03-18-2018, 07:46 PM
Just to make sure that other users interested in something like this do not choose a wrong approach to do these types of attacks: if you are cracking a "salted" hash, you should use the corresponding hash modes if available.
Therefore for -m 0, if you have an algorithm that uses md5 ($salt . $pass) ... you should use -m 20 of course (see https://hashcat.net/wiki/doku.php?id=example_hashes).
In your specific case for -m 0 and md5 ($salt . $pass) you should use hashes like this:
hash:user[TAB]
where [TAB] needs to be replaced by the tabulator character (0x09) and "user[TAB]" is the salt in this case.
Of course, this type of attack only works if a corresponding salted hash algorithm is available in hahscat.
Therefore for -m 0, if you have an algorithm that uses md5 ($salt . $pass) ... you should use -m 20 of course (see https://hashcat.net/wiki/doku.php?id=example_hashes).
In your specific case for -m 0 and md5 ($salt . $pass) you should use hashes like this:
hash:user[TAB]
where [TAB] needs to be replaced by the tabulator character (0x09) and "user[TAB]" is the salt in this case.
Of course, this type of attack only works if a corresponding salted hash algorithm is available in hahscat.