Yesterday, 07:24 AM
I need some help checking if I have the best approach to my key search as I can't help but think I am overcomplicating things.
I have the key for my example and I am not asking for anyone to actually perform the attack for me but I would like some more experienced eyes than mine to check if I have properly formatted and taken the right approach to this task.
I am trying to use mode 33501 RC4.
I currently have a 9 byte key that is composed of 5 unknown bytes and 4 known bytes as well as my cypher text and known plain text. Unlike the ASCII samples I could find my key is a binary/hex key and in order to get hashcat to accept the partial key I have had to create a .bin, as entering the 4 known bytes directly created errors.
For a 72 byte RC4 with 256 drop key and 5 unknown binary bytes, with 5 characters obscured to avoid issues with forum rules, I am using:
$iv = [byte[]](0xD5,0x93,0x81,0x7C)
[System.IO.File]::WriteAllBytes("iv.bin", $iv)
.\hashcat -m 33501 -a 7 -w 3 '$rc4$72$256$2b006*****8c80$0$*****99f8ce60e' ?b?b?b?b?b iv.bin
My cypher text, key, known plain text are all in Hex form but I can not use the hex charset as this is not actually checking all values per byte and hashcat will not let me check per hex character as it says my mask is to long.
I have checked that this approach works by appending the extra characters in the key to the IV file to shorten the search and so far my current setup is the only one that successfully retrieves the key. I would like to double check that this is the most efficient approach as currently my aging GPU states around 10 days for the full 40 bit search while everything I have read is that 40 bit RC4 is trivial in this day to crack. Do I have everything correct and I am simply a victim of my out of date equipment.
My benchmark for this hash is
------------------------------------
* Hash-Mode 33501 (RC4 72-bit DropN)
------------------------------------
Speed.#01........: 249.6 MH/s (98.05ms) @ Accel:301 Loops:256 Thr:32 Vec:1
Thanks.
I have the key for my example and I am not asking for anyone to actually perform the attack for me but I would like some more experienced eyes than mine to check if I have properly formatted and taken the right approach to this task.
I am trying to use mode 33501 RC4.
I currently have a 9 byte key that is composed of 5 unknown bytes and 4 known bytes as well as my cypher text and known plain text. Unlike the ASCII samples I could find my key is a binary/hex key and in order to get hashcat to accept the partial key I have had to create a .bin, as entering the 4 known bytes directly created errors.
For a 72 byte RC4 with 256 drop key and 5 unknown binary bytes, with 5 characters obscured to avoid issues with forum rules, I am using:
$iv = [byte[]](0xD5,0x93,0x81,0x7C)
[System.IO.File]::WriteAllBytes("iv.bin", $iv)
.\hashcat -m 33501 -a 7 -w 3 '$rc4$72$256$2b006*****8c80$0$*****99f8ce60e' ?b?b?b?b?b iv.bin
My cypher text, key, known plain text are all in Hex form but I can not use the hex charset as this is not actually checking all values per byte and hashcat will not let me check per hex character as it says my mask is to long.
I have checked that this approach works by appending the extra characters in the key to the IV file to shorten the search and so far my current setup is the only one that successfully retrieves the key. I would like to double check that this is the most efficient approach as currently my aging GPU states around 10 days for the full 40 bit search while everything I have read is that 40 bit RC4 is trivial in this day to crack. Do I have everything correct and I am simply a victim of my out of date equipment.
My benchmark for this hash is
------------------------------------
* Hash-Mode 33501 (RC4 72-bit DropN)
------------------------------------
Speed.#01........: 249.6 MH/s (98.05ms) @ Accel:301 Loops:256 Thr:32 Vec:1
Thanks.