bruteforce sha1 with hashcat
#1
hello everybody!
i have a pretty simple 20 lenght hash to bruteforce
with SHA1 algo and 8 numbers length, salt has to be 0000000000000000

=============== hashcat log======================
hashcat-cli32.exe --hash-mode 101 --attack-mode 3 --salt-file C:/hashcat-gui-0.5.0/hashcat-gui-0.5.0/salt.log --bf-cs-buf 1234567890 --bf-pw-min 8 --bf-pw-max 8 C:/hashcat-gui-0.5.0/hashcat-gui-0.5.0/h.txt

Added external salts from file C:/hashcat-gui-0.5.0/hashcat-gui-0.5.0/salt.log:
1 salts
Added hashes from file C:/hashcat-gui-0.5.0/hashcat-gui-0.5.0/h.txt: 1 (1 salts)
Activating quick-digest mode for single-hash
Charset...: 1234567890
Length....: 8
Index.....: 0/1 (segment), 100000000 (words), 0 (bytes)
Recovered.: 0/1 hashes, 0/1 salts
Speed/sec.: - plains, 7.00M words
Progress..: 100000000/100000000 (100.00%)
Running...: 00:00:00:03
Estimated.: --:--:--:--
Started: Thu Jan 26 22:58:01 2012
Stopped: Thu Jan 26 22:58:04 2012

=============== ighashgpu log =======================
ighashgpu.exe /h:ef63bf26e2382917d96850ccf9632458ee6e6c77 /tConfusedha1 /c:d /max:8 /min:8 /salt:0000000000000000

Starting brute-force attack, Charset Len = 10, Min passlen = 8, Max passlen = 8
Charset (unicode -> 0) [0123456789]
Charset in HEX: 30 31 32 33 34 35 36 37 38 39
Starting from [00000000]
Hash type: SHA1, Hash: ef63bf26e2382917d96850ccf9632458ee6e6c77
Salt: 00 00 00 00 00 00 00 00
CURPWD: 46886710 DONE: 75.50% ETA: 2s
Found password: [50681318], HEX: 35 30 36 38 31 33 31 38
Processed 75 497 472 passwords in 1s.
=====================================================

both programs ighashgpu and hashcat are finishing the bruteforce
for the same input options process in couple of seconds,
but ighash found the password and hashcat does not
why hashcat cant find the password?
maybe i missed some options?
thank you!
#2
hello, this is about hex encoding the salt, see here:

with ansi (hashcat default)

Quote:root@thumbstone:~# echo -n 506813180000000000000000 | sha1sum
d9d4ec51debfaba4e603003e594705b81a22e2ca -

with hex (ighashgpu default)

Quote:root@thumbstone:~# perl -e 'print "50681318", "\0" x 8' | sha1sum
ef63bf26e2382917d96850ccf9632458ee6e6c77 -

hashcat cpu does not support hex encoded salt strings, but oclhashcat-lite.

you have to tell it using hex encoded salt using the parameter --hex-salt.

also note that i am using -m 110

Quote:root@sf:~/oclHashcat-lite-0.09# ./oclHashcat-lite64.bin ef63bf26e2382917d96850ccf9632458ee6e6c77:0000000000000000 --hex-salt ?d?d?d?d?d?d?d?d -m 110
oclHashcat-lite v0.9 by atom starting...

GPU-Loops: 128
GPU-Accel: 160
Password lengths range: 4 - 55
Platform: AMD compatible platform found
Watchdog: Temperature limit set to 90c
Device #1: Cypress, 512MB, 0Mhz, 20MCU
Device #2: skipped by user

26bf63ef172938e2cc5068d9582463f9776c6eee:50681318

Status.......: Cracked
Hash.Target..: 26bf63ef172938e2cc5068d9582463f9776c6eee
Hash.Type....: sha1($pass.$salt)
Time.Running.: 0 secs
Time.Left....: 0 secs
Plain.Mask...: ?d?d?d?d?d?d?d?d
Plain.Text...: ****0000
Plain.Length.: 8
Progress.....: 87040000/100000000 (87.04%)
Speed.GPU.#1.: 920.2M/s
HWMon.GPU.#1.: 0% GPU, 41c Temp

Started: Fri Jan 27 05:34:29 2012
Stopped: Fri Jan 27 05:34:30 2012
#3
thanks Atom, appreciate your reply

if its only about the hex interpritation can I use cpu method somehow on my old laptop?
or there is no way to crack it without gpu?
#4
Code:
#!/usr/bin/env perl

use strict;
use warnings;
use Digest::SHA qw (sha1_hex);

my $max = 99999999;

my $target = $ARGV[0] or die ("usage: $0 hash\n");

for (my $i = 0; $i < $max; $i++)
{
  printf ("%4.1f%%\n", ($i / $max) * 100) if (($i % 100000) == 0);

  my $plain = sprintf ("%08d\0\0\0\0\0\0\0\0", $i);

  my $hash = sha1_hex ($plain);

  if ($hash eq $target)
  {
    print $i, "\n";

    exit;
  }
}
#5
Hmmm oclHashcat-lite v0.9 ...
#6
thank you Atom, the script is working great!
#7
yw, thread closed