First time trying to "crack" something
#1
Hi,
I'm trying to figure if what I'm trying to do is feasible with Hashcat(or the beta of oclHashcat for OS X). This is my first time using hashcat/oclhashcat.

I got the file where it's supposed to be the hash for my 1Password vault. But it's the last version of 1Password and the file is from a "container" called "1Password.opvault", it is not a ".filevault" extension one.

In this file I've found(among others) the file "profile.js" which seems to have my password. The fields in this file are(among less interesting ones) salt, masterKey, passwordHint(just text), iterations, uuid, overviewKey.

iteration is 25000
salt is 24 char long.
masterKey is 449 char long
overviewKey is 196 char long

The passwordHint one is not interesting for cracking but for making sure this is where the masterpassword is stored. I'm assuming masterKey is the hash and I have no idea what overviewKey is.

The problem is that I don't know what king of hash I have here, and thus I don't know what mode to use. If I try the -m 6600 I get the "Line-length exception" error. I've tried with padding(based on this question) so the hash is 2080 char long but I get the same error(the hash without padding is 449 char long).

With the mode 8200 I get the "Hash-length exception" with both padding and without padding.

Is it even possible to get this hash solved with either oclhashcat or hashcat on OS X? And if so, a little help, please?

BTW, this is from an old 1Password that I can't remember the password. I have a new one since some months ago, but this is just for fun/is interesting.


Messages In This Thread
First time trying to "crack" something - by Trib - 05-06-2016, 10:36 AM