Same password with two hashes
#1
Hello, I have two different SHA-1 (raw) hashes from a CTF game:
  • 2410911A7F9B916388D5782CA2F75488BFA*****
  • 63BBC0E1CF5FB647B51CC8C95A82BA30D05*****

Both hashes were cracked on the server onlinehashcrack.com as "tapinak" (without quotes, both passwords were marked as seven chars long so no white spaces are present).

I have no problem understanding the first hash, because of:

Code:
IN: echo -n tapinak | openssl sha1

OUT: SHA1(stdin)= 2410911a7f9b916388d5782ca2f75488bfa*****


I have a feeling that the encoding is the problem regarding the second hash, but I have no idea how to get that hash from the word "tapinak". Trying several encoding (windows-1250, utf-7, unicode, ISO-8859-2, ...) I always get the hash starting 24109... with some exceptions (below) but no hash starts with 63BBC0...:

Code:
IN: echo -n tapinak | iconv -t utf16le | openssl sha1
OUT: (stdin)= cb7d3774892aab8cafa90a34b2ae47cce65*****

IN: echo -n tapinak | iconv -t utf16be | openssl sha1
OUT: (stdin)= f2d090da947a8b9bbe1dcf82beba8d8493b*****


What am I overlooking? Any obscure encoding or it has nothing to do with encoding? Using hashcat I can crack only the first hash starting with 24109... (wordlist attack, brute-force attack) so how to tweak the hashcat parameters to be able to crack the second hash if I already know the password from the server onlinehashcrack.com? The same result with John The Ripper, it can crack only the first hash...

Thank you in advance for your help.
Reply


Messages In This Thread
Same password with two hashes - by Emkei - 05-03-2023, 12:17 PM
RE: Same password with two hashes - by nick8606 - 05-03-2023, 01:05 PM
RE: Same password with two hashes - by Emkei - 05-03-2023, 03:03 PM