🔨 Some tools to (try to) break "Magic Hashes" https://git.forestier.app/HorlogeSkynet/MagicHashes
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 

159 lines
4.7 KiB

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <inttypes.h>
#include <regex.h>
#include <openssl/evp.h>
#define EVER ;;
#define MIN_LENGTH 4
#define MAX_LENGTH 32
#define HEX_DIGEST_MAX_LENGTH ((EVP_MAX_MD_SIZE * 2) + 1)
void compute_digest_against_evp(
const EVP_MD *const evp_md_sha,
const char *const random_string, const size_t random_string_length,
unsigned char *const hash_digest, unsigned int *const hash_digest_length)
{
EVP_MD_CTX *md_ctx = EVP_MD_CTX_create();
EVP_DigestInit_ex(md_ctx, evp_md_sha, NULL);
EVP_DigestUpdate(md_ctx, random_string, random_string_length);
EVP_DigestFinal_ex(md_ctx, hash_digest, hash_digest_length);
EVP_MD_CTX_destroy(md_ctx);
}
void check_and_store_result(
const char *const hash_method_name,
regex_t *const preg,
const char *const random_string,
const char *const hash_digest_hexadecimal)
{
if(regexec(preg, hash_digest_hexadecimal, 0, NULL, 0) == 0)
{
FILE *f_magic_hashes = fopen("magic_hashes.txt", "a");
if(f_magic_hashes == NULL)
{
regfree(preg);
EVP_cleanup();
fprintf(stderr, "Could not open (or create ?) \"magic_hashes.txt\" file : %s\n", strerror(errno));
exit(-1);
}
fprintf(f_magic_hashes, "[openssl_%s]\t%s\t%s\n", hash_method_name, random_string, hash_digest_hexadecimal);
if(fclose(f_magic_hashes) != 0)
{
regfree(preg);
EVP_cleanup();
fprintf(stderr, "Could not close \"magic_hashes.txt\" file : %s\n", strerror(errno));
exit(-1);
}
}
}
void raw_digest_to_hexadecimal(
const unsigned char *const hash_digest, const unsigned int hash_digest_length,
char *const hash_digest_hexadecimal)
{
memset(hash_digest_hexadecimal, 0, HEX_DIGEST_MAX_LENGTH * sizeof(*hash_digest_hexadecimal));
for(unsigned int i = 0; i < hash_digest_length; i++)
{
sprintf(hash_digest_hexadecimal + (i * 2), "%02x", hash_digest[i]);
}
}
int main(int argc, char const *argv[])
{
(void)argc;
(void)argv;
srand(time(NULL));
// We will generate "plausible" password strings, between 4 and 32-character long.
const char *const char_pool = {
"abcdefghijklmnopqrstuvwxyz"
"ABCDEFGHIJKLMNOPQRSTUVWXYZ"
"0123456789"
"!\"#$%&\'()*+,-./:;<=>?@[\\]^_`{|}~"
};
const size_t pool_length = strlen(char_pool);
// Compile "Magic Hashes" format REGEX.
regex_t preg;
int err = regcomp(&preg, "^0+e[:digit:]+$", REG_NOSUB | REG_EXTENDED);
if(err != 0)
{
regfree(&preg);
fprintf(stderr, "Could not compile REGEXP pattern : %s\n", strerror(err));
exit(-1);
}
// _____________________________________
// Cryptographic stuffs.
unsigned char hash_digest[EVP_MAX_MD_SIZE];
unsigned int hash_digest_length;
char hash_digest_hexadecimal[HEX_DIGEST_MAX_LENGTH];
OpenSSL_add_all_algorithms();
const EVP_MD *evp_md_sha224 = EVP_sha224();
const EVP_MD *evp_md_sha256 = EVP_sha256();
const EVP_MD *evp_md_sha384 = EVP_sha384();
const EVP_MD *evp_md_sha512 = EVP_sha512();
// _____________________
// Loop variables.
char random_string[MAX_LENGTH + 1];
size_t random_string_length;
// _______________
for(EVER)
{
// Let's generate a random string !
memset(random_string, 0, (MAX_LENGTH + 1) * sizeof(*random_string));
random_string_length = (rand() % ((MAX_LENGTH - MIN_LENGTH) + 1)) + MIN_LENGTH;
for(uint8_t i = 0; i < random_string_length; i++)
{
random_string[i] = char_pool[rand() % (pool_length + 1)];
}
// ________________________________
// SHA224
compute_digest_against_evp(evp_md_sha224, random_string, random_string_length, hash_digest, &hash_digest_length);
raw_digest_to_hexadecimal(hash_digest, hash_digest_length, hash_digest_hexadecimal);
check_and_store_result("sha224", &preg, random_string, hash_digest_hexadecimal);
// ______
// SHA256
compute_digest_against_evp(evp_md_sha256, random_string, random_string_length, hash_digest, &hash_digest_length);
raw_digest_to_hexadecimal(hash_digest, hash_digest_length, hash_digest_hexadecimal);
check_and_store_result("sha256", &preg, random_string, hash_digest_hexadecimal);
// ______
// SHA384
compute_digest_against_evp(evp_md_sha384, random_string, random_string_length, hash_digest, &hash_digest_length);
raw_digest_to_hexadecimal(hash_digest, hash_digest_length, hash_digest_hexadecimal);
check_and_store_result("sha384", &preg, random_string, hash_digest_hexadecimal);
// ______
// SHA512
compute_digest_against_evp(evp_md_sha512, random_string, random_string_length, hash_digest, &hash_digest_length);
raw_digest_to_hexadecimal(hash_digest, hash_digest_length, hash_digest_hexadecimal);
check_and_store_result("sha512", &preg, random_string, hash_digest_hexadecimal);
// ______
}
// This statement is not supposed to be reached.
regfree(&preg);
EVP_cleanup();
return 0;
// _____________________________________________
}