Breaking SHA1-HMAC - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Deprecated; Previous versions (https://hashcat.net/forum/forum-29.html) +--- Forum: Old hashcat Support (https://hashcat.net/forum/forum-20.html) +--- Thread: Breaking SHA1-HMAC (/thread-2484.html) Pages:
1
2
|
Breaking SHA1-HMAC - feedworks - 07-31-2013 I am new to hashcat and trying to do a simple experiment. I generated a hash using the following: echo -n "abcd" | openssl dgst -sha1 -hmac 1234 It generated a hash: 8717c25d45b7c48e66d917255c6e5b9e15edc46c I would like to use hashcat to break this. How will I do it? I tried using the following and it gives me an error: line length exception hashcat-cli64.bin -m150 -a3 hashfile outputfile I have the above mentioned hash in the hashfile. I also have a GPU but I am NOT running oclHashcat-plus. I really appreciate any help. RE: Breaking SHA1-HMAC - Mangix - 07-31-2013 The hash is not formated correctly. see: https://hashcat.net/wiki/doku.php?id=example_hashes That command is also wrong. outfile should be replaced with a mask. see: http://hashcat.net/wiki/doku.php?id=mask_attack In this case a mask of ?l?l?l?l should crack it. I could be wrong but you might want mode 160 instead. Not sure. RE: Breaking SHA1-HMAC - philsmd - 07-31-2013 Code: $ cat dict.txt RE: Breaking SHA1-HMAC - feedworks - 07-31-2013 (07-31-2013, 06:01 PM)philsmd Wrote: What should I do if I only know the hash? Is it possible to break? I know the hash is generated using SHA1 HMAC and length of the key and length of the plain text. Thanks for your reply. RE: Breaking SHA1-HMAC - philsmd - 07-31-2013 Of course that is not good for attacking the hash, if you miss important information (the salt/key in general is known). You could try to generate a list of salts (e.g. w/ maskprocessor and a suitable mask) and use this output (say "dict") as an external salt file (-e). In this way you search for the correct salt + bruteforce etc the password. It is clear, that this takes way longer than knowing the salt! RE: Breaking SHA1-HMAC - feedworks - 08-01-2013 From One of the earlier replies - "In this case a mask of ?l?l?l?l should crack it." Where will I put that mask? Will it be part of dict.txt in our example? Thanks, Satish RE: Breaking SHA1-HMAC - toaster - 08-01-2013 Satish and I are working together on a school project - I have a quick question what if it is a truncated hash. Instead of having the full hash we know the message and the truncated hash - say we know abcd as the message and lets say we are limited in the hash length so only 8717 is available as the hash value. Would that improve the performance of hashcat in possibly finding collisions and keys that would provide the same resultant hash? RE: Breaking SHA1-HMAC - philsmd - 08-01-2013 Try it this way: 0. Check if the hash file is correct: Code: $ cat m0160.txt #masked 1. Generate external salts list (file: external_salts.txt): Code: $ ./hashcat-cli64.bin --stdout -a 3 ?d?d?d?d > external_salts.txt 2. Launch hashcat w/ whatever attack mode you want (but use -e external_salts.txt): Code: $ ./hashcat-cli64.bin --quiet -m 160 -e external_salts.txt m0160.txt --pw-min 4 -a 3 ?l?l?l?l Note: I am not totally sure if HMAC-SHA1 (160) + external salts (-e) were supposed to work so far, but I know that next version of cpu hashcat has support for it (I just tested it) RE: Breaking SHA1-HMAC - Mangix - 08-01-2013 (08-01-2013, 12:17 AM)feedworks Wrote: From One of the earlier replies - "In this case a mask of ?l?l?l?l should crack it." In the command you posted, replace outfile with ?l?l?l?l. edit: understand that -a 3 is a mask attack. -a 0 is a dictionary attack. Quote:Satish and I are working together on a school project - I have a quick question what if it is a truncated hash. Instead of having the full hash we know the message and the truncated hash - say we know abcd as the message and lets say we are limited in the hash length so only 8717 is available as the hash value. Would that improve the performance of hashcat in possibly finding collisions and keys that would provide the same resultant hash?There's a higher chance of getting a collision assuming a random distribution. As for actually improving performance....probably not. At best you could get false-positives. RE: Breaking SHA1-HMAC - toaster - 08-01-2013 (08-01-2013, 02:22 AM)philsmd Wrote: Try it this way: I tried the command: Code: ./hashcat-cli64.bin --stdout -a 3 ?d?d?d?d > external_salts.txt Unfortunately the redirection to external_salts.txt was actually outputting the EULA from hashcat and did not generate the salts this was do to hashcat expecting an input from the user (i.e. accepting the eula). I removed the redirection and let salts output to the screen and just manually did a copy paste into the externa_salts.txt. Afterwards when running the command: Code: $ ./hashcat-cli64.bin --quiet -m 160 -e external_salts.txt m0160.txt --pw-min 4 -a 3 ?l?l?l?l I received the following error: Skipping line 8717XXX45b7cXXX66d9XXX55c6e5b9eXXXXc46c (line length exception) No hashes loaded. Any further assistance and guidance is greatly appreciated.. |