+55 minutes in Generating Dictionary for 194GB
#7
@dindolo1979 Attention: I would be very careful with this small set of information you provided/got here.

As far as I understood the algorithm is much more simple/straight forward and doesn't need any AES etc steps just to validate the password.

If you are really interested in some more (technical) discussions and/or if you want that these algorithms (actually yes, there are 2 different algorithms at least!) to be added to hashcat, we should continue to collect some information and maybe you can contribute a little bit (with some more info, e.g. which file a user normally has etc, I'm thinking about e.g. the ~/.web3/keys/ files on linux, but I'm not too familiar with ethereum)...

This is what I got so far, a POC:
pbkdf2:
Code:
#!/usr/bin/env perl

# author: philsmd (for hashcat)
# date: april 2017

use strict;
use warnings;

use Crypt::PBKDF2;
use Digest::Keccak qw (keccak_256_hex);

#
# Algorithm can be found in: SecretStore::decrypt () in cpp-ethereum/libdevcrypto/SecretStore.cpp
# Examples can be found in:  cpp-ethereum/test/unittests/libdevcrypto/SecretStore.cpp
#

my $mac = "cf6bfbcc77142a22c4a908784b4a16f1023a1d0e2aff404c20158fa4f1587177"; # the "hash"

my $ciphertext = "d69313b6470ac1942f75d72ebf8818a0d484ac78478a132ee081cd954d6bd7a9";

# pbkdf2 params:

my $dklen = 32;
my $c = 262144; # iterations
my $salt = "c82ef14476014cbf438081a42709e2ed";

# pass:

# my $pass = "bar";

#
# Start
#

my $salt_bin = pack ("H*", $salt);

my $ciphertext_bin = pack ("H*", $ciphertext);

while (my $pass = <>)
{
  chomp ($pass);

  # pbkdf2:
  
  my $pbkdf2 = Crypt::PBKDF2->new
  (
    hasher     => Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA2', 256),
    iterations => $c,
    out_len => $dklen
  );
  
  my $derived_key = $pbkdf2->PBKDF2 ($salt_bin, $pass);

  my $derived_key_cropped = substr ($derived_key, 16, 16);

  # SHA3 - keccak (needed for the "mac" check)
  
  my $mac_gen = keccak_256_hex ($derived_key_cropped . $ciphertext_bin);
  
  if ($mac_gen eq $mac)
  {
    print "Password found: '$pass'\n";
  }
}

how to run it:
Code:
echo bar | ./ethereum_pbkdf2.pl

scrypt:
Code:
#!/usr/bin/env perl

# author: philsmd (for hashcat)
# date: april 2017

use strict;
use warnings;

use Crypt::ScryptKDF qw (scrypt_raw);
use Digest::Keccak   qw (keccak_256_hex);

#
# Algorithm can be found in: SecretStore::decrypt () in cpp-ethereum/libdevcrypto/SecretStore.cpp
# Examples can be found in:  cpp-ethereum/test/unittests/libdevcrypto/SecretStore.cpp
#

my $mac = "2103ac29920d71da29f15d75b4a16dbe95cfd7ff8faea1056c33131d846e3097"; # the "hash"

my $ciphertext = "d172bf743a674da9cdad04534d56926ef8358534d458fffccd4e6ad2fbde479c";

# scrypt params:

my $dklen = 32;
my $n = 262144;
my $p = 8,
my $r = 1,
my $salt = "ab0c7876052600dd703518d6fc3fe8984592145b591fc8fb5c6d43190334ba19";

# pass:

# my $pass = "testpassword";

#
# Start
#

my $salt_bin = pack ("H*", $salt);

my $ciphertext_bin = pack ("H*", $ciphertext);

while (my $pass = <>)
{
  chomp ($pass);

  # scrypt:

  my $derived_key = scrypt_raw ($pass, $salt_bin, $n, $r, $p, $dklen);

  my $derived_key_cropped = substr ($derived_key, 16, 16);

  # SHA3 - keccak (needed for the "mac" check)

  my $mac_gen = keccak_256_hex ($derived_key_cropped . $ciphertext_bin);

  if ($mac_gen eq $mac)
  {
    print "Password found: '$pass'\n";
  }
}

how to run it:
Code:
echo testpassword | ./ethereum_scrypt.pl

(examples, as mentioned within the code, are from: cpp-ethereum/test/unittests/libdevcrypto/SecretStore.cpp)

Note: the code is in perl, but it wouldn't be impossible to add GPU support with hashcat, but we need to clarify a lot of things first, actually there is already a github issue here: https://github.com/hashcat/hashcat/issues/262 (with very little information about the algorithm)


Messages In This Thread
RE: +55 minutes in Generating Dictionary for 194GB - by philsmd - 04-07-2017, 02:03 PM