Some interesting test 14100 - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Support (https://hashcat.net/forum/forum-3.html) +--- Forum: hashcat (https://hashcat.net/forum/forum-45.html) +--- Thread: Some interesting test 14100 (/thread-9172.html) |
Some interesting test 14100 - buric - 04-27-2020 Here we are : this is command line created using real values, for verify how does it work 14100: hashcat -m 14100 XAXBFXX6X8AXX7X:5XXCXXFXE6XCXCXX -a 3 --hex-charset XDX6XX7X46X9XXX7XX0XCXBXX4XX1A9XXDX6XX7X46X9XXX7 --outfile-format 5 --potfile-disable Code: Session..........: hashcat Having all this values seems to be easy , but i i try to build a mask to replicate this it seems i go into a wrong way. Question, can someone give me a tip ho to revert this data into a mask? Guess.Mask.......: XDX6XX7X46X9XXX7XX0XCXBXX4XX1A9XXDX6XX7X46X9XXX7 [48] is a 3des=k1k2k3 whrere k1=k3 we knew also ?h= 0123456789abcdef, who can cover all digit and letter used into the hex lgo,i knew keyspace is hard to pronounce, but some thing i think can be fitted in... RE: Some interesting test 14100 - undeath - 04-28-2020 You cannot do something like k1=k3 with a mask. RE: Some interesting test 14100 - buric - 04-28-2020 But if we decrease (kenrnel based ) the guessmask to 16 bytes from 24 , i think also keyspace will be lees bigger and maybe there a mask will be possible ( use of k1k2 only). Is only to understood the mechanism. I have full 3des key and it works probed with decrypt/encrypt CT to PT and reverse. RE: Some interesting test 14100 - philsmd - 04-28-2020 Please request this new feature on github https://github.com/hashcat/hashcat/issues It would probably require a new optimized kernel that is dedicated to this special variant and I would suggest that it just internally copies the first 8 bytes to the end. pw_min == pw_max == 16 i.e. it always requires 16 bytes instead of 24 bytes RE: Some interesting test 14100 - buric - 04-28-2020 I will. youre suggestion is what i'm thougth to be "pw_min == pw_max == 16". I test also on free online tools using only 16bytes insted of 24 and result = tha same , also if i use only half of ct ( 8 bytes only ) aplying key as encryptdecrypt(k=k1k2,k1=k3,k3 ommited) will obtain same result. RE: Some interesting test 14100 - atari - 05-04-2020 good option needed for testing too RE: Some interesting test 14100 - Unchained - 01-18-2022 Any news here? I'm interested to brute a 3des key where the first 8 out of 16 bytes are already known. |