Posts: 3
Threads: 1
Joined: Mar 2022
Hi there !
Need some help, to find the best way for that:
I have the SHA1 hash, i known the password, i have parts of possible salt from hex file
I search what part of file and how is used as salt
Whats the best way to find this ?
Thanks
Posts: 890
Threads: 15
Joined: Sep 2017
is the salt fixed size?
hashcat will not really help you, except you generate a list with all possible sha1
alt combinations beforehand and then attack this list with your password, all you have to do is to generate this list, you can use hashcat --stdout or maskprocessor to help you building this list
Posts: 3
Threads: 1
Joined: Mar 2022
(03-24-2022, 02:12 PM)Snoopy Wrote: is the salt fixed size?
hashcat will not really help you, except you generate a list with all possible sha1alt combinations beforehand and then attack this list with your password, all you have to do is to generate this list, you can use hashcat --stdout or maskprocessor to help you building this list
Hi, Thanks
I suppose to have a salt, but not sure, extracted from hex file userTable6 from Alcatel switch with admin rights
Is there anything about Alcatel ? i'm confused because we can find lot of modes but nothing about alcatel ?!
They are Gods of Security ?
Posts: 890
Threads: 15
Joined: Sep 2017
if you have admin rights and or access to this router, the best thing would be generating examples with known usernames and passwords and extract the data from the file/tabel you mentioned
first of all, why do you think its sha1 (your initial question)
there is no need for hashcat to support all types of vendors if they stick to some standard hashalgorithms which are already supported by hashcat
Posts: 3
Threads: 1
Joined: Mar 2022
Its what i ve done
But no samples i make works
I think sha1 by size and from security doc found
Finally. I understand thé non interest but impressionated by the secret guard by Alcatel
Posts: 890
Threads: 15
Joined: Sep 2017
can you share the docs/links you found?
if it is really sha1 then Alcatel maybe used some obfuscation like splitting the hash, reverse the content and the hashparts itself, adding a fixed salt or a generic one like mac-adress or similar
to figure out how, well this is called reverse engineering and would take some time, maybe someone else already did this, most security researchers would start with the firmware of the router and try to figure out how passwort hashing is done