Please note, this is a STATIC archive of website hashcat.net from October 2020, cach3.com does not collect or store any user information, there is no "phishing" involved.

Precomputing salt / debugging module files
#1
Hello,

I'd like to create mode simillar to already existing one: 3910 - md5(md5($pass).md5($salt)) although I'd like to replace md5($salt) with sha1($salt)

I decided to precompute salt in module file as it's done in 3910 but I can't really make it work. I also noticed that mode 21200 - md5(sha1($salt).md5($pass)) doesn't precompute salt in the module file. That makes me wonder is there something missing in hashcat source that makes it impossible to implement it?

I've made few attempts to write the precompute function for sha1 salt by myself but apparently I failed, because by using printfs in the kernel it seems that sha1 hash is indeed passed to the salt buffer, but it's  most certainly not the sha1 hash of the test salt I use.

So I wonder maybe I should receive any tips or at least help with debugging module file, because I have no clue how to do this.

This is the code I modified from 3910 module. I assumed I have to swap the salt.


Code:
static void precompute_salt_sha1 (const u32 *salt_buf, const u32 salt_len, u8 *salt_pc)
{
  u32 digest[5] = { 0 };
  u32 saltSwapped[4] = { 0 };

  saltSwapped[0] = byte_swap_32 (salt_buf[0]);
  saltSwapped[1] = byte_swap_32 (salt_buf[1]);
  saltSwapped[2] = byte_swap_32 (salt_buf[2]);
  saltSwapped[3] = byte_swap_32 (salt_buf[3]);

  sha1_ctx_t sha1_ctx;

  sha1_init (&sha1_ctx);
  sha1_update (&sha1_ctx, saltSwapped, salt_len);
  sha1_final (&sha1_ctx);

  digest[0] = sha1_ctx.h[0];
  digest[1] = sha1_ctx.h[1];
  digest[2] = sha1_ctx.h[2];
  digest[3] = sha1_ctx.h[3];
  digest[4] = sha1_ctx.h[4];

  u32_to_hex (digest[0], salt_pc + 0);
  u32_to_hex (digest[1], salt_pc + 8);
  u32_to_hex (digest[2], salt_pc + 16);
  u32_to_hex (digest[3], salt_pc + 24);
  u32_to_hex (digest[4], salt_pc + 32);
}
Reply
#2
Thank you very much for the hint about -m 21200 (which wasn't optimized to compute sha1($salt) within the host code once and only once per hash). I've suggested the change here and it was merged: https://github.com/hashcat/hashcat/pull/2501

To answer your question: my guess is that the only problem here is that the input buffer is not large enough:
The data variable (the data input, "message"/salt/password/data etc you want to hash) must be of at least a certain size, see: https://github.com/hashcat/hashcat/blob/...ha1.cl#L15

so you should use
Code:
u32 saltSwapped[16] = { 0 };

btw: I'm not saying that it must be swapped, that is something that needs to be checked for your specific situation, althrough it doesn't seem completely unlikely that some swaps need to be added (or removed).... all I'm saying is that to achieve a "64 byte alignment" you need to use something like:
Code:
u32 data[16] = { 0 };
(or larger)

because 16*4 bytes = 64 byte.

I hope this will at least solve one of the problems.

Thanks again
Reply
#3
I actually noticed it's been merged on github so everything is clear for me now. Thank you very much for the tip about input buffer size. I guess thread can be closed now.

Cheers!
Reply