Posts: 5
Threads: 1
Joined: Mar 2022
Hello.
The code to generate it is quite simple:
Code: [23] pry(main)> Devise::Encryptable::Encryptors::AuthlogicSha512.digest("12345", 20, "y9KxS8uhhfRZErYBb2mA", nil)
=> "2671d2e63de53eX3X2cc38X06fe8d664717Xe7d1afbcf0ebfbd3dbced3541ced7e00c98X0ad78f3fXeff6df26f2bbb1X3e4cae08fb98fc13b72e3Xd7d2c0Xd29"
Hash was obfuscated with "X", as demanded by rules.
This is a SHA512 algorithm, so I tried hashcat like this:
Code: [code]hashcat -m 1710 "2671d2e63de53eX3X2cc38X06fe8d664717Xe7d1afbcf0ebfbd3dbced3541ced7e00c98X0ad78f3fXeff6df26f2bbb1X3e4cae08fb98fc13b72e3Xd7d2c0Xd29:y9KxS8uhhfRZErYBb2mA"
12345[/code]
But the cracking status is "Exhausted" and
Code: hashcat -m 1710 --show "2671d2e63de53eX3X2cc38X06fe8d664717Xe7d1afbcf0ebfbd3dbced3541ced7e00c98X0ad78f3fXeff6df26f2bbb1X3e4cae08fb98fc13b72e3Xd7d2c0Xd29:y9KxS8uhhfRZErYBb2mA"
just show me nothing.
I guess something wrong with salt format, but I couldn't get what was wrong.
Posts: 893
Threads: 15
Joined: Sep 2017
03-22-2022, 02:10 PM
(This post was last modified: 03-22-2022, 02:11 PM by Snoopy.)
i think the problem is (given your example)
the hash algo is (pw, rounds/iterations?, salt and ???)
plain mode 1710 is pw: salt so the problem starts with iterations, iterations take the first output as input and hash it again, this is done (iterations) 20 times? so you have the result of
take this sha512: salt 20 times
repeat 20 times sha512( pw: salt)
so with mode 1710 you will not get the pw
next thing is what about nil? is it appended, prepended to your pass? so your pass ist nil12345 or 12345nil? or what is nil?
Posts: 5
Threads: 1
Joined: Mar 2022
03-22-2022, 02:41 PM
(This post was last modified: 03-22-2022, 02:46 PM by Dzam.)
(03-22-2022, 02:10 PM)Snoopy Wrote: the hash algo is (pw, rounds/iterations?, salt and ???) The hash algo takes (password, stretches (rounds/iterations), salt, pepper)
(03-22-2022, 02:10 PM)Snoopy Wrote: next thing is what about nil? is it appended, prepended to your pass? so your pass ist nil12345 or 12345nil? or what is nil?
nil is a pepper. I just didn't use it for hashing, that's why it's nil.
Posts: 893
Threads: 15
Joined: Sep 2017
03-22-2022, 03:00 PM
(This post was last modified: 03-22-2022, 04:50 PM by Snoopy.)
okay so you have iterations, salt and pepper
mode 1710 allows/accepts salt only
there is actual no mode (i think) in hashcat supporting this style of hash
EDIT: btw i think you mean nul or null not nil right?
Posts: 5
Threads: 1
Joined: Mar 2022
(03-22-2022, 03:00 PM)Snoopy Wrote: there is actual no mode (i think) in hashcat supporting this style of hash
Actually, I found some examples here.
This one for instance.
Code: 7400 sha256crypt $5$, SHA256 (Unix) 2 $5$rounds=5000$GX7BopJZJxPc/KEK$le16UF8I2Anb.rOrn22AUPWvzUETDGefUmAV8AZkGcD
And I tried it like this:
Code: $6$rounds=20$salt$hash
But I had an error "Token length exception"
I already cloned the source code and I'll try to figure it out or maybe add a new method that let me crack such hashes.
(03-22-2022, 03:00 PM)Snoopy Wrote: EDIT: btw i think you mean nul or null not nil right?
No, I mean exactly nil. This is Ruby.
Code: [2] pry(main)> 1 == nil
=> false
[3] pry(main)> nil.nil?
=> true
[4] pry(main)> nil.present?
=> false
Posts: 893
Threads: 15
Joined: Sep 2017
(03-23-2022, 02:27 PM)Dzam Wrote: (03-22-2022, 03:00 PM)Snoopy Wrote: there is actual no mode (i think) in hashcat supporting this style of hash
Actually, I found some examples here.
This one for instance.
Code: 7400 sha256crypt $5$, SHA256 (Unix) 2 $5$rounds=5000$GX7BopJZJxPc/KEK$le16UF8I2Anb.rOrn22AUPWvzUETDGefUmAV8AZkGcD
And I tried it like this:
Code: $6$rounds=20$salt$hash
But I had an error "Token length exception"
I already cloned the source code and I'll try to figure it out or maybe add a new method that let me crack such hashes.
yeah but there are still some problems, which will be the reasons you will need a new module
your provided output is salt.length=20 and hash.length=128
the module 1800 (the unix-style sha512scrypt) is build with this linux/unix style hash in mind which has the following defaults and restrictions
salt.length is 8-16, this leads to the first problem, your salt is 20 and therefore to long (token length exceptiopn)
rounds defaults to 5000, but has to be minimum 1000 (although i didnt see this anywhere in the module, so 20 should be fine)
BUT output.hash of mode 1800 sha512crypt is exact 86 chars long (this is fixed by this hashing standard) your output ist 128 -> plain sha512 lenght also resulting in an token length exception
your hash is plain sha512, generated by pw with salt, so the nearest module is still 1700 or 1710 but these modules lacks the abiltiy of adding rounds
when looking for a workaround i stumbled around with mkpasswd and openssl from linux but anyone of these have limitations such as round>=1000 or they cannot be fed with rounds
so jfyi
i did some quickndirty python script, its more or less the ruby code just for python (tested it with your input and was able to repoduce your hash)
i used timeit to test how long this script will run when feeding with plain numbers from 1-100.000, this took
Code: [5.271704000000001, 5.239788600000001, 5.2361591999999995, 5.285123599999999, 5.324203600000001]
so the "hashingrate" of script would be around 18.800 H/s, this is plain, i didnt used anything to parallize the work like python multiprocessing, mutlithreading
Posts: 5
Threads: 1
Joined: Mar 2022
(03-23-2022, 07:13 PM)Snoopy Wrote: i did some quickndirty python script, its more or less the ruby code just for python (tested it with your input and was able to repoduce your hash)
Wow, cool! Thanks ,you are encouraged me and I also wrote some python code to reproduce it:
Code: import hashlib
# Test word and salt
word = '12345'
salt = 'y9KxS8uhhfRZErYBb2mA'
# Make message from word and salt
message = word + salt
# Method to create hash (1 round) for a word
# Get word as a plain text
def gen_hash(word):
return hashlib.sha512(word.encode('utf-8')).hexdigest()
hex_hash = gen_hash(message)
# print(1, hex_hash)
rounds = 20
# Go through all rounds
for i in range(1, rounds):
hex_hash = gen_hash(hex_hash)
# print(i+1, hex_hash)
print(hex_hash)
I'll try to figure out how to add a new module for hashcat
Posts: 51
Threads: 0
Joined: Oct 2021
(03-25-2022, 08:42 AM)Dzam Wrote: I'll try to figure out how to add a new module for hashcat
New module is necessary, because your hashes have trash symbols "X", and these symbols should not be included in comparison.
P. S. I didn't find existing module for your algorithm, even for full hashes. Some modules (for example 1800) have similar algorithms and can be used as samples.
Posts: 893
Threads: 15
Joined: Sep 2017
(03-25-2022, 10:38 AM)nick8606 Wrote: (03-25-2022, 08:42 AM)Dzam Wrote: I'll try to figure out how to add a new module for hashcat
New module is necessary, because your hashes have trash symbols "X", and these symbols should not be included in comparison.
P. S. I didn't find existing module for your algorithm, even for full hashes. Some modules (for example 1800) have similar algorithms and can be used as samples.
the X was made by dzam because of forum rules not to post valid hashes as long not asked
Posts: 5
Threads: 1
Joined: Mar 2022
(03-25-2022, 03:14 PM)Snoopy Wrote: (03-25-2022, 10:38 AM)nick8606 Wrote: (03-25-2022, 08:42 AM)Dzam Wrote: I'll try to figure out how to add a new module for hashcat
New module is necessary, because your hashes have trash symbols "X", and these symbols should not be included in comparison.
P. S. I didn't find existing module for your algorithm, even for full hashes. Some modules (for example 1800) have similar algorithms and can be used as samples.
the X was made by dzam because of forum rules not to post valid hashes as long not asked
Exactly, thanks.
|