Skip to content

Commit

Permalink
synced hashcat's new max. data limit, new variable that denotes if pa…
Browse files Browse the repository at this point in the history
…dding attack is supported, updated version number
  • Loading branch information
philsmd committed May 17, 2017
1 parent fe800e0 commit 35b0da6
Showing 1 changed file with 30 additions and 21 deletions.
51 changes: 30 additions & 21 deletions 7z2hashcat.pl
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,13 @@
# philsmd

# version:
# 1.0
# 1.1

# date released:
# April 2015

# date last updated:
# 5th February 2017
# 17th May 2017

# dependencies:
# Compress::Raw::Lzma
Expand Down Expand Up @@ -94,6 +94,18 @@
# Constants
#

# cracker specific stuff

my $SHOW_LZMA_DECOMPRESS_AFTER_DECRYPT_WARNING = 1;

my $PASSWORD_RECOVERY_TOOL_NAME = "hashcat";
my $PASSWORD_RECOVERY_TOOL_DATA_LIMIT = 655056; # hexadecimal output value. This value should always be >= 64
my $PASSWORD_RECOVERY_TOOL_SUPPORT_PADDING_ATTACK = 0; # does the cracker support the AES-CBC padding attack (0 means no, 1 means yes)
my @PASSWORD_RECOVERY_TOOL_SUPPORTED_DECOMPRESSORS = (1, 2); # within this list we only need values ranging from 1 to 7
# i.e. SEVEN_ZIP_LZMA1_COMPRESSED to SEVEN_ZIP_DEFLATE_COMPRESSED

# 7-zip specific stuff

my $LZMA2_MIN_COMPRESSED_LEN = 16; # the raw data (decrypted) needs to be at least: 3 + 1 + 1, header (start + size) + at least one byte of data + end
# therefore we need to have at least one AES BLOCK (128 bits = 16 bytes)

Expand Down Expand Up @@ -165,15 +177,6 @@
my %SEVEN_ZIP_COMPRESSOR_NAMES = (1 => "LZMA1", 2 => "LZMA2", 3 => "PPMD", 4 => "BCJ", 5 => "BCJ2", 6 => "BZIP2",
7 => "DEFLATE");

# cracker specific stuff

my $SHOW_LZMA_DECOMPRESS_AFTER_DECRYPT_WARNING = 1;

my $PASSWORD_RECOVERY_TOOL_NAME = "hashcat";
my $PASSWORD_RECOVERY_TOOL_DATA_LIMIT = 16384; # hexadecimal output value. This value should always be >= 64
my @PASSWORD_RECOVERY_TOOL_SUPPORTED_DECOMPRESSORS = (1, 2); # within this list we only need values ranging from 1 to 7
# i.e. SEVEN_ZIP_LZMA1_COMPRESSED to SEVEN_ZIP_DEFLATE_COMPRESSED

#
# Helper functions
#
Expand Down Expand Up @@ -1170,17 +1173,20 @@ sub extract_hash_from_archive
{
if ($data_len > ($PASSWORD_RECOVERY_TOOL_DATA_LIMIT / 2))
{
my_seek ($fp, $data_len - 32, 1);
if ($PASSWORD_RECOVERY_TOOL_SUPPORT_PADDING_ATTACK == 1)
{
my_seek ($fp, $data_len - 32, 1);

$iv_buf = my_read ($fp, 16);
$iv_len = 16;
$iv_buf = my_read ($fp, 16);
$iv_len = 16;

$data = my_read ($fp, 16);
$data_len = 16;
$data = my_read ($fp, 16);
$data_len = 16;

$unpack_size %= 16;
$unpack_size %= 16;

$is_truncated = 1;
$is_truncated = 1;
}
}

$padding_attack_possible = 1;
Expand All @@ -1197,9 +1203,12 @@ sub extract_hash_from_archive
if ($data_len > ($PASSWORD_RECOVERY_TOOL_DATA_LIMIT / 2))
{
print STDERR "WARNING: the file '". $file_path . "' unfortunately can't be used with $PASSWORD_RECOVERY_TOOL_NAME since the data length\n";
print STDERR "in this particular case is too long ($data_len of the maximum allowed " .($PASSWORD_RECOVERY_TOOL_DATA_LIMIT / 2). " bytes) ";
print STDERR "and it can't be truncated.\n";
print STDERR "This should only happen in very rare cases.\n";
print STDERR "in this particular case is too long ($data_len of the maximum allowed " .($PASSWORD_RECOVERY_TOOL_DATA_LIMIT / 2). " bytes).\n";

if ($PASSWORD_RECOVERY_TOOL_SUPPORT_PADDING_ATTACK == 1)
{
print STDERR "Furthermore, it could not be truncated. This should only happen in very rare cases.\n";
}

return "";
}
Expand Down

0 comments on commit 35b0da6

Please sign in to comment.