11-01-2015, 11:29 PM
(This post was last modified: 11-01-2015, 11:35 PM by raster.
Edit Reason: added information
)
1password version 3.7.2 is using the sqlite database to store all the information (the backup file with extension 1ptbackup is the same 1password.sqlite file).
Looking in the DB structure I found the table “securityLevels2” where items “iterations”, ”keyEncrypted” and “keyValidation” are present.
This version of 1password is using the PBKDF2-HMAC-SHA1 to store the master password:
https://help.agilebits.com/1Password3/ag...esign.html
Based on the example found “hashcat.agilekeychain” I prepared a file which starts with “sha1”, iterations (10000), “keyEncrypted” without first 8 bytes (Salted__) and “keyValidation”.
Based on the recommendation from other post of hashcat forum (to use base64 for oclHashcat v1.37) I converted the Salt to base64 by “echo "bae3d9555f89caeecd3c1026ac92bd116d9442736f3b1a41c94a609f99e2ee104a1655a90a0db23e" | xxd -r -p | base64”.
the final file looks like this:
sha1:10000:uuPVVV+Jyu7NPBAmrJK94W2UonNvOxpByUpgn5Di7hBKFlCCCg2yPg==:ad250322577f05adaacf4eb54884e222412f3cd852c98b5ea3f7759cfc0ddc70
Would you please check if my hash file is prepared correctly and if my approach is correct using option PBKDF2-HMAC-SHA1 (12000)?
Looking in the DB structure I found the table “securityLevels2” where items “iterations”, ”keyEncrypted” and “keyValidation” are present.
This version of 1password is using the PBKDF2-HMAC-SHA1 to store the master password:
https://help.agilebits.com/1Password3/ag...esign.html
Based on the example found “hashcat.agilekeychain” I prepared a file which starts with “sha1”, iterations (10000), “keyEncrypted” without first 8 bytes (Salted__) and “keyValidation”.
Based on the recommendation from other post of hashcat forum (to use base64 for oclHashcat v1.37) I converted the Salt to base64 by “echo "bae3d9555f89caeecd3c1026ac92bd116d9442736f3b1a41c94a609f99e2ee104a1655a90a0db23e" | xxd -r -p | base64”.
the final file looks like this:
sha1:10000:uuPVVV+Jyu7NPBAmrJK94W2UonNvOxpByUpgn5Di7hBKFlCCCg2yPg==:ad250322577f05adaacf4eb54884e222412f3cd852c98b5ea3f7759cfc0ddc70
Would you please check if my hash file is prepared correctly and if my approach is correct using option PBKDF2-HMAC-SHA1 (12000)?