1#!/usr/bin/env perl 2 3## 4## Author......: See docs/credits.txt 5## License.....: MIT 6## 7 8use strict; 9use warnings; 10 11use Crypt::CBC; 12 13sub module_constraints { [[-1, -1], [-1, -1], [0, 30], [0, 30], [-1, -1]] } 14 15sub module_generate_hash 16{ 17 my $word = shift; 18 my $salt = shift; 19 20 my $digest = oracle_hash ($salt, $word); 21 22 my $hash = sprintf ("%s:%s", $digest, $salt); 23 24 return $hash; 25} 26 27sub module_verify_hash 28{ 29 my $line = shift; 30 31 my ($hash, $salt, $word) = split (':', $line); 32 33 return unless defined $hash; 34 return unless defined $salt; 35 return unless defined $word; 36 37 my $word_packed = pack_if_HEX_notation ($word); 38 39 my $new_hash = module_generate_hash ($word_packed, $salt); 40 41 return ($new_hash, $word); 42} 43 44sub oracle_hash 45{ 46 my ($username, $password) = @_; 47 48 my $userpass = pack ('n*', unpack ('C*', uc ($username.$password))); 49 $userpass .= pack ('C', 0) while (length ($userpass) % 8); 50 51 my $key = pack ('H*', "0123456789ABCDEF"); 52 my $iv = pack ('H*', "0000000000000000"); 53 54 my $c = new Crypt::CBC ( 55 -literal_key => 1, 56 -cipher => "DES", 57 -key => $key, 58 -iv => $iv, 59 -header => "none" 60 ); 61 my $key2 = substr ($c->encrypt ($userpass), length ($userpass)-8, 8); 62 63 my $c2 = new Crypt::CBC ( 64 -literal_key => 1, 65 -cipher => "DES", 66 -key => $key2, 67 -iv => $iv, 68 -header => "none" 69 ); 70 my $hash = substr ($c2->encrypt ($userpass), length ($userpass)-8, 8); 71 72 return uc (unpack ('H*', $hash)); 73} 74 751; 76