PBKDF2-HMAC-SHA256 + AES-GCM (Ethereum seed hash from Metamask wallet)
#1
Hello, I want to attack on ethereum seed hash that metamask stored in json file.
Example:
{\"data\":\wM+CSmCIIlaofXHPxCRFqbcPvEDZESBYM1XdAE8VFanedCIXvDEEt15nhzdv1pqzkW0MCQDBA5T1W1/Ltg7lKBszkoJJ1PtVHOpTn/afhvLyIp2VBBV1Tuj4s8LGo2GM9KOHn1Hn5BC1YhjP56opGrJlsIT9qnuGYHT8EtA5IiHP4zB4fwgGqDhtX+QUJi4rdm+apXZ1DpRvDq5J+bCca2GHXzU5H57Esn3THPXev3RdlkmjhuXVjV8=,iv:ejhZW94EsJZ049Sb/at0Xg==,salt:jgW3gi0eyPtXXguqMzi6uGyuR6m+lgQXw8onqivK5w0=}
There is encrypted data, IV and salt. Password is: mysecretpassword
It using PBKDF2-HMAC-SHA256(10 000 iteratinons) + AES-GCM algorithm
I have simple script on python, but it too slow, I want decrypt using hashcat, is this possible? How can I do it?
Reply
#2
I think stargazer XLM (-m 25500) is pretty close. It has PBKDF2-HMAC-SHA256 and AES-GCM.
Reply
#3
(06-09-2021, 10:44 PM)atom Wrote: I think stargazer XLM (-m 25500) is pretty close. It has PBKDF2-HMAC-SHA256 and AES-GCM.

Thank you for answer. As I can see stargazer XLM has about 4000 iterations, but I need 10 000, how can I change this? And can you please provide me what format of hash, iv and salt I need use to run this algorithm?

P.S did some tests, and got Token length exception. And I didn't find how to configure salt. Is there a way to make custom algorithm or change XLM stargazer algo for my needs?
Reply
#4
Is not an easy change as that. There's much more code change required.
Reply
#5
(06-12-2021, 12:13 AM)atom Wrote: Is not an easy change as that. There's much more code change required.
I'm bad with low level programming, is there any coders who can do it for me for some $? Where to ask for this?
Reply
#6
(06-12-2021, 12:13 AM)atom Wrote: Is not an easy change as that. There's much more code change required.

i see a JavaScrypt code that decrypt it if you have a pass, it well be great you to do it!
Pos we can test a m26403? how can i get dll?
Reply
#7
I think you are talking about this github issue: https://github.com/hashcat/hashcat/issues/2818

Please always mention the context and github issues you are talking about, otherwise it's a little bit confusing if this is the same algo and where you got the info from etc

Within the github issue a lot of explanation and examples and also plans are already discussed, so I don't think we need much more than a few examples of decrypted data and hash pass examples within the github issue etc. one dev (matrix) already mentioned that they might look into it eventually soon. thx guys
Reply
#8
(07-03-2021, 10:50 AM)philsmd Wrote: I think you are talking about this github issue: https://github.com/hashcat/hashcat/issues/2818

Please always mention the context and github issues you are talking about, otherwise it's a little bit confusing if this is the same algo and where you got the info from etc

Within the github issue a lot of explanation and examples and also plans are already discussed, so I don't think we need much more than a few examples of decrypted data and hash pass examples within the github issue etc. one dev (matrix) already mentioned that they might look into it eventually soon. thx guys

Sorry, I found this topic on your forum (https://hashcat.net/forum/thread-10157-p...l#pid52987) and completely forgot to look at github. It's great that you decided to do ASAP. Thank you!
Reply