How to solve some strange hash of hack.chat

How to solve some strange hash of hack.chat - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: How to solve some strange hash of hack.chat (/thread-10907.html)

How to solve some strange hash of hack.chat - huolongguo10 - 07-27-2022

I have a hash algorithm:

Code:
const hash = (password) => {

  const sha = crypto.createHash('sha256');

  sha.update(password+SALT);

  return sha.digest('base64').substr(0, 6);

};

But it just uses first 6 bytes after base64.
How can I solve it?

RE: How to solve some strange hash of hack.chat - DanielG - 07-27-2022

This is not something hashcat can do. Also the first 6 bytes of base64 only gives you the first 4 bytes of the hash. So you lose 224 bits of info about the hash. This will result in *a lot* of false positives for the password+SALT combination resulting in those 4 bytes.

I doubt this is worth your time.

RE: How to solve some strange hash of hack.chat - huolongguo10 - 07-27-2022

(07-27-2022, 09:48 AM)DanielG Wrote: This is not something hashcat can do. Also the first 6 bytes of base64 only gives you the first 4 bytes of the hash. So you lose 224 bits of info about the hash. This will result in *a lot* of false positives for the password+SALT combination resulting in those 4 bytes.

I doubt this is worth your time.

Oh I just need to get one possible answer of the password.

RE: How to solve some strange hash of hack.chat - Snoopy - 07-27-2022

(07-27-2022, 01:46 PM)huolongguo10 Wrote:
(07-27-2022, 09:48 AM)DanielG Wrote: This is not something hashcat can do. Also the first 6 bytes of base64 only gives you the first 4 bytes of the hash. So you lose 224 bits of info about the hash. This will result in *a lot* of false positives for the password+SALT combination resulting in those 4 bytes.

I doubt this is worth your time.
Oh I just need to get one possible answer of the password.

do you know the salt and the 6 bytes? if yes, implement this "algorithm" in any programming/scripting language and feed this with bruteforce generated strings and break when this algo hits your 6 bytes (feeding incrementing numbers only maybe also work) well this sounds like a funny "give it a try" project for tomorrow (i will try to find a collision with numbers for sha(string+SALT)