diff -urpN memdbg2/doc/DYNAMIC memdbg1/doc/DYNAMIC --- memdbg2/doc/DYNAMIC 2013-05-11 18:28:31.312500000 -0500 +++ memdbg1/doc/DYNAMIC 2013-05-12 11:06:49.140625000 -0500 @@ -161,21 +161,51 @@ dynamic_38 | sha1($s.sha1($s.sha1($p))) dynamic_50 | sha224($p) | No | dynamic_51 | sha224($s.$p) | Yes | dynamic_52 | sha224($p.$s) | Yes | +dynamic_53 | sha224(sha224($p)) | No | +dynamic_54 | sha224(sha224_raw($p)) | No | +dynamic_55 | sha224(sha224($p).$s) | Yes | +dynamic_56 | sha224($s.sha224($p)) | Yes | +dynamic_57 | sha224(sha224($s).sha224($p)) | Yes | dynamic_60 | sha256($p) | No | dynamic_61 | sha256($s.$p) | Yes | dynamic_62 | sha256($p.$s) | Yes | +dynamic_63 | sha256(sha256($p)) | No | +dynamic_64 | sha256(sha256_raw($p)) | No | +dynamic_65 | sha256(sha256($p).$s) | Yes | +dynamic_66 | sha256($s.sha256($p)) | Yes | +dynamic_67 | sha256(sha256($s).sha256($p)) | Yes | dynamic_70 | sha384($p) | No | dynamic_71 | sha384($s.$p) | Yes | dynamic_72 | sha384($p.$s) | Yes | +dynamic_73 | sha384(sha384($p)) | No | +dynamic_74 | sha384(sha384_raw($p)) | No | +dynamic_75 | sha384(sha384($p).$s) | Yes | +dynamic_76 | sha384($s.sha384($p)) | Yes | +dynamic_77 | sha384(sha384($s).sha384($p)) | Yes | dynamic_80 | sha512($p) | No | dynamic_81 | sha512($s.$p) | Yes | dynamic_82 | sha512($p.$s) | Yes | +dynamic_83 | sha512(sha512($p)) | No | +dynamic_84 | sha512(sha512_raw($p)) | No | +dynamic_85 | sha512(sha512($p).$s) | Yes | +dynamic_86 | sha512($s.sha512($p)) | Yes | +dynamic_87 | sha512(sha512($s).sha512($p)) | Yes | dynamic_90 | GOST($p) | No | dynamic_91 | GOST($s.$p) | Yes | dynamic_92 | GOST($p.$s) | Yes | +dynamic_93 | GOST(GOST($p)) | No | +dynamic_94 | GOST(GOST_raw($p)) | No | +dynamic_95 | GOST(GOST($p).$s) | Yes | +dynamic_96 | GOST($s.GOST($p)) | Yes | +dynamic_97 | GOST(GOST($s).GOST($p)) | Yes | dynamic_100 | WHIRLPOOL($p) | No | dynamic_101 | WHIRLPOOL($s.$p) | Yes | dynamic_102 | WHIRLPOOL($p.$s) | Yes | +dynamic_103 | WHIRLPOOL(WHIRLPOOL($p)) | No | +dynamic_104 | WHIRLPOOL(WHIRLPOOL_raw($p)) | No | +dynamic_105 | WHIRLPOOL(WHIRLPOOL($p).$s) | Yes | +dynamic_106 | WHIRLPOOL($s.WHIRLPOOL($p)) | Yes | +dynamic_107 | WHIRLPOOL(WHIRLPOOL($s).WHIRLPOOL($p)) | Yes | ........ | RESERVED | UNK | dynamic_999 | RESERVED | UNK | @@ -189,7 +219,29 @@ dynamic_1005 md5(md5(md5(md5(md5(md5(md dynamic_1006 md5(md5(md5(md5(md5(md5(md5(md5($p)))))))) dynamic_1007 md5(md5($p).$s) (vBulletin) dynamic_1008 md5($p.$s) (joomla) - +# and many other newer items, added from user requests. +dynamic_1010 md5($p null_padded_to_len_100) RAdmin v2.x MD5 +dynamic_1011 md5($p.md5($s)) (WebEdition CMS) +dynamic_1012 md5($p.md5($s)) (WebEdition CMS) (much faster) +dynamic_1013 md5($p.PMD5(username)) (WebEdition CMS) (fast speed, but user name is stored in md5 hash format) +dynamic_1014 md5($p.$s) (long salt) +dynamic_1015 md5(md5($p.$u).$s) +dynamic_1018 md5(sha1(sha1($pass))) +dynamic_1019 md5(sha1(sha1(md5($pass)))) +dynamic_1020 md5(sha1(md5($pass))) +dynamic_1021 md5(sha1(md5(sha1($pass)))) +dynamic_1022 md5(sha1(md5(sha1(md5($pass))))) +dynamic_1023 sha1($pass) (first 32 bytes) +dynamic_1024 sha1(md5($pass)) (first 32 bytes) +dynamic_1025 sha1(md5(md5($pass))) (first 32 bytes) +dynamic_1026 sha1(sha1($pass))) (first 32 bytes) +dynamic_1027 sha1(sha1(sha1($pass)))) (first 32 bytes) +dynamic_1028 sha1(sha1_raw($pass)) (first 32 bytes) +dynamic_1029 sha256($pass) (first 32 bytes) +dynamic_1030 Whirlpool($pass) (first 32 bytes) +dynamic_1031 GOST($pass) (first 32 bytes) +dynamic_1300 md5(md5_raw($pass)) +dynamic_1350 md5(md5($s.$p):$s) NOTE the documentation section of dynamic.conf is listed here. It shows @@ -607,25 +659,45 @@ examples (this whole list is also found # Sets the length of each element of input1[] to 16. In SSE2 mode, if the length of the input buffer # was less than 16, then that 0x80 end of marker is removed, and a new one is 'added' at offset 16. # +# DynamicFunc__set_input_len_20 +# Sets the length of each element of input1[] to 20. In SSE2 mode, if the length of the input buffer +# was less than 20, then that 0x80 end of marker is removed, and a new one is 'added' at offset 20. +# # DynamicFunc__set_input2_len_16 # Sets the length of each element of input2[] to 16. # +# DynamicFunc__set_input2_len_20 +# Sets the length of each element of input2[] to 20. +# # DynamicFunc__set_input_len_32 # Sets the length of each element of input1[] to 32. This was designed as is used in conjunction with # the funtion overwrite_from_last_output_as_base16_no_size_fix in mind, but would not # be the 'only' reason to use it (but is the only reason I have at this time). This function does NOT -# clean the input[] items prior to this. Usually a call to clean_input would be required priot to -# calling this function, to make sure the buffer is 'clean'. +# clean the input[] items prior to this. Usually a call to clean_input would be required prior to +# calling this function, to make sure the buffer is 'clean'. A 0x80 is placed into offset 32 # # DynamicFunc__set_input2_len_32 # Same as DynamicFunc__set_input_len_32 but this one works on input2[] array. # +# DynamicFunc__set_input_len_40 +# Sets the length of each element of input1[] to 30. A 0x80 is placed into offset 40. This would be +# the companion function to DynamicFunc__set_input_len_32, but useful for SHA1 hashes which would +# themselves output 40 bytes of hex. +# +# DynamicFunc__set_input2_len_40 +# Same as DynamicFunc__set_input_len_40 but this one works on input2[] array. +# # DynamicFunc__set_input_len_64 # Like the above function, but sets lengths to 64 bytes. NOTE valid to use in SSE2 mode. # # DynamicFunc__set_input2_len_64 # Same as DynamicFunc__set_input2_len_64 but this one works on input2[] array. # +# DynamicFunc__set_input_len_100 +# Like the above function, but sets lengths to 100 bytes. NOTE valid to use in SSE2 mode. +# This is a 'specialized' function for the RAdmin hash, and simply nulls out the buffer +# up to 100 bytes. +# # SSE 'switching' functions. SSE is only valid for 54 byte or less input strings. # This is due to optimizations which place a 'single' md5 limb restriction on the # crypts. Thus, for some formats, we have to be in x86 mode only, but for others, @@ -634,6 +706,15 @@ examples (this whole list is also found # compatible between x86 and SSE2. If possible, convert the output buffers, they # are smaller, and faster (usually). # +# NOTE, proper usage of these functions CAN improve performance of some SHA1 processing +# putting the data into or out of 'flat' model. The SHA1 hash does have SSE code, however +# since it also requires BE layout for the data (vs LE for md5), a design choice was made +# to not store the BE sse buffers long term. All crypting will determin IF sse sha1 code +# should be used, and if so, the crypt function will convert from flat into sse format. +# however, if the data already is in sse format, it has to be transformed into a format +# valid for ShA1. Look at formats 1022 to 1031 for insite on how to best use these +# data conversion functions with SHA1. +# # DynamicFunc__SSEtoX86_switch_input1 # Copies the SSE Input1 buffer to x86 Input1. Changes 'mode' to non-SSE for any # functions that are done after this call. diff -urpN memdbg2/run/dynamic.conf memdbg1/run/dynamic.conf --- memdbg2/run/dynamic.conf 2013-05-11 17:27:13.593750000 -0500 +++ memdbg1/run/dynamic.conf 2013-05-12 11:06:49.187500000 -0500 @@ -341,7 +341,7 @@ Test=$dynamic_1015$bf2a64f35feba7bf1b633 Expression=md5(sha1(sha1($pass))) Flag=MGF_StartInX86Mode Flag=MGF_KEYS_INPUT_BE_SAFE -Func=DynamicFunc__clean_input2 +Func=DynamicFunc__clean_input2_kwik Func=DynamicFunc__SHA1_crypt_input1_append_input2_base16 Func=DynamicFunc__SHA1_crypt_input2_overwrite_input2_base16 Func=DynamicFunc__X86toSSE_switch_input2 @@ -351,11 +351,10 @@ Test=$dynamic_1018$f3b5f01810c4d66ae0af8 [List.Generic:dynamic_1019] Expression=md5(sha1(sha1(md5($pass)))) -Flag=MGF_StartInX86Mode -Flag=MGF_KEYS_INPUT_BE_SAFE -Flag=MGF_FULL_CLEAN_REQUIRED +Flag=MGF_KEYS_INPUT Func=DynamicFunc__crypt_md5 -Func=DynamicFunc__clean_input2 +Func=DynamicFunc__SSEtoX86_switch_output1 +Func=DynamicFunc__clean_input2_kwik Func=DynamicFunc__append_from_last_output_to_input2_as_base16 Func=DynamicFunc__SHA1_crypt_input2_overwrite_input2_base16 Func=DynamicFunc__SHA1_crypt_input2_overwrite_input2_base16 @@ -366,11 +365,10 @@ Test=$dynamic_1019$77faf9282c0c9b5870a4d [List.Generic:dynamic_1020] Expression=md5(sha1(md5($pass))) -Flag=MGF_StartInX86Mode -Flag=MGF_KEYS_INPUT_BE_SAFE -Flag=MGF_FULL_CLEAN_REQUIRED +Flag=MGF_KEYS_INPUT Func=DynamicFunc__crypt_md5 -Func=DynamicFunc__clean_input2 +Func=DynamicFunc__SSEtoX86_switch_output1 +Func=DynamicFunc__clean_input2_kwik Func=DynamicFunc__append_from_last_output_to_input2_as_base16 Func=DynamicFunc__SHA1_crypt_input2_overwrite_input2_base16 Func=DynamicFunc__X86toSSE_switch_input2 @@ -380,11 +378,13 @@ Test=$dynamic_1020$2a8ce40b837c8550506d9 [List.Generic:dynamic_1021] Expression=md5(sha1(md5(sha1($pass)))) Flag=MGF_StartInX86Mode -Flag=MGF_KEYS_INPUT_BE_SAFE -Func=DynamicFunc__clean_input2 +Flag=MGF_KEYS_INPUT +Func=DynamicFunc__clean_input2_kwik Func=DynamicFunc__SHA1_crypt_input1_append_input2_base16 +Func=DynamicFunc__X86toSSE_switch_input2 Func=DynamicFunc__crypt2_md5 -Func=DynamicFunc__clean_input2 +Func=DynamicFunc__SSEtoX86_switch_output2 +Func=DynamicFunc__clean_input2_kwik Func=DynamicFunc__append_from_last_output2_as_base16 Func=DynamicFunc__SHA1_crypt_input2_overwrite_input2_base16 Func=DynamicFunc__X86toSSE_switch_input2 @@ -393,15 +393,16 @@ Test=$dynamic_1021$c1e054140feac1b411d3e [List.Generic:dynamic_1022] Expression=md5(sha1(md5(sha1(md5($pass))))) -Flag=MGF_StartInX86Mode -Flag=MGF_KEYS_INPUT_BE_SAFE -Flag=MGF_FULL_CLEAN_REQUIRED +Flag=MGF_KEYS_INPUT Func=DynamicFunc__crypt_md5 -Func=DynamicFunc__clean_input2 +Func=DynamicFunc__SSEtoX86_switch_output1 +Func=DynamicFunc__clean_input2_kwik Func=DynamicFunc__append_from_last_output_to_input2_as_base16 +Func=DynamicFunc__X86toSSE_switch_input2 Func=DynamicFunc__SHA1_crypt_input2_overwrite_input2_base16 Func=DynamicFunc__crypt2_md5 -Func=DynamicFunc__clean_input2 +Func=DynamicFunc__SSEtoX86_switch_output2 +Func=DynamicFunc__clean_input2_kwik Func=DynamicFunc__append_from_last_output2_as_base16 Func=DynamicFunc__SHA1_crypt_input2_overwrite_input2_base16 Func=DynamicFunc__X86toSSE_switch_input2 @@ -411,30 +412,25 @@ Test=$dynamic_1022$e1eb34c6ab9e9cbe4ff67 [List.Generic:dynamic_1023] Expression=sha1($pass) (first 32 bytes) -Flag=MGF_StartInX86Mode -Flag=MGF_KEYS_INPUT_BE_SAFE -Flag=MGF_FULL_CLEAN_REQUIRED +Flag=MGF_RAW_SHA1_INPUT Func=DynamicFunc__SHA1_crypt_input1_to_output1_FINAL Test=$dynamic_1023$5baa61e4c9b93f3f0682250b6cf8331b:password [List.Generic:dynamic_1024] Expression=sha1(md5($pass)) (first 32 bytes) -Flag=MGF_StartInX86Mode -Flag=MGF_KEYS_INPUT_BE_SAFE -Flag=MGF_FULL_CLEAN_REQUIRED +Flag=MGF_KEYS_INPUT Func=DynamicFunc__crypt_md5 -Func=DynamicFunc__clean_input2 +Func=DynamicFunc__SSEtoX86_switch_output1 +Func=DynamicFunc__clean_input2_kwik Func=DynamicFunc__append_from_last_output_to_input2_as_base16 Func=DynamicFunc__SHA1_crypt_input2_to_output1_FINAL Test=$dynamic_1024$c56289182ffd862d906eac1ce5c6fe6d:trigun [List.Generic:dynamic_1025] Expression=sha1(md5(md5($pass))) (first 32 bytes) -Flag=MGF_StartInX86Mode -Flag=MGF_KEYS_INPUT_BE_SAFE -Flag=MGF_FULL_CLEAN_REQUIRED +Flag=MGF_KEYS_INPUT Func=DynamicFunc__crypt_md5 -Func=DynamicFunc__clean_input2 +Func=DynamicFunc__clean_input2_kwik Func=DynamicFunc__append_from_last_output_to_input2_as_base16 Func=DynamicFunc__crypt2_md5 Func=DynamicFunc__clean_input2_kwik @@ -446,8 +442,7 @@ Test=$dynamic_1025$f122db007ed655921f981 Expression=sha1(sha1($pass))) (first 32 bytes) Flag=MGF_StartInX86Mode Flag=MGF_KEYS_INPUT_BE_SAFE -Flag=MGF_FULL_CLEAN_REQUIRED -Func=DynamicFunc__clean_input2 +Func=DynamicFunc__clean_input2_kwik Func=DynamicFunc__SHA1_crypt_input1_overwrite_input2_base16 Func=DynamicFunc__SHA1_crypt_input2_to_output1_FINAL Test=$dynamic_1026$71b37a2d9b0a7d5dc4da8a08d9092817:peanuts @@ -457,8 +452,7 @@ Test=$dynamic_1026$30f8cf133eaac8e3b6af4 Expression=sha1(sha1(sha1($pass)))) (first 32 bytes) Flag=MGF_StartInX86Mode Flag=MGF_KEYS_INPUT_BE_SAFE -Flag=MGF_FULL_CLEAN_REQUIRED -Func=DynamicFunc__clean_input2 +Func=DynamicFunc__clean_input2_kwik Func=DynamicFunc__SHA1_crypt_input1_overwrite_input2_base16 Func=DynamicFunc__SHA1_crypt_input2_overwrite_input2_base16 Func=DynamicFunc__SHA1_crypt_input2_to_output1_FINAL @@ -475,6 +469,35 @@ Func=DynamicFunc__SHA1_crypt_input1_appe Func=DynamicFunc__SHA1_crypt_input2_to_output1_FINAL Test=$dynamic_1028$79239e0207cd5f6a472c8795c73b451d:rainbow +[List.Generic:dynamic_1029] +Expression=sha256($pass) (first 32 bytes) +Flag=MGF_NOTSSE2Safe +Func=DynamicFunc__clean_input +Func=DynamicFunc__append_keys +Func=DynamicFunc__SHA256_crypt_input1_to_output1_FINAL +Test=$dynamic_1029$e4ad93ca07acb8d908a3aa41e920ea4f:iloveyou +Test=$dynamic_1029$13b1f7ec5beaefc781e43a3b344371cd:freedom +Test=$dynamic_1029$aa97302150fce811425cd84537028a5a:computer + +[List.Generic:dynamic_1030] +Expression=Whirlpool($pass) (first 32 bytes) +Flag=MGF_NOTSSE2Safe +Func=DynamicFunc__clean_input +Func=DynamicFunc__append_keys +Func=DynamicFunc__WHIRLPOOL_crypt_input1_to_output1_FINAL +Test=$dynamic_1030$56fd4ecb153a08b65a73b51e3c8ca369:spiral +Test=$dynamic_1030$6b116ef0c32185d3ae1136f4593a5cae:defender +Test=$dynamic_1030$fee8605795f28dda386324d59a28ba99:amazon + +[List.Generic:dynamic_1031] +Expression=GOST($pass) (first 32 bytes) +Flag=MGF_NOTSSE2Safe +Func=DynamicFunc__clean_input +Func=DynamicFunc__append_keys +Func=DynamicFunc__GOST_crypt_input1_to_output1_FINAL +Test=$dynamic_1031$0e8cd409a23c2e7ad1c5b22b101dfa16:admin + + [List.Generic:dynamic_1300] Expression=md5(md5_raw($pass)) Func=DynamicFunc__clean_input diff -urpN memdbg2/src/dynamic.h memdbg1/src/dynamic.h --- memdbg2/src/dynamic.h 2013-05-11 18:28:33.921875000 -0500 +++ memdbg1/src/dynamic.h 2013-05-12 01:52:18.890625000 -0500 @@ -182,7 +182,9 @@ extern void DynamicFunc__append_from_las extern void DynamicFunc__overwrite_from_last_output_as_base16_no_size_fix(DYNA_OMP_PARAMS); extern void DynamicFunc__append_salt(DYNA_OMP_PARAMS); extern void DynamicFunc__set_input_len_16(DYNA_OMP_PARAMS); +extern void DynamicFunc__set_input_len_20(DYNA_OMP_PARAMS); extern void DynamicFunc__set_input_len_32(DYNA_OMP_PARAMS); +extern void DynamicFunc__set_input_len_40(DYNA_OMP_PARAMS); extern void DynamicFunc__set_input_len_64(DYNA_OMP_PARAMS); extern void DynamicFunc__set_input_len_100(DYNA_OMP_PARAMS); @@ -200,7 +202,9 @@ extern void DynamicFunc__append_from_las extern void DynamicFunc__overwrite_from_last_output2_to_input1_as_base16_no_size_fix(DYNA_OMP_PARAMS); extern void DynamicFunc__append_salt2(DYNA_OMP_PARAMS); extern void DynamicFunc__set_input2_len_16(DYNA_OMP_PARAMS); +extern void DynamicFunc__set_input2_len_20(DYNA_OMP_PARAMS); extern void DynamicFunc__set_input2_len_32(DYNA_OMP_PARAMS); +extern void DynamicFunc__set_input2_len_40(DYNA_OMP_PARAMS); extern void DynamicFunc__set_input2_len_64(DYNA_OMP_PARAMS); extern void DynamicFunc__append_from_last_output2_as_raw(DYNA_OMP_PARAMS); diff -urpN memdbg2/src/dynamic_fmt.c memdbg1/src/dynamic_fmt.c --- memdbg2/src/dynamic_fmt.c 2013-05-11 18:28:33.921875000 -0500 +++ memdbg1/src/dynamic_fmt.c 2013-05-12 01:52:18.781250000 -0500 @@ -3709,6 +3709,116 @@ void DynamicFunc__set_input2_len_16(DYNA } } +void DynamicFunc__set_input_len_20(DYNA_OMP_PARAMS) +{ + unsigned j, til; +#ifdef _OPENMP + til = last; + j = first; +#else + j = 0; + til = m_count; +#endif +#ifdef MMX_COEF + if (dynamic_use_sse==1) { + unsigned k; + j /= MMX_COEF; + til = (til+MMX_COEF-1)/MMX_COEF; + for (; j < til; ++j) + { + // If length is < 20, then remove existing end of buffer marker, and then set + // one at offset 20 + unsigned cur_block_len = total_len[j]; + for (k = 0; k < MMX_COEF; ++k) { + unsigned this_item_len = cur_block_len & 0xFF; +#if (MMX_COEF==4) + cur_block_len >>= 8; +#else + cur_block_len >>= 16; +#endif + if (this_item_len < 20) + input_buf[j].c[GETPOS(this_item_len, k&(MMX_COEF-1))] = 0x00; + input_buf[j].c[GETPOS(20, k&(MMX_COEF-1))] = 0x80; + } +#if (MMX_COEF==4) + total_len[j] = 0x14141414; +#else + total_len[j] = 0x140014; +#endif + } + return; + } +#endif + for (; j < til; ++j) + { +#if MD5_X2 + if (j&1) { + while (total_len_X86[j] < 20) + input_buf_X86[j>>MD5_X2].x2.b2[total_len_X86[j]++] = 0; + } + else +#endif + {while (total_len_X86[j] < 20) + input_buf_X86[j>>MD5_X2].x1.b[total_len_X86[j]++] = 0;} + total_len_X86[j] = 20; + } +} + +void DynamicFunc__set_input2_len_20(DYNA_OMP_PARAMS) +{ + unsigned j, til; +#ifdef _OPENMP + til = last; + j = first; +#else + j = 0; + til = m_count; +#endif +#ifdef MMX_COEF + if (dynamic_use_sse==1) { + unsigned k; + j /= MMX_COEF; + til = (til+MMX_COEF-1)/MMX_COEF; + for (; j < til; ++j) + { + // If length is < 20, then remove existing end of buffer marker, and then set + // one at offset 20 + unsigned cur_block_len = total_len2[j]; + for (k = 0; k < MMX_COEF; ++k) { + unsigned this_item_len = cur_block_len & 0xFF; +#if (MMX_COEF==4) + cur_block_len >>= 8; +#else + cur_block_len >>= 16; +#endif + if (this_item_len < 20) + input_buf2[j].c[GETPOS(this_item_len, k&(MMX_COEF-1))] = 0x00; + input_buf2[j].c[GETPOS(20, k&(MMX_COEF-1))] = 0x80; + } +#if (MMX_COEF==4) + total_len2[j] = 0x14141414; +#else + total_len2[j] = 0x100014; +#endif + } + return; + } +#endif + for (; j < til; ++j) + { +#if MD5_X2 + if (j&1) { + while (total_len2_X86[j] < 20) + input_buf2_X86[j>>MD5_X2].x2.b2[total_len2_X86[j]++] = 0; + } + else +#endif + {while (total_len2_X86[j] < 20) + input_buf2_X86[j>>MD5_X2].x1.b[total_len2_X86[j]++] = 0;} + total_len2_X86[j] = 20; + } +} + void DynamicFunc__set_input_len_32(DYNA_OMP_PARAMS) { unsigned j, til; @@ -3725,6 +3835,9 @@ void DynamicFunc__set_input_len_32(DYNA_ til = (til+MMX_COEF-1)/MMX_COEF; for (; j < til; ++j) { + unsigned k; + for (k = 0; k < MMX_COEF; ++k) + input_buf[j].c[GETPOS(32, k&(MMX_COEF-1))] = 0x80; #if (MMX_COEF==4) total_len[j] = 0x20202020; #else @@ -3769,6 +3882,9 @@ void DynamicFunc__set_input2_len_32(DYNA til = (til+MMX_COEF-1)/MMX_COEF; for (; j < til; ++j) { + unsigned k; + for (k = 0; k < MMX_COEF; ++k) + input_buf2[j].c[GETPOS(32, k&(MMX_COEF-1))] = 0x80; #if (MMX_COEF==4) total_len2[j] = 0x20202020; #else @@ -3797,7 +3913,7 @@ void DynamicFunc__set_input2_len_32(DYNA } } -void DynamicFunc__set_input_len_64(DYNA_OMP_PARAMS) +void DynamicFunc__set_input_len_40(DYNA_OMP_PARAMS) { unsigned j, til; #ifdef _OPENMP @@ -3808,13 +3924,41 @@ void DynamicFunc__set_input_len_64(DYNA_ til = m_count; #endif #ifdef MMX_COEF - if (dynamic_use_sse==1) - exit(!!fprintf(stderr, "Error, in your DYNAMIC script.\nIt is NOT valid to call DynamicFunc__set_input_len_64 in SSE2/MMX mode\n")); + if (dynamic_use_sse==1) { + j /= MMX_COEF; + til = (til+MMX_COEF-1)/MMX_COEF; + for (; j < til; ++j) + { + unsigned k; + for (k = 0; k < MMX_COEF; ++k) + input_buf[j].c[GETPOS(40, k&(MMX_COEF-1))] = 0x80; +#if (MMX_COEF==4) + total_len[j] = 0x28282828; +#else + total_len[j] = 0x280028; +#endif + } + return; + } #endif for (; j < til; ++j) - total_len_X86[j] = 64; + { + total_len_X86[j] = 40; +#if !ARCH_LITTLE_ENDIAN +#if MD5_X2 + if (j&1) { + memset(&(input_buf_X86[j>>MD5_X2].x2.B2[40]), 0, 16); + } + else +#endif + { + memset(&(input_buf_X86[j>>MD5_X2].x1.B[40]), 0, 16); + } +#endif + } } -void DynamicFunc__set_input_len_100(DYNA_OMP_PARAMS) + +void DynamicFunc__set_input2_len_40(DYNA_OMP_PARAMS) { unsigned j, til; #ifdef _OPENMP @@ -3826,22 +3970,56 @@ void DynamicFunc__set_input_len_100(DYNA #endif #ifdef MMX_COEF if (dynamic_use_sse==1) { - exit(!!fprintf(stderr, "Error, in your DYNAMIC script.\nIt is NOT valid to call DynamicFunc__set_input_len_100 in SSE2/MMX mode\n")); + j /= MMX_COEF; + til = (til+MMX_COEF-1)/MMX_COEF; + for (; j < til; ++j) + { + unsigned k; + for (k = 0; k < MMX_COEF; ++k) + input_buf2[j].c[GETPOS(40, k&(MMX_COEF-1))] = 0x80; +#if (MMX_COEF==4) + total_len2[j] = 0x28282828; +#else + total_len2[j] = 0x280028; +#endif + } + return; } #endif - for (; j < til; ++j) { - unsigned char *cp; + for (; j < til; ++j) + { + total_len2_X86[j] = 40; +#if !ARCH_LITTLE_ENDIAN #if MD5_X2 - if (j&1) - cp = &(input_buf_X86[j>>MD5_X2].x2.B2[total_len_X86[j]+1]); + if (j&1) { + memset(&(input_buf2_X86[j>>MD5_X2].x2.B2[40]), 0, 16); + } else #endif - cp = &(input_buf_X86[j>>MD5_X2].x1.B[total_len_X86[j]+1]); - while (*cp) - *cp++ = 0; - total_len_X86[j] = 100; + { + memset(&(input_buf2_X86[j>>MD5_X2].x1.B[40]), 0, 16); + } +#endif } } + +void DynamicFunc__set_input_len_64(DYNA_OMP_PARAMS) +{ + unsigned j, til; +#ifdef _OPENMP + til = last; + j = first; +#else + j = 0; + til = m_count; +#endif +#ifdef MMX_COEF + if (dynamic_use_sse==1) + exit(!!fprintf(stderr, "Error, in your DYNAMIC script.\nIt is NOT valid to call DynamicFunc__set_input_len_64 in SSE2/MMX mode\n")); +#endif + for (; j < til; ++j) + total_len_X86[j] = 64; +} void DynamicFunc__set_input2_len_64(DYNA_OMP_PARAMS) { unsigned j, til; @@ -3859,6 +4037,34 @@ void DynamicFunc__set_input2_len_64(DYNA for (; j < til; ++j) total_len2_X86[j] = 64; } +void DynamicFunc__set_input_len_100(DYNA_OMP_PARAMS) +{ + unsigned j, til; +#ifdef _OPENMP + til = last; + j = first; +#else + j = 0; + til = m_count; +#endif +#ifdef MMX_COEF + if (dynamic_use_sse==1) { + exit(!!fprintf(stderr, "Error, in your DYNAMIC script.\nIt is NOT valid to call DynamicFunc__set_input_len_100 in SSE2/MMX mode\n")); + } +#endif + for (; j < til; ++j) { + unsigned char *cp; +#if MD5_X2 + if (j&1) + cp = &(input_buf_X86[j>>MD5_X2].x2.B2[total_len_X86[j]+1]); + else +#endif + cp = &(input_buf_X86[j>>MD5_X2].x1.B[total_len_X86[j]+1]); + while (*cp) + *cp++ = 0; + total_len_X86[j] = 100; + } +} /************************************************************** * DYNAMIC primitive helper function diff -urpN memdbg2/src/dynamic_parser.c memdbg1/src/dynamic_parser.c --- memdbg2/src/dynamic_parser.c 2013-05-11 18:28:33.937500000 -0500 +++ memdbg1/src/dynamic_parser.c 2013-05-12 01:52:18.515625000 -0500 @@ -102,7 +102,6 @@ static Dynamic_Predicate_t Dynamic_Predi { "DynamicFunc__crypt_md5_to_input_raw_Overwrite_NoLen_but_setlen_in_SSE", DynamicFunc__crypt_md5_to_input_raw_Overwrite_NoLen_but_setlen_in_SSE }, { "DynamicFunc__crypt_to_input_raw_Overwrite_NoLen_but_setlen_in_SSE", DynamicFunc__crypt_md5_to_input_raw_Overwrite_NoLen_but_setlen_in_SSE }, // support deprecated function { "DynamicFunc__append_salt", DynamicFunc__append_salt }, - { "DynamicFunc__set_input_len_32", DynamicFunc__set_input_len_32 }, { "DynamicFunc__clean_input2", DynamicFunc__clean_input2 }, { "DynamicFunc__clean_input2_kwik", DynamicFunc__clean_input2_kwik }, { "DynamicFunc__clean_input2_full", DynamicFunc__clean_input2_full }, @@ -117,7 +116,6 @@ static Dynamic_Predicate_t Dynamic_Predi { "DynamicFunc__append_from_last_output2_to_input1_as_base16", DynamicFunc__append_from_last_output2_to_input1_as_base16 }, { "DynamicFunc__overwrite_from_last_output2_to_input1_as_base16_no_size_fix", DynamicFunc__overwrite_from_last_output2_to_input1_as_base16_no_size_fix }, { "DynamicFunc__append_salt2", DynamicFunc__append_salt2 }, - { "DynamicFunc__set_input2_len_32", DynamicFunc__set_input2_len_32 }, { "DynamicFunc__append_input_from_input2", DynamicFunc__append_input_from_input2 }, { "DynamicFunc__append_input2_from_input", DynamicFunc__append_input2_from_input }, { "DynamicFunc__append_2nd_salt", DynamicFunc__append_2nd_salt }, @@ -139,9 +137,15 @@ static Dynamic_Predicate_t Dynamic_Predi { "DynamicFunc__POCrypt", DynamicFunc__POCrypt }, { "DynamicFunc__set_input_len_16", DynamicFunc__set_input_len_16}, { "DynamicFunc__set_input2_len_16", DynamicFunc__set_input2_len_16}, + { "DynamicFunc__set_input_len_20", DynamicFunc__set_input_len_20}, + { "DynamicFunc__set_input2_len_20", DynamicFunc__set_input2_len_20}, + { "DynamicFunc__set_input_len_32", DynamicFunc__set_input_len_32 }, + { "DynamicFunc__set_input2_len_32", DynamicFunc__set_input2_len_32 }, + { "DynamicFunc__set_input_len_40", DynamicFunc__set_input_len_40 }, + { "DynamicFunc__set_input2_len_40", DynamicFunc__set_input2_len_40 }, { "DynamicFunc__set_input_len_64", DynamicFunc__set_input_len_64 }, - { "DynamicFunc__set_input_len_100", DynamicFunc__set_input_len_100 }, { "DynamicFunc__set_input2_len_64", DynamicFunc__set_input2_len_64 }, + { "DynamicFunc__set_input_len_100", DynamicFunc__set_input_len_100 }, { "DynamicFunc__overwrite_salt_to_input1_no_size_fix", DynamicFunc__overwrite_salt_to_input1_no_size_fix }, { "DynamicFunc__overwrite_salt_to_input2_no_size_fix", DynamicFunc__overwrite_salt_to_input2_no_size_fix }, { "DynamicFunc__append_input1_from_CONST1", DynamicFunc__append_input1_from_CONST1 }, diff -urpN memdbg2/src/dynamic_preloads.c memdbg1/src/dynamic_preloads.c --- memdbg2/src/dynamic_preloads.c 2013-05-11 18:28:33.953125000 -0500 +++ memdbg1/src/dynamic_preloads.c 2013-05-12 11:06:49.062500000 -0500 @@ -71,8 +71,8 @@ //dynamic_24 --> sha1($p.$s) // requires a 40 byte hex hash //dynamic_25 --> sha1($s.$p) // requires a 40 byte hex hash //dynamic_26 --> sha1($p) // MGF_RAW_SHA1_INPUT -//dynamic_27 --> FreeBSD MD5 -//dynamic_28 --> Apache MD5 + // DEPRICATED //dynamic_27 --> FreeBSD MD5 + // DEPRICATED //dynamic_28 --> Apache MD5 //dynamic_29 --> md5(unicode($p)) // raw-md5-unicode //dynamic_30 --> md4($p) // raw-md4 //dynamic_31 --> md4($s.$p) @@ -87,26 +87,56 @@ //dynamic_50 -->sha224($p) //dynamic_51 -->sha224($s.$p) //dynamic_52 -->sha224($p.$s) +//dynamic_53 -->sha224(sha224($p)) +//dynamic_54 -->sha224(sha224_raw($p)) +//dynamic_55 -->sha224(sha224($p).$s) +//dynamic_56 -->sha224($s.sha224($p)) +//dynamic_57 -->sha224(sha224($s).sha224($p)) // Try to group sha256 here (from dyna-60 to dyna-69) //dynamic_60 -->sha256($p) //dynamic_61 -->sha256($s.$p) //dynamic_62 -->sha256($p.$s) +//dynamic_63 -->sha256(sha256($p)) +//dynamic_64 -->sha256(sha256_raw($p)) +//dynamic_65 -->sha256(sha256($p).$s) +//dynamic_66 -->sha256($s.sha256($p)) +//dynamic_67 -->sha256(sha256($s).sha256($p)) // Try to group sha384 here (from dyna-70 to dyna-79) //dynamic_70 -->sha384($p) //dynamic_71 -->sha384($s.$p) //dynamic_72 -->sha384($p.$s) +//dynamic_73 -->sha384(sha384($p)) +//dynamic_74 -->sha384(sha384_raw($p)) +//dynamic_75 -->sha384(sha384($p).$s) +//dynamic_76 -->sha384($s.sha384($p)) +//dynamic_77 -->sha384(sha384($s).sha384($p)) // Try to group sha512 here (from dyna-80 to dyna-89) //dynamic_80 -->sha512($p) //dynamic_81 -->sha512($s.$p) //dynamic_82 -->sha512($p.$s) +//dynamic_83 -->sha512(sha512($p)) +//dynamic_84 -->sha512(sha512_raw($p)) +//dynamic_85 -->sha512(sha512($p).$s) +//dynamic_86 -->sha512($s.sha512($p)) +//dynamic_87 -->sha512(sha512($s).sha512($p)) // Try to group GOST here (from dyna-90 to dyna-100) //dynamic_90 -->GOST($p) //dynamic_91 -->GOST($s.$p) //dynamic_92 -->GOST($p.$s) +//dynamic_93 -->GOST(GOST($p)) +//dynamic_94 -->GOST(GOST_raw($p)) +//dynamic_95 -->GOST(GOST($p).$s) +//dynamic_96 -->GOST($s.GOST($p)) +//dynamic_97 -->GOST(GOST($s).GOST($p)) // Try to group WHIRLPOOL here (from dyna-100 to dyna-110) //dynamic_100 -->WHIRLPOOL($p) //dynamic_101 -->WHIRLPOOL($s.$p) //dynamic_102 -->WHIRLPOOL($p.$s) +//dynamic_103 -->WHIRLPOOL(WHIRLPOOL($p)) +//dynamic_104 -->WHIRLPOOL(WHIRLPOOL_raw($p)) +//dynamic_105 -->WHIRLPOOL(WHIRLPOOL($p).$s) +//dynamic_106 -->WHIRLPOOL($s.WHIRLPOOL($p)) +//dynamic_107 -->WHIRLPOOL(WHIRLPOOL($s).WHIRLPOOL($p)) static DYNAMIC_primitive_funcp _Funcs_0[] = {