I'm a complete novice, just learning about this world of hashes in the last few weeks, but I managed to extract (what I believe to be) the following hash info from a target device (mac os x 10.11 El Capitan) and I'm trying to crack it on a PC Windows 7 using Hashcat GUI v1.00rc3, but I'm not sure what it all means or exactly how to use the GUI:
undeath edit: hash removed
I've been reading through the wiki stuff and a bunch of other sites about how to extract, copy, convert, decrypt stuff, but a lot of it is going over my head because (mostly I'm not a hacker) I can't seem to find a step by step walkthrough of how to extract a hash from Mac OS X 10.11 El Capitan that seemed to work (unless the above info is what I was looking for). Most of the info out there points to older versions of MAC OS whose commands don't seem to work with El Capitan.
However, if the above info is what I'm looking for, then I don't know exactly what to do with it. From what I've read the above info is the binary (base64?) format for each element (entropy, salt, integer, verifier?[I have no idea what these mean]), and they all need to be converted to hex (which I tried on this site: https://cryptii.com/pipes/base64-to-hex), then all of the converted hex values copied and smashed together into a .txt file with no other characters, spaces, or line breaks and saved. Then this file is used as the hash file that Hashcat works with? All of which I tried, but it didn't seem to work as when I clicked the "I'm a HashKiller" button in the bottom right corner of the GUI a new command prompt window popped open and stayed blank followed by a new window with Hashcat GUI popped open (so now there are 2 Hashcat GUI windows open on my screen...weird).
So in summary, if anybody has the time or wherewithal to walk me through things, or if you don't and can link me to a useful step by step tutorial that takes me from Extraction (specifically how to find AND copy the necessary .plist file or data to a flash/thumb drive from the target device while in Single User Mode or Recovery Mode), to Conversion (which type of hash I'm dealing with because I saw 5 or 6 different SHA512 hash-types) and exactly how to make a proper .txt file that Hashcat can digest.
Also if anybody has any better wordlists (I also saw "charset" uploads under the "brute-force" tabs in Hashcat GUI
and it wouldn't let me upload any wordlist including realuniq.lst. So I assume this is a different set of files
If doing any or all of this via the command line interface on window command prompt is easier/simpler I'd probably prefer to do it that way.
Sorry in advance about the long nOOb post, just wanted to try to provide as much info as possible to waste as little of anybody's time possible with back and forth.
Thx for your thoughts/suggestions.
-m
undeath edit: hash removed
I've been reading through the wiki stuff and a bunch of other sites about how to extract, copy, convert, decrypt stuff, but a lot of it is going over my head because (mostly I'm not a hacker) I can't seem to find a step by step walkthrough of how to extract a hash from Mac OS X 10.11 El Capitan that seemed to work (unless the above info is what I was looking for). Most of the info out there points to older versions of MAC OS whose commands don't seem to work with El Capitan.
However, if the above info is what I'm looking for, then I don't know exactly what to do with it. From what I've read the above info is the binary (base64?) format for each element (entropy, salt, integer, verifier?[I have no idea what these mean]), and they all need to be converted to hex (which I tried on this site: https://cryptii.com/pipes/base64-to-hex), then all of the converted hex values copied and smashed together into a .txt file with no other characters, spaces, or line breaks and saved. Then this file is used as the hash file that Hashcat works with? All of which I tried, but it didn't seem to work as when I clicked the "I'm a HashKiller" button in the bottom right corner of the GUI a new command prompt window popped open and stayed blank followed by a new window with Hashcat GUI popped open (so now there are 2 Hashcat GUI windows open on my screen...weird).
So in summary, if anybody has the time or wherewithal to walk me through things, or if you don't and can link me to a useful step by step tutorial that takes me from Extraction (specifically how to find AND copy the necessary .plist file or data to a flash/thumb drive from the target device while in Single User Mode or Recovery Mode), to Conversion (which type of hash I'm dealing with because I saw 5 or 6 different SHA512 hash-types) and exactly how to make a proper .txt file that Hashcat can digest.
Also if anybody has any better wordlists (I also saw "charset" uploads under the "brute-force" tabs in Hashcat GUI
and it wouldn't let me upload any wordlist including realuniq.lst. So I assume this is a different set of files
If doing any or all of this via the command line interface on window command prompt is easier/simpler I'd probably prefer to do it that way.
Sorry in advance about the long nOOb post, just wanted to try to provide as much info as possible to waste as little of anybody's time possible with back and forth.
Thx for your thoughts/suggestions.
-m