CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

1
require 'spec_helper'
2
require 'bcrypt'
3

4
=begin
5
#!/usr/bin/python
6
# bcrypts generated with python's passlib
7
from passlib import hash
8
print("MD5: %s") %(hash.md5_crypt.hash("password"))
9
print("BCrypt 2: %s") %(hash.bcrypt.using(ident="2").hash("password"))
10
print("BCrypt 2a: %s") %(hash.bcrypt.using(ident="2a").hash("password"))
11
print("BCrypt 2b: %s") %(hash.bcrypt.using(ident="2b").hash("password"))
12
print("BCrypt 2y: %s") %(hash.bcrypt.using(ident="2y").hash("password"))
13
# bcrypt.using(ident="2x").hash("password")
14
print("SHA256: %s") %(hash.sha256_crypt.hash("password"))
15
print("SHA512: %s") %(hash.sha512_crypt.hash("password"))
16
print("BSDi: %s") %(hash.bsdi_crypt.hash("password"))
17
print("DES: %s") %(hash.des_crypt.hash("password"))
18
=end
19

20
RSpec.describe Metasploit::Framework::Hashes do
21
  describe 'identify_md5' do
22
    it 'returns md5' do
23
      hash = described_class.identify_hash('$1$IEHUWAxH$nMC1edxSFa4SaKH7hi2.P1')
24
      expect(hash).to match('md5')
25
    end
26
  end
27

28
  describe 'identify_blofish' do
29
    it 'returns bf' do
30
      hash = described_class.identify_hash('$2$12$YuKGRH4GwF0PoeS9ZGsxyucAw4ju7LUUm6zllt85HeleuKBRb0n5G')
31
      expect(hash).to match('bf')
32
    end
33
  end
34

35
  describe 'identify_blofish_a' do
36
    it 'returns bf' do
37
      # looks like BCrypt can only generate 2a in ruby as of april 2019
38
      hash = described_class.identify_hash(BCrypt::Password.create('password'))
39
      expect(hash).to match('bf')
40
    end
41
  end
42

43
  describe 'identify_blofish_b' do
44
    it 'returns bf' do
45
      hash = described_class.identify_hash('$2b$12$LQRJHRdK8ubs.dOWBFc/6uhNNeuwMNzEBxjG5YSFu3swmnk2pMtSq')
46
      expect(hash).to match('bf')
47
    end
48
  end
49

50
  describe 'identify_blofish_x' do
51
    it 'returns bf' do
52
      hash = described_class.identify_hash('$2x$12$LQRJHRdK8ubs.dOWBFc/6uhNNeuwMNzEBxjG5YSFu3swmnk2pMtSq')
53
      expect(hash).to match('bf')
54
    end
55
  end
56

57
  describe 'identify_blofish_y' do
58
    it 'returns bf' do
59
      hash = described_class.identify_hash('$2y$12$EMrTs6wKK3Qj4u7jPL59Bug9JHBGhZKnZxTYKQAE9CEFBq9mDmfL2')
60
      expect(hash).to match('bf')
61
    end
62
  end
63

64
  describe 'identify_sha256_rounds' do
65
    it 'returns sha256,crypt' do
66
      hash = described_class.identify_hash('$5$rounds=535000$28N3kN/W4y.z/VwS$jpaW4.rR/57IlqhJRpZDu9FoZu/jr.ksbRJJZjJSZN7')
67
      expect(hash).to match('sha256,crypt')
68
    end
69
  end
70

71
  describe 'identify_sha512_rounds' do
72
    it 'returns sha512,crypt' do
73
      hash = described_class.identify_hash('$6$rounds=656000$bnopPiXhQ2jjaa9h$H9.hNSwpg5PaUTtEEgTAjoZFsUKmONplIXLFe1nd0/QTyw/DMQhHuyChA2glT.BbYe9gJjE5RD.yog8Z5tACA/')
74
      expect(hash).to match('sha512,crypt')
75
    end
76
  end
77

78
  describe 'identify_sha512_norounds' do
79
    it 'returns sha512,crypt' do
80
      hash = described_class.identify_hash('$6$52450745$k5ka2p8bFuSmoVT1tzOyyuaREkkKBcCNqoDKzYiJL9RaE8yMnPgh2XzzF0NDrUhgrcLwg78xs1w5pJiypEdFX/')
81
      expect(hash).to match('sha512,crypt')
82
    end
83
  end
84

85
  describe 'identify_qnx_sha256' do
86
    it 'returns qnx,sha256' do
87
      hash = described_class.identify_hash('@s@0b365cab7e17ee1e7e1a90078501cc1aa85888d6da34e2f5b04f5c614b882a93@5498317092471604')
88
      expect(hash).to match('qnx,sha256')
89
    end
90
  end
91

92
  describe 'identify_qnx_sha512' do
93
    it 'returns qnx,sha512' do
94
      hash = described_class.identify_hash('@S@715df9e94c097805dd1e13c6a40f331d02ce589765a2100ec7435e76b978d5efc364ce10870780622cee003c9951bd92ec1020c924b124cfff7e0fa1f73e3672@2257314490293159')
95
      expect(hash).to match('qnx,sha512')
96
    end
97
  end
98

99
  describe 'identify_qnx_md5' do
100
    it 'returns qnx,md5' do
101
      hash = described_class.identify_hash('@m@75f6f129f9c9e77b6b1b78f791ed764a@8741857532330050')
102
      expect(hash).to match('qnx,md5')
103
    end
104
  end
105

106
  describe 'identify_bsdi' do
107
    it 'returns des,bsdi,crypt' do
108
      hash = described_class.identify_hash('_7C/.WncdBNA9AL2CyaM')
109
      expect(hash).to match('des,bsdi,crypt')
110
    end
111
  end
112

113
  describe 'identify_des' do
114
    it 'returns des,crypt' do
115
      hash = described_class.identify_hash('ItkroId4UAOF.')
116
      expect(hash).to match('des,crypt')
117
    end
118
  end
119

120
  describe 'identify_pbkdf2_osx' do
121
    it 'returns pbkdf2-hmac-sha512,osx' do
122
      hash = described_class.identify_hash('$ml$49504$0dba6246bd38266b2e827ff7e7271380757c71d653893aa361d5902398302369$c5f198639915a101c99af326dffe13e8f14456be8fd2312a39a777b92178804e204ca4fee12a8667871440eff4288e811d86d746c6d96a60c919c3418dfebba42f329f5d73c0372d636d61d5dfda1add61af36c70e4acd771276107209e643ae92a0f43e95a452744e50fb4540d9bdf4e0b701725d7db488fbe18c1ab7737c6b')
123
      expect(hash).to match('pbkdf2-hmac-sha512,osx')
124
    end
125
  end
126

127
  describe 'identify_sha_osx' do
128
    it 'returns xsha,osx' do
129
      hash = described_class.identify_hash('1430823483d07626ef8be3fda2ff056d0dfd818dbfe47683')
130
      expect(hash).to match('xsha,osx')
131
    end
132
  end
133

134
  describe 'identify_mssql05' do
135
    it 'returns mssql05' do
136
      hash = described_class.identify_hash('0x01004086CEB6BF932BC4151A1AF1F13CD17301D70816A8886908')
137
      expect(hash).to match('mssql05')
138
    end
139
  end
140

141
  describe 'identify_mssql' do
142
    it 'returns mssql' do
143
      hash = described_class.identify_hash('0x0100A607BA7C54A24D17B565C59F1743776A10250F581D482DA8B6D6261460D3F53B279CC6913CE747006A2E3254')
144
      expect(hash).to match('mssql')
145
    end
146
  end
147

148
  describe 'identify_mssql12' do
149
    it 'returns mssql12' do
150
      hash = described_class.identify_hash('0x0200F733058A07892C5CACE899768F89965F6BD1DED7955FE89E1C9A10E27849B0B213B5CE92CC9347ECCB34C3EFADAF2FD99BFFECD8D9150DD6AACB5D409A9D2652A4E0AF16')
151
      expect(hash).to match('mssql12')
152
    end
153
  end
154

155
  describe 'identify_mysql' do
156
    it 'returns mysql' do
157
      hash = described_class.identify_hash('6f8c114b58f2ce9e')
158
      expect(hash).to match('mysql')
159
    end
160
  end
161

162
  describe 'identify_mysql_sha1' do
163
    it 'returns mysql_sha1' do
164
      hash = described_class.identify_hash('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4')
165
      expect(hash).to match('mysql-sha1')
166
    end
167
  end
168

169
  describe 'identify_lanman' do
170
    it 'returns lm' do
171
      hash = described_class.identify_hash('E52CAC67419A9A224A3B108F3FA6CB6D:8846F7EAEE8FB117AD06BDD830B7586C')
172
      expect(hash).to match('lm')
173
    end
174
  end
175

176
  describe 'identify_ntlm' do
177
    it 'returns nt' do
178
      hash = described_class.identify_hash('AAD3B435B51404EEAAD3B435B51404EE:8846F7EAEE8FB117AD06BDD830B7586C')
179
      expect(hash).to match('nt')
180
    end
181
  end
182

183
  describe 'identify_postgres' do
184
    it 'returns postgres' do
185
      hash = described_class.identify_hash('md5be86a79bf2043622d58d5453c47d4860')
186
      expect(hash).to match('postgres')
187
    end
188
  end
189

190
  describe 'identify_oracle_des' do
191
    it 'returns des,oracle' do
192
      hash = described_class.identify_hash('4F8BC1809CB2AF77')
193
      expect(hash).to match('des,oracle')
194
    end
195
  end
196

197
  describe 'identify_oracle11_S' do
198
    it 'returns raw-sha1,oracle' do
199
      hash = described_class.identify_hash('S:BFAF1ED5A8D39CC10D07DAF03A175C65198359874DAD92F081BE09B89162')
200
      expect(hash).to match('raw-sha1,oracle')
201
    end
202
  end
203

204
  describe 'identify_oracle_SHT' do
205
    it 'returns raw-sha1,oracle' do
206
      hash = described_class.identify_hash('S:8F2D65FB5547B71C8DA3760F10960428CD307B1C6271691FC55C1F56554A;H:DC9894A01797D91D92ECA1DA66242209;T:23D1F8CAC9001F69630ED2DD8DF67DD3BE5C470B5EA97B622F757FE102D8BF14BEDC94A3CC046D10858D885DB656DC0CBF899A79CD8C76B788744844CADE54EEEB4FDEC478FB7C7CBFBBAC57BA3EF22C')
207
      expect(hash).to match('raw-sha1,oracle')
208
    end
209
  end
210

211
  describe 'identify_oracle_HT' do
212
    it 'returns ' do
213
      hash = described_class.identify_hash('H:DC9894A01797D91D92ECA1DA66242209;T:23D1F8CAC9001F69630ED2DD8DF67DD3BE5C470B5EA97B622F757FE102D8BF14BEDC94A3CC046D10858D885DB656DC0CBF899A79CD8C76B788744844CADE54EEEB4FDEC478FB7C7CBFBBAC57BA3EF22C')
214
      expect(hash).to match('pbkdf2,oracle12c')
215
    end
216
  end
217

218
  describe 'identify_phpass_P' do
219
    it 'returns phpass' do
220
      hash = described_class.identify_hash('$P$984478476IagS59wHZvyQMArzfx58u.')
221
      expect(hash).to match('phpass')
222
    end
223
  end
224

225
  describe 'identify_phpass_H' do
226
    it 'returns phpass' do
227
      hash = described_class.identify_hash('$H$984478476IagS59wHZvyQMArzfx58u.')
228
      expect(hash).to match('phpass')
229
    end
230
  end
231

232
  describe 'identify_PBKDF2-HMAC-SHA512' do
233
    it 'returns PBKDF2-HMAC-SHA512' do
234
      hash = described_class.identify_hash('$ml$35460$93a94bd24b5de64d79a5e49fa372827e739f4d7b6975c752c9a0ff1e5cf72e05$752351df64dd2ce9dc9c64a72ad91de6581a15c19176266b44d98919dfa81f0f96cbcb20a1ffb400718c20382030f637892f776627d34e021bad4f81b7de8222')
235
      expect(hash).to match('PBKDF2-HMAC-SHA512')
236
    end
237
  end
238

239
  describe 'identify_PBKDF2-HMAC-SHA1' do
240
    it 'returns PBKDF2-HMAC-SHA1' do
241
      hash = described_class.identify_hash('{PKCS5S2}8WEZjkCbLWysbcbZ5PRgMbdJgJOhkzRT3y1jxOqke2z1Zr79q8ypugFQEYaMoIZt')
242
      expect(hash).to match('PBKDF2-HMAC-SHA1')
243
    end
244
  end
245

246
  describe 'identify_mediawiki' do
247
    it 'returns mediawiki' do
248
      hash = described_class.identify_hash('$B$113$de2874e33da25313d808d2a8cbf31485')
249
      expect(hash).to match('mediawiki')
250
    end
251
  end
252

253
  describe 'identify_android_sha1' do
254
    it 'returns android-sha1' do
255
      hash = described_class.identify_hash('EA8457DE97836C955082AE77DBE2CD86A4E8BC0E:4aafc54dc502e88b')
256
      expect(hash).to match('android-sha1')
257
    end
258
  end
259

260
  describe 'identify_hmac_md5' do
261
    it 'returns hmac-md5' do
262
      hash = described_class.identify_hash('<[email protected]>#332b463fcf3baac718c63860a7093df4')
263
      expect(hash).to match('hmac-md5')
264
    end
265
  end
266

267
  describe 'identify_f5_secure_value' do
268
    it 'returns F5-Secure-Vault' do
269
      hash = described_class.identify_hash('$M$iE$cIdy72xi7Xbk3kazSrpdfscd+oD1pdsXJbwhvhMPiss4Iw0RKIJQS/CuSReZl/+kseKpPCNpBWNWOOaBCwlQ0v4sl7ZUkxCymh5pfFNAjhc=')
270
      expect(hash).to match('F5-Secure-Vault')
271
    end
272
  end
273

274
  describe 'identify_mscash' do
275
    it 'returns mscash' do
276
      hash = described_class.identify_hash('M$3060147285011#4dd8965d1d476fa0d026722989a6b772:::')
277
      expect(hash).to match('mscash')
278
    end
279
  end
280

281
  describe 'identify_mscash2' do
282
    it 'returns mscash2' do
283
      hash = described_class.identify_hash('$DCC2$10240#username#5f9d79a71fa6d92c31cf16d6eaa23435:::')
284
      expect(hash).to match('mscash2')
285
    end
286
  end
287

288
  describe 'identify_netntlm' do
289
    it 'returns netntlm' do
290
      hash = described_class.identify_hash('u4-netntlm::kNS:338d08f8e26de93300000000000000000000000000000000:9526fb8c23a90751cdd619b6cea564742e1e4bf33006ba41:cb8086049ec4736c')
291
      expect(hash).to match('netntlm')
292
    end
293
  end
294

295
  describe 'identify_netntlmv2' do
296
    it 'returns netntlmv2' do
297
      hash = described_class.identify_hash('admin::N46iSNekpT:08ca45b7d7ea58ee:88dcbe4446168966a153a0064958dac6:5c7830315c7830310000000000000b45c67103d07d7b95acd12ffa11230e0000000052920b85f78d013c31cdb3b92f5d765c783030')
298
      expect(hash).to match('netntlmv2')
299
    end
300
  end
301

302
  describe 'identify_vnc' do
303
    it 'returns vnc' do
304
      hash = described_class.identify_hash('*00112233445566778899aabbccddeeff*6feb3cb1f07b66151656b5832341f223')
305
      expect(hash).to match('vnc')
306
    end
307
    it 'returns vnc on uppercase' do
308
      hash = described_class.identify_hash('*00112233445566778899aabbccddeeff*6feb3cb1f07b66151656b5832341f223'.upcase)
309
      expect(hash).to match('vnc')
310
    end
311
    it 'returns vnc on no leading star' do
312
      hash = described_class.identify_hash('00112233445566778899aabbccddeeff*6feb3cb1f07b66151656b5832341f223')
313
      expect(hash).to match('vnc')
314
    end
315
  end
316

317
  describe 'identify_pbkdf2-sha256' do
318
    it 'returns pbkdf2-sha256' do
319
      hash = described_class.identify_hash('$pbkdf2-sha256$260000$Q1hzYjU5dFNMWm05QUJCTg$s.vmjGlIV0ZKV1Sp3dTdrcn/i9CTqxPZ0klve4HreeU')
320
      expect(hash).to match('pbkdf2-sha256')
321
    end
322
  end
323

324
  describe 'identify_empty_string' do
325
    it 'returns empty string' do
326
      hash = described_class.identify_hash('')
327
      expect(hash).to match('')
328
    end
329
  end
330

331
  describe 'identify_nil' do
332
    it 'returns empty string' do
333
      hash = described_class.identify_hash(nil)
334
      expect(hash).to match('')
335
    end
336
  end
337

338
  describe 'identify_shadow_line' do
339
    it 'returns empty string' do
340
      hash = described_class.identify_hash('root:$1$TDQFedzX$.kv51AjM.FInu0lrH1dY30:15045:0:99999:7:::')
341
      expect(hash).to match('')
342
    end
343
  end
344

345
  describe 'identify_un_pass' do
346
    it 'returns empty string' do
347
      hash = described_class.identify_hash('root:$1$TDQFedzX$.kv51AjM.FInu0lrH1dY30')
348
      expect(hash).to match('')
349
    end
350
  end
351

352
  describe 'identify_ascii_as_nothing' do
353
    it 'returns empty string' do
354
      hash = described_class.identify_hash('This is just some words')
355
      expect(hash).to match('')
356
    end
357
  end
358
end
359

360