PBKDF2-SHA256 Signature unmatched error - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Support (https://hashcat.net/forum/forum-3.html) +--- Forum: hashcat (https://hashcat.net/forum/forum-45.html) +--- Thread: PBKDF2-SHA256 Signature unmatched error (/thread-7854.html) |
PBKDF2-SHA256 Signature unmatched error - pbkdf2-fan - 10-03-2018 Hello! I am currently working on an assignment where we were given a few thousand of password hashes using various algorithms to crack. One of the hashes is of signature PDKDF2-SHA256. I assumed it would use the mode 10900 (PBKDF2-HMAC-SHA256), since this mode works for me in JTR. The signature (?) prefix on each hash is "$pbkdf2-sha256$29000$". I know 29000 is just the number of iterations, but running hashcat on my file gives me a "Signature unmatched" error for each line. I've looked at the "--example" for anything implementing anything that contains "PBKDF2" and "SHA256", but none seem to match the format of the hashes I have. The "hashid" utility tells me "PBKDF2-SHA256(Generic). The salt digest (?) seems to be 23 characters long and the hash digest is 44 characters long, for each hash. Thanks for your help RE: PBKDF2-SHA256 Signature unmatched error - philsmd - 10-03-2018 hashcat expects this format: https://hashcat.net/wiki/doku.php?id=example_hashes (search for 10900) "sha256", ":", iterations, ":", base64 salt, ":", base64 digest both salt and the "hash" (digest) must be encoded with base64 Hashcat "only" supports this format, but it should be pretty easy for you to convert it, if you have the hashes in the other format from jtr. RE: PBKDF2-SHA256 Signature unmatched error - pbkdf2-fan - 10-04-2018 (10-03-2018, 07:58 PM)philsmd Wrote: hashcat expects this format: https://hashcat.net/wiki/doku.php?id=example_hashes (search for 10900) Reformatting the hashes worked, thanks. I tried to feed, as a wordlist, the passwords I'd recovered from jtr, and from 50 passwords there, hashcat only recovered ~20. Any idea why this might happen? RE: PBKDF2-SHA256 Signature unmatched error - philsmd - 10-04-2018 you probably didn't convert them correcly. You must assume that it's your fault first... and troubleshoot the ones that do not work... only if you are 100% sure that the hashes are correct and the hash:pass pair is correct you could investigate further (maybe try with a different setup/GPU/driver etc) and open an issue on https://github.com/hashcat/hashcat/issues (but I'm pretty sure it is pebcak ) RE: PBKDF2-SHA256 Signature unmatched error - daredevil71 - 10-09-2018 (10-04-2018, 11:44 AM)philsmd Wrote: you probably didn't convert them correcly.I am facing the same issue. How do I reformat the hash using jtr? could you please share the proceess? Thanks RE: PBKDF2-SHA256 Signature unmatched error - epixoip - 10-09-2018 You don't need to use JTR to reformat the hash string. Let's say you have a pbkdf2 hash in passlib format (plaintext is "password"): Code: $pbkdf2-sha256$29000$9t7be09prfXee2/NOUeotQ$Y.RDnnq8vsezSZSKy1QNy6xhKPdoBIwc.0XDdRm9sJ8 You can easily reformat it with awk: Code: gawk '{sub(/^.*-/,"")}$1=$1' FS=\$ OFS=: Example: Code: epixoip@precision:~$ echo '$pbkdf2-sha256$29000$9t7be09prfXee2/NOUeotQ$Y.RDnnq8vsezSZSKy1QNy6xhKPdoBIwc.0XDdRm9sJ8' | gawk '{sub(/^.*-/,"")}$1=$1' FS=\$ OFS=: |