01-10-2018, 02:00 PM
Example hashes can be found here: https://hashcat.net/wiki/doku.php?id=example_hashes
... and yes only -m 111 = nsldaps, SSHA-1(Base64), Netscape LDAP SSHA looks similar (has the, what we call, same signature. in your case {SSHA}...)
The problem is, that since the algorithm for -m 111 is base64 (sha1 ($pass . $salt) . $salt) in theory only the last part should be the same in the final hash... assuming that the same salt was used for all users. In your case, the first part seems to be equal amongs users, this contradicts with the algorithm of -m 111 if I'm not totally wrong.
Maybe you can give more details on where and how these hashes were extracted? Is this an ldap system ? Where are these hashes stored?
In theory the hashes could also use a very different algorithm or the hashes were manipulated/obfuscated somehow. Maybe you can give more details about the extraction/setup.
... and yes only -m 111 = nsldaps, SSHA-1(Base64), Netscape LDAP SSHA looks similar (has the, what we call, same signature. in your case {SSHA}...)
The problem is, that since the algorithm for -m 111 is base64 (sha1 ($pass . $salt) . $salt) in theory only the last part should be the same in the final hash... assuming that the same salt was used for all users. In your case, the first part seems to be equal amongs users, this contradicts with the algorithm of -m 111 if I'm not totally wrong.
Maybe you can give more details on where and how these hashes were extracted? Is this an ldap system ? Where are these hashes stored?
In theory the hashes could also use a very different algorithm or the hashes were manipulated/obfuscated somehow. Maybe you can give more details about the extraction/setup.