Yet another hash identification problem
#1
Hello there.

This here 40 byte hash is supposed to be decrypted to "hello":

167223c21ca0d4121bb5237afa89e644b9935208

I do suspect that it's a salted SHA, but neither Hashcat, nor JtR with all the latest patches applied recognize it as such.

What exactly am I dealing with here? Any input would be greatly welcomed.

Thanks.
#2
(03-31-2012, 06:28 PM)wflme Wrote: Hello there.

This here 40 byte hash is supposed to be decrypted to "hello":

167223c21ca0d4121bb5237afa89e644b9935208

I do suspect that it's a salted SHA, but neither Hashcat, nor JtR with all the latest patches applied recognize it as such.

What exactly am I dealing with here? Any input would be greatly welcomed.

Thanks.

Its sha1 or ripemd160.
My hashcat is happy to use a sa SHA1 hash but its not cracking to "hello".

#3
(03-31-2012, 06:40 PM)rurapenthe Wrote: Its sha1 or ripemd160.
My hashcat is happy to use a sa SHA1 hash but its not cracking to "hello".

HashCat is happy to crack any 40 characters.. but it wont find anything as long as it is NOT sha1..
i've generated all the possible hashes for "hello" in the length 40.. result = its not SHA1 for sure nor any of the well-know 40 bit hashes..
#4
(03-31-2012, 07:08 PM)M@LIK Wrote:
(03-31-2012, 06:40 PM)rurapenthe Wrote: Its sha1 or ripemd160.
My hashcat is happy to use a sa SHA1 hash but its not cracking to "hello".

HashCat is happy to crack any 40 characters.. but it wont find anything as long as it is NOT sha1..
i've generated all the possible hashes for "hello" in the length 40.. result = its not SHA1 for sure nor any of the well-know 40 bit hashes..

I tried it on 2 sites that crack passwords and both identified it as SHA1. unless its a false-positive. Hashcat usually complains if the hash is incorrect for the chosen hash-type. It doesnt either.
#5
(03-31-2012, 07:16 PM)rurapenthe Wrote: I tried it on 2 sites that crack passwords and both identified it as SHA1. unless its a false-positive. Hashcat usually complains if the hash is incorrect for the chosen hash-type. It doesnt either.

you, my dear friend, have no clue what you are talking about.
#6
(03-31-2012, 10:14 PM)undeath Wrote: you, my dear friend, have no clue what you are talking about.
xD
i just ignored him because of this..
rurapenthe: sorry amigo.. but its true
#7
osx 10.4-10.6 hash is 40 char salted sha1. maybe it's that?
#8
osx hashes are salted, but maybe the exporter forget to export the salt