hashcat Forum

Full Version: New Hashmode 29700
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Hey there,

I just updated to hashcat 6.2.6. I have used autodetection mode for one of my keepass hashes in the past. Now it shows a new possible hashmode 29700 besides 13400. I couldn't find any documentation on this one. Could somebody explain the difference?
There is no such mod 29700 list available here https://hashcat.net/wiki/doku.php?id=example_hashes
(11-26-2022, 11:46 AM)marc1n Wrote: [ -> ]There is no such mod 29700 list available here https://hashcat.net/wiki/doku.php?id=example_hashes

This page is not uptodate. If you run hashcat.bin --help you get the following:

Code:
13400 | KeePass 1 (AES/Twofish) and KeePass 2 (AES) | Password Manager

29700 | KeePass 1 (AES/Twofish) and KeePass 2 (AES) - keyfile only mode | Password Manager
(11-27-2022, 10:56 AM)DerMagistrat Wrote: [ -> ]
(11-26-2022, 11:46 AM)marc1n Wrote: [ -> ]There is no such mod 29700 list available here https://hashcat.net/wiki/doku.php?id=example_hashes

This page is not uptodate. If you run hashcat.bin --help you get the following:

Code:
13400 | KeePass 1 (AES/Twofish) and KeePass 2 (AES) | Password Manager

29700 | KeePass 1 (AES/Twofish) and KeePass 2 (AES) - keyfile only mode | Password Manager

Ok this is mode to break keepass key file
(11-27-2022, 04:00 PM)marc1n Wrote: [ -> ]
(11-27-2022, 10:56 AM)DerMagistrat Wrote: [ -> ]
(11-26-2022, 11:46 AM)marc1n Wrote: [ -> ]There is no such mod 29700 list available here https://hashcat.net/wiki/doku.php?id=example_hashes

This page is not uptodate. If you run hashcat.bin --help you get the following:

Code:
13400 | KeePass 1 (AES/Twofish) and KeePass 2 (AES) | Password Manager

29700 | KeePass 1 (AES/Twofish) and KeePass 2 (AES) - keyfile only mode | Password Manager

Ok this is mode to break keepass key file

Ah, makes sense. Thank you!
29700 has been added to the example_hashes wiki page - thanks for the heads-up! Since it's the keyfile-only mode, it required a non-standard password that had to be footnoted, etc. so i can see why someone may have kicked that can down the road.