Trouble parsing Linux SHA512 hashes - lispustynny - 11-02-2022
Quote:PS C:\Users\ansga\Downloads\hashcat-6.2.6> more pawnhash.txt
pawn:$y$j9T$7JNmy6SCVxovLtOaUKDqC1$bC9GtLzjBzrSFilsBhUxWkUB538Mml7rqkdR9.bR.l3:19298:0:99999:7:::
PS C:\Users\ansga\Downloads\hashcat-6.2.6> .\hashcat.exe -m 1800 -a 0 .\pawnhash.txt .\rockyou.lst
hashcat (v6.2.6) starting
.\pawnhash.txt: Byte Order Mark (BOM) was detected
Successfully initialized the NVIDIA main driver CUDA runtime library.
Failed to initialize NVIDIA RTC library.
* Device #1: CUDA SDK Toolkit not installed or incorrectly installed.
CUDA SDK Toolkit required for proper device support and utilization.
Falling back to OpenCL runtime.
* Device #1: WARNING! Kernel exec timeout is not disabled.
This may cause "CL_OUT_OF_RESOURCES" or related errors.
To disable the timeout, see: https://hashcat.net/q/timeoutpatch
OpenCL API (OpenCL 3.0 CUDA 12.0.70) - Platform #1 [NVIDIA Corporation]
=======================================================================
* Device #1: NVIDIA GeForce GTX 1660 SUPER, 5440/6143 MB (1535 MB allocatable), 22MCU
Minimum password length supported by kernel: 0
Maximum password length supported by kernel: 256
Hashfile '.\pawnhash.txt' on line 1 (p): Token length exception
Failed to parse hashes using the 'shadow' format.
* Token length exception: 1/1 hashes
This error happens if the wrong hash type is specified, if the hashes are
malformed, or if input is otherwise not as expected (for example, if the
--username option is used but no username is present)
No hashes loaded.
Started: Wed Nov 02 19:04:06 2022
Stopped: Wed Nov 02 19:04:07 2022
I have did that long time ago without any problems but know I can't get it to work somehow, what am I missing?
I don't understand this linux hashing tbh, my login.defs says it is SHA512 but SHA512 should be 128 length hex afaik.
RE: Trouble parsing Linux SHA512 hashes - atom - 11-02-2022
Just save pawnhash.txt again but without the BOM
RE: Trouble parsing Linux SHA512 hashes - lispustynny - 11-02-2022
Quote:PS C:\Users\ansga\Downloads\hashcat-6.2.6> .\hashcat.exe -m 1800 -a 0 .\pawnhash3.txt .\rockyou.lst
hashcat (v6.2.6) starting
Successfully initialized the NVIDIA main driver CUDA runtime library.
Failed to initialize NVIDIA RTC library.
* Device #1: CUDA SDK Toolkit not installed or incorrectly installed.
CUDA SDK Toolkit required for proper device support and utilization.
Falling back to OpenCL runtime.
* Device #1: WARNING! Kernel exec timeout is not disabled.
This may cause "CL_OUT_OF_RESOURCES" or related errors.
To disable the timeout, see: https://hashcat.net/q/timeoutpatch
OpenCL API (OpenCL 3.0 CUDA 12.0.70) - Platform #1 [NVIDIA Corporation]
=======================================================================
* Device #1: NVIDIA GeForce GTX 1660 SUPER, 5440/6143 MB (1535 MB allocatable), 22MCU
Minimum password length supported by kernel: 0
Maximum password length supported by kernel: 256
Hashfile '.\pawnhash3.txt' on line 1 (pawn:$...7rqkdR9.bR.l3:19298:0:99999:7:::): Token length exception
* Token length exception: 1/1 hashes
This error happens if the wrong hash type is specified, if the hashes are
malformed, or if input is otherwise not as expected (for example, if the
--username option is used but no username is present)
No hashes loaded.
Started: Wed Nov 02 22:06:20 2022
Stopped: Wed Nov 02 22:06:21 2022
PS C:\Users\ansga\Downloads\hashcat-6.2.6> cat .\pawnhash3.txt
pawn:$y$j9T$7JNmy6SCVxovLtOaUKDqC1$bC9GtLzjBzrSFilsBhUxWkUB538Mml7rqkdR9.bR.l3:19298:0:99999:7:::
No BOM, still not working though
RE: Trouble parsing Linux SHA512 hashes - atom - 11-02-2022
You said it's SHA512, but it's not. It's yescrypt.
RE: Trouble parsing Linux SHA512 hashes - lispustynny - 11-03-2022
(11-02-2022, 11:33 PM)atom Wrote: You said it's SHA512, but it's not. It's yescrypt. Yeah I did mention that there is something odd about that cipher,
login.defs says ENCRYPT_METHOD SHA512 but I'm a simple guy I can't tell one byte-mixer from another, I don't even know what this yescript is and how to deal with it with hashcat, this doesn't seem like something very popular yet it seems they did that as the implicit default encrypt method in The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali)
RE: Trouble parsing Linux SHA512 hashes - atom - 11-03-2022
yescrypt is another hash which is currently not supported with hashcat. We will add support for it in a distant future when more distributions have switched to yescrypt.
RE: Trouble parsing Linux SHA512 hashes - b8vr - 11-04-2022
Yescrypt can be attacked using the scypt mode in John the Ripper.
RE: Trouble parsing Linux SHA512 hashes - 0xc0rvu5 - 01-15-2023
https://security.stackexchange.com/questions/252665/does-john-the-ripper-not-support-yescrypt
"Starting from Debian 11 / bullseye yescrypt is the default password hash so this will also work on recent builds of Debian derivative The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) Linux (The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali)-rolling):"
Still waiting on `yescrypt` for hashcat, but this works for now.
`sudo unshadow /etc/passwd /etc/shadow > hashes`
`sudo john hashes --format=crypt`
|