hashcat Forum
Noob - Understanding hashcat input format - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: Noob - Understanding hashcat input format (/thread-7715.html)



Noob - Understanding hashcat input format - plopplop - 08-03-2018

Hello,

I'm trying to understand the hashcat input format for a HMAC-SHA256 hash.
I have read this page https://hashcat.net/wiki/doku.php?id=example_hashes many times but I do not understand the input format for HMAC-SHA256 (and more globally the input formats announced in the whole page).
 
Code:
(key = $pass) ...(key = $salt) ... what does it means ?


I have the hash and the salt, I want hashcat to find the key used.


I generated a test vector using python :
Code:
>>> import hashlib
>>> import binascii
>>> input = b'easy little pony'
>>> salt = binascii.unhexlify(b'e65814e4382759f85550029e723dc7e7')
>>> H = hashlib.pbkdf2_hmac('sha256', input, salt, 100000)
>>> print(binascii.hexlify(H))
b'a5c87829cadf7b75bf4a7efc19e0f39b99c5e80dc8d64109fb7a8ce40d4d8b46'

So the input I tried to give to hashcat is the following :
Code:
<hash>:<salt>

a5c87829cadf7b75bf4a7efc19e0f39b99c5e80dc8d64109fb7a8ce40d4d8b46:e65814e4382759f85550029e723dc7e7


And I have filled my dictionnary with some tests values, including the text "easy little pony".

I tried using this command (and all the modes from 1410 to 1460 and 10900) :
Code:
hashcat -a0 -m1450 fileWithMyHash.txt myThreeWordsDictionnary.txt



Can you confirm me the mode I picked is correct ?
Is the input supposed to be hex-encoded ? (hash and salt)


Thank you


RE: Noob - Understanding hashcat input format - philsmd - 08-03-2018

-m 10900 = PBKDF2-HMAC-SHA256 has both hash and salt in base64. You can just look at the examples here: https://hashcat.net/wiki/doku.php?id=example_hashes or use a command like this: hashcat -m 10900 --example-hashes

if you use PBKDF2-HMAC-SHA256, it is PBKDF2-HMAC-SHA256. it can't be any other format without pbkdf2, or without hmac or without sha256.