Breaking SHA1-HMAC
#1
I am new to hashcat and trying to do a simple experiment.

I generated a hash using the following:

echo -n "abcd" | openssl dgst -sha1 -hmac 1234

It generated a hash:
8717c25d45b7c48e66d917255c6e5b9e15edc46c

I would like to use hashcat to break this. How will I do it?

I tried using the following and it gives me an error: line length exception

hashcat-cli64.bin -m150 -a3 hashfile outputfile

I have the above mentioned hash in the hashfile.

I also have a GPU but I am NOT running oclHashcat-plus.

I really appreciate any help.
#2
The hash is not formated correctly. see: https://hashcat.net/wiki/doku.php?id=example_hashes

That command is also wrong. outfile should be replaced with a mask. see: http://hashcat.net/wiki/doku.php?id=mask_attack

In this case a mask of ?l?l?l?l should crack it.

I could be wrong but you might want mode 160 instead. Not sure.
#3
Code:
$ cat dict.txt
abcd
$ cat m0160.txt # masked
8717XXX45b7cXXX66d9XXX55c6e5b9eXXXXc46c:1234
$ ./hashcat-cli64.bin --quiet -m 160 m0160.txt dict.txt
8717XXX45b7cXXX66d9XXX55c6e5b9eXXXXc46c:1234:abcd
#4
(07-31-2013, 06:01 PM)philsmd Wrote:
Code:
$ cat dict.txt
abcd
$ cat m0160.txt # masked
8717XXX45b7cXXX66d9XXX55c6e5b9eXXXXc46c:1234
$ ./hashcat-cli64.bin --quiet -m 160 m0160.txt dict.txt
8717XXX45b7cXXX66d9XXX55c6e5b9eXXXXc46c:1234:abcd

What should I do if I only know the hash? Is it possible to break? I know the hash is generated using SHA1 HMAC and length of the key and length of the plain text.

Thanks for your reply.
#5
Of course that is not good for attacking the hash, if you miss important information (the salt/key in general is known).

You could try to generate a list of salts (e.g. w/ maskprocessor and a suitable mask) and use this output (say "dict") as an external salt file (-e). In this way you search for the correct salt + bruteforce etc the password.

It is clear, that this takes way longer than knowing the salt!
#6
From One of the earlier replies - "In this case a mask of ?l?l?l?l should crack it."

Where will I put that mask? Will it be part of dict.txt in our example?

Thanks,
Satish
#7
Satish and I are working together on a school project - I have a quick question what if it is a truncated hash. Instead of having the full hash we know the message and the truncated hash - say we know abcd as the message and lets say we are limited in the hash length so only 8717 is available as the hash value. Would that improve the performance of hashcat in possibly finding collisions and keys that would provide the same resultant hash?
#8
Try it this way:
0. Check if the hash file is correct:
Code:
$ cat m0160.txt #masked
8717XXX45b7cXXX66d9XXX55c6e5b9eXXXXc46c

1. Generate external salts list (file: external_salts.txt):
Code:
$ ./hashcat-cli64.bin --stdout -a 3 ?d?d?d?d > external_salts.txt

2. Launch hashcat w/ whatever attack mode you want (but use -e external_salts.txt):
Code:
$ ./hashcat-cli64.bin --quiet -m 160 -e external_salts.txt m0160.txt --pw-min 4 -a 3 ?l?l?l?l
8717XXX45b7cXXX66d9XXX55c6e5b9eXXXXc46c:1234:abcd

Note: I am not totally sure if HMAC-SHA1 (160) + external salts (-e) were supposed to work so far, but I know that next version of cpu hashcat has support for it (I just tested it)
#9
(08-01-2013, 12:17 AM)feedworks Wrote: From One of the earlier replies - "In this case a mask of ?l?l?l?l should crack it."

Where will I put that mask? Will it be part of dict.txt in our example?

Thanks,
Satish

In the command you posted, replace outfile with ?l?l?l?l.

edit: understand that -a 3 is a mask attack. -a 0 is a dictionary attack.

Quote:Satish and I are working together on a school project - I have a quick question what if it is a truncated hash. Instead of having the full hash we know the message and the truncated hash - say we know abcd as the message and lets say we are limited in the hash length so only 8717 is available as the hash value. Would that improve the performance of hashcat in possibly finding collisions and keys that would provide the same resultant hash?
There's a higher chance of getting a collision assuming a random distribution. As for actually improving performance....probably not. At best you could get false-positives.
#10
(08-01-2013, 02:22 AM)philsmd Wrote: Try it this way:
0. Check if the hash file is correct:
Code:
$ cat m0160.txt #masked
8717XXX45b7cXXX66d9XXX55c6e5b9eXXXXc46c

1. Generate external salts list (file: external_salts.txt):
Code:
$ ./hashcat-cli64.bin --stdout -a 3 ?d?d?d?d > external_salts.txt

2. Launch hashcat w/ whatever attack mode you want (but use -e external_salts.txt):
Code:
$ ./hashcat-cli64.bin --quiet -m 160 -e external_salts.txt m0160.txt --pw-min 4 -a 3 ?l?l?l?l
8717XXX45b7cXXX66d9XXX55c6e5b9eXXXXc46c:1234:abcd

Note: I am not totally sure if HMAC-SHA1 (160) + external salts (-e) were supposed to work so far, but I know that next version of cpu hashcat has support for it (I just tested it)

I tried the command:
Code:
./hashcat-cli64.bin --stdout -a 3 ?d?d?d?d > external_salts.txt

Unfortunately the redirection to external_salts.txt was actually outputting the EULA from hashcat and did not generate the salts this was do to hashcat expecting an input from the user (i.e. accepting the eula). I removed the redirection and let salts output to the screen and just manually did a copy paste into the externa_salts.txt.

Afterwards when running the command:
Code:
$ ./hashcat-cli64.bin --quiet -m 160 -e external_salts.txt m0160.txt --pw-min 4 -a 3 ?l?l?l?l
8717XXX45b7cXXX66d9XXX55c6e5b9eXXXXc46c:1234:abcd

I received the following error:
Skipping line 8717XXX45b7cXXX66d9XXX55c6e5b9eXXXXc46c (line length exception)
No hashes loaded.


Any further assistance and guidance is greatly appreciated..