03-16-2017, 05:11 AM
(03-16-2017, 04:14 AM)royce Wrote: Interesting use cases, thanks.
Two things, though:
1. Since the subject of this post starts with "Potfile format", I assumed that the end goal is to convert a potfile, but retain the potfile format. The script that I provided takes a potfile as input and produces an un-HEXed potfile, of the standard form hash:plain. Your script converts both the hash and the plaintext of a potfile to hex, including the colon separator.
EDIT - Yikes! I posted the wrong version!
Code:#!/usr/bin/env perl
# Credit: undeath, https://hashcat.net/forum/thread-3522.html
use utf8;
while (<>) {
if ($_ =~ m/(.*):\$HEX\[([A-Fa-f0-9]+)\]/) {
print $1 . ':' . pack("H*", $2), "\n"
} else {
print $_;
}
}
2. To clarify, are you saying that you try the hex-as-a-string form of passwords against hashes? I would expect very few hits from this technique.
1. Good point. I took that for granted. The perl script was only a partial solution. For md5, I was executing:
cat md5_found.pot | cut -b 1-33 --complement | convert_plaintext_2_hex.pl > md5_pot_passwords_in_hex.txt
That takes out the hash and the colon and just leaves the hex.
2. Try it with "-r ./rules/dive.rule". You may be surprised at what you get.
Also, the hex conversion leaves "0a" at the end of every conversion due to the CR character. That may not be so desirable. I'll look at this more soon and see what can be done to account for that.