Excel SHA512 salts and hashes
#1
Tongue 
I am working on an Excel salted SHA512 hash but I am stumped (which isn't a surprise since I am a total noob at this). When I look at the hash examples a salted SHA512 hash should either be given as type 1710 ($hash:$salt) 128 hex characters:10 numericals or as type 1720 ($salt:$hash) 128 hex characters:10 numericals for hashcat to work. This creates two questions:

1. Why is the format identical for the both variants? Shouldn't type 1720 have a shorter numerical salt followed by a longer hex hash for the password? I.e 10 numericals:128 hex characters?

2. And does anybody here know how Excel's salting algorithm work? The salt is given (I extracted it the traditional way via ziping) as a 18 character long base64 string. I tried transforming it to hex, but that gave me a 32 hex character string that I cant get hashcat to accept. 

And another question, the xml-file from excell also contains the words spinCount="100000". Does this in fact mean that Excel did 100 000 iterations of the SHA512 hashes? Is there anything I can or should do in the command promt because of this? The (known) password I am trying to crack is only three lowercase letters so it should still be doable, right?

I am not actually a coder so if you formulate your answer as you would to a complete idiot (a picture I think you will have no problem holding in your head ;) it would be highly appreciated :)


Messages In This Thread
Excel SHA512 salts and hashes - by Jim__code - 08-18-2017, 10:48 PM
RE: Excel SHA512 salts and hashes - by undeath - 08-19-2017, 11:01 AM
RE: Excel SHA512 salts and hashes - by Jim__code - 08-19-2017, 11:47 AM
RE: Excel SHA512 salts and hashes - by MrMeeseeks - 08-21-2017, 07:58 PM