hashcat Forum

hashcat Forum > Deprecated; Previous versions > General Help > Help me identify this salted hash?
Full Version: Help me identify this salted hash?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

losira

01-17-2016, 03:31 AM
I got it from a MySQL5 database. I am a total novice as this stuff, so I need a bit of help

password: [40 character hash]
salt: [12 characters using letters and symbols like =|%$;]

I'm using cudahashcat and i thought the "MySQL4.1/MySQL5" would be the way to go, but aren't those hashes usually  unsalted?

I also tried to give the hash to onlinehashcrack.com and they were unable to crack it.

I was thinking it would be either: sha1($pass.$salt) sha1($salt.$pass), but I am unsure.

Thanks for the help

Mem5

01-17-2016, 08:32 PM
You cannot use hashcat "MySQL4.1/MySQL5" mode because your hash is salted.

onlinehashcrack.com do not crack Salted Mysql.

You can try one of :
sha1($pass.$salt)
sha1($salt.$pass)
sha1($salt.$pass.$salt)

But the best try is to know how the hash was built, try to read the webapp source code.

losira

01-18-2016, 11:02 PM
(01-17-2016, 08:32 PM)Mem5 Wrote: [ -> ]But the best try is to know how the hash was built, try to read the webapp source code.

Sorry, can you elaborate a bit on this? How could this tell me what formula was used?

Mem5

01-18-2016, 11:18 PM
The application builds the hash. If you read the application source code, you will know which algo (mysql, sha1, etc) has been used, and how the salt+hash have been put together ($salt.$pass or $pass.$salt etc)
hashcat Forum > Deprecated; Previous versions > General Help > Help me identify this salted hash?