3DES Known Plaintext - How? - Printable Version

3DES Known Plaintext - How? - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: 3DES Known Plaintext - How? (/thread-8955.html)

3DES Known Plaintext - How? - clemoo - 02-10-2020

Hi,
I've a 3DES ECB block and know the plaintext, can you help me on the hashcat syntax?

I'm trying:

Code:
./hashcat -m 14100 -a 3 0123456789abcdef:1234567 "?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a"

while "0123456789abcdef" represents the cipher text and 1234567 represents the known plaintext.

I just receive "Hash '0123456789abcdef:1234567': Token length exception"...

The documentation to 3DES says:

Code:
  14100 | 3DES (PT = $salt, key = $pass)                  | Raw Cipher, Known-Plaintext attack

but i have no idea how to use that.

RE: 3DES Known Plaintext - How? - royce - 02-10-2020

Separate from your syntax issue ... have you done the math of how long it would take to exhaust this mask (if it were even possible to run it with hashcat)?

https://www.wolframalpha.com/input/?i=95%5E24

RE: 3DES Known Plaintext - How? - clemoo - 02-10-2020

(02-10-2020, 03:19 AM)clemoo Wrote: Hi,
I've a 3DES ECB block and know the plaintext, can you help me on the hashcat syntax?

I'm trying:

Code:
./hashcat -m 14100 -a 3 0123456789abcdef:1234567 "?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a"

while "0123456789abcdef" represents the cipher text and 1234567 represents the known plaintext.

I just receive "Hash '0123456789abcdef:1234567': Token length exception"...

The documentation to 3DES says:

Code:
14100 | 3DES (PT = $salt, key = $pass) | Raw Cipher, Known-Plaintext attack

but i have no idea how to use that.

figured it out, the plaintext "1234567" should have been hex-bytes aswell.

For those are interested: the keyspace is far to large - so the mask doesn't work

RE: 3DES Known Plaintext - How? - clemoo - 02-10-2020

(02-10-2020, 03:30 AM)royce Wrote: Separate from your syntax issue ... have you done the math of how long it would take to exhaust this mask (if it were even possible to run it with hashcat)?

https://www.wolframalpha.com/input/?i=95%5E24

hi,
no it is not possible with hashcat...

I'm still hoping to find it in my wordlist...

and yes i know it would take me with all the resources i've access to 10³¹ years to search the keyspace completly.