+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: 72hex —-» MD5(32hex)+SHA1(40hex) (/thread-10275.html)
72hex —-» MD5(32hex)+SHA1(40hex) - mshibo - 08-16-2021
Extracted this hash out of GalleryVault android app and need an explanation how to decrypt it.
The hash extracted from kidd.xml file located at the system-root directory of the app.
<string name="LockPin">2F059A5F49AAFD2127DD6065494A91FF5B515E46A5F1BC60BE71C3DB0DF946BD0548C145</string>
Searching around, found a PDF talking about that, it mentioned that the hash is MD5(32hex)+SHA1(40hex) and it said we can do "Swap attack".
2021-08-16_20-29-50.png (Size: 77.82 KB / Downloads: 16)
RE: 72hex —-» MD5(32hex)+SHA1(40hex) - atom - 08-17-2021
Well should be simple. What's the password of that hash?
RE: 72hex —-» MD5(32hex)+SHA1(40hex) - Snoopy - 08-17-2021
its vice versa in this case (was just playing around with this), first sha1 then md5, given this
2F059A5F49AAFD2127DD6065494A91FF5B515E46 (sha-1)
A5F1BC60BE71C3DB0DF946BD0548C145 (md5)
the passwords / lockpin is just plain 6 numbers ...so you can bruteforce this md5 on your own quite fast
or use any of the known lookuptablesand yes sha1(pw) == md5(pw)
RE: 72hex —-» MD5(32hex)+SHA1(40hex) - mshibo - 08-17-2021
This was really helpful.
I could crack both hashes using hashcat (-m 0 & 100) and got the same 6-digit numeric password.
Thank you so much.