Bcrypt recovery with known salt?
#5
Please have a look at the bcrypt example (http://hashcat.net/wiki/doku.php?id=example_hashes - see line w/ hash type 3200), the format is:
$2a$cost$base64(salt).base64(hash)

iteration = 2 ^ cost

So there is no colon (as epixoip said) within the bcrypt format (if you add --username you need to add a username before the *whole* thing - including signature, cost, salt, raw hash).
But I suppose the salt:hash format you mention does not have a username in it... therefore forget about usernames and the colon-format, but please try to convert it to the format *hashcat expects. (I assume aBcDeFG in your example is not a username, is it?)

So it seems that you are trying to use a different format - but this format is not supported by hashcat. You might need to (bulk) convert your hashes etc.

Anyway, please try to play around first w/ the examples and understand the hash format used.

I also suspect that the speed will be (much) different you get it working correctly (i.e. correct input hash format).

Further speed considerations:
1. try to run ./oclHashcat64.bin -b -m 3200 to get an idea of how fast oclHashcat is when benchmarking bcrypt
2. it is widely known that bcrypt is one of the few algorithms that is faster on CPU and slower on GPU (because of it's design) - so if you have a modern CPU (Intel i7 or AMD XOP-enabled CPU) use cpu hashcat https://hashcat.net/hashcat/
3. please make sure your comparisons between e.g. jtr and hashcat are valid. For instance you should not compare jtr CPU speeds w/ oclHashcat (= GPU) speed, because we all know bcrypt is "slow" on GPU
4. reminder: https://twitter.com/hashcat/status/349192539443699713


Messages In This Thread
Bcrypt recovery with known salt? - by bobsaggat - 12-29-2013, 12:01 AM
RE: Bcrypt recovery with known salt? - by epixoip - 12-29-2013, 12:37 AM
RE: Bcrypt recovery with known salt? - by philsmd - 12-29-2013, 08:55 PM