+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: Recover Password from md5 (/thread-11814.html)
Recover Password from md5 - rahhal81 - 02-08-2024
Hello,
step to generate this code :
md5($hash.$pass.$salt)
Example 1:
hash = c07845847e682be54a8fc912963df26e
salt = 50001711302155
md5 = 11b0c79af9ceb4a9d4ed1bb6f24aa6d8
pass = ??
**. md5($hash.$pass.$salt)
11b0c79af9ceb4a9d4ed1bb6f24aa6d8(c07845847e682be54a8fc912963df26e.$pass.50001711302155)
Example 2:
hash = a219d00bb4fe336bc48e955bf3863585
salt = 50001711302155
md5 = 7702deed0256ef03e5985276a8ecfffd
pass = ??
**. md5($hash.$pass.$salt)
7702deed0256ef03e5985276a8ecfffd(a219d00bb4fe336bc48e955bf3863585.$pass.50001711302155)
** both example have same password, what the way to recover the password for this examples ,
i just register here and i dont have good experiance with this code .
i need help if some body can help me, thanks in advance .
** the password for this 2 examples its : "z9R6hdtFWagU"
thanks
RE: Recover Password from md5 - Snoopy - 02-08-2024
(02-08-2024, 08:56 AM)rahhal81 Wrote: Hello,
step to generate this code :
md5($hash.$pass.$salt)
Example 1:
hash = c07845847e682be54a8fc912963df26e
salt = 50001711302155
md5 = 11b0c79af9ceb4a9d4ed1bb6f24aa6d8
pass = ??
**. md5($hash.$pass.$salt)
11b0c79af9ceb4a9d4ed1bb6f24aa6d8(c07845847e682be54a8fc912963df26e.$pass.50001711302155)
Example 2:
hash = a219d00bb4fe336bc48e955bf3863585
salt = 50001711302155
md5 = 7702deed0256ef03e5985276a8ecfffd
pass = ??
**. md5($hash.$pass.$salt)
7702deed0256ef03e5985276a8ecfffd(a219d00bb4fe336bc48e955bf3863585.$pass.50001711302155)
** both example have same password, what the way to recover the password for this examples ,
i just register here and i dont have good experiance with this code .
i need help if some body can help me, thanks in advance .
** the password for this 2 examples its : "z9R6hdtFWagU"
thanks
do you know how your "hash" is generated? because this way (same pass and same salt) why does the "hash" changes?
for your examples it seems more like md5($random_salt.$pass.$fixed_salt)
RE: Recover Password from md5 - rahhal81 - 02-08-2024
Hi
Thanks for reply , yes i know how hash its generate , my main point how can i found the password
And some time i have different examples but sharing same password there is to compare to example to
Make sure i git the right password.
Thanks
How can i use hashcat software or script to found the password.
Thanks
RE: Recover Password from md5 - Snoopy - 02-08-2024
i need to know how your hash is generated to answer correctly because when password and salt are part of it, there will be no easy way for you to recover any password
but lets assume and take your examples
crackme.txt contains your md5:salt
Code:
11b0c79af9ceb4a9d4ed1bb6f24aa6d8:50001711302155
7702deed0256ef03e5985276a8ecfffd:50001711302155masks.txt contains the bruteforceinput but this needs the "hash" as prefix
Code:
?l?u?d,c07845847e682be54a8fc912963df26e?1?1?1?1?1?1?1?1?1?1?1?1
?l?u?d,a219d00bb4fe336bc48e955bf3863585?1?1?1?1?1?1?1?1?1?1?1?1but running this results in a bufferoverflow as 62^12 is more than hashcats max of 2^64 possibilites, so i reduced the keyspace to your input pass
masks.txt
Code:
z9R6hdtFWagU,c07845847e682be54a8fc912963df26e?1?1?1?1?1?1?1?1?1?1?1?1
z9R6hdtFWagU,a219d00bb4fe336bc48e955bf3863585?1?1?1?1?1?1?1?1?1?1?1?1hashcat --status -O -m10 -a3 crackme.txt masks.txt
this should result (i tested it with a shorter pass) in cracking your 2 examples BUT as you see, you need to know your "hash" beforehand, thus you will need to generate your masks also beforehand and then you need to remove these prefixes from the results found in your potfile
and as mentioned, lower upper and digits will result in a bufferoverflow for passes longer than 10
RE: Recover Password from md5 - rahhal81 - 02-08-2024
(02-08-2024, 06:15 PM)Snoopy Wrote: i need to know how your hash is generated to answer correctly because when password and salt are part of it, there will be no easy way for you to recover any password
but lets assume and take your examples
crackme.txt contains your md5alt
Code:11b0c79af9ceb4a9d4ed1bb6f24aa6d8:50001711302155
7702deed0256ef03e5985276a8ecfffd:50001711302155
masks.txt contains the bruteforceinput but this needs the "hash" as prefix
Code:?l?u?d,c07845847e682be54a8fc912963df26e?1?1?1?1?1?1?1?1?1?1?1?1
?l?u?d,a219d00bb4fe336bc48e955bf3863585?1?1?1?1?1?1?1?1?1?1?1?1
but running this results in a bufferoverflow as 62^12 is more than hashcats max of 2^64 possibilites, so i reduced the keyspace to your input pass
masks.txt
Code:z9R6hdtFWagU,c07845847e682be54a8fc912963df26e?1?1?1?1?1?1?1?1?1?1?1?1
z9R6hdtFWagU,a219d00bb4fe336bc48e955bf3863585?1?1?1?1?1?1?1?1?1?1?1?1
hashcat --status -O -m10 -a3 crackme.txt masks.txt
this should result (i tested it with a shorter pass) in cracking your 2 examples BUT as you see, you need to know your "hash" beforehand, thus you will need to generate your masks also beforehand and then you need to remove these prefixes from the results found in your potfile
and as mentioned, lower upper and digits will result in a bufferoverflow for passes longer than 10
Hi ,
The hash i generated its not part off salt or password . u can say as random from salt2 but always i know all information. But the password only missing ,
*. hash for salt2 = always i know
*. Salt = i know
*. md5 = i know
*. Password = missing
That what i mean . Need recover password
Thanks
RE: Recover Password from md5 - Snoopy - 02-08-2024
well i wrote how to recover but you need your hash/salt2 and depending on keyspace you are limited to a specific lenght
RE: Recover Password from md5 - nick8606 - 02-09-2024
(02-08-2024, 04:42 PM)rahhal81 Wrote: How can i use hashcat software or script to found the password.
Your algorithm can be defined as md5($salt1.$pass.$salt2). It is absent in current list of algorithms supported by hashcat.
Possible solutions:
1. Using module md5($pass.$salt) and $salt1 as prefix part of password.
2. Using module md5($salt.$pass) and $salt2 as suffix part of password.
3. Creating and using new module for exact algorithm md5($salt1.$pass.$salt2).