Request for PasswordSafe hash support.

Request for PasswordSafe hash support. - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Deprecated; Ancient Versions (https://hashcat.net/forum/forum-46.html)
+--- Forum: Feature Requests (https://hashcat.net/forum/forum-7.html)
+--- Thread: Request for PasswordSafe hash support. (/thread-1088.html)

Request for PasswordSafe hash support. - Nemo - 04-17-2012

Hello, atom.

I'd like to ask for you to look into possible implemetation of PasswordSafe3 container's hashes support.
olcHashcat would be awesome, but I would be very grateful to see its support in CPU hashcat, too, if you decide against its in openCL versions.

Below are the specs.
Full specs: http://keybox.rubyforge.org/password-safe-db-format.html

Quote:TAG 4 bytes The 4 ASCII Chacters â€˜PWS3â€™
SALT 32 bytes 256 random bit value generated at file creation
ITER 32 bit LE value number of rounds in the key stretch algorithm
H(Pâ€™) 32 bytes SHA-256 of the userâ€™s passphrase

Bellow are exmaples for a couple of containers with different passwords. I've cut first 72 bytes from them. Second line are the pieces divided by space

1.psafe3 passwd: qwerty

Code:
505753331D8BB69362C29266500960F2ED7FD5D6335B615748BF4794E3D58D63BBE8FD8100080000EB7183FE89CA1A355ECE2CA170B057268F851DC26202F7069F254D44D7DCB3EB

50575333 1D8BB69362C29266500960F2ED7FD5D6335B615748BF4794E3D58D63BBE8FD81 00080000 EB7183FE89CA1A355ECE2CA170B057268F851DC26202F7069F254D44D7DCB3EB

salt: 1D8BB69362C29266500960F2ED7FD5D6335B615748BF4794E3D58D63BBE8FD81
n_iters: 00080000
hash: EB7183FE89CA1A355ECE2CA170B057268F851DC26202F7069F254D44D7DCB3EB
----------------
2.psafe3 passwd: zxc678;`7n

Code:
50575333D9A650D94C8B6FDC6A20415E08EC531AA42800331B9BD4C7325040D74D4139EC00080000621FCEAAED9777D9E959C2B14EEE7D1EA97B0BAAF82ADFD77F130D909931AEB2

50575333 D9A650D94C8B6FDC6A20415E08EC531AA42800331B9BD4C7325040D74D4139EC 00080000 621FCEAAED9777D9E959C2B14EEE7D1EA97B0BAAF82ADFD77F130D909931AEB2

salt: D9A650D94C8B6FDC6A20415E08EC531AA42800331B9BD4C7325040D74D4139EC
n_iters: 00080000
hash: 621FCEAAED9777D9E959C2B14EEE7D1EA97B0BAAF82ADFD77F130D909931AEB2
---------------

Salt is binary, iterations are 2048 (0x0800) and the algorithm is sha-256. So it makes sha-256($pw$salt), and then sha-256(previous hash) in loop.

Perl code:

Code:
sub _stretch_key {

my ($salt, $n_iters, $originalhash, $pw) = @_;

my $sha = eval("new $SHA(256)");

$sha->add("$pw$salt");

my $key = $sha->digest;

for(my $i = 0; $i < $n_iters; $i++) {

$sha->add($key);

$key = $sha->digest;

}

$sha->add($key);

return $key if $sha->digest eq $originalhash;

}

RE: Request for PasswordSafe hash support. - halfie - 06-24-2012

This has now implemented in JtR-jumbo. Both CPU and GPU implementations are available.

RE: Request for PasswordSafe hash support. - atom - 06-25-2012

should be simple to add, @Hash-IT: please add to wiki

RE: Request for PasswordSafe hash support. - Hash-IT - 06-25-2012

Done Smile

It's lucky I am obsessed with this forum, otherwise I might have missed this !
Big Grin