Noob here, need help understanding what went wrong - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Deprecated; Previous versions (https://hashcat.net/forum/forum-29.html) +--- Forum: General Help (https://hashcat.net/forum/forum-8.html) +--- Thread: Noob here, need help understanding what went wrong (/thread-2403.html) |
Noob here, need help understanding what went wrong - jambajuicer103 - 06-25-2013 Hi! I'm new to Hashcat. I'm using the Hashcat GUI because I'm not too familiar with hashcat itself, and I just want to see how long it would actually take to crack a single MD5 hash from a cisco config here. It's one that I actually made, and I already know the password, which is "cisco", which is the equivalent of $sdf$6978yhg$jnb76sd I'm trying to get the cracker running properly but I can not for the life of me figure out what I'm doing wrong. The error that I'm always getting after hashcat starts running is Skipping line: $sdf$6978yhg$jnb76sd (line length exception) ..now, I've checked the forums and made sure that the cracker is pointing to my text file with my hash above, and am using a dictionary file with the password in it, but no matter how I config hashcat, it always gives me this error above. I'm using the config of "md5crypt, MD5(Unix), Freebsd MD5, Cisco IOS MD5" which seems ideal since I'm dealing with a Cisco hash. I'm not really sure how to make this work, but maybe the hash generated by my cisco device is shorter than what hashcat can work with? I've checked and double checked the text file and there are no trailing space before or after my hash. I'm pretty stumped and would appreciate some help? RE: Noob here, need help understanding what went wrong - epixoip - 06-25-2013 cisco type 5 hashes start with $1$, not $sdf$ i'm not a networking guy and don't really do much with cisco devices, so i'm unsure what password type this is. but i know it's not type 4, type 5, or type 7. can you give more details? what device was this obtained from? how did you obtain the hash? RE: Noob here, need help understanding what went wrong - jambajuicer103 - 06-25-2013 This was something I got from a Boson Network Simulator simulating a Cisco 2811 (2800 series) router. the running config shows this: Enable secret 5 $sdf$6978yhg$jnb76sd as I don't actually have a cisco device, I have to use emulators and simulators to learn the gear. but if this is true that cisco hashes dont start with $sdf$, then that is very interesting - perhaps this is the simulator? I'll check. i'll try running a similar 2800 device IOS on GNS3 instead of Boson tomorrow, and see if I can get the same hash from a different emulator. on the other hand, if my hash here isn't a typical cisco MD5 hash, then what does it most resemble? I've tried running most every config in hashcat and every one tells me that the hash string isn't of a proper length. RE: Noob here, need help understanding what went wrong - epixoip - 06-25-2013 (06-25-2013, 11:00 AM)jambajuicer103 Wrote: Enable secret 5 $sdf$6978yhg$jnb76sd this seems to be specific to the emulator you are using, that's not what a type 5 hash looks like at all. doing some googling, it seems the only people who have encountered such a format are people using simulators. and it seems to always be that same string. (06-25-2013, 11:00 AM)jambajuicer103 Wrote: on the other hand, if my hash here isn't a typical cisco MD5 hash, then what does it most resemble? resembles garbage doesn't look like a hash at all. RE: Noob here, need help understanding what went wrong - epixoip - 06-25-2013 if you would like some real type 5 hashes to play with, try these: Code: $1$wjaaNYa2$//NvClG8NIGKy4jb06H0x/ these are actually from examples/A0.M500.hash RE: Noob here, need help understanding what went wrong - jambajuicer103 - 06-25-2013 Thank you so much epixoip! It would have taken me quite awhile to figure out that it wasn't even a real hash. This had me really stumped. I am now happily playing around with the hashes you gave me and I'm not having any problems. next time i generate some hashes I'll make sure that they are the real thing and not some fake hash generated in a simulator. |