str2))
8647 print "ERROR: memcmp () lengths wrong";
8652 for (my $i = 0; $i < $len; $i++)
8654 my $c_1 = ord (substr ($str1, $i, 1));
8655 my $c_2 = ord (substr ($str2, $i, 1));
8657 return -1 if ($c_1 < $c_2);
8658 return 1 if ($c_1 > $c_2);