hashcat Forum
Need help recovering a password in HMAC-SHA256... - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: Need help recovering a password in HMAC-SHA256... (/thread-12215.html)



Need help recovering a password in HMAC-SHA256... - Paladin - 11-10-2024

Hi!

For a CTF challenge, I need to decode the password of a user of an Umbraco CMS.

Current versions of this CMS apparently support many different type of hashes, SHA1, HMAC-SHA256, PBKDF2 with HMAC-SHA1, PBKDF2 with HMAC-SHA256, what I have to decrypt is in HMAC-SHA256.

According to the information I got here and there, for this specific encoding at least, they store the salt first followed by the hash.

Both of them are stored in two separate base64 strings in the same field but because of the length of what they encoded there is always padding ("=") at the end.

From what I read it is unclear if they use the ASP.NET framework implementation of these or their own.

I have been a developer for a while now but I barely had to do related to cyphers and the like and I need help.

From looking at the examples it look like it might be hash mode 1450 or 1460, I am not totally sure of the difference between both 1450 is (key = $pass) and 1460 is (key = $salt) but I do not fully understand why it is important which one is the key since both are needed to verify the password.

I thought I had to decode the base64 hash and base64 salt, convert both to hex and put the hash on the left side, then ":", then the salt.

The password is in rockyou.txt.

I tried with both 1450 and 1460 and even tried inverting salt and hash in case I had somehow inverted them.

I tried attack mode 0 and 3 (I believe I need to use 3 to use a word list, right?).

Any idea as to what I might be doing wrong?

Thank you!