Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[split] vBulletin: md5(md5($pass).$salt) - command line ?!
05-26-2010, 07:36 PM (This post was last modified: 05-26-2010 08:18 PM by fqm1c8.)
Post: #1
[split] vBulletin: md5(md5($pass).$salt) - command line ?!
atom, anyone

can you help me with syntax please.

brute md5 option-5 for a length range? say 4 to 10 characters (lowercase , numeric) ?

I get how to do the fixed length brutes.

second, can you use more than 1 dictionary during the cmd line attacks?

regards

update - more reading leads me to believe you must execute it a number of times to check each possible length? so no "set and run" we must execute each attempt right?
Find all posts by this user
05-26-2010, 08:56 PM
Post: #2
RE: vBulletin: md5(md5($pass).$salt) - command line ?!
Yes, minimal password length cant be defined yet.
Indeed, one dictionary + mask ; or one dictionary + another dictionary.
Find all posts by this user
05-27-2010, 05:53 AM (This post was last modified: 05-27-2010 05:55 AM by mastercracker.)
Post: #3
RE: vBulletin: md5(md5($pass).$salt) - command line ?!
(05-26-2010 07:36 PM)fqm1c8 Wrote:  atom, anyone

can you help me with syntax please.

brute md5 option-5 for a length range? say 4 to 10 characters (lowercase , numeric) ?

I get how to do the fixed length brutes.

second, can you use more than 1 dictionary during the cmd line attacks?

regards

update - more reading leads me to believe you must execute it a number of times to check each possible length? so no "set and run" we must execute each attempt right?

It might depend on the OS. I can only talk about Windows. Open a text editor (like Notepad) and put the following lines:

Code:
oclHashcat.exe -o found.txt -m 5 test.hash -1 ?d?l ?1?1?1?1
oclHashcat.exe -o found.txt -m 5 test.hash -1 ?d?l ?1?1?1?1 ?1
oclHashcat.exe -o found.txt -m 5 test.hash -1 ?d?l ?1?1?1?1 ?1?1
oclHashcat.exe -o found.txt -m 5 test.hash -1 ?d?l ?1?1?1?1 ?1?1?1
oclHashcat.exe -o found.txt -m 5 test.hash -1 ?d?l ?1?1?1?1 ?1?1?1?1
oclHashcat.exe -o found.txt -m 5 test.hash -1 ?d?l ?1?1?1?1 ?1?1?1?1?1
oclHashcat.exe -o found.txt -m 5 test.hash -1 ?d?l ?1?1?1?1 ?1?1?1?1?1?1
Save the file as test.bat in the same folder as OclHashcat.

Double-click on the file test.bat to run all of the attack. The only attack I am not sure of is the first line since I am not sure if the program needs the "Right" argument to work. Each line is an attack. Here's the explanation of the arguments on each line:
oclhashcat.exe is the program to run
-o found.txt specifies where the cracked passwords will be saved.
- m 5 is the mode 5 you requested
test.hash is the file containing the list of hashes
-1 ?d?l sets the mask 1 as loweralpha-numeric
?1?1?1?1 is the Left mask
?1?1 is the Right mask

Good luck.
Find all posts by this user
01-31-2011, 06:13 PM
Post: #4
RE: [split] vBulletin: md5(md5($pass).$salt) - command line ?!
update: recent oclHashcat versions support --increment flag
Visit this user's website Find all posts by this user