Help Desk password hash
#1
I tried tosearch, but found no topics about this hash. Is is possible to use some rules or something else to Help Desk's hashing algoritm? It uses only sha1, but pre-hashing every symbols in password.

Function:
PHP Code:
function hesk_Pass2Hash($plaintext) {
   $majorsalt  '';
   $len strlen($plaintext);
   for ($i=0;$i<$len;$i++)
   {
       $majorsalt .= sha1(substr($plaintext,$i,1));
   }
   $corehash sha1($majorsalt);
   return $corehash;


I can convert wordlists to something like pre-rainbow tables, where each line is result of final $majorsalt (name from code example) and then put it to hashcat as wordlist, but it's not so fast...
Reply
#2
converting wordlist is the best you can get as far as I'm concerned
Reply
#3
Converted wordlist can't work in optimized mode or only up to 6 character passwords in pure mode. The only way to crack this is to write a separate hashcat kernel. Expect raw sha1 performance and divide by 20.
Reply