Posts: 6
Threads: 2
Joined: Jun 2021
06-09-2021, 06:54 PM
(This post was last modified: 06-09-2021, 07:09 PM by andy_larkin.)
Hello, I want to attack on ethereum seed hash that metamask stored in json file.
Example:
{\"data\":\wM+CSmCIIlaofXHPxCRFqbcPvEDZESBYM1XdAE8VFanedCIXvDEEt15nhzdv1pqzkW0MCQDBA5T1W1/Ltg7lKBszkoJJ1PtVHOpTn/afhvLyIp2VBBV1Tuj4s8LGo2GM9KOHn1Hn5BC1YhjP56opGrJlsIT9qnuGYHT8EtA5IiHP4zB4fwgGqDhtX+QUJi4rdm+apXZ1DpRvDq5J+bCca2GHXzU5H57Esn3THPXev3RdlkmjhuXVjV8=,iv:ejhZW94EsJZ049Sb/at0Xg==,salt:jgW3gi0eyPtXXguqMzi6uGyuR6m+lgQXw8onqivK5w0=}
There is encrypted data, IV and salt. Password is: mysecretpassword
It using PBKDF2-HMAC-SHA256(10 000 iteratinons) + AES-GCM algorithm
I have simple script on python, but it too slow, I want decrypt using hashcat, is this possible? How can I do it?
Posts: 5,185
Threads: 230
Joined: Apr 2010
I think stargazer XLM (-m 25500) is pretty close. It has PBKDF2-HMAC-SHA256 and AES-GCM.
Posts: 6
Threads: 2
Joined: Jun 2021
06-10-2021, 02:52 PM
(This post was last modified: 06-10-2021, 03:39 PM by andy_larkin.)
(06-09-2021, 10:44 PM)atom Wrote: I think stargazer XLM (-m 25500) is pretty close. It has PBKDF2-HMAC-SHA256 and AES-GCM.
Thank you for answer. As I can see stargazer XLM has about 4000 iterations, but I need 10 000, how can I change this? And can you please provide me what format of hash, iv and salt I need use to run this algorithm?
P.S did some tests, and got Token length exception. And I didn't find how to configure salt. Is there a way to make custom algorithm or change XLM stargazer algo for my needs?
Posts: 5,185
Threads: 230
Joined: Apr 2010
Is not an easy change as that. There's much more code change required.
Posts: 6
Threads: 2
Joined: Jun 2021
06-13-2021, 12:48 PM
(This post was last modified: 06-13-2021, 12:48 PM by andy_larkin.)
(06-12-2021, 12:13 AM)atom Wrote: Is not an easy change as that. There's much more code change required.
I'm bad with low level programming, is there any coders who can do it for me for some $? Where to ask for this?
Posts: 5
Threads: 1
Joined: Jul 2021
07-02-2021, 03:27 PM
(This post was last modified: 07-02-2021, 04:02 PM by dialap.)
(06-12-2021, 12:13 AM)atom Wrote: Is not an easy change as that. There's much more code change required.
i see a JavaScrypt code that decrypt it if you have a pass, it well be great you to do it!
Pos we can test a m26403? how can i get dll?
Posts: 2,267
Threads: 16
Joined: Feb 2013
07-03-2021, 10:50 AM
(This post was last modified: 07-03-2021, 10:53 AM by philsmd.)
I think you are talking about this github issue:
https://github.com/hashcat/hashcat/issues/2818
Please always mention the context and github issues you are talking about, otherwise it's a little bit confusing if this is the same algo and where you got the info from etc
Within the github issue a lot of explanation and examples and also plans are already discussed, so I don't think we need much more than a few examples of decrypted data and hash pass examples within the github issue etc. one dev (matrix) already mentioned that they might look into it eventually soon. thx guys
Posts: 5
Threads: 1
Joined: Jul 2021
(07-03-2021, 10:50 AM)philsmd Wrote: I think you are talking about this github issue: https://github.com/hashcat/hashcat/issues/2818
Please always mention the context and github issues you are talking about, otherwise it's a little bit confusing if this is the same algo and where you got the info from etc
Within the github issue a lot of explanation and examples and also plans are already discussed, so I don't think we need much more than a few examples of decrypted data and hash pass examples within the github issue etc. one dev (matrix) already mentioned that they might look into it eventually soon. thx guys
Sorry, I found this topic on your forum (
https://hashcat.net/forum/thread-10157-p...l#pid52987) and completely forgot to look at github. It's great that you decided to do ASAP. Thank you!
