10-22-2020, 11:56 AM
Hi,
Helping an acquaintance (who is not very tech savvy) try to recover a password to a .RAR file. I believe he has sought help from other online sources and has told me that someone has contacted him and said that they've successfully cracked the hash by "removing the salt" from the hash which my acquaintance extracted using rar2john.
This third party (scammer imo) is now asking for payment before handing over the supposed password.
I've tried to convince my acquaintance that removing the salt from the hash will render it useless and mean that it is impossible to crack the correct password and that this other person is a scammer talking complete nonsense.
Would appreciate someone else confirming that removing/ignoring the salt will effectively break the extracted hash making password recovery impossible. I mean, if you didn't need the salt, why bother to extract it in the first place? Right?
Thanks in advance.
Regards,
HCP
Helping an acquaintance (who is not very tech savvy) try to recover a password to a .RAR file. I believe he has sought help from other online sources and has told me that someone has contacted him and said that they've successfully cracked the hash by "removing the salt" from the hash which my acquaintance extracted using rar2john.
This third party (scammer imo) is now asking for payment before handing over the supposed password.
I've tried to convince my acquaintance that removing the salt from the hash will render it useless and mean that it is impossible to crack the correct password and that this other person is a scammer talking complete nonsense.
Would appreciate someone else confirming that removing/ignoring the salt will effectively break the extracted hash making password recovery impossible. I mean, if you didn't need the salt, why bother to extract it in the first place? Right?
Thanks in advance.
Regards,
HCP