1 /*
2  * Copyright (c) 2007 Marti Raudsepp <marti AT juffo org>
3  *
4  * Simple MySQL 4.1+ PASSWORD() hash cracker, rev 1.
5  * Adapted from the original rawSHA1_fmt.c cracker.
6  *
7  * Note that many version 4.1 and 5.0 installations still use the old
8  * homebrewn pre-4.1 hash for compatibility with older clients, notably all
9  * Red Hat-based distributions.
10  *
11  * The new PASSWORD() function is unsalted and equivalent to
12  * SHA1(SHA1(password)) where the inner is a binary digest (not hex!) This
13  * means that with the SSE2-boosted SHA-1 implementation, it will be several
14  * times faster than John's cracker for the old hash format. (though the old
15  * hash had significant weaknesses, some of which are exploited with John's
16  * format "mysql-fast")
17  *
18  * It's a slight improvement over the old hash, but still not something a
19  * reasonable DBMS would use for password storage.
20  *
21  * Use of SSE2 intrinsics: Copyright magnum 2012 and hereby released to the
22  * general public under the following terms:
23  *
24  * Redistribution and use in source and binary forms, with or without
25  * modification, is permitted.
26  *
27  */
28 
29 #if FMT_EXTERNS_H
30 extern struct fmt_main fmt_mysqlSHA1;
31 #elif FMT_REGISTERS_H
32 john_register_one(&fmt_mysqlSHA1);
33 #else
34 
35 #include <string.h>
36 
37 #include "arch.h"
38 
39 #ifdef SIMD_COEF_32
40 #define NBKEYS	(SIMD_COEF_32 * SIMD_PARA_SHA1)
41 #endif
42 #include "simd-intrinsics.h"
43 
44 #include "misc.h"
45 #include "common.h"
46 #include "formats.h"
47 #include "sha.h"
48 #include "johnswap.h"
49 
50 #define FORMAT_LABEL			"mysql-sha1"
51 #define FORMAT_NAME			"MySQL 4.1+"
52 
53 #define ALGORITHM_NAME			"SHA1 " SHA1_ALGORITHM_NAME
54 
55 #define BENCHMARK_COMMENT		""
56 #define BENCHMARK_LENGTH		0x107
57 
58 #define PLAINTEXT_LENGTH		32
59 #define CIPHERTEXT_LENGTH		41
60 
61 #define BINARY_SIZE			20
62 #define BINARY_ALIGN			MEM_ALIGN_WORD
63 #define SALT_SIZE			0
64 #define SALT_ALIGN			MEM_ALIGN_NONE
65 
66 #ifdef SIMD_COEF_32
67 
68 #define MIN_KEYS_PER_CRYPT		NBKEYS
69 #define MAX_KEYS_PER_CRYPT		NBKEYS
70 #define FMT_IS_BE
71 #include "common-simd-getpos.h"
72 
73 #else
74 
75 #define MIN_KEYS_PER_CRYPT		1
76 #define MAX_KEYS_PER_CRYPT		1
77 
78 #endif
79 
80 static struct fmt_tests tests[] = {
81 	{"*5AD8F88516BD021DD43F171E2C785C69F8E54ADB", "tere"},
82 	{"*2c905879f74f28f8570989947d06a8429fb943e6", "verysecretpassword"},
83 	{"*A8A397146B1A5F8C8CF26404668EFD762A1B7B82", "________________________________"},
84 	{"*F9F1470004E888963FB466A5452C9CBD9DF6239C", "12345678123456781234567812345678"},
85 	{"*97CF7A3ACBE0CA58D5391AC8377B5D9AC11D46D9", "' OR 1 /*'"},
86 	{"*2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19", "password"},
87 	{"*7534F9EAEE5B69A586D1E9C1ACE3E3F9F6FCC446", "5"},
88 	{"*be1bdec0aa74b4dcb079943e70528096cca985f8", ""},
89 	{"*0D3CED9BEC10A777AEC23CCC353A8C08A633045E", "abc"},
90 	{"*18E70DF2758EE4C0BD954910E5808A686BC38C6A", "VAwJsrUcrchdG9"},
91 	{"*440F91919FD39C01A9BC5EDB6E1FE626D2BFBA2F", "lMUXgJFc2rNnn"},
92 	{"*171A78FB2E228A08B74A70FE7401C807B234D6C9", "TkUDsVJC"},
93 	{"*F7D70FD3341C2D268E98119ED2799185F9106F5C", "tVDZsHSG"},
94 	{NULL}
95 };
96 
97 #ifdef SIMD_COEF_32
98 /* Cygwin would not guarantee the alignment if these were declared static */
99 #define saved_key mysqlSHA1_saved_key
100 #define crypt_key mysqlSHA1_crypt_key
101 #define interm_key mysqlSHA1_interm_key
102 
103 JTR_ALIGN(MEM_ALIGN_SIMD) char saved_key[SHA_BUF_SIZ*4*NBKEYS];
104 JTR_ALIGN(MEM_ALIGN_SIMD) char crypt_key[BINARY_SIZE*NBKEYS];
JTR_ALIGN(MEM_ALIGN_SIMD)105 JTR_ALIGN(MEM_ALIGN_SIMD) char interm_key[SHA_BUF_SIZ*4*NBKEYS];
106 
107 #else
108 static char saved_key[PLAINTEXT_LENGTH + 1];
109 static uint32_t crypt_key[BINARY_SIZE / 4];
110 static SHA_CTX ctx;
111 #endif
112 
113 static int valid(char *ciphertext, struct fmt_main *self)
114 {
115 	int i;
116 
117 	if (strnlen(ciphertext, CIPHERTEXT_LENGTH + 1) != CIPHERTEXT_LENGTH) return 0;
118 	if (ciphertext[0] != '*')
119 		return 0;
120 	for (i = 1; i < CIPHERTEXT_LENGTH; i++) {
121 		if (!( (('0' <= ciphertext[i])&&(ciphertext[i] <= '9'))
122 		       || (('a' <= ciphertext[i])&&(ciphertext[i] <= 'f'))
123 		       || (('A' <= ciphertext[i])&&(ciphertext[i] <= 'F'))))
124 		{
125 			return 0;
126 		}
127 	}
128 	return 1;
129 }
130 
split(char * ciphertext,int index,struct fmt_main * self)131 static char *split(char *ciphertext, int index, struct fmt_main *self)
132 {
133 	static char out[CIPHERTEXT_LENGTH + 1];
134 
135 	strnzcpy(out, ciphertext, sizeof(out));
136 	strupr(out);
137 	return out;
138 }
139 
init(struct fmt_main * self)140 static void init(struct fmt_main *self)
141 {
142 #ifdef SIMD_COEF_32
143 	int i;
144 
145 	/* input strings have to be terminated by 0x80. The input strings in
146 	 * interm_key have a static length (20 bytes) so we can set them just
147 	 * once. If intrinsics, we do the same for the length byte.
148 	 */
149 	for (i = 0; i < NBKEYS; i++) {
150 		interm_key[GETPOS(20,i)] = 0x80;
151 		((unsigned int *)interm_key)[15*SIMD_COEF_32 + (i&(SIMD_COEF_32-1)) + i/SIMD_COEF_32*SHA_BUF_SIZ*SIMD_COEF_32] = 20 << 3;
152 	}
153 #endif
154 }
155 
156 #define NON_SIMD_SINGLE_SAVED_KEY
157 #include "common-simd-setkey32.h"
158 
cmp_all(void * binary,int count)159 static int cmp_all(void *binary, int count) {
160 #ifdef SIMD_COEF_32
161 	unsigned int x, y;
162 
163 	for (y = 0; y < SIMD_PARA_SHA1; y++) {
164 		for (x = 0; x < SIMD_COEF_32; x++) {
165 			if ( ((unsigned int*)binary)[0] ==
166 					((unsigned int*)crypt_key)[x+y*SIMD_COEF_32*5] )
167 				return 1;
168 		}
169 	}
170 	return 0;
171 #else
172 	return !memcmp(binary, crypt_key, BINARY_SIZE);
173 #endif
174 }
175 
cmp_exact(char * source,int index)176 static int cmp_exact(char *source, int index)
177 {
178 	return 1;
179 }
180 
cmp_one(void * binary,int index)181 static int cmp_one(void * binary, int index)
182 {
183 #ifdef SIMD_COEF_32
184 	unsigned int x,y;
185 	x = index&(SIMD_COEF_32-1);
186 	y = (unsigned int)index/SIMD_COEF_32;
187 
188 	if ( ((unsigned int*)binary)[0] != ((unsigned int*)crypt_key)[x+y*SIMD_COEF_32*5] )
189 		return 0;
190 	if ( ((unsigned int*)binary)[1] != ((unsigned int*)crypt_key)[x+y*SIMD_COEF_32*5+SIMD_COEF_32*1] )
191 		return 0;
192 	if ( ((unsigned int*)binary)[2] != ((unsigned int*)crypt_key)[x+y*SIMD_COEF_32*5+SIMD_COEF_32*2] )
193 		return 0;
194 	if ( ((unsigned int*)binary)[3] != ((unsigned int*)crypt_key)[x+y*SIMD_COEF_32*5+SIMD_COEF_32*3] )
195 		return 0;
196 	if ( ((unsigned int*)binary)[4] != ((unsigned int*)crypt_key)[x+y*SIMD_COEF_32*5+SIMD_COEF_32*4] )
197 		return 0;
198 	return 1;
199 #else
200 	return cmp_all(binary, index);
201 #endif
202 }
203 
crypt_all(int * pcount,struct db_salt * salt)204 static int crypt_all(int *pcount, struct db_salt *salt)
205 {
206 	const int count = *pcount;
207 #ifdef SIMD_COEF_32
208 	unsigned int i;
209 
210 	SIMDSHA1body(saved_key, (unsigned int *)crypt_key, NULL, SSEi_MIXED_IN);
211 
212 	for (i = 0; i < SIMD_PARA_SHA1; i++)
213 		memcpy(&interm_key[i*SHA_BUF_SIZ*4*SIMD_COEF_32],
214 		       &crypt_key[i*BINARY_SIZE*SIMD_COEF_32],
215 		       SIMD_COEF_32*BINARY_SIZE);
216 
217 	SIMDSHA1body(interm_key, (unsigned int *)crypt_key, NULL, SSEi_MIXED_IN);
218 #else
219 	SHA1_Init(&ctx);
220 	SHA1_Update(&ctx, (unsigned char *) saved_key, strlen(saved_key));
221 	SHA1_Final((unsigned char *) crypt_key, &ctx);
222 
223 	SHA1_Init(&ctx);
224 	SHA1_Update(&ctx, (unsigned char *) crypt_key, BINARY_SIZE);
225 	SHA1_Final((unsigned char *) crypt_key, &ctx);
226 #endif
227 	return count;
228 }
229 
get_binary(char * ciphertext)230 static void *get_binary(char *ciphertext)
231 {
232 	static unsigned char *realcipher;
233 	int i;
234 
235 	if (!realcipher)
236 		realcipher = mem_alloc_tiny(BINARY_SIZE, MEM_ALIGN_WORD);
237 
238 	// ignore first character '*'
239 	ciphertext += 1;
240 	for (i=0;i<BINARY_SIZE;i++)
241 	{
242 		realcipher[i] = atoi16[ARCH_INDEX(ciphertext[i*2])]*16 + atoi16[ARCH_INDEX(ciphertext[i*2+1])];
243 	}
244 #if defined(SIMD_COEF_32) && ARCH_LITTLE_ENDIAN==1
245 	alter_endianity((unsigned char *)realcipher, BINARY_SIZE);
246 #endif
247 	return (void *)realcipher;
248 }
249 
250 #define COMMON_GET_HASH_SIMD32 5
251 #define COMMON_GET_HASH_VAR crypt_key
252 #include "common-get-hash.h"
253 
254 struct fmt_main fmt_mysqlSHA1 = {
255 	{
256 		FORMAT_LABEL,
257 		FORMAT_NAME,
258 		ALGORITHM_NAME,
259 		BENCHMARK_COMMENT,
260 		BENCHMARK_LENGTH,
261 		0,
262 		PLAINTEXT_LENGTH,
263 		BINARY_SIZE,
264 		BINARY_ALIGN,
265 		SALT_SIZE,
266 		SALT_ALIGN,
267 		MIN_KEYS_PER_CRYPT,
268 		MAX_KEYS_PER_CRYPT,
269 		FMT_CASE | FMT_8_BIT | FMT_SPLIT_UNIFIES_CASE,
270 		{ NULL },
271 		{ NULL },
272 		tests
273 	}, {
274 		init,
275 		fmt_default_done,
276 		fmt_default_reset,
277 		fmt_default_prepare,
278 		valid,
279 		split,
280 		get_binary,
281 		fmt_default_salt,
282 		{ NULL },
283 		fmt_default_source,
284 		{
285 			fmt_default_binary_hash_0,
286 			fmt_default_binary_hash_1,
287 			fmt_default_binary_hash_2,
288 			fmt_default_binary_hash_3,
289 			fmt_default_binary_hash_4,
290 			fmt_default_binary_hash_5,
291 			fmt_default_binary_hash_6
292 		},
293 		fmt_default_salt_hash,
294 		NULL,
295 		fmt_default_set_salt,
296 		set_key,
297 		get_key,
298 		fmt_default_clear_keys,
299 		crypt_all,
300 		{
301 #define COMMON_GET_HASH_LINK
302 #include "common-get-hash.h"
303 		},
304 		cmp_all,
305 		cmp_one,
306 		cmp_exact
307 	}
308 };
309 
310 #endif /* plugin stanza */
311