(05-12-2017, 09:26 AM)PWn3R Wrote:(05-12-2017, 09:17 AM)philsmd Wrote: If you are sure that the algorithm is:
md5_hex(md5($salt) . md5_hex($pass))
... where md5 (x) is the binary/raw output and md5_hex (y) is the hexadecimal output...
then it should work.
just try it either with hashcat or try to use the same credentials (username: "PWn3R", password: "hashcat") with your code to see if you end up with the same final MD5
Sorry I should've been more clear it's definitely binary value of md5 of user and a separate binary value of md5 of pass concatenated and then md5 and written as a hex string. If I md5 any of them in hex I get a completely different string. I will double check tomorrow but my working code was hex output of the md5 result of separate md5s of username and password concatenated as byte arrays.
String in file is hex of md5(binarymd5value(user)binarymd5value(pass)) I can upload code tomorrow if that is helpful but will also test what you suggested.
Thanks again!
philsmd - trying to understand exactly what you were saying. I apologize, this is my first serious foray into anything like this. Are you saying that I can do something like this:
echo -n "username, which is my salt" | md5sum
14c4b06b824ec593239362517f538b29 - this doesn't match just for example sake
Then run hashcat with 3710 and supply the md5'd hash in hex format with --hex-salt along with the original hash? I'd be feeding the salt that is md5'd already.
Edit: I just tested my theory. Unfortunately, it didn't work. I tried this:
hashcat64.exe -m 3710 -a 3 -1 ?d --gpu-temp-disable --session=all -p : --hex-salt --status --status-timer=5 -w 2 fullhashhere:hexhashofusernamehere ?1?1?1?1?1?1
I used an account where I know both the username and the password as well as the final hash from the file, which I have duplicated using my test C# app. Unfortunately, I get no matches.
Thanks again to both of you for the help!