+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: How to crack SHA1 hash with salt? (/thread-9800.html)
How to crack SHA1 hash with salt? - johnmap007 - 01-20-2021
Hello,
I am trying to recover an iMac account login password but I keep getting a Token Length Exception. I've already obtained the hash file but can't tell which characters are the salt (This password is for an iMac that has Mac OSX 10.6.8 btw). I don't even know if there's a salt at all. A short description of the file: the hash is surrounded by 0's. I've tried running the following commands with no luck:
- hashcat -m100 -a3 filetocrack.txt (Excluded the salt, which I think is 8 zeroes)
- hashcat -m110 -a3 filetocrack.txt (Included the salt, I tried writing it like this for all commands -> hash
alt & salt:hash)
- hashcat -m120 -a3 filetocrack.txt
- hashcat -m130 -a3 filetocrack.txt
RE: How to crack SHA1 hash with salt? - undeath - 01-20-2021
make sure your hash has the format as seen on https://hashcat.net/wiki/doku.php?id=example_hashes
also note that OSX hashes have specific hash modes
RE: How to crack SHA1 hash with salt? - Banaanhangwagen - 01-20-2021
For macOS v10.6, the user-password is stored in /var/db/shadow/hash/GUID_of_your_user.
(The correct GUID can be found in the /private/var/db/dslocal/nodes/Default/users/[yourusername].plist)
Open that file with an Hex-viewer, and you should find the salted SHA1.
When looking at https://hashcat.net/wiki/doku.php?id=example_hashes, you'll see that you need -m 122 in order to crack it.
RE: How to crack SHA1 hash with salt? - johnmap007 - 01-20-2021
(01-20-2021, 12:04 AM)johnmap007 Wrote: Hello,
I am trying to recover an iMac account login password but I keep getting a Token Length Exception. I've already obtained the hash file but can't tell which characters are the salt (This password is for an iMac that has Mac OSX 10.6.8 btw). I don't even know if there's a salt at all. A short description of the file: the hash is surrounded by 0's. I've tried running the following commands with no luck:
I have no idea what i'm missing. Can someone help me please?
- hashcat -m100 -a3 filetocrack.txt (Excluded the salt, which I think is 8 zeroes)
- hashcat -m110 -a3 filetocrack.txt (Included the salt, I tried writing it like this for all commands -> hash
- hashcat -m120 -a3 filetocrack.txt
- hashcat -m130 -a3 filetocrack.txt
(01-20-2021, 01:25 PM)Karamba Wrote: For macOS v10.6, the user-password is stored in /var/db/shadow/hash/GUID_of_your_user.
(The correct GUID can be found in the /private/var/db/dslocal/nodes/Default/users/[yourusername].plist)
Open that file with an Hex-viewer, and you should find the salted SHA1.
When looking at https://hashcat.net/wiki/doku.php?id=example_hashes, you'll see that you need -m 122 in order to crack it.
I got it. Thanks! But why did I need a hex viewer? I was able to print the hash from the terminal with cat. Also, since I don't have the right computer to do this (because I don't have good hardware), I won't be able to crack it otherwise my fan will scream and the cracking speed will take years.