Permalink
Browse files

Add support for cracking ODF 1.2 AES encrypted documents

  • Loading branch information...
1 parent e1c314a commit 50d403f4b035716906f16fbe961ef73d27a107b9 @kholia kholia committed Jul 21, 2012
Showing with 43 additions and 24 deletions.
  1. +2 −8 run/odf2john.py
  2. +41 −16 src/odf_fmt_plug.c
View
10 run/odf2john.py
@@ -69,17 +69,11 @@ def process_file(filename):
iv = binascii.hexlify(base64.decodestring(iv))
salt = binascii.hexlify(base64.decodestring(salt))
- # extract and save content.xml, used later by john
try:
content = zf.open("content.xml").read()
except KeyError:
print >> sys.stderr, "%s is not an encrypted OpenOffice file, content.xml missing!" % filename
return 5
- # folder = os.path.dirname(os.path.realpath(filename))
- # handle, fn = tempfile.mkstemp(suffix='-content.xml', dir=folder)
- # fhandle = os.fdopen(handle, "wb")
- # fhandle.write(content)
- # fhandle.close()
if algorithm_name.find("Blowfish CFB") > -1:
algorithm_type = 0
@@ -89,9 +83,9 @@ def process_file(filename):
print >> sys.stderr, "%s uses un-supported encryption!" % filename
return 6
- if checksum_type.find("SHA1") > -1:
+ if checksum_type.upper().find("SHA1") > -1:
checksum_type = 0
- elif checksum_type.find("SHA256") > -1:
+ elif checksum_type.upper().find("SHA256") > -1:
checksum_type = 1
else:
print >> sys.stderr, "%s uses un-supported checksum algorithm!" % filename
View
57 src/odf_fmt_plug.c
@@ -20,6 +20,7 @@
#include "gladman_fileenc.h"
#include <openssl/sha.h>
#include <openssl/blowfish.h>
+#include <openssl/aes.h>
#ifdef _OPENMP
#include <omp.h>
#define OMP_SCALE 64
@@ -38,6 +39,7 @@
static struct fmt_tests odf_tests[] = {
{"$odf$*0*0*1024*16*df6c10f64d191a841812af53874b636d014ce3fe*8*07e28aff39d2660e*16*b124be9f3346fb77e0ebcc3bb80028f8*0*2276a1077f6a2a027bd565ce89824d6a20086e378876be05c4b8e3796a460e828c9803a692caf7a53492c220d1d7ecbf4e2d336c7abf5a7672acc804ca267318252cbc13676616d1fde38820f9fbeef1360067d9de096ba8c1032ae947bde1d0fedaf37b6020663d49faf36b7c095c5b9aae11c8fc2be74148f008edbdbb180b44028ad8259f1215b483542bf3027f56dee5f962448333b30f88e6ae4790b60d24abb286edff9adee831a4b3351fc47259043f0d683d7a25be7e47aff3aedca140005d866e218c8efcca32093c19bbece50bd96656d0f94a712d3c60d1e5342db86482fc73f05faf513ca0b137378126597b95986c372b412c953e97011259aab0839fe453c756559497a28ba88dce009e1e7980436131029d38e56a34f608e6471970d9959068808c898608024db9eb394c4feae7a364ea9272ec4ea2315a9f0407a4b27d5e49a8ab1e3ddce5c84927d5aecd7e68e4437a820ea8743c6b5b4e2abbb47b0001e2f77ceac4603e8774e4ccbc1adde794428c11ae4a7492727b620334302e63f72b0c06c1cf83800366916ee8295176819272d557863a831ee0a576841191482959aad69095831fa1d64e3e0e6f6c6a751bcdadf0fbaa27a17458709f708c04587cb208984c9525da6786e0e5aabefe30ad1dbbef66e85ce9d6dbe456fd85e4135de5cf16d9455976d7ca8de7b1b530661c74c0fae90c0fff1a2b5fcdfab19fcff75fadcec445ed8af6ab5babf1463e08458918be8045083de6db988c37e4be582cfac5cdf741d1f0322fb2902665c7ff347813348109e5d442e91fcb010c28f042da481e807084fcb4759b40ccf2cae77bad00cdfbfba4acf36aa1f74c30a315e3d7f1ca522b6306e8903352aafa51dc523d582d418934398d5eb88120e3656bfb640a239db507b285302a86855ea850ddc9af72fc62dc79336c9bc29ee8314c65adb0574e9c701d73d7fa977edd1d52a1ff2da5b8b94e1a0fdd01ffcc6583758f0a1f51750e45f12b58c6d38b140e5676cf3474224520ef7c52ca5e634f85456651f3d6f43d016ed7cc5da54ea640a3bc50c2b9d3dea8f93c0340d66ccd06efc5ae002108c33cf3a470c4a50f6a6ca2f11b8ad15511688c282b94ba6f1c332e239d10946dc46f763f08d12cb9edc1e79c0e07f7151f548e6d7d20ec13b52d911bf980cac60694e192651403c9a69abea045190e847be093fc9ba43fec55b32f77f5796ddca25b441f259d5c51e06df6c6588c6414899481ba9e06bcebec58f82ff3021b09c6beae13a5d22bc94870f72ab813d0c0be01d91f3d075192e7a5de765599d72244757d09539529a8347e077a36678166e5ed9f73a5aad2e147d8154095c397e3e5e4ba1987ca64c1301a0c6c3e438097ede9b701a105ec38fcb54abb31b367c7740cd9ac459e561094a34f01acee555e60267157e6", "test"},
+ {"$odf$*1*1*1024*32*61802eba18eab842de1d053809ba40927fd40b26c69ddeca6a8a652ed9c16a28*16*c5c0815b931f313627100d592a9c972f*16*e9a48b7daff738deaabe442007fb2ec4*0*be3b65ea09642c2b4fdc23e553e1f5304bc5df222b624c6373d53e674f5df01fdb8873cdab7a5a685fa45ad5441a9d8869401b7fa076c488ad53fd9971e97244ecc9416484450d4fb2ee4ec08af4044d7def937e6545dea2ce36bd5c57b1f46b11b9cf90c8fb3accff149ce2d54820b181b9124db9aac131f6436d77cf716423f04d42438eed6f9ca14bd24b9b17d3478176addd5fa0254bf986fccd879e326485790e28b94ad5306868734b5ac1b1ddb3f876382dee6e9428e8230e84bf11b7e85ccbae8b4b424cd73160c380f874b37fbe3c7e88c13ef4bde74b56507d17095c2c32bb8bcded0637e4403107bb33252f72f5886a91b7720fe32a8659a09c217717e4c74a7c2e09fc40b46aa288309a36e86b9f1856e1bce176bc9690555431e05c7b67ff95df64f8f40053079bfc9dda021ab2714fecf74398b867ebef675958f29eaa15eb631845e358a0c5caff0b824a2a69a6eabee069d3d6236d77709fd60438c9e3ad9e42b26810375e1e587eff105ac295327ef8bf66f6462388b7727ec32d6abde2f8d6126b185124bb437753663f6ab1f321ddfdb36d9f1f528729492e0b1bb8d3b9eda3c86c1997c92b902f5160f77587c37e45b5c133b5d9709fea910a2e9b54c0960b0ebc870cdbb858aabe07ed27cba86d29a7e64c6e3863131859314a14e64c1168d4a2d5ca0697853fb1fe969ba968e31359881d51edce287eff415de8e60cec2068bb82157fbcf0cf9a95e92cb23f32e6156daced4bee6ba8c8b41174d01fcd7662911bcc10d5b4478f8209ce3b91075d10529780be4f17e841a1f1833d432c3dc854908643e58b03c8860dfbc710a29f79f75ea262cfcef9cd67fb67d73f55b300d42f4577445af2b9f224620204cfb88de2cbf57931ac0e0f8d98259a41d744cad6a58abc7761c266f4e93aca19356b07073c09ae9d1976f4f2e1a76c350cc7764c27ae257eb69ba4213dd0a7794fa83d220439a398efd988b6dbf0de4c08bc3e4830c9e482b9e0fd1679f14e6f132cf06bae1d763dde7ce6f525ff9a0ebad28aeca16496194f2a6263a20e7afeb43d83c8c936130d6508f2bf68b5ca50375948424193a7fb1106fdf63ff72896e1b2633907f01a693218e3303436542bcf2af24cc4a41621c36768ce9a84d32cc9f3c2b108bfc78c25b1c2ea94e6e0d65406f78bdb8bc33c94a9550e5cc3e995cfbd31da03afb929418acdc89b099415f9bdb7dab7a75d44a696e14b031d601ad8d907e14a28044706c0c2955df2cb34ffea82af367e487b6cc928dc87a33fc7555173e7faa5cfd1af6d3d6f496f23a9579db22dd4a2c16e950fdc90696d95a81183765a4fbddb42c488d40ac1de28483cf1cdddf821d3f859c57b13cb7f21a916bd0d89438a17634c68637f23e2544589e8ae5ee5bced91680c087cb3105cd74a09e88d3aae17d75e", "test"},
{NULL}
};
@@ -136,26 +138,49 @@ static void crypt_all(int count)
#endif
{
unsigned char key[32];
- unsigned char hash[20];
+ unsigned char hash[32];
BF_KEY bf_key;
int bf_ivec_pos;
unsigned char ivec[8];
unsigned char output[1024];
- SHA_CTX ctx;
- SHA1_Init(&ctx);
- SHA1_Update(&ctx, (unsigned char *)saved_key[index], strlen(saved_key[index]));
- SHA1_Final((unsigned char *)hash, &ctx);
- derive_key(hash, 20, salt_struct->salt,
- salt_struct->salt_length,
- salt_struct->iterations, key,
- salt_struct->key_size);
- bf_ivec_pos = 0;
- memcpy(ivec, salt_struct->iv, 8);
- BF_set_key(&bf_key, salt_struct->key_size, key);
- BF_cfb64_encrypt(salt_struct->content, output, 1024, &bf_key, ivec, &bf_ivec_pos, 0);
- SHA1_Init(&ctx);
- SHA1_Update(&ctx, output, 1024);
- SHA1_Final(hash, &ctx);
+ if(salt_struct->checksum_type == 0 && salt_struct->cipher_type == 0) {
+ SHA_CTX ctx;
+ SHA1_Init(&ctx);
+ SHA1_Update(&ctx, (unsigned char *)saved_key[index], strlen(saved_key[index]));
+ SHA1_Final((unsigned char *)hash, &ctx);
+ derive_key(hash, 20, salt_struct->salt,
+ salt_struct->salt_length,
+ salt_struct->iterations, key,
+ salt_struct->key_size);
+ bf_ivec_pos = 0;
+ memcpy(ivec, salt_struct->iv, 8);
+ BF_set_key(&bf_key, salt_struct->key_size, key);
+ BF_cfb64_encrypt(salt_struct->content, output, 1024, &bf_key, ivec, &bf_ivec_pos, 0);
+ SHA1_Init(&ctx);
+ SHA1_Update(&ctx, output, 1024);
+ SHA1_Final(hash, &ctx);
+ }
+ else {
+ SHA256_CTX ctx;
+ AES_KEY akey;
+ unsigned char iv[32];
+ SHA256_Init(&ctx);
+ SHA256_Update(&ctx, (unsigned char *)saved_key[index], strlen(saved_key[index]));
+ SHA256_Final((unsigned char *)hash, &ctx);
+ derive_key(hash, 32, salt_struct->salt,
+ salt_struct->salt_length,
+ salt_struct->iterations, key,
+ salt_struct->key_size);
+ memcpy(iv, salt_struct->iv, 32);
+ memset(&akey, 0, sizeof(AES_KEY));
+ if(AES_set_decrypt_key(key, 256, &akey) < 0) {
+ fprintf(stderr, "AES_set_derypt_key failed!\n");
+ }
+ AES_cbc_encrypt(salt_struct->content, output, 1024, &akey, iv, AES_DECRYPT);
+ SHA256_Init(&ctx);
+ SHA256_Update(&ctx, output, 1024);
+ SHA256_Final(hash, &ctx);
+ }
if(!memcmp(hash, salt_struct->checksum, 20))
cracked[index] = 1;
else

0 comments on commit 50d403f

Please sign in to comment.