03-27-2013, 08:05 AM
oh, osx 10.4 hashes, ok. so in that case, you will need to do a little work to use hashcat with this algorithm.
the algorithm is sha1(salt.pass), and the salt is a four-byte hex salt prepended to the hash string.
consider the example hash A320163F1E6DB42C3949F7E232888ACC7DB7A0A17E493DBA with a password of "test". the first eight characters are the salt, and the remaining 40 chars are the sha1 hash.
hashcat requires hashes to be in hash
alt format, so you just take the first eight chars and move them to the end of the hash, separating it with a colon.
1E6DB42C3949F7E232888ACC7DB7A0A17E493DBA:A320163F
you can then use hashcat or pluscat to crack this hash using -m 120 --hex-salt. you will not be able to use litecat.
the algorithm is sha1(salt.pass), and the salt is a four-byte hex salt prepended to the hash string.
consider the example hash A320163F1E6DB42C3949F7E232888ACC7DB7A0A17E493DBA with a password of "test". the first eight characters are the salt, and the remaining 40 chars are the sha1 hash.
Code:
epixoip@db:~/hashcat-0.43$ printf "\xA3\x20\x16\x3Ftest" | sha1sum
1e6db42c3949f7e232888acc7db7a0a17e493dbahashcat requires hashes to be in hash
alt format, so you just take the first eight chars and move them to the end of the hash, separating it with a colon.1E6DB42C3949F7E232888ACC7DB7A0A17E493DBA:A320163F
you can then use hashcat or pluscat to crack this hash using -m 120 --hex-salt. you will not be able to use litecat.
Code:
epixoip@db:~/hashcat-0.43$ echo 1E6DB42C3949F7E232888ACC7DB7A0A17E493DBA:A320163F >test
epixoip@db:~/hashcat-0.43$ ./hashcat-cli64.bin -m 120 --hex-salt test -a 3 test