Hash types with multiple iterations/rounds
#1
Are there any plans to implement an option for recursively iterating any of the hash types (kernels)?

For example, if I want to test hashes that may have been encrypted with sha1 more than once, will there ever be a command line switch for testing such a thing?

Example:

For hash type 100, instead of trying "-m 100" for "sha1($password)", will something like "-m 100 2" for "sha1(sha1($password))" be a possibility?

The above might be a bad example.  Here's another one.

For hash type 110, the default is "sha1($pass.$salt)".  If I want to apply sha1 5 times like this, "sha1(sha1(sha1(sha1(sha1($pass.$salt)))))", then could syntax like "-m 110 5" be an option?

Related to this, does anyone know of any custom tool that can do this?  Perhaps a script?
#2
Good question!

Arbitrary iteration is currently out of scope for hashcat. atom has previously added specific cases when it's a commonly needed hash, but that's it.

Outside of the hashcat world, the capability that you're describing is a component of two different other suites:

* John the Ripper jumbo, using its dynamic format syntax

* MDXfind, using its -i option

Both of these are currently confined to CPU. But there's a lot of flexibility, and they're both taking advantage of CPU speed features to make the attack pretty efficient (though obviously slower than a well-tuned GPU attack).

What's interesting about MDXfind is that -i specifies an upper bound. For example, if you use -i 1000, it will try sha1(pass), sha1(sha1(pass)), sha1(sha1(sha1(pass))) ... on up through 1000 iterations of SHA1. And you can tell it multiple hash types as well, so it will try 1000 iterations of MD5 at the same time. When dealing with a pile of unidentified hashes, this is pretty powerful.
~