09-25-2018, 05:49 PM
(06-28-2018, 03:19 PM)fhd Wrote:hi guys i can't find the right way to crack salted sha1 hashes , i triyed -m 120 , -m 110 and -m 130 . it always give me error massage likeHash-encoding exception ,
(Hashfile 'C:\hashcat-4.1.0\1.txt' on line 1 (9**...d59efda4793e68ad364dd9acfaaef***): Hash-encoding exception
Hashfile 'C:\hashcat-4.1.0\1.txt' on line 2 (47c23:...66a4af28aa8b7cd33f741d8b0d338d2c): Hash-encoding exceptionHashfile 'C:\hashcat-4.1.0\1.txt' on line 3 (85a21:...d51c1da06309ea161b24a6348cb59c90): Hash-encoding exception)
i think the problem is in the hashes file so i tried different formats like :
$9***b$8321515fd59efda4793e68ad364dd9acfaaef***9***b:8321515fd59efda4793e68ad364dd9acfaaef***8321515fd59efda4793e68ad364dd9acfaaef***:9***b^i did hide some letters ^
i also tried different Encoding for the TXT file such as ANSI , UTF-8Thanks.
Hi there, I ran into a similar problem. With the first two demo hashes, remove the prepended data carefully.
If I understand this, the first two hashes might be SHA1 with salt or not. So make them like this:
8321515fd59efda4793e68ad364dd9acfaaef***
8321515fd59efda4793e68ad364dd9acfaaef***
Perhaps the salts were prepended there, and if that is the case, put in this format:
8321515fd59efda4793e68ad364dd9acfaaef***:9***b
8321515fd59efda4793e68ad364dd9acfaaef***:9***b
The last hash looks more reasonable, if it's a sha1($salt$plain):
8321515fd59efda4793e68ad364dd9acfaaef***:9***b
It doesn't matter if the apparent hex chars don't quite stack up. Sometimes, the hashing scheme does not convert the hash to binary first, then output hex encoded salt. So the salts here are very likely just plain text salts that look like hex encoded salts with a char missing, like this sha1("91a2b".$pass).
Put your hashes in this format, on the assumption it's sha1($salt$plain) with the salt as plain chars:
8321515fd59efda4793e68ad364dd9acfaaef***:9***b (in a file, e.g. hashes.txt)
Now you can use hashcat mode 120 sha1($salt$plain):
hashcat -a 0 -m 120 [other-options] hashes.txt wordlist.txt -r rules/best64.rule
for example, where wordlist.txt is your selection of passwords, e.g. rockyou or something, and stick in a rule file if you don't get much without one. Rule files are very powerful.
Hashcat is smart enough not to make assumptions, even though it looks like a bad hex encoded salt. So leave out options to specify hex encoding and just crack as usual.
Hope this helps...