Signal database password on Android
I want to test recover of my old Signal Android database password with Hashcat.  The sourcecode for the app makes it look like database uses PBDKF2 with SHA1 but when I try crack known password using hashcat format 12000 sha1:iteration:hashConfusedalt I exhaust the guesses. The hash ends in = and salt in == so that looks right, but I notice Signal doing some weird PCKS 5 stuff in

Can I use last 20 bytes of mastersecret or is there AES component prior to PBKDF2 comparison?

Messages In This Thread
Signal database password on Android - by deeppurple - 06-08-2018, 11:30 PM