HMAC-SHA1 mask
#1
I'm currently trying to make HMAC-SHA1 cracking work with hashcat. To make thing easier, I precomputed a digest with a known "message" and "secret".

Code:
$ echo -n "The quick brown fox jumps over the lazy dog" | openssl dgst -sha1 -hmac "key"
de7c9b85b8b78aa6bc8a7a36f70a90701c9db4d9

Basically, we know that:

secret: "key"
message: "The quick brown fox jumps over the lazy dog"
digest: de7c9b85b8b78aa6bc8a7a36f70a90701c9db4d9

Now, I want to test hashcat by cracking the secret using the mask attack mode given the digest and message.

Using the command below, hashcat wasn't able to find the key. What am I doing wrong?

Code:
$ ./cudaHashcat64.exe -m 150 -a 3 --increment --increment-min=3 --increment-max=3 de7c9b85b8b78aa6bc8a7a36f70a90701c9db4d9:"The quick brown fox jumps over the lazy dog" ?l?l?l

Quote:cudaHashcat v1.35 starting...

Device #1: GeForce GTX 750, 1024MB, 1084Mhz, 4MCU
Device #1: WARNING! Kernel exec timeout is not disabled, it might cause you errors of code 702
You can disable it with a regpatch, see here: http://hashcat.net/wiki/doku.php?id=timeout
_patch

Hashes: 1 hashes; 1 unique digests, 1 unique salts
Bitmaps: 8 bits, 256 entries, 0x000000ff mask, 1024 bytes, 0/1 rotates
Applicable Optimizers:
* Zero-Byte
* Not-Iterated
* Single-Hash
* Single-Salt
* Brute-Force
Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 80c
Device #1: Kernel c:\Users\xxx\cudaHashcat-1.35/kernels/4318/m00150_a3.sm_50.64.ptx
Device #1: Kernel c:\Users\xxx\cudaHashcat-1.35/kernels/4318/markov_be_v4.64.ptx


ATTENTION!
The wordlist or mask you are using is too small.
Therefore, oclHashcat is unable to utilize the full parallelization power of your GPU(s).
The cracking speed will drop.
Workaround: https://hashcat.net/forum/thread-4161.html


Session.Name...: cudaHashcat
Status.........: Exhausted
Input.Mode.....: Mask (?l?l?l) [3]
Hash.Target....: de7c9b85b8b78aa6bc8a7a36f70a90701c9db4d9:The quick brown fox jumps over the lazy do
g
Hash.Type......: HMAC-SHA1 (key = $pass)
Time.Started...: 0 secs
Time.Estimated.: 0 secs
Speed.GPU.#1...: 7891.0 kH/s
Recovered......: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.......: 17576/17576 (100.00%)
Skipped........: 0/17576 (0.00%)
Rejected.......: 0/17576 (0.00%)
HWMon.GPU.#1...: 0% Util, 30c Temp, N/A Fan

Started: Mon Apr 06 09:51:25 2015
Stopped: Mon Apr 06 09:51:27 2015
#2
You were pretty close, just the message is to long (max. 32) and you need to quote differently:

Quote:$ echo -n "This is a long salt" | openssl dgst -sha1 -hmac "key"
(stdin)= ea801b719276e06d8cb971860e2958db924e7dc9

Quote:$ ./oclHashcat64.bin -m 150 -a 3 "ea801b719276e06d8cb971860e2958db924e7dc9:This is a long salt" ?l?l?l
oclHashcat v1.36 starting...

Device #1: Tahiti, 3022MB, 1000Mhz, 32MCU
Device #2: Tahiti, 3022MB, 1000Mhz, 32MCU
Device #3: Tahiti, 3022MB, 1000Mhz, 32MCU

Hashes: 1 hashes; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates
Applicable Optimizers:
* Zero-Byte
* Not-Iterated
* Single-Hash
* Single-Salt
* Brute-Force
Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 80c
Device #1: Kernel ./kernels/4098/m00150_a3.Tahiti_1573.4_1573.4 (VM)_1428240294.kernel (254960 bytes)
Device #1: Kernel ./kernels/4098/markov_be_v1.Tahiti_1573.4_1573.4 (VM)_1428240294.kernel (35108 bytes)
Device #2: Kernel ./kernels/4098/m00150_a3.Tahiti_1573.4_1573.4 (VM)_1428240294.kernel (254960 bytes)
Device #2: Kernel ./kernels/4098/markov_be_v1.Tahiti_1573.4_1573.4 (VM)_1428240294.kernel (35108 bytes)
Device #3: Kernel ./kernels/4098/m00150_a3.Tahiti_1573.4_1573.4 (VM)_1428240294.kernel (254960 bytes)
Device #3: Kernel ./kernels/4098/markov_be_v1.Tahiti_1573.4_1573.4 (VM)_1428240294.kernel (35108 bytes)


ATTENTION!
The wordlist or mask you are using is too small.
Therefore, oclHashcat is unable to utilize the full parallelization power of your GPU(s).
The cracking speed will drop.
Workaround: https://hashcat.net/forum/thread-4161.html


INFO: approaching final keyspace, workload adjusted

ea801b719276e06d8cb971860e2958db924e7dc9:This is a long salt:key

Session.Name...: oclHashcat
Status.........: Cracked
Input.Mode.....: Mask (?l?l?l) [3]
Hash.Target....: ea801b719276e06d8cb971860e2958db924e7dc9:This is a long salt
Hash.Type......: HMAC-SHA1 (key = $pass)
Time.Started...: 0 secs
Speed.GPU.#1...: 0 H/s
Speed.GPU.#2...: 0 H/s
Speed.GPU.#3...: 2468.9 kH/s
Speed.GPU.#*...: 2468.9 kH/s
Recovered......: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts
Progress.......: 5772/17576 (32.84%)
Skipped........: 0/5772 (0.00%)
Rejected.......: 0/5772 (0.00%)
Restore.Point..: 227/676 (33.58%)
HWMon.GPU.#1...: 0% Util, 27c Temp, 25% Fan
HWMon.GPU.#2...: 0% Util, 27c Temp, 25% Fan
HWMon.GPU.#3...: 21% Util, 29c Temp, 25% Fan

Started: Mon Apr 6 17:26:56 2015
Stopped: Mon Apr 6 17:26:58 2015
#3
Thanks. Didnt realize there's a char limit. I was actually planning to crack a key that's 128 hex characters long and see if I get "lucky". Given there are 16^128 combinations, I guess I should give up in pursuing this =P
#4
well in that case you "just" need to search 256^20 combinations because in hmac if the key is longer than the blocksize of the hash (64 in case of sha1) then the key is hashed and the digest is used as a key.