http authentication - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Support (https://hashcat.net/forum/forum-3.html) +--- Forum: hashcat (https://hashcat.net/forum/forum-45.html) +--- Thread: http authentication (/thread-7054.html) |
http authentication - mos - 11-28-2017 hi i have a http authentication and i want to crack with hashcat with SIP 11400 attack. but i dont know how to order the data the data for the example is: Digest username="Mufasa", realm="testrealm@host.com", nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093", uri="/dir/index.html", qop=auth, nc=00000001, cnonce="0a4f113b", response="6629fae49393a05397450978507c4ef1", opaque="5ccc069c403ebaf9f0171e9517f40e41" method : GET the password for example is "Circle Of Life" if i understand the sip and http authentication is the same algoritm HA1=MD5(username:realm:password)HA2=MD5(method:digestURI)response=MD5(HA1:nonce:HA2) can u help me? RE: http authentication - philsmd - 11-28-2017 The format is as explained here: https://github.com/hashcat/hashcat/issues/1021 just this one: $sip$*[URI_SERVER]*[URI_CLIENT]*[USERNAME]*[REALM]*[METHOD]*[URI_PREFIX]*[URI_RESOURCE]*[URI_SUFFIX]*[NONCE_SERVER]*[NONCE_CLIENT]*[NONCE_COUNT]*[QOP]*[DIRECTIVE]*[MD5] Therefore your hash should look like this: Code: $sip$***Mufasa*testrealm@host.com*GET**/dir/index.html**dcd98b7102dd2f0e8b11d0f600bfb0c093*0a4f113b*00000001*auth*MD5*6629fae49393a05397450978507c4ef1 BTW: Do NOT post hashes on the forum when not asked by a moderator/admin. You will get banned |