09-21-2021, 11:56 AM
(This post was last modified: 09-21-2021, 11:59 AM by parasonic666.)
Hi,
I'm relatively new to hashcat, but trying to create a modified version of 14000, for personal learning / academic use case.
My special case is, I don't have a "normal" CT:PT pair, but I have a PT, and I know that this PT was previously decrypted by DES-ECB. I also know that the key is equal to CT. In other words, I want to do an -a 3 attack to find the DES-ECB key, for a given plaintext, where I know the key is self-encrypted (or self-decrypted).
I thought, ok, no problem, hashcat is great, and open source, so I can change the code. But this is still a challenge for me, I don't find the right place in the 14000 kernel code, where (and how) to do this kind of check, instead of comparing to a usual "fixed" CT. I'm sure it must be in the inner loop, but all my attempts are not working so far.
Maybe I'm just too stupid to get the internals of this specific bitsliced algo. Can anyone point me into right direction, or suggest a patch/code snippet?
Thx a lot!
I'm relatively new to hashcat, but trying to create a modified version of 14000, for personal learning / academic use case.
My special case is, I don't have a "normal" CT:PT pair, but I have a PT, and I know that this PT was previously decrypted by DES-ECB. I also know that the key is equal to CT. In other words, I want to do an -a 3 attack to find the DES-ECB key, for a given plaintext, where I know the key is self-encrypted (or self-decrypted).
I thought, ok, no problem, hashcat is great, and open source, so I can change the code. But this is still a challenge for me, I don't find the right place in the 14000 kernel code, where (and how) to do this kind of check, instead of comparing to a usual "fixed" CT. I'm sure it must be in the inner loop, but all my attempts are not working so far.
Maybe I'm just too stupid to get the internals of this specific bitsliced algo. Can anyone point me into right direction, or suggest a patch/code snippet?
Thx a lot!