10-01-2021, 05:12 PM
(This post was last modified: 10-01-2021, 05:13 PM by siddhartha.)
I'm having trouble with this one. I have an ancient piece of software that takes a user password, manipulates it, then calculates the SHA1 hash. The manipulation is as follows:
I've created a hex charset mask that follows everything I need, but it's the repeating password inside the string that is tripping me up. With the mask attack an 8 char password is suddenly 16 chars to hashcat. Is there a way to crack this without writing a module? Thanks!
- Repeat the uppercase alphabet from A to Z until we have a string of length 255 bytes.
- Append a null char so the string is now 256 bytes.
- Overwrite the first n bytes of the string (string[0]) with the user password of length n.
- Overwrite the middle n bytes starting at string[29] with the user password.
- Calculate the SHA1 hash of the 256 byte string.
I've created a hex charset mask that follows everything I need, but it's the repeating password inside the string that is tripping me up. With the mask attack an 8 char password is suddenly 16 chars to hashcat. Is there a way to crack this without writing a module? Thanks!