Lotus HTTP Hash - Printable Version
+- hashcat Forum (http://hashcat.net/forum)
+-- Forum: Misc (/forum-15.html)
+--- Forum: Feature Requests (/forum-7.html)
+--- Thread: Lotus HTTP Hash (/thread-12.html)
Pages: 1 2
Lotus HTTP Hash - subgenius - 05-05-2010 06:04 AM
Hi there, please, hashcat is a very good hash cracker and is possible to implement the Domino HTTP Hash algorithm in this?
The .C files is from Lepton's Cracker, but this isn't multi-threaded and don't work with multi-cores, haven't the many options as hashcat.
I'll attach the .h and .c file, and the hash:plaintext example is the only one that I have for the moment,hope it help,because I really need a good hash breaker like hashcat with this algorithm. Here it go:
RE: Lotus HTTP Hash - atom - 05-06-2010 09:09 AM
(05-05-2010 06:04 AM)subgenius Wrote: Hi there, please, hashcat is a very good hash cracker and is possible to implement the Domino HTTP Hash algorithm in this?
never heared of this algo. are you sure that this important for a bigger number of users? i try to add it in a later version, but i will give it a lower priority until more users reply to this thread asking for support.
RE: Lotus HTTP Hash - subgenius - 05-06-2010 07:37 PM
(05-06-2010 09:09 AM)atom Wrote:(05-05-2010 06:04 AM)subgenius Wrote: Hi there, please, hashcat is a very good hash cracker and is possible to implement the Domino HTTP Hash algorithm in this?
This algorithm is from LotusNotes, the webmail system uses it. Hope you can add it in next release. Thank's for the attention!
RE: Lotus HTTP Hash - DrMambo - 11-25-2011 01:34 AM
Hi there, first post, so I'll first say how great your app is, love it!
That Lotus Domino/Notes password is still in use in a fair amount of places, however people seem to use other apps to crack them, I'd love if it was included in hashcat. I understand you're obviously very busy with the project, but I'd like to add another '+1' vote to including this algorithm.
From what I understand, there is two hashing types, an old one, and a newer one. The old one uses a modified RC4 implementation, and I'm not sure what the newer one uses, although I do know that it uses the username as a salt.
RE: Lotus HTTP Hash - neusbeer - 11-26-2011 07:02 PM
I'm busy 3 days now bruteforcing lotus5 hashes and found out that there's nothing better than
so please add! grinn..
the jumbo patch of john can do it. but I don't like john.
keep in mind.. that it's using 2 different hashes. 1 unsalted old rc4 (or something)
the other one (Starting with G) is salted with username
(it's the id hash of the user for using the lotus api on port 1352)
RE: Lotus HTTP Hash - robert - 12-16-2011 11:34 PM
Hi, hashcat is excellent tool. It will be great to implement Domino HTTP Hash algorithms. I know many people needed it. Please, add them.
RE: Lotus HTTP Hash - olsap - 12-28-2011 10:19 AM
+1 for salted domino http hash =)
RE: Lotus HTTP Hash - ati6990 - 12-28-2011 04:25 PM
sorry but theres no need for it.it would place it in the lower lower lower priority class.
RE: Lotus HTTP Hash - gtcreator - 01-21-2012 01:56 PM
+1 salted (Starting with G) http hash needed
RE: Lotus HTTP Hash - bghote - 01-22-2012 12:00 AM
+1 for both lotus5 and dominosec - to take the hash type names from John the Ripper.
I have personally collected ~1.25 million Lotus (both unsalted "lotus5" and salted "more secure" dominosec type hashes) from various sources. There are many more in active use that I don't have. That said, even though the exposure to date has been relative low-key, I believe there is a real need for faster cracking than is currently available only from Lepton's crack and John the Ripper.