hashcat Forum

I would like some help in determining which algorythm to use for decrypting the following hash that used PBKDF2 (AES 256/CBC).

Code:
9b968a5c3888d1b959bce46371dbc037c0874575af523467d3896fe608fdc2fb0ff122fdc9680c0bdd7aff0db66cf7b5

The password is testtesttest

I am not certain about the following, but I believe when the password is salted with 58248916-e804-465c-85d2-bd5da4a805cf, it generates,

Code:
fddb8f9b6a1e7c39ddefabe933f4104e2842d8e252b0cf1dd1a04457939ad47

Thank you.

I inadvertently omitted a character in the salted hash (second hash) that I posted above. The correct salted hash is:

Code:
1fddb8f9b6a1e7c39ddefabe933f4104e2842d8e252b0cf1dd1a04457939ad47

Thank you. I tried these on both hashes, but none worked. However, I'm not sure how to format the hash with the salt. Do I paste the salt at the beginning of the hash/key ?

(11-07-2022, 09:46 PM)marc1n Wrote: [ -> ]https://hashcat.net/wiki/doku.php?id=example_hashes

Thanks again. Apologies for my nativity, but in looking at the example hashes of the 8 "recognized hashes", I don't see any obvious file separator where an iv/salt would be inserted. Can you guide me a little more? Thanks.

I'm still struggling with this and hoping someone can give me a hint. At this point, I'm trying to figure out how to combine the salt with the hash The examples didn't help, unfortunately.

Thanks

Are you sure it is a hash or is it encrypted text?

Code:
$ echo -n 'the quick brown fox jumps over the lazy old dogs back' | openssl aes-256-cbc -e -salt -pbkdf2 -iter 10000 -out ciphertext.enc -p

enter AES-256-CBC encryption password: testtest

Verifying - enter AES-256-CBC encryption password:

salt=F903D4DDFAC55AF1

key=AD6197A8AE7A4AF2FD58B74FA4D1B5C7F4480B1BAD8A164D64652C4DD3EBDFC0

iv =EDA1AF9277A3BA6F4B4B14808D39A5D1

Will say that there is absolutely no chance to identify the underlying algorithm for your posted encrypted text.

(11-16-2022, 08:46 PM)ZerBea Wrote: [ -> ]Are you sure it is a hash or is it encrypted text?

Thank you. It is not encrypted text. I further determined that the first string I posed is the hash, i.e.,

Code:
9b968a5c3888d1b959bce46371dbc037c0874575af523467d3896fe608fdc2fb0ff122fdc9680c0bdd7aff0db66cf7b5

and the salt is 

 58248916-e804-465c-85d2-bd5da4a805cf

In that case (it is a hash) hashcat isn't useful (PBKDF2-HMAC-AES-256-CBC) because it only provide this generic KDF functions:

Code:
| PBKDF2-HMAC-MD5                                            | Generic KDF

| PBKDF2-HMAC-SHA1                                           | Generic KDF

| PBKDF2-HMAC-SHA256                                         | Generic KDF

| PBKDF2-HMAC-SHA512                                         | Generic KDF

(11-17-2022, 08:01 AM)ZerBea Wrote: [ -> ]In that case (it is a hash) hashcat isn't useful (PBKDF2-HMAC-AES-256-CBC) because it only provide this generic KDF functions:

Code:
11900 | PBKDF2-HMAC-MD5 | Generic KDF 12000 | PBKDF2-HMAC-SHA1 | Generic KDF 10900 | PBKDF2-HMAC-SHA256 | Generic KDF 12100 | PBKDF2-HMAC-SHA512 | Generic KDF

Thank you. Do you have any suggestions on what alternatives I might search for?

I'm still trying to get this to work. If I can find the algorithm used to create the hash, is it difficult to create a module to use with Hashcat?

hlore

hlore

hlore

hlore

hlore

ZerBea

hlore

ZerBea

hlore

hlore