+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Deprecated; Previous versions (https://hashcat.net/forum/forum-29.html)
+--- Forum: General Help (https://hashcat.net/forum/forum-8.html)
+--- Thread: Help me identify this salted hash? (/thread-5050.html)
Help me identify this salted hash? - losira - 01-17-2016
I got it from a MySQL5 database. I am a total novice as this stuff, so I need a bit of help
password: [40 character hash]
salt: [12 characters using letters and symbols like =|%$;]
I'm using cudahashcat and i thought the "MySQL4.1/MySQL5" would be the way to go, but aren't those hashes usually unsalted?
I also tried to give the hash to onlinehashcrack.com and they were unable to crack it.
I was thinking it would be either: sha1($pass.$salt) sha1($salt.$pass), but I am unsure.
Thanks for the help
RE: Help me identify this salted hash? - Mem5 - 01-17-2016
You cannot use hashcat "MySQL4.1/MySQL5" mode because your hash is salted.
onlinehashcrack.com do not crack Salted Mysql.
You can try one of :
sha1($pass.$salt)
sha1($salt.$pass)
sha1($salt.$pass.$salt)
But the best try is to know how the hash was built, try to read the webapp source code.
RE: Help me identify this salted hash? - losira - 01-18-2016
(01-17-2016, 08:32 PM)Mem5 Wrote: But the best try is to know how the hash was built, try to read the webapp source code.
Sorry, can you elaborate a bit on this? How could this tell me what formula was used?
RE: Help me identify this salted hash? - Mem5 - 01-18-2016
The application builds the hash. If you read the application source code, you will know which algo (mysql, sha1, etc) has been used, and how the salt+hash have been put together ($salt.$pass or $pass.$salt etc)