-
Notifications
You must be signed in to change notification settings - Fork 107
/
Copy pathLookupTable.php
237 lines (203 loc) · 7.06 KB
/
LookupTable.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
<?php
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
require_once('MoreHashes.php');
define("INDEX_ENTRY_SIZE", 6+8);
class IndexFileException extends Exception {}
class DictFileException extends Exception {}
class InvalidHashTypeException extends Exception {}
class HashFormatException extends Exception {}
class Missing64BitException extends Exception {}
class HashCrackResult
{
private $plaintext;
private $given_hash_raw;
private $full_hash_raw;
private $algorithm_name;
function __construct($plaintext, $given_hash_raw, $full_hash_raw, $algorithm_name)
{
$this->plaintext = $plaintext;
$this->given_hash_raw = $given_hash_raw;
$this->full_hash_raw = $full_hash_raw;
$this->algorithm_name = $algorithm_name;
}
public function isFullMatch()
{
return strtolower($this->given_hash_raw) === strtolower($this->full_hash_raw);
}
public function getPlaintext()
{
return $this->plaintext;
}
public function getGivenHashBytes()
{
return $this->given_hash_raw;
}
public function getRecomputedFullHashBytes()
{
return $this->full_hash_raw;
}
public function getAlgorithmName()
{
return $this->algorithm_name;
}
}
class LookupTable
{
private $index;
private $dict;
private $hasher;
private $cache = array();
private $index_count;
// The minimum length of prefix that needs to match for it to be considered
// a "partial match." This value must not be greater than 8, since only
// the 8 leading bytes of the hash are stored in the index.
const PARTIAL_MATCH_PREFIX_BYTES = 8;
public function __construct($index_path, $dict_path, $hashtype)
{
if(PHP_INT_SIZE < 8)
throw new Missing64BitException("This script needs 64-bit integers.");
$this->hasher = MoreHashAlgorithms::GetHashFunction($hashtype);
$this->index = fopen($index_path, "rb");
if($this->index === false)
throw new IndexFileException("Can't open index file");
$this->dict = fopen($dict_path, "rb");
if($this->dict === false)
throw new DictFileException("Can't open dictionary file");
$size = $this->getFileSize($this->index);
if($size % INDEX_ENTRY_SIZE != 0)
throw new IndexFileException("Invalid index file");
$this->index_count = $size / INDEX_ENTRY_SIZE;
}
public function __destruct()
{
fclose($this->index);
fclose($this->dict);
}
/*
* Attempts to crack $hash by interpreting it as (the prefix of) a hash of
* the set type. Returns all partial matches, i.e. at least the first
* PARTIAL_MATCH_PREFIX_BYTES are in agreement, as a list of HashCrackResult.
*/
public function crack($hash)
{
$hash_binary = $this->getHashBinary($hash);
$find = -1;
$lower = 0;
$upper = $this->index_count - 1;
while($upper >= $lower)
{
$middle = $lower + (int)(($upper - $lower)/2);
$cmp = $this->hashcmp($this->getIdxHash($this->index, $middle), $hash_binary);
if($cmp > 0)
$upper = $middle - 1;
elseif($cmp < 0)
$lower = $middle + 1;
elseif($cmp == 0)
{
$find = $middle;
break;
}
}
$results = array();
if($find >= 0)
{
// Walk back to find the start of collision block
while($this->hashcmp($this->getIdxHash($this->index, $find), $hash_binary) == 0)
$find--;
$find++; // Get to start of block
// Walk through the block of collisions (partial and full matches)
while($this->hashcmp($this->getIdxHash($this->index, $find), $hash_binary) == 0)
{
$position = $this->getIdxPosition($this->index, $find);
$word = $this->getWordAt($this->dict, $position);
$full_hash_raw = $this->hasher->hash($word, true);
$results[] = new HashCrackResult(
$word,
$hash_binary,
$full_hash_raw,
$this->hasher->getAlgorithmName()
);
$find++;
}
}
return $results;
}
private function getWordAt($file, $position)
{
fseek($file, $position);
$word = fgets($file);
return trim($word);
}
private function hashcmp($hashA, $hashB)
{
for($i = 0; $i < self::PARTIAL_MATCH_PREFIX_BYTES && $i < 8; $i++)
{
if($hashA[$i] < $hashB[$i])
return -1;
if($hashA[$i] > $hashB[$i])
return 1;
}
return 0;
}
private function getIdxHash($file, $index)
{
if(array_key_exists($index, $this->cache))
return $this->cache[$index];
fseek($file, $index * (6+8));
$hash = fread($file, 8);
if (strlen($hash) == 8) {
$this->cache[$index] = $hash;
return $hash;
} elseif (strlen($hash) == 0) {
// FIXME: hack for hashcmp to fail when we reach EOF.
// This isn't guaranteed to be correct, but it probably
// works assuming the file is sorted and there's at least
// one non-zero hash!
// You can trigger this case by trying to crack the last hash in the
// index, e.g. run `xxd -c 14 whatever.idx`.
return "\x00\x00\x00\x00\x00\x00\x00\x00";
} else {
throw new IndexFileException("Something is wrong with the index!");
}
}
private function getIdxPosition($file, $index)
{
fseek($file, $index * (6+8) + 8);
$binary = fread($file, 6);
$value = 0;
for($i = 5; $i >= 0; $i--)
{
$value = $value << 8;
$value += ord($binary[$i]);
}
return $value;
}
private function getHashBinary($hash)
{
if (preg_match('/^([A-Fa-f0-9]{2})+$/', $hash) !== 1) {
throw new HashFormatException("Hash is not a valid hex string.");
}
$binary = pack("H*", $hash);
if(strlen($binary) < self::PARTIAL_MATCH_PREFIX_BYTES) {
throw new HashFormatException("Hash too small");
}
return $binary;
}
private function getFileSize($handle)
{
fseek($handle, 0, SEEK_END);
return ftell($handle);
}
}
?>