(04-27-2021, 06:47 PM)philsmd Wrote: I have some good news for you kiara... I've just managed to have a further glance at this algorithm and tried to completely implement the whole module/kernel/tests/extractor with this hashcat testing branch:
repo: https://github.com/philsmd/hashcat/tree/..._hash_algo
commit: https://github.com/philsmd/hashcat/commit/576b277
of course this is still very early code and we could think about some optimizations or checks/restrictions of the input etc etc etc
I've decided to create tools/rippex2hashcat.py for the wallet to hash conversion (the format is $rippex$*iter*salt*iv*ciphertext)
While developing the kernel code I've also noticed that there could be a theoretical reason to worry about collisions (the final check, AES-CCM tag, only has 8 bytes, 64 bits), but with 1000 iterations of PBKDF2-HMAC-SHA256 it's not "too bad" (but remember even a "md5" hash consists of 16 bytes). we might need to think about adding a --keep-guessing warning, or also check the plaintext for a low enough entropy/randomness.
it's needless to say that the hash number/selection -m 27100 might change in the future, it ("27100") is just one of the currently free / next hash modes available.
Please test everything, including the conversion tool rippex2hashcat.py (I have no wallet software or wallet files, I just assumed that the files just contain the base64 string, as the eyJp...example above)
Hope this helps and if it's working perfectly fine of course we shouldn't hesitate to open a github issue/pull request on the main hashcat repo
Thx
just compiled the tree
seems to work
<3 ![[Image: ppTHKEO.png]](https://i.imgur.com/ppTHKEO.png)
command used that failed
Code:
./hashcat -m 27100 -a 3 "$rippex$*1000*64pZmnDPa4o=*k38ln/SfQ50cB9uTU0TgSw==*89rZdoDc8C5M9S093cEAargb96ZnVoxXFJ1IBX7bjnaFSeYjO3b5Ns9hN4esJkc+IatwrE3NeB7Jgit6vgFXdDYS6wpcVKEhUu+J2O9h1WDJdrllhjJblfWnGMX0WtEDJAyN79F/b5Q/C9YYSiivPqOnYvHFhKCdTdj/7/vI4IhKHYkGUCQn6/RY0aBGRbZ2VuVFYnPe9U9nQH7Z8NB+O31zPmSjHFU=" Aa123456Aa123456Aa123?a?a?a?a?acommand used that worked . (i just put the hash inside the txt file)
Code:
./hashcat -m 27100 -a 3 hash.txt Aa123456Aa123456Aa123?a?a?a?a?atest was done on a 2080 TI
benchmark
Code:
hashcat (v6.1.1) starting in benchmark mode...
Benchmarking uses hand-optimized kernel code by default.
You can use it in your cracking session by setting the -O option.
Note: Using optimized kernel code limits the maximum supported password length.
To disable the optimized kernel code in benchmark mode, use the -w option.
CUDA API (CUDA 10.2)
====================
* Device #1: GeForce RTX 2080 Ti, 10855/11019 MB, 68MCU
OpenCL API (OpenCL 1.2 CUDA 10.2.141) - Platform #1 [NVIDIA Corporation]
========================================================================
* Device #2: GeForce RTX 2080 Ti, skipped
Benchmark relevant options:
===========================
* --optimized-kernel-enable
Hashmode: 27100 - Ripple Rippex Wallet (Iterations: 999)
Speed.#1.........: 2726.3 kH/s (77.42ms) @ Accel:16 Loops:249 Thr:1024 Vec:1
Started: Tue Apr 27 21:23:08 2021
Stopped: Tue Apr 27 21:23:28 2021and as promise here are some wallet that i've created .
all of the wallet that i've created are 548 char long. (rippex wallet desktop Version: 1.4.1)
however as mention yersteday the example wallet (from those repos) are longer.
and the real wallet from my friend is longer , 692 chars before decoding , start also with eyJp , and decoded it has 517 chars. vs usually 409 chars from the wallet that i've created .