hashcat Forum
Please help this newbie - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: Please help this newbie (/thread-11115.html)

Pages: 1 2


Please help this newbie - heather - 11-10-2022

My mother used a cloud storage with password to store her family photographs, and now—years later--, she only remembers part of the password.   The good news is that the password is short and she remembers all or most of the characters.  However, I’ve been struggling with hashcat for weeks, trying to figure out which settings to use for it to recognize the hash. 

I know that her account uses PBKDF2 with an “initialization vector”, and I’ve tried nearly every possible algorithm. The hash is not recognized.  
 
Two questions I’m struggling with are:  

Where do I use the initialization vector?   Does this hash need to be converted to base64, and if so, how can I do that? 
 
Any help would be appreciated.





Any help would be appreciated.


RE: Please help this newbie - marc1n - 11-11-2022

https://hashcat.net/wiki/doku.php?id=example_hashes


RE: Please help this newbie - heather - 11-11-2022

(11-11-2022, 11:03 AM)marc1n Wrote: https://hashcat.net/wiki/doku.php?id=example_hashes

For the last week, I've been using these examples, but I just can't get any to work with the hash.  It seems that the hash may need to be converted/combined, but I can't figure out how to do that.


RE: Please help this newbie - slyexe - 11-11-2022

(11-11-2022, 07:23 PM)heather Wrote: For the last week, I've been using these examples, but I just can't get any to work with the hash.  It seems that the hash may need to be converted/combined, but I can't figure out how to do that.

In other words, it sounds like your hashmode is unsupported by hashcat and a plugin or module would need to be built for it.


RE: Please help this newbie - heather - 11-12-2022

(11-11-2022, 10:52 PM)slyexe Wrote: In other words, it sounds like your hashmode is unsupported by hashcat and a plugin or module would need to be built for it.

As reminder, I have not even figured out how to incorporate the initialization vector into the hash.  Before determining it's "unsupported", wouldn't I need to do that first and then convert to base64?.  I'm so lost.  Can you tell me why you believe it's unsupported?


RE: Please help this newbie - b8vr - 11-12-2022

(11-12-2022, 01:57 AM)heather Wrote:
(11-11-2022, 10:52 PM)slyexe Wrote: In other words, it sounds like your hashmode is unsupported by hashcat and a plugin or module would need to be built for it.

As reminder, I have not even figured out how to incorporate the initialization vector into the hash.  Before determining it's "unsupported", wouldn't I need to do that first and then convert to base64?.  I'm so lost.  Can you tell me why you believe it's unsupported?

You have some sort of hash, right? Can you post it here?


RE: Please help this newbie - heather - 11-13-2022

Yes I can! 

 This is the IV hash:    

Code:
15bdb4a5-7d42-44df-8656-e2fbfadf938c

and this is the "key" hash:

Code:
f4bc9defa0dfea5e20bd4f774a4ec9302f64aa05775967236e5baceb986362be1f360d67e7a4228072c02ea43c7f3235



RE: Please help this newbie - drsnooker - 11-21-2022

Well if you know most of the characters, can't you just make a table of all permutations of the possible passwords and try them one at a time. It's not cracking the hash or using hashcat, but it might allow you to get your pictures back....


RE: Please help this newbie - Snoopy - 11-22-2022

Im not quite sure, but i think something missing.

How did you get the IV and hash from a cloudstorage? is there any export function? if yes, how can you export these data without primary signin in?

some other aspects like iterations are also not mentioned, i dont think that you have all the data you need to crack these password


RE: Please help this newbie - heather - 11-23-2022

(11-21-2022, 10:33 PM)drsnooker Wrote: Well if you know most of the characters, can't you just make a table of all permutations of the possible passwords and try them one at a time. It's not cracking the hash or using hashcat, but it might allow you to get your pictures back....

That's a good idea, but there are too many permutations (at least thousands) for me to try it by hand.