+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: http authentication (/thread-7054.html)
http authentication - mos - 11-28-2017
hi
i have a http authentication and i want to crack with hashcat with SIP 11400 attack.
but i dont know how to order the data
the data for the example is:
Digest username="Mufasa",
realm="testrealm@host.com",
nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093",
uri="/dir/index.html",
qop=auth,
nc=00000001,
cnonce="0a4f113b",
response="6629fae49393a05397450978507c4ef1",
opaque="5ccc069c403ebaf9f0171e9517f40e41"
method : GET
the password for example is "Circle Of Life"
if i understand the sip and http authentication is the same algoritm
HA1=MD5(username:realm:password)HA2=MD5(method:digestURI)response=MD5(HA1:nonce:HA2)
can u help me?
RE: http authentication - philsmd - 11-28-2017
The format is as explained here: https://github.com/hashcat/hashcat/issues/1021 just this one:
$sip$*[URI_SERVER]*[URI_CLIENT]*[USERNAME]*[REALM]*[METHOD]*[URI_PREFIX]*[URI_RESOURCE]*[URI_SUFFIX]*[NONCE_SERVER]*[NONCE_CLIENT]*[NONCE_COUNT]*[QOP]*[DIRECTIVE]*[MD5]
Therefore your hash should look like this:
Code:
$sip$***Mufasa*testrealm@host.com*GET**/dir/index.html**dcd98b7102dd2f0e8b11d0f600bfb0c093*0a4f113b*00000001*auth*MD5*6629fae49393a05397450978507c4ef1BTW: Do NOT post hashes on the forum when not asked by a moderator/admin. You will get banned