Interesting mask.. character, 0, character, 0 etc...
#1
Wink 
Hiyah everyone!

I've only started using this software since yesterday, so I'm a total n00bie.

I've read the --help with the following oclExample0.cmd:
oclHashcat64.exe -t 32 -a 7 example0.hash ?a?a?a?a example.dict

I think it makes a new set of rainbow tables base on a password ?a?a?a?a, which the other two examples then use to find the password?

I'm going to do more reading after work today on what the specifics are.

Looking over the help files so far, I've noticed two things that I want to get the program to do that I can't find information on.

1: This process: SHA1(SHA1(Password))
It doesn't use a salt, and is just SHA1 applied twice, I don't see it in the list of hashes I can use. I *guess* I can create a custom one, but I don't know how yet.

2: Every character in the password before it is hashed has an added ASCII(0) character (a [NULL]).
So ABC = A /0 B /0 C/0 (6 characters)

I've got the code running in .NET to produce the hashes, to check:

ABC = C6876C05F745140F51A200F82159463C91B2522F
123 = EF5EA59F73ED422686786822FA17B3B0DF1B953D

So as I mention above each character of the password is accompanied by a following [NULL] (ASCII 0, not ASCII 48)

SHA1(SHA1(A[NULL]B[NULL]C[NULL])) = C6876C05F745140F51A200F82159463C91B2522F
SHA1(SHA1(1[NULL]2[NULL]3[NULL])) = EF5EA59F73ED422686786822FA17B3B0DF1B953D

Please help me learn!

Many thanks!
#2
It's simple unicode, what else to expect from .net Smile

To generate the zero bytes you can use --hex-charset or a tricky rule
#3
(07-02-2014, 02:14 PM)atom Wrote: It's simple unicode, what else to expect from .net Smile

To generate the zero bytes you can use --hex-charset or a tricky rule

Heh! Hey! .Net's nice! The Dev just used the wrong convert-to-byte-array function.

--hex-charset sounds much better than the "tricky rule".

I found this:
http://www.rurapenthe.me/2013/09/crackin...guage.html

So I get something like this, -1 is the lower/upper/digits, and -2 is the ASCI(0) character...

oclHashcat-plus64.bin -a 3 -m 4500 -1 ?l?d?u -2 00 ?1?2?1?2?1?2?1?2

I discovered the Double-SHA1 mode is 4500. Yay!

I think I've nearly got everything worked out.
#4
(07-02-2014, 02:14 PM)atom Wrote: It's simple unicode, what else to expect from .net Smile

To generate the zero bytes you can use --hex-charset or a tricky rule

I've tried the following this morning, REAL.hash is just those two hashes, NULL.hcchr is the single null character, and I'm looking through upper/lower alphabet, and numbers (to cover ABC and 123)

I'm not -i them, as I know the length already:

cudaHashcat64.exe -a 3 -m 4500 REAL.hash -1 ?l?d?u -2 NULL.hcchr ?1?2?1?2?1?2

It doesn't find either of them, I've swapped around the ?2?1 as well, just in case (though the debugger shows the byte array as char 0 ).

Have you got any suggestions or guidance on what I may be missing? You sound like a professional programmer that knows what he's doing. =)

I'm worried that ocl doesn't support the [NULL] character at all! What with it being a string terminator in C. (ARGH!)