Request for PasswordSafe hash support.
#1
Hello, atom.

I'd like to ask for you to look into possible implemetation of PasswordSafe3 container's hashes support.
olcHashcat would be awesome, but I would be very grateful to see its support in CPU hashcat, too, if you decide against its in openCL versions.

Below are the specs.
Full specs: http://keybox.rubyforge.org/password-saf...ormat.html

Quote:TAG 4 bytes The 4 ASCII Chacters ‘PWS3’
SALT 32 bytes 256 random bit value generated at file creation
ITER 32 bit LE value number of rounds in the key stretch algorithm
H(P’) 32 bytes SHA-256 of the user’s passphrase

Bellow are exmaples for a couple of containers with different passwords. I've cut first 72 bytes from them. Second line are the pieces divided by space

1.psafe3 passwd: qwerty
Code:
505753331D8BB69362C29266500960F2ED7FD5D6335B615748BF4794E3D58D63BBE8FD8100080000EB7183FE89CA1A355ECE2CA170B057268F851DC26202F7069F254D44D7DCB3EB
50575333 1D8BB69362C29266500960F2ED7FD5D6335B615748BF4794E3D58D63BBE8FD81 00080000 EB7183FE89CA1A355ECE2CA170B057268F851DC26202F7069F254D44D7DCB3EB

salt: 1D8BB69362C29266500960F2ED7FD5D6335B615748BF4794E3D58D63BBE8FD81
n_iters: 00080000
hash: EB7183FE89CA1A355ECE2CA170B057268F851DC26202F7069F254D44D7DCB3EB
----------------
2.psafe3 passwd: zxc678;`7n
Code:
50575333D9A650D94C8B6FDC6A20415E08EC531AA42800331B9BD4C7325040D74D4139EC00080000621FCEAAED9777D9E959C2B14EEE7D1EA97B0BAAF82ADFD77F130D909931AEB2
50575333 D9A650D94C8B6FDC6A20415E08EC531AA42800331B9BD4C7325040D74D4139EC 00080000 621FCEAAED9777D9E959C2B14EEE7D1EA97B0BAAF82ADFD77F130D909931AEB2

salt: D9A650D94C8B6FDC6A20415E08EC531AA42800331B9BD4C7325040D74D4139EC
n_iters: 00080000
hash: 621FCEAAED9777D9E959C2B14EEE7D1EA97B0BAAF82ADFD77F130D909931AEB2
---------------

Salt is binary, iterations are 2048 (0x0800) and the algorithm is sha-256. So it makes sha-256($pw$salt), and then sha-256(previous hash) in loop.

Perl code:
Code:
sub _stretch_key {
my ($salt, $n_iters, $originalhash, $pw) = @_;
my $sha = eval("new $SHA(256)");
$sha->add("$pw$salt");
my $key = $sha->digest;
for(my $i = 0; $i < $n_iters; $i++) {
$sha->add($key);
$key = $sha->digest;
}
$sha->add($key);
return $key if $sha->digest eq $originalhash;
}
#2
This has now implemented in JtR-jumbo. Both CPU and GPU implementations are available.
#3
should be simple to add, @Hash-IT: please add to wiki
#4
Done Smile

It's lucky I am obsessed with this forum, otherwise I might have missed this !
Big Grin