+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Deprecated; Previous versions (https://hashcat.net/forum/forum-29.html)
+--- Forum: Old hashcat Support (https://hashcat.net/forum/forum-20.html)
+--- Thread: Hash seems simple but i can't identify it (/thread-5441.html)
Hash seems simple but i can't identify it - afanasidodik - 05-08-2016
Hello everyone, i m testing web application, and made an account with simple password and got a hash like this:
c2tuXllXXXXyXnXXdXXxajXjXXhXdz09
Then i made another account with the same password and got the same hash. I suppose there is no salt in it.
So i tried with hash-identifier (which showed me MD5 ) and HashID (which showed me DNSSEC NSEC3)
I proceeded with the hashcat and tried to "crack" it with the dictionary (my password in it):
Code:
hashcat -m 0 -a 0 -o found.txt --remove testmyhash.txt bigpass.txtQuote:Input.Mode: Dict (bigpass.txt)
Index.....: 3/3 (segment), 960618 (words), 10499593 (bytes)
Recovered.: 0/1 hashes, 0/1 salts
Speed/sec.: - plains, - words
Progress..: 960618/960618 (100.00%)
Running...: --:--:--:--
Estimated.: --:--:--:--
with no results , also tried dictionary with only one password (correct one)
and i m confused. All right, maybe it is NSEC3 (that method looks very rare), and i need oclhashcat to "crack" that. Videocard only in my windows pc. I'm doing this:
Code:
cudahashcat64.exe -m 8300 -a 0 -o found.txt --remove testmyhash.txt bigpass.txtbut it keeps yelling at me:
Quote:WARNING: Hash 'testmyhash.txt' Line-length exception
Is there a method which helps me to identify hash algorithm if i know the password? Is it really NSEC3? Thanks in advance.
RE: Hash seems simple but i can't identify it - epixoip - 05-08-2016
Hash identification programs like HashID are worthless because the only hashes that can be positively identified are those that have signatures, and if a hash has a signature, you don't need some program to identify it. Hashes without signatures can quite literally be anything. There's an infinite number of possibilities. A string of 32 hex characters could literally be an infinite number of things. You're just going to have to make educated guesses. DNSSEC is not an educated guess.
RE: Hash seems simple but i can't identify it - afanasidodik - 05-08-2016
Thanks very much, i will try to guess changing the -m parameter in hashcat program.
RE: Hash seems simple but i can't identify it - FlippingGerman - 05-10-2016
If you don't get anywhere try a simple script with your known password to test every mode hashcat does. If it's there, it'll find it. If not, then you have to use something else anyway.