| 
		
	
	
	
		
	Posts: 5Threads: 1
 Joined: Jan 2015
 
	
	
		So first of all hi, I just want to say that im completely new to hashcat, and I noticed it's missing some docs... so that's why im here asking. 
Recently I got a complete dump of a SQL members table (as of 13-01-2015) that contains lots of info but im particularly interested in 4 fields only: name (it's the username in fact), email, members_pass_hash and members_pass_salt. 
 
The table itself comes from a site using IP.Board, so they store they passwords like this  (more info ) :
 Code: $hash = md5( md5( $salt ) . md5( $password ) );
Now, checking hashcat wiki I found one mode that's ALMOST the same, but concatenated in different order:
 Code: 3910 = md5(md5($pass).md5($salt))
So my question is, is still possible to find those passwords? If so, how can I find them all at once? How would the args be?
 
Finally, if someone has some "newbie guides" or whatever, please link them    
Regards.
	 
	
	
	
		
	Posts: 352Threads: 3
 Joined: May 2010
 
	
	
		You didn't check enough : Quote:2811 	IPB2+, MyBB1.2+  
	
	
	
		
	Posts: 5Threads: 1
 Joined: Jan 2015
 
	
		
		
		01-30-2015, 03:07 PM 
(This post was last modified: 01-30-2015, 06:30 PM by philsmd.)
		
	 
		 (01-30-2015, 02:17 PM)Xanadrel Wrote:  You didn't check enough :
 
 Quote:2811 	IPB2+, MyBB1.2+  
Oh, well... lol.
 
Another thing, how do I specify the salt to use? And once it finishes I'll obtain another md5 representing the real password, right?
 
Example data-set:
[all hashes remove by philsmd] 
	
	
	
		
	Posts: 2,266Threads: 16
 Joined: Feb 2013
 
	
		
		
		01-30-2015, 04:43 PM 
(This post was last modified: 01-30-2015, 04:47 PM by philsmd.)
		
	 
		 (01-30-2015, 02:05 PM)N3HL Wrote:  im completely new to hashcat, and I noticed it's missing some docs 
Not at all, the docs are: 
1. https://hashcat.net/wiki/ 
2. --help output of oclHashcat or cpu hashcat 
3. forum search
 
For instance, the answer to your salt question can easily be answered by looking at this example hashes page:
https://hashcat.net/wiki/doku.php?id=example_hashes 
And you (in almost all of the cases!) won't obtain a "new" MD5 hash from cpu hashcat / oclHashcat, but it will just tell you if the hash was cracked, i.e. if the matching password was found, and it will output the important data (*original* hash, salt, password etc). The output format can be adjusted with --outfile-format parameter, the default is hash:password or hash  alt:password (if we speak about salted hashes).
 
Full information about the available output formats can be found by running cpu hashcat / oclHashcat with the --help switch.
	 
	
	
	
		
	Posts: 5Threads: 1
 Joined: Jan 2015
 
	
	
		 (01-30-2015, 04:43 PM)philsmd Wrote:   (01-30-2015, 02:05 PM)N3HL Wrote:  im completely new to hashcat, and I noticed it's missing some docs Not at all, the docs are:
 1. https://hashcat.net/wiki/
 2. --help output of oclHashcat or cpu hashcat
 3. forum search
 
 For instance, the answer to your salt question can easily be answered by looking at this example hashes page:
 https://hashcat.net/wiki/doku.php?id=example_hashes
 
 
 And you (in almost all of the cases!) won't obtain a "new" MD5 hash from cpu hashcat / oclHashcat, but it will just tell you if the hash was cracked, i.e. if the matching password was found, and it will output the important data (*original* hash, salt, password etc). The output format can be adjusted with --outfile-format parameter, the default is hash:password or hash
  alt:password (if we speak about salted hashes). 
 Full information about the available output formats can be found by running cpu hashcat / oclHashcat with the --help switch.
 
Yeah, saw the examples for each mode, and finally got it to work, btw, one last thing, do you have some nice wordlists? I already searched but most links are down.
	 
	
	
	
		
	Posts: 2,301Threads: 11
 Joined: Jul 2010
 
	
	
	
		
	Posts: 5Threads: 1
 Joined: Jan 2015
 
	
		
		
		01-30-2015, 05:28 PM 
(This post was last modified: 01-30-2015, 10:17 PM by epixoip.)
		
	 
		Thanks @undeath, pretty good wordlists. And now I promise this is the last thing xD 
How can I associate usernames with passwords in one .txt file, because as for now I get (obviously) something like this:
 
<HASHES REMOVED>
Hash | Salt | Password 
And to test some hashs I used a SQL statement to make my "hashs.txt":
 Code: SELECT CONCAT(members_pass_hash, ":", members_pass_salt)FROM members
 LIMIT 300
 INTO OUTFILE "hashs.txt"
But I'd like to end with one unique file with this format:
 
Username: %s - Password: %s
 
I used 300 rows to test hashcat, so far works great, now I have passwords but if I want to find the user I have to query my localhost each time, and start to build a custom .txt by hand (and I have more than 250k rows ! )
	 
	
	
	
		
	Posts: 2,266Threads: 16
 Joined: Feb 2013
 
	
		
		
		01-30-2015, 05:45 PM 
(This post was last modified: 01-30-2015, 06:06 PM by philsmd.)
		
	 
		you could use the --username switch of hashcat/oclHashcat. 
input format (you must use the --username switch to crack the hashes): 
username:hash  alt
 
second step (after cracking); you can output it with  --show --username 
format can be adjusted with --outfile-format, for instance --outfile-format 2 --show --username will give you 
username:password
 
 
Attention: --username --show currently only works and is supported by oclHashcat. cpu hashcat support for --show --username may or may not be added, depending on how many users care about adding it to trac and voting for this feature
 
You should be anyway be able to use oclHashcat to do this task
	 
	
	
	
		
	Posts: 5Threads: 1
 Joined: Jan 2015
 
	
		
		
		01-30-2015, 06:18 PM 
(This post was last modified: 01-30-2015, 06:29 PM by philsmd.)
		
	 
		 (01-30-2015, 05:45 PM)philsmd Wrote:  you could use the --username switch of hashcat/oclHashcat.
 input format (you must use the --username switch to crack the hashes):
 username:hash
  alt 
 second step (after cracking); you can output it with  --show --username
 format can be adjusted with --outfile-format, for instance --outfile-format 2 --show --username will give you
 username:password
 
 
 Attention: --username --show currently only works and is supported by oclHashcat. cpu hashcat support for --show --username may or may not be added, depending on how many users care about adding it to trac and voting for this feature
 
 You should be anyway be able to use oclHashcat to do this task
 
Okay, I own an ATI Radeon R7 260 X so im downloading the AMD oclHashcat. Meanwhile, if you don't mind, could you explain me a bit more?
 
Now my input file looks like this:
 Username | Hash | SaltCode: [ALL hashes removed by philsmd]|
So if I use --username in first place it should generate the file ignoring the username in the beginning, but then when you say "second step (after cracking): you can output it with  --show --username", what do you mean? I mean, the file is already done, so how would be this "second step". Or just using "--outfile-format 2 --show --username" from the start is enough? Sorry, it isn't clear for me.
 Added by philsmd:
  everyone who posts hashes and hence does not adhere to the (accepted) forum rules ( https://hashcat.net/forum/announcement-2.html  ) will be banned, it doesn't matter where the hashes come from (or if they were randomly generated etc)
	 
	
	
	
		
	Posts: 2,266Threads: 16
 Joined: Feb 2013
 
	
		
		
		01-30-2015, 06:24 PM 
(This post was last modified: 01-30-2015, 06:32 PM by philsmd.)
		
	 
		--show is always used to show the cracks for a specific oclHashcat session after the actual cracking process is done. 
So it would look like this:
 
oclHashcat64.exe -m 2811 --username hashes.txt dict.txt
 
after that actual cracking process is finished, you display the cracks with --show:
 
oclHashcat64.exe -m 2811 --show --username hashes.txt
 
 
hmm I'm wondering why you are still not banned, since you did not follow  the forum rules: https://hashcat.net/forum/announcement-2.html  (which you did accept). Don't post hashes!
	 |