+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: 1Password - need help using hashcat (/thread-6514.html)
1Password - need help using hashcat - ForgotMP1P - 04-30-2017
Hi!
My last thread got deleted. I asked for help generating a rainbow table for money. I'm very sorry for that.
Anyway i got hashcat running and i was able to recover a test case. So i extracted the hash of the Key from the AgileKeychain and ran it against a textfile which contained my test case password.
Now i'm struggling a little bit as i need to do the following:
I know most of the parts of the forgotten password but i don't know if any of the characters are really used. May someone help me do something like this:
% OR § OR NO CHAR - as the Beginning
Lost
" OR § OR NO CHAR
Password
P.S.: Above is just what i need to achive, the password itself it's more complex but that would cover it pretty much.
RE: 1Password - need help using hashcat - ForgotMP1P - 04-30-2017
Oh and when i type in "§" - hashcat complains about this. It runs but the candidates are shown in HEX.
RE: 1Password - need help using hashcat - jimby - 05-01-2017
(04-30-2017, 08:01 PM)ForgotMP1P Wrote: Hi!
My last thread got deleted. I asked for help generating a rainbow table for money. I'm very sorry for that.
Anyway i got hashcat running and i was able to recover a test case. So i extracted the hash of the Key from the AgileKeychain and ran it against a textfile which contained my test case password.
Now i'm struggling a little bit as i need to do the following:
I know most of the parts of the forgotten password but i don't know if any of the characters are really used. May someone help me do something like this:
% OR § OR NO CHAR - as the Beginning
Lost
" OR § OR NO CHAR
Password
P.S.: Above is just what i need to achive, the password itself it's more complex but that would cover it pretty much.
It sound like you now have a hash, and you know the correct hash type. It also sounds like you are familiar with the structure of the password, (puncutation followed by word, followed by punctuation, followed by word - or similar).
If this is true, you can generate a list of candidate passwords using the comboleetor perl script. It is designed for this purpose - generating password candidates when the structure is known.
Have a look at http://www.jimby.name:81/comboleetor_latest/README.txt to see if it helps your case.
You can then feed your candidate list to hashcat.
Cheers,
Jim B.
RE: 1Password - need help using hashcat - ForgotMP1P - 05-01-2017
Thank you so much for your reply. I'll read through the README.
In hashcat i successfully used custom charsets but there's one problem left. I'm not sure if for example:
CUSTOM CHARSET 1 - %$§
?1SomePassword [...]
?1 is really there. The best would be, if hashcat can just do the following:
CUSTOM CHARSET 1 - %$§ NOTHING
So i get:
$SomePassword
$SomePassword
§SomePassword
SomePassword
RE: 1Password - need help using hashcat - undeath - 05-01-2017
§ is not an ascii character. Using it in masks or rules is problematic.
RE: 1Password - need help using hashcat - ForgotMP1P - 05-01-2017
Ok, i see. How to i handle this with hashcat?
Edit1:
And the main problem, how i can define, that $1 should be used but also it should try not adding $1
CHARSET 1: %&
Generated combinations:
%Password
&Password
Password
Edit2: I wrote a textfile with § and set the charset to Latin1 like in this wiki post:
https://hashcat.net/wiki/doku.php?id=frequently_asked_questions#how_to_deal_with_special_non-latin_characters_chinese_arabic_etc
Still seeing HEX... at the candidates list.
RE: 1Password - need help using hashcat - undeath - 05-01-2017
First you need to find out what encoding to use, then you can create a charset file: https://hashcat.net/wiki/doku.php?id=mask_attack#hashcat_charset_files
If you need a multibyte character (utf-8) you need to split everything into the individual bytes of the character.
RE: 1Password - need help using hashcat - ForgotMP1P - 05-01-2017
Ok, the 1password master password is not choosey:
https://support.1password.com/special-characters-in-master-password/
I just need the § char
Edit: I'm very concerned. My demo hash from yesterday doesn't encrypt anymore. WTF
I type in the demo password in 1Password and it unlocks the keychain. I use the exact same password in hashcat and it doesn't get encrypted.
RE: 1Password - need help using hashcat - ForgotMP1P - 05-01-2017
Okay, it's definitely the § char which messes all up.
RE: 1Password - need help using hashcat - ForgotMP1P - 05-02-2017
I tried the following:
CHARSET 1: [HEX]c2
CHARSET 2: [HEX]a7
This should result in §
Password?1?2
(http://blog.bitcrack.net/2013/09/cracking-hashes-with-other-language.html)
Guess what, it doesn't work. No error message but it just doesn't crack the password and as i'm using a demo password i'm 100% sure.