-
Notifications
You must be signed in to change notification settings - Fork 3.2k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
5 changed files
with
148 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
/** | ||
* @author bwhitn [brian.m.whitney@gmail.com] | ||
* @copyright Crown Copyright 2018 | ||
* @license Apache-2.0 | ||
*/ | ||
|
||
import Operation from "../Operation"; | ||
import OperationError from "../errors/OperationError"; | ||
import cptable from "../vendor/js-codepage/cptable.js"; | ||
|
||
/** | ||
* Citrix CTX1 Decode operation | ||
*/ | ||
class CitrixCTX1Decode extends Operation { | ||
|
||
/** | ||
* CitrixCTX1Decode constructor | ||
*/ | ||
constructor() { | ||
super(); | ||
|
||
this.name = "Citrix CTX1 Decode"; | ||
this.module = "Encodings"; | ||
this.description = "Decodes strings in a Citrix CTX1 password format to plaintext."; | ||
this.infoURL = "https://www.reddit.com/r/AskNetsec/comments/1s3r6y/citrix_ctx1_hash_decoding/"; | ||
this.inputType = "byteArray"; | ||
this.outputType = "string"; | ||
this.args = []; | ||
} | ||
|
||
/** | ||
* @param {byteArray} input | ||
* @param {Object[]} args | ||
* @returns {string} | ||
*/ | ||
run(input, args) { | ||
if (input.length % 4 !== 0) { | ||
throw new OperationError("Incorrect hash length"); | ||
} | ||
const revinput = input.reverse(); | ||
const result = []; | ||
let temp = 0; | ||
for (let i = 0; i < revinput.length; i += 2) { | ||
if (i + 2 >= revinput.length) { | ||
temp = 0; | ||
} else { | ||
temp = ((revinput[i + 2] - 0x41) & 0xf) ^ (((revinput[i + 3]- 0x41) << 4) & 0xf0); | ||
} | ||
temp = (((revinput[i] - 0x41) & 0xf) ^ (((revinput[i + 1] - 0x41) << 4) & 0xf0)) ^ 0xa5 ^ temp; | ||
result.push(temp); | ||
} | ||
// Decodes a utf-16le string | ||
return cptable.utils.decode(1200, result.reverse()); | ||
} | ||
|
||
} | ||
|
||
export default CitrixCTX1Decode; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
/** | ||
* @author bwhitn [brian.m.whitney@gmail.com] | ||
* @copyright Crown Copyright 2018 | ||
* @license Apache-2.0 | ||
*/ | ||
|
||
import Operation from "../Operation"; | ||
import cptable from "../vendor/js-codepage/cptable.js"; | ||
|
||
/** | ||
* Citrix CTX1 Encode operation | ||
*/ | ||
class CitrixCTX1Encode extends Operation { | ||
|
||
/** | ||
* CitrixCTX1Encode constructor | ||
*/ | ||
constructor() { | ||
super(); | ||
|
||
this.name = "Citrix CTX1 Encode"; | ||
this.module = "Encodings"; | ||
this.description = "Encodes strings to Citrix CTX1 password format."; | ||
this.infoURL = "https://www.reddit.com/r/AskNetsec/comments/1s3r6y/citrix_ctx1_hash_decoding/"; | ||
this.inputType = "string"; | ||
this.outputType = "byteArray"; | ||
this.args = []; | ||
} | ||
|
||
/** | ||
* @param {string} input | ||
* @param {Object[]} args | ||
* @returns {byteArray} | ||
*/ | ||
run(input, args) { | ||
const utf16pass = Array.from(cptable.utils.encode(1200, input)); | ||
const result = []; | ||
let temp = 0; | ||
for (let i = 0; i < utf16pass.length; i++) { | ||
temp = utf16pass[i] ^ 0xa5 ^ temp; | ||
result.push(((temp >>> 4) & 0xf) + 0x41); | ||
result.push((temp & 0xf) + 0x41); | ||
} | ||
|
||
return result; | ||
} | ||
|
||
} | ||
|
||
export default CitrixCTX1Encode; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters