+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: Bruteforcing SHA1 with knowing the salt (/thread-9135.html)
Bruteforcing SHA1 with knowing the salt - tropikando - 04-15-2020
Hello dear Hashcat community,
I am a studying cybersecurity on my local university. I am stucked at a task given by my lecturer.
As the task says - I have to find the secret password just by knowing the SHA1 hash and salt. I was reading the documentation and old threads(of much older versions of Hashcat) but I still don't know how to include my salt in command.
As far as I read on the wiki, I should use the -m parameter with 110 number and -a parameter with value 3.
Can you please give me a tip how to make use of knowing the salt and any example of command?
I have tryed something like this but with no success:
Code:
Hashcat -m 110 -a 3 40DIGITSHA1 (and where should I put salt here?)Tropikando
RE: Bruteforcing SHA1 with knowing the salt - undeath - 04-15-2020
see "hashcat --example -m 110" for the expected format or have a look at https://hashcat.net/wiki/doku.php?id=example_hashes
RE: Bruteforcing SHA1 with knowing the salt - tropikando - 04-15-2020
So it should look like that?
Code:
Hashcat -m 110 -a 3 SHA1:SaltRE: Bruteforcing SHA1 with knowing the salt - undeath - 04-15-2020
Yes, that's correct. You should specify a mask when running -a3 btw.
RE: Bruteforcing SHA1 with knowing the salt - tropikando - 04-15-2020
I didn't do that, I guess it will take longer time to find the password without specifying it?
RE: Bruteforcing SHA1 with knowing the salt - Mem5 - 04-17-2020
"take longer time" compared to what ?
Mast attack : https://hashcat.net/wiki/doku.php?id=mask_attack