hashcat Forum
A Difficult Salting Method - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Deprecated; Previous versions (https://hashcat.net/forum/forum-29.html)
+--- Forum: General Help (https://hashcat.net/forum/forum-8.html)
+--- Thread: A Difficult Salting Method (/thread-4111.html)

A Difficult Salting Method - S.Doak - 02-21-2015

Hello everyone,

I am trying to use oclHashcat on some SHA-512 hashes, but the way they were constructed is very odd. The method is: "salt1 + Password + salt2 + length(Password)"

For example, if salt1 is "foo", salt2 is "bar" and the password is "password1", then the hash would be the SHA-512 of "foopassword1bar9" (where 9 is the number of characters in "password1").

My question is how can I set up oclHashcat to tackle such a challenge?

As an additional detail: I am planning on using some wordlists/dictionaries for the attack.

Thank you,

RE: A Difficult Salting Method - Rolf - 02-21-2015

Technically, you're dealing with a sha-512($salt1.$pass.$salt2), where $salt2 = $salt2.len($pass); it's just a number appended to salt2.
You'll have to filter your dictionaries / keyspace to a certain length and only attack hashes which have such length in the second salt (otherwise you're just wasting cycles).
But I don't see sha-512($salt1.$pass.$salt2) being supported by oclHashcat at the moment.
Hope this helps.

RE: A Difficult Salting Method - S.Doak - 02-21-2015

So there's no way to set up oclHashcat (or even standard Hashcat) to automatically handle this?

If not, I suppose I'll just work on writing something in C++ to handle this.

RE: A Difficult Salting Method - undeath - 02-22-2015

Correct. There is not.

RE: A Difficult Salting Method - S.Doak - 02-22-2015

Alright, thank you anyway.