09-07-2025, 02:30 AM
Here's a quick rundown:
1. Parse $wp$2... bcrypt hash to hashcat bridge mode (see python3 code below)
2. Set up hashcat bridge mode (see example in my previous post; make sure to use the correct "bcrypt2x" mode in --bridge-parameter2 which must match your hash -- likely bcrypt2y, but bcrypt2b in my example)
3. Run hashcat which should crack the example hash:plaintext
example wp formatted hash:plain (generated hash)
example hashcat bridge formatted hash:plain (generated hash)
./wp2hashcat.py < wp_hash.txt
1. Parse $wp$2... bcrypt hash to hashcat bridge mode (see python3 code below)
2. Set up hashcat bridge mode (see example in my previous post; make sure to use the correct "bcrypt2x" mode in --bridge-parameter2 which must match your hash -- likely bcrypt2y, but bcrypt2b in my example)
3. Run hashcat which should crack the example hash:plaintext
example wp formatted hash:plain (generated hash)
Code:
$wp$2b$12$CnC/yHPQoTI40ISHyVEzCuRXkjDkydxPx.VceRJwUsBji5WDqw5BK:cycloneexample hashcat bridge formatted hash:plain (generated hash)
Code:
$2b$12$CnC/yHPQoTI40ISHyVEzCuRXkjDkydxPx.VceRJwUsBji5WDqw5BK*12*CnC/yHPQoTI40ISHyVEzCu:cyclone./wp2hashcat.py < wp_hash.txt
Code:
#!/usr/bin/env python3
import sys
for line in sys.stdin:
s = line.strip().removeprefix("$wp$")
if not s.startswith("$"):
s = "$" + s
_, algo, cost, rest = s.split("$", 3)
print(f"{s}*{cost}*{rest[:22]}")
~