Posts: 1
Threads: 1
Joined: Mar 2022
Hello! I am learning how to use Hashcat to crack different types of passwords. I hope someone here can help me. I cannot find anything online so I made an account on this forum just to ask this. I have a bcrypt hash with a known salt. How would I go about cracking it? Where do I tell Hashcat I have a salt for it to use? And am I using the right hash mode? I was thinking about using 3200 but not 100% sure it's the right one to use. If you need more information from me to help solve this problem just ask, I'll reply to you.
Posts: 930
Threads: 4
Joined: Jan 2015
03-02-2022, 12:38 AM
(This post was last modified: 03-02-2022, 12:39 AM by royce.)
hashcat detects and uses the salt automatically. Simply pass the hash it on the command line (may need to single-quote the dollar signs). It's mode 3200 (unless it's a nested hash of some kind). So hashcat -m 3200 'hash', along with what attack you want (straight wordlist (-a 0) is probably what you'd want with a slow hash)
~
Posts: 69
Threads: 2
Joined: Dec 2021
(03-02-2022, 12:38 AM)royce Wrote: hashcat detects and uses the salt automatically.
For all hash-modes ? or only for 3200 ?
So, you don't need to pass the salt to Hashcat, even if you know that particular salt ?
Below is the example hash from
https://hashcat.net/wiki/doku.php?id=example_hashes
Code:
C:\hashcat-6.2.5>hashcat.exe -a 3 -m 3200 "$2a$05$LhayLxezLhK1LhWvKxCyLOj0j1u.Kj0jZ0pEmm134uzrQlFvQJLF6" "hashcat"
hashcat (v6.2.5) starting
OpenCL API (OpenCL 2.1 WINDOWS) - Platform #1 [Intel(R) Corporation]
====================================================================
* Device #1: Intel(R) Celeron(R) CPU 1005M @ 1.90GHz, 8103/16270 MB (2033 MB allocatable), 2MCU
Minimum password length supported by kernel: 0
Maximum password length supported by kernel: 72
Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates
Optimizers applied:
* Zero-Byte
* Single-Hash
* Single-Salt
* Brute-Force
Watchdog: Hardware monitoring interface not found on your system.
Watchdog: Temperature abort trigger disabled.
Host memory required for this attack: 0 MB
The wordlist or mask that you are using is too small.
This means that hashcat cannot use the full parallel power of your device(s).
Unless you supply more work, your cracking speed will drop.
For tips on supplying more work, see: https://hashcat.net/faq/morework
Approaching final keyspace - workload adjusted.
$2a$05$LhayLxezLhK1LhWvKxCyLOj0j1u.Kj0jZ0pEmm134uzrQlFvQJLF6:hashcat
Session..........: hashcat
Status...........: Cracked
Hash.Mode........: 3200 (bcrypt $2*$, Blowfish (Unix))
Hash.Target......: $2a$05$LhayLxezLhK1LhWvKxCyLOj0j1u.Kj0jZ0pEmm134uzr...vQJLF6
Time.Started.....: Wed Mar 02 09:51:15 2022 (0 secs)
Time.Estimated...: Wed Mar 02 09:51:15 2022 (0 secs)
Kernel.Feature...: Pure Kernel
Guess.Mask.......: hashcat [7]
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 253 H/s (3.52ms) @ Accel:2 Loops:32 Thr:1 Vec:1
Recovered........: 1/1 (100.00%) Digests
Progress.........: 1/1 (100.00%)
Rejected.........: 0/1 (0.00%)
Restore.Point....: 0/1 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-32
Candidate.Engine.: Device Generator
Candidates.#1....: hashcat -> hashcat
Started: Wed Mar 02 09:50:59 2022
Stopped: Wed Mar 02 09:51:17 2022
Posts: 930
Threads: 4
Joined: Jan 2015
If the salt is already in the hash, it will automatically be used, for all hash types.
If the salt is not already in the hash, you can supply it on the command line.
~
