hashcat Forum
DES ECB password search - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Misc (https://hashcat.net/forum/forum-15.html)
+--- Forum: General Talk (https://hashcat.net/forum/forum-33.html)
+--- Thread: DES ECB password search (/thread-9048.html)



DES ECB password search - MorP - 03-17-2020

hi guys! I have a question about DES ECB and hashcat.
I have ~5Gb clear byte array and the same byte array encrypted with DES ECB mode. This arrays synchronized. (encArray[0]...encArray[7] is ecncypted version of clearArray[0]...clearArray[7])
DES ECB use 64 byte block. How can i find password for decrypt with hashcat?


RE: DES ECB password search - atom - 03-18-2020

With clear byte array, do you mean zero bytes? If yes you can use -m 14000 and set the salt to 0000000000000000


RE: DES ECB password search - MorP - 03-18-2020

(03-18-2020, 08:38 AM)atom Wrote: With clear byte array, do you mean zero bytes? If yes you can use -m 14000 and set the salt to 0000000000000000

No i mean unencrypted byte array with different values. and next array is the same data as encrypted.

And i found that unencrypted data:
0000 0000 0000 0000
always encrypted to:
040f e8b7 a2d2 6feb


RE: DES ECB password search - MorP - 03-18-2020

i test example from https://hashcat.net/wiki/doku.php?id=example_hashes for DES with key -m 14000
and get some strange result

-a3 -m 14000 a28bc61d44bb815c:1172075784504605 ?l?l?l?l?l?l?l?d give me passwod: harhbat1
but on page shown password: hashcat1
this is collision or mistake?


RE: DES ECB password search - atom - 03-19-2020

It's a valid collision. both hashcat1 and harhbat1 are valid keys which will do exactly the same encryption/decryption of every input you give. you can verify with openssl.