05-01-2018, 12:28 PM
Good thinking but no that does not work. The reason: the UTF-16 expansion will still be applied (happens on GPU).
So 46007200 will become 46000000 72000000 etc. However if you use -m 900 (MD4) hashcat will find that hash.
The only workaround I can think of is to do the UTF-16 encoding like this.
But that means you can't use rules. Well you can but most of them will produce invalid UTF16 sequences.
So 46007200 will become 46000000 72000000 etc. However if you use -m 900 (MD4) hashcat will find that hash.
Code:
./hashcat --quiet -a 3 -m 900 --hex-charset 902BD6FDDF5248CE7902174E408F3F1F 4600720061006e0074006900?b?b65006b003100
902bd6fddf5248ce7902174e408f3f1f:$HEX[4600720061006e0074006900610165006b003100]The only workaround I can think of is to do the UTF-16 encoding like this.
Code:
./hashcat --quiet --encoding-from=utf8 --encoding-to=utf16le -m 900 902BD6FDDF5248CE7902174E408F3F1F /tmp/dict
902bd6fddf5248ce7902174e408f3f1f:$HEX[4600720061006e0074006900610165006b003100]