PBKDF2 double hash
#1
Hi,

I have the following code:

var outcome1Hex = PBKDF2(passphrase, salt, SHA256);
var outcome2Hex = PBKDF2(outcome1Hex, salt, SHA256);

The first line can be easily be done with mode 10900 (by using base64 instead of hex), but I need te second one. Is there anyway those two can be combined / piped or is it only possible by writing a kernel? Any sugestions are welcome

sample:
passphrase = hashcat
salt = test
iterations = 1024
outcome1Hex  = 9976c830a3341e6e8adad9f44100ad80a018039937af6df5eeae76a2c725b626
outcome2Hex = a1752736932e8806104a7d93b52540c09696d89f9955518aa64ccb4e66d0504c   (<-- this is the one iam interested in)

Thanks!
Reply
#2
This requires writing a custom kernel.
Reply
#3
Hi,

If you know some c coding and you are interested on write your kernel i sugest you to use mode 14800 as strating point.

You will need to modify the init2 routine and use sha256 instead of sha1, also you have to modify the loop2 and comp routines basically doing exactly the same as on m10900.

Both routines (init2 and loop2) are on m14800-pure.cl inside OpenCL folder.
You will also need to change the mode number (you can use 95000 for instance or any other unused number but for new and non standard modes numbers greater than 90000 are recommended) and replace all ocurrences of 14800 inside the .cl file.

Also you must modify the module_14800.c inside src\modules folder.

To make the modification you can use m10900-pure.cl and module_10900.c to combine on module 14800. You can use
module_10900.c as base and take the necessary modifications from module_14800.c to fit in your needs.

I think your hash type can be easily implemented with a little of study and you can reach almost the same speed as the 10900 mode.

I recomend you to read the hashcat-plugin-development-guide.
Reply
#4
Hi,

Thank you for the recommendations.

I created the module and now working on the kernel but i'm still struggling how to call the same function / pbkdf2-sha256 algorithm again with the outcome of the previous call.

I noticed that the _comp method is used for md5, sha1, sha256 etc in most kernels after pbkdf2-sha256 (like the 21500).

Do you have some sugestions about that?

Also, you suggested taking 14800 as strating point. I was wondring why because this one requires two hashes and I only know the first one (the second one is the outcome of the first one)?

Thanks in advance
Reply
#5
Hi again

the mode 14800 basically compute a similar hash than the one you need but instead of doing both with sha256 is doing the first one with sha256 and the second one with sha1.
For that reason you need to replace the second part (init2, loop2 and comp) with the same code used on pbkdf2 sha256 (mode 10900).
Mode 14800 is he only one in hashcat that compute a double hash as far as i know

The mode 14800 uses iter1 to make the iterations of the first pbkdf2 and iter2 for the second pbkdf2 (you can find both on module_14800.c). Both values are loaded from the file with the hash to crack, but if you want to make it easier and less general, you can hardcode the iterations number on the module file (.c file)

The only trick is to understand how to pass the first hash output to the second one. You can see how to do it on the init2 routine on 14800 mode (the tmps structure has the
outcome1Hex hash that you need to compute the second pbkdf2)

As you said you want to compute:

var outcome1Hex = PBKDF2(passphrase, salt, SHA256);
var outcome2Hex = PBKDF2(outcome1Hex, salt, SHA256);

on mode 14800 the init and loop part compute the first pbkdf2 and the output of that computation is what you call outcome1Hex. The init2 and loop2 is computing the second pbkdf2 which gives the final result outcome2Hex.
The comp part is used to detect if the password is the one wich belongs to the hash you want to crack.

Hope to be clear enough.
good luck
Reply