TOTP issue - Printable Version

TOTP issue - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: TOTP issue (/thread-8756.html)

TOTP issue - Mem5 - 11-01-2019

Hi all,
I generate a TOTP PIN thanks to python lib, using 'hashcat' password.

Code:
import pyotp

# base32_encode(hashcat) = NBQXG2DDMF2A====

totp = pyotp.TOTP("NBQXG2DDMF2A====")

print(totp.at(1572603245)+":1572603245")

test.hash contains PIN + timestamp:

Quote:915418:1572603245

I launch:

Quote:hashcat -m 18100 -a 3 -o res.txt test.hash ?l?l?l?l?l?l?l

Status : cracked, result is :

Quote:915418:1572603245:MJQXE3TDNZYA====

But

Quote:base32_decode(MJQXE3TDNZYA====) = barncnp

which is not the password 'hashcat'..

using hashcat-5.1.0+1409

Thanks for your help.

RE: TOTP issue - Chick3nman - 11-02-2019

TOTP collisions can happen for single PIN+timestamp pairs, and so you have found a key that collides with your timestamp and PIN, but is not the proper key. Enable --keep-guessing to get more valid collisions, or add more PIN+timestamp pairs to try and narrow down what the real key is.

RE: TOTP issue - Mem5 - 11-02-2019

Ok, I was not aware that collisions would work with this algorithm!
I confirm that collided passwords generate the same PIN.
Adding --keep-guessing + adding more PINs do find the 'original' password.
Thanks!