hashcat Forum
PBKDF2 AES 256/CBC - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: PBKDF2 AES 256/CBC (/thread-11107.html)

Pages: 1 2


PBKDF2 AES 256/CBC - hlore - 11-06-2022

I would like some help in determining which algorythm to use for decrypting the following hash that used PBKDF2 (AES 256/CBC).


Code:
9b968a5c3888d1b959bce46371dbc037c0874575af523467d3896fe608fdc2fb0ff122fdc9680c0bdd7aff0db66cf7b5


The password is testtesttest

I am not certain about the following, but I believe when the password is salted with 58248916-e804-465c-85d2-bd5da4a805cf, it generates,
Code:
fddb8f9b6a1e7c39ddefabe933f4104e2842d8e252b0cf1dd1a04457939ad47




Thank you.


RE: PBKDF2 AES 256/CBC - hlore - 11-07-2022

I inadvertently omitted a character in the salted hash (second hash) that I posted above. The correct salted hash is: 

Code:
1fddb8f9b6a1e7c39ddefabe933f4104e2842d8e252b0cf1dd1a04457939ad47



RE: PBKDF2 AES 256/CBC - hlore - 11-07-2022

Thank you.  I tried these on both hashes, but none worked.  However, I'm not sure how to format the hash with the salt.  Do I paste the salt at the beginning of the hash/key ?


RE: PBKDF2 AES 256/CBC - hlore - 11-07-2022

(11-07-2022, 09:46 PM)marc1n Wrote: https://hashcat.net/wiki/doku.php?id=example_hashes

Thanks again. Apologies for my nativity, but in looking at the example hashes of the 8 "recognized hashes", I don't see any obvious file separator where an iv/salt would be inserted.  Can you guide me a little more?  Thanks.


RE: PBKDF2 AES 256/CBC - hlore - 11-14-2022

I'm still struggling with this and hoping someone can give me a hint.  At this point, I'm trying to figure out how to combine the salt with the hash  The examples didn't help, unfortunately.  

Thanks


RE: PBKDF2 AES 256/CBC - ZerBea - 11-16-2022

Are you sure it is a hash or is it encrypted text?
Code:
$ echo -n 'the quick brown fox jumps over the lazy old dogs back' | openssl aes-256-cbc -e -salt -pbkdf2 -iter 10000 -out ciphertext.enc -p
enter AES-256-CBC encryption password: testtest
Verifying - enter AES-256-CBC encryption password:
salt=F903D4DDFAC55AF1
key=AD6197A8AE7A4AF2FD58B74FA4D1B5C7F4480B1BAD8A164D64652C4DD3EBDFC0
iv =EDA1AF9277A3BA6F4B4B14808D39A5D1

Will say that there is absolutely no chance to identify the underlying algorithm for your posted encrypted text.


RE: PBKDF2 AES 256/CBC - hlore - 11-17-2022

(11-16-2022, 08:46 PM)ZerBea Wrote: Are you sure it is a hash or is it encrypted text?

Thank you.  It is not encrypted text.  I further determined that the first string I posed is the hash, i.e.,

Code:
9b968a5c3888d1b959bce46371dbc037c0874575af523467d3896fe608fdc2fb0ff122fdc9680c0bdd7aff0db66cf7b5

and the salt is 

 58248916-e804-465c-85d2-bd5da4a805cf 



RE: PBKDF2 AES 256/CBC - ZerBea - 11-17-2022

In that case (it is a hash) hashcat isn't useful (PBKDF2-HMAC-AES-256-CBC) because it only provide this generic KDF functions:
Code:
11900 | PBKDF2-HMAC-MD5                                            | Generic KDF
12000 | PBKDF2-HMAC-SHA1                                           | Generic KDF
10900 | PBKDF2-HMAC-SHA256                                         | Generic KDF
12100 | PBKDF2-HMAC-SHA512                                         | Generic KDF



RE: PBKDF2 AES 256/CBC - hlore - 11-17-2022

(11-17-2022, 08:01 AM)ZerBea Wrote: In that case (it is a hash) hashcat isn't useful (PBKDF2-HMAC-AES-256-CBC) because it only provide this generic KDF functions:
Code:
11900 | PBKDF2-HMAC-MD5                                            | Generic KDF
12000 | PBKDF2-HMAC-SHA1                                          | Generic KDF
10900 | PBKDF2-HMAC-SHA256                                        | Generic KDF
12100 | PBKDF2-HMAC-SHA512                                        | Generic KDF


Thank you. Do you have any suggestions on what alternatives I might search for?


RE: PBKDF2 AES 256/CBC - hlore - 11-25-2022

I'm still trying to get this to work. If I can find the algorithm used to create the hash, is it difficult to create a module to use with Hashcat?