+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: bcrypt hash generator (/thread-11533.html)
bcrypt hash generator - blaster666 - 08-02-2023
I am going to test some hashcat , and I decided to get hashes from online encoders.
But for testing, I need information to be correct.
I could easily find online md5 encryptor, and seems like it is working correct.
But for bcrypt , it seems not ok, I will attach screenshoot, to explain what I mean.
Could you advice me any trusted bcrypt encoder, so the pentesting tests will be correct?
RE: bcrypt hash generator - royce - 08-02-2023
(We don't say "encrypting" / "decrypting" when we talk about password hashes - we "hash" them, and then "crack" them)
Not sure why that online hashing tool wouldn't validate - can you actually crack that hash with hashcat?
Other options:
'test.pl' that is distributed with hashcat can hash bcrypt in bulk. It defaults to cost factor 5, but you could tweak the source to increase that. It does require installing a couple of additional Perl modules.
$ echo blah | test.pl passthrough 3200
$2a$05$MRGuLhi2MBKzMRCwKBSxKOlusRYXA6CPIKQUoL0RSTlEFzcD0xRdi
You can also use `htpasswd -bnBC 10 "" [password]`
mdxfind -z works for some hashes, but doesn't appear to work for bcrypt.