02-19-2019, 04:46 PM
(02-19-2019, 02:04 PM)DanielG Wrote: On https://miloserdov.org/?p=1088 it says the hash 15b4c47a3e0e44b9e40db20ac1225023 is for hexMD5('\301' + "22222222" + '\237\174\357\335\234\211\367\356\273\105\215\277\226\361\103\120') on the screenshot. But even that is not correct, this shows that you must have the exact hexMD5() extra data and corresponding md5 hash otherwise it will not work."this shows that you must have the exact hexMD5() extra data and corresponding md5 hash otherwise it will not work."
IF you are sure you have the correct hexMD5 with the corresponding intercepted password you can try to brute force it with:
Code:hashcat -m 10 -a 3 --hex-salt --hex-charset -1 4d "cbc5d1a36621e0f824f5491ae9cf172c:0f965ab499a33a1562e3cb06590846c9" "?1?d?d?d?d?d?d?d?d"
--hex-charset -1 4d is the value '\115' in hex and not octal
cbc5d1a36621e0f824f5491ae9cf172c:0f965ab499a33a1562e3cb06590846c9 is your md5 with 0f965ab499a33a1562e3cb06590846c9 being '\017\226\132\264\231\243\072\025\142\343\313\006\131\010\106\311'
"?1?d?d?d?d?d?d?d?d" is trying 8 digit code for password.
But you have to be 100% sure that the hash cbc5d1a36621e0f824f5491ae9cf172c was set with the code hexMD5('\115' + document.login.password.value + '\017\226\132\264\231\243\072\025\142\343\313\006\131\010\106\311');
//edit:
I see you posted the pcap, this is most likely against forum rules because you are posting other peoples hashes. (also the login with those hashes were incorrect, so you are trying to brute-force an incorrect login)
So if the entered password is incorrect the hexmd5 will never be cracked !!!
This kinda disappointing ..
..
How did you convert this \115 to 4d ?!
........
"
this is most likely against forum rules because you are posting other peoples hashes. " what ?!! But these are my hashes ...
.......
"(so you are trying to brute-force an incorrect login)"
Yes just testing it to see if it's possible to crack the md5 ...