PBKDF2 new format hash
#1
i just search this topic on the https://hashcat.net/trac/ticket/256;

can atom add this new Algorithm to the oclhashcat?


hash: sha256:10000:XuJt+k6LpRfuKnE8qLbn/JNGYEdbZmRM:URQ7Eh6u9tomqqp4fDYlciVSuwBBxyWo

the plain text is : 12345678

this Algorithm is not the same as the Django (PBKDF2-SHA256) which added in oclhashcat ....

this Algorithm is used much more than before...


thanks ,admin
#2
Why do you not write your comments on trac directly?

What regards the trac ticket, I was asking for more details and where this hash type is being used (common CMS, other software etc) but we didn't get an answer for over 4 months. Hence, this seemed to be not a high priority ticket. Instead, the ticket even risked to be marked as "stalled".

IMO the algorithm is not different at all from Django's hashes, but the signature and output length are. That is why I was asking on trac what are the details and how we should implement it (for instance should we always compare only the minimal digest length allowed and make it a general format).

Please give the details on trac and suggest how this format should be called? Is this a general PBKDF2-SHA256 format or a very specific format only used with a particular software?
#3
(01-21-2015, 10:02 AM)philsmd Wrote: Why do you not write your comments on trac directly?

What regards the trac ticket, I was asking for more details and where this hash type is being used (common CMS, other software etc) but we didn't get an answer for over 4 months. Hence, this seemed to be not a high priority ticket. Instead, the ticket even risked to be marked as "stalled".

IMO the algorithm is not different at all from Django's hashes, but the signature and output length are. That is why I was asking on trac what are the details and how we should implement it (for instance should we always compare only the minimal digest length allowed and make it a general format).

Please give the details on trac and suggest how this format should be called? Is this a general PBKDF2-SHA256 format or a very specific format only used with a particular software?

The exact algorithm should be called: php-pbkdf2

you can get the details here:
http://php.net/manual/en/function.hash-pbkdf2.php
https://defuse.ca/php-pbkdf2.htm
https://crackstation.net/hashing-securit...sourcecode

thanks
#4
Thanks for the links.

But please (as said) stick to the ticket https://hashcat.net/trac/ticket/256 , otherwise we need to cross-post everything and devs need to look for the required information on forum and trac etc.

I also updated the ticket: https://hashcat.net/trac/ticket/256#comment:8 to revive it. There are still some doubts, maybe you can reply on trac with a solution/answer/opinion.

Thread closed, because this discussion should go on on trac.
Thx