converting to hash few times

[soul786]

can hashcat do this with plugin or addon.

i create a password, then i convert it to sha256 hash few times, after that i dont remember how many times i have converted it.

now if hashcat try to attack it, it fails, unless i give a dictionary to hashcat and then tell it to convert each word in dictionary 10 times to sha256, and check each word hashes at each iteration.

or if i remember that i converted it 9 times, i only tell that check at only 9th iteration (9th hash)

[penguinkeeper]

I have made proof-of-concept kernels for MD5 but in the same vein as this but it's not the type of thing that Hashcat has support for natively. MDXFind's -i flag may be more appropriate here

[Snoopy]

can hashcat do this with plugin or addon.

i create a password, then i convert it to sha256 hash few times, after that i dont remember how many times i have converted it.

now if hashcat try to attack it, it fails, unless i give a dictionary to hashcat and then tell it to convert each word in dictionary 10 times to sha256, and check each word hashes at each iteration.

or if i remember that i converted it 9 times, i only tell that check at only 9th iteration (9th hash)

I would write a simple python-script for that, all you have to do is a simple loop where the input is the output of the last loop (recursive or with a swap var) and printing that to stdout or into a file

you could also check on each loop whether your hash fits, and exit the loop when the hash fits but this could lead to an infinite loop when your first input isnt the right one, so i would break at i dont know, the 20th iteration?

[soul786]

i dont know coding at all

if someone can make such a plugin for hashcat i can pay for such plugin
or should i ask in developer forum to make such addon

[penguinkeeper]

No need to write anything, as I mentioned earlier, you can just use MDXFind, which is already a much higher-performance tool than any Python script would be. Example command:
mdxfind -h "^SHA256$" -i 10 -f hashlist.txt wordlist.txt

[Snoopy]

i dont know coding at all

if someone can make such a plugin for hashcat i can pay for such plugin
or should i ask in developer forum to make such addon

Do you have a password you wanna try or do you try to implement some kind of bruteforce?

If you have a password or even a list, you can use https://www.techsolvency.com/pub/bin/mdxfind/ with optiion -i for iterate on this purpose, sha256 is supported, or for learning purposes you can use google, chatgpt and write your own litte pythonscript (should be nothing more than 20-30 lines of code i guess)

EDIT: tried it myself so 18 LOC for Python, this will output the first 10 iterations of the input test (utf-8 input and lowercase for sha256 output)

Code:

from hashlib import sha256

def get_sha256(data):
    if isinstance(data, str):
        data = data.encode('UTF-8')
    sha256_hash = sha256(data).hexdigest()
    return sha256_hash

def main():
    print(f'Round: Hash:')
    input_data = "test"
    for i in range(1,11):
        hash_value = get_sha256(input_data)
        input_data = hash_value
        print(f'{i} {hash_value}')
if __name__ == '__main__':
    main()

you can check the output with any online sha256 generator but its working

the only problems which could occur is input encoding when using special chars like german öäü, because utf-8 and ISO-8859-15 or Windows1252 will generate different hashes for the first round, or whether your sha256 output was lowercase or uppercase (same problem, as lower and upper will generate different hashes for each iteration)

so you need to know how your sha256 generator worked, or you try it and check the first output