+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: cracking message not password is it possible? (/thread-10127.html)
cracking message not password is it possible? - wpassrecovery - 05-23-2021
hello,
forgive me if there was such question before but I could not find here something similar. I have salt and encrypted message (hash), here is JavaScript example decrypting the message:
Code:
var password = "hashcat123";
var passwordSHA256 = Crypto.SHA256(password);
var passwordBase64 = Crypto.util.bytesToBase64(Crypto.util.hexToBytes(passwordSHA256));
var salt = Crypto.util.base64ToBytes("<salt in base64>");
var key = Crypto.PBKDF2(passwordBase64, salt, 32, { hasher: Crypto.SHA256, asBytes: true, iterations: 5000 });
var message = "<smaller or bigger message in base64>";
var decrypted = Crypto.AES.decrypt(message, key, { mode: new Crypto.mode.CBC(Crypto.pad.iso10126), iterations: 20000 });
JSON.stringify(decrypted);
"\"{\\\"guid\\\":\\\".....rest of the messageso the decrypted message is not the password but arrays of strings, always begins like above. Is it possible to do it in hashcat?
I started new module based on src/modules/module_10900.c as the algorithms looks similar to me.
RE: cracking message not password is it possible? - atom - 05-24-2021
Yes, I think that's a regular structure of how almost all plugins look like. The only thing I'm unsure if the ' iterations: 20000' in relation to a decrypt function. From experience the term 'iteration' is something that should be related to the KDF, not the cipher. Maybe this is some hipster JavaScript option. All the other stuff is already available in the one or the other kernel and can be copied from there.
RE: cracking message not password is it possible? - wpassrecovery - 05-27-2021
thanks. I am not good at C, I have asked my brother to help me figure it out, than I think we could implement some of the SHA256 and PBKDF2 optimizers