I just did clone the repository and checked out the version that you linked in your first post:
after that you can generate some hashes like this:
with this script I've generated this hash:
the password is hashcat
with this improved version of my previously posted script we can convert this hash to a supported hash by hashcat:
as expected from the hash
$p5v2$AlBIznIq2$OKziCyTibu0A6WPEgbUlEpRwa64gdr7L we get the following output:
sha256:4096:bEJJem5JcTI=:mvW7jv+5py4wiLhB7AnGUN3xJmKw6Z1c
which can be cracked with -m 10900 with password "hashcat" (without quotes)
not sure about your hash, if you aren't sure about the password that's very bad (both for testing purposes but also because it is against the forum rules)
it's needless to say that you need to modify the script and especially the $phpass_hash variable to use it with other hashes than this "hashcat" hash
Code:
git clone https://github.com/rchouinard/phpass
cd phpass/
git checkout 121233fb49db4d929de17187f5c18351f647d0eb
cd library/
after that you can generate some hashes like this:
PHP Code:
<?php
require ('Phpass.php');
$adapter = new \Phpass\Hash\Adapter\Pbkdf2 ();
echo $adapter->crypt ("hashcat", '$p5v2$AlBIznIq2$') . "\n";
with this script I've generated this hash:
Code:
$p5v2$AlBIznIq2$OKziCyTibu0A6WPEgbUlEpRwa64gdr7L
with this improved version of my previously posted script we can convert this hash to a supported hash by hashcat:
PHP Code:
<?php
# $p5v2$AlBIznIq2$OKziCyTibu0A6WPEgbUlEpRwa64gdr7L => sha256:4096:bEJJem5JcTI=:mvW7jv+5py4wiLhB7AnGUN3xJmKw6Z1c
// Author: philsmd
// Date: June 2019
// License: public domain, credits go to philsmd and hashcat
$base64 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
$itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
function convert_base64 ($input)
{
global $base64;
global $itoa64;
$input_len = strlen ($input);
if (($input_len % 4) != 0)
{
return "";
}
$input_len_div4 = (int) $input_len / 4;
$reverse = "";
for ($i = 0; $i < $input_len_div4; $i++)
{
$reverse .= strrev (substr ($input, $i * 4, 4));
}
$tmp = "";
for ($i = 0; $i < $input_len; $i++)
{
$idx = strpos ($itoa64, $reverse[$i]);
$tmp .= substr ($base64, $idx, 1);
}
$decoded = base64_decode ($tmp);
$tmp = "";
for ($i = 0; $i < $input_len_div4; $i++)
{
$tmp .= strrev (substr ($decoded, $i * 3, 3));
}
$output = base64_encode ($tmp);
return $output;
}
#
# Start
#
$phpass_hash = '$p5v2$AlBIznIq2$OKziCyTibu0A6WPEgbUlEpRwa64gdr7L';
$cost_factor = substr ($phpass_hash, 6, 1);
$idx = strpos ($itoa64, $cost_factor);
$iterations = pow (2, $idx);
$salt = base64_encode (substr ($phpass_hash, 7, 8));
$digest = convert_base64 (substr ($phpass_hash, 16));
echo "sha256:$iterations:$salt:$digest\n";
as expected from the hash
$p5v2$AlBIznIq2$OKziCyTibu0A6WPEgbUlEpRwa64gdr7L we get the following output:
sha256:4096:bEJJem5JcTI=:mvW7jv+5py4wiLhB7AnGUN3xJmKw6Z1c
which can be cracked with -m 10900 with password "hashcat" (without quotes)
not sure about your hash, if you aren't sure about the password that's very bad (both for testing purposes but also because it is against the forum rules)
it's needless to say that you need to modify the script and especially the $phpass_hash variable to use it with other hashes than this "hashcat" hash