03-26-2024, 02:07 AM
(03-25-2024, 02:37 PM)DanielG Wrote: Turns out hashcat does have a mode using utf16le. Mode 1440 = sha256($salt.utf16le($pass)). It does not however encode the salt for you, this must be done manually (https://gchq.github.io/CyberChef/#recipe...nAxVEcwdzs)
Code:hashcat --hex-salt -a 3 -m 1440 "b3e20bcdf27a30eca65539e679001ada20c4a04791765bb43265a7cf200396f5:330074004b004a007200680077005300770076007000310054004700300077003b00" "hashca?l"
cracks the password
Thanks so much for looking at this Daniel - that's incredible and I can script the rest - I can now remove wordlist/simple passwords from my systems.
PS: CyberChef is a pretty amazing tool too, thanks!