Iterated sha256 cracking with no salt
#1
Hi,

I have some about 5 million strings of the form NNNNNLYYYYMMDDXXXXX , where

N=[0..9]
L=[A..Z]
YYYY is a number between 1920 and 2000
MM is a number between 1 and 12
DD is a number between 1 and 31
XXXXX is a small set of numbers (e.g 12345, 54321, 23456, etc.)

each one has been fed to a iterative SHA256 of around 2000 rounds and I have the resulting hexdigests, so

hex = sha256(sha256(sha256(....(sha256(str)))))

I have the hashes. Is there a way to have hashcat bruteforce this? Or any way that I can use the accelerated GPU code of hashcat to implement my own brute force script?

I have tried to feed this to hashcat as:

$5$rounds=2000$$<b64 version of the hash>

, as there is no salt, but I don't really know what I'm doing here and hashcat doesn't like the hash.

Thanks in advance,

koala
#2
There is no such algo/direct way of using hashcat for the hashing part.

But you can use hashcat to generate candidates and then do the hashing with a script in any language you're familiar with, doesn't seem like there are that many candidates to check (if done correctly).
#3
Shame. Anyway I wrote a Java bruteforcer and it works well enough for my purposes. 99% of CPU is spent on the hashes so I was quite interested in knowing which kind of speedup I'd get... but my C/C++ is quite lacking to chop up the necessary bits out of hashcat and repurpose them.