4 ## Author......: Jens Steube <jens.steube@gmail.com>
10 use Digest
::MD4 qw
(md4 md4_hex
);
11 use Digest
::MD5 qw
(md5 md5_hex
);
12 use Digest
::SHA qw
(sha1 sha256 sha384 sha512 sha1_hex sha256_hex sha384_hex sha512_hex
);
13 use Digest
::HMAC qw
(hmac hmac_hex
);
14 use Digest
::Keccak qw
(keccak_256_hex
);
15 use Crypt
::MySQL qw
(password41
);
16 use Digest
::GOST qw
(gost gost_hex
);
17 use Digest
::HMAC_MD5 qw
(hmac_md5
);
18 use Digest
::CRC qw
(crc32
);
21 use Crypt
::ECB qw
(encrypt PADDING_AUTO PADDING_NONE
);
23 use Crypt
::Eksblowfish
::Bcrypt qw
(bcrypt en_base64
);
24 use Crypt
::Digest
::RIPEMD160 qw
(ripemd160_hex
);
25 use Crypt
::Digest
::Whirlpool qw
(whirlpool_hex
);
27 use Crypt
::ScryptKDF qw
(scrypt_hash scrypt_b64
);
31 use Crypt
::UnixCrypt_XS qw
(crypt_rounds fold_password base64_to_int24 block_to_base64 int24_to_base64
);
33 use Authen
::Passphrase
::NTHash
;
34 use Authen
::Passphrase
::MySQL323
;
35 use Authen
::Passphrase
::PHPass
;
36 use Authen
::Passphrase
::LANManager
;
38 use POSIX qw
(strftime
);
40 use Net
::DNS
::RR
::NSEC3
;
41 use Convert
::EBCDIC qw
(ascii2ebcdic
);
42 use Digest
::SipHash qw
/siphash/;
44 my $hashcat = "./oclHashcat";
48 my @modes = (0, 10, 11, 12, 20, 21, 22, 23, 30, 40, 50, 60, 100, 101, 110, 111, 112, 120, 121, 122, 130, 131, 132, 140, 141, 150, 160, 190, 200, 300, 400, 500, 900, 1000, 1100, 1400, 1410, 1420, 1430, 1440, 1441, 1450, 1460, 1500, 1600, 1700, 1710, 1711, 1720, 1730, 1740, 1722, 1731, 1750, 1760, 1800, 2100, 2400, 2410, 2500, 2600, 2611, 2612, 2711, 2811, 3000, 3100, 3200, 3710, 3711, 3300, 3500, 3610, 3720, 3800, 3910, 4010, 4110, 4210, 4300, 4400, 4500, 4600, 4700, 4800, 4900, 5000, 5100, 5300, 5400, 5500, 5600, 5700, 5800, 6000, 6100, 6300, 6400, 6500, 6600, 6700, 6800, 6900, 7100, 7200, 7300, 7400, 7500, 7600, 7700, 7800, 7900, 8000, 8100, 8200, 8300, 8400, 8500, 8600, 8700, 8900, 9100, 9200, 9300, 9400, 9500, 9600, 9700, 9800, 9900, 10000, 10100, 10200, 10300, 10400, 10500, 10600, 10700, 10800, 10900, 11000, 11100, 11200, 11300, 11400, 11500, 11600, 11900, 12000, 12100, 12200, 12300, 12400, 12600, 12700, 12800, 12900, 13000, 13100, 13200, 13300, 13400);
50 my %is_unicode = map { $_ => 1 } qw(30 40 130 131 132 133 140 141 1000 1100 1430 1440 1441 1730 1740 1731 5500 5600 8000 9400 9500 9600 9700 9800);
51 my %less_fifteen = map { $_ => 1 } qw(500 1600 1800 2400 2410 3200 6300 7400 10500 10700);
52 my %allow_long_salt = map { $_ => 1 } qw(2500 5500 5600 7100 7200 7300 9400 9500 9600 9700 9800 10400 10500 10600 10700 1100 11000 11200 11300 11400 11600 12600);
54 my @lotus_magic_table =
56 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a,
57 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0,
58 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b,
59 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a,
60 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda,
61 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36,
62 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8,
63 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c,
64 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17,
65 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60,
66 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72,
67 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa,
68 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd,
69 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e,
70 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b,
71 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf,
72 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77,
73 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6,
74 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3,
75 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3,
76 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e,
77 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c,
78 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d,
79 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2,
80 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46,
81 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5,
82 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97,
83 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5,
84 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef,
85 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f,
86 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf,
87 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab
92 0x28, 0xbf, 0x4e, 0x5e, 0x4e, 0x75, 0x8a, 0x41,
93 0x64, 0x00, 0x4e, 0x56, 0xff, 0xfa, 0x01, 0x08,
94 0x2e, 0x2e, 0x00, 0xb6, 0xd0, 0x68, 0x3e, 0x80,
95 0x2f, 0x0c, 0xa9, 0xfe, 0x64, 0x53, 0x69, 0x7a
98 my $CISCO_BASE64_MAPPING = {'A', '.', 'B', '/', 'C', '0', 'D', '1', 'E', '2', 'F', '3', 'G', '4', 'H', '5', 'I', '6', 'J', '7', 'K', '8', 'L', '9', 'M', 'A', 'N', 'B', 'O', 'C', 'P', 'D', 'Q', 'E', 'R', 'F', 'S', 'G', 'T', 'H', 'U', 'I', 'V', 'J', 'W', 'K', 'X', 'L', 'Y', 'M', 'Z', 'N', 'a', 'O', 'b', 'P', 'c', 'Q', 'd', 'R', 'e', 'S', 'f', 'T', 'g', 'U', 'h', 'V', 'i', 'W', 'j', 'X', 'k', 'Y', 'l', 'Z', 'm', 'a', 'n', 'b', 'o', 'c', 'p', 'd', 'q', 'e', 'r', 'f', 's', 'g', 't', 'h', 'u', 'i', 'v', 'j', 'w', 'k', 'x', 'l', 'y', 'm', 'z', 'n', '0', 'o', '1', 'p', '2', 'q', '3', 'r', '4', 's', '5', 't', '6', 'u', '7', 'v', '8', 'w', '9', 'x', '+', 'y', '/', 'z'};
100 if (scalar @ARGV < 1)
111 if ($type ne "verify")
113 if (scalar @ARGV > 1)
118 elsif (scalar @ARGV == 1)
128 if ($type eq "single")
132 elsif ($type eq "passthrough")
143 if (scalar @ARGV != 4)
148 my $mode = shift @ARGV;
149 my $hash_file = shift @ARGV;
150 my $in_file = shift @ARGV;
151 my $out_file = shift @ARGV;
155 open (IN
, "<", $hash_file) or die ("$hash_file: $!\n");
157 # clever ? the resulting database could be huge
158 # but we need some way to map lines in hashfile w/ cracks
159 # maybe rli2 way would be more clever (needs sorted input)
161 while (my $line = <IN
>)
163 $line =~ s/[\n\r]*$//;
165 $db->{$line} = undef;
170 verify
($mode, $db, $in_file, $out_file);
178 my $out_file = shift;
197 open (IN
, "<", $in_file) or die ("$in_file: $!\n");
198 open (OUT
, ">", $out_file) or die ("$out_file: $!\n");
202 my $base64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
203 my $itoa64_1 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
204 my $itoa64_2 = "./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
206 while (my $line = <IN
>)
213 # remember always do "exists ($db->{$hash_in})" checks as soon as possible and don't forget it
216 if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 133 || $mode == 190 || $mode == 200 || $mode == 300 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3000 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 5700 || $mode == 6000 || $mode == 6100 || $mode == 6900 || $mode == 8600 || $mode == 9900 || $mode == 10800 || $mode == 11500)
218 my $index = index ($line, ":");
222 $hash_in = substr ($line, 0, $index);
224 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
226 $word = substr ($line, $index + 1);
229 elsif ($mode == 10 || $mode == 11 || $mode == 12 || $mode == 20 || $mode == 21 || $mode == 22 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 112 || $mode == 120 || $mode == 121 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1100 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 2410 || $mode == 2611 || $mode == 2711 || $mode == 2811 || $mode == 3100 || $mode == 3610 || $mode == 3710 || $mode == 3720 || $mode == 3800 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 4900 || $mode == 5800 || $mode == 7600 || $mode == 8400 || $mode == 11000 || $mode == 12600)
232 my $index1 = index ($line, ":");
236 $hash_in = substr ($line, 0, $index1);
238 # identify lenghts of both salt and plain
240 my $salt_plain = substr ($line, $index1 + 1);
242 my $num_cols = () = $salt_plain =~ /:/g;
251 foreach (my $i = 0; $i < $num_cols; $i++)
253 $index2 = index ($salt_plain, ":", $start);
257 $start = $index2 + 1;
259 $salt = substr ($salt_plain, 0, $index2);
260 $word = substr ($salt_plain, $index2 + 1);
262 # can't be true w/ wrong $hash:$salt, otherwise the
263 # algo must have many collisions
265 if (exists ($db->{$hash_in . ":" . $salt}))
267 $hash_in = $hash_in . ":" . $salt;
273 next unless ($matched); # therefore: true == exists ($db->{$hash_in}
274 next unless (! defined ($db->{$hash_in}));
277 elsif ($mode == 2100)
280 my $index1 = index ($line, "\$DCC2\$");
282 next if $index1 != 0;
285 my $index2 = index ($line, "#", $index1 + 1);
289 $iter = substr ($line, $index1 + 6, $index2 - $index1 - 6);
292 $index1 = index ($line, "#");
296 $hash_in = substr ($line, 0, $index1 + 1);
298 # identify lenghts of both salt and plain
300 my $salt_plain = substr ($line, $index2 + 1);
302 my $num_cols = () = $salt_plain =~ /:/g;
312 foreach (my $i = 0; $i < $num_cols; $i++)
314 $index2 = index ($salt_plain, ":", $start);
318 $start = $index2 + 1;
320 $index3 = rindex ($salt_plain, "#", $index2);
322 $raw_hash = substr ($salt_plain, $index3 + 1, $index2 - $index3 - 1);
323 $salt = substr ($salt_plain, 0, $index3);
324 $word = substr ($salt_plain, $index2 + 1);
326 if (exists ($db->{$hash_in . $salt . "#" .$raw_hash}))
328 $hash_in = $hash_in . $salt . "#" . $raw_hash;
334 next unless ($matched); # therefore: true == exists ($db->{$hash_in}
335 next unless (! defined ($db->{$hash_in}));
337 # salt:hash guaranteed only : because of hex salt
338 elsif ($mode == 7300)
340 # split hash and plain
341 my $index1 = index ($line, ":");
345 $salt = substr ($line, 0, $index1);
347 $salt = pack ("H*", $salt);
349 my $rest = substr ($line, $index1 + 1);
351 my $index2 = index ($rest, ":");
355 $hash_in = substr ($rest, 0, $index2);
357 $word = substr ($rest, $index2 + 1);
359 next unless (exists ($db->{$salt . ":" . $hash_in}) and (! defined ($db->{$hash_in})));
362 elsif ($mode == 8100)
364 # split hash and plain
365 $salt = substr ($line, 1, 8);
367 my $rest = substr ($line, 1 + 8);
369 my $index2 = index ($rest, ":");
373 $hash_in = substr ($rest, 0, $index2);
375 $word = substr ($rest, $index2 + 1);
377 next unless (exists ($db->{"1" . $salt . $hash_in}) and (! defined ($db->{$hash_in})));
379 # base64 and salt embedded SSHA1, salt length = total lenght - 20
382 # split hash and plain
383 my $index = index ($line, ":");
387 $hash_in = substr ($line, 0, $index);
388 $word = substr ($line, $index + 1);
390 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
393 my $plain_base64 = substr ($hash_in, 6);
395 # base64 decode to extract salt
396 my $decoded = decode_base64
($plain_base64);
398 $salt = substr ($decoded, 20);
400 # base64 and salt embedded SSHA512, salt length = total length - 64
401 elsif ($mode == 1711)
403 # split hash and plain
404 my $index = index ($line, ":");
408 $hash_in = substr ($line, 0, $index);
409 $word = substr ($line, $index + 1);
411 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
414 my $plain_base64 = substr ($hash_in, 9);
416 # base64 decode to extract salt
417 my $decoded = decode_base64
($plain_base64);
419 $salt = substr ($decoded, 64);
421 # OSX (first 8 hex chars is salt)
422 elsif ($mode == 122 || $mode == 1722)
424 my $index = index ($line, ":");
428 $hash_in = substr ($line, 0, $index);
429 $word = substr ($line, $index + 1);
431 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
433 $salt = substr ($hash_in, 0, 8);
435 # MSSQL (2000, 2005 AND 2012), salt after version number
436 elsif ($mode == 131 || $mode == 132 || $mode == 1731)
438 my $index = index ($line, ":");
442 $hash_in = substr ($line, 0, $index);
443 $word = substr ($line, $index + 1);
445 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
447 $salt = substr ($hash_in, 6, 8);
450 elsif ($mode == 8000)
452 my $index = index ($line, ":");
456 $hash_in = substr ($line, 0, $index);
457 $word = substr ($line, $index + 1);
459 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
461 $salt = substr ($hash_in, 6, 16);
464 elsif ($mode == 141 || $mode == 1441)
466 my $index1 = index ($line, ":");
470 $hash_in = substr ($line, 0, $index1);
471 $word = substr ($line, $index1 + 1);
473 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
475 my $index2 = index ($line, "*", 14);
477 #extract salt from base64
478 my $plain_base64 = substr ($hash_in, 14, $index2 - 14);
480 $salt = decode_base64
($plain_base64);
482 # phpass (first 8 after $P$/$H$ -- or $S$ with drupal7)
483 elsif ($mode == 400 || $mode == 7900)
485 my $index = index ($line, ":");
489 $hash_in = substr ($line, 0, $index);
490 $word = substr ($line, $index + 1);
492 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
494 $salt = substr ($hash_in, 4, 8);
496 # iterations = 2 ^ cost (where cost == $iter)
497 $iter = index ($itoa64_1, substr ($hash_in, 3, 1));
499 # $something$[rounds=iter$]salt$ (get last $, then check iter)
500 elsif ($mode == 500 || $mode == 1600 || $mode == 1800 || $mode == 3300 || $mode == 7400)
502 my $index1 = index ($line, ":", 30);
506 $hash_in = substr ($line, 0, $index1);
507 $word = substr ($line, $index1 + 1);
509 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
511 $index1 = index ($hash_in, ",", 1);
512 my $index2 = index ($hash_in, "\$", 1);
516 if ($index1 < $index2)
522 $param = substr ($hash_in, $index2, 1);
526 # rounds= if available
529 if (substr ($hash_in, $index2, 7) eq "rounds=")
531 my $old_index = $index2;
533 $index2 = index ($hash_in, "\$", $index2 + 1);
537 $iter = substr ($hash_in, $old_index + 7, $index2 - $old_index - 7);
543 my $index3 = rindex ($hash_in, "\$");
547 $salt = substr ($hash_in, $index2, $index3 - $index2);
549 # descrypt (salt in first 2 char)
550 elsif ($mode == 1500)
552 my $index = index ($line, ":");
556 $hash_in = substr ($line, 0, $index);
557 $word = substr ($line, $index + 1);
559 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
561 $salt = substr ($hash_in, 0, 2);
563 # bcrypt $something$something$salt.hash
564 elsif ($mode == 3200)
566 my $index1 = index ($line, ":", 33);
570 $hash_in = substr ($line, 0, $index1);
571 $word = substr ($line, $index1 + 1);
573 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
575 my $index2 = index ($hash_in, "\$", 4);
577 $iter = substr ($hash_in, 4, $index2 - 4);
579 my $plain_base64 = substr ($hash_in, $index2 + 1, 22);
584 for (my $i = 0; $i < length ($plain_base64); $i++)
586 my $char = substr ($plain_base64, $i, 1);
587 $encoded .= substr ($base64, index ($itoa64_2, $char), 1);
590 $salt = decode_base64
($encoded);
593 elsif ($mode == 4800)
595 my $index1 = index ($line, ":");
599 my $index2 = index ($line, ":", $index1 + 1);
603 my $index3 = index ($line, ":", $index2 + 1);
607 $salt = substr ($line, $index1 + 1, $index3 - $index1 - 1);
609 $word = substr ($line, $index3 + 1);
611 $hash_in = substr ($line, 0, $index3);
614 elsif ($mode == 5300 || $mode == 5400)
616 my $num_cols = () = $line =~ /:/g;
618 next unless ($num_cols >= 9);
623 for (my $j = 0; $j < 9; $j++)
625 $index1 = index ($line, ":", $index1 + 1);
636 $word = substr ($line, $index1 + 1);
638 $hash_in = substr ($line, 0, $index1);
640 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
642 my $index2 = rindex ($line, ":", $index1 - 1);
644 $salt = substr ($line, 0, $index2);
647 elsif ($mode == 5500)
649 my $index1 = index ($line, "::");
653 my $index2 = index ($line, ":", $index1 + 2);
657 $index2 = index ($line, ":", $index2 + 1);
661 $salt = substr ($line, 0, $index2);
663 $index2 = index ($line, ":", $index2 + 1);
667 $salt .= substr ($line, $index2 + 1, 16);
669 $index2 = index ($line, ":", $index2 + 1);
673 $hash_in = substr ($line, 0, $index2);
675 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
677 $word = substr ($line, $index2 + 1);
680 elsif ($mode == 5600)
682 my $index1 = index ($line, "::");
686 my $index2 = index ($line, ":", $index1 + 2);
690 $index2 = index ($line, ":", $index2 + 1);
694 $salt = substr ($line, 0, $index2);
696 $index1 = index ($line, ":", $index2 + 1);
700 $index2 = index ($line, ":", $index1 + 1);
704 $salt .= substr ($line, $index1 + 1, $index2 - $index1 - 1);
706 $hash_in = substr ($line, 0, $index2);
708 # do it later on for this hash mode:
709 # next unless ((exists ($db->{$hash_in}) and (! defined ($db->{$hash_in}))) or (exists ($db->{$mod}) and (! defined ($db->{$mod}))));
711 $word = substr ($line, $index2 + 1);
713 # AIX smd5 something BRACE salt$
714 elsif ($mode == 6300)
716 my $index1 = index ($line, ":");
720 $hash_in = substr ($line, 0, $index1);
721 $word = substr ($line, $index1 + 1);
723 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
725 my $index2 = index ($hash_in, "}");
726 my $index3 = rindex ($hash_in, "\$");
728 $salt = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
730 # AIX: something$salt$ (no $ at position 1)
731 elsif ($mode == 6400 || $mode == 6500 || $mode == 6700)
733 my $index1 = index ($line, ":");
737 $hash_in = substr ($line, 0, $index1);
738 $word = substr ($line, $index1 + 1);
740 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
742 my $index2 = index ($hash_in, "}");
743 my $index3 = index ($hash_in, "\$");
744 my $index4 = rindex ($hash_in, "\$");
746 $salt = substr ($hash_in, $index3 + 1, $index4 - $index3 - 1);
748 $iter = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
750 # 1Password, agilekeychain
751 elsif ($mode == 6600)
753 my $num_cols = () = $line =~ /:/g;
755 next unless ($num_cols > 2);
757 my $index1 = index ($line, ":");
761 $iter = substr ($line, 0, $index1);
763 my $index2 = index ($line, ":", $index1 + 1);
767 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
769 $index1 = index ($line, ":", $index2 + 1);
773 $salt .= substr ($line, $index2 + 1, $index1 - $index2 - 33);
775 $hash_in = substr ($line, 0, $index1);
777 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
779 $word = substr ($line, $index1 + 1);
781 # 1Password, cloudkeychain
782 elsif ($mode == 8200)
784 my @datas = split (":", $line);
786 next if scalar @datas < 4;
788 my $hash = shift @datas;
789 $salt = shift @datas;
790 $iter = shift @datas;
791 my $data = shift @datas;
793 $hash_in = $hash . ":" . $salt . ":" . $iter . ":" . $data;
797 $word = join (":", @datas);
799 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
801 # lastpass (hash:iter:salt)
802 elsif ($mode == 6800)
804 my $index1 = index ($line, ":", 34);
808 $hash_in = substr ($line, 0, $index1);
810 # identify lenghts of both salt and plain
812 my $salt_plain = substr ($line, $index1 + 1);
814 my $num_cols = () = $salt_plain =~ /:/g;
823 foreach (my $i = 0; $i < $num_cols; $i++)
825 $index2 = index ($salt_plain, ":", $start);
829 $start = $index2 + 1;
831 $salt = substr ($salt_plain, 0, $index2);
832 $word = substr ($salt_plain, $index2 + 1);
834 # can't be true w/ wrong $hash:$salt, otherwise the
835 # algo must have many collisions
837 if (exists ($db->{$hash_in . ":" . $salt}))
839 $hash_in = $hash_in . ":" . $salt;
845 next unless ($matched); # therefore: true == exists ($db->{$hash_in}
846 next unless (! defined ($db->{$hash_in}));
848 $index1 = index ($hash_in, ":");
849 $index2 = index ($hash_in, ":", $index1 + 1);
851 $iter = substr ($hash_in, $index1 + 1, $index2 - $index1 - 1);
852 $salt = substr ($hash_in, $index2 + 1);
854 # OSX 10.* : $something$iter$salt$
855 elsif ($mode == 7100)
857 my $index1 = index ($line, ":");
861 $hash_in = substr ($line, 0, $index1);
862 $word = substr ($line, $index1 + 1);
864 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
866 my $index2 = index ($hash_in, "\$", 5);
870 my $index3 = index ($hash_in, "\$", $index2 + 1);
872 $salt = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
874 $iter = substr ($hash_in, 4, $index2 - 4);
876 next if (int ($iter) < 1);
878 # grub: something1.something2.something3.iter.salt.
879 elsif ($mode == 7200)
881 my $index1 = index ($line, ":");
885 $hash_in = substr ($line, 0, $index1);
886 $word = substr ($line, $index1 + 1);
888 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
890 my $index2 = index ($hash_in, ".", 19);
894 my $index3 = index ($hash_in, ".", $index2 + 1);
896 $salt = substr ($hash_in, $index2 + 1, $index3 - $index2 - 1);
898 $iter = substr ($hash_in, 19, $index2 - 19);
900 next if (int ($iter) < 1);
902 # $something1$something2$something3$something4$salt$
903 elsif ($mode == 7500 )
905 my $index1 = index ($line, "\$", 11);
909 my $index2 = index ($line, "\$", $index1 + 1);
913 my $index3 = index ($line, "\$", $index2 + 1);
917 $index2 = index ($line, ":", $index3 + 1);
921 $hash_in = substr ($line, 0, $index2);
922 $word = substr ($line, $index2 + 1);
924 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
926 $salt = substr ($hash_in, 11, $index3 - 10);
927 $salt .= substr ($hash_in, $index2 - 32) . "\$\$";
928 $salt .= substr ($hash_in, $index3 + 1, $index2 - $index3 - 32 - 1);
931 elsif ($mode == 7700 || $mode == 7800)
933 my $index1 = index ($line, ":");
937 my @split1 = split (":", $line);
939 my @split2 = split ('\$', $split1[0]);
941 next unless scalar @split2 == 2;
943 $hash_in = $split1[0];
945 if (scalar @split1 > 1)
954 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
959 elsif ($mode == 8300)
961 my @datas = split (":", $line);
963 next if scalar @datas != 5;
968 ($hash, $domain, $salt, $iter, $word) = @datas;
970 $hash_in = $hash . ":" . $domain . ":" . $salt . ":" . $iter;
972 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
974 $salt = $domain . ":" . $salt;
977 elsif ($mode == 8500)
979 my @line_elements = split (":", $line);
981 next if scalar @line_elements < 2;
985 $hash_in = shift @line_elements;
987 $word = join (":", @line_elements);
991 my @hash_elements = split ('\*', $hash_in);
993 next unless ($hash_elements[0] eq '$racf$');
995 $salt = $hash_elements[1];
997 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1000 elsif ($mode == 8700)
1002 # split hash and plain
1003 my $index = index ($line, ":");
1007 $hash_in = substr ($line, 0, $index);
1008 $word = substr ($line, $index + 1);
1010 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1012 my $plain_base64 = substr ($hash_in, 2, -1);
1014 ($_, $salt, $param) = domino_decode
($plain_base64);
1017 elsif ($mode == 2612)
1019 next unless (substr ($line, 0, 6) eq '$PHPS$');
1022 my $index1 = index ($line, "\$", 6);
1024 next if $index1 < 1;
1026 $salt = substr ($line, 6, $index1 - 6);
1028 $salt = pack ("H*", $salt);
1030 my $index2 = index ($line, "\:", $index1 + 1);
1032 next if $index2 < 1;
1034 $word = substr ($line, $index2 + 1);
1036 $hash_in = substr ($line, 0, $index2);
1038 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1041 elsif ($mode == 3711)
1043 next unless (substr ($line, 0, 3) eq '$B$');
1046 my $index1 = index ($line, "\$", 3);
1048 next if $index1 < 1;
1050 $salt = substr ($line, 3, $index1 - 3);
1052 my $index2 = index ($line, ":", $index1 + 1);
1054 next if $index2 < 1;
1056 $word = substr ($line, $index2 + 1);
1058 $hash_in = substr ($line, 0, $index2);
1060 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1063 elsif ($mode == 8900)
1065 next unless (substr ($line, 0, 7) eq 'SCRYPT:');
1068 my $index1 = index ($line, ":", 7);
1070 next if $index1 < 1;
1073 my $N = substr ($line, 7, $index1 - 7);
1075 my $index2 = index ($line, ":", $index1 + 1);
1077 next if $index2 < 1;
1080 my $r = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1082 $index1 = index ($line, ":", $index2 + 1);
1084 next if $index1 < 1;
1087 my $p = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1093 $index2 = index ($line, ":", $index1 + 1);
1095 next if $index2 < 1;
1098 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1100 $salt = decode_base64
($salt);
1102 $index1 = index ($line, ":", $index2 + 1);
1104 next if $index1 < 1;
1108 $word = substr ($line, $index1 + 1);
1109 $hash_in = substr ($line, 0, $index1);
1111 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1114 elsif ($mode == 9100)
1116 # split hash and plain
1117 my $index = index ($line, ":");
1121 $hash_in = substr ($line, 0, $index);
1122 $word = substr ($line, $index + 1);
1124 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1126 my $base64_part = substr ($hash_in, 2, -1);
1128 ($_, $salt, $iter, $param) = domino_85x_decode
($base64_part);
1130 next if ($iter < 1);
1132 # Cisco $8$ - PBKDF2-HMAC-SHA256
1133 elsif ($mode == 9200)
1135 next unless (substr ($line, 0, 3) eq '$8$');
1138 my $index1 = index ($line, "\$", 3);
1140 next if $index1 != 17;
1142 my $index2 = index ($line, "\$", $index1 + 1);
1145 $salt = substr ($line, 3, $index1 - 3);
1147 $index1 = index ($line, ":", $index1 + 1);
1149 next if $index1 < 1;
1153 $word = substr ($line, $index1 + 1);
1154 $hash_in = substr ($line, 0, $index1);
1156 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1158 # Cisco $9$ - scrypt
1159 elsif ($mode == 9300)
1161 next unless (substr ($line, 0, 3) eq '$9$');
1164 my $index1 = index ($line, "\$", 3);
1166 next if $index1 != 17;
1168 my $index2 = index ($line, "\$", $index1 + 1);
1171 $salt = substr ($line, 3, $index1 - 3);
1173 $index1 = index ($line, ":", $index1 + 1);
1175 next if $index1 < 1;
1179 $word = substr ($line, $index1 + 1);
1180 $hash_in = substr ($line, 0, $index1);
1182 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1185 elsif ($mode == 9400)
1187 ($hash_in, $word) = split ":", $line;
1189 next unless defined $hash_in;
1190 next unless defined $word;
1192 my @data = split /\*/, $hash_in;
1194 next unless scalar @data == 8;
1196 next unless (shift @data eq '$office$');
1197 next unless (shift @data eq '2007');
1198 next unless (shift @data eq '20');
1200 my $aes_key_size = shift @data;
1202 next unless (($aes_key_size eq '128') || ($aes_key_size eq '256'));
1203 next unless (shift @data eq '16');
1205 next unless (length $data[0] == 32);
1206 next unless (length $data[1] == 32);
1207 next unless (length $data[2] == 40);
1209 $salt = shift @data;
1210 $param = shift @data;
1211 $param2 = $aes_key_size;
1213 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1216 elsif ($mode == 9500)
1218 ($hash_in, $word) = split ":", $line;
1220 next unless defined $hash_in;
1221 next unless defined $word;
1223 my @data = split /\*/, $hash_in;
1225 next unless scalar @data == 8;
1227 next unless (shift @data eq '$office$');
1228 next unless (shift @data eq '2010');
1229 next unless (shift @data eq '100000');
1230 next unless (shift @data eq '128');
1231 next unless (shift @data eq '16');
1233 next unless (length $data[0] == 32);
1234 next unless (length $data[1] == 32);
1235 next unless (length $data[2] == 64);
1237 $salt = shift @data;
1238 $param = shift @data;
1240 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1243 elsif ($mode == 9600)
1245 ($hash_in, $word) = split ":", $line;
1247 next unless defined $hash_in;
1248 next unless defined $word;
1250 my @data = split /\*/, $hash_in;
1252 next unless scalar @data == 8;
1254 next unless (shift @data eq '$office$');
1255 next unless (shift @data eq '2013');
1256 next unless (shift @data eq '100000');
1257 next unless (shift @data eq '256');
1258 next unless (shift @data eq '16');
1260 next unless (length $data[0] == 32);
1261 next unless (length $data[1] == 32);
1262 next unless (length $data[2] == 64);
1264 $salt = shift @data;
1265 $param = shift @data;
1267 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1270 elsif ($mode == 9700)
1272 ($hash_in, $word) = split ":", $line;
1274 next unless defined $hash_in;
1275 next unless defined $word;
1277 my @data = split /\*/, $hash_in;
1279 next unless scalar @data == 4;
1281 my $signature = shift @data;
1283 next unless (($signature eq '$oldoffice$0') || ($signature eq '$oldoffice$1'));
1285 next unless (length $data[0] == 32);
1286 next unless (length $data[1] == 32);
1287 next unless (length $data[2] == 32);
1289 $salt = shift @data;
1290 $param = shift @data;
1291 $param2 = substr ($signature, 11, 1);
1293 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1296 elsif ($mode == 9800)
1298 ($hash_in, $word) = split ":", $line;
1300 next unless defined $hash_in;
1301 next unless defined $word;
1303 my @data = split /\*/, $hash_in;
1305 next unless scalar @data == 4;
1307 my $signature = shift @data;
1309 next unless (($signature eq '$oldoffice$3') || ($signature eq '$oldoffice$4'));
1311 next unless (length $data[0] == 32);
1312 next unless (length $data[1] == 32);
1313 next unless (length $data[2] == 40);
1315 $salt = shift @data;
1316 $param = shift @data;
1317 $param2 = substr ($signature, 11, 1);
1319 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1321 # Django (PBKDF2-SHA256)
1322 elsif ($mode == 10000)
1324 next unless (substr ($line, 0, 14) eq 'pbkdf2_sha256$');
1327 my $index1 = index ($line, "\$", 14);
1329 next if $index1 < 1;
1331 my $index2 = index ($line, "\$", $index1 + 1);
1335 $iter = substr ($line, 14, $index1 - 14);
1339 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1343 $index1 = index ($line, ":", $index2 + 1);
1345 next if $index1 < 1;
1347 $word = substr ($line, $index1 + 1);
1348 $hash_in = substr ($line, 0, $index1);
1350 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1353 elsif ($mode == 10100)
1357 ($hash, undef, undef, $salt, $word) = split ":", $line;
1359 next unless defined $hash;
1360 next unless defined $salt;
1361 next unless defined $word;
1363 next unless (length $hash == 16);
1364 next unless (length $salt == 32);
1366 my $hash_in = sprintf ("%s:2:4:%s", $hash, $salt);
1368 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1371 elsif ($mode == 10200)
1373 next unless (substr ($line, 0, 10) eq '$cram_md5$');
1376 my $index1 = index ($line, "\$", 10);
1378 next if $index1 < 1;
1382 my $challengeb64 = substr ($line, 10, $index1 - 10);
1383 $salt = decode_base64
($challengeb64);
1387 my $index2 = index ($line, ":", $index1 + 1);
1389 next if $index2 < 1;
1391 my $responseb64 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1392 my $response = decode_base64
($responseb64);
1394 $param = substr ($response, 0, length ($response) - 32 - 1); # -1 is for space
1396 $word = substr ($line, $index2 + 1);
1397 $hash_in = substr ($line, 0, $index2);
1399 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1401 # SAP CODVN H (PWDSALTEDHASH) iSSHA-1
1402 elsif ($mode == 10300)
1404 next unless (substr ($line, 0, 10) eq '{x-issha, ');
1408 my $index1 = index ($line, "}", 10);
1410 next if $index1 < 1;
1412 $iter = substr ($line, 10, $index1 - 10);
1414 $iter = int ($iter);
1418 my $base64_encoded = substr ($line, $index1 + 1);
1419 my $base64_decoded = decode_base64
($base64_encoded);
1421 $salt = substr ($base64_decoded, 20);
1423 my $index2 = index ($line, ":", $index1 + 1);
1425 next if $index2 < 1;
1427 $word = substr ($line, $index2 + 1);
1428 $hash_in = substr ($line, 0, $index2);
1430 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1432 # PDF 1.1 - 1.3 (Acrobat 2 - 4)
1433 elsif ($mode == 10400)
1435 ($hash_in, $word) = split ":", $line;
1437 next unless defined $hash_in;
1438 next unless defined $word;
1440 my @data = split /\*/, $hash_in;
1442 next unless scalar @data == 11;
1444 next unless (shift @data eq '$pdf$1');
1445 next unless (shift @data eq '2');
1446 next unless (shift @data eq '40');
1447 my $P = shift @data;
1448 next unless (shift @data eq '0');
1449 next unless (shift @data eq '16');
1450 my $id = shift @data;
1451 next unless (shift @data eq '32');
1452 my $u = shift @data;
1453 next unless (shift @data eq '32');
1454 my $o = shift @data;
1461 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1463 # PDF 1.4 - 1.6 (Acrobat 5 - 8)
1464 elsif ($mode == 10500)
1466 ($hash_in, $word) = split ":", $line;
1468 next unless defined $hash_in;
1469 next unless defined $word;
1471 my @data = split /\*/, $hash_in;
1473 next unless scalar @data == 11;
1475 my $V = shift @data; $V = substr ($V, 5, 1);
1476 my $R = shift @data;
1477 next unless (shift @data eq '128');
1478 my $P = shift @data;
1479 my $enc = shift @data;
1480 next unless (shift @data eq '16');
1481 my $id = shift @data;
1482 next unless (shift @data eq '32');
1483 my $u = shift @data;
1484 next unless (shift @data eq '32');
1485 my $o = shift @data;
1495 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1497 # PDF 1.7 Level 3 (Acrobat 9)
1498 elsif ($mode == 10600)
1500 ($hash_in, $word) = split ":", $line;
1502 next unless defined $hash_in;
1503 next unless defined $word;
1505 my @data = split /\*/, $hash_in;
1507 next unless scalar @data >= 11;
1509 next unless (shift @data eq '$pdf$5');
1510 next unless (shift @data eq '5');
1511 next unless (shift @data eq '256');
1512 next unless (shift @data eq '-1028');
1513 next unless (shift @data eq '1');
1514 next unless (shift @data eq '16');
1515 my $id = shift @data;
1516 my $rest = join "*", @data;
1521 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1523 # PDF 1.7 Level 8 (Acrobat 10 - 11)
1524 elsif ($mode == 10700)
1526 ($hash_in, $word) = split ":", $line;
1528 next unless defined $hash_in;
1529 next unless defined $word;
1531 my @data = split /\*/, $hash_in;
1533 next unless scalar @data >= 11;
1535 next unless (shift @data eq '$pdf$5');
1536 next unless (shift @data eq '6');
1537 next unless (shift @data eq '256');
1538 next unless (shift @data eq '-1028');
1539 next unless (shift @data eq '1');
1540 next unless (shift @data eq '16');
1541 my $id = shift @data;
1542 my $rest = join "*", @data;
1547 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1549 # PBKDF2-HMAC-SHA256
1550 elsif ($mode == 10900)
1552 next unless (substr ($line, 0, 7) eq 'sha256:');
1555 my $index1 = index ($line, ":", 7);
1557 next if $index1 < 1;
1559 $iter = substr ($line, 7, $index1 - 7);
1563 my $index2 = index ($line, ":", $index1 + 1);
1565 next if $index2 < 1;
1567 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1569 $salt = decode_base64
($salt);
1573 $index1 = index ($line, ":", $index2 + 1);
1575 next if $index1 < 1;
1577 # additional param = output len of pbkdf2
1579 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1581 my $digest = decode_base64
($digest64_encoded);
1583 $param = length ($digest);
1587 $word = substr ($line, $index1 + 1);
1588 $hash_in = substr ($line, 0, $index1);
1590 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1592 # PostgreSQL MD5 Authentication
1593 elsif ($mode == 11100)
1595 next unless (substr ($line, 0, 10) eq '$postgres$');
1597 my $index1 = index ($line, "*", 10);
1599 next if $index1 < 1;
1603 $param = substr ($line, 10, $index1 - 10);
1605 # get the 4 byte salt
1607 my $index2 = index ($line, "*", $index1 + 1);
1609 next if $index2 < 1;
1611 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1615 $index1 = index ($line, ":", $index2 + 1);
1617 next if $index1 < 1;
1619 $word = substr ($line, $index1 + 1);
1620 $hash_in = substr ($line, 0, $index1);
1622 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1624 # MySQL MD5 Authentication
1625 elsif ($mode == 11200)
1627 next unless (substr ($line, 0, 9) eq '$mysqlna$');
1629 my $index1 = index ($line, "*", 9);
1631 next if $index1 < 1;
1635 $salt = substr ($line, 9, $index1 - 9);
1639 $index1 = index ($line, ":", $index1 + 1);
1641 next if $index1 < 1;
1643 $word = substr ($line, $index1 + 1);
1644 $hash_in = substr ($line, 0, $index1);
1646 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1649 elsif ($mode == 2500)
1651 print "ERROR: verify currently not supported for WPA/WPA2 (because of oclHashcat's output format)\n";
1655 # Bitcoin/Litecoin wallet.dat
1656 elsif ($mode == 11300)
1658 print "ERROR: verify currently not supported for Bitcoin/Litecoin wallet.dat because of unknown crypt data\n";
1662 # SIP digest authentication (MD5)
1663 elsif ($mode == 11400)
1665 next unless (substr ($line, 0, 6) eq '$sip$*');
1669 my $index1 = index ($line, "*", 6);
1671 next if $index1 < 0;
1673 $param10 = substr ($line, 6, $index1 - 6);
1675 next if (length ($param10) > 32);
1679 my $index2 = index ($line, "*", $index1 + 1);
1681 next if $index2 < 0;
1683 $param11 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1685 next if (length ($param11) > 32);
1689 $index1 = index ($line, "*", $index2 + 1);
1691 next if $index1 < 0;
1693 $param = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1695 next if (length ($param) > 12);
1699 $index2 = index ($line, "*", $index1 + 1);
1701 next if $index2 < 0;
1703 $param2 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1705 next if (length ($param2) > 20);
1709 $index1 = index ($line, "*", $index2 + 1);
1711 next if $index1 < 0;
1713 $param6 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1715 next if (length ($param6) > 24);
1719 $index2 = index ($line, "*", $index1 + 1);
1721 next if $index2 < 0;
1723 $param7 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1725 next if (length ($param7) > 10);
1729 $index1 = index ($line, "*", $index2 + 1);
1731 next if $index1 < 0;
1733 $param8 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1735 next if (length ($param8) > 32);
1739 $index2 = index ($line, "*", $index1 + 1);
1741 next if $index2 < 0;
1743 $param9 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1745 next if (length ($param9) > 32);
1749 $index1 = index ($line, "*", $index2 + 1);
1751 next if $index1 < 0;
1753 $salt = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1755 next if (length ($salt) > 34);
1759 $index2 = index ($line, "*", $index1 + 1);
1761 next if $index2 < 0;
1763 $param4 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1765 next if (length ($param4) > 12);
1769 $index1 = index ($line, "*", $index2 + 1);
1771 next if $index1 < 0;
1773 $param3 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1775 next if (length ($param3) > 10);
1779 $index2 = index ($line, "*", $index1 + 1);
1781 next if $index2 < 0;
1783 $param5 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1785 next if (length ($param5) > 8);
1789 $index1 = index ($line, "*", $index2 + 1);
1791 next if $index1 < 0;
1793 my $directive = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1795 next unless ($directive eq "MD5");
1799 $index2 = index ($line, ":", $index1 + 1);
1801 next if $index2 < 0;
1803 my $hex_digest = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1805 next unless (length ($hex_digest) == 32);
1807 $word = substr ($line, $index2 + 1);
1808 $hash_in = substr ($line, 0, $index2);
1810 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1813 elsif ($mode == 11600)
1815 next unless (substr ($line, 0, 4) eq '$7z$');
1819 my $index1 = index ($line, '$', 4);
1821 next if $index1 < 0;
1823 my $p = substr ($line, 4, $index1 - 4);
1825 next unless ($p eq "0");
1829 my $index2 = index ($line, '$', $index1 + 1);
1831 next if $index2 < 0;
1833 $iter = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1835 # seven zip salt length
1837 $index1 = index ($line, '$', $index2 + 1);
1839 next if $index1 < 0;
1841 $param = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1845 $index2 = index ($line, '$', $index1 + 1);
1847 next if $index2 < 0;
1849 $param2 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1853 $index1 = index ($line, '$', $index2 + 1);
1855 next if $index1 < 0;
1857 $param3 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1861 $index2 = index ($line, '$', $index1 + 1);
1863 next if $index2 < 0;
1865 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1867 $salt = pack ("H*", $salt);
1871 $index1 = index ($line, '$', $index2 + 1);
1873 next if $index1 < 0;
1875 my $crc = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1877 # ignore this crc, we don't need to pass it to gen_hash ()
1881 $index2 = index ($line, '$', $index1 + 1);
1883 next if $index2 < 0;
1885 $param4 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1889 $index1 = index ($line, '$', $index2 + 1);
1891 next if $index1 < 0;
1893 $param5 = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1897 $index2 = index ($line, ':', $index1 + 1);
1899 next if $index2 < 0;
1901 $param6 = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1902 $param6 = pack ("H*", $param6);
1904 $word = substr ($line, $index2 + 1);
1905 $hash_in = substr ($line, 0, $index2);
1907 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1910 elsif ($mode == 11900)
1912 next unless (substr ($line, 0, 4) eq 'md5:');
1915 my $index1 = index ($line, ":", 4);
1917 next if $index1 < 1;
1919 $iter = substr ($line, 4, $index1 - 4);
1923 my $index2 = index ($line, ":", $index1 + 1);
1925 next if $index2 < 1;
1927 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1929 $salt = decode_base64
($salt);
1933 $index1 = index ($line, ":", $index2 + 1);
1935 next if $index1 < 1;
1937 # additional param = output len of pbkdf2
1939 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1941 my $digest = decode_base64
($digest64_encoded);
1943 $param = length ($digest);
1947 $word = substr ($line, $index1 + 1);
1948 $hash_in = substr ($line, 0, $index1);
1950 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1953 elsif ($mode == 12000)
1955 next unless (substr ($line, 0, 5) eq 'sha1:');
1958 my $index1 = index ($line, ":", 5);
1960 next if $index1 < 1;
1962 $iter = substr ($line, 5, $index1 - 5);
1966 my $index2 = index ($line, ":", $index1 + 1);
1968 next if $index2 < 1;
1970 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
1972 $salt = decode_base64
($salt);
1976 $index1 = index ($line, ":", $index2 + 1);
1978 next if $index1 < 1;
1980 # additional param = output len of pbkdf2
1982 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
1984 my $digest = decode_base64
($digest64_encoded);
1986 $param = length ($digest);
1990 $word = substr ($line, $index1 + 1);
1991 $hash_in = substr ($line, 0, $index1);
1993 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
1995 # PBKDF2-HMAC-SHA512
1996 elsif ($mode == 12100)
1998 next unless (substr ($line, 0, 7) eq 'sha512:');
2001 my $index1 = index ($line, ":", 7);
2003 next if $index1 < 1;
2005 $iter = substr ($line, 7, $index1 - 7);
2009 my $index2 = index ($line, ":", $index1 + 1);
2011 next if $index2 < 1;
2013 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
2015 $salt = decode_base64
($salt);
2019 $index1 = index ($line, ":", $index2 + 1);
2021 next if $index1 < 1;
2023 # additional param = output len of pbkdf2
2025 my $digest64_encoded = substr ($line, $index2 + 1, $index1 - $index2 - 1);
2027 my $digest = decode_base64
($digest64_encoded);
2029 $param = length ($digest);
2033 $word = substr ($line, $index1 + 1);
2034 $hash_in = substr ($line, 0, $index1);
2036 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2039 elsif ($mode == 12200)
2041 next unless (substr ($line, 0, 12) eq '$ecryptfs$0$');
2043 # check if default salt
2047 $param = 0 if (substr ($line, 12, 2) eq '1$');
2055 if ($param == 0) # we need to extract the salt
2057 $index1 = index ($line, '$', $index1);
2059 next if $index1 < 1;
2061 my $index2 = index ($line, '$', $index1 + 1);
2063 next if $index2 < 1;
2065 $salt = substr ($line, $index1 + 1, $index2 - $index1 - 1);
2070 $index1 = index ($line, ':', $index1 + 1);
2072 next if $index1 < 1;
2076 $word = substr ($line, $index1 + 1);
2077 $hash_in = substr ($line, 0, $index1);
2079 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2081 # Oracle T: Type (Oracle 12+)
2082 elsif ($mode == 12300)
2084 my $index1 = index ($line, ':');
2086 next if ($index1 != 160);
2090 $salt = substr ($line, 128, 32);
2094 $word = substr ($line, $index1 + 1);
2095 $hash_in = substr ($line, 0, $index1);
2097 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2099 # BSDiCrypt, Extended DES
2100 elsif ($mode == 12400)
2102 next unless (substr ($line, 0, 1) eq '_');
2104 my $index1 = index ($line, ':', 20);
2106 next if ($index1 != 20);
2110 $iter = substr ($line, 1, 4);
2112 $iter = base64_to_int24
($iter);
2116 $salt = substr ($line, 5, 4);
2120 $word = substr ($line, $index1 + 1);
2121 $hash_in = substr ($line, 0, $index1);
2123 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2125 # Blockchain, My Wallet
2126 elsif ($mode == 12700)
2128 my $index1 = index ($line, ':');
2130 next if ($index1 < 0);
2132 $hash_in = substr ($line, 0, $index1);
2133 $word = substr ($line, $index1 + 1);
2135 my (undef, $signature, $data_len, $data_buf) = split '\$', $hash_in;
2137 next unless ($signature eq "blockchain");
2139 next unless (($data_len * 2) == length $data_buf);
2141 $salt = substr ($data_buf, 0, 32);
2142 $param = substr ($data_buf, 32);
2144 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2146 elsif ($mode == 12800)
2148 ($hash_in, $word) = split ":", $line;
2150 next unless defined $hash_in;
2151 next unless defined $word;
2153 my @data = split /\,/, $hash_in;
2155 next unless scalar @data == 4;
2157 next unless (shift @data eq 'v1;PPH1_MD4');
2159 $salt = shift @data;
2160 $iter = shift @data;
2162 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2164 elsif ($mode == 12900)
2166 ($hash_in, $word) = split ":", $line;
2168 next unless defined $hash_in;
2169 next unless defined $word;
2171 next unless length $hash_in == 160;
2173 $param = substr ($hash_in, 0, 64);
2174 $salt = substr ($hash_in, 128, 32);
2177 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2179 elsif ($mode == 13000)
2183 ($hash_line, $word) = split ":", $line;
2185 next unless defined $hash_line;
2186 next unless defined $word;
2188 my @data = split ('\$', $hash_line);
2190 next unless scalar @data == 8;
2194 my $signature = shift @data;
2195 my $salt_len = shift @data;
2196 my $salt_buf = shift @data;
2197 my $iterations = shift @data;
2198 my $iv = shift @data;
2199 my $pswcheck_len = shift @data;
2200 my $pswcheck = shift @data;
2202 next unless ($signature eq "rar5");
2203 next unless ($salt_len == 16);
2204 next unless ($pswcheck_len == 8);
2207 $iter = $iterations;
2208 $hash_in = $pswcheck;
2211 next unless (exists ($db->{$hash_line}) and (! defined ($db->{$hash_line})));
2213 elsif ($mode == 13100 )
2215 ($hash_in, $word) = split ":", $line;
2217 next unless defined $hash_in;
2218 next unless defined $word;
2220 my @data = split ('\$', $hash_in);
2222 next unless scalar @data == 8;
2226 my $signature = shift @data;
2227 my $algorithm = shift @data;
2228 my $user = shift @data;
2229 $user = substr ($user, 1);
2230 my $realm = shift @data;
2231 my $spn = shift @data;
2232 $spn = substr ($spn, 0, length ($spn) - 1);
2233 my $checksum = shift @data;
2234 my $edata2 = shift @data;
2236 next unless ($signature eq "krb5tgs");
2237 next unless (length ($checksum) == 32);
2238 next unless (length ($edata2) >= 64);
2240 $salt = $user . '$' . $realm . '$' . $spn . '$' . substr ($edata2, 0, 16);
2242 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2244 elsif ($mode == 13200)
2246 ($hash_in, $word) = split ":", $line;
2248 next unless defined $hash_in;
2249 next unless defined $word;
2251 my @data = split ('\*', $hash_in);
2253 next unless scalar @data == 5;
2257 my $signature = shift @data;
2258 my $version = shift @data;
2259 my $iteration = shift @data;
2260 my $mysalt = shift @data;
2261 my $digest = shift @data;
2263 next unless ($signature eq '$axcrypt$');
2264 next unless (length ($mysalt) == 32);
2265 next unless (length ($digest) == 48);
2267 $salt = $iteration . '*' . $mysalt;
2269 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2271 elsif ($mode == 13300)
2273 ($hash_in, $word) = split ":", $line;
2275 next unless defined $hash_in;
2276 next unless defined $word;
2278 my @data = split ('\$', $hash_in);
2280 next unless scalar @data == 2;
2284 my $signature = shift @data;
2285 my $digest = shift @data;
2287 next unless ($signature eq '$axcrypt_sha1');
2288 next unless (length ($digest) == 32 || length ($digest) == 40);
2290 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2292 elsif ($mode == 13400)
2294 ($hash_in, $word) = split ":", $line;
2296 next unless defined $hash_in;
2297 next unless defined $word;
2299 my @data = split ('\*', $hash_in);
2301 next unless (scalar @data == 9
2302 || scalar @data == 11
2303 || scalar @data == 12
2304 || scalar @data == 14);
2306 my $signature = shift @data;
2307 next unless ($signature eq '$keepass$');
2309 my $version = shift @data;
2310 next unless ($version == 1 || $version == 2);
2312 my $iteration = shift @data;
2314 my $algorithm = shift @data;
2316 my $final_random_seed = shift @data;
2320 next unless (length ($final_random_seed) == 32);
2322 elsif ($version == 2)
2324 next unless (length ($final_random_seed) == 64);
2327 my $transf_random_seed = shift @data;
2328 next unless (length ($transf_random_seed) == 64);
2330 my $enc_iv = shift @data;
2331 next unless (length ($enc_iv) == 32);
2335 my $contents_hash = shift @data;
2336 next unless (length ($contents_hash) == 64);
2338 my $inline_flags = shift @data;
2339 next unless ($inline_flags == 1);
2341 my $contents_len = shift @data;
2343 my $contents = shift @data;
2344 next unless (length ($contents) == $contents_len * 2);
2346 elsif ($version == 2)
2348 my $expected_bytes = shift @data;
2349 next unless (length ($expected_bytes) == 64);
2351 my $contents_hash = shift @data;
2352 next unless (length ($contents_hash) == 64);
2355 if (scalar @data == 12 || scalar @data == 14)
2357 my $inline_flags = shift @data;
2358 next unless ($inline_flags == 1);
2360 my $keyfile_len = shift @data;
2361 next unless ($keyfile_len == 64);
2363 my $keyfile = shift @data;
2364 next unless (length ($keyfile) == $keyfile_len);
2367 $salt = substr ($hash_in, length ("*keepass*") + 1, length ($hash_in));
2369 next unless (exists ($db->{$hash_in}) and (! defined ($db->{$hash_in})));
2373 print "ERROR: hash mode is not supported\n";
2378 if ($word =~ m/^\$HEX\[[0-9a-fA-F]*\]$/)
2380 $word = pack ("H*", substr ($word, 5, -1));
2383 # finally generate the hash
2388 # check both variations
2389 $hash_out = gen_hash
($mode, $word, $salt, $iter, 1);
2391 $len = length $hash_out; # == length $alternative
2393 if (substr ($line, 0, $len) ne $hash_out)
2395 my $alternative = gen_hash
($mode, $word, $salt, $iter, 2);
2397 return unless (substr ($line, 0, $len) eq $alternative);
2400 elsif ($mode == 8700)
2402 $hash_out = gen_hash
($mode, $word, $salt, 0, $param);
2404 $len = length $hash_out;
2406 return unless (substr ($line, 0, $len) eq $hash_out);
2408 elsif ($mode == 8900)
2410 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2, $param3);
2412 $len = length $hash_out;
2414 return unless (substr ($line, 0, $len) eq $hash_out);
2416 elsif ($mode == 9100)
2418 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2420 $len = length $hash_out;
2422 return unless (substr ($line, 0, $len) eq $hash_out);
2424 elsif ($mode == 190)
2426 $hash_out = gen_hash
($mode, $word, $salt, $iter, 0);
2428 $len = length $hash_out; # == length $alternative
2430 if (substr ($line, 0, $len) ne $hash_out)
2432 my $alternative = gen_hash
($mode, $word, $salt, $iter, 1);
2434 return unless (substr ($line, 0, $len) eq $alternative);
2437 elsif ($mode == 3300)
2439 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2441 $len = length $hash_out;
2443 return unless (substr ($line, 0, $len) eq $hash_out);
2445 elsif ($mode == 5100)
2447 # check 3 variants (start, middle, end)
2451 $hash_out = gen_hash
($mode, $word, $salt, $iter, $idx++);
2453 $len = length $hash_out; # == length $alternative
2455 if (substr ($line, 0, $len) ne $hash_out)
2457 my $alternative = gen_hash
($mode, $word, $salt, $iter, $idx++);
2459 if (substr ($line, 0, $len) ne $alternative)
2461 my $alternative = gen_hash
($mode, $word, $salt, $iter, $idx++);
2463 return unless (substr ($line, 0, $len) eq $alternative);
2467 elsif ($mode == 9400)
2469 $hash_out = gen_hash
($mode, $word, $salt, 50000, $param, $param2);
2471 $len = length $hash_out;
2473 return unless (substr ($line, 0, $len) eq $hash_out);
2475 elsif ($mode == 9500)
2477 $hash_out = gen_hash
($mode, $word, $salt, 100000, $param);
2479 $len = length $hash_out;
2481 return unless (substr ($line, 0, $len) eq $hash_out);
2483 elsif ($mode == 9600)
2485 $hash_out = gen_hash
($mode, $word, $salt, 100000, $param);
2487 $len = length $hash_out;
2489 return unless (substr ($line, 0, $len) eq $hash_out);
2491 elsif ($mode == 9700)
2493 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2);
2495 $len = length $hash_out;
2497 return unless (substr ($line, 0, $len) eq $hash_out);
2499 elsif ($mode == 9800)
2501 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2);
2503 $len = length $hash_out;
2505 return unless (substr ($line, 0, $len) eq $hash_out);
2507 elsif ($mode == 10400)
2509 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2, $param3);
2511 $len = length $hash_out;
2513 return unless (substr ($line, 0, $len) eq $hash_out);
2515 elsif ($mode == 10500)
2517 $hash_out = gen_hash
($mode, $word, $salt, 0, $param, $param2, $param3, $param4, $param5, $param6);
2519 $len = length $hash_out;
2521 return unless (substr ($line, 0, $len) eq $hash_out);
2523 elsif ($mode == 10600)
2525 $hash_out = gen_hash
($mode, $word, $salt, 0, $param);
2527 $len = length $hash_out;
2529 return unless (substr ($line, 0, $len) eq $hash_out);
2531 elsif ($mode == 10700)
2533 $hash_out = gen_hash
($mode, $word, $salt, 0, $param);
2535 $len = length $hash_out;
2537 return unless (substr ($line, 0, $len) eq $hash_out);
2539 elsif ($mode == 10900)
2541 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2543 $len = length $hash_out;
2545 return unless (substr ($line, 0, $len) eq $hash_out);
2547 elsif ($mode == 11100)
2549 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2551 $len = length $hash_out;
2553 return unless (substr ($line, 0, $len) eq $hash_out);
2555 elsif ($mode == 11400)
2557 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param, $param2, $param3, $param4, $param5, $param6, $param7, $param8, $param9, $param10, $param11);
2559 $len = length $hash_out;
2561 return unless (substr ($line, 0, $len) eq $hash_out);
2563 elsif ($mode == 11600)
2565 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param, $param2, $param3, $param4, $param5, $param6);
2567 $len = length $hash_out;
2569 return unless (substr ($line, 0, $len) eq $hash_out);
2571 elsif ($mode == 11900)
2573 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2575 $len = length $hash_out;
2577 return unless (substr ($line, 0, $len) eq $hash_out);
2579 elsif ($mode == 12000)
2581 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2583 $len = length $hash_out;
2585 return unless (substr ($line, 0, $len) eq $hash_out);
2587 elsif ($mode == 12100)
2589 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2591 $len = length $hash_out;
2593 return unless (substr ($line, 0, $len) eq $hash_out);
2595 elsif ($mode == 12200)
2597 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2599 $len = length $hash_out;
2601 return unless (substr ($line, 0, $len) eq $hash_out);
2603 elsif ($mode == 12700)
2605 # this is very special, we can't call gen_hash () because the param part is not always the same
2606 # we only know that it should contain the letters "guid" at the beginning of the decryted string
2608 my $pbkdf2 = Crypt
::PBKDF2
->new (
2609 hash_class
=> 'HMACSHA1',
2614 my $salt_bin = pack ("H*", $salt);
2616 my $key = $pbkdf2->PBKDF2 ($salt_bin, $word);
2618 my $cipher = Crypt
::CBC
->new ({
2620 cipher
=> "Crypt::Rijndael",
2627 my $param_bin = pack ("H*", $param);
2629 my $decrypted = $cipher->decrypt ($param_bin);
2631 my $decrypted_part = substr ($decrypted, 1, 16);
2633 return unless ($decrypted_part =~ /"guid"/);
2635 $hash_out = $hash_in;
2637 elsif ($mode == 12900)
2639 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2641 $len = length $hash_out;
2643 return unless (substr ($line, 0, $len) eq $hash_out);
2645 elsif ($mode == 13000)
2647 $hash_out = gen_hash
($mode, $word, $salt, $iter, $param);
2649 $len = length $hash_out;
2651 return unless (substr ($line, 0, $len) eq $hash_out);
2653 elsif ($mode == 13100)
2655 $hash_out = gen_hash
($mode, $word, $salt);
2657 $len = length $hash_out;
2659 return unless (substr ($line, 0, $len) eq $hash_out);
2661 elsif ($mode == 13200)
2663 $hash_out = gen_hash
($mode, $word, $salt);
2665 $len = length $hash_out;
2667 return unless (substr ($line, 0, $len) eq $hash_out);
2669 elsif ($mode == 13400)
2671 $hash_out = gen_hash
($mode, $word, $salt);
2673 $len = length $hash_out;
2675 return unless (substr ($line, 0, $len) eq $hash_out);
2679 $hash_out = gen_hash
($mode, $word, $salt, $iter);
2681 $len = length $hash_out;
2686 # allow $P$ and $H$ for -m 400
2687 next unless (substr ($line, 3, $len - 3) eq substr ($hash_out, 3));
2689 elsif ($mode == 5600)
2691 # oclHashcat outputs the user name always upper-case, we need
2692 next unless (substr ($line, 0, $len) eq $hash_out);
2696 my $hash_out_lower = lc ($hash_out);
2698 for my $key (keys %{$db})
2700 if (lc ($key) eq $hash_out_lower)
2712 next unless (substr ($line, 0, $len) eq $hash_out);
2716 # do not forget "exists ($db->$hash_out)" should be done above!
2717 $db->{$hash_out} = $word;
2718 print OUT
$line . "\n";
2727 my $mode = shift || 0;
2729 while (my $word_buf = <>)
2733 next if length ($word_buf) > 31;
2741 for (my $i = 0; $i < 256; $i++)
2743 my $c = get_random_chr
(0x30, 0x39);
2745 push (@salt_arr, $c);
2748 my $salt_buf = join ("", @salt_arr);
2756 if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 133 || $mode == 190 || $mode == 200 || $mode == 300 || $mode == 600 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 6000 || $mode == 6100 || $mode == 6900 || $mode == 5700 || $mode == 9900 || $mode == 10800 || $mode == 11500 || $mode == 13300)
2758 $tmp_hash = gen_hash
($mode, $word_buf, "");
2760 elsif ($mode == 10 || $mode == 20 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 120 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1711 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 3610 || $mode == 3710 || $mode == 3711 || $mode == 3720 || $mode == 3800 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 4900 || $mode == 8900 || $mode == 10000 || $mode == 10200 || $mode == 10900 || $mode == 11900 || $mode == 12000 || $mode == 12100)
2762 my $salt_len = get_random_num
(1, 15);
2764 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2766 elsif ($mode == 11 || $mode == 12 || $mode == 7600 || $mode == 12300)
2768 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
2772 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 2));
2776 my $salt_len = get_random_num
(1, 11);
2778 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2780 elsif ($mode == 111 || $mode == 122 || $mode == 131 || $mode == 132 || $mode == 400 || $mode == 500 || $mode == 1600 || $mode == 1722 || $mode == 1731 || $mode == 1800 || $mode == 6300 || $mode == 7900 || $mode == 8100 || $mode == 11100)
2782 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 8));
2784 elsif ($mode == 112)
2786 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 20));
2788 elsif ($mode == 121)
2790 my $salt_len = get_random_num
(1, 9);
2792 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2794 elsif ($mode == 141 || $mode == 1441)
2796 my $salt_len = get_random_num
(1, 15);
2798 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2800 elsif ($mode == 1100)
2802 my $salt_len = get_random_num
(1, 19);
2804 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2806 elsif ($mode == 1500)
2808 next if length ($word_buf) > 8;
2810 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 2));
2812 elsif ($mode == 2100)
2814 next if length ($word_buf) > 13;
2816 my $salt_len = get_random_num
(1, 19);
2818 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2820 elsif ($mode == 2410)
2822 next if length ($word_buf) > 15;
2824 my $salt_len = get_random_num
(1, 15);
2826 my $word_len = length ($word_buf);
2828 $salt_len = min
($salt_len, 15 - $word_len);
2830 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2832 elsif ($mode == 2500)
2834 next if length ($word_buf) < 8;
2836 my $salt_len = get_random_num
(0, 32);
2838 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2840 elsif ($mode == 2611)
2842 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 3));
2844 elsif ($mode == 2612)
2846 my $salt_len = get_random_num
(1, 22);
2848 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2850 elsif ($mode == 2711)
2852 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 30));
2854 elsif ($mode == 2811)
2856 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 5));
2858 elsif ($mode == 3000)
2860 next if length ($word_buf) > 7;
2862 $tmp_hash = gen_hash
($mode, $word_buf, "");
2864 elsif ($mode == 3100)
2866 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 10));
2868 elsif ($mode == 3200 || $mode == 5800 || $mode == 6400 || $mode == 6500 || $mode == 6700 || $mode == 7400 || $mode == 3300 || $mode == 8000 || $mode == 9100 || $mode == 12200)
2870 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 16));
2872 elsif ($mode == 3800 || $mode == 4900)
2874 my $salt_len = get_random_num
(1, 11);
2876 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2878 elsif ($mode == 4800)
2880 $salt_buf = get_random_md5chap_salt
(substr ($salt_buf, 0, 16));
2882 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2884 elsif ($mode == 5300 || $mode == 5400)
2886 $salt_buf = get_random_ike_salt
();
2888 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2890 elsif ($mode == 5500)
2892 my $user_len = get_random_num
(0, 15);
2893 my $domain_len = get_random_num
(0, 15);
2895 $salt_buf = get_random_netntlmv1_salt
($user_len, $domain_len);
2897 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2899 elsif ($mode == 5600)
2901 my $user_len = get_random_num
(0, 15);
2902 my $domain_len = get_random_num
(0, 15);
2904 $salt_buf = get_random_netntlmv2_salt
($user_len, $domain_len);
2906 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2908 elsif ($mode == 6600)
2910 $salt_buf = get_random_agilekeychain_salt
();
2912 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2914 elsif ($mode == 6800)
2916 my $email_len = get_random_num
(1, 15);
2920 for (my $i = 0; $i < $email_len; $i++)
2922 $email .= get_random_chr
(0x61, 0x7a);
2925 $email .= '@trash-mail.com';
2927 $tmp_hash = gen_hash
($mode, $word_buf, $email);
2929 elsif ($mode == 7100)
2931 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 64));
2933 elsif ($mode == 7200)
2935 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 128));
2937 elsif ($mode == 7300)
2939 my $salt_len = get_random_num
(32, 256);
2941 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2943 elsif ($mode == 7500)
2945 $salt_buf = get_random_kerberos5_salt
(substr ($salt_buf, 0, 16));
2947 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2949 elsif ($mode == 7700)
2951 next if length ($word_buf) > 8;
2953 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 12));
2955 elsif ($mode == 7800)
2957 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 12));
2959 elsif ($mode == 8200)
2961 $salt_buf = get_random_cloudkeychain_salt
();
2963 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2965 elsif ($mode == 8300)
2967 $salt_buf = get_random_dnssec_salt
();
2969 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
2971 elsif ($mode == 8400 || $mode == 11200)
2973 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 40));
2975 elsif ($mode == 8500)
2977 next if length ($word_buf) > 8;
2979 my $salt_len = get_random_num
(1, 9);
2981 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2983 elsif ($mode == 8600)
2985 next if length ($word_buf) > 16;
2987 $tmp_hash = gen_hash
($mode, $word_buf, "");
2989 elsif ($mode == 8700)
2991 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 5));
2993 elsif ($mode == 9200 || $mode == 9300)
2997 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
2999 elsif ($mode == 9400 || $mode == 9500 || $mode == 9600 || $mode == 9700 || $mode == 9800)
3001 next if length ($word_buf) > 19;
3005 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3007 elsif ($mode == 10100)
3009 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
3011 elsif ($mode == 10300)
3013 my $salt_len = get_random_num
(4, 15);
3015 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3017 elsif ($mode == 10400)
3019 next if length ($word_buf) > 31;
3023 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3025 elsif ($mode == 10500)
3027 next if length ($word_buf) > 15;
3031 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3033 elsif ($mode == 10600)
3035 next if length ($word_buf) > 31;
3039 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3041 elsif ($mode == 10700)
3043 next if length ($word_buf) > 15;
3047 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3049 elsif ($mode == 11000)
3051 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 56));
3053 elsif ($mode == 11300)
3055 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 16));
3057 elsif ($mode == 11400)
3059 next if length ($word_buf) > 24;
3061 my $salt_len = get_random_num
(1, 15);
3063 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3065 elsif ($mode == 11600)
3067 my $salt_len = get_random_num
(0, 16);
3069 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, $salt_len));
3071 elsif ($mode == 12400)
3073 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 4));
3075 elsif ($mode == 12600)
3077 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 64));
3079 elsif ($mode == 12700)
3081 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
3083 elsif ($mode == 12800)
3085 next if length ($word_buf) > 24;
3087 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 20));
3089 elsif ($mode == 12900)
3091 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
3093 elsif ($mode == 13000)
3095 $tmp_hash = gen_hash
($mode, $word_buf, substr ($salt_buf, 0, 32));
3097 elsif ($mode == 13100)
3099 $salt_buf = get_random_kerberos5_tgs_salt
();
3101 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
3103 elsif ($mode == 13200)
3105 $salt_buf = get_random_axcrypt_salt
();
3107 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
3109 elsif ($mode == 13400)
3111 $salt_buf = get_random_keepass_salt
();
3113 $tmp_hash = gen_hash
($mode, $word_buf, $salt_buf);
3117 print "ERROR: Unsupported hash type\n";
3122 print $tmp_hash, "\n";
3135 for (my $j = 0; $j < scalar @modes; $j++)
3137 my $mode = $modes[$j];
3139 if ($mode == 0 || $mode == 100 || $mode == 101 || $mode == 133 || $mode == 190 || $mode == 200 || $mode == 300 || $mode == 600 || $mode == 900 || $mode == 1000 || $mode == 1400 || $mode == 1700 || $mode == 2400 || $mode == 2600 || $mode == 3500 || $mode == 4300 || $mode == 4400 || $mode == 4500 || $mode == 4600 || $mode == 4700 || $mode == 5000 || $mode == 5100 || $mode == 5300 || $mode == 5400 || $mode == 6000 || $mode == 6100 || $mode == 6600 || $mode == 6900 || $mode == 5700 || $mode == 8200 || $mode == 8300 || $mode == 9900 || $mode == 10800 || $mode == 11500 || $mode == 13300)
3141 for (my $i = 1; $i < 32; $i++)
3145 rnd
($mode, $len, 0);
3153 elsif ($mode == 10 || $mode == 20 || $mode == 23 || $mode == 30 || $mode == 40 || $mode == 50 || $mode == 60 || $mode == 110 || $mode == 120 || $mode == 121 || $mode == 130 || $mode == 140 || $mode == 150 || $mode == 160 || $mode == 1410 || $mode == 1420 || $mode == 1430 || $mode == 1440 || $mode == 1450 || $mode == 1460 || $mode == 1710 || $mode == 1711 || $mode == 1720 || $mode == 1730 || $mode == 1740 || $mode == 1750 || $mode == 1760 || $mode == 2410 || $mode == 3610 || $mode == 3710 || $mode == 3711 || $mode == 3720 || $mode == 3910 || $mode == 4010 || $mode == 4110 || $mode == 4210 || $mode == 8900 || $mode == 10000 || $mode == 10200 || $mode == 10900 || $mode == 11900 || $mode == 12000 || $mode == 12100)
3155 my $salt_len = get_random_num
(1, 15);
3157 for (my $i = 1; $i < 32; $i++)
3161 rnd
($mode, $len, $salt_len);
3165 rnd
($mode, $i, $salt_len);
3169 elsif ($mode == 11 || $mode == 12 || $mode == 7600 || $mode == 12300)
3171 for (my $i = 1; $i < 32; $i++)
3175 rnd
($mode, $len, 32);
3179 rnd
($mode, $i, 32);
3183 elsif ($mode == 21 || $mode == 22)
3185 for (my $i = 1; $i < 32; $i++)
3189 rnd
($mode, $len, 2);
3197 elsif ($mode == 111 || $mode == 122 || $mode == 131 || $mode == 132 || $mode == 400 || $mode == 500 || $mode == 1600 || $mode == 1722 || $mode == 1731 || $mode == 6300 || $mode == 7900 || $mode == 8100 || $mode == 11100)
3199 for (my $i = 1; $i < 32; $i++)
3203 rnd
($mode, $len, 8);
3211 elsif ($mode == 112)
3213 for (my $i = 1; $i < 32; $i++)
3217 rnd
($mode, $len, 20);
3221 rnd
($mode, $i, 20);
3225 elsif ($mode == 141 || $mode == 3300 || $mode == 1441 || $mode == 1800 || $mode == 3200 || $mode == 4800 || $mode == 6400 || $mode == 6500 || $mode == 6700 || $mode == 7400 || $mode == 8000 || $mode == 9100 || $mode == 12200)
3227 for (my $i = 1; $i < 32; $i++)
3231 rnd
($mode, $len, 16);
3235 rnd
($mode, $i, 16);
3241 my $salt_len = get_random_num
(1, 19);
3243 for (my $i = 1; $i < 32; $i++)
3247 rnd
($mode, $len, $salt_len);
3251 rnd
($mode, $i, $salt_len);
3255 elsif ($mode == 1500)
3257 for (my $i = 1; $i < 9; $i++)
3261 rnd
($mode, $len, 2);
3269 elsif ($mode == 2100)
3271 my $salt_len = get_random_num
(1, 19);
3273 for (my $i = 1; $i < 13; $i++)
3277 rnd
($mode, $len, $salt_len);
3281 rnd
($mode, $i, $salt_len);
3285 elsif ($mode == 2500)
3287 my $salt_len = get_random_num
(0, 32);
3289 for (my $i = 8; $i < 16; $i++)
3291 my $generate_from_len = 0;
3300 rnd
($mode, $len, $salt_len);
3304 rnd
($mode, $i, $salt_len);
3308 elsif ($mode == 2611)
3310 for (my $i = 1; $i < 32; $i++)
3314 rnd
($mode, $len, 3);
3322 elsif ($mode == 2612)
3324 my $salt_len = get_random_num
(1, 22);
3326 for (my $i = 1; $i < 32; $i++)
3330 rnd
($mode, $len, $salt_len);
3334 rnd
($mode, $i, $salt_len);
3338 elsif ($mode == 2711)
3340 for (my $i = 1; $i < 32; $i++)
3344 rnd
($mode, $len, 30);
3348 rnd
($mode, $i, 30);
3352 elsif ($mode == 2811)
3354 for (my $i = 1; $i < 32; $i++)
3358 rnd
($mode, $len, 5);
3366 elsif ($mode == 3000)
3368 for (my $i = 1; $i < 8; $i++)
3372 rnd
($mode, $len, 0);
3380 elsif ($mode == 3100)
3382 for (my $i = 1; $i < 32; $i++)
3386 rnd
($mode, $len, 10);
3390 rnd
($mode, $i, 10);
3394 elsif ($mode == 3800 || $mode == 4900)
3396 my $salt_len = get_random_num
(1, 11);
3398 for (my $i = 1; $i < 32; $i++)
3402 rnd
($mode, $len, $salt_len);
3406 rnd
($mode, $i, $salt_len);
3410 elsif ($mode == 5500 || $mode == 5600)
3414 for (my $i = 1; $i < 27; $i++)
3416 $salt_len = get_random_num
(1, 15);
3420 rnd
($mode, $len, $salt_len);
3424 rnd
($mode, $i, $salt_len);
3428 elsif ($mode == 5800)
3430 for (my $i = 1; $i < 14; $i++)
3434 rnd
($mode, $len, 16);
3438 rnd
($mode, $i, 16);
3442 elsif ($mode == 6800)
3444 my $salt_len = get_random_num
(8, 25);
3446 for (my $i = 1; $i < 32; $i++)
3450 rnd
($mode, $len, $salt_len);
3454 rnd
($mode, $i, $salt_len);
3458 elsif ($mode == 7100)
3460 for (my $i = 1; $i < 32; $i++)
3464 rnd
($mode, $len, 64);
3468 rnd
($mode, $i, 64);
3472 elsif ($mode == 7200)
3474 for (my $i = 1; $i < 32; $i++)
3478 rnd
($mode, $len, 128);
3482 rnd
($mode, $i, 128);
3486 elsif ($mode == 7300)
3488 my $salt_len = get_random_num
(32, 255);
3490 for (my $i = 1; $i < 32; $i++)
3494 rnd
($mode, $len, $salt_len);
3498 rnd
($mode, $i, $salt_len);
3502 elsif ($mode == 7500)
3504 for (my $i = 1; $i < 27; $i++)
3508 rnd
($mode, $len, 16);
3512 rnd
($mode, $i, 16);
3516 elsif ($mode == 7700)
3518 my $salt_len = get_random_num
(1, 12);
3520 for (my $i = 1; $i < 9; $i++)
3524 rnd
($mode, $len, $salt_len);
3528 rnd
($mode, $i, $salt_len);
3532 elsif ($mode == 7800)
3534 my $salt_len = get_random_num
(1, 12);
3536 for (my $i = 1; $i < 32; $i++)
3540 rnd
($mode, $len, $salt_len);
3544 rnd
($mode, $i, $salt_len);
3548 elsif ($mode == 8400 || $mode == 11200)
3550 for (my $i = 1; $i < 32; $i++)
3554 rnd
($mode, $len, 40);
3558 rnd
($mode, $i, 40);
3562 elsif ($mode == 8500)
3564 my $salt_len = get_random_num
(1, 8);
3566 for (my $i = 1; $i < 9; $i++)
3570 rnd
($mode, $len, $salt_len);
3574 rnd
($mode, $i, $salt_len);
3578 elsif ($mode == 8600)
3580 for (my $i = 1; $i < 17; $i++)
3584 rnd
($mode, $len, 0);
3592 elsif ($mode == 8700)
3594 for (my $i = 1; $i < 32; $i++)
3598 rnd
($mode, $len, 5);
3606 elsif ($mode == 9200 || $mode == 9300)
3610 for (my $i = 1; $i < 32; $i++)
3614 rnd
($mode, $len, $salt_len);
3618 rnd
($mode, $i, $salt_len);
3622 elsif ($mode == 9400 || $mode == 9500 || $mode == 9600 || $mode == 9700 || $mode == 9800)
3626 for (my $i = 1; $i < 20; $i++)
3630 rnd
($mode, $len, $salt_len);
3634 rnd
($mode, $i, $salt_len);
3638 elsif ($mode == 10100)
3640 for (my $i = 1; $i < 32; $i++)
3644 rnd
($mode, $len, 32);
3648 rnd
($mode, $i, 32);
3652 elsif ($mode == 10300)
3654 my $salt_len = get_random_num
(4, 15);
3656 for (my $i = 1; $i < 32; $i++)
3660 rnd
($mode, $len, $salt_len);
3664 rnd
($mode, $i, $salt_len);
3668 elsif ($mode == 10400 || $mode == 10600)
3672 for (my $i = 1; $i < 32; $i++)
3676 rnd
($mode, $len, $salt_len);
3680 rnd
($mode, $i, $salt_len);
3684 elsif ($mode == 10500 || $mode == 10700)
3688 for (my $i = 1; $i < 16; $i++)
3692 rnd
($mode, $len, $salt_len);
3696 rnd
($mode, $i, $salt_len);
3700 elsif ($mode == 11000)
3702 for (my $i = 1; $i < 32; $i++)
3706 rnd
($mode, $len, 56);
3710 rnd
($mode, $i, 56);
3714 elsif ($mode == 11300)
3716 for (my $i = 1; $i < 32; $i++)
3720 rnd
($mode, $len, 16);
3724 rnd
($mode, $i, 16);
3728 elsif ($mode == 11400)
3730 for (my $i = 1; $i < 24; $i++)
3734 rnd
($mode, $len, 16);
3738 rnd
($mode, $i, 16);
3742 elsif ($mode == 11600)
3744 my $salt_len = get_random_num
(0, 16);
3746 for (my $i = 1; $i < 32; $i++)
3750 rnd
($mode, $len, $salt_len);
3754 rnd
($mode, $i, $salt_len);
3758 elsif ($mode == 12400)
3760 for (my $i = 1; $i < 32; $i++)
3764 rnd
($mode, $len, 4);
3772 elsif ($mode == 12600)
3774 for (my $i = 1; $i < 32; $i++)
3778 rnd
($mode, $len, 64);
3782 rnd
($mode, $i, 64);
3786 elsif ($mode == 12700)
3788 for (my $i = 1; $i < 32; $i++)
3792 rnd
($mode, $len, 32);
3796 rnd
($mode, $i, 32);
3800 elsif ($mode == 12800)
3802 for (my $i = 1; $i < 25; $i++)
3806 rnd
($mode, $len, 20);
3810 rnd
($mode, $i, 20);
3814 elsif ($mode == 12900)
3816 for (my $i = 1; $i < 32; $i++)
3820 rnd
($mode, $len, 32);
3824 rnd
($mode, $i, 32);
3828 elsif ($mode == 13000)
3830 for (my $i = 1; $i < 32; $i++)
3834 rnd
($mode, $len, 32);
3838 rnd
($mode, $i, 32);
3842 elsif ($mode == 13100)
3844 for (my $i = 1; $i < 27; $i++)
3848 rnd
($mode, $len, 16);
3852 rnd
($mode, $i, 16);
3856 elsif ($mode == 13200)
3858 for (my $i = 1; $i < 32; $i++)
3862 rnd
($mode, $len, 32);
3866 rnd
($mode, $i, 32);
3870 elsif ($mode == 13400)
3872 for (my $i = 1; $i < 16; $i++)
3876 rnd
($mode, $len, 16);
3880 rnd
($mode, $i, 16);
3893 my $word_buf = shift;
3895 my $salt_buf = shift;
3899 my $additional_param = shift;
3901 my $additional_param2 = shift;
3903 my $additional_param3 = shift;
3905 my $additional_param4 = shift;
3907 my $additional_param5 = shift;
3909 my $additional_param6 = shift;
3911 my $additional_param7 = shift;
3913 my $additional_param8 = shift;
3915 my $additional_param9 = shift;
3917 my $additional_param10 = shift;
3919 my $additional_param11 = shift;
3931 $hash_buf = md5_hex
($word_buf);
3933 $tmp_hash = sprintf ("%s", $hash_buf);
3937 $hash_buf = md5_hex
($word_buf . $salt_buf);
3939 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3943 $hash_buf = md5_hex
($word_buf . $salt_buf);
3945 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3949 $hash_buf = md5_hex
($word_buf . $salt_buf);
3951 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3955 $hash_buf = md5_hex
($salt_buf . $word_buf);
3957 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3961 $hash_buf = md5_hex
($salt_buf . $word_buf);
3963 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
3967 my $itoa64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
3968 my $salt_suffix = "Administration Tools";
3970 my $pass = sprintf ("%s:%s:%s", $salt_buf, $salt_suffix, $word_buf);
3972 $hash_buf = md5
($pass);
3976 for (my $pos = 0; $pos < 16; $pos += 2)
3978 my $octet1 = ord (substr ($hash_buf, $pos + 0, 1));
3979 my $octet2 = ord (substr ($hash_buf, $pos + 1, 1));
3981 my $num = ($octet1 <<8 & 0xff00) | ($octet2 & 0xff);
3983 my $idx1 = $num >> 12 & 0x0f;
3984 my $idx2 = $num >> 6 & 0x3f;
3985 my $idx3 = $num & 0x3f;
3987 $res = $res . substr ($itoa64, $idx1, 1) . substr ($itoa64, $idx2, 1) . substr ($itoa64, $idx3, 1);
3990 my $obfuscate_str = "nrcstn";
3991 my @obfuscate_pos = (0, 6, 12, 17, 23, 29);
3993 foreach my $pos (keys @obfuscate_pos)
3995 my $idx = $obfuscate_pos[$pos];
3996 my $before = substr ($res, 0, $idx);
3997 my $char = substr ($obfuscate_str, $pos, 1);
3998 my $after = substr ($res, $idx);
4000 $res = sprintf ("%s%s%s", $before, $char, $after);
4003 $tmp_hash = sprintf ("%s:%s", $res, $salt_buf);
4007 $hash_buf = md5_hex
($salt_buf . "\nskyper\n" . $word_buf);
4009 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4013 $hash_buf = md5_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
4015 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4019 $hash_buf = md5_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
4021 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4025 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&md5
, 64);
4027 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4031 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&md5
, 64);
4033 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4035 elsif ($mode == 100)
4037 $hash_buf = sha1_hex
($word_buf);
4039 $tmp_hash = sprintf ("%s", $hash_buf);
4041 elsif ($mode == 101)
4043 $hash_buf = sha1
($word_buf);
4045 my $base64_buf = encode_base64
($hash_buf);
4047 chomp ($base64_buf);
4049 $tmp_hash = sprintf ("{SHA}%s", $base64_buf);
4051 elsif ($mode == 110)
4053 $hash_buf = sha1_hex
($word_buf . $salt_buf);
4055 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4057 elsif ($mode == 111)
4059 $hash_buf = sha1
($word_buf . $salt_buf);
4061 my $base64_buf = encode_base64
($hash_buf . $salt_buf);
4063 chomp ($base64_buf);
4065 $tmp_hash = sprintf ("{SSHA}%s", $base64_buf);
4067 elsif ($mode == 112)
4069 my $salt_buf_bin = pack ("H*", $salt_buf);
4071 $hash_buf = sha1_hex
($word_buf . $salt_buf_bin);
4073 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4075 elsif ($mode == 120)
4077 $hash_buf = sha1_hex
($salt_buf . $word_buf);
4079 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4081 elsif ($mode == 121)
4083 $hash_buf = sha1_hex
(lc ($salt_buf) . $word_buf);
4085 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4087 elsif ($mode == 122)
4089 my $salt_buf_bin = pack ("H*", $salt_buf);
4091 $hash_buf = sha1_hex
($salt_buf_bin . $word_buf);
4093 $tmp_hash = sprintf ("%s%s", $salt_buf, $hash_buf);
4095 elsif ($mode == 130)
4097 $hash_buf = sha1_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
4099 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4101 elsif ($mode == 131)
4103 my $salt_buf_bin = pack ("H*", $salt_buf);
4105 $hash_buf = sha1_hex
(encode
("UTF-16LE", uc ($word_buf)) . $salt_buf_bin);
4107 $tmp_hash = sprintf ("0x0100%s%s%s", $salt_buf, "0" x
40, $hash_buf);
4109 elsif ($mode == 132)
4111 my $salt_buf_bin = pack ("H*", $salt_buf);
4113 $hash_buf = sha1_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf_bin);
4115 $tmp_hash = sprintf ("0x0100%s%s", $salt_buf, $hash_buf);
4117 elsif ($mode == 133)
4119 $hash_buf = sha1
(encode
("UTF-16LE", $word_buf));
4121 $hash_buf = encode_base64
($hash_buf);
4122 $hash_buf =~ s/[\r\n]//g;
4124 $tmp_hash = sprintf ("%s", $hash_buf);
4126 elsif ($mode == 140)
4128 $hash_buf = sha1_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
4130 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4132 elsif ($mode == 141)
4134 $hash_buf = sha1
($salt_buf . encode
("UTF-16LE", $word_buf));
4136 my $base64_salt_buf = encode_base64
($salt_buf);
4138 chomp ($base64_salt_buf);
4140 my $base64_hash_buf = encode_base64
($hash_buf);
4142 $base64_hash_buf = substr ($base64_hash_buf, 0, 27);
4144 $tmp_hash = sprintf ("\$episerver\$*0*%s*%s", $base64_salt_buf, $base64_hash_buf);
4146 elsif ($mode == 150)
4148 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha1
, 64);
4150 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4152 elsif ($mode == 160)
4154 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&sha1
, 64);
4156 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4158 elsif ($mode == 190)
4160 $hash_buf = sha1_hex
($word_buf);
4162 my $variant = int (rand (2));
4164 if (defined ($additional_param))
4166 $variant = $additional_param;
4171 substr ($hash_buf, 0, 5) = "00000";
4174 $tmp_hash = sprintf ("%s", $hash_buf);
4176 elsif ($mode == 200)
4178 my $ppr = Authen
::Passphrase
::MySQL323
->new (passphrase
=> $word_buf);
4180 $hash_buf = $ppr->hash_hex;
4182 $tmp_hash = sprintf ("%s", $hash_buf);
4184 elsif ($mode == 300)
4186 $hash_buf = substr (password41
($word_buf), 1);
4188 $hash_buf = lc ($hash_buf); # useful for 'not matched' check only
4190 $tmp_hash = sprintf ("%s", $hash_buf);
4192 elsif ($mode == 400)
4201 my $ppr = Authen
::Passphrase
::PHPass
->new
4205 passphrase
=> $word_buf,
4208 $hash_buf = $ppr->as_rfc2307;
4210 $tmp_hash = sprintf ("%s", substr ($hash_buf, 7));
4212 elsif ($mode == 500)
4214 my $iterations = 1000;
4216 if (defined ($iter))
4220 $iterations = int ($iter);
4224 $hash_buf = md5_crypt
('$1$', $iterations, $word_buf, $salt_buf);
4226 $tmp_hash = sprintf ("%s", $hash_buf);
4228 elsif ($mode == 900)
4230 $hash_buf = md4_hex
($word_buf);
4232 $tmp_hash = sprintf ("%s", $hash_buf);
4234 elsif ($mode == 1000)
4236 $hash_buf = md4_hex
(encode
("UTF-16LE", $word_buf));
4238 $tmp_hash = sprintf ("%s", $hash_buf);
4240 elsif ($mode == 1100)
4242 $hash_buf = md4_hex
(md4
(encode
("UTF-16LE", $word_buf)) . encode
("UTF-16LE", lc ($salt_buf)));
4244 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4246 elsif ($mode == 1400)
4248 $hash_buf = sha256_hex
($word_buf);
4250 $tmp_hash = sprintf ("%s", $hash_buf);
4252 elsif ($mode == 1410)
4254 $hash_buf = sha256_hex
($word_buf . $salt_buf);
4256 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4258 elsif ($mode == 1420)
4260 $hash_buf = sha256_hex
($salt_buf . $word_buf);
4262 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4264 elsif ($mode == 1430)
4266 $hash_buf = sha256_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
4268 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4270 elsif ($mode == 1440)
4272 $hash_buf = sha256_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
4274 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4276 elsif ($mode == 1441)
4278 $hash_buf = sha256
($salt_buf . encode
("UTF-16LE", $word_buf));
4280 my $base64_salt_buf = encode_base64
($salt_buf);
4282 chomp ($base64_salt_buf);
4284 my $base64_hash_buf = encode_base64
($hash_buf);
4286 chomp ($base64_hash_buf);
4288 $base64_hash_buf = substr ($base64_hash_buf, 0, 43);
4290 $tmp_hash = sprintf ("\$episerver\$*1*%s*%s", $base64_salt_buf, $base64_hash_buf);
4292 elsif ($mode == 1450)
4294 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha256
, 64);
4296 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4298 elsif ($mode == 1460)
4300 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&sha256
, 64);
4302 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4304 elsif ($mode == 1500)
4306 $hash_buf = crypt ($word_buf, $salt_buf);
4308 $tmp_hash = sprintf ("%s", $hash_buf);
4310 elsif ($mode == 1600)
4312 my $iterations = 1000;
4314 if (defined ($iter))
4318 $iterations = int ($iter);
4322 $hash_buf = md5_crypt
('$apr1$', $iterations, $word_buf, $salt_buf);
4324 $tmp_hash = sprintf ("%s", $hash_buf);
4326 elsif ($mode == 1700)
4328 $hash_buf = sha512_hex
($word_buf);
4330 $tmp_hash = sprintf ("%s", $hash_buf);
4332 elsif ($mode == 1710)
4334 $hash_buf = sha512_hex
($word_buf . $salt_buf);
4336 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4338 elsif ($mode == 1711)
4340 $hash_buf = sha512_hex
($word_buf . $salt_buf);
4342 my $base64_buf = encode_base64
(pack ("H*", $hash_buf) . $salt_buf);
4344 $base64_buf =~ s/[ \n]//g;
4346 $tmp_hash = sprintf ("{SSHA512}%s", $base64_buf);
4348 elsif ($mode == 1720)
4350 $hash_buf = sha512_hex
($salt_buf . $word_buf);
4352 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4354 elsif ($mode == 1730)
4356 $hash_buf = sha512_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf);
4358 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4360 elsif ($mode == 1740)
4362 $hash_buf = sha512_hex
($salt_buf . encode
("UTF-16LE", $word_buf));
4364 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4366 elsif ($mode == 1722)
4368 my $salt_buf_bin = pack ("H*", $salt_buf);
4370 $hash_buf = sha512_hex
($salt_buf_bin . $word_buf);
4372 $tmp_hash = sprintf ("%s%s", $salt_buf, $hash_buf);
4374 elsif ($mode == 1731)
4376 my $salt_buf_bin = pack ("H*", $salt_buf);
4378 $hash_buf = sha512_hex
(encode
("UTF-16LE", $word_buf) . $salt_buf_bin);
4380 $tmp_hash = sprintf ("0x0200%s%s", $salt_buf, $hash_buf);
4382 elsif ($mode == 1750)
4384 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha512
, 128);
4386 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4388 elsif ($mode == 1760)
4390 $hash_buf = hmac_hex
($word_buf, $salt_buf, \
&sha512
, 128);
4392 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4394 elsif ($mode == 1800)
4396 my $iterations = 5000;
4398 if (defined ($iter))
4402 $iterations = int ($iter);
4406 $hash_buf = sha512_crypt
($iterations, $word_buf, $salt_buf);
4408 $tmp_hash = sprintf ("%s", $hash_buf);
4410 elsif ($mode == 2100)
4412 my $iterations = 10240;
4416 $iterations = int ($iter);
4419 my $salt = encode
("UTF-16LE", lc ($salt_buf));
4421 my $pbkdf2 = Crypt
::PBKDF2
->new
4423 hash_class
=> 'HMACSHA1',
4424 iterations
=> $iterations,
4426 salt_len
=> length ($salt),
4429 $hash_buf = unpack ("H*", $pbkdf2->PBKDF2 ($salt, md4
(md4
(encode
("UTF-16LE", $word_buf)) . $salt)));
4431 $tmp_hash = sprintf ("\$DCC2\$%i#%s#%s", $iterations, $salt_buf, $hash_buf);
4433 elsif ($mode == 2400)
4435 $tmp_hash = sprintf ("%s", pseudo_base64
(Digest
::MD5
::md5
($word_buf . "\0" x
(16 - length ($word_buf)))));
4437 elsif ($mode == 2410)
4439 my $salt_len = length ($salt_buf);
4441 my $salt_len_max4 = ($salt_len < 4) ?
$salt_len : 4;
4443 my $hash_buf = pseudo_base64
(Digest
::MD5
::md5
($word_buf . substr ($salt_buf, 0, $salt_len_max4) . "\0" x
(16 - length ($word_buf) - $salt_len_max4)));
4445 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4447 elsif ($mode == 2500)
4449 my ($bssid, $stmac, $snonce, $anonce, $eapol, $keyver, $eapol_size);
4451 if (! defined ($additional_param))
4455 $bssid = randbytes
(6);
4456 $stmac = randbytes
(6);
4457 $snonce = randbytes
(32);
4458 $anonce = randbytes
(32);
4460 $keyver = get_random_num
(1, 3); # 1 or 2
4463 # should be "validly" generated, but in theory could be anything for us also:
4464 # $eapol = "\x00" x 121; # works too, but let's generate it correctly
4466 $eapol = gen_random_wpa_eapol
($keyver, $snonce);
4470 $bssid = $additional_param;
4471 $stmac = $additional_param2;
4472 $snonce = $additional_param3;
4473 $anonce = $additional_param4;
4474 $keyver = $additional_param5;
4475 $eapol = $additional_param6;
4478 $eapol_size = length ($eapol);
4482 my $iterations = 4096;
4488 # generate the Pairwise Master Key (PMK)
4490 my $pbkdf2 = Crypt
::PBKDF2
->new
4492 hash_class
=> 'HMACSHA1',
4493 iterations
=> $iterations,
4497 my $pmk = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
4499 # Pairwise Transient Key (PTK) transformation
4501 my $ptk = wpa_prf_512
($pmk, $stmac, $bssid, $snonce, $anonce);
4503 # generate the Message Integrity Code (MIC)
4507 if ($keyver == 1) # WPA1 => MD5
4509 $mic = hmac
($eapol, $ptk, \
&md5
);
4513 $mic = hmac
($eapol, $ptk, \
&sha1
);
4516 $mic = substr ($mic, 0, 16);
4519 # format the binary output
4524 # first the essid (NULL-padded up to the first 36 bytes)
4526 $hash_buf .= $salt_buf;
4527 $hash_buf .= "\x00" x
(36 - length ($salt_buf));
4529 # the 2 MAC addresses
4531 $hash_buf .= $bssid;
4532 $hash_buf .= $stmac;
4536 $hash_buf .= $snonce;
4537 $hash_buf .= $anonce;
4541 $hash_buf .= $eapol;
4542 $hash_buf .= "\x00" x
(256 - $eapol_size);
4546 $hash_buf .= pack ("L*", $eapol_size);
4550 $hash_buf .= pack ("L*", $keyver);
4552 # and finally: the key mic
4556 # base64 encode the output
4558 $tmp_hash = encode_base64
($hash_buf, '');
4560 elsif ($mode == 2600)
4562 $hash_buf = md5_hex
(md5_hex
($word_buf));
4564 $tmp_hash = sprintf ("%s", $hash_buf);
4566 elsif ($mode == 2611)
4568 $hash_buf = md5_hex
(md5_hex
($word_buf) . $salt_buf);
4570 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4572 elsif ($mode == 2612)
4574 my $salt_buf_hex = unpack ("H*", $salt_buf);
4576 $hash_buf = md5_hex
(md5_hex
($word_buf) . $salt_buf);
4578 $tmp_hash = sprintf ("\$PHPS\$%s\$%s", $salt_buf_hex, $hash_buf);
4580 elsif ($mode == 2711)
4582 $hash_buf = md5_hex
(md5_hex
($word_buf) . $salt_buf);
4584 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4586 elsif ($mode == 2811)
4588 $hash_buf = md5_hex
(md5_hex
($salt_buf) . md5_hex
($word_buf));
4590 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4592 elsif ($mode == 3000)
4594 my $ppr = Authen
::Passphrase
::LANManager
->new ("passphrase" => $word_buf);
4596 $hash_buf = $ppr->hash_hex;
4598 $tmp_hash = sprintf ("%s", substr ($hash_buf, 0, 16));
4600 elsif ($mode == 3100)
4602 $hash_buf = oracle_hash
($salt_buf, $word_buf);
4604 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4606 elsif ($mode == 3200)
4615 $tmp_hash = bcrypt
($word_buf, sprintf ('$2a$%s$%s$', $cost, en_base64
($salt_buf)));
4617 elsif ($mode == 3300)
4619 my $iterations = 904;
4623 $iterations = int ($iter);
4628 if (defined ($additional_param))
4630 $variant = $additional_param;
4633 my $prefix = sprintf ("\$md5%srounds=%i\$%s", $variant, $iterations, $salt_buf);
4635 $iterations += 4096;
4637 $hash_buf = sun_md5
($word_buf, $prefix, $iterations);
4639 $tmp_hash = sprintf ("%s\$%s", $prefix, $hash_buf);
4641 elsif ($mode == 3500)
4643 $hash_buf = md5_hex
(md5_hex
(md5_hex
($word_buf)));
4645 $tmp_hash = sprintf ("%s", $hash_buf);
4647 elsif ($mode == 3610)
4649 $hash_buf = md5_hex
(md5_hex
($salt_buf) . $word_buf);
4651 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4653 elsif ($mode == 3710)
4655 $hash_buf = md5_hex
($salt_buf . md5_hex
($word_buf));
4657 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4659 elsif ($mode == 3711)
4661 $hash_buf = md5_hex
($salt_buf . "-" . md5_hex
($word_buf));
4663 $tmp_hash = sprintf ("\$B\$%s\$%s", $salt_buf, $hash_buf);
4665 elsif ($mode == 3720)
4667 $hash_buf = md5_hex
($word_buf . md5_hex
($salt_buf));
4669 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4671 elsif ($mode == 3800)
4673 $hash_buf = md5_hex
($salt_buf . $word_buf . $salt_buf);
4675 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4677 elsif ($mode == 3910)
4679 $hash_buf = md5_hex
(md5_hex
($word_buf) . md5_hex
($salt_buf));
4681 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4683 elsif ($mode == 4010)
4685 $hash_buf = md5_hex
($salt_buf . md5_hex
($salt_buf . $word_buf));
4687 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4689 elsif ($mode == 4110)
4691 $hash_buf = md5_hex
($salt_buf . md5_hex
($word_buf . $salt_buf));
4693 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4695 elsif ($mode == 4210)
4697 $hash_buf = md5_hex
($salt_buf . "\x00" . $word_buf);
4699 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4701 elsif ($mode == 4300)
4703 $hash_buf = md5_hex
(uc (md5_hex
($word_buf)));
4705 $tmp_hash = sprintf ("%s", $hash_buf);
4707 elsif ($mode == 4400)
4709 $hash_buf = md5_hex
(sha1_hex
($word_buf));
4711 $tmp_hash = sprintf ("%s", $hash_buf);
4713 elsif ($mode == 4500)
4715 $hash_buf = sha1_hex
(sha1_hex
($word_buf));
4717 $tmp_hash = sprintf ("%s", $hash_buf);
4719 elsif ($mode == 4600)
4721 $hash_buf = sha1_hex
(sha1_hex
(sha1_hex
($word_buf)));
4723 $tmp_hash = sprintf ("%s", $hash_buf);
4725 elsif ($mode == 4700)
4727 $hash_buf = sha1_hex
(md5_hex
($word_buf));
4729 $tmp_hash = sprintf ("%s", $hash_buf);
4731 elsif ($mode == 4800)
4733 my $index = rindex ($salt_buf, ":");
4735 my $salt = substr ($salt_buf, 0, $index);
4736 my $salt_bin = pack ("H*", $salt);
4737 my $chap_sign = substr ($salt_buf, $index + 1);
4738 my $chap_sign_bin = pack ("H*", $chap_sign);
4740 $hash_buf = md5_hex
($chap_sign_bin . $word_buf . $salt_bin);
4742 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4744 elsif ($mode == 4900)
4746 $hash_buf = sha1_hex
($salt_buf . $word_buf . $salt_buf);
4748 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4750 elsif ($mode == 5000)
4752 $hash_buf = keccak_256_hex
($word_buf);
4754 $tmp_hash = sprintf ("%s", $hash_buf);
4756 elsif ($mode == 5100)
4760 if (! defined ($additional_param))
4766 $pos = $additional_param * 8 unless ($additional_param > 2);
4769 $hash_buf = md5_hex
($word_buf);
4771 $tmp_hash = sprintf ("%s", substr ($hash_buf, $pos, 16));
4773 elsif ($mode == 5300)
4775 my @salt_arr = split (":", $salt_buf);
4777 my $msg_buf = pack ("H*", $salt_arr[0] . $salt_arr[1] . $salt_arr[2] . $salt_arr[3] . $salt_arr[4] . $salt_arr[5]);
4778 my $nr_buf = pack ("H*", $salt_arr[6] . $salt_arr[7]);
4780 my $hash_buf = hmac
($nr_buf , $word_buf, \
&md5
, 64);
4781 $hash_buf = hmac_hex
($msg_buf, $hash_buf, \
&md5
, 64);
4783 $tmp_hash = sprintf ("%s:%s", $salt_buf, $hash_buf);
4785 elsif ($mode == 5400)
4787 my @salt_arr = split (":", $salt_buf);
4789 my $msg_buf = pack ("H*", $salt_arr[0] . $salt_arr[1] . $salt_arr[2] . $salt_arr[3] . $salt_arr[4] . $salt_arr[5]);
4790 my $nr_buf = pack ("H*", $salt_arr[6] . $salt_arr[7]);
4792 my $hash_buf = hmac
($nr_buf , $word_buf, \
&sha1
, 64);
4793 $hash_buf = hmac_hex
($msg_buf, $hash_buf, \
&sha1
, 64);
4795 $tmp_hash = sprintf ("%s:%s", $salt_buf, $hash_buf);
4797 elsif ($mode == 5500)
4799 my $index1 = index ($salt_buf, "::");
4800 my $user = substr ($salt_buf, 0, $index1);
4802 my $index2 = index ($salt_buf, ":", $index1 + 2);
4803 my $domain = substr ($salt_buf, $index1 + 2, $index2 - $index1 - 2);
4805 my $len = length (substr ($salt_buf, $index2 + 1));
4807 my $c_challenge_hex;
4811 $c_challenge_hex = substr ($salt_buf, $index2 + 1, 48);
4816 $c_challenge_hex = substr ($salt_buf, $index2 + 1, 16);
4817 $c_challenge_hex .= 00 x
32;
4820 my $c_challenge = pack ("H*", substr ($c_challenge_hex, 0, 16));
4821 my $s_challenge_hex = substr ($salt_buf, $index2 + 17, 16);
4822 my $s_challenge = pack ("H*", $s_challenge_hex);
4824 my $challenge = substr (md5
($s_challenge . $c_challenge), 0, 8);
4828 my $nthash = Authen
::Passphrase
::NTHash
->new (passphrase
=> $word_buf)->hash . "\x00" x
5;
4830 $ntresp .= Crypt
::ECB
::encrypt
(setup_des_key
(substr ($nthash, 0, 7)), "DES", $challenge, PADDING_NONE
);
4831 $ntresp .= Crypt
::ECB
::encrypt
(setup_des_key
(substr ($nthash, 7, 7)), "DES", $challenge, PADDING_NONE
);
4832 $ntresp .= Crypt
::ECB
::encrypt
(setup_des_key
(substr ($nthash, 14, 7)), "DES", $challenge, PADDING_NONE
);
4834 $tmp_hash = sprintf ("%s::%s:%s:%s:%s", $user, $domain, $c_challenge_hex, unpack ("H*", $ntresp), $s_challenge_hex);
4836 elsif ($mode == 5600)
4838 my $index1 = index ($salt_buf, "::");
4839 my $user = substr ($salt_buf, 0, $index1);
4841 my $index2 = index ($salt_buf, ":", $index1 + 2);
4842 my $domain = substr ($salt_buf, $index1 + 2, $index2 - $index1 - 2);
4844 my $s_challenge_hex = substr ($salt_buf, $index2 + 1, 16);
4845 my $s_challenge = pack ("H*", $s_challenge_hex);
4847 my $temp_hex = substr ($salt_buf, $index2 + 17);
4848 my $temp = pack ("H*", $temp_hex);
4850 my $nthash = Authen
::Passphrase
::NTHash
->new (passphrase
=> $word_buf)->hash;
4851 my $identity = Encode
::encode
("UTF-16LE", uc ($user) . $domain);
4853 $hash_buf = hmac_hex
($s_challenge . $temp, hmac
($identity, $nthash, \
&md5
, 64), \
&md5
, 64);
4855 $tmp_hash = sprintf ("%s::%s:%s:%s:%s", $user, $domain, $s_challenge_hex, $hash_buf, $temp_hex);
4857 elsif ($mode == 5700)
4859 $hash_buf = sha256
($word_buf);
4861 my $base64_buf = encode_base64
($hash_buf);
4865 for (my $i = 0; $i < 43; $i++)
4867 $tmp_hash .= $CISCO_BASE64_MAPPING->{substr ($base64_buf, $i, 1)};
4870 elsif ($mode == 5800)
4872 $hash_buf = androidpin_hash
($word_buf, $salt_buf);
4874 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
4876 elsif ($mode == 6000)
4878 $hash_buf = ripemd160_hex
($word_buf);
4880 $tmp_hash = sprintf ("%s", $hash_buf);
4882 elsif ($mode == 6100)
4884 $hash_buf = whirlpool_hex
($word_buf);
4886 $tmp_hash = sprintf ("%s", $hash_buf);
4888 elsif ($mode == 6300)
4890 my $iterations = 1000; # hard coded by the AIX format
4892 $hash_buf = md5_crypt
('', $iterations, $word_buf, $salt_buf);
4894 $tmp_hash = sprintf ("{smd5}%s", $hash_buf);
4896 elsif ($mode == 6400)
4898 my $iterations = 64;
4902 $iterations = 1 << int ($iter);
4905 $hash_buf = aix_ssha256_pbkdf2
($word_buf, $salt_buf, $iterations);
4907 $tmp_hash = sprintf ("{ssha256}%02i\$%s\$%s", log ($iterations) / log (2), $salt_buf, $hash_buf);
4909 elsif ($mode == 6500)
4911 my $iterations = 64;
4915 $iterations = 1 << int ($iter);
4918 $hash_buf = aix_ssha512_pbkdf2
($word_buf, $salt_buf, $iterations);
4920 $tmp_hash = sprintf ("{ssha512}%02i\$%s\$%s", log ($iterations) / log (2), $salt_buf, $hash_buf);
4922 elsif ($mode == 6600)
4924 my $iterations = 1000;
4928 $iterations = int ($iter);
4931 my $salt_hex = substr ($salt_buf, 0, 16);
4932 my $salt = pack ("H*", $salt_hex);
4934 my $prefix = substr ($salt_buf, 16, 2016);
4936 my $iv_hex = substr ($salt_buf, 2032);
4937 my $iv = pack ("H*", $iv_hex);
4939 my $data = pack ("H*", "10101010101010101010101010101010");
4941 my $hasher = Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA1');
4943 my $pbkdf2 = Crypt
::PBKDF2
->new (
4945 iterations
=> $iterations,
4949 my $key = $pbkdf2->PBKDF2 ($salt, $word_buf);
4951 my $cipher = Crypt
::CBC
->new ({
4953 cipher
=> "Crypt::Rijndael",
4960 my $encrypted = unpack ("H*", $cipher->encrypt ($data));
4962 $hash_buf = substr ($encrypted, 0, 32);
4964 $tmp_hash = sprintf ("%i:%s:%s%s%s", $iterations, $salt_hex, $prefix, $iv_hex, $hash_buf);
4966 elsif ($mode == 6700)
4968 my $iterations = 64;
4972 $iterations = 1 << int ($iter);
4975 $hash_buf = aix_ssha1_pbkdf2
($word_buf, $salt_buf, $iterations);
4977 $tmp_hash = sprintf ("{ssha1}%02i\$%s\$%s", log ($iterations) / log (2), $salt_buf, $hash_buf);
4979 elsif ($mode == 6800)
4981 my $variant = $additional_param;
4983 if (! defined ($variant))
4985 $variant = int (rand (2));
4988 my $iterations = 500;
4992 $iterations = int ($iter);
4995 my $iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
4997 my $hasher = Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256);
4999 my $pbkdf2 = Crypt
::PBKDF2
->new (
5001 iterations
=> $iterations,
5005 my $key = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
5007 my $cipher = Crypt
::CBC
->new ({
5009 cipher
=> "Crypt::Rijndael",
5018 my $encrypt = $cipher->encrypt (substr ($salt_buf, 0, 16));
5020 $hash_buf = substr (unpack ("H*", $encrypt), 0, 32);
5024 my $verifier = "lastpass rocks\x02\x02";
5026 $hash_buf = unpack ("H*", substr ($cipher->encrypt ($verifier), 0, 16));
5029 $tmp_hash = sprintf ("%s:%i:%s", $hash_buf, $iterations, $salt_buf);
5031 elsif ($mode == 6900)
5033 $hash_buf = gost_hex
($word_buf);
5035 $tmp_hash = sprintf ("%s", $hash_buf);
5037 elsif ($mode == 7100)
5039 my $iterations = 1024;
5043 $iterations = int ($iter);
5046 my $pbkdf2 = Crypt
::PBKDF2
->new
5048 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 512),
5049 iterations
=> $iterations
5052 $hash_buf = unpack ("H*", $pbkdf2->PBKDF2 (pack ("H*", $salt_buf), $word_buf));
5054 $tmp_hash = sprintf ("\$ml\$%i\$%s\$%0128s", $iterations, $salt_buf, $hash_buf);
5056 elsif ($mode == 7200)
5058 my $iterations = 1024;
5062 $iterations = int ($iter);
5065 my $pbkdf2 = Crypt
::PBKDF2
->new (
5066 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 512),
5067 iterations
=> $iterations
5070 $hash_buf = unpack ("H*", $pbkdf2->PBKDF2 (pack ("H*", $salt_buf), $word_buf));
5072 $tmp_hash = sprintf ("grub.pbkdf2.sha512.%i.%s.%0128s", $iterations, $salt_buf, $hash_buf);
5074 elsif ($mode == 7300)
5076 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&sha1
);
5078 $tmp_hash = sprintf ("%s:%s", unpack ("H*", $salt_buf), $hash_buf);
5080 elsif ($mode == 7400)
5082 my $iterations = 5000;
5084 if (defined ($iter))
5088 $iterations = int ($iter);
5092 $hash_buf = sha256_crypt
($iterations, $word_buf, $salt_buf);
5094 $tmp_hash = sprintf ("%s", $hash_buf);
5096 elsif ($mode == 7500)
5098 my @salt_arr = split ("\\\$", $salt_buf);
5100 my $user = $salt_arr[0];
5102 my $realm = $salt_arr[1];
5104 my $salt = $salt_arr[2];
5106 my $hmac_salt = $salt_arr[3];
5107 my $hmac_salt_bin = pack ("H*", $hmac_salt);
5109 my $clear_data = $salt_arr[4];
5111 my $k = md4
(encode
("UTF-16LE", $word_buf));
5113 my $k1 = hmac_md5
("\x01\x00\x00\x00", $k);
5115 my $k3 = hmac_md5
($hmac_salt_bin, $k1);
5117 if (length ($clear_data) > 1)
5119 my $clear_data_bin = pack ("H*", $clear_data);
5121 $hash_buf = RC4
($k3, $clear_data_bin);
5125 my $hash = $salt_arr[5];
5127 my $hash_bin = pack ("H*", $hash);
5129 my $clear_data = RC4
($k3, $hash_bin);
5131 my $timestamp = substr ($clear_data, 14, 14);
5136 if ($timestamp !~ /^[[:digit:]]{14}$/)
5143 $hash_buf = "\x00" x
36;
5145 if ($hash_buf eq $hash_bin)
5147 $hash_buf = "\x01" x
36;
5152 $hash_buf = $hash_bin;
5156 $tmp_hash = sprintf ("\$krb5pa\$23\$%s\$%s\$%s\$%s%s", $user, $realm, $salt, unpack ("H*", $hash_buf), $hmac_salt);
5158 elsif ($mode == 7600)
5160 $hash_buf = sha1_hex
($salt_buf . sha1_hex
($word_buf));
5162 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
5164 elsif ($mode == 7700)
5166 $word_buf = uc $word_buf;
5167 $salt_buf = uc $salt_buf;
5169 my $word_buf_t = sapb_transcode
($word_buf);
5170 my $salt_buf_t = sapb_transcode
($salt_buf);
5172 my $digest1 = md5
($word_buf_t . $salt_buf_t);
5174 my $data = sapb_waldorf
($digest1, $word_buf_t, $salt_buf_t);
5176 my $digest2 = md5
($data);
5178 my ($a, $b, $c, $d) = unpack ("N4", $digest2);
5183 $tmp_hash = sprintf ("%s\$%08X%08X", $salt_buf, $a, $b);
5185 elsif ($mode == 7800)
5187 my $theMagicArray_s =
5188 "\x91\xac\x51\x14\x9f\x67\x54\x43\x24\xe7\x3b\xe0\x28\x74\x7b\xc2" .
5189 "\x86\x33\x13\xeb\x5a\x4f\xcb\x5c\x08\x0a\x73\x37\x0e\x5d\x1c\x2f" .
5190 "\x33\x8f\xe6\xe5\xf8\x9b\xae\xdd\x16\xf2\x4b\x8d\x2c\xe1\xd4\xdc" .
5191 "\xb0\xcb\xdf\x9d\xd4\x70\x6d\x17\xf9\x4d\x42\x3f\x9b\x1b\x11\x94" .
5192 "\x9f\x5b\xc1\x9b\x06\x05\x9d\x03\x9d\x5e\x13\x8a\x1e\x9a\x6a\xe8" .
5193 "\xd9\x7c\x14\x17\x58\xc7\x2a\xf6\xa1\x99\x63\x0a\xd7\xfd\x70\xc3" .
5194 "\xf6\x5e\x74\x13\x03\xc9\x0b\x04\x26\x98\xf7\x26\x8a\x92\x93\x25" .
5195 "\xb0\xa2\x0d\x23\xed\x63\x79\x6d\x13\x32\xfa\x3c\x35\x02\x9a\xa3" .
5196 "\xb3\xdd\x8e\x0a\x24\xbf\x51\xc3\x7c\xcd\x55\x9f\x37\xaf\x94\x4c" .
5197 "\x29\x08\x52\x82\xb2\x3b\x4e\x37\x9f\x17\x07\x91\x11\x3b\xfd\xcd";
5199 $salt_buf = uc $salt_buf;
5201 my $digest = sha1
($word_buf . $salt_buf);
5203 my ($a, $b, $c, $d, $e) = unpack ("I*", $digest);
5205 my $lengthMagicArray = 0x20;
5206 my $offsetMagicArray = 0;
5208 $lengthMagicArray += (($a >> 0) & 0xff) % 6;
5209 $lengthMagicArray += (($a >> 8) & 0xff) % 6;
5210 $lengthMagicArray += (($a >> 16) & 0xff) % 6;
5211 $lengthMagicArray += (($a >> 24) & 0xff) % 6;
5212 $lengthMagicArray += (($b >> 0) & 0xff) % 6;
5213 $lengthMagicArray += (($b >> 8) & 0xff) % 6;
5214 $lengthMagicArray += (($b >> 16) & 0xff) % 6;
5215 $lengthMagicArray += (($b >> 24) & 0xff) % 6;
5216 $lengthMagicArray += (($c >> 0) & 0xff) % 6;
5217 $lengthMagicArray += (($c >> 8) & 0xff) % 6;
5218 $offsetMagicArray += (($c >> 16) & 0xff) % 8;
5219 $offsetMagicArray += (($c >> 24) & 0xff) % 8;
5220 $offsetMagicArray += (($d >> 0) & 0xff) % 8;
5221 $offsetMagicArray += (($d >> 8) & 0xff) % 8;
5222 $offsetMagicArray += (($d >> 16) & 0xff) % 8;
5223 $offsetMagicArray += (($d >> 24) & 0xff) % 8;
5224 $offsetMagicArray += (($e >> 0) & 0xff) % 8;
5225 $offsetMagicArray += (($e >> 8) & 0xff) % 8;
5226 $offsetMagicArray += (($e >> 16) & 0xff) % 8;
5227 $offsetMagicArray += (($e >> 24) & 0xff) % 8;
5229 my $hash_buf = sha1_hex
($word_buf . substr ($theMagicArray_s, $offsetMagicArray, $lengthMagicArray) . $salt_buf);
5231 $tmp_hash = sprintf ("%s\$%s", $salt_buf, uc $hash_buf);
5233 elsif ($mode == 7900)
5242 my $phpass_it = 1 << $cost;
5244 $hash_buf = sha512
($salt_buf . $word_buf);
5246 for (my $i = 0; $i < $phpass_it; $i++)
5248 $hash_buf = sha512
($hash_buf . $word_buf);
5251 my $base64_buf = substr (Authen
::Passphrase
::PHPass
::_en_base64
($hash_buf), 0, 43);
5253 my $base64_digits = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
5255 my $cost_str = substr ($base64_digits , $cost, 1);
5257 $tmp_hash = sprintf ('$S$%s%s%s', $cost_str, $salt_buf, $base64_buf);
5259 elsif ($mode == 8000)
5261 my $salt_buf_bin = pack ("H*", $salt_buf);
5263 my $word_buf_utf = encode
("UTF-16BE", $word_buf);
5265 $hash_buf = sha256_hex
($word_buf_utf . "\x00" x
(510 - (length ($word_buf) * 2)) . $salt_buf_bin);
5267 $tmp_hash = sprintf ("0xc007%s%s", $salt_buf, $hash_buf);
5269 elsif ($mode == 8100)
5271 $hash_buf = sha1_hex
($salt_buf . $word_buf . "\x00");
5273 $tmp_hash = sprintf ("1%s%s", $salt_buf, $hash_buf);
5275 elsif ($mode == 8200)
5277 my $iterations = 40000;
5279 if (defined ($iter))
5281 $iterations = $iter;
5284 my $salt_hex = substr ($salt_buf, 0, 32);
5285 my $salt = pack ("H*", $salt_hex);
5287 my $data_hex = substr ($salt_buf, 32);
5288 my $data = pack ("H*", $data_hex);
5290 my $pbkdf2 = Crypt
::PBKDF2
->new
5292 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 512),
5293 iterations
=> int $iterations
5296 my $key = $pbkdf2->PBKDF2 ($salt, $word_buf);
5298 $hash_buf = hmac_hex
($data, substr ($key, 32, 32), \
&sha256
, 64);
5300 $tmp_hash = sprintf ("%s:%s:%d:%s", $hash_buf, $salt_hex, $iterations, $data_hex);
5302 elsif ($mode == 8300)
5304 my ($domain, $salt_hex) = split (":", $salt_buf);
5306 my $hashalg = Net
::DNS
::SEC
->digtype ("SHA1");
5308 my $salt = pack ("H*", $salt_hex);
5312 if (defined ($iter))
5314 $iterations = $iter;
5317 my $name = lc ($word_buf . $domain);
5319 my $hash_buf = Net
::DNS
::RR
::NSEC3
::name2hash
($hashalg, $name, $iterations, $salt);
5321 $tmp_hash = sprintf ("%s:%s:%s:%d", $hash_buf, $domain, $salt_hex, $iterations);
5323 elsif ($mode == 8400)
5325 $hash_buf = sha1_hex
($salt_buf . sha1_hex
($salt_buf . sha1_hex
($word_buf)));
5327 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
5329 elsif ($mode == 8500)
5331 $hash_buf = racf_hash
(uc $salt_buf, $word_buf);
5333 $tmp_hash = sprintf ('$racf$*%s*%s', uc $salt_buf, uc $hash_buf);
5335 elsif ($mode == 8600)
5337 my @saved_key = map { ord $_; } split "", $word_buf;
5339 my $len = scalar @saved_key;
5341 my @state = domino_big_md
(\
@saved_key, $len);
5343 $tmp_hash = sprintf ('%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x',
5362 elsif ($mode == 8700)
5364 my $domino_char = undef;
5366 if (defined ($additional_param))
5368 $domino_char = $additional_param;
5371 my @saved_key = map { ord $_; } split "", $word_buf;
5373 my $len = scalar @saved_key;
5375 my @state = domino_big_md
(\
@saved_key, $len);
5377 my $str = "(" . unpack ("H*", join ("", (map { chr $_; } @state))) . ")";
5379 @saved_key = map { ord $_; } split "", $salt_buf . uc $str;
5381 @state = domino_big_md
(\
@saved_key, 34);
5383 $hash_buf = join ("", (map { chr $_; } @state));
5385 $tmp_hash = sprintf ('(G%s)', domino_encode
($salt_buf . $hash_buf, $domino_char));
5387 elsif ($mode == 8900)
5393 if (defined ($additional_param))
5395 $N = $additional_param;
5396 $r = $additional_param2;
5397 $p = $additional_param3;
5400 $hash_buf = scrypt_hash
($word_buf, $salt_buf, $N, $r, $p, 32);
5402 $tmp_hash = sprintf ('%s', $hash_buf);
5404 elsif ($mode == 9100)
5406 my $iterations = 5000;
5408 if (defined ($iter))
5410 $iterations = $iter;
5413 my $domino_char = undef;
5415 # domino 5 hash - SEC_pwddigest_V1 - -m 8600
5417 my @saved_key = map { ord $_; } split "", $word_buf;
5419 my $len = scalar @saved_key;
5421 my @state = domino_big_md
(\
@saved_key, $len);
5424 # domino 6 hash - SEC_pwddigest_V2 - -m 8700
5426 my $salt_part = substr ($salt_buf, 0, 5);
5428 my $str = "(" . unpack ("H*", join ("", (map { chr $_; } @state))) . ")";
5430 @saved_key = map { ord $_; } split "", $salt_part . uc $str;
5432 @state = domino_big_md
(\
@saved_key, 34);
5434 $hash_buf = join ("", (map { chr $_; } @state));
5436 $tmp_hash = sprintf ('(G%s)', domino_encode
($salt_part . $hash_buf, $domino_char));
5439 # domino 8(.5.x) hash - SEC_pwddigest_V3 - -m 9100
5441 my $pbkdf2 = Crypt
::PBKDF2
->new
5443 hash_class
=> 'HMACSHA1',
5444 iterations
=> $iterations,
5451 if (defined ($additional_param))
5453 $chars = $additional_param;
5456 my $digest_new = $pbkdf2->PBKDF2 ($salt_buf, $tmp_hash);
5458 my $iteration_str = "" . $iterations;
5460 for (my $i = length ($iterations); $i < 10; $i++)
5462 $iterations = "0" . $iterations;
5465 $tmp_hash = sprintf ('(H%s)', domino_85x_encode
($salt_buf . $iterations . $chars . $digest_new, $domino_char));
5467 elsif ($mode == 9200)
5469 my $iterations = 20000;
5471 my $pbkdf2 = Crypt
::PBKDF2
->new
5473 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256),
5474 iterations
=> $iterations
5477 $hash_buf = encode_base64
($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
5481 for (my $i = 0; $i < 43; $i++)
5483 $tmp_hash .= $CISCO_BASE64_MAPPING->{substr ($hash_buf, $i, 1)};
5486 $tmp_hash = sprintf ("\$8\$%s\$%s", $salt_buf, $tmp_hash);
5488 elsif ($mode == 9300)
5494 $hash_buf = scrypt_b64
($word_buf, $salt_buf, $N, $r, $p, 32);
5498 for (my $i = 0; $i < 43; $i++)
5500 $tmp_hash .= $CISCO_BASE64_MAPPING->{substr ($hash_buf, $i, 1)};
5503 $tmp_hash = sprintf ('$9$%s$%s', $salt_buf, $tmp_hash);
5505 elsif ($mode == 9400)
5507 my $iterations = 50000;
5511 $iterations = int ($iter);
5514 my $aes_key_size = 128; # or 256
5516 if (defined ($additional_param2))
5518 $aes_key_size = $additional_param2;
5521 $salt_buf = pack ("H*", $salt_buf);
5523 my $tmp = sha1
($salt_buf . encode
("UTF-16LE", $word_buf));
5525 for (my $i = 0; $i < $iterations; $i++)
5527 my $num32 = pack ("L", $i);
5529 $tmp = sha1
($num32 . $tmp);
5532 my $zero32 = pack ("L", 0x00);
5534 my $derivation_array1 = pack ("C", 0x36) x
64;
5535 my $derivation_array2 = pack ("C", 0x5C) x
64;
5537 $tmp = sha1
($tmp . $zero32);
5539 my $tmp2 = sha1
($derivation_array1 ^ $tmp);
5540 my $tmp3 = sha1
($derivation_array2 ^ $tmp);
5542 my $key = substr ($tmp2 . $tmp3, 0, $aes_key_size / 8);
5544 my $m = Crypt
::Mode
::ECB
->new ('AES', 0);
5548 if (defined $additional_param)
5550 $encdata = $m->decrypt (pack ("H*", $additional_param), $key);
5554 $encdata = "A" x
16; ## can be anything
5557 my $data1_buf = $encdata;
5558 my $data2_buf = sha1
(substr ($data1_buf, 0, 16));
5560 $data1_buf = substr ($data1_buf . ("\x00" x
16), 0, 16);
5561 $data2_buf = substr ($data2_buf . ("\x00" x
16), 0, 32);
5563 my $encrypted1 = unpack ("H*", $m->encrypt ($data1_buf, $key));
5564 my $encrypted2 = unpack ("H*", $m->encrypt ($data2_buf, $key));
5566 $encrypted1 = substr ($encrypted1, 0, 32);
5567 $encrypted2 = substr ($encrypted2, 0, 40);
5569 $tmp_hash = sprintf ("\$office\$*%d*%d*%d*%d*%s*%s*%s", 2007, 20, $aes_key_size, 16, unpack ("H*", $salt_buf), $encrypted1, $encrypted2);
5571 elsif ($mode == 9500)
5573 my $iterations = 100000;
5577 $iterations = int ($iter);
5580 $salt_buf = pack ("H*", $salt_buf);
5582 my $tmp = sha1
($salt_buf . encode
("UTF-16LE", $word_buf));
5584 for (my $i = 0; $i < $iterations; $i++)
5586 my $num32 = pack ("L", $i);
5588 $tmp = sha1
($num32 . $tmp);
5591 my $encryptedVerifierHashInputBlockKey = "\xfe\xa7\xd2\x76\x3b\x4b\x9e\x79";
5592 my $encryptedVerifierHashValueBlockKey = "\xd7\xaa\x0f\x6d\x30\x61\x34\x4e";
5594 my $final1 = sha1
($tmp . $encryptedVerifierHashInputBlockKey);
5595 my $final2 = sha1
($tmp . $encryptedVerifierHashValueBlockKey);
5597 my $key1 = substr ($final1, 0, 16);
5598 my $key2 = substr ($final2, 0, 16);
5600 my $cipher1 = Crypt
::CBC
->new ({
5602 cipher
=> "Crypt::Rijndael",
5610 my $cipher2 = Crypt
::CBC
->new ({
5612 cipher
=> "Crypt::Rijndael",
5622 if (defined $additional_param)
5624 $encdata = $cipher1->decrypt (pack ("H*", $additional_param));
5628 $encdata = "A" x
16; ## can be anything
5631 my $data1_buf = $encdata;
5632 my $data2_buf = sha1
(substr ($data1_buf, 0, 16));
5634 my $encrypted1 = unpack ("H*", $cipher1->encrypt ($data1_buf));
5635 my $encrypted2 = unpack ("H*", $cipher2->encrypt ($data2_buf));
5637 $encrypted2 = substr ($encrypted2, 0, 64);
5639 $tmp_hash = sprintf ("\$office\$*%d*%d*%d*%d*%s*%s*%s", 2010, 100000, 128, 16, unpack ("H*", $salt_buf), $encrypted1, $encrypted2);
5641 elsif ($mode == 9600)
5643 my $iterations = 100000;
5647 $iterations = int ($iter);
5650 $salt_buf = pack ("H*", $salt_buf);
5652 my $tmp = sha512
($salt_buf . encode
("UTF-16LE", $word_buf));
5654 for (my $i = 0; $i < $iterations; $i++)
5656 my $num32 = pack ("L", $i);
5658 $tmp = sha512
($num32 . $tmp);
5661 my $encryptedVerifierHashInputBlockKey = "\xfe\xa7\xd2\x76\x3b\x4b\x9e\x79";
5662 my $encryptedVerifierHashValueBlockKey = "\xd7\xaa\x0f\x6d\x30\x61\x34\x4e";
5664 my $final1 = sha512
($tmp . $encryptedVerifierHashInputBlockKey);
5665 my $final2 = sha512
($tmp . $encryptedVerifierHashValueBlockKey);
5667 my $key1 = substr ($final1, 0, 32);
5668 my $key2 = substr ($final2, 0, 32);
5670 my $cipher1 = Crypt
::CBC
->new ({
5672 cipher
=> "Crypt::Rijndael",
5680 my $cipher2 = Crypt
::CBC
->new ({
5682 cipher
=> "Crypt::Rijndael",
5692 if (defined $additional_param)
5694 $encdata = $cipher1->decrypt (pack ("H*", $additional_param));
5698 $encdata = "A" x
16; ## can be anything
5701 my $data1_buf = $encdata;
5702 my $data2_buf = sha512
(substr ($data1_buf, 0, 16));
5704 my $encrypted1 = unpack ("H*", $cipher1->encrypt ($data1_buf));
5705 my $encrypted2 = unpack ("H*", $cipher2->encrypt ($data2_buf));
5707 $encrypted2 = substr ($encrypted2, 0, 64);
5709 $tmp_hash = sprintf ("\$office\$*%d*%d*%d*%d*%s*%s*%s", 2013, 100000, 256, 16, unpack ("H*", $salt_buf), $encrypted1, $encrypted2);
5711 elsif ($mode == 9700)
5713 $salt_buf = pack ("H*", $salt_buf);
5715 my $tmp = md5
(encode
("UTF-16LE", $word_buf));
5717 $tmp = substr ($tmp, 0, 5);
5721 for (my $i = 0; $i < 16; $i++)
5729 $tmp = substr ($tmp, 0, 5);
5733 if (defined $additional_param2)
5735 $version = $additional_param2;
5739 $version = (unpack ("L", $tmp) & 1) ?
0 : 1;
5742 my $rc4_key = md5
($tmp . "\x00\x00\x00\x00");
5744 my $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5748 if (defined $additional_param)
5750 $encdata = $m->RC4 (pack ("H*", $additional_param));
5754 $encdata = "A" x
16; ## can be anything
5757 my $data1_buf = $encdata;
5758 my $data2_buf = md5
(substr ($data1_buf, 0, 16));
5760 $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5762 my $encrypted1 = $m->RC4 ($data1_buf);
5763 my $encrypted2 = $m->RC4 ($data2_buf);
5765 $tmp_hash = sprintf ("\$oldoffice\$%d*%s*%s*%s", $version, unpack ("H*", $salt_buf), unpack ("H*", $encrypted1), unpack ("H*", $encrypted2));
5767 elsif ($mode == 9800)
5769 $salt_buf = pack ("H*", $salt_buf);
5771 my $tmp = sha1
($salt_buf. encode
("UTF-16LE", $word_buf));
5775 if (defined $additional_param2)
5777 $version = $additional_param2;
5781 $version = (unpack ("L", $tmp) & 1) ?
3 : 4;
5784 my $rc4_key = sha1
($tmp . "\x00\x00\x00\x00");
5788 $rc4_key = substr ($rc4_key, 0, 5) . "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
5791 my $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5795 if (defined $additional_param)
5797 $encdata = $m->RC4 (pack ("H*", $additional_param));
5801 $encdata = "A" x
16; ## can be anything
5804 my $data1_buf = $encdata;
5805 my $data2_buf = sha1
(substr ($data1_buf, 0, 16));
5807 $m = Crypt
::RC4
->new (substr ($rc4_key, 0, 16));
5809 my $encrypted1 = $m->RC4 ($data1_buf);
5810 my $encrypted2 = $m->RC4 ($data2_buf);
5812 $tmp_hash = sprintf ("\$oldoffice\$%d*%s*%s*%s", $version, unpack ("H*", $salt_buf), unpack ("H*", $encrypted1), unpack ("H*", $encrypted2));
5814 elsif ($mode == 9900)
5816 $tmp_hash = sprintf ("%s", md5_hex
($word_buf . "\0" x
(100 - length ($word_buf))));
5818 elsif ($mode == 10000)
5820 my $iterations = 10000;
5824 $iterations = int ($iter);
5827 my $pbkdf2 = Crypt
::PBKDF2
->new
5829 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256),
5830 iterations
=> $iterations
5833 $hash_buf = encode_base64
($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
5834 $hash_buf =~ s/[\r\n]//g;
5836 $tmp_hash = sprintf ("pbkdf2_sha256\$%i\$%s\$%s", $iterations, $salt_buf, $hash_buf);
5838 elsif ($mode == 10100)
5840 my $seed = pack ("H*", $salt_buf);
5842 my ($hi, $lo) = siphash
($word_buf, $seed);
5844 my $hi_s = sprintf ("%08x", $hi);
5845 my $lo_s = sprintf ("%08x", $lo);
5847 $hi_s =~ s/^(..)(..)(..)(..)$/$4$3$2$1/;
5848 $lo_s =~ s/^(..)(..)(..)(..)$/$4$3$2$1/;
5850 $tmp_hash = sprintf ("%s%s:2:4:%s", $hi_s, $lo_s, $salt_buf);
5852 elsif ($mode == 10200)
5854 my $challengeb64 = encode_base64
($salt_buf);
5855 $challengeb64 =~ s/[\r\n]//g;
5859 if (defined $additional_param)
5861 $username = $additional_param;
5868 $hash_buf = hmac_hex
($salt_buf, $word_buf, \
&md5
);
5870 my $responseb64 = encode_base64
($username . " " . $hash_buf);
5871 $responseb64 =~ s/[\r\n]//g;
5873 $tmp_hash = sprintf ('$cram_md5$%s$%s', $challengeb64, $responseb64);
5875 elsif ($mode == 10300)
5877 my $iterations = 1024;
5881 $iterations = int ($iter);
5884 my $hash_buf = $salt_buf;
5886 for (my $pos = 0; $pos < $iterations; $pos++)
5888 $hash_buf = sha1
($word_buf . $hash_buf);
5891 $hash_buf = encode_base64
($hash_buf . $salt_buf);
5892 $hash_buf =~ s/[\r\n]//g;
5894 $tmp_hash = sprintf ("{x-issha, %i}%s", $iterations, $hash_buf);
5896 elsif ($mode == 10400)
5899 my $u = $additional_param;
5900 my $o = $additional_param2;
5901 my $P = $additional_param3;
5903 if (defined $u == 0)
5908 if (defined $o == 0)
5913 if (defined $P == 0)
5920 for (my $i = 0; $i < 32; $i++)
5922 $padding .= pack ("C", $pdf_padding[$i]);
5925 my $res = pdf_compute_encryption_key
($word_buf, $padding, $id, $u, $o, $P, 1, 2, 0);
5927 my $m = Crypt
::RC4
->new (substr ($res, 0, 5));
5929 $u = $m->RC4 ($padding);
5931 $tmp_hash = sprintf ('$pdf$%d*%d*40*%d*%d*16*%s*32*%s*32*%s', 1, 2, $P, 0, $id, unpack ("H*", $u), $o);
5933 elsif ($mode == 10500)
5936 my $u = $additional_param;
5937 my $o = $additional_param2;
5938 my $P = $additional_param3;
5939 my $V = $additional_param4;
5940 my $R = $additional_param5;
5941 my $enc = $additional_param6;
5943 if (defined $u == 0)
5950 if (defined $o == 0)
5955 if (defined $R == 0)
5957 $R = get_random_num
(3, 5);
5960 if (defined $V == 0)
5962 $V = ($R == 3) ?
2 : 4;
5965 if (defined $P == 0)
5967 $P = ($R == 3) ?
-4 : -1028;
5970 if (defined $enc == 0)
5972 $enc = ($R == 3) ?
1 : get_random_num
(0, 2);
5977 for (my $i = 0; $i < 32; $i++)
5979 $padding .= pack ("C", $pdf_padding[$i]);
5982 my $res = pdf_compute_encryption_key
($word_buf, $padding, $id, $u, $o, $P, $V, $R, $enc);
5984 my $digest = md5
($padding . pack ("H*", $id));
5986 my $m = Crypt
::RC4
->new ($res);
5988 $u = $m->RC4 ($digest);
5990 my @ress = split "", $res;
5992 for (my $x = 1; $x <= 19; $x++)
5996 for (my $i = 0; $i < 16; $i++)
5998 $xor[$i] = chr (ord ($ress[$i]) ^ $x);
6001 my $s = join ("", @xor);
6003 my $m2 = Crypt
::RC4
->new ($s);
6008 $u .= substr (pack ("H*", $u_save), 16, 16);
6010 $tmp_hash = sprintf ('$pdf$%d*%d*128*%d*%d*16*%s*32*%s*32*%s', $V, $R, $P, $enc, $id, unpack ("H*", $u), $o);
6012 elsif ($mode == 10600)
6015 my $rest = $additional_param;
6017 if (defined $id == 0)
6022 if (defined $rest == 0)
6028 $rest .= "*127*00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000";
6031 my @data = split /\*/, $rest;
6033 my $u = pack ("H*", $data[1]);
6035 my $h = sha256
($word_buf . substr ($u, 32, 8));
6037 $data[1] = unpack ("H*", $h . substr ($u, 32));
6039 $rest = join ("*", @data);
6041 $tmp_hash = sprintf ('$pdf$5*5*256*-1028*1*16*%s*%s', $id, $rest);
6043 elsif ($mode == 10700)
6046 my $rest = $additional_param;
6048 if (defined $id == 0)
6053 if (defined $rest == 0)
6059 $rest .= "*127*00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000*32*0000000000000000000000000000000000000000000000000000000000000000";
6062 my @datax = split /\*/, $rest;
6064 my $u = pack ("H*", $datax[1]);
6066 my $block = sha256
($word_buf . substr ($u, 32, 8));
6068 my $block_size = 32;
6070 my $data = 0x00 x
64;
6076 for (my $i = 0; $i < 64 || $i < $data63 + 32; $i++)
6078 $data = $word_buf . $block;
6080 $data_len = length ($data);
6082 for (my $k = 1; $k < 64; $k++)
6084 $data .= $word_buf . $block;
6087 my $aes = Crypt
::CBC
->new ({
6088 key
=> substr ($block, 0, 16),
6089 cipher
=> "Crypt::Rijndael",
6090 iv
=> substr ($block, 16, 16),
6097 my $data = $aes->encrypt ($data);
6101 for (my $j = 0; $j < 16; $j++)
6103 $sum += ord (substr ($data, $j, 1));
6106 $block_size = 32 + ($sum % 3) * 16;
6108 if ($block_size == 32)
6110 $block = sha256
(substr ($data, 0, $data_len * 64));
6112 elsif ($block_size == 48)
6114 $block = sha384
(substr ($data, 0, $data_len * 64));
6116 elsif ($block_size == 64)
6118 $block = sha512
(substr ($data, 0, $data_len * 64));
6121 $data63 = ord (substr ($data, $data_len * 64 - 1, 1));
6124 $datax[1] = unpack ("H*", substr ($block, 0, 32) . substr ($u, 32));
6126 $rest = join ("*", @datax);
6128 $tmp_hash = sprintf ('$pdf$5*6*256*-1028*1*16*%s*%s', $id, $rest);
6130 elsif ($mode == 10800)
6132 $hash_buf = sha384_hex
($word_buf);
6134 $tmp_hash = sprintf ("%s", $hash_buf);
6136 elsif ($mode == 10900)
6138 my $iterations = 1000;
6142 $iterations = int ($iter);
6147 if (defined $additional_param)
6149 $out_len = $additional_param;
6152 my $pbkdf2 = Crypt
::PBKDF2
->new
6154 hasher
=> Crypt
::PBKDF2
->hasher_from_algorithm ('HMACSHA2', 256),
6155 iterations
=> $iterations,
6156 output_len
=> $out_len
6159 $hash_buf = encode_base64
($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
6160 $hash_buf =~ s/[\r\n]//g;
6162 my $base64_salt_buf = encode_base64
($salt_buf);
6164 chomp ($base64_salt_buf);
6166 $tmp_hash = sprintf ("sha256:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6168 elsif ($mode == 11000)
6170 $hash_buf = md5_hex
($salt_buf . $word_buf);
6172 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
6174 elsif ($mode == 11100)
6176 my $user = "postgres";
6178 if (defined $additional_param)
6180 $user = $additional_param;
6183 $hash_buf = md5_hex
(md5_hex
($word_buf . $user) . pack ("H*", $salt_buf));
6185 $tmp_hash = sprintf ("\$postgres\$%s*%s*%s", $user, $salt_buf, $hash_buf);
6187 elsif ($mode == 11200)
6189 my $sha1_pass = sha1
($word_buf);
6190 my $double_sha1 = sha1
($sha1_pass);
6192 my $xor_part1 = $sha1_pass;
6193 my $xor_part2 = sha1
(pack ("H*", $salt_buf) . $double_sha1);
6197 for (my $i = 0; $i < 20; $i++)
6199 my $first_byte = substr ($xor_part1, $i, 1);
6200 my $second_byte = substr ($xor_part2, $i, 1);
6202 my $xor_result = $first_byte ^ $second_byte;
6204 $hash_buf .= unpack ("H*", $xor_result);
6207 $tmp_hash = sprintf ("\$mysqlna\$%s*%s", $salt_buf, $hash_buf);
6209 elsif ($mode == 11300)
6211 my $ckey_buf = get_random_string
(96);
6213 if (length ($additional_param))
6215 $ckey_buf = $additional_param;
6218 my $public_key_buf = get_random_string
(66);
6220 if (length ($additional_param2))
6222 $public_key_buf = $additional_param2;
6225 my $salt_iter = get_random_num
(150000, 250000);
6229 $salt_iter = int ($iter);
6232 my $hash_buf = sha512
($word_buf . pack ("H*", $salt_buf));
6234 for (my $i = 1; $i < $salt_iter; $i++)
6236 $hash_buf = sha512
($hash_buf);
6239 my $data = get_random_string
(32);
6241 my $aes = Crypt
::CBC
->new ({
6242 key
=> substr ($hash_buf, 0, 32),
6243 cipher
=> "Crypt::Rijndael",
6244 iv
=> substr ($hash_buf, 32, 16),
6248 padding
=> "standard",
6251 my $cry_master_buf = (unpack ("H*", $aes->encrypt ($data)));
6253 $tmp_hash = sprintf ('$bitcoin$%d$%s$%d$%s$%d$%d$%s$%d$%s',
6254 length ($cry_master_buf),
6261 length ($public_key_buf),
6264 elsif ($mode == 11400)
6266 my ($directive, $URI_server, $URI_client, $user, $realm, $nonce, $nonce_count, $nonce_client, $qop, $method, $URI, $URI_prefix, $URI_resource, $URI_suffix);
6268 $directive = "MD5"; # only directive currently supported
6270 if (defined ($additional_param))
6272 $user = $additional_param;
6273 $realm = $additional_param2;
6275 $nonce_count = $additional_param3;
6276 $nonce_client = $additional_param4;
6277 $qop = $additional_param5;
6278 $method = $additional_param6;
6280 $URI_prefix = $additional_param7;
6281 $URI_resource = $additional_param8;
6282 $URI_suffix = $additional_param9;
6284 # not needed information
6286 $URI_server = $additional_param10;
6287 $URI_client = $additional_param11;
6291 $user = get_random_string
(get_random_num
(0, 12 + 1));
6293 # special limit: (user_len + 1 + realm_len + 1 + word_buf_len) < 56
6294 my $realm_max_len = 55 - length ($user) - 1 - length ($word_buf) - 1;
6296 if ($realm_max_len < 1) # should never happen
6301 $realm_max_len = min
(20, $realm_max_len);
6303 $realm = get_random_string
(get_random_num
(0, $realm_max_len + 1));
6307 if (get_random_num
(0, 1 + 1) == 1)
6311 $nonce_count = get_random_string
(get_random_num
(0, 10 + 1));
6312 $nonce_client = get_random_string
(get_random_num
(0, 12 + 1));
6322 $method = get_random_string
(get_random_num
(0, 24 + 1));
6324 $URI_prefix = get_random_string
(get_random_num
(0, 10 + 1));
6325 $URI_resource = get_random_string
(get_random_num
(1, 32 + 1));
6326 $URI_suffix = get_random_string
(get_random_num
(0, 32 + 1));
6328 # not needed information
6330 $URI_server = get_random_string
(get_random_num
(0, 32 + 1));
6331 $URI_client = $URI_resource; # simplification
6338 if (length ($URI_prefix) > 0)
6340 $URI = $URI_prefix . ":";
6343 $URI .= $URI_resource;
6345 if (length ($URI_suffix) > 0)
6347 $URI .= ":" . $URI_suffix;
6350 my $HA2 = md5_hex
($method . ":" . $URI);
6352 my $HA1 = md5_hex
($user . ":" . $realm . ":" . $word_buf);
6356 if (($qop eq "auth") || ($qop eq "auth-int"))
6358 $tmp_buf = $nonce . ":" . $nonce_count . ":" . $nonce_client . ":" . $qop;
6365 my $hash_buf = md5_hex
($HA1 . ":" . $tmp_buf . ":" . $HA2);
6367 $tmp_hash = sprintf ("\$sip\$*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s*%s", $URI_server, $URI_resource, $user, $realm, $method, $URI_prefix, $URI_resource, $URI_suffix, $nonce, $nonce_client, $nonce_count, $qop, $directive, $hash_buf);
6369 elsif ($mode == 11500)
6371 $hash_buf = crc32
($word_buf);
6373 $tmp_hash = sprintf ("%08x:00000000", $hash_buf);
6375 elsif ($mode == 11600)
6377 my ($p, $num_cycle_power, $seven_zip_salt_len, $seven_zip_salt_buf, $salt_len, $data_len, $unpack_size, $data_buf);
6381 my $validation_only = 0;
6383 $validation_only = 1 if (defined ($additional_param));
6385 if ($validation_only == 1)
6387 $num_cycle_power = int ($iter);
6388 $seven_zip_salt_len = $additional_param;
6389 $seven_zip_salt_buf = $additional_param2;
6390 $salt_len = $additional_param3;
6391 # $salt_buf set in parser
6392 # $hash_buf (resulting crc)
6393 $data_len = $additional_param4;
6394 $unpack_size = $additional_param5;
6395 $data_buf = $additional_param6;
6399 $num_cycle_power = 14; # by default it is 19
6400 $seven_zip_salt_len = 0;
6401 $seven_zip_salt_buf = "";
6402 $salt_len = length ($salt_buf);
6403 # $salt_buf set automatically
6404 # $hash_buf (resulting crc)
6405 # $data_len will be set when encrypting
6406 $unpack_size = get_random_num
(1, 32 + 1);
6407 $data_buf = get_random_string
($unpack_size);
6411 # 2 ^ NumCyclesPower "iterations" of SHA256 (only one final SHA256)
6414 $word_buf = encode
("UTF-16LE", $word_buf);
6416 my $rounds = 1 << $num_cycle_power;
6420 for (my $i = 0; $i < $rounds; $i++)
6424 $num_buf .= pack ("V", $i);
6425 $num_buf .= "\x00" x
4;
6427 # this would be better but only works on 64-bit systems:
6428 # $num_buf = pack ("q", $i);
6430 $pass_buf .= sprintf ("%s%s", $word_buf, $num_buf);
6433 my $key = sha256
($pass_buf);
6435 # the salt_buf is our IV for AES CBC
6438 my $salt_buf_len = length ($salt_buf);
6439 my $salt_padding_len = 0;
6441 if ($salt_buf_len < 16)
6443 $salt_padding_len = 16 - $salt_buf_len;
6446 $salt_buf .= "\x00" x
$salt_padding_len;
6448 my $aes = Crypt
::CBC
->new ({
6449 cipher
=> "Crypt::Rijndael",
6457 if ($validation_only == 1)
6461 my $decrypted_data = $aes->decrypt ($data_buf);
6463 $decrypted_data = substr ($decrypted_data, 0, $unpack_size);
6465 $hash_buf = crc32
($decrypted_data);
6471 $hash_buf = crc32
($data_buf);
6473 $data_buf = $aes->encrypt ($data_buf);
6475 $data_len = length ($data_buf);
6478 $tmp_hash = sprintf ("\$7z\$%i\$%i\$%i\$%s\$%i\$%08s\$%u\$%u\$%u\$%s", $p, $num_cycle_power, $seven_zip_salt_len, $seven_zip_salt_buf, $salt_len, unpack ("H*", $salt_buf), $hash_buf, $data_len, $unpack_size, unpack ("H*", $data_buf));
6480 elsif ($mode == 11900)
6482 my $iterations = 1000;
6486 $iterations = int ($iter);
6491 if (defined $additional_param)
6493 $out_len = $additional_param;
6497 # call PHP here - WTF
6500 # sanitize $word_buf and $salt_buf:
6502 my $word_buf_base64 = encode_base64
($word_buf);
6503 $word_buf_base64 =~ s/[\r\n]//g;
6505 my $salt_buf_base64 = encode_base64
($salt_buf);
6506 $salt_buf_base64 =~ s/[\r\n]//g;
6510 $out_len = int ($out_len);
6512 # output is in hex encoding, otherwise it could be screwed (but shouldn't)
6514 my $php_code = <<'END_CODE';
6516 function pbkdf2 ($algorithm, $password, $salt, $count, $key_length, $raw_output = false)
6518 $algorithm = strtolower ($algorithm);
6520 if (! in_array ($algorithm, hash_algos (), true))
6522 trigger_error ("PBKDF2 ERROR: Invalid hash algorithm.", E_USER_ERROR);
6525 if ($count <= 0 || $key_length <= 0)
6527 trigger_error ("PBKDF2 ERROR: Invalid parameters.", E_USER_ERROR);
6530 if (function_exists ("hash_pbkdf2"))
6534 $key_length = $key_length * 2;
6537 return hash_pbkdf2 ($algorithm, $password, $salt, $count, $key_length, $raw_output);
6540 $hash_length = strlen (hash ($algorithm, "", true));
6541 $block_count = ceil ($key_length / $hash_length);
6545 for ($i = 1; $i <= $block_count; $i++)
6547 $last = $salt . pack ("N", $i);
6549 $last = $xorsum = hash_hmac ($algorithm, $last, $password, true);
6551 for ($j = 1; $j < $count; $j++)
6553 $xorsum ^= ($last = hash_hmac ($algorithm, $last, $password, true));
6561 return substr ($output, 0, $key_length);
6565 return bin2hex (substr ($output, 0, $key_length));
6569 print pbkdf2 ("md5", base64_decode ("$word_buf_base64"), base64_decode ("$salt_buf_base64"), $iterations, $out_len, False);
6573 # replace with these command line arguments
6575 $php_code =~ s/\$word_buf_base64/$word_buf_base64/;
6576 $php_code =~ s/\$salt_buf_base64/$salt_buf_base64/;
6577 $php_code =~ s/\$iterations/$iterations/;
6578 $php_code =~ s/\$out_len/$out_len/;
6580 my $php_output = `php -r '$php_code'`;
6582 $hash_buf = pack ("H*", $php_output);
6584 $hash_buf = encode_base64 ($hash_buf);
6585 $hash_buf =~ s/[\r\n]//g;
6587 my $base64_salt_buf = encode_base64 ($salt_buf);
6589 chomp ($base64_salt_buf);
6591 $tmp_hash = sprintf ("md5:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6593 elsif ($mode == 12000)
6595 my $iterations = 1000;
6599 $iterations = int ($iter);
6604 if (defined $additional_param)
6606 $out_len = $additional_param;
6609 my $pbkdf2 = Crypt::PBKDF2->new
6611 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1'),
6612 iterations => $iterations,
6613 output_len => $out_len
6616 $hash_buf = encode_base64 ($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
6617 $hash_buf =~ s/[\r\n]//g;
6619 my $base64_salt_buf = encode_base64 ($salt_buf);
6621 chomp ($base64_salt_buf);
6623 $tmp_hash = sprintf ("sha1:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6625 elsif ($mode == 12100)
6627 my $iterations = 1000;
6631 $iterations = int ($iter);
6636 if (defined $additional_param)
6638 $out_len = $additional_param;
6641 my $pbkdf2 = Crypt::PBKDF2->new
6643 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 512),
6644 iterations => $iterations,
6645 output_len => $out_len
6648 $hash_buf = encode_base64 ($pbkdf2->PBKDF2 ($salt_buf, $word_buf));
6649 $hash_buf =~ s/[\r\n]//g;
6651 my $base64_salt_buf = encode_base64 ($salt_buf);
6653 chomp ($base64_salt_buf);
6655 $tmp_hash = sprintf ("sha512:%i:%s:%s", $iterations, $base64_salt_buf, $hash_buf);
6657 elsif ($mode == 12200)
6659 my $iterations = 65536;
6661 my $default_salt = 0;
6663 if (defined $additional_param)
6665 $default_salt = int ($additional_param);
6668 if ($default_salt == 1)
6670 $salt_buf = "0011223344556677";
6673 $hash_buf = sha512 (pack ("H*", $salt_buf) . $word_buf);
6675 for (my $i = 0; $i < $iterations; $i++)
6677 $hash_buf = sha512 ($hash_buf);
6680 $hash_buf = unpack ("H*", $hash_buf);
6681 $hash_buf = substr ($hash_buf, 0, 16);
6683 if ($default_salt == 0)
6685 $tmp_hash = sprintf ("\$ecryptfs\$0\$1\$%s\$%s", $salt_buf, $hash_buf);
6689 $tmp_hash = sprintf ("\$ecryptfs\$0\$%s", $hash_buf);
6692 elsif ($mode == 12300)
6694 my $iterations = 4096;
6696 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 512);
6698 my $pbkdf2 = Crypt::PBKDF2->new (
6700 iterations => $iterations,
6704 my $salt_bin = pack ("H*", $salt_buf);
6706 my $key = $pbkdf2->PBKDF2 ($salt_bin. "AUTH_PBKDF2_SPEEDY_KEY", $word_buf);
6708 $hash_buf = sha512_hex ($key . $salt_bin);
6710 $tmp_hash = sprintf ("%s%s", uc ($hash_buf), uc ($salt_buf));
6712 elsif ($mode == 12400)
6718 $iterations = int ($iter);
6722 $iterations = get_random_num (1, 5001 + 1);
6725 my $key_value = fold_password ($word_buf);
6727 my $data = "\x00\x00\x00\x00\x00\x00\x00\x00";
6728 my $salt_value = base64_to_int24 ($salt_buf);
6730 $hash_buf = crypt_rounds ($key_value, $iterations, $salt_value, $data);
6732 $tmp_hash = sprintf ("_%s%s%s", int24_to_base64 ($iterations), $salt_buf, block_to_base64 ($hash_buf));
6734 elsif ($mode == 12600)
6736 $hash_buf = sha1_hex ($word_buf);
6738 $hash_buf = sha256_hex ($salt_buf . uc $hash_buf);
6740 $tmp_hash = sprintf ("%s:%s", $hash_buf, $salt_buf);
6742 elsif ($mode == 12700)
6744 my $iterations = 10;
6747 "guid" : "00000000-0000-0000-0000-000000000000",
6748 "sharedKey" : "00000000-0000-0000-0000-000000000000",
6749 "options" : {"pbkdf2_iterations":10,"fee_policy":0,"html5_notifications":false,"logout_time":600000,"tx_display":0,"always_keep_local_backup":false}|;
6751 my $salt_buf_bin = pack ("H*", $salt_buf);
6753 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1');
6755 my $pbkdf2 = Crypt::PBKDF2->new (
6757 iterations => $iterations,
6761 my $key = $pbkdf2->PBKDF2 ($salt_buf_bin, $word_buf);
6763 my $cipher = Crypt::CBC->new ({
6765 cipher => "Crypt::Rijndael",
6766 iv => $salt_buf_bin,
6772 my $encrypted = unpack ("H*", $cipher->encrypt ($data));
6774 $tmp_hash = sprintf ("\$blockchain\$%s\$%s", length ($salt_buf . $encrypted) / 2, $salt_buf . $encrypted);
6776 elsif ($mode == 12800)
6778 my $iterations = 100;
6782 $iterations = int ($iter);
6785 my $nt = md4_hex (encode ("UTF-16LE", $word_buf));
6787 my $pbkdf2 = Crypt::PBKDF2->new
6789 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
6790 iterations => $iterations,
6794 my $salt_buf_bin = pack ("H*", $salt_buf);
6796 my $hash = $pbkdf2->PBKDF2 ($salt_buf_bin, uc (encode ("UTF-16LE", $nt)));
6798 $tmp_hash = sprintf ("v1;PPH1_MD4,%s,%d,%s", $salt_buf, $iterations, unpack ("H*", $hash));
6800 elsif ($mode == 12900)
6802 my $iterations = 4096;
6806 $iterations = int ($iter);
6809 my $salt2 = $salt_buf . $salt_buf;
6811 if (defined $additional_param)
6813 $salt2 = $additional_param;
6816 my $pbkdf2 = Crypt::PBKDF2->new
6818 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
6819 iterations => $iterations,
6823 my $salt_buf_bin = pack ("H*", $salt_buf);
6825 my $hash = $pbkdf2->PBKDF2 ($salt_buf_bin, $word_buf);
6827 my $salt2_bin = pack ("H*", $salt2);
6829 my $hash_hmac = hmac_hex ($salt2_bin, $hash, \&sha256, 64);
6831 $tmp_hash = sprintf ("%s%s%s", $salt2, $hash_hmac, $salt_buf);
6833 elsif ($mode == 13000)
6835 my $iterations = 15;
6839 $iterations = int ($iter);
6844 if (defined $additional_param)
6846 $iv = $additional_param;
6849 my $pbkdf2 = Crypt::PBKDF2->new
6851 hasher => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
6852 iterations => (1 << $iterations) + 32,
6856 my $salt_buf_bin = pack ("H*", $salt_buf);
6858 my $hash = $pbkdf2->PBKDF2 ($salt_buf_bin, $word_buf);
6860 my $hash_final = substr ($hash, 0, 8)
6861 ^ substr ($hash, 8, 8)
6862 ^ substr ($hash, 16, 8)
6863 ^ substr ($hash, 24, 8);
6865 $tmp_hash = sprintf ('$rar5$16$%s$%d$%s$8$%s', $salt_buf, $iterations, $iv, unpack ("H*", $hash_final));
6867 elsif ($mode == 13100)
6869 my @salt_arr = split ('\$', $salt_buf);
6871 my $user = $salt_arr[0];
6873 my $realm = $salt_arr[1];
6875 my $spn = $salt_arr[2];
6877 my $nonce = $salt_arr[3];
6879 my $cleartext_ticket = '6381b03081ada00703050050a00000a11b3019a003020117a1'.
6880 '12041058e0d77776e8b8e03991f2966939222aa2171b154d594b5242544553542e434f4e5'.
6881 '44f534f2e434f4da3133011a003020102a10a30081b067472616e6365a40b3009a0030201'.
6882 '01a1020400a511180f32303136303231353134343735305aa611180f32303136303231353'.
6883 '134343735305aa711180f32303136303231363030343735305aa811180f32303136303232'.
6886 $cleartext_ticket = $nonce . $cleartext_ticket;
6888 my $k = md4 (encode ("UTF-16LE", $word_buf));
6890 my $k1 = hmac_md5 ("\x02\x00\x00\x00", $k);
6892 my $checksum = hmac_md5 (pack ("H*", $cleartext_ticket), $k1);
6894 my $k3 = hmac_md5 ($checksum, $k1);
6896 my $cipher = Crypt::RC4->new ($k3);
6898 my $edata2 = $cipher->RC4 (pack ("H*", $cleartext_ticket));
6900 $tmp_hash = sprintf ('$krb5tgs$23$*%s$%s$%s*$%s$%s', $user, $realm, $spn, unpack ("H*", $checksum), unpack ("H*", $edata2));
6902 elsif ($mode == 13200)
6904 my @salt_arr = split ('\*', $salt_buf);
6906 my $iteration = $salt_arr[0];
6908 my $mysalt = $salt_arr[1];
6910 $mysalt = pack ("H*", $mysalt);
6912 my $DEK = randbytes (16);
6914 my $iv = "a6a6a6a6a6a6a6a6";
6916 my $KEK = sha1($word_buf);
6918 $KEK = substr ($KEK ^ $mysalt, 0, 16);
6920 my $aes = Crypt::Mode::ECB->new ('AES');
6922 my @R = ('', substr(pack ("H*",$DEK),0,8), substr(pack ("H*",$DEK),8,16));
6926 my $A = pack ("H*", $iv);
6928 for (my $j = 0; $j < $iteration; $j++)
6930 $B = $aes->encrypt ($A . $R[1], $KEK);
6932 $A = substr ($B, 0, 8) ^ pack ("q", (2 * $j + 1));
6934 $R[1] = substr ($B, 8, 16);
6936 $B = $aes->encrypt ($A . $R[2], $KEK);
6938 $A = substr ($B, 0, 8) ^ pack ("q", (2 * $j + 2));
6940 $R[2] = substr ($B, 8, 16);
6943 my $wrapped_key = unpack ("H*", $A . substr ($R[1], 0 ,8) . substr ($R[2], 0 ,8));
6945 $mysalt = unpack ("H*", $mysalt);
6947 $tmp_hash = sprintf ('$axcrypt$*1*%s*%s*%s', $iteration, $mysalt, $wrapped_key);
6949 elsif ($mode == 13300)
6951 $hash_buf = sha1_hex ($word_buf);
6953 $tmp_hash = sprintf ('$axcrypt_sha1$%s', substr ($hash_buf, 0, 32));
6957 elsif ($mode == 13400)
6959 my @salt_arr = split ('\*', $salt_buf);
6961 my $version = $salt_arr[0];
6963 my $iteration = $salt_arr[1];
6965 my $algorithm = $salt_arr[2];
6967 my $final_random_seed = $salt_arr[3];
6969 my $transf_random_seed = $salt_arr[4];
6971 my $enc_iv = $salt_arr[5];
6975 # specific to version 1
6980 # specific to version 2
6983 # specific to keyfile handling
6984 my $inline_keyfile_flag;
6986 my $keyfile_content;
6987 my $keyfile_attributes = "";
6989 $final_random_seed = pack ("H*", $final_random_seed);
6991 $transf_random_seed = pack ("H*", $transf_random_seed);
6993 $enc_iv = pack ("H*", $enc_iv);
6995 my $intermediate_hash = sha256 ($word_buf);
6999 $contents_hash = $salt_arr[6];
7000 $contents_hash = pack ("H*", $contents_hash);
7002 $inline_flag = $salt_arr[7];
7004 $contents_len = $salt_arr[8];
7006 $contents = $salt_arr[9];
7007 $contents = pack ("H*", $contents);
7010 if (scalar @salt_arr == 13)
7012 $inline_keyfile_flag = $salt_arr[10];
7014 $keyfile_len = $salt_arr[11];
7016 $keyfile_content = $salt_arr[12];
7018 $keyfile_attributes = $keyfile_attributes
7019 . "*" . $inline_keyfile_flag
7020 . "*" . $keyfile_len
7021 . "*" . $keyfile_content;
7023 $intermediate_hash = $intermediate_hash . pack ("H*", $keyfile_content);
7024 $intermediate_hash = sha256 ($intermediate_hash);
7027 elsif ($version == 2)
7030 if (scalar @salt_arr == 11)
7032 $inline_keyfile_flag = $salt_arr[8];
7034 $keyfile_len = $salt_arr[9];
7036 $keyfile_content = $salt_arr[10];
7038 $intermediate_hash = $intermediate_hash . pack ("H*", $keyfile_content);
7040 $keyfile_attributes = $keyfile_attributes
7041 . "*" . $inline_keyfile_flag
7042 . "*" . $keyfile_len
7043 . "*" . $keyfile_content;
7046 $intermediate_hash = sha256 ($intermediate_hash);
7049 my $aes = Crypt::Mode::ECB->new ('AES', 1);
7051 for (my $j = 0; $j < $iteration; $j++)
7053 $intermediate_hash = $aes->encrypt ($intermediate_hash, $transf_random_seed);
7055 $intermediate_hash = substr ($intermediate_hash, 0, 32);
7058 $intermediate_hash = sha256 ($intermediate_hash);
7060 my $final_key = sha256 ($final_random_seed . $intermediate_hash);
7062 my $final_algorithm;
7064 if ($version == 1 && $algorithm == 1)
7066 $final_algorithm = "Crypt::Twofish";
7070 $final_algorithm = "Crypt::Rijndael";
7073 my $cipher = Crypt::CBC->new ({
7075 cipher => $final_algorithm,
7084 $contents_hash = sha256 ($contents);
7086 $contents = $cipher->encrypt($contents);
7088 $tmp_hash = sprintf ('$keepass$*%d*%d*%d*%s*%s*%s*%s*%d*%d*%s%s',
7092 unpack ("H*", $final_random_seed),
7093 unpack ("H*", $transf_random_seed),
7094 unpack ("H*", $enc_iv),
7095 unpack ("H*", $contents_hash),
7098 unpack ("H*", $contents),
7099 $keyfile_attributes);
7103 $expected_bytes = $salt_arr[6];
7105 $contents_hash = $salt_arr[7];
7106 $contents_hash = pack ("H*", $contents_hash);
7108 $expected_bytes = $cipher->decrypt($contents_hash);
7110 $tmp_hash = sprintf ('$keepass$*%d*%d*%d*%s*%s*%s*%s*%s%s',
7114 unpack ("H*", $final_random_seed),
7115 unpack ("H*", $transf_random_seed),
7116 unpack ("H*", $enc_iv),
7117 unpack ("H*", $expected_bytes),
7118 unpack ("H*", $contents_hash),
7119 $keyfile_attributes);
7130 my $word_len = shift;
7132 my $salt_len = shift;
7136 $max = 15 if ($mode == 2410);
7138 if ($is_unicode{$mode})
7140 if (! $allow_long_salt{$mode})
7142 $word_len = min ($word_len, int ($max / 2) - $salt_len);
7146 $word_len = min ($word_len, int ($max / 2));
7149 elsif ($less_fifteen{$mode})
7151 $word_len = min ($word_len, 15);
7155 $salt_len = min ($salt_len, 15 - $word_len);
7160 if (! $allow_long_salt{$mode})
7162 $word_len = min ($word_len, $max - $salt_len);
7181 for (my $i = 0; $i < $salt_len; $i++)
7183 my $c = get_random_chr (0x30, 0x39);
7185 push (@salt_arr, $c);
7188 $salt_buf = join ("", @salt_arr);
7190 $salt_buf = get_random_md5chap_salt ($salt_buf);
7192 elsif ($mode == 5300 || $mode == 5400)
7194 $salt_buf = get_random_ike_salt ();
7196 elsif ($mode == 5500)
7198 $salt_buf = get_random_netntlmv1_salt ($salt_len, $salt_len);
7200 elsif ($mode == 5600)
7202 $salt_buf = get_random_netntlmv2_salt ($salt_len, $salt_len);
7204 elsif ($mode == 6600)
7206 $salt_buf = get_random_agilekeychain_salt ();
7208 elsif ($mode == 8200)
7210 $salt_buf = get_random_cloudkeychain_salt ();
7212 elsif ($mode == 8300)
7214 $salt_buf = get_random_dnssec_salt ();
7216 elsif ($mode == 13100)
7218 $salt_buf = get_random_kerberos5_tgs_salt ();
7220 elsif ($mode == 13200)
7222 $salt_buf = get_random_axcrypt_salt ();
7224 elsif ($mode == 13400)
7226 $salt_buf = get_random_keepass_salt ();
7232 for (my $i = 0; $i < $salt_len; $i++)
7234 my $c = get_random_chr (0x30, 0x39);
7236 push (@salt_arr, $c);
7239 $salt_buf = join ("", @salt_arr);
7243 $salt_buf = get_random_kerberos5_salt ($salt_buf);
7253 for (my $i = 0; $i < $word_len; $i++)
7255 my $c = get_random_chr (0x30, 0x39);
7257 push (@word_arr, $c);
7260 my $word_buf = join ("", @word_arr);
7266 my $tmp_hash = gen_hash ($mode, $word_buf, $salt_buf);
7279 print sprintf ("echo -n %-20s | %s \${OPTS} %s %4d '%s'\n", $word_buf, @cmd);
7291 sub get_random_string
7297 for (my $i = 0; $i < $len; $i++)
7299 my $c = get_random_chr (0x30, 0x39);
7304 my $buf = join ("", @arr);
7314 return int ((rand ($max - $min)) + $min);
7319 return chr get_random_num (@_);
7328 for (my $i = 0; $i < length ($str); $i += 4)
7330 my $num = domino_base64_decode (substr ($str, $i, 4), 4);
7332 $decoded .= chr (($num >> 16) & 0xff) . chr (($num >> 8) & 0xff) . chr ($num & 0xff);
7339 $salt = substr ($decoded, 0, 5);
7341 my $byte10 = (ord (substr ($salt, 3, 1)) - 4);
7345 $byte10 = 256 + $byte10;
7348 substr ($salt, 3, 1) = chr ($byte10);
7350 $digest = substr ($decoded, 5, 9);
7351 $char = substr ($str, 18, 1);
7353 return ($digest, $salt, $char);
7356 sub domino_85x_decode
7362 for (my $i = 0; $i < length ($str); $i += 4)
7364 my $num = domino_base64_decode (substr ($str, $i, 4), 4);
7366 $decoded .= chr (($num >> 16) & 0xff) . chr (($num >> 8) & 0xff) . chr ($num & 0xff);
7371 my $iterations = -1;
7374 $salt = substr ($decoded, 0, 16); # longer than -m 8700 (5 vs 16 <- new)
7376 my $byte10 = (ord (substr ($salt, 3, 1)) - 4);
7380 $byte10 = 256 + $byte10;
7383 substr ($salt, 3, 1) = chr ($byte10);
7385 $iterations = substr ($decoded, 16, 10);
7387 if ($iterations =~ /^?d*$/)
7391 $iterations = $iterations + 0; # hack: make sure it is an int now (atoi ())
7392 $chars = substr ($decoded, 26, 2); # in my example it is "02"
7393 $digest = substr ($decoded, 28, 8); # only of length of 8 vs 20 SHA1 bytes
7396 return ($digest, $salt, $iterations, $chars);
7399 sub domino_base64_decode
7404 my $itoa64 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
7412 my $idx = (index ($itoa64, substr ($v, $n - $i, 1))) & 0x3f;
7414 $ret += ($idx << (6 * ($i - 1)));
7427 my $byte10 = (ord (substr ($final, 3, 1)) + 4);
7431 $byte10 = $byte10 - 256;
7434 substr ($final, 3, 1) = chr ($byte10);
7438 $passwd .= domino_base64_encode ((int (ord (substr ($final, 0, 1))) << 16) | (int (ord (substr ($final, 1, 1))) << 8) | (int (ord (substr ($final, 2, 1)))), 4);
7439 $passwd .= domino_base64_encode ((int (ord (substr ($final, 3, 1))) << 16) | (int (ord (substr ($final, 4, 1))) << 8) | (int (ord (substr ($final, 5, 1)))), 4);
7440 $passwd .= domino_base64_encode ((int (ord (substr ($final, 6, 1))) << 16) | (int (ord (substr ($final, 7, 1))) << 8) | (int (ord (substr ($final, 8, 1)))), 4);
7441 $passwd .= domino_base64_encode ((int (ord (substr ($final, 9, 1))) << 16) | (int (ord (substr ($final, 10, 1))) << 8) | (int (ord (substr ($final, 11, 1)))), 4);
7442 $passwd .= domino_base64_encode ((int (ord (substr ($final, 12, 1))) << 16) | (int (ord (substr ($final, 13, 1))) << 8) | (int (ord (substr ($final, 14, 1)))), 4);
7444 if (defined ($char))
7446 substr ($passwd, 18, 1) = $char;
7448 substr ($passwd, 19, 1) = "";
7453 sub domino_85x_encode
7458 my $byte10 = (ord (substr ($final, 3, 1)) + 4);
7462 $byte10 = $byte10 - 256;
7465 substr ($final, 3, 1) = chr ($byte10);
7469 $passwd .= domino_base64_encode ((int (ord (substr ($final, 0, 1))) << 16) | (int (ord (substr ($final, 1, 1))) << 8) | (int (ord (substr ($final, 2, 1)))), 4);
7470 $passwd .= domino_base64_encode ((int (ord (substr ($final, 3, 1))) << 16) | (int (ord (substr ($final, 4, 1))) << 8) | (int (ord (substr ($final, 5, 1)))), 4);
7471 $passwd .= domino_base64_encode ((int (ord (substr ($final, 6, 1))) << 16) | (int (ord (substr ($final, 7, 1))) << 8) | (int (ord (substr ($final, 8, 1)))), 4);
7472 $passwd .= domino_base64_encode ((int (ord (substr ($final, 9, 1))) << 16) | (int (ord (substr ($final, 10, 1))) << 8) | (int (ord (substr ($final, 11, 1)))), 4);
7473 $passwd .= domino_base64_encode ((int (ord (substr ($final, 12, 1))) << 16) | (int (ord (substr ($final, 13, 1))) << 8) | (int (ord (substr ($final, 14, 1)))), 4);
7474 $passwd .= domino_base64_encode ((int (ord (substr ($final, 15, 1))) << 16) | (int (ord (substr ($final, 16, 1))) << 8) | (int (ord (substr ($final, 17, 1)))), 4);
7475 $passwd .= domino_base64_encode ((int (ord (substr ($final, 18, 1))) << 16) | (int (ord (substr ($final, 19, 1))) << 8) | (int (ord (substr ($final, 20, 1)))), 4);
7476 $passwd .= domino_base64_encode ((int (ord (substr ($final, 21, 1))) << 16) | (int (ord (substr ($final, 22, 1))) << 8) | (int (ord (substr ($final, 23, 1)))), 4);
7477 $passwd .= domino_base64_encode ((int (ord (substr ($final, 24, 1))) << 16) | (int (ord (substr ($final, 25, 1))) << 8) | (int (ord (substr ($final, 26, 1)))), 4);
7478 $passwd .= domino_base64_encode ((int (ord (substr ($final, 27, 1))) << 16) | (int (ord (substr ($final, 28, 1))) << 8) | (int (ord (substr ($final, 29, 1)))), 4);
7479 $passwd .= domino_base64_encode ((int (ord (substr ($final, 30, 1))) << 16) | (int (ord (substr ($final, 31, 1))) << 8) | (int (ord (substr ($final, 32, 1)))), 4);
7480 $passwd .= domino_base64_encode ((int (ord (substr ($final, 33, 1))) << 16) | (int (ord (substr ($final, 34, 1))) << 8) | (int (ord (substr ($final, 35, 1)))), 4);
7482 if (defined ($char))
7484 substr ($passwd, 18, 1) = $char;
7490 sub domino_base64_encode
7495 my $itoa64 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
7499 while (($n - 1) >= 0)
7503 $ret = substr ($itoa64, $v & 0x3f, 1) . $ret;
7513 my $itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
7518 my $v = unpack "V", substr($md5, $i*4, 4);
7520 $s64 .= substr($itoa64, $v & 0x3f, 1);
7529 my ($username, $password) = @_;
7531 $username = substr ($username . " " x 8, 0, 8);
7532 $password = substr ($password . " " x 8, 0, 8);
7534 my $username_ebc = ascii2ebcdic ($username);
7535 my $password_ebc = ascii2ebcdic ($password);
7537 my @pw = split ("", $password_ebc);
7539 for (my $i = 0; $i < 8; $i++)
7541 $pw[$i] = unpack ("C", $pw[$i]);
7544 $pw[$i] = pack ("C", $pw[$i] & 0xff);
7547 my $key = join ("", @pw);
7549 my $cipher = new Crypt::DES $key;
7551 my $ciphertext = $cipher->encrypt ($username_ebc);
7553 my $ct = unpack ("H16", $ciphertext);
7560 my ($username, $password) = @_;
7562 my $userpass = pack('n*', unpack('C*', uc($username.$password)));
7563 $userpass .= pack('C', 0) while (length($userpass) % 8);
7565 my $key = pack('H*', "0123456789ABCDEF");
7566 my $iv = pack('H*', "0000000000000000");
7568 my $c = new Crypt::CBC(
7575 my $key2 = substr($c->encrypt($userpass), length($userpass)-8, 8);
7577 my $c2 = new Crypt::CBC(
7584 my $hash = substr($c2->encrypt($userpass), length($userpass)-8, 8);
7586 return uc(unpack('H*', $hash));
7591 my $word_buf = shift;
7593 my $salt_buf = shift;
7595 my $w = sprintf ("%d%s%s", 0, $word_buf, $salt_buf);
7597 my $digest = sha1 ($w);
7599 for (my $i = 1; $i < 1024; $i++)
7601 $w = $digest . sprintf ("%d%s%s", $i, $word_buf, $salt_buf);
7603 $digest = sha1 ($w);
7606 my ($A, $B, $C, $D, $E) = unpack ("N5", $digest);
7608 return sprintf ("%08x%08x%08x%08x%08x", $A, $B, $C, $D, $E);
7616 my $itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
7620 while (($n - 1) >= 0)
7624 $ret .= substr ($itoa64, $v & 0x3f, 1);
7640 my $hash = ""; # hash to be returned by this function
7642 my $final = md5 ($pass . $salt . $pass);
7644 $salt = substr ($salt, 0, 8);
7646 my $tmp = $pass . $magic . $salt;
7648 my $pass_len = length ($pass);
7652 for ($i = $pass_len; $i > 0; $i -= 16)
7661 $tmp .= substr ($final, 0, $len);
7674 $tmp .= substr ($pass, 0, 1);
7680 $final = md5 ($tmp);
7682 for ($i = 0; $i < $iter; $i++)
7714 $final = md5 ($tmp);
7718 # now format the output sting ("hash")
7722 $hash = to64 ((ord (substr ($final, 0, 1)) << 16) | (ord (substr ($final, 6, 1)) << 8) | (ord (substr ($final, 12, 1))), 4);
7723 $hash .= to64 ((ord (substr ($final, 1, 1)) << 16) | (ord (substr ($final, 7, 1)) << 8) | (ord (substr ($final, 13, 1))), 4);
7724 $hash .= to64 ((ord (substr ($final, 2, 1)) << 16) | (ord (substr ($final, 8, 1)) << 8) | (ord (substr ($final, 14, 1))), 4);
7725 $hash .= to64 ((ord (substr ($final, 3, 1)) << 16) | (ord (substr ($final, 9, 1)) << 8) | (ord (substr ($final, 15, 1))), 4);
7726 $hash .= to64 ((ord (substr ($final, 4, 1)) << 16) | (ord (substr ($final, 10, 1)) << 8) | (ord (substr ($final, 5, 1))), 4);
7727 $hash .= to64 (ord (substr ($final, 11, 1)), 2);
7729 if ($iter == 1000) # default
7731 $hash_buf = sprintf ("%s%s\$%s", $magic , $salt , $hash);
7735 $hash_buf = sprintf ("%srounds=%i\$%s\$%s", $magic, $iter, $salt , $hash);
7747 my $hash = ""; # hash to be returned by this function
7749 my $final = sha512 ($pass . $salt . $pass);
7751 $salt = substr ($salt, 0, 16);
7753 my $tmp = $pass . $salt;
7755 my $pass_len = length ($pass);
7756 my $salt_len = length ($salt);
7760 for ($i = $pass_len; $i > 0; $i -= 16)
7769 $tmp .= substr ($final, 0, $len);
7788 $final = sha512 ($tmp);
7794 for ($i = 0; $i < $pass_len; $i++)
7799 $p_bytes = sha512 ($p_bytes);
7800 $p_bytes = substr ($p_bytes, 0, $pass_len);
7804 my $final_first_byte = ord (substr ($final, 0, 1));
7808 for ($i = 0; $i < (16 + $final_first_byte); $i++)
7813 $s_bytes = sha512 ($s_bytes);
7814 $s_bytes = substr ($s_bytes, 0, $salt_len);
7816 for ($i = 0; $i < $iter; $i++)
7848 $final = sha512 ($tmp);
7852 # now format the output string ("hash")
7856 $hash .= to64 ((ord (substr ($final, 0, 1)) << 16) | (ord (substr ($final, 21, 1)) << 8) | (ord (substr ($final, 42, 1))), 4);
7857 $hash .= to64 ((ord (substr ($final, 22, 1)) << 16) | (ord (substr ($final, 43, 1)) << 8) | (ord (substr ($final, 1, 1))), 4);
7858 $hash .= to64 ((ord (substr ($final, 44, 1)) << 16) | (ord (substr ($final, 2, 1)) << 8) | (ord (substr ($final, 23, 1))), 4);
7859 $hash .= to64 ((ord (substr ($final, 3, 1)) << 16) | (ord (substr ($final, 24, 1)) << 8) | (ord (substr ($final, 45, 1))), 4);
7860 $hash .= to64 ((ord (substr ($final, 25, 1)) << 16) | (ord (substr ($final, 46, 1)) << 8) | (ord (substr ($final, 4, 1))), 4);
7861 $hash .= to64 ((ord (substr ($final, 47, 1)) << 16) | (ord (substr ($final, 5, 1)) << 8) | (ord (substr ($final, 26, 1))), 4);
7862 $hash .= to64 ((ord (substr ($final, 6, 1)) << 16) | (ord (substr ($final, 27, 1)) << 8) | (ord (substr ($final, 48, 1))), 4);
7863 $hash .= to64 ((ord (substr ($final, 28, 1)) << 16) | (ord (substr ($final, 49, 1)) << 8) | (ord (substr ($final, 7, 1))), 4);
7864 $hash .= to64 ((ord (substr ($final, 50, 1)) << 16) | (ord (substr ($final, 8, 1)) << 8) | (ord (substr ($final, 29, 1))), 4);
7865 $hash .= to64 ((ord (substr ($final, 9, 1)) << 16) | (ord (substr ($final, 30, 1)) << 8) | (ord (substr ($final, 51, 1))), 4);
7866 $hash .= to64 ((ord (substr ($final, 31, 1)) << 16) | (ord (substr ($final, 52, 1)) << 8) | (ord (substr ($final, 10, 1))), 4);
7867 $hash .= to64 ((ord (substr ($final, 53, 1)) << 16) | (ord (substr ($final, 11, 1)) << 8) | (ord (substr ($final, 32, 1))), 4);
7868 $hash .= to64 ((ord (substr ($final, 12, 1)) << 16) | (ord (substr ($final, 33, 1)) << 8) | (ord (substr ($final, 54, 1))), 4);
7869 $hash .= to64 ((ord (substr ($final, 34, 1)) << 16) | (ord (substr ($final, 55, 1)) << 8) | (ord (substr ($final, 13, 1))), 4);
7870 $hash .= to64 ((ord (substr ($final, 56, 1)) << 16) | (ord (substr ($final, 14, 1)) << 8) | (ord (substr ($final, 35, 1))), 4);
7871 $hash .= to64 ((ord (substr ($final, 15, 1)) << 16) | (ord (substr ($final, 36, 1)) << 8) | (ord (substr ($final, 57, 1))), 4);
7872 $hash .= to64 ((ord (substr ($final, 37, 1)) << 16) | (ord (substr ($final, 58, 1)) << 8) | (ord (substr ($final, 16, 1))), 4);
7873 $hash .= to64 ((ord (substr ($final, 59, 1)) << 16) | (ord (substr ($final, 17, 1)) << 8) | (ord (substr ($final, 38, 1))), 4);
7874 $hash .= to64 ((ord (substr ($final, 18, 1)) << 16) | (ord (substr ($final, 39, 1)) << 8) | (ord (substr ($final, 60, 1))), 4);
7875 $hash .= to64 ((ord (substr ($final, 40, 1)) << 16) | (ord (substr ($final, 61, 1)) << 8) | (ord (substr ($final, 19, 1))), 4);
7876 $hash .= to64 ((ord (substr ($final, 62, 1)) << 16) | (ord (substr ($final, 20, 1)) << 8) | (ord (substr ($final, 41, 1))), 4);
7877 $hash .= to64 (ord (substr ($final, 63, 1)), 2);
7881 if ($iter == 5000) # default
7883 $hash_buf = sprintf ("%s%s\$%s", $magic, $salt , $hash);
7887 $hash_buf = sprintf ("%srounds=%i\$%s\$%s", $magic, $iter, $salt , $hash);
7899 my $hash = ""; # hash to be returned by this function
7901 my $final = sha256 ($pass . $salt . $pass);
7903 $salt = substr ($salt, 0, 16);
7905 my $tmp = $pass . $salt;
7907 my $pass_len = length ($pass);
7908 my $salt_len = length ($salt);
7912 for ($i = $pass_len; $i > 0; $i -= 16)
7921 $tmp .= substr ($final, 0, $len);
7940 $final = sha256 ($tmp);
7946 for ($i = 0; $i < $pass_len; $i++)
7951 $p_bytes = sha256 ($p_bytes);
7952 $p_bytes = substr ($p_bytes, 0, $pass_len);
7956 my $final_first_byte = ord (substr ($final, 0, 1));
7960 for ($i = 0; $i < (16 + $final_first_byte); $i++)
7965 $s_bytes = sha256 ($s_bytes);
7966 $s_bytes = substr ($s_bytes, 0, $salt_len);
7968 for ($i = 0; $i < $iter; $i++)
8000 $final = sha256 ($tmp);
8004 # now format the output string ("hash")
8008 $hash .= to64 ((ord (substr ($final, 0, 1)) << 16) | (ord (substr ($final, 10, 1)) << 8) | (ord (substr ($final, 20, 1))), 4);
8009 $hash .= to64 ((ord (substr ($final, 21, 1)) << 16) | (ord (substr ($final, 1, 1)) << 8) | (ord (substr ($final, 11, 1))), 4);
8010 $hash .= to64 ((ord (substr ($final, 12, 1)) << 16) | (ord (substr ($final, 22, 1)) << 8) | (ord (substr ($final, 2, 1))), 4);
8011 $hash .= to64 ((ord (substr ($final, 3, 1)) << 16) | (ord (substr ($final, 13, 1)) << 8) | (ord (substr ($final, 23, 1))), 4);
8012 $hash .= to64 ((ord (substr ($final, 24, 1)) << 16) | (ord (substr ($final, 4, 1)) << 8) | (ord (substr ($final, 14, 1))), 4);
8013 $hash .= to64 ((ord (substr ($final, 15, 1)) << 16) | (ord (substr ($final, 25, 1)) << 8) | (ord (substr ($final, 5, 1))), 4);
8014 $hash .= to64 ((ord (substr ($final, 6, 1)) << 16) | (ord (substr ($final, 16, 1)) << 8) | (ord (substr ($final, 26, 1))), 4);
8015 $hash .= to64 ((ord (substr ($final, 27, 1)) << 16) | (ord (substr ($final, 7, 1)) << 8) | (ord (substr ($final, 17, 1))), 4);
8016 $hash .= to64 ((ord (substr ($final, 18, 1)) << 16) | (ord (substr ($final, 28, 1)) << 8) | (ord (substr ($final, 8, 1))), 4);
8017 $hash .= to64 ((ord (substr ($final, 9, 1)) << 16) | (ord (substr ($final, 19, 1)) << 8) | (ord (substr ($final, 29, 1))), 4);
8018 $hash .= to64 ((ord (substr ($final, 31, 1)) << 8) | (ord (substr ($final, 30, 1))), 3);
8022 if ($iter == 5000) # default
8024 $hash_buf = sprintf ("%s%s\$%s", $magic, $salt , $hash);
8028 $hash_buf = sprintf ("%srounds=%i\$%s\$%s", $magic, $iter, $salt , $hash);
8034 sub aix_ssha256_pbkdf2
8036 my $word_buf = shift;
8037 my $salt_buf = shift;
8038 my $iterations = shift;
8040 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256);
8042 my $pbkdf2 = Crypt::PBKDF2->new (
8044 iterations => $iterations,
8048 my $hash_buf = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
8052 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 1, 1))) << 8) | (int (ord (substr ($hash_buf, 2, 1)))), 4);
8053 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 4, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
8054 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 6, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 8, 1)))), 4);
8055 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 9, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 11, 1)))), 4);
8056 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 12, 1))) << 16) | (int (ord (substr ($hash_buf, 13, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
8057 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 15, 1))) << 16) | (int (ord (substr ($hash_buf, 16, 1))) << 8) | (int (ord (substr ($hash_buf, 17, 1)))), 4);
8058 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 18, 1))) << 16) | (int (ord (substr ($hash_buf, 19, 1))) << 8) | (int (ord (substr ($hash_buf, 20, 1)))), 4);
8059 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 21, 1))) << 16) | (int (ord (substr ($hash_buf, 22, 1))) << 8) | (int (ord (substr ($hash_buf, 23, 1)))), 4);
8060 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 24, 1))) << 16) | (int (ord (substr ($hash_buf, 25, 1))) << 8) | (int (ord (substr ($hash_buf, 26, 1)))), 4);
8061 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 27, 1))) << 16) | (int (ord (substr ($hash_buf, 28, 1))) << 8) | (int (ord (substr ($hash_buf, 29, 1)))), 4);
8062 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 30, 1))) << 16) | (int (ord (substr ($hash_buf, 31, 1))) << 8) , 3);
8067 sub aix_ssha512_pbkdf2
8069 my $word_buf = shift;
8070 my $salt_buf = shift;
8071 my $iterations = shift;
8073 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 512);
8075 my $pbkdf2 = Crypt::PBKDF2->new (
8077 iterations => $iterations,
8080 my $hash_buf = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
8084 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 1, 1))) << 8) | (int (ord (substr ($hash_buf, 2, 1)))), 4);
8085 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 4, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
8086 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 6, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 8, 1)))), 4);
8087 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 9, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 11, 1)))), 4);
8088 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 12, 1))) << 16) | (int (ord (substr ($hash_buf, 13, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
8089 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 15, 1))) << 16) | (int (ord (substr ($hash_buf, 16, 1))) << 8) | (int (ord (substr ($hash_buf, 17, 1)))), 4);
8090 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 18, 1))) << 16) | (int (ord (substr ($hash_buf, 19, 1))) << 8) | (int (ord (substr ($hash_buf, 20, 1)))), 4);
8091 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 21, 1))) << 16) | (int (ord (substr ($hash_buf, 22, 1))) << 8) | (int (ord (substr ($hash_buf, 23, 1)))), 4);
8092 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 24, 1))) << 16) | (int (ord (substr ($hash_buf, 25, 1))) << 8) | (int (ord (substr ($hash_buf, 26, 1)))), 4);
8093 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 27, 1))) << 16) | (int (ord (substr ($hash_buf, 28, 1))) << 8) | (int (ord (substr ($hash_buf, 29, 1)))), 4);
8094 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 30, 1))) << 16) | (int (ord (substr ($hash_buf, 31, 1))) << 8) | (int (ord (substr ($hash_buf, 32, 1)))), 4);
8095 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 33, 1))) << 16) | (int (ord (substr ($hash_buf, 34, 1))) << 8) | (int (ord (substr ($hash_buf, 35, 1)))), 4);
8096 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 36, 1))) << 16) | (int (ord (substr ($hash_buf, 37, 1))) << 8) | (int (ord (substr ($hash_buf, 38, 1)))), 4);
8097 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 39, 1))) << 16) | (int (ord (substr ($hash_buf, 40, 1))) << 8) | (int (ord (substr ($hash_buf, 41, 1)))), 4);
8098 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 42, 1))) << 16) | (int (ord (substr ($hash_buf, 43, 1))) << 8) | (int (ord (substr ($hash_buf, 44, 1)))), 4);
8099 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 45, 1))) << 16) | (int (ord (substr ($hash_buf, 46, 1))) << 8) | (int (ord (substr ($hash_buf, 47, 1)))), 4);
8100 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 48, 1))) << 16) | (int (ord (substr ($hash_buf, 49, 1))) << 8) | (int (ord (substr ($hash_buf, 50, 1)))), 4);
8101 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 51, 1))) << 16) | (int (ord (substr ($hash_buf, 52, 1))) << 8) | (int (ord (substr ($hash_buf, 53, 1)))), 4);
8102 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 54, 1))) << 16) | (int (ord (substr ($hash_buf, 55, 1))) << 8) | (int (ord (substr ($hash_buf, 56, 1)))), 4);
8103 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 57, 1))) << 16) | (int (ord (substr ($hash_buf, 58, 1))) << 8) | (int (ord (substr ($hash_buf, 59, 1)))), 4);
8104 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 60, 1))) << 16) | (int (ord (substr ($hash_buf, 61, 1))) << 8) | (int (ord (substr ($hash_buf, 62, 1)))), 4);
8105 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 63, 1))) << 16) , 2);
8110 sub aix_ssha1_pbkdf2
8112 my $word_buf = shift;
8113 my $salt_buf = shift;
8114 my $iterations = shift;
8116 my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1');
8118 my $pbkdf2 = Crypt::PBKDF2->new (
8120 iterations => $iterations,
8123 my $hash_buf = $pbkdf2->PBKDF2 ($salt_buf, $word_buf);
8127 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 1, 1))) << 8) | (int (ord (substr ($hash_buf, 2, 1)))), 4);
8128 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 4, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
8129 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 6, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 8, 1)))), 4);
8130 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 9, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 11, 1)))), 4);
8131 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 12, 1))) << 16) | (int (ord (substr ($hash_buf, 13, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
8132 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 15, 1))) << 16) | (int (ord (substr ($hash_buf, 16, 1))) << 8) | (int (ord (substr ($hash_buf, 17, 1)))), 4);
8133 $tmp_hash .= to64 ((int (ord (substr ($hash_buf, 18, 1))) << 16) | (int (ord (substr ($hash_buf, 19, 1))) << 8) , 3);
8142 my @data = split "", $data_s;
8145 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8146 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8147 "\x3f\x40\x41\x50\x43\x44\x45\x4b\x47\x48\x4d\x4e\x54\x51\x53\x46" .
8148 "\x35\x36\x37\x38\x39\x3a\x3b\x3c\x3d\x3e\x56\x55\x5c\x49\x5d\x4a" .
8149 "\x42\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" .
8150 "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x58\x5b\x59\xff\x52" .
8151 "\x4c\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" .
8152 "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x57\x5e\x5a\x4f\xff" .
8153 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8154 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8155 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8156 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8157 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8158 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8159 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" .
8160 "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff";
8162 my @transTable = unpack ("C256", $transTable_s);
8166 for (my $i = 0; $i < scalar @data; $i++)
8168 $out[$i] = $transTable[int (ord ($data[$i]))];
8171 return pack ("C*", @out);
8176 my $digest_s = shift;
8181 my @w = unpack "C*", $w_s;
8182 my @s = unpack "C*", $s_s;
8185 "\x14\x77\xf3\xd4\xbb\x71\x23\xd0\x03\xff\x47\x93\x55\xaa\x66\x91" .
8186 "\xf2\x88\x6b\x99\xbf\xcb\x32\x1a\x19\xd9\xa7\x82\x22\x49\xa2\x51" .
8187 "\xe2\xb7\x33\x71\x8b\x9f\x5d\x01\x44\x70\xae\x11\xef\x28\xf0\x0d";
8189 my @bcodeTable = unpack ("C48", $bcodeTable_s);
8191 my @abcd = unpack ("C16", $digest_s);
8193 my $sum20 = ($abcd[0] & 3)
8203 for (my $i2 = 0; $i2 < $sum20; $i2++)
8208 for (my $i1 = 0, my $i2 = 0, my $i3 = 0; $i2 < $sum20; $i2++, $i2++)
8210 if ($i1 < length $w_s)
8212 if ($abcd[15 - $i1] & 1)
8214 $out[$i2] = $bcodeTable[48 - 1 - $i1];
8219 $out[$i2] = $w[$i1];
8225 if ($i3 < length $s_s)
8227 $out[$i2] = $s[$i3];
8233 $out[$i2] = $bcodeTable[$i2 - $i1 - $i3];
8236 return substr (pack ("C*", @out), 0, $sum20);
8241 my @key_56 = split (//, shift);
8247 $key .= chr(((ord($key_56[0]) << 7) | (ord($key_56[1]) >> 1)) & 255);
8248 $key .= chr(((ord($key_56[1]) << 6) | (ord($key_56[2]) >> 2)) & 255);
8249 $key .= chr(((ord($key_56[2]) << 5) | (ord($key_56[3]) >> 3)) & 255);
8250 $key .= chr(((ord($key_56[3]) << 4) | (ord($key_56[4]) >> 4)) & 255);
8251 $key .= chr(((ord($key_56[4]) << 3) | (ord($key_56[5]) >> 5)) & 255);
8252 $key .= chr(((ord($key_56[5]) << 2) | (ord($key_56[6]) >> 6)) & 255);
8253 $key .= chr(( ord($key_56[6]) << 1) & 255);
8264 for (my $i = 0; $i < $len; $i++)
8266 my $c = get_random_chr (0, 255);
8271 return join ("", @arr);
8274 sub get_random_netntlmv1_salt
8276 my $len_user = shift;
8277 my $len_domain = shift;
8283 for (my $i = 0; $i < $len_user; $i++)
8285 $type = get_random_num (1, 3);
8289 $char = get_random_chr (0x30, 0x39);
8293 $char = get_random_chr (0x41, 0x5A);
8297 $char = get_random_chr (0x61, 0x7A);
8305 for (my $i = 0; $i < $len_domain; $i++)
8307 $type = get_random_num (1, 3);
8311 $char = get_random_chr (0x30, 0x39);
8315 $char = get_random_chr (0x41, 0x5A);
8319 $char = get_random_chr (0x61, 0x7A);
8325 my $c_challenge = randbytes (8);
8326 my $s_challenge = randbytes (8);
8328 my $salt_buf = $user . "::" . $domain . ":" . unpack ("H*", $c_challenge) . unpack ("H*", $s_challenge);
8333 sub get_random_netntlmv2_salt
8335 my $len_user = shift;
8336 my $len_domain = shift;
8342 if ($len_user + $len_domain > 27)
8344 if ($len_user > $len_domain)
8346 $len_user = 27 - $len_domain;
8350 $len_domain = 27 - $len_user;
8354 for (my $i = 0; $i < $len_user; $i++)
8356 $type = get_random_num (1, 3);
8360 $char = get_random_chr (0x30, 0x39);
8364 $char = get_random_chr (0x41, 0x5A);
8368 $char = get_random_chr (0x61, 0x7A);
8376 for (my $i = 0; $i < $len_domain; $i++)
8378 $type = get_random_num (1, 3);
8382 $char = get_random_chr (0x30, 0x39);
8386 $char = get_random_chr (0x41, 0x5A);
8390 $char = get_random_chr (0x61, 0x7A);
8396 my $c_challenge = randbytes (8);
8397 my $s_challenge = randbytes (8);
8399 my $temp = "\x01\x01" .
8404 randbytes (20 * rand () + 1) .
8407 my $salt_buf = $user . "::" . $domain . ":" . unpack ("H*", $s_challenge) . unpack ("H*", $temp);
8412 sub get_random_ike_salt
8416 for (my $i = 0; $i < 40; $i++)
8418 $nr_buf .= get_random_chr (0, 0xff);
8423 for (my $i = 0; $i < 440; $i++)
8425 $msg_buf .= get_random_chr (0, 0xff);
8428 my $nr_buf_hex = unpack ("H*", $nr_buf);
8429 my $msg_buf_hex = unpack ("H*", $msg_buf);
8431 my $salt_buf = sprintf ("%s:%s:%s:%s:%s:%s:%s:%s", substr ($msg_buf_hex, 0, 256), substr ($msg_buf_hex, 256, 256), substr ($msg_buf_hex, 512, 16), substr ($msg_buf_hex, 528, 16), substr ($msg_buf_hex, 544, 320), substr ($msg_buf_hex, 864, 16), substr ($nr_buf_hex, 0, 40), substr ($nr_buf_hex, 40, 40));
8436 sub get_random_agilekeychain_salt
8440 for (my $i = 0; $i < 8; $i++)
8442 $salt_buf .= get_random_chr (0x0, 0xff);
8447 for (my $i = 0; $i < 16; $i++)
8449 $iv .= get_random_chr (0x0, 0xff);
8452 my $prefix = "\x00" x 1008;
8454 my $ret = unpack ("H*", $salt_buf . $prefix . $iv);
8459 sub get_random_cloudkeychain_salt
8463 for (my $i = 0; $i < 16; $i++)
8465 $salt_buf .= get_random_chr (0x0, 0xff);
8468 for (my $i = 0; $i < 304; $i++)
8470 $salt_buf .= get_random_chr (0x0, 0xff);
8473 my $ret = unpack ("H*", $salt_buf);
8478 sub get_random_kerberos5_salt
8480 my $custom_salt = shift;
8482 my $clear_data = randbytes (14) .
8483 strftime ("%Y%m%d%H%M%S", localtime) .
8487 my $realm = "realm";
8490 my $salt_buf = $user . "\$" . $realm . "\$" . $salt . "\$" . unpack ("H*", $custom_salt) . "\$" . unpack ("H*", $clear_data) . "\$";
8495 sub get_random_kerberos5_tgs_salt
8497 my $nonce = randbytes (8);
8500 my $realm = "realm";
8501 my $spn = "test/spn";
8503 my $salt_buf = $user . "\$" . $realm . "\$" . $spn . "\$" . unpack ("H*",$nonce);
8508 sub get_random_axcrypt_salt
8510 my $mysalt = randbytes (16);
8512 $mysalt = unpack ("H*", $mysalt);
8514 my $iteration = get_random_num (6, 100000);
8516 my $salt_buf = $iteration . '*' . $mysalt;
8521 sub get_random_keepass_salt
8523 my $version = get_random_num (1, 3);
8529 my $final_random_seed;
8533 $algorithm = get_random_num (0, 2);
8535 $iteration = get_random_num (50000, 100000);
8537 $final_random_seed = randbytes (16);
8538 $final_random_seed = unpack ("H*", $final_random_seed);
8540 elsif ($version == 2)
8544 $iteration = get_random_num (6000, 100000);
8546 $final_random_seed = randbytes (32);
8547 $final_random_seed = unpack ("H*", $final_random_seed);
8550 my $transf_random_seed = randbytes (32);
8551 $transf_random_seed = unpack ("H*", $transf_random_seed);
8553 my $enc_iv = randbytes (16);
8554 $enc_iv = unpack ("H*", $enc_iv);
8556 my $contents_hash = randbytes (32);
8557 $contents_hash = unpack ("H*", $contents_hash);
8559 my $inline_flag = 1;
8561 my $contents_len = get_random_num (128, 500);
8563 my $contents = randbytes ($contents_len);
8565 $contents_len += 16 - $contents_len % 16;
8567 $contents = unpack ("H*", $contents);
8571 my $is_keyfile = get_random_num (0, 2);
8573 my $keyfile_attributes = "";
8575 if ($is_keyfile == 1)
8577 $keyfile_attributes = $keyfile_attributes
8579 . unpack ("H*", randbytes (32));
8584 $salt_buf = $version . '*' .
8587 $final_random_seed . '*' .
8588 $transf_random_seed . '*' .
8590 $contents_hash . '*' .
8591 $inline_flag . '*' .
8592 $contents_len . '*' .
8594 $keyfile_attributes;
8596 elsif ($version == 2)
8598 $contents = randbytes (32);
8599 $contents = unpack ("H*", $contents);
8601 $salt_buf = $version . '*' .
8604 $final_random_seed . '*' .
8605 $transf_random_seed . '*' .
8607 $contents_hash . '*' .
8609 $keyfile_attributes;
8615 sub get_random_md5chap_salt
8617 my $salt_buf = shift;
8619 my $salt = unpack ("H*", $salt_buf);
8623 $salt .= unpack ("H*", randbytes (1));
8628 sub get_random_dnssec_salt
8634 for (my $i = 0; $i < 8; $i++)
8636 $salt_buf .= get_random_chr (0x61, 0x7a);
8639 $salt_buf .= ".net";
8643 for (my $i = 0; $i < 8; $i++)
8645 $salt_buf .= get_random_chr (0x30, 0x39);
8658 my $byte_off = int ($bit / 8);
8659 my $bit_off = int ($bit % 8);
8661 my $char = substr ($digest, $byte_off, 1);
8662 my $num = ord ($char);
8664 return (($num & (1 << $bit_off)) ? 1 : 0);
8673 my $constant_phrase =
8674 "To be, or not to be,--that is the question:--\n" .
8675 "Whether 'tis nobler in the mind to suffer\n" .
8676 "The slings and arrows of outrageous fortune\n" .
8677 "Or to take arms against a sea of troubles,\n" .
8678 "And by opposing end them?--To die,--to sleep,--\n" .
8679 "No more; and by a sleep to say we end\n" .
8680 "The heartache, and the thousand natural shocks\n" .
8681 "That flesh is heir to,--'tis a consummation\n" .
8682 "Devoutly to be wish'd. To die,--to sleep;--\n" .
8683 "To sleep! perchance to dream:--ay, there's the rub;\n" .
8684 "For in that sleep of death what dreams may come,\n" .
8685 "When we have shuffled off this mortal coil,\n" .
8686 "Must give us pause: there's the respect\n" .
8687 "That makes calamity of so long life;\n" .
8688 "For who would bear the whips and scorns of time,\n" .
8689 "The oppressor's wrong, the proud man's contumely,\n" .
8690 "The pangs of despis'd love, the law's delay,\n" .
8691 "The insolence of office, and the spurns\n" .
8692 "That patient merit of the unworthy takes,\n" .
8693 "When he himself might his quietus make\n" .
8694 "With a bare bodkin? who would these fardels bear,\n" .
8695 "To grunt and sweat under a weary life,\n" .
8696 "But that the dread of something after death,--\n" .
8697 "The undiscover'd country, from whose bourn\n" .
8698 "No traveller returns,--puzzles the will,\n" .
8699 "And makes us rather bear those ills we have\n" .
8700 "Than fly to others that we know not of?\n" .
8701 "Thus conscience does make cowards of us all;\n" .
8702 "And thus the native hue of resolution\n" .
8703 "Is sicklied o'er with the pale cast of thought;\n" .
8704 "And enterprises of great pith and moment,\n" .
8705 "With this regard, their currents turn awry,\n" .
8706 "And lose the name of action.--Soft you now!\n" .
8707 "The fair Ophelia!--Nymph, in thy orisons\n" .
8708 "Be all my sins remember'd.\n\x00";
8710 my $constant_len = length ($constant_phrase);
8712 my $hash_buf = md5 ($pw . $salt);
8718 for (my $round = 0; $round < $iter; $round++)
8720 my $shift_a = md5bit ($hash_buf, $round + 0);
8721 my $shift_b = md5bit ($hash_buf, $round + 64);
8726 for (my $k = 0; $k < 16; $k++)
8728 my $s7shift = ord (substr ($hash_buf, $k, 1)) % 8;
8730 my $l = ($k + 3) % 16;
8732 my $num = ord (substr ($hash_buf, $l, 1));
8734 $shift_4[$k] = $num % 5;
8736 $shift_7[$k] = ($num >> $s7shift) & 1;
8741 for (my $k = 0; $k < 16; $k++)
8743 $indirect_4[$k] = (ord (substr ($hash_buf, $k, 1)) >> $shift_4[$k]) & 0xf;
8748 for (my $k = 0; $k < 16; $k++)
8750 $indirect_7[$k] = (ord (substr ($hash_buf, $indirect_4[$k], 1)) >> $shift_7[$k]) & 0x7f;
8756 for (my $k = 0; $k < 8; $k++)
8758 $indirect_a |= md5bit ($hash_buf, $indirect_7[$k + 0]) << $k;
8760 $indirect_b |= md5bit ($hash_buf, $indirect_7[$k + 8]) << $k;
8763 $indirect_a = ($indirect_a >> $shift_a) & 0x7f;
8764 $indirect_b = ($indirect_b >> $shift_b) & 0x7f;
8766 my $bit_a = md5bit ($hash_buf, $indirect_a);
8767 my $bit_b = md5bit ($hash_buf, $indirect_b);
8777 if ($bit_a ^ $bit_b)
8779 substr ($W, 16, 48) = substr ($constant_phrase, 0, 48);
8783 $to_hash .= substr ($W, 0, 64);
8787 for ($constant_off = 48; $constant_off < $constant_len - 64; $constant_off += 64)
8789 substr ($W, 0, 64) = substr ($constant_phrase, $constant_off, 64);
8793 $to_hash .= substr ($W, 0, 64);
8796 $pos = $constant_len - $constant_off;
8800 substr ($W, 0, $pos) = substr ($constant_phrase, $constant_off, $pos);
8815 my $round_div = int ($tmp / 10);
8816 my $round_mod = int ($tmp % 10);
8820 $a_buf[int ($a_len / 4)] = (($round_mod + 0x30) | ($a_buf[int ($a_len / 4)] << 8));
8830 for ($g = 0; $g < $a_len; $g++)
8832 my $remainder = $a_buf[$g];
8838 while ($remainder > 0)
8840 $sub = $remainder >> (8 * $factor);
8842 if ($started != 1 || $sub > 0)
8846 $tmp_str = chr ($sub) . $tmp_str;
8848 $remainder -= ($sub << (8 * $factor));
8856 substr ($W, $pos, $a_len) = $tmp_str;
8862 $to_hash .= substr ($W, 0, $pos);
8864 $to_hash = substr ($to_hash, 0, $total);
8866 $hash_buf = md5 ($to_hash);
8871 $passwd .= to64 ((int (ord (substr ($hash_buf, 0, 1))) << 16) | (int (ord (substr ($hash_buf, 6, 1))) << 8) | (int (ord (substr ($hash_buf, 12, 1)))), 4);
8872 $passwd .= to64 ((int (ord (substr ($hash_buf, 1, 1))) << 16) | (int (ord (substr ($hash_buf, 7, 1))) << 8) | (int (ord (substr ($hash_buf, 13, 1)))), 4);
8873 $passwd .= to64 ((int (ord (substr ($hash_buf, 2, 1))) << 16) | (int (ord (substr ($hash_buf, 8, 1))) << 8) | (int (ord (substr ($hash_buf, 14, 1)))), 4);
8874 $passwd .= to64 ((int (ord (substr ($hash_buf, 3, 1))) << 16) | (int (ord (substr ($hash_buf, 9, 1))) << 8) | (int (ord (substr ($hash_buf, 15, 1)))), 4);
8875 $passwd .= to64 ((int (ord (substr ($hash_buf, 4, 1))) << 16) | (int (ord (substr ($hash_buf, 10, 1))) << 8) | (int (ord (substr ($hash_buf, 5, 1)))), 4);
8876 $passwd .= to64 ((int (ord (substr ($hash_buf, 11, 1)))), 2);
8883 die ("usage: $0 single|passthrough| [mode] [len]\n" .
8885 " $0 verify [mode] [hashfile] [cracks] [outfile]\n");
8890 my $block_ref = shift;
8894 my $value = 16 - $offset;
8896 for (my $i = $offset; $i < 16; $i++)
8898 push @{$block_ref}, $value;
8908 for (my $i = 0; $i < 18; $i++)
8910 for (my $j = 0; $j < 48; $j++)
8912 $p = ($p + 48 - $j) & 0xff;
8914 my $c = $lotus_magic_table[$p];
8916 $p = $in_ref->[$j] ^ $c;
8923 sub lotus_transform_password
8926 my $out_ref = shift;
8928 my $t = $out_ref->[15];
8930 for (my $i = 0; $i < 16; $i++)
8932 $t ^= $in_ref->[$i];
8934 my $c = $lotus_magic_table[$t];
8936 $out_ref->[$i] ^= $c;
8938 $t = $out_ref->[$i];
8942 sub mdtransform_norecalc
8944 my $state_ref = shift;
8945 my $block_ref = shift;
8949 push (@x, @{$state_ref});
8950 push (@x, @{$block_ref});
8952 for (my $i = 0; $i < 16; $i++)
8954 push (@x, $x[0 + $i] ^ $x[16 + $i]);
8959 for (my $i = 0; $i < 16; $i++)
8961 $state_ref->[$i] = $x[$i];
8967 my $state_ref = shift;
8968 my $checksum_ref = shift;
8969 my $block_ref = shift;
8971 mdtransform_norecalc ($state_ref, $block_ref);
8973 lotus_transform_password ($block_ref, $checksum_ref);
8978 my $saved_key_ref = shift;
8982 @{$saved_key_ref} = splice (@{$saved_key_ref}, 0, $size);
8984 my @state = (0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
8990 for ($curpos = 0; $curpos + 16 < $size; $curpos += 16)
8992 my $curpos16 = $curpos + 16;
8994 my @block = splice (@{$saved_key_ref}, 0, 16);
8996 mdtransform (\@state, \@checksum, \@block);
8999 my $left = $size - $curpos;
9001 my @block = splice (@{$saved_key_ref}, 0, 16);
9003 pad16 (\@block, $left);
9005 mdtransform (\@state, \@checksum, \@block);
9007 mdtransform_norecalc (\@state, \@checksum);
9012 sub pdf_compute_encryption_key
9014 my $word_buf = shift;
9015 my $padding = shift;
9030 $data .= substr ($padding, 0, 32 - length $word_buf);
9032 $data .= pack ("H*", $o);
9034 $data .= pack ("I", $P);
9036 $data .= pack ("H*", $id);
9042 $data .= pack ("I", -1);
9046 my $res = md5 ($data);
9050 for (my $i = 0; $i < 50; $i++)
9059 sub gen_random_wpa_eapol
9068 my $version = 1; # 802.1X-2001
9070 $ret .= pack ("C*", $version);
9072 my $type = 3; # means that this EAPOL frame is used to transfer key information
9074 $ret .= pack ("C*", $type);
9076 my $length; # length of remaining data
9087 $ret .= pack ("n*", $length);
9089 my $descriptor_type;
9093 $descriptor_type = 254; # EAPOL WPA key
9097 $descriptor_type = 1; # EAPOL RSN key
9100 $ret .= pack ("C*", $descriptor_type);
9102 # key_info is a bit vector:
9103 # generated from these 13 bits: encrypted key data, request, error, secure, key mic, key ack, install, key index (2), key type, key descriptor (3)
9107 $key_info |= 1 << 8; # set key MIC
9108 $key_info |= 1 << 3; # set if it is a pairwise key
9112 $key_info |= 1 << 0; # RC4 Cipher, HMAC-MD5 MIC
9116 $key_info |= 1 << 1; # AES Cipher, HMAC-SHA1 MIC
9119 $ret .= pack ("n*", $key_info);
9132 $ret .= pack ("n*", $key_length);
9134 my $replay_counter = 1;
9136 $ret .= pack ("Q>*", $replay_counter);
9140 my $key_iv = "\x00" x 16;
9144 my $key_rsc = "\x00" x 8;
9148 my $key_id = "\x00" x 8;
9152 my $key_mic = "\x00" x 16;
9160 $key_data_len = 24; # length of the key_data (== WPA info)
9164 $key_data_len = 22; # length of the key_data (== RSN info)
9167 $ret .= pack ("n*", $key_data_len);
9177 my $vendor_specific_data = "";
9179 my $tag_number = 221; # means it is a vendor specific tag
9181 $vendor_specific_data .= pack ("C*", $tag_number);
9183 my $tag_len = 22; # length of the remaining "tag data"
9185 $vendor_specific_data .= pack ("C*", $tag_len);
9187 my $vendor_specific_oui = pack ("H*", "0050f2"); # microsoft
9189 $vendor_specific_data .= $vendor_specific_oui;
9191 my $vendor_specific_oui_type = 1; # WPA Information Element
9193 $vendor_specific_data .= pack ("C*", $vendor_specific_oui_type);
9195 my $vendor_specific_wpa_version = 1;
9197 $vendor_specific_data .= pack ("v*", $vendor_specific_wpa_version);
9201 my $vendor_specific_multicast_oui = pack ("H*", "0050f2");
9203 $vendor_specific_data .= $vendor_specific_multicast_oui;
9205 my $vendor_specific_multicast_type = 2; # TKIP
9207 $vendor_specific_data .= pack ("C*", $vendor_specific_multicast_type);
9211 my $vendor_specific_unicast_count = 1;
9213 $vendor_specific_data .= pack ("v*", $vendor_specific_unicast_count);
9215 my $vendor_specific_unicast_oui = pack ("H*", "0050f2");
9217 $vendor_specific_data .= $vendor_specific_multicast_oui;
9219 my $vendor_specific_unicast_type = 2; # TKIP
9221 $vendor_specific_data .= pack ("C*", $vendor_specific_unicast_type);
9223 # Auth Key Management (AKM)
9225 my $auth_key_management_count = 1;
9227 $vendor_specific_data .= pack ("v*", $auth_key_management_count);
9229 my $auth_key_management_oui = pack ("H*", "0050f2");
9231 $vendor_specific_data .= $auth_key_management_oui;
9233 my $auth_key_management_type = 2; # Pre-Shared Key (PSK)
9235 $vendor_specific_data .= pack ("C*", $auth_key_management_type);
9237 $wpa_info = $vendor_specific_data;
9239 $key_data = $wpa_info;
9247 my $tag_number = 48; # RSN info
9249 $rsn_info .= pack ("C*", $tag_number);
9251 my $tag_len = 20; # length of the remaining "tag_data"
9253 $rsn_info .= pack ("C*", $tag_len);
9255 my $rsn_version = 1;
9257 $rsn_info .= pack ("v*", $rsn_version);
9259 # group cipher suite
9261 my $group_cipher_suite_oui = pack ("H*", "000fac"); # Ieee8021
9263 $rsn_info .= $group_cipher_suite_oui;
9265 my $group_cipher_suite_type = 4; # AES (CCM)
9267 $rsn_info .= pack ("C*", $group_cipher_suite_type);
9269 # pairwise cipher suite
9271 my $pairwise_cipher_suite_count = 1;
9273 $rsn_info .= pack ("v*", $pairwise_cipher_suite_count);
9275 my $pairwise_cipher_suite_oui = pack ("H*", "000fac"); # Ieee8021
9277 $rsn_info .= $pairwise_cipher_suite_oui;
9279 my $pairwise_cipher_suite_type = 4; # AES (CCM)
9281 $rsn_info .= pack ("C*", $pairwise_cipher_suite_type);
9283 # Auth Key Management (AKM)
9285 my $auth_key_management_count = 1;
9287 $rsn_info .= pack ("v*", $auth_key_management_count);
9289 my $auth_key_management_oui = pack ("H*", "000fac"); # Ieee8021
9291 $rsn_info .= $auth_key_management_oui;
9293 my $auth_key_management_type = 2; # Pre-Shared Key (PSK)
9295 $rsn_info .= pack ("C*", $auth_key_management_type);
9299 # bit vector of these 9 bits: peerkey enabled, management frame protection (MFP) capable, MFP required,
9300 # RSN GTKSA Capabilities (2), RSN PTKSA Capabilities (2), no pairwise Capabilities, Pre-Auth Capabilities
9302 my $rsn_capabilities = pack ("H*", "0000");
9304 $rsn_info .= $rsn_capabilities;
9306 $key_data = $rsn_info;
9322 my $data = "Pairwise key expansion";
9327 # Min(AA, SPA) || Max(AA, SPA)
9330 # compare if greater: Min()/Max() on the MACs (6 bytes)
9332 if (memcmp ($stmac, $bssid, 6) < 0)
9344 # Min(ANonce,SNonce) || Max(ANonce,SNonce)
9347 # compare if greater: Min()/Max() on the nonces (32 bytes)
9349 if (memcmp ($snonce, $anonce, 32) < 0)
9362 my $prf_buf = hmac ($data, $pmk, \&sha1);
9364 $prf_buf = substr ($prf_buf, 0, 16);
9375 my $len_str1 = length ($str1);
9376 my $len_str2 = length ($str2);
9378 if (($len > $len_str1) || ($len > $len_str2))
9380 print "ERROR: memcmp () lengths wrong";
9385 for (my $i = 0; $i < $len; $i++)
9387 my $c_1 = ord (substr ($str1, $i, 1));
9388 my $c_2 = ord (substr ($str2, $i, 1));
9390 return -1 if ($c_1 < $c_2);
9391 return 1 if ($c_1 > $c_2);