01-28-2024, 11:39 PM
HI There,
I am working on a CTF challenge (HTB - Bizness) and it's my first time using Hashcat.
I have found the following Hash, which I know has root pwd in it:
I know it's SHA1 w salt. The Salt is the character d. However when using hashcat with the following code it says separator unmatched:
I changed to this format as well and tried:
uP0_QaVBpDWFeo8-dRzDqRwXQ2I:d
But still returns a token length exception.
Anyone has a clue on why it doesn't work?
If it helps I know the pwd is monkeybizness and this python script can successfully find it:
I am working on a CTF challenge (HTB - Bizness) and it's my first time using Hashcat.
I have found the following Hash, which I know has root pwd in it:
Code:
$SHA1$d$uP0_QaVBpDWFeo8-dRzDqRwXQ2II know it's SHA1 w salt. The Salt is the character d. However when using hashcat with the following code it says separator unmatched:
Code:
hashcat -m 120 -a 0 'hash.txt' /path/to/wordlistI changed to this format as well and tried:
uP0_QaVBpDWFeo8-dRzDqRwXQ2I:d
But still returns a token length exception.
Anyone has a clue on why it doesn't work?
If it helps I know the pwd is monkeybizness and this python script can successfully find it:
Code:
import hashlib
import base64
import os
def cryptBytes(hash_type, salt, value):
if not hash_type:
hash_type = "SHA"
if not salt:
salt = base64.urlsafe_b64encode(os.urandom(16)).decode('utf-8')
hash_obj = hashlib.new(hash_type)
hash_obj.update(salt.encode('utf-8'))
hash_obj.update(value)
hashed_bytes = hash_obj.digest()
result = f"${hash_type}${salt}${base64.urlsafe_b64encode(hashed_bytes).decode('utf-8').replace('+', '.')}"
return result
def getCryptedBytes(hash_type, salt, value):
try:
hash_obj = hashlib.new(hash_type)
hash_obj.update(salt.encode('utf-8'))
hash_obj.update(value)
hashed_bytes = hash_obj.digest()
return base64.urlsafe_b64encode(hashed_bytes).decode('utf-8').replace('+', '.')
except hashlib.NoSuchAlgorithmException as e:
raise Exception(f"Error while computing hash of type {hash_type}: {e}")
hash_type = "SHA1"
salt = "d"
search = "$SHA1$d$uP0_QaVBpDWFeo8-dRzDqRwXQ2I="
wordlist = '/usr/share/wordlists/rockyou.txt'
with open(wordlist,'r',encoding='latin-1') as password_list:
for password in password_list:
value = password.strip()
hashed_password = cryptBytes(hash_type, salt, value.encode('utf-8'))
# print(hashed_password)
if hashed_password == search:
print(f'Found Password:{value}, hash:{hashed_password}')