hashcat Forum

hashcat Forum > Support > hashcat > Help Desk password hash
Full Version: Help Desk password hash
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

lenobles

02-15-2019, 11:06 PM
I tried tosearch, but found no topics about this hash. Is is possible to use some rules or something else to Help Desk's hashing algoritm? It uses only sha1, but pre-hashing every symbols in password.

Function:
PHP Code:
function hesk_Pass2Hash($plaintext) {
   $majorsalt  '';
   $len strlen($plaintext);
   for ($i=0;$i<$len;$i++)
   {
       $majorsalt .= sha1(substr($plaintext,$i,1));
   }
   $corehash sha1($majorsalt);
   return $corehash;


I can convert wordlists to something like pre-rainbow tables, where each line is result of final $majorsalt (name from code example) and then put it to hashcat as wordlist, but it's not so fast...

ApexCracker

02-16-2019, 01:11 AM
converting wordlist is the best you can get as far as I'm concerned

atom

02-16-2019, 10:38 AM
Converted wordlist can't work in optimized mode or only up to 6 character passwords in pure mode. The only way to crack this is to write a separate hashcat kernel. Expect raw sha1 performance and divide by 20.
hashcat Forum > Support > hashcat > Help Desk password hash