+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Deprecated; Previous versions (https://hashcat.net/forum/forum-29.html)
+--- Forum: General Help (https://hashcat.net/forum/forum-8.html)
+--- Thread: A Difficult Salting Method (/thread-4111.html)
A Difficult Salting Method - S.Doak - 02-21-2015
Hello everyone,
I am trying to use oclHashcat on some SHA-512 hashes, but the way they were constructed is very odd. The method is: "salt1 + Password + salt2 + length(Password)"
For example, if salt1 is "foo", salt2 is "bar" and the password is "password1", then the hash would be the SHA-512 of "foopassword1bar9" (where 9 is the number of characters in "password1").
My question is how can I set up oclHashcat to tackle such a challenge?
As an additional detail: I am planning on using some wordlists/dictionaries for the attack.
Thank you,
Spencer
RE: A Difficult Salting Method - Rolf - 02-21-2015
Technically, you're dealing with a sha-512($salt1.$pass.$salt2), where $salt2 = $salt2.len($pass); it's just a number appended to salt2.
You'll have to filter your dictionaries / keyspace to a certain length and only attack hashes which have such length in the second salt (otherwise you're just wasting cycles).
But I don't see sha-512($salt1.$pass.$salt2) being supported by oclHashcat at the moment.
Hope this helps.
RE: A Difficult Salting Method - S.Doak - 02-21-2015
So there's no way to set up oclHashcat (or even standard Hashcat) to automatically handle this?
If not, I suppose I'll just work on writing something in C++ to handle this.
RE: A Difficult Salting Method - undeath - 02-22-2015
Correct. There is not.
RE: A Difficult Salting Method - S.Doak - 02-22-2015
Alright, thank you anyway.