MD5 Crack with Salt
#1
Hello,

been trying for a few days now trying to get hashcat to work, cracking a MD5 hash with salt.

This is just a quick example or what I am trying to do

69c12c189531e95fc6b6b4191ce29220 is the hash
the salt is dz
the password for this is dz0000
fakehash has the above hash
salt has the above salt

This does not work:
./hashcat-cli32.bin -m 0 -a 3 -e salt --bf-pw-min=4 --bf-pw-max=6 --bf-cs-buf=1234567890 fakehash

When I run this it does work:
./hashcat-cli32.bin -m 0 -a 3 -e salt --bf-pw-min=4 --bf-pw-max=6 --bf-cs-buf=1234567890dz fakehash

When I run this it works but tries
./hashcat-cli32.bin -m 0 -a 3 -e salt --bf-pw-min=5 --bf-pw-max=6 --bf-cs-buf=abcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ fackhash

to my understanding it start 0000 and goes from there so it should put dz in front and then at 6 it should do dz0000 resulting in the first crack. But instead it does 000000 and goes from there not using the salt. How do I force it to use salt any help would be greatly apprenticed.
Reply
#2
I think you are a little confused about what a salt is. Using a salt will NOT prepend characters to your string. It is actually determining how to manipulate your password before hashing it. In addition, you are specifying hash mode 0, which does not use a salt to begin with.

Actually, doing a quick check, it appears that your hash 69c12c189531e95fc6b6b4191ce29220 is in-fact a plain MD5, and is NOT salted. So you can get rid of all the salt lines.
Reply
#3
root@ht:~/hashcat-0.40# cat hash
69c12c189531e95fc6b6b4191ce29220:dz

root@ht:~/hashcat-0.40# ./hashcat-cli64.bin -m 2 hash -a 3 --pw-min 4 ?d?d?d?d

69c12c189531e95fc6b6b4191ce29220:dz:0000
All hashes have been recovered
Reply
#4
additionally, if you want to use a salt to simulate the effect of prepending chars, you can use hash mode 2: MD5($salt.$hash)
Reply
#5
(05-07-2012, 04:30 PM)unix-ninja Wrote: I think you are a little confused about what a salt is. Using a salt will NOT prepend characters to your string. It is actually determining how to manipulate your password before hashing it. In addition, you are specifying hash mode 0, which does not use a salt to begin with.

Actually, doing a quick check, it appears that your hash 69c12c189531e95fc6b6b4191ce29220 is in-fact a plain MD5, and is NOT salted. So you can get rid of all the salt lines.

This was just a test the hashes that I am pulling tells me what the salt is so I know the first two charters thus turning it from a 6 letter password guess into a 4 letter work password. Trying to make the run time less by telling it what the first two letters are. This is because the passwords its giving me are 8 letters and with the salt makes it 10 so cutting the time down would be a very good thing.

(05-07-2012, 04:34 PM)atom Wrote: root@ht:~/hashcat-0.40# cat hash
69c12c189531e95fc6b6b4191ce29220:dz

root@ht:~/hashcat-0.40# ./hashcat-cli64.bin -m 2 hash -a 3 --pw-min 4 ?d?d?d?d

69c12c189531e95fc6b6b4191ce29220:dz:0000
All hashes have been recovered

./hashcat-cli64.bin -m 2 fakehash -a 3 --pw-min 4 ?d?d?d?d
bash: ./hashcat-cli64.bin: cannot execute binary file

This is in fakehash
69c12c189531e95fc6b6b4191ce29220:dz
Reply
#6
come on, you have to use ./hashcat-cli32.bin instead. pls use your brain, just a bit
Reply
#7
(05-07-2012, 05:06 PM)atom Wrote: come on, you have to use ./hashcat-cli32.bin instead. pls use your brain, just a bit

Sad sorry, thanks for the help atom
Reply
#8
L0L
Reply
#9
please cracked this hash :
Reply
#10
(11-01-2013, 10:43 PM)sezar21m Wrote: please cracked this hash :
A ban, please.
Reply