My practice attempt to decrypt a SHA-256 hash of an IP address - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Support (https://hashcat.net/forum/forum-3.html) +--- Forum: hashcat (https://hashcat.net/forum/forum-45.html) +--- Thread: My practice attempt to decrypt a SHA-256 hash of an IP address (/thread-7328.html) Pages:
1
2
|
My practice attempt to decrypt a SHA-256 hash of an IP address - djangofan - 02-26-2018 My practice attempt to decrypt a SHA-256 hash of an IP address. Has anyone here tried this? https://github.com/djangofan/hashcat-crack-ip I generated the SHA-256 hashed IP from this website: https://passwordsgenerator.net/sha256-hash-generator/ I made 2 scripts (in the above Github repo): 1. crackit.sh : -a 1 left right 2. crackitBruteForce.sh : -a 3 ?d?d?d.?d?d?d.?d?d?d.?d?d?d Am I doing this right? The process only seems to be using 1 CPU on the brute force attack. How do I get it to consume more CPU cores? -Jon RE: My practice attempt to decrypt a SHA-256 hash of an IP address - royce - 02-26-2018 Your example in crackitBruteForce.sh will only match three-digits-per-octet IPs (111.111.111.111) and miss other possibilities (111.111.111.1, 1.1.1.1, 11.11.11.11, etc.) This is closer: https://pastebin.com/4HQ6C8gG Are you using GPU? iff not, when using only CPU (-D 1), hashcat should use all cores. RE: My practice attempt to decrypt a SHA-256 hash of an IP address - djangofan - 02-26-2018 royce, thanks for the answer! I still have 2 questions:
b. how do I change this parameter to match 1-3 digits in each part of the ip address? c. I tried using --increment but it didn't work . (perhaps my syntax was wrong? i was expecting each custom defined charset to be incremented 1-3 times) : hashcat ./hashedIPs.txt --outfile-format=2 -o outfile.txt -m 1400 --custom-charset1=?d?d?d --custom-charset2=?d?d?d --custom-charset3=?d?d?d --custom-charset4=?d?d?d --increment -a 3 ?1.?2.?3.?4
RE: My practice attempt to decrypt a SHA-256 hash of an IP address - djangofan - 02-26-2018 #1 I updated my repo and added a brute-force-patterns.txt file that I now iterate over, running hashcat once for each pattern. is this how people usually do this? https://github.com/djangofan/hashcat-crack-ip/blob/master/crackItBruteForce.sh #2 With your advice, I figured out how to run on CPU instead of GPU. Wish the --help command would have explained it. I had to google it to verify. Still don't have it working but I hope I am getting closer... RE: My practice attempt to decrypt a SHA-256 hash of an IP address - djangofan - 02-26-2018 Finally got it working. Thanks royce: https://github.com/djangofan/hashcat-crack-ip RE: My practice attempt to decrypt a SHA-256 hash of an IP address - royce - 02-26-2018 Couple of niggles: - That larger file I linked to covers actual possible IP addresses. Many ?d?d?d (above 254) are invalid in an IP-address octet. So your masks will try many IPs that are not valid (if any octet has more than two digits). - It's not "decrypting" - you're cracking, or hashing, to try to find a match. Decryption implies reversal of an encryption process, which is not how hashes work. RE: My practice attempt to decrypt a SHA-256 hash of an IP address - djangofan - 02-26-2018 thanks, yeah i noticed that, since it took 2 hours to run. if I knew what you used for your 3 custom charsets on the command line, then using that file would be a lot easier. RE: My practice attempt to decrypt a SHA-256 hash of an IP address - undeath - 02-26-2018 the file linked above is a valid hcmask file and as such includes the custom character sets. For more info see https://hashcat.net/wiki/doku.php?id=mask_attack#hashcat_mask_files increment mode increments the mask only. It does not care about custom character sets. In fact, the character sets "?d", "?d?d" and "?d?d?d" are identical. RE: My practice attempt to decrypt a SHA-256 hash of an IP address - djangofan - 02-26-2018 (02-26-2018, 05:43 PM)undeath Wrote: the file linked above is a valid hcmask file and as such includes the custom character sets. For more info see https://hashcat.net/wiki/doku.php?id=mask_attack#hashcat_mask_files thanks, I didnt know there was such a thing. i appreciate it very much! RE: My practice attempt to decrypt a SHA-256 hash of an IP address - djangofan - 02-26-2018 Ok, I updated my repo. The script, using royces hcmask file, is able to quickly guess the value of this ip: 211.231.004.057 But not this IP; this one fails to be guessed: 211.231.4.57 |