Hello everyone. Please tell me how to work with the -m 3730 mode. I didn't find any instructions. As I understand it, the long hash itself, the serial number and the username are required. As soon as I don't try, nothing comes out, even knowing the password. Help please..
|
Help with -m 3730 mode
|
03-21-2025, 08:50 PM
I didn't get your point, mode 3730 doesn't act other than any other mode
hashcat -a0 -m3730 --status hashfile dictionary your hash should look like this, taken from https://hashcat.net/wiki/doku.php?id=example_hashes 0e1484eb061b8e9cfd81868bba1dc4a0:229381927:182719643
03-21-2025, 09:08 PM
(03-21-2025, 08:50 PM)Snoopy Wrote: I didn't get your point, mode 3730 doesn't act other than any other mode I have an algorithm for john the ripper that can brute force long hashes, but there is no opencl support. As I understood in this mod also interaction with long hashes. And I can't understand where the values after the hash: 229381927:182719643 come from. The script in john the ripper has this example: $dynamic_2868$hash$serial number$$User
Yesterday, 01:06 PM
(03-21-2025, 09:08 PM)Ivanich69 Wrote: I have an algorithm for john the ripper that can brute force long hashes, but there is no opencl support. As I understood in this mod also interaction with long hashes. And I can't understand where the values after the hash: 229381927:182719643 come from. The script in john the ripper has this example: $dynamic_2868$hash$serial number$$User no mode 3730 is not for interacting with long hashes, each oder 99% of hash algorithms have a fixed output according to hashcat example hashes mode 3730 is defined as Dahua NVR/DVR/HVR (md5($salt1.strtoupper(md5($salt2.$pass)))) * 0e1484eb061b8e9cfd81868bba1dc4a0:229381927:182719643 so in fact its a double salted md5 and the example has is MD5:Salt1:Salt2 and it seems it was used in *vr devices salts are generated randomly by the hashalgorithm or generated by some other input so what kind of hash to you want to attack, or which JtR script do you used? (Yesterday, 01:06 PM)Snoopy Wrote:(03-21-2025, 09:08 PM)Ivanich69 Wrote: I have an algorithm for john the ripper that can brute force long hashes, but there is no opencl support. As I understood in this mod also interaction with long hashes. And I can't understand where the values after the hash: 229381927:182719643 come from. The script in john the ripper has this example: $dynamic_2868$hash$serial number$$User The man wrote the algorithm himself. But about “and it seems that it was used in *vr devices” - I don't remember that it was used somewhere. I've been working with dahua cameras for a long time, and it's the first time I've seen such a variant. “so what type of hash do you want to attack” - I need to brute force this kind, long hash : serial number : user. (systmp:$dynamic_2868$C53380xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx$$Usystmp) I tried adding the algorithm to hashcat, but nothing works. There are constant compilation errors. I apologize if something is not clear. I'm writing through a translator C53380xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx - long hash 2C008xxxxxxxxxxxx - serial number systmp - user
2 hours ago
well you could ask the guy who wrote the script, he should know how user, serialnumber or whatever is used to produce the hash, in fact without knowing the used algortihm it would be impossible to attack these hash AND more obvious, if there is no kernel for that hashtype its also impossible
first of all how long is your hashpart? lets assume its also some kind of mode 3730 md5 style this COULD mean, (only the guy with the script can tell), that user, serial or something else is used as input for salt 1 and salt 2. But as i said you need to know how the device (are we talking about a *VR) produces these hashes. |
|
« Next Oldest | Next Newest »
|