CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutSign UpSign In
rapid7

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/spec/lib/metasploit/framework/hashes/identify_spec.rb
Views: 11788
1
require 'spec_helper'

2
require 'bcrypt'

3


4
=begin

5
#!/usr/bin/python

6
# bcrypts generated with python's passlib

7
from passlib import hash

8
print("MD5: %s") %(hash.md5_crypt.hash("password"))

9
print("BCrypt 2: %s") %(hash.bcrypt.using(ident="2").hash("password"))

10
print("BCrypt 2a: %s") %(hash.bcrypt.using(ident="2a").hash("password"))

11
print("BCrypt 2b: %s") %(hash.bcrypt.using(ident="2b").hash("password"))

12
print("BCrypt 2y: %s") %(hash.bcrypt.using(ident="2y").hash("password"))

13
# bcrypt.using(ident="2x").hash("password")

14
print("SHA256: %s") %(hash.sha256_crypt.hash("password"))

15
print("SHA512: %s") %(hash.sha512_crypt.hash("password"))

16
print("BSDi: %s") %(hash.bsdi_crypt.hash("password"))

17
print("DES: %s") %(hash.des_crypt.hash("password"))

18
=end

19


20
RSpec.describe Metasploit::Framework::Hashes do

21
  describe 'identify_md5' do

22
    it 'returns md5' do

23
      hash = described_class.identify_hash('$1$IEHUWAxH$nMC1edxSFa4SaKH7hi2.P1')

24
      expect(hash).to match('md5')

25
    end

26
  end

27


28
  describe 'identify_blofish' do

29
    it 'returns bf' do

30
      hash = described_class.identify_hash('$2$12$YuKGRH4GwF0PoeS9ZGsxyucAw4ju7LUUm6zllt85HeleuKBRb0n5G')

31
      expect(hash).to match('bf')

32
    end

33
  end

34


35
  describe 'identify_blofish_a' do

36
    it 'returns bf' do

37
      # looks like BCrypt can only generate 2a in ruby as of april 2019

38
      hash = described_class.identify_hash(BCrypt::Password.create('password'))

39
      expect(hash).to match('bf')

40
    end

41
  end

42


43
  describe 'identify_blofish_b' do

44
    it 'returns bf' do

45
      hash = described_class.identify_hash('$2b$12$LQRJHRdK8ubs.dOWBFc/6uhNNeuwMNzEBxjG5YSFu3swmnk2pMtSq')

46
      expect(hash).to match('bf')

47
    end

48
  end

49


50
  describe 'identify_blofish_x' do

51
    it 'returns bf' do

52
      hash = described_class.identify_hash('$2x$12$LQRJHRdK8ubs.dOWBFc/6uhNNeuwMNzEBxjG5YSFu3swmnk2pMtSq')

53
      expect(hash).to match('bf')

54
    end

55
  end

56


57
  describe 'identify_blofish_y' do

58
    it 'returns bf' do

59
      hash = described_class.identify_hash('$2y$12$EMrTs6wKK3Qj4u7jPL59Bug9JHBGhZKnZxTYKQAE9CEFBq9mDmfL2')

60
      expect(hash).to match('bf')

61
    end

62
  end

63


64
  describe 'identify_sha256_rounds' do

65
    it 'returns sha256,crypt' do

66
      hash = described_class.identify_hash('$5$rounds=535000$28N3kN/W4y.z/VwS$jpaW4.rR/57IlqhJRpZDu9FoZu/jr.ksbRJJZjJSZN7')

67
      expect(hash).to match('sha256,crypt')

68
    end

69
  end

70


71
  describe 'identify_sha512_rounds' do

72
    it 'returns sha512,crypt' do

73
      hash = described_class.identify_hash('$6$rounds=656000$bnopPiXhQ2jjaa9h$H9.hNSwpg5PaUTtEEgTAjoZFsUKmONplIXLFe1nd0/QTyw/DMQhHuyChA2glT.BbYe9gJjE5RD.yog8Z5tACA/')

74
      expect(hash).to match('sha512,crypt')

75
    end

76
  end

77


78
  describe 'identify_sha512_norounds' do

79
    it 'returns sha512,crypt' do

80
      hash = described_class.identify_hash('$6$52450745$k5ka2p8bFuSmoVT1tzOyyuaREkkKBcCNqoDKzYiJL9RaE8yMnPgh2XzzF0NDrUhgrcLwg78xs1w5pJiypEdFX/')

81
      expect(hash).to match('sha512,crypt')

82
    end

83
  end

84


85
  describe 'identify_qnx_sha256' do

86
    it 'returns qnx,sha256' do

87
      hash = described_class.identify_hash('@s@0b365cab7e17ee1e7e1a90078501cc1aa85888d6da34e2f5b04f5c614b882a93@5498317092471604')

88
      expect(hash).to match('qnx,sha256')

89
    end

90
  end

91


92
  describe 'identify_qnx_sha512' do

93
    it 'returns qnx,sha512' do

94
      hash = described_class.identify_hash('@S@715df9e94c097805dd1e13c6a40f331d02ce589765a2100ec7435e76b978d5efc364ce10870780622cee003c9951bd92ec1020c924b124cfff7e0fa1f73e3672@2257314490293159')

95
      expect(hash).to match('qnx,sha512')

96
    end

97
  end

98


99
  describe 'identify_qnx_md5' do

100
    it 'returns qnx,md5' do

101
      hash = described_class.identify_hash('@m@75f6f129f9c9e77b6b1b78f791ed764a@8741857532330050')

102
      expect(hash).to match('qnx,md5')

103
    end

104
  end

105


106
  describe 'identify_bsdi' do

107
    it 'returns des,bsdi,crypt' do

108
      hash = described_class.identify_hash('_7C/.WncdBNA9AL2CyaM')

109
      expect(hash).to match('des,bsdi,crypt')

110
    end

111
  end

112


113
  describe 'identify_des' do

114
    it 'returns des,crypt' do

115
      hash = described_class.identify_hash('ItkroId4UAOF.')

116
      expect(hash).to match('des,crypt')

117
    end

118
  end

119


120
  describe 'identify_pbkdf2_osx' do

121
    it 'returns pbkdf2-hmac-sha512,osx' do

122
      hash = described_class.identify_hash('$ml$49504$0dba6246bd38266b2e827ff7e7271380757c71d653893aa361d5902398302369$c5f198639915a101c99af326dffe13e8f14456be8fd2312a39a777b92178804e204ca4fee12a8667871440eff4288e811d86d746c6d96a60c919c3418dfebba42f329f5d73c0372d636d61d5dfda1add61af36c70e4acd771276107209e643ae92a0f43e95a452744e50fb4540d9bdf4e0b701725d7db488fbe18c1ab7737c6b')

123
      expect(hash).to match('pbkdf2-hmac-sha512,osx')

124
    end

125
  end

126


127
  describe 'identify_sha_osx' do

128
    it 'returns xsha,osx' do

129
      hash = described_class.identify_hash('1430823483d07626ef8be3fda2ff056d0dfd818dbfe47683')

130
      expect(hash).to match('xsha,osx')

131
    end

132
  end

133


134
  describe 'identify_mssql05' do

135
    it 'returns mssql05' do

136
      hash = described_class.identify_hash('0x01004086CEB6BF932BC4151A1AF1F13CD17301D70816A8886908')

137
      expect(hash).to match('mssql05')

138
    end

139
  end

140


141
  describe 'identify_mssql' do

142
    it 'returns mssql' do

143
      hash = described_class.identify_hash('0x0100A607BA7C54A24D17B565C59F1743776A10250F581D482DA8B6D6261460D3F53B279CC6913CE747006A2E3254')

144
      expect(hash).to match('mssql')

145
    end

146
  end

147


148
  describe 'identify_mssql12' do

149
    it 'returns mssql12' do

150
      hash = described_class.identify_hash('0x0200F733058A07892C5CACE899768F89965F6BD1DED7955FE89E1C9A10E27849B0B213B5CE92CC9347ECCB34C3EFADAF2FD99BFFECD8D9150DD6AACB5D409A9D2652A4E0AF16')

151
      expect(hash).to match('mssql12')

152
    end

153
  end

154


155
  describe 'identify_mysql' do

156
    it 'returns mysql' do

157
      hash = described_class.identify_hash('6f8c114b58f2ce9e')

158
      expect(hash).to match('mysql')

159
    end

160
  end

161


162
  describe 'identify_mysql_sha1' do

163
    it 'returns mysql_sha1' do

164
      hash = described_class.identify_hash('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4')

165
      expect(hash).to match('mysql-sha1')

166
    end

167
  end

168


169
  describe 'identify_lanman' do

170
    it 'returns lm' do

171
      hash = described_class.identify_hash('E52CAC67419A9A224A3B108F3FA6CB6D:8846F7EAEE8FB117AD06BDD830B7586C')

172
      expect(hash).to match('lm')

173
    end

174
  end

175


176
  describe 'identify_ntlm' do

177
    it 'returns nt' do

178
      hash = described_class.identify_hash('AAD3B435B51404EEAAD3B435B51404EE:8846F7EAEE8FB117AD06BDD830B7586C')

179
      expect(hash).to match('nt')

180
    end

181
  end

182


183
  describe 'identify_postgres' do

184
    it 'returns postgres' do

185
      hash = described_class.identify_hash('md5be86a79bf2043622d58d5453c47d4860')

186
      expect(hash).to match('postgres')

187
    end

188
  end

189


190
  describe 'identify_oracle_des' do

191
    it 'returns des,oracle' do

192
      hash = described_class.identify_hash('4F8BC1809CB2AF77')

193
      expect(hash).to match('des,oracle')

194
    end

195
  end

196


197
  describe 'identify_oracle11_S' do

198
    it 'returns raw-sha1,oracle' do

199
      hash = described_class.identify_hash('S:BFAF1ED5A8D39CC10D07DAF03A175C65198359874DAD92F081BE09B89162')

200
      expect(hash).to match('raw-sha1,oracle')

201
    end

202
  end

203


204
  describe 'identify_oracle_SHT' do

205
    it 'returns raw-sha1,oracle' do

206
      hash = described_class.identify_hash('S:8F2D65FB5547B71C8DA3760F10960428CD307B1C6271691FC55C1F56554A;H:DC9894A01797D91D92ECA1DA66242209;T:23D1F8CAC9001F69630ED2DD8DF67DD3BE5C470B5EA97B622F757FE102D8BF14BEDC94A3CC046D10858D885DB656DC0CBF899A79CD8C76B788744844CADE54EEEB4FDEC478FB7C7CBFBBAC57BA3EF22C')

207
      expect(hash).to match('raw-sha1,oracle')

208
    end

209
  end

210


211
  describe 'identify_oracle_HT' do

212
    it 'returns ' do

213
      hash = described_class.identify_hash('H:DC9894A01797D91D92ECA1DA66242209;T:23D1F8CAC9001F69630ED2DD8DF67DD3BE5C470B5EA97B622F757FE102D8BF14BEDC94A3CC046D10858D885DB656DC0CBF899A79CD8C76B788744844CADE54EEEB4FDEC478FB7C7CBFBBAC57BA3EF22C')

214
      expect(hash).to match('pbkdf2,oracle12c')

215
    end

216
  end

217


218
  describe 'identify_phpass_P' do

219
    it 'returns phpass' do

220
      hash = described_class.identify_hash('$P$984478476IagS59wHZvyQMArzfx58u.')

221
      expect(hash).to match('phpass')

222
    end

223
  end

224


225
  describe 'identify_phpass_H' do

226
    it 'returns phpass' do

227
      hash = described_class.identify_hash('$H$984478476IagS59wHZvyQMArzfx58u.')

228
      expect(hash).to match('phpass')

229
    end

230
  end

231


232
  describe 'identify_PBKDF2-HMAC-SHA512' do

233
    it 'returns PBKDF2-HMAC-SHA512' do

234
      hash = described_class.identify_hash('$ml$35460$93a94bd24b5de64d79a5e49fa372827e739f4d7b6975c752c9a0ff1e5cf72e05$752351df64dd2ce9dc9c64a72ad91de6581a15c19176266b44d98919dfa81f0f96cbcb20a1ffb400718c20382030f637892f776627d34e021bad4f81b7de8222')

235
      expect(hash).to match('PBKDF2-HMAC-SHA512')

236
    end

237
  end

238


239
  describe 'identify_PBKDF2-HMAC-SHA1' do

240
    it 'returns PBKDF2-HMAC-SHA1' do

241
      hash = described_class.identify_hash('{PKCS5S2}8WEZjkCbLWysbcbZ5PRgMbdJgJOhkzRT3y1jxOqke2z1Zr79q8ypugFQEYaMoIZt')

242
      expect(hash).to match('PBKDF2-HMAC-SHA1')

243
    end

244
  end

245


246
  describe 'identify_mediawiki' do

247
    it 'returns mediawiki' do

248
      hash = described_class.identify_hash('$B$113$de2874e33da25313d808d2a8cbf31485')

249
      expect(hash).to match('mediawiki')

250
    end

251
  end

252


253
  describe 'identify_android_sha1' do

254
    it 'returns android-sha1' do

255
      hash = described_class.identify_hash('EA8457DE97836C955082AE77DBE2CD86A4E8BC0E:4aafc54dc502e88b')

256
      expect(hash).to match('android-sha1')

257
    end

258
  end

259


260
  describe 'identify_hmac_md5' do

261
    it 'returns hmac-md5' do

262
      hash = described_class.identify_hash('<[email protected]>#332b463fcf3baac718c63860a7093df4')

263
      expect(hash).to match('hmac-md5')

264
    end

265
  end

266


267
  describe 'identify_f5_secure_value' do

268
    it 'returns F5-Secure-Vault' do

269
      hash = described_class.identify_hash('$M$iE$cIdy72xi7Xbk3kazSrpdfscd+oD1pdsXJbwhvhMPiss4Iw0RKIJQS/CuSReZl/+kseKpPCNpBWNWOOaBCwlQ0v4sl7ZUkxCymh5pfFNAjhc=')

270
      expect(hash).to match('F5-Secure-Vault')

271
    end

272
  end

273


274
  describe 'identify_mscash' do

275
    it 'returns mscash' do

276
      hash = described_class.identify_hash('M$3060147285011#4dd8965d1d476fa0d026722989a6b772:::')

277
      expect(hash).to match('mscash')

278
    end

279
  end

280


281
  describe 'identify_mscash2' do

282
    it 'returns mscash2' do

283
      hash = described_class.identify_hash('$DCC2$10240#username#5f9d79a71fa6d92c31cf16d6eaa23435:::')

284
      expect(hash).to match('mscash2')

285
    end

286
  end

287


288
  describe 'identify_netntlm' do

289
    it 'returns netntlm' do

290
      hash = described_class.identify_hash('u4-netntlm::kNS:338d08f8e26de93300000000000000000000000000000000:9526fb8c23a90751cdd619b6cea564742e1e4bf33006ba41:cb8086049ec4736c')

291
      expect(hash).to match('netntlm')

292
    end

293
  end

294


295
  describe 'identify_netntlmv2' do

296
    it 'returns netntlmv2' do

297
      hash = described_class.identify_hash('admin::N46iSNekpT:08ca45b7d7ea58ee:88dcbe4446168966a153a0064958dac6:5c7830315c7830310000000000000b45c67103d07d7b95acd12ffa11230e0000000052920b85f78d013c31cdb3b92f5d765c783030')

298
      expect(hash).to match('netntlmv2')

299
    end

300
  end

301


302
  describe 'identify_vnc' do

303
    it 'returns vnc' do

304
      hash = described_class.identify_hash('*00112233445566778899aabbccddeeff*6feb3cb1f07b66151656b5832341f223')

305
      expect(hash).to match('vnc')

306
    end

307
    it 'returns vnc on uppercase' do

308
      hash = described_class.identify_hash('*00112233445566778899aabbccddeeff*6feb3cb1f07b66151656b5832341f223'.upcase)

309
      expect(hash).to match('vnc')

310
    end

311
    it 'returns vnc on no leading star' do

312
      hash = described_class.identify_hash('00112233445566778899aabbccddeeff*6feb3cb1f07b66151656b5832341f223')

313
      expect(hash).to match('vnc')

314
    end

315
  end

316


317
  describe 'identify_pbkdf2-sha256' do

318
    it 'returns pbkdf2-sha256' do

319
      hash = described_class.identify_hash('$pbkdf2-sha256$260000$Q1hzYjU5dFNMWm05QUJCTg$s.vmjGlIV0ZKV1Sp3dTdrcn/i9CTqxPZ0klve4HreeU')

320
      expect(hash).to match('pbkdf2-sha256')

321
    end

322
  end

323


324
  describe 'identify_empty_string' do

325
    it 'returns empty string' do

326
      hash = described_class.identify_hash('')

327
      expect(hash).to match('')

328
    end

329
  end

330


331
  describe 'identify_nil' do

332
    it 'returns empty string' do

333
      hash = described_class.identify_hash(nil)

334
      expect(hash).to match('')

335
    end

336
  end

337


338
  describe 'identify_shadow_line' do

339
    it 'returns empty string' do

340
      hash = described_class.identify_hash('root:$1$TDQFedzX$.kv51AjM.FInu0lrH1dY30:15045:0:99999:7:::')

341
      expect(hash).to match('')

342
    end

343
  end

344


345
  describe 'identify_un_pass' do

346
    it 'returns empty string' do

347
      hash = described_class.identify_hash('root:$1$TDQFedzX$.kv51AjM.FInu0lrH1dY30')

348
      expect(hash).to match('')

349
    end

350
  end

351


352
  describe 'identify_ascii_as_nothing' do

353
    it 'returns empty string' do

354
      hash = described_class.identify_hash('This is just some words')

355
      expect(hash).to match('')

356
    end

357
  end

358
end

359


360