06-08-2018, 11:30 PM
I want to test recover of my old Signal Android database password with Hashcat. The sourcecode for the app https://github.com/signalapp/Signal-Andr...ecret.java makes it look like database uses PBDKF2 with SHA1 but when I try crack known password using hashcat format 12000 sha1:iteration:hashalt I exhaust the guesses. The hash ends in = and salt in == so that looks right, but I notice Signal doing some weird PCKS 5 stuff in https://github.com/signalapp/Signal-Andr...tUtil.java
Can I use last 20 bytes of mastersecret or is there AES component prior to PBKDF2 comparison?
Can I use last 20 bytes of mastersecret or is there AES component prior to PBKDF2 comparison?