Posts: 9
Threads: 1
Joined: Nov 2022
I would like some help in determining which algorythm to use for decrypting the following hash that used PBKDF2 (AES 256/CBC).
Code:
9b968a5c3888d1b959bce46371dbc037c0874575af523467d3896fe608fdc2fb0ff122fdc9680c0bdd7aff0db66cf7b5
Code:
fddb8f9b6a1e7c39ddefabe933f4104e2842d8e252b0cf1dd1a04457939ad47
Posts: 9
Threads: 1
Joined: Nov 2022
11-07-2022, 01:51 AM
(This post was last modified: 11-07-2022, 01:52 AM by hlore.)
I inadvertently omitted a character in the salted hash (second hash) that I posted above. The correct salted hash is:
Code:
1fddb8f9b6a1e7c39ddefabe933f4104e2842d8e252b0cf1dd1a04457939ad47
Posts: 9
Threads: 1
Joined: Nov 2022
11-07-2022, 08:57 PM
(This post was last modified: 11-07-2022, 09:14 PM by hlore.)
Thank you. I tried these on both hashes, but none worked. However, I'm not sure how to format the hash with the salt. Do I paste the salt at the beginning of the hash/key ?
Posts: 9
Threads: 1
Joined: Nov 2022
(11-07-2022, 09:46 PM)marc1n Wrote: https://hashcat.net/wiki/doku.php?id=example_hashes
Thanks again. Apologies for my nativity, but in looking at the example hashes of the 8 "recognized hashes", I don't see any obvious file separator where an iv/salt would be inserted. Can you guide me a little more? Thanks.
Posts: 9
Threads: 1
Joined: Nov 2022
I'm still struggling with this and hoping someone can give me a hint. At this point, I'm trying to figure out how to combine the salt with the hash The examples didn't help, unfortunately.
Thanks
Posts: 1,042
Threads: 2
Joined: Jun 2017
11-16-2022, 08:46 PM
(This post was last modified: 11-16-2022, 08:46 PM by ZerBea.)
Are you sure it is a hash or is it encrypted text?
Code:
$ echo -n 'the quick brown fox jumps over the lazy old dogs back' | openssl aes-256-cbc -e -salt -pbkdf2 -iter 10000 -out ciphertext.enc -p
enter AES-256-CBC encryption password: testtest
Verifying - enter AES-256-CBC encryption password:
salt=F903D4DDFAC55AF1
key=AD6197A8AE7A4AF2FD58B74FA4D1B5C7F4480B1BAD8A164D64652C4DD3EBDFC0
iv =EDA1AF9277A3BA6F4B4B14808D39A5D1
Will say that there is absolutely no chance to identify the underlying algorithm for your posted encrypted text.
Posts: 9
Threads: 1
Joined: Nov 2022
11-17-2022, 12:30 AM
(This post was last modified: 11-17-2022, 12:31 AM by hlore.)
(11-16-2022, 08:46 PM)ZerBea Wrote: Are you sure it is a hash or is it encrypted text?
Thank you. It is not encrypted text. I further determined that the first string I posed is the hash, i.e.,
Code:
9b968a5c3888d1b959bce46371dbc037c0874575af523467d3896fe608fdc2fb0ff122fdc9680c0bdd7aff0db66cf7b5
and the salt is
58248916-e804-465c-85d2-bd5da4a805cf
Posts: 1,042
Threads: 2
Joined: Jun 2017
11-17-2022, 08:01 AM
(This post was last modified: 11-17-2022, 08:02 AM by ZerBea.)
In that case (it is a hash) hashcat isn't useful (PBKDF2-HMAC-AES-256-CBC) because it only provide this generic KDF functions:
Code:
11900 | PBKDF2-HMAC-MD5 | Generic KDF
12000 | PBKDF2-HMAC-SHA1 | Generic KDF
10900 | PBKDF2-HMAC-SHA256 | Generic KDF
12100 | PBKDF2-HMAC-SHA512 | Generic KDF
Posts: 9
Threads: 1
Joined: Nov 2022
(11-17-2022, 08:01 AM)ZerBea Wrote: In that case (it is a hash) hashcat isn't useful (PBKDF2-HMAC-AES-256-CBC) because it only provide this generic KDF functions:
Code:
11900 | PBKDF2-HMAC-MD5 | Generic KDF
12000 | PBKDF2-HMAC-SHA1 | Generic KDF
10900 | PBKDF2-HMAC-SHA256 | Generic KDF
12100 | PBKDF2-HMAC-SHA512 | Generic KDF
Thank you. Do you have any suggestions on what alternatives I might search for?
Posts: 9
Threads: 1
Joined: Nov 2022
I'm still trying to get this to work. If I can find the algorithm used to create the hash, is it difficult to create a module to use with Hashcat?
