search

hashtopolis / server

Hashtopolis - distributed password cracking with Hashcat
GNU General Public License v3.0
1.44k stars 216 forks source link

missing and outdated HashTypes #227

Closed paule965 closed 7 years ago

paule965 commented 7 years ago

Before you submit an issue please include the following information if you do not your issue will be closed.

Your current Server version located at the bottom of any hashtopussy webpage. 0.3.2 Current Client version 0.43.13 Your current Hashcat version 3.6.0 The exact task command you are trying to run. / Debug output from the client by running "hashtopussy.exe debug" / Describe your problem in as much detail as possible " It's broke " is not a description. I miss some hashtypes (veracrypt and more) in hashtopussy (hardcoded in "hashtopussy/src/install/hashtopussy.sql") and there are some outdated hashtypes inside.

Workaround: INSERT INTO HashType (hashTypeId, description, isSalted) VALUES (600,'BLAKE2b-512',0), (9710,'MS Office <= 2003 $0/$1, MD5 + RC4, collider #1'‚0), (9720,'MS Office <= 2003 $0/$1, MD5 + RC4, collider #2'‚0), (9810,'MS Office <= 2003 $3, SHA1 + RC4, collider #1',0), (9820,'MS Office <= 2003 $3, SHA1 + RC4, collider #2',0), (10410,'PDF 1.1 - 1.3 (Acrobat 2 - 4), collider #1',0), (10420,'PDF 1.1 - 1.3 (Acrobat 2 - 4), collider #2',0), (12001,'Atlassian (PBKDF2-HMAC-SHA1)',0), (13711,'VeraCrypt PBKDF2-HMAC-RIPEMD160 + AES, Serpent, Twofish',0), (13712,'VeraCrypt PBKDF2-HMAC-RIPEMD160 + AES-Twofish, Serpent-AES, Twofish-Serpent',0), (13713,'VeraCrypt PBKDF2-HMAC-RIPEMD160 + Serpent-Twofish-AES',0), (13721,'VeraCrypt PBKDF2-HMAC-SHA512 + AES, Serpent, Twofish',0), (13722,'VeraCrypt PBKDF2-HMAC-SHA512 + AES-Twofish, Serpent-AES, Twofish-Serpent',0), (13723,'VeraCrypt PBKDF2-HMAC-SHA512 + Serpent-Twofish-AES',0), (13731,'VeraCrypt PBKDF2-HMAC-Whirlpool + AES, Serpent, Twofish',0), (13732,'VeraCrypt PBKDF2-HMAC-Whirlpool + AES-Twofish, Serpent-AES, Twofish-Serpent',0), (13733,'VeraCrypt PBKDF2-HMAC-Whirlpool + Serpent-Twofish-AES',0), (13751,'VeraCrypt PBKDF2-HMAC-SHA256 + AES, Serpent, Twofish',0), (13752,'VeraCrypt PBKDF2-HMAC-SHA256 + AES-Twofish, Serpent-AES, Twofish-Serpent',0), (13753,'VeraCrypt PBKDF2-HMAC-SHA256 + Serpent-Twofish-AES',0), (15000,'FileZilla Server >= 0.9.55',0), (15100,'Juniper/NetBSD sha1crypt',0), (15200,'Blockchain, My Wallet, V2',0), (15300,'DPAPI masterkey file v1 and v2',0), (15400,'ChaCha20',0), (15500,'JKS Java Key Store Private Keys (SHA1)',0), (15600,'Ethereum Wallet, PBKDF2-HMAC-SHA256',0), (15700,'Ethereum Wallet, SCRYPT',0);

Outdated hashtypes: (190,'sha1(LinkedIn)',0), (1431,'base64(sha256(unicode($pass)))',0), (3300,'MD5(Sun)',0), (3500,'md5(md5(md5($pass)))',0), (3610,'md5(md5($salt).$pass)',1), (3720,'md5($pass.md5($salt))',1), (3721,'WebEdition CMS',1), (4210,'md5($username.0.$pass)',1), (4600,'sha1(sha1(sha1($pass)))',0),

CompleteNewHashtypeList: (0,'MD5',0), (10,'md5($pass.$salt)',1), (11,'Joomla < 2.5.18',1), (12,'PostgreSQL',1), (20,'md5($salt.$pass)',1), (21,'osCommerce, xt:Commerce',1), (22,'Juniper Netscreen/SSG (ScreenOS)',1), (23,'Skype',1), (30,'md5(unicode($pass).$salt)',1), (40,'md5($salt.unicode($pass))',1), (50,'HMAC-MD5 (key = $pass)',1), (60,'HMAC-MD5 (key = $salt)',1), (100,'SHA1',0), (101,'nsldap, SHA-1(Base64), Netscape LDAP SHA',0), (110,'sha1($pass.$salt)',1), (111,'nsldaps, SSHA-1(Base64), Netscape LDAP SSHA',0), (112,'Oracle S: Type (Oracle 11+)',1), (120,'sha1($salt.$pass)',1), (121,'SMF >= v1.1',1), (122,'OS X v10.4, v10.5, v10.6',0), (123,'EPi',0), (124,'Django (SHA-1)',0), (125,'ArubaOS',0), (130,'sha1(unicode($pass).$salt)',1), (131,'MSSQL(2000)',0), (132,'MSSQL(2005)',0), (133,'PeopleSoft',0), (140,'sha1($salt.unicode($pass))',1), (141,'EPiServer 6.x < v4',0), (150,'HMAC-SHA1 (key = $pass)',1), (160,'HMAC-SHA1 (key = $salt)',1), (200,'MySQL323',0), (300,'MySQL4.1/MySQL5+',0), (400,'phpass, MD5(Wordpress), MD5(Joomla), MD5(phpBB3)',0), (500,'md5crypt, MD5(Unix), FreeBSD MD5, Cisco-IOS MD5 2',0), (501,'Juniper IVE',0), (600,‘BLAKE2b-512‘,0), (900,'MD4',0), (1000,'NTLM',0), (1100,'Domain Cached Credentials (DCC), MS Cache',1), (1300,'SHA-224',0), (1400,'SHA256',0), (1410,'sha256($pass.$salt)',1), (1411,'SSHA-256(Base64), LDAP {SSHA256}',0), (1420,'sha256($salt.$pass)',1), (1421,'hMailServer',0), (1430,'sha256(unicode($pass).$salt)',1), (1440,'sha256($salt.unicode($pass))',1), (1441,'EPiServer 6.x >= v4',0), (1450,'HMAC-SHA256 (key = $pass)',1), (1460,'HMAC-SHA256 (key = $salt)',1), (1500,'descrypt, DES(Unix), Traditional DES',0), (1600,'md5apr1, MD5(APR), Apache MD5',0), (1700,'SHA512',0), (1710,'sha512($pass.$salt)',0), (1711,'SSHA-512(Base64), LDAP {SSHA512}',0), (1720,'sha512($salt.$pass)',1), (1722,'OS X v10.7',0), (1730,'sha512(unicode($pass).$salt)',1), (1731,'MSSQL(2012), MSSQL(2014)',0), (1740,'sha512($salt.unicode($pass))',1), (1750,'HMAC-SHA512 (key = $pass)',1), (1760,'HMAC-SHA512 (key = $salt)',1), (1800,'sha512crypt, SHA512(Unix)',0), (2100,'Domain Cached Credentials 2 (DCC2), MS Cache',0), (2400,'Cisco-PIX MD5',0), (2410,'Cisco-ASA MD5',1), (2500,'WPA/WPA2',0), (2600,'md5(md5($pass))',0), (2611,'vBulletin < v3.8.5',1), (2612,'PHPS',0), (2711,'vBulletin >= v3.8.5',1), (2811,'IPB2+, MyBB1.2+',1), (3000,'LM',0), (3100,'Oracle H: Type (Oracle 7+), DES(Oracle)',1), (3200,'bcrypt, Blowfish(OpenBSD)',0), (3710,'md5($salt.md5($pass))',1), (3711,'Mediawiki B type',0), (3800,'md5($salt.$pass.$salt)',1), (3910,'md5(md5($pass).md5($salt))',1), (4010,'md5($salt.md5($salt.$pass))',1), (4110,'md5($salt.md5($pass.$salt))',1), (4300,'md5(strtoupper(md5($pass)))',0), (4400,'md5(sha1($pass))',0), (4500,'sha1(sha1($pass))',0), (4520,'sha1($salt.sha1($pass))',1), (4521,'Redmine Project Management Web App',0), (4522,'PunBB',0); (4700,'sha1(md5($pass))',0), (4800,'MD5(Chap), iSCSI CHAP authentication',1), (4900,'sha1($salt.$pass.$salt)',1), (5000,'SHA-3(Keccak)',0), (5100,'Half MD5',0), (5200,'Password Safe v3',0), (5300,'IKE-PSK MD5',0), (5400,'IKE-PSK SHA1',0), (5500,'NetNTLMv1-VANILLA / NetNTLMv1+ESS',0), (5600,'NetNTLMv2',0), (5700,'Cisco-IOS SHA256',0), (5800,'Samsung Android Password/PIN',1), (6000,'RipeMD160',0), (6100,'Whirlpool',0), (6211,'TrueCrypt 5.0+ PBKDF2-HMAC-RipeMD160 + AES/Serpent/Twofish',0), (6212,'TrueCrypt 5.0+ PBKDF2-HMAC-RipeMD160 + AES-Twofish/Serpent-AES/Twofish-Serpent',0), (6213,'TrueCrypt 5.0+ PBKDF2-HMAC-RipeMD160 + AES-Twofish-Serpent/Serpent-Twofish-AES',0), (6221,'TrueCrypt 5.0+ SHA512 + AES/Serpent/Twofish',0), (6222,'TrueCrypt 5.0+ SHA512 + AES-Twofish/Serpent-AES/Twofish-Serpent',0), (6223,'TrueCrypt 5.0+ SHA512 + AES-Twofish-Serpent/Serpent-Twofish-AES',0), (6231,'TrueCrypt 5.0+ Whirlpool + AES/Serpent/Twofish',0), (6232,'TrueCrypt 5.0+ Whirlpool + AES-Twofish/Serpent-AES/Twofish-Serpent',0), (6233,'TrueCrypt 5.0+ Whirlpool + AES-Twofish-Serpent/Serpent-Twofish-AES',0), (6241,'TrueCrypt 5.0+ PBKDF2-HMAC-RipeMD160 + AES/Serpent/Twofish + boot',0), (6242,'TrueCrypt 5.0+ PBKDF2-HMAC-RipeMD160 + AES-Twofish/Serpent-AES/Twofish-Serpent + boot',0), (6243,'TrueCrypt 5.0+ PBKDF2-HMAC-RipeMD160 + AES-Twofish-Serpent/Serpent-Twofish-AES + boot',0), (6300,'AIX {smd5}',0), (6400,'AIX {ssha256}',0), (6500,'AIX {ssha512}',0), (6600,'1Password, Agile Keychain',0), (6700,'AIX {ssha1}',0), (6800,'Lastpass',1), (6900,'GOST R 34.11-94',0), (7000,'Fortigate (FortiOS)',0), (7100,'OS X v10.8 / v10.9',0), (7200,'GRUB 2',0), (7300,'IPMI2 RAKP HMAC-SHA1',1), (7400,'sha256crypt, SHA256(Unix)',0), (7500,'Kerberos 5 AS-REQ Pre-Auth',0), (7700,'SAP CODVN B (BCODE)',0), (7800,'SAP CODVN F/G (PASSCODE)',0), (7900,'Drupal7',0), (8000,'Sybase ASE',0), (8100,'Citrix Netscaler',0), (8200,'1Password, Cloud Keychain',0), (8300,'DNSSEC (NSEC3)',0), (8400,'WBB3, Woltlab Burning Board 3',0), (8500,'RACF',0), (8600,'Lotus Notes/Domino 5',0), (8700,'Lotus Notes/Domino 6',0), (8800,'Android FDE <= 4.3',0), (8900,'scrypt',0), (9000,'Password Safe v2',0), (9100,'Lotus Notes/Domino',0), (9200,'Cisco $8$',0), (9300,'Cisco $9$',0), (9400,'Office 2007',0), (9500,'Office 2010',0), (9600,'Office 2013',0), (9700,'MS Office ⇐ 2003 MD5 + RC4, oldoffice$0, oldoffice$1',0), (9710,‘MS Office <= 2003 $0/$1, MD5 + RC4, collider #1‘‚0), (9720,‘MS Office <= 2003 $0/$1, MD5 + RC4, collider #2 ‘‚0), (9800,'MS Office ⇐ 2003 SHA1 + RC4, oldoffice$3, oldoffice$4',0), (9810,'MS Office <= 2003 $3, SHA1 + RC4, collider #1',0), (9820,'MS Office <= 2003 $3, SHA1 + RC4, collider #2',0), (9900,'Radmin2',0), (10000,'Django (PBKDF2-SHA256)',0), (10100,'SipHash',0), (10200,'Cram MD5',0), (10300,'SAP CODVN H (PWDSALTEDHASH) iSSHA-1',0), (10400,'PDF 1.1 - 1.3 (Acrobat 2 - 4)',0), (10410,'PDF 1.1 - 1.3 (Acrobat 2 - 4), collider #1‘,0), (10420,'PDF 1.1 - 1.3 (Acrobat 2 - 4), collider #2‘,0), (10500,'PDF 1.4 - 1.6 (Acrobat 5 - 8)',0), (10600,'PDF 1.7 Level 3 (Acrobat 9)',0), (10700,'PDF 1.7 Level 8 (Acrobat 10 - 11)',0), (10800,'SHA384',0), (10900,'PBKDF2-HMAC-SHA256',0), (11000,'PrestaShop',0), (11100,'PostgreSQL Challenge-Response Authentication (MD5)',0), (11200,'MySQL Challenge-Response Authentication (SHA1)',0), (11300,'Bitcoin/Litecoin wallet.dat',0), (11400,'SIP digest authentication (MD5)',0), (11500,'CRC32',1), (11600,'7-Zip',0), (11700,'GOST R 34.11-2012 (Streebog) 256-bit',0), (11800,'GOST R 34.11-2012 (Streebog) 512-bit',0), (11900,'PBKDF2-HMAC-MD5',0), (12000,'PBKDF2-HMAC-SHA1',0), (12001,'Atlassian (PBKDF2-HMAC-SHA1)',0), (12100,'PBKDF2-HMAC-SHA512',0), (12200,'eCryptfs',0), (12300,'Oracle T: Type (Oracle 12+)',0), (12400,'BSDiCrypt, Extended DES',0), (12500,'RAR3-hp',0), (12600,'ColdFusion 10+',0), (12700,'Blockchain, My Wallet',0), (12800,'MS-AzureSync PBKDF2-HMAC-SHA256',0), (12900,'Android FDE (Samsung DEK)',0), (13000,'RAR5',0), (13100,'Kerberos 5 TGS-REP etype 23',0), (13200,'AxCrypt',0), (13300,'AxCrypt in memory SHA1',0), (13400,'Keepass 1/2 AES/Twofish with/without keyfile',0), (13500,'PeopleSoft PS_TOKEN',0), (13600,'WinZip',0), (13711,'VeraCrypt PBKDF2-HMAC-RIPEMD160 + AES, Serpent, Twofish',0), (13712,'VeraCrypt PBKDF2-HMAC-RIPEMD160 + AES-Twofish, Serpent-AES, Twofish-Serpent',0), (13713,'VeraCrypt PBKDF2-HMAC-RIPEMD160 + Serpent-Twofish-AES',0), (13721,'VeraCrypt PBKDF2-HMAC-SHA512 + AES, Serpent, Twofish',0), (13722,'VeraCrypt PBKDF2-HMAC-SHA512 + AES-Twofish, Serpent-AES, Twofish-Serpent',0), (13723,'VeraCrypt PBKDF2-HMAC-SHA512 + Serpent-Twofish-AES',0), (13731,'VeraCrypt PBKDF2-HMAC-Whirlpool + AES, Serpent, Twofish',0), (13732,'VeraCrypt PBKDF2-HMAC-Whirlpool + AES-Twofish, Serpent-AES, Twofish-Serpent',0), (13733,'VeraCrypt PBKDF2-HMAC-Whirlpool + Serpent-Twofish-AES',0), (13751,'VeraCrypt PBKDF2-HMAC-SHA256 + AES, Serpent, Twofish',0), (13752,'VeraCrypt PBKDF2-HMAC-SHA256 + AES-Twofish, Serpent-AES, Twofish-Serpent',0), (13753,'VeraCrypt PBKDF2-HMAC-SHA256 + Serpent-Twofish-AES',0), (13800,'Windows 8+ phone PIN/Password',0), (13900,'OpenCart',1), (14000,'DES (PT = $salt, key = $pass)',1), (14100,'3DES (PT = $salt, key = $pass)',1), (14400,'sha1(CX)',1), (14600,'LUKS 10',0), (14700,'iTunes Backup < 10.0 11',0), (14800,'iTunes Backup >= 10.0 11',0), (14900,'Skip32 12',1), (15000,‘FileZilla Server >= 0.9.55‘,0), (15100,‘Juniper/NetBSD sha1crypt‘,0), (15200,‘Blockchain, My Wallet, V2‘,0), (15300,‘DPAPI masterkey file v1 and v2‘,0), (15400,‘ChaCha20‘,0), (15500,‘JKS Java Key Store Private Keys (SHA1)‘,0), (15600,‘Ethereum Wallet, PBKDF2-HMAC-SHA256‘,0), (15700,‘Ethereum Wallet, SCRYPT‘,0), (99999,'Plaintext',0);

thx, paule965

s3inlc commented 7 years ago

Thanks a lot for providing an updated list and the changes. I will include it into the sql and the update scripts as soon as possible.