+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: how is --hex-wordlist supposed to function? (/thread-8346.html)
how is --hex-wordlist supposed to function? - ragequit - 05-10-2019
I'm playing around with accented characters in passwords, which inevitably results in multi-byte characters. Doing some reading, it looked like using the --hex-wordlist option would take care of this, but the candidate hex doesn't look anything like the wordlist hex.
For the word otoño:
Code:
hashcat-5.1.0$ xxd test
0000000: 6f74 6fc3 b16f 0a oto..o.Code:
~/hashcat-5.1.0$ ./hashcat64.bin -m 1000 BC4A371BBA2211148EBCDEE649C561FC test -w 4 -O --hex-wordlistSession..........: hashcat
Status...........: Exhausted
Hash.Type........: NTLM
Hash.Target......: bc4a371bba2211148ebcdee649c561fc
Time.Started.....: Fri May 10 14:21:57 2019 (0 secs)
Time.Estimated...: Fri May 10 14:21:57 2019 (0 secs)
Guess.Base.......: File (test)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 0 H/s (0.00ms) @ Accel:64 Loops:1 Thr:1024 Vec:1
Speed.#2.........: 0 H/s (0.00ms) @ Accel:64 Loops:1 Thr:1024 Vec:1
Speed.#3.........: 0 H/s (0.00ms) @ Accel:64 Loops:1 Thr:1024 Vec:1
Speed.#4.........: 4922 H/s (0.01ms) @ Accel:64 Loops:1 Thr:1024 Vec:1
Speed.#*.........: 4922 H/s
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 1/1 (100.00%)
Rejected.........: 0/1 (0.00%)
Restore.Point....: 0/1 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-0 Iteration:0-1
Restore.Sub.#2...: Salt:0 Amplifier:0-0 Iteration:0-1
Restore.Sub.#3...: Salt:0 Amplifier:0-0 Iteration:0-1
Restore.Sub.#4...: Salt:0 Amplifier:0-1 Iteration:0-1
Candidates.#1....: [Copying]
Candidates.#2....: [Copying]
Candidates.#3....: [Copying]
Candidates.#4....: $HEX[8d9e38] -> $HEX[8d9e38]
Hardware.Mon.#1..: Temp: 37c Fan: 27% Util: 42% Core:1657MHz Mem:4513MHz Bus:16
Hardware.Mon.#2..: Temp: 42c Fan: 27% Util: 42% Core:1657MHz Mem:4513MHz Bus:16
Hardware.Mon.#3..: Temp: 44c Fan: 28% Util: 42% Core:1657MHz Mem:4513MHz Bus:16
Hardware.Mon.#4..: Temp: 41c Fan: 27% Util: 42% Core:1657MHz Mem:4513MHz Bus:16
Started: Fri May 10 14:21:49 2019
Stopped: Fri May 10 14:21:59 2019
RE: how is --hex-wordlist supposed to function? - undeath - 05-10-2019
as the name of the option suggests, it expects all lines in the wordlist to be hex-encoded. What exactly did you expect the option to "take care of"?
RE: how is --hex-wordlist supposed to function? - ragequit - 05-10-2019
I see, I misunderstood. However, I changed to to hex encoding, then ran it again. The candidates are correct this time, but the crack still failed.
Session..........: hashcat
Status...........: Exhausted
Hash.Type........: NTLM
Hash.Target......: bc4a371bba2211148ebcdee649c561fc
Time.Started.....: Fri May 10 15:12:49 2019 (1 sec)
Time.Estimated...: Fri May 10 15:12:50 2019 (0 secs)
Guess.Base.......: File (test)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 4379 H/s (0.01ms) @ Accel:64 Loops:1 Thr:1024 Vec:1
Speed.#2.........: 0 H/s (0.00ms) @ Accel:64 Loops:1 Thr:1024 Vec:1
Speed.#3.........: 0 H/s (0.00ms) @ Accel:64 Loops:1 Thr:1024 Vec:1
Speed.#4.........: 0 H/s (0.00ms) @ Accel:64 Loops:1 Thr:1024 Vec:1
Speed.#*.........: 4379 H/s
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 1/1 (100.00%)
Rejected.........: 0/1 (0.00%)
Restore.Point....: 0/1 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-1
Restore.Sub.#2...: Salt:0 Amplifier:0-0 Iteration:0-1
Restore.Sub.#3...: Salt:0 Amplifier:0-0 Iteration:0-1
Restore.Sub.#4...: Salt:0 Amplifier:0-0 Iteration:0-1
Candidates.#1....: otoño -> otoño
RE: how is --hex-wordlist supposed to function? - undeath - 05-10-2019
indeed that doesn't seem to work.
Code:
echo 'otoño' | hashcat -m 1000 bc4a371bba2211148ebcdee649c561fcCode:
echo 'otoño' | hashcat -m 1000 bc4a371bba2211148ebcdee649c561fc --encoding-from=utf-8can't crack the hash.
but you can workaround it using mode 900:
Code:
echo 'otoño' | hashcat -m 900 bc4a371bba2211148ebcdee649c561fc --encoding-from=utf-8 --encoding-to=utf-16leNo idea how to get mode 1000 to work correctly though.
RE: how is --hex-wordlist supposed to function? - ragequit - 05-10-2019
(05-10-2019, 08:26 PM)undeath Wrote:this will crack the hashCode:echo 'otoño' | hashcat -m 900 bc4a371bba2211148ebcdee649c561fc --encoding-from=utf-8 --encoding-to=utf-16le
It does indeed, but comes out as: bc4a371bba2211148ebcdee649c561fc:$HEX[6f0074006f00f1006f00]
which is some sort of two-byte unicode (UCS-2?). Is there a switch to convert it to an unencoded form?
I've tried various mashups of iconv and xxd, but none give it back correctly (mangles the ñ)
RE: how is --hex-wordlist supposed to function? - undeath - 05-10-2019
as the command line indicates, this is utf-16le.
Code:
echo 6f0074006f00f1006f00 | xxd -r -p | iconv --from=utf-16leRE: how is --hex-wordlist supposed to function? - ragequit - 05-10-2019
(05-10-2019, 10:31 PM)undeath Wrote: as the command line indicates, this is utf-16le.
Code:echo 6f0074006f00f1006f00 | xxd -r -p | iconv --from=utf-16le
That worked, thanks!