how can i crack hexmd5 hash ? - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Misc (https://hashcat.net/forum/forum-15.html) +--- Forum: General Talk (https://hashcat.net/forum/forum-33.html) +--- Thread: how can i crack hexmd5 hash ? (/thread-8164.html) |
RE: how can i crack hexmd5 hash ? - monminamon - 02-21-2019 (02-21-2019, 10:45 AM)philsmd Wrote: I think you are just heavily misinterpreting the tcp dump. the extracted web page file from the tcp dump ..https://quickfileshare.org/V5h/testtest.rar if it would help or something ! RE: how can i crack hexmd5 hash ? - philsmd - 02-21-2019 1. about the javascript string to hexadecimal conversion: it's just the octal code point (see https://mathiasbynens.be/notes/javascript-escapes#octal) converted to hexadecimal something like this in javascript: s='\115\116\213\305\117\073\313\206\013\042\106\121\240\001\333\032';r='';for(i=0;i<s.length;i++)r+=('0'+s.charCodeAt(i).toString(16)).slice(-2);console.log(r) 2. 8de6c4719419b4a9237acaeaa1a0e095 is a further "password=" hash within your tcp dump without any preceeding salt and md5Hex () javascript code. If the information is missing, you can't crack it of course. The salt must be known, it's not in the tcp dump. I explained this already. If we do not have any additional information about the salt we only know that it is a hash for which we miss the information required. The salt is MISSING in the capture ! I'm not sure what is so difficult to understand about this 3. mask attack is explained here: https://hashcat.net/wiki/?id=mask_attack (any hard-coded string can be added to the mask directly, but any static prefix to masks will reduce speed by a lot) hashcat -m 10 -a 3 -O -w 3 --hex-salt cbc5d1a36621e0f824f5491ae9cf172c:4d4e8bc54f3bcb860b224651a001db1a --increment _?d?d?d?d?d?d?d?d DanielG already explained this. You must be also willing to read and learn/understand. We can't help you reading what we write here . 4. The html code doesn't contain any hint of how the salt is generated on the server. It's probably a piece of code executed on the server to generate random salts (what you called chap-id and chap-challenge above). You don't see this within the capture or html code RE: how can i crack hexmd5 hash ? - monminamon - 02-21-2019 (02-21-2019, 04:38 PM)philsmd Wrote: 1. about the javascript string to hexadecimal conversion: it's just the octal code point (see https://mathiasbynens.be/notes/javascript-escapes#octal) converted to hexadecimal hi thanks very much for the very nice and informative reply "server to generate random salts (what you called chap-id and chap-challenge above). You don't see this within the capture or html code" i don't know but for now i only have the capture .... if i get a chance to check the html again i will notice you but i think it's in the page see this https://wiki.mikrotik.com/wiki/HotSpot_external_login_page "You must be also willing to read and learn/understand" thanks i will keep this in mind too but there still is one problem what if wanted to submit it some only site how can i deal with the '\137' = 0x5f = _ part ?!! also i didn't find any online site that support --hex-salt !!!!!!! thanks again RE: how can i crack hexmd5 hash ? - monminamon - 02-21-2019 "The salt is MISSING in the capture ! I'm not sure what is so difficult to understand about this" So for my stupidity ... But can you explain what is exact missing with screen shots or text from the TCP dump ... Cause I really don't see what's missing .! The first http post login contains the hashed password and it's salt ... And the second post login contains the hashed password and it's salt that you have cracked !! Sorry I asked too much .. But I need to understand RE: how can i crack hexmd5 hash ? - DanielG - 02-22-2019 I think this is going past what hashcat is about and more turning in how you can hack a certain piece of software. You have all the information in this topic (and external sources) to understand intercepted data and how to attack it using the hashcat md5 module. Some more general tips: - https://www.w3schools.com/whatis/default.asp - http://www.robotroom.com/NumberSystems4.html - https://www.wireshark.org/download/docs/user-guide.pdf Learning how everything works will help understand what you need, how to change it and how to use it. RE: how can i crack hexmd5 hash ? - monminamon - 02-22-2019 Thanks for the Great links ... I have read some of two of them ...but still didn't find the answer to my two simple questions ... I know that it's out of hashcat topics ... But I don't want to open new questions... Can you answer them please ?!😔😕 RE: how can i crack hexmd5 hash ? - philsmd - 02-22-2019 in the capture test.pcap if first packet javascript with salt then hash packet after javascript is VERY GOOD if first packet hash then javascript is VERY BAD if last packet javascript and NO more hash is VERY BAD RE: how can i crack hexmd5 hash ? - monminamon - 02-22-2019 (02-22-2019, 01:29 PM)philsmd Wrote: in the capture test.pcap lol i still don't understand the difference the two of them are "if first packet javascript with salt then hash packet after javascript is VERY GOOD" (very good ) look i filter the packets with http.request.method == POST then click follow tcp stream on the post packet !! the first one that you said that's bad salt https://i.ibb.co/3fGnbgn/image.png javascript https://i.ibb.co/wQqpg80/image.png the second one that's very good that you cracked salt https://i.ibb.co/0ZVs9hH/image.png javascript https://i.ibb.co/wBJ5VCb/image.png i don't really get what's missing !!! sorry again RE: how can i crack hexmd5 hash ? - philsmd - 02-22-2019 RE: how can i crack hexmd5 hash ? - monminamon - 02-23-2019 (02-22-2019, 07:25 PM)philsmd Wrote:So you take the JavaScript of first one and salt of the second one ?! I still don't get it !!! Can you mark your point on the screen shots ... The two of them have hash in the first then JavaScript with salt in the last ... The hash of the already cracked one cbc5d1a36621e0f824f5491ae9cf172c The JavaScript with salt "hexMD5('\137' + document.login.password.value + '\115\116\213\305\117\073\313\206\013\042\106\121\240\001\333\032') " The one you said is wrong The hash 8de6c4719419b4a9237acaeaa1a0e095 The JavaScript with salt hexMD5('\115' + document.login.password.value + '\017\226\132\264\231\243\072\025\142\343\313\006\131\010\106\311'); What's wrong with them ? Isn't the password is the hex hash ?! cbc5d1a36621e0f824f5491ae9cf172c And the salt is the numbers ?! '\115\116\213\305\117\073\313\206\013\042\106\121\240\001\333\032' Thanks for answering my questions till now I am sorry if I bothered you :∆ |