+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: Trouble finding attacking hash format (/thread-7559.html)
Trouble finding attacking hash format - Fuzzer - 06-09-2018
Hi,
I'm analyzing the password algorithm used by an open source CMS system. I've searched the wiki and studied the help information but can't find the hash format to use.
I know the algo is SHA256 computed on plaintext+salt.
Here's the actual implementation in the source in c#:
Code:
static string GeneratePasswordHash(string password, byte[] salt)
{
using (var algorithm = new SHA256Managed())
{
byte[] plainText = Encoding.UTF8.GetBytes(password);
byte[] arr = new byte[plainText.Length + salt.Length];
plainText.CopyTo(arr, 0);
salt.CopyTo(arr, plainText.Length);
return Convert.ToBase64String(algorithm.ComputeHash(arr));
}
}
static byte[] GenerateHashSalt()
{
using (var cs = new RNGCryptoServiceProvider())
{
var salt = new byte[24];
cs.GetBytes(salt);
return salt;
}
}Usage would be
string passwordHash = GeneratePasswordHash("1234", GenerateHashSalt());
I've created a new user in the CMS with the password "1234".
I would expect the hash mode is 1410 sha256($hash.$salt)
When I try to run hashcat using a simple wordlist it gives me a hash encoding exception
Code:
> hashcat64.exe -a 0 -m 1410 c:\Temp\myhashes.txt c:\Temp\dict.txtHashfile 'c:\Temp\myhashes.txt' on line 1: Hash-encoding exception
No hashes loaded
I've tried these formats but I keep getting a format exception:
$hash.$salt
hash : salt
What am I doing wrong here?
Cheers
RE: Trouble finding attacking hash format - philsmd - 06-09-2018
If base64 encoded : base64 decode it and hex encode it (whenever hashcat expects the hexadecimal hashes)
BTW: it is not allowed to post hashes on this forum
RE: Trouble finding attacking hash format - Fuzzer - 06-09-2018
(06-09-2018, 08:03 AM)philsmd Wrote: If base64 encoded : base64 decode it and hex encode it (whenever hashcat expects the hexadecimal hashes)
BTW: it is not allowed to post hashes on this forum
Thanks. I've updated the post.
I base64 decoded the hash and the salt, hex encoded them and tried again.
Still get the same error though. "Hash-encoding exception".
RE: Trouble finding attacking hash format - philsmd - 06-09-2018
You can find example hashes here: https://hashcat.net/wiki/doku.php?id=example_hashes
The salt doesn't need to be hex encoded, only the hashes are hexadecimal (but you can alternatively still use the salt in hex with the --hex-salt command line parameter).
Anyway, you shouldn't see the error message (even if the salt is "wrong"). The format is
Code:
hash:salt(no dollar signs, no spaces etc)
RE: Trouble finding attacking hash format - Fuzzer - 06-09-2018
Thanks again. I tried the hash example on the example pages and it worked fine.
Tried renaming my hashes.txt file to example.hash and dict.txt to example.dict and suddenly it ran without exeptions.
Now the problem is the result is Exhausted, even though the password '1234' is in the dictionary.
Didn't know about the --hex-salt option. I will try use this.
RE: Trouble finding attacking hash format - Fuzzer - 06-09-2018
Success. Finally worked it out. Trick was using correct fileextensions and the --hex-salt option.
Thanks again for the help philsmd
/J
RE: Trouble finding attacking hash format - undeath - 06-09-2018
hashcat doesn't care about file extensions at all.