+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Deprecated; Ancient Versions (https://hashcat.net/forum/forum-46.html)
+--- Forum: Very old oclHashcat-lite Support (https://hashcat.net/forum/forum-22.html)
+--- Thread: md5(salt.pass) troubles and tricks (/thread-1437.html)
md5(salt.pass) troubles and tricks - d0znpp - 08-06-2012
Hi all,
I'm use oclHashcat-lite-0.10 with HD6990 on Debian sid.
Need to brute md5($salt.$pass) hash, but could not find it in hash types ;(
Salt is 12345678
Pass is 8 bytes of [a-Z0-9]
First solution to brute it:
Code:
./oclHashcat-lite64.bin --gpu-accel 800 --gpu-loops 1024 --gpu-temp-disable --outfile-watch 0 --restore-timer 0 --custom-charset1 ?l?d?u --hash-type 0 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa' SALT1234?1?1?1?1?1?1?1?1
Got low speed (~370M/sec), while salt has 4 byte or more.
While salt has 3 bytes speed is ~8600M/sec
While salt has 1-2 bytes speed is ~10800M/secSecond trick to brute:
Code:
./oclHashcat-lite64.bin --gpu-accel 800 --gpu-loops 1024 --gpu-temp-disable --outfile-watch 0 --restore-timer 0 --custom-charset1 ?l?d?u --custom-charset2 SALT1234 --hash-type 0 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa' ?2?2?2?2?2?2?2?2?1?1?1?1?1?1?1?1
Speed is ~10800M/secHow to set --pw-skip to skip false combinations?
I can not understand in what sequence will move the characters from the ?2 charset
RE: md5(salt.pass) troubles and tricks - undeath - 08-06-2012
you can try the OSC hash mode.
RE: md5(salt.pass) troubles and tricks - d0znpp - 08-06-2012
(08-06-2012, 12:59 AM)undeath Wrote: you can try the OSC hash mode.
i'm sorry. What is OSC?
Quote:MD5
md5($pass.$salt)
Joomla
SHA1
nsldap, SHA-1(Base64), Netscape LDAP SHA
sha1($pass.$salt)
nsldaps, SSHA-1(Base64), Netscape LDAP SSHA
Oracle 11g
MSSQL(2000)
MSSQL(2005)
MySQL
MD4
md4($pass.$salt)
NTLM
Domain Cached Credentials, mscash
SHA256
sha256($pass.$salt)
descrypt, DES(Unix), Traditional DES
SHA512
sha512($pass.$salt)
SL3
Cisco-PIX MD5
Double MD5
vBulletin < v3.8.5
vBulletin > v3.8.5
IPB2+, MyBB1.2+
LM
Oracle 7-10g, DES(Oracle)
RE: md5(salt.pass) troubles and tricks - undeath - 08-06-2012
uhm, sorry. Seems like OSC is not supported by lite. Due to the way lite works you should not use a mask like 12345678?1?1?1?1 ... because lite relies on the first part of the plaintext not to be fixed. Else you will get very low speed. Better use plus for this job.
RE: md5(salt.pass) troubles and tricks - d0znpp - 08-06-2012
OSC is md5($pass.$salt)
i need md5($salt.$pass)
any suggestions?
RE: md5(salt.pass) troubles and tricks - undeath - 08-06-2012
OSC is md5(salt.pass), however it is not supported by lite. Read my other post.
RE: md5(salt.pass) troubles and tricks - d0znpp - 08-06-2012
OSC is md5($pass.$salt), not md5($salt.$pass) and $salt has only 2 bytes.
Try oclHashcat-plus to understand that.
RE: md5(salt.pass) troubles and tricks - M@LIK - 08-06-2012
3947a147feac6b17e0937edbcd5bdff3:12:osCommerce
f63f4265660e1e80a27cfe7f97eba23d:c6:hashes
9e976555d232c95b69de92478c67389f:f6:are
5d3b86659593f8154ea272476c19f0f1:27:md5($salt.$pass)
ecec4eea1802097a51c2609f73ae9f3c:ca:!!
RE: md5(salt.pass) troubles and tricks - d0znpp - 08-06-2012
Hmm. Really strange
But anyway my salt has 8 bytes, not 2.
RE: md5(salt.pass) troubles and tricks - mastercracker - 08-06-2012
(08-06-2012, 04:06 AM)d0znpp Wrote: Hmm. Really strangeJust make a rule to prepend your salts to every password and use plain MD5 (-m 0) with oclhashcat-plus. However, this will cover only password from 1 to 7 characters. If you truncate your salt and put part as salt and part in the rule file you can increase it to 9 characters (using -m 21) but it starts to be a lot of trouble. From what I have understood, the next version of -plus will have generic mode again that you will be able to use.
But anyway my salt has 8 bytes, not 2.