hashcat Forum
SHA1_HMAC for unknown text - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: SHA1_HMAC for unknown text (/thread-7369.html)



SHA1_HMAC for unknown text - Phil - 03-16-2018

Im interested in brute-forcing known_hosts files for SSH, these look like this:

|[int]|[base64 SALT]|[base64 TARGET] ssh-rsa [base64]

These are SHA1_HMACs of the IP address or hostname where the Text (not the salt or key) is the password. (The Int at the beginning of the string defines the type of SHA hash e.g. 1, 256, 512).

e.g. if hmac.new(SALT, GUESS, sha1).digest() == TARGET then you have a match.

Hashcat has the modes 150 and 160 but nothing for unknown Text. Would it be hard to add support for this? I think it has some valuable uses when identifying hosts to move laterally within networks.


RE: SHA1_HMAC for unknown text - undeath - 03-16-2018

What do you mean by "unknown text"? What is the technical difference to a password?


RE: SHA1_HMAC for unknown text - Phil - 03-16-2018

For the example below:

#|1|cISUEz2xxa7ZeaVeGBzNjHRF5tU=|Td1EXemzcxAGovyEkvHYUx+UorQ= rsa-key blahblah

If we convert to hex we have:

17513529ea04fde116862d745a91afe0e7623ba6:dfdf3c415d1513cc2664beecb8dad840b2132c28

In this case the output of the hmac is known dfdf3c415d1513cc2664beecb8dad840b2132c28 and the key used is known 17513529ea04fde116862d745a91afe0e7623ba6 but I dont know the text that was hmac'd (in this case 192.168.1.61)


RE: SHA1_HMAC for unknown text - undeath - 03-16-2018

isn't that just the same as hmac-sha1(key = $pass)?

edit: according to the argument order of hmac it should probably be hmac-sha1(key = $salt)


RE: SHA1_HMAC for unknown text - Phil - 03-16-2018

I dont think so but I could be completely mis-reading this. I have the key (17513529ea04fde116862d745a91afe0e7623ba6) but I dont know the plain text that was hmac'd (192.168.1.61) - its the plain text I want to brute-force

If it helps this is what I used to brute-force it in python (where tkey.txt) contains:

|1|F1E1KeoE/eEWhi10WpGv4OdiO6Y=|3988QV0VE8wmZL7suNrYQLITLCg= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwCZx9lGaY+Zhz98TdWqZ01mTzOwRnQO0EIBM8Hx8olxMbrQ1Xa+x/7LBoGyJqeYFunZbFCVpAu+2SBkvf75qV8nTlq3WXnLnprsH5Sq/c9f29ZCcMHevI


Python:

import base64
import hmac
from hashlib import sha1

if __name__ == '__main__':
for kh in open("tkey.txt"):
print (kh.strip())
parts = kh.strip().split("|")
if len(parts) < 2:
continue

saltb64 = parts[2]
targetb64 = parts[3].split(" ")[0]

salt = base64.b64decode(saltb64)
target = base64.b64decode(targetb64)

for a in ["192"]:
for b in range(160, 256):
print(b) # For debugging
for c in range(0, 256):
for d in range(0, 256):

message = bytes("%s.%s.%s.%s" % (a,b,c,d), "ascii")
hashed = hmac.new(salt, message, sha1).digest()

if target == hashed:
print("%s|%s -> %s" % (salt.hex(), target.hex(), message))
print("%s|%s -> %s" % (saltb64, targetb64, message))
quit()


RE: SHA1_HMAC for unknown text - undeath - 03-16-2018

you should be able to crack this by using
dfdf3c415d1513cc2664beecb8dad840b2132c28:17513529ea04fde116862d745a91afe0e7623ba6 --hex-salt -m 160


RE: SHA1_HMAC for unknown text - Phil - 03-16-2018

Ah, thanks Smile I was missing --hex-salt Smile

dfdf3c415d1513cc2664beecb8dad840b2132c28:17513529ea04fde116862d745a91afe0e7623ba6:192.168.1.61


RE: SHA1_HMAC for unknown text - Phil - 03-16-2018

Heres a IPv4 hcmask if anyone is in the same situation.

python3 parse_knownhosts.py.txt .ssh/known_hosts > unknown

dfdf3c415d1513cc2664beecb8dad840b2132c28:17513529ea04fde116862d745a91afe0e7623ba6

hashcat -m 160 --hex-salt -m 160 unknown -a 3 ipv4.hcmask.txt


RE: SHA1_HMAC for unknown text - undeath - 03-16-2018

btw, here is a mask file for ipv4 addresses without leading zeros: https://pastebin.com/4HQ6C8gG


RE: SHA1_HMAC for unknown text - Phil - 03-16-2018

Ah nice, I found it slower to process all of those rules for a single hash - I guess it'd be faster for longer lists tho?