hash format for 1password 3.7.2

[philsmd]

yes it cracks see:

Code:

echo Hashcat009? | ./1Password_372.pl
full:   fb48ad370166a38cefdc083240a0fff362064e98312f48aeb8f5e67481d39dc7c1c144558ef49c4e
salt:   fb48ad370166a38c
prefix:
iv:     efdc083240a0fff362064e98312f48ae
hash:   b8f5e67481d39dc7c1c144558ef49c4e

started cracking...

match: 'Hashcat009?'

where 1Password_372.pl is just a simple POC perl script:

Code:

#!/usr/bin/env perl

use strict;
use warnings;

use Crypt::PBKDF2;
use Crypt::CBC;

my $iterations = 10000;
my $key_encrypted = "53616c7465645f5ffb48ad370166a38cefdc083240a0fff362064e98312f48aeb8f5e67481d39dc7c1c144558ef49c4e";
#my $key_encrypted = "53616c7465645f5fc98fbec6ee5c2665cd1f2a6b204a0dd99e8f21bf2a6f3e63cace7d9c25b334cbf0443035e3d860e7";

$key_encrypted =~ s/53616c7465645f5f//; # strip of "Salted__"

my $length = length ($key_encrypted);

my $offset = 0;
my $prefix_length = $length;

my $salt_hex = substr ($key_encrypted, 0, 16);
my $salt     = pack   ("H*", $salt_hex);

$offset += 16;
$prefix_length -= 16 + 32 + 32;

my $prefix = substr ($key_encrypted, $offset, $prefix_length);

$offset += $prefix_length;

my $iv_hex = substr ($key_encrypted, $offset, 32);
my $iv     = pack ("H*", $iv_hex);

$offset += 32;

my $hash_hex = substr ($key_encrypted, $offset);

print "full:   " . $key_encrypted . "\n";

print "salt:   " . unpack ("H*", $salt) . "\n";
print "prefix: " . $prefix . "\n";
print "iv:     " . unpack ("H*", $iv) . "\n";
print "hash:   " . $hash_hex . "\n";

my $data = pack ("H*", "10101010101010101010101010101010");

my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1');

my $pbkdf2 = Crypt::PBKDF2->new (
  hasher       => $hasher,
  iterations   => $iterations,
  output_len   => 16
);

print "\nstarted cracking...\n\n";

while (my $word_buf = <>)
{
  chomp ($word_buf);
 
  my $key = $pbkdf2->PBKDF2 ($salt, $word_buf);

  my $cipher = Crypt::CBC->new({
    key         => $key,
    cipher      => "Crypt::Rijndael",
    iv          => $iv,
    literal_key => 1,
    header      => "none",
    keysize     => 16
  });
 
  my $encrypted = unpack ("H*", $cipher->encrypt ($data));
 
  my $hash_buf  = substr ($encrypted, 0, 32);

  if ($hash_buf eq $hash_hex)
  {
    print "match: '$word_buf'\n";

    exit (0);
  }
}

exit 1;

So this proofs that you only need that field starting with "Salted__", i.e. the keyEncrypted field, to verify the password.

Unfortunately, oclHashcat/cudaHashcat currently expects a fixed size 1040 bytes (or 2080 hex chars as "data") because of the new agilekeychain format (but the algo is indeed still the same!), you could go ahead and open a trac ticket with explanations here: https://hashcat.net/trac such that the devs can implement it (i.e. maybe remove this 2080 hex chars restriction).

----

Update1:
BTW the input for oclHashcat would be something like this (if this short non-2080 hex char version would be supported, which it is NOT yet):

Code:

10000:fb48ad370166a38c:efdc083240a0fff362064e98312f48aeb8f5e67481d39dc7c1c144558ef49c4e

----
Update2:
it also works with a little bit of padding see this:

Code:

$ cat m06600.txt
10000:fb48ad370166a38c:000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000efdc083240a0fff362064e98312f48aeb8f5e67481d39dc7c1c144558ef49c4e
$ cudaHashcat64 --quiet -m 6600 m06600.txt dict.txt
10000:fb48ad370166a38c:000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000efdc083240a0fff362064e98312f48aeb8f5e67481d39dc7c1c144558ef49c4e:Hashcat009?

So it cracks already, you just need to pad it to the correct length (or open a trac ticket and devs may help to reduce this length restriction )