Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sat, 4 Dec 2010 15:48:32 -0500
From: Rich Rumble <richrumble@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: PHP Script to Hash Plain-text input to LM/NTLM

I took another stab at creating hashes from plain-texts and below you
will find the latest
revision. This version spits out Crypt(3), MySql323, MySql-Sha1, MD5,
SHA1 and LM+NTLM.

I'll be posting an online version sometime soon, for now this will be
the last version I send
to the list :) Again I hope it's useful to others, have a good weekend!

<?php
header("Content-Type: text/plain");

//Cobbled together by RichRumble, Xinn.org
//12-4-2010 Rev-2
//Credits:
//http://www.php.net/manual/en/ref.hash.php#84587
//http://www.php.net/manual/en/ref.hash.php#94990
//http://stackoverflow.com/questions/260236/mysql-hashing-function-implementation#1543873

function MD5Hash($Input) {
 $MD5Hash = hash('md5', $Input);
 //$MD5Hash = strtoupper($MD5Hash);
 return($MD5Hash);
};
function SHA1Hash($Input) {
 $SHA1Hash = hash('sha1', $Input);
 $SHA1Hash = strtoupper($SHA1Hash);
 // Return the result
 return($SHA1Hash);
};
function CryptHash($Input) {
 $CryptHash = crypt($Input);
 return($CryptHash);
};
function NTLMHash($Input) {
 $Input=iconv('UTF-8','UTF-16LE',$Input);
 //$MD4Hash = bin2hex(mhash(MHASH_MD4,$Input));
 $MD4Hash = hash('md4',$Input);
 $NTLMHash = strtoupper($MD4Hash);
 // Return the result
 return($NTLMHash);
};
function LMhash($Input)
{
 $Input = strtoupper(substr($Input,0,14));
 $p1 = LMhash_DESencrypt(substr($Input, 0, 7));
 $p2 = LMhash_DESencrypt(substr($Input, 7, 7));
 return strtoupper($p1.$p2);
};

function LMhash_DESencrypt($Input) {
 $key = array();
 $tmp = array();
 $len = strlen($Input);
 for ($i=0; $i<7; ++$i)
 $tmp[] = $i < $len ? ord($Input[$i]) : 0;
 $key[] = $tmp[0] & 254;
 $key[] = ($tmp[0] << 7) | ($tmp[1] >> 1);
 $key[] = ($tmp[1] << 6) | ($tmp[2] >> 2);
 $key[] = ($tmp[2] << 5) | ($tmp[3] >> 3);
 $key[] = ($tmp[3] << 4) | ($tmp[4] >> 4);
 $key[] = ($tmp[4] << 3) | ($tmp[5] >> 5);
 $key[] = ($tmp[5] << 2) | ($tmp[6] >> 6);
 $key[] = $tmp[6] << 1;
 $is = mcrypt_get_iv_size(MCRYPT_DES, MCRYPT_MODE_ECB);
 $iv = mcrypt_create_iv($is, MCRYPT_RAND);
 $key0 = "";

 foreach ($key as $k)
  $key0 .= chr($k);
$LMHash = mcrypt_encrypt(MCRYPT_DES, $key0, "KGS!@...", MCRYPT_MODE_ECB, $iv);
  return bin2hex($LMHash);
};

function MySQL323($input, $hex = true) {
  $nr = 1345345333; $add = 7; $nr2 = 0x12345671; $tmp = null;
  $inlen = strlen($input);
  for ($i = 0; $i < $inlen; $i++) {
    $byte = substr($input, $i, 1);
    if ($byte == ' ' || $byte == "\t") continue;
    $tmp = ord($byte);
    $nr ^= ((($nr & 63) + $add) * $tmp) + (($nr << 8) & 0xFFFFFFFF);
    $nr2 += (($nr2 << 8) & 0xFFFFFFFF) ^ $nr;
    $add += $tmp;
  };
  $out_a = $nr & ((1 << 31) - 1);
  $out_b = $nr2 & ((1 << 31) - 1);
  $MySQL323 = sprintf("%08x%08x", $out_a, $out_b);
  if ($hex) return $MySQL323;
  return hex_hash_to_bin($MySQL323);
};

function MySQLSHA1($Input, $hex = true) {
  $sha1_stage1 = sha1($Input, true);
  $MySQLSHA1 = sha1($sha1_stage1, !$hex);
  $MySQLSHA1 = strtoupper($MySQLSHA1);
  return $MySQLSHA1;
};

function hex_hash_to_bin($hex)
{
  $bin = "";
  $len = strlen($hex);
  for ($i = 0; $i < $len; $i += 2) {
    $byte_hex = substr($hex, $i, 2);
    $byte_dec = hexdec($byte_hex);
    $byte_char = chr($byte_dec);
    $bin .= $byte_char;
  };
  return $bin;
};

$array = file("pt-input.txt");
$a = 0;

foreach ($array as $line) {
 $line = trim($line);
 $a++;

 $MD5out = MD5Hash($line);
 print "user-" . $a . ":" . $MD5out . ":md5::::::" . "\n";

 $Cryptout = CryptHash($line);
 print "user-" . $a . ":" . $Cryptout . ":crypt::::::" . "\n";

 $SHA1out = SHA1Hash($line);
 print "user-" . $a . ":" . $SHA1out . ":sha1:::::" . "\n";

 $MySQLout = MySQL323($line);
 print "user-" . $a . ":" . $MySQLout . ":mysql323:::::" . "\n";

 $MySQLSHA1out = MySQLSHA1($line);
 print "user-" . $a . ":*" . $MySQLSHA1out . ":mysqlsha1:::::" . "\n";

 if (strlen($line) > 14) {
   $NTLMout = NTLMHash($line);
   $LMout = LMHash("");
  } else {
   $NTLMout = NTLMHash($line);
   $LMout = LMHash($line);
  };
 print "user-" . $a . ":0:" . $LMout . ":" . $NTLMout . ":windows::" . "\n";
 };
?>

-rich

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ