09-18-2021, 03:48 PM
Got a plain sha256 hash that I need to crack. Password is between 6 and 16 character long, and if pwd length is less than 16, the pwd is padded with zero-bytes. So the passwords are generated as following:
It's easy to solve this using brute force mode (-a 3) and adding the --hex-charset flag. The password rules for the application the hash comes from makes it unfeasible to try brute forcing lengths greater than 8, thus once that job finish I need to jump over to word lists and rules, and this is where I hit the wall using hashcat.
Using python to do the padding and converting to hex and feeding the passwords to hashcat works (e.g. python3 modifypw.py | hashcat -m 1400 hash.txt --hex-wordlist - where modifypw.py is just a script that reads the word list, do the necessary modifications and prints hexlified pwd that can be piped to hashcat), but this is/seem to be a bit slow and I was hoping it maybe could be solved using hashcat logic itself to (maybe) speed it up. However, I can't seem to figure this one out.
I can of course convert all the wordlists I want to test to hex prior to running the dictionary attack and it might be what I'll end up doing (and using either rules to emulate a hybrid attack for taking care of the zero-padding or just running a hybrid attack where I ensure to add enough zero bytes depending on the current pwd lengths I'm testing).
If I can't use hashcat to do this conversion to hex, any suggestions for something that might be a bit faster than using python for piping the (hexlified) dictionaries to hashcat?
Code:
pwd = "SomePwd"
hash = sha256(pwd[:16].encode('ascii')+b'\x00'*(16-len(pwd[:16])))
It's easy to solve this using brute force mode (-a 3) and adding the --hex-charset flag. The password rules for the application the hash comes from makes it unfeasible to try brute forcing lengths greater than 8, thus once that job finish I need to jump over to word lists and rules, and this is where I hit the wall using hashcat.
Using python to do the padding and converting to hex and feeding the passwords to hashcat works (e.g. python3 modifypw.py | hashcat -m 1400 hash.txt --hex-wordlist - where modifypw.py is just a script that reads the word list, do the necessary modifications and prints hexlified pwd that can be piped to hashcat), but this is/seem to be a bit slow and I was hoping it maybe could be solved using hashcat logic itself to (maybe) speed it up. However, I can't seem to figure this one out.
I can of course convert all the wordlists I want to test to hex prior to running the dictionary attack and it might be what I'll end up doing (and using either rules to emulate a hybrid attack for taking care of the zero-padding or just running a hybrid attack where I ensure to add enough zero bytes depending on the current pwd lengths I'm testing).
If I can't use hashcat to do this conversion to hex, any suggestions for something that might be a bit faster than using python for piping the (hexlified) dictionaries to hashcat?