+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: DES-ECB (/thread-9152.html)
DES-ECB - Davidi74 - 04-21-2020
Hi,
I'm trying to test decrypting a DES-ECB hash.
I use a tool to encrypt 0000000000000000 with the key of 000000000000cccc giving the cypher text of 5c3278aafe9127de.
When I run hashcat with the following command
hashcat -a 3 -m 14000 test.hash -1 charsets/DES_full.charset --hex-charset 000000000000?1?1 -D 1
I get.....
Session..........: hashcat
Status...........: Cracked
Hash.Type........: DES (PT = $salt, key = $pass)
Hash.Target......: 5c3278aafe9127de:0000000000000000
Time.Started.....: Wed Apr 22 07:31:14 2020 (0 secs)
Time.Estimated...: Wed Apr 22 07:31:14 2020 (0 secs)
Guess.Mask.......: 000000000000?1?1 [14]
Guess.Charset....: -1 charsets/DES_full.charset, -2 Undefined, -3 Undefined, -4 Undefined
Guess.Queue......: 1/1 (100.00%)
Speed.#2.........: 83194 H/s (11.86ms) @ Accel:128 Loops:1024 Thr:1 Vec:8
Recovered........: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts
Progress.........: 13312/16384 (81.25%)
Rejected.........: 0/13312 (0.00%)
Restore.Point....: 12288/16384 (75.00%)
Restore.Sub.#2...: Salt:0 Amplifier:0-1 Iteration:0-1024
Candidates.#2....: $HEX[00000000000001c1] -> $HEX[000000000000fece]
Started: Wed Apr 22 07:31:13 2020
Stopped: Wed Apr 22 07:31:15 2020
C:\HashCat>hashcat64 -a 3 -m 14000 test.hash -1 charsets/DES_full.charset --hex-charset 000000000000?1?1 -D 1 --show
5c3278aafe9127de:0000000000000000:$HEX[000000000000cdcd]
It seems to be the wrong key!
RE: DES-ECB - undeath - 04-22-2020
That's because DES operates on 7 bits only. Both keys are valid.
RE: DES-ECB - Davidi74 - 04-22-2020
(04-22-2020, 12:10 AM)undeath Wrote: That's because DES operates on 7 bits only. Both keys are valid.
Thanks heaps for your reply. Thats what I thought, but when I try it with the smaller key I get
Minimum password length supported by kernel: 8
Maximum password length supported by kernel: 8
....
Skipping mask '0000000000?1?1' because it is smaller than the minimum password length.
Thanks heaps for your time on this...
RE: DES-ECB - undeath - 04-22-2020
bits != bytes
RE: DES-ECB - Davidi74 - 04-22-2020
(04-22-2020, 01:29 AM)undeath Wrote: bits != bytes
Sorry, I don't follow
I thought 7 bytes=56 bits for the key
RE: DES-ECB - hops - 04-22-2020
In DES the least significant bit of each key byte is used as parity bit and does not affect the en-/decryption process.
0xcc in binary is 11001100 while 0xcd is 11001101. Only the last bit (least significant bit) is different and therefore both produce the same result.
Edit: DES keys are still being provided with 64 bits but 8 of them are ignored making the effective key size 56 bits.
RE: DES-ECB - Davidi74 - 04-22-2020
(04-22-2020, 12:03 PM)hops Wrote: In DES the least significant bit of each key byte is used as parity bit and does not affect the en-/decryption process.
0xcc in binary is 11001100 while 0xcd is 11001101. Only the last bit (least significant bit) is different and therefore both produce the same result.
Edit: DES keys are still being provided with 64 bits but 8 of them are ignored making the effective key size 56 bits.
Thanks so much.
Is that why we need a special character set for DES, because with only 7 bits, it cant make the full 00-FF?
RE: DES-ECB - undeath - 04-22-2020
The DES character set is simply cutting the keyspace. If you were using ?b you'd brute-force the unused bit as well.