Non printable ascii characters in salt
#1
Hi guys,

I have some hashes that were created in the following format:

hash = md5($salt.$pass.$salt)

The problem is that the salt can contain non printable ascii characters.

So I am unable to save the salts as ascii characters that hashcat can recognize.

Does anyone have any ideas how I can go about cracking the hashes?

IS there any support for hashcat reading the hex representation of the salt?
#2
From --help:
Code:
--hex-salt                    Assume salt is given in hex
But that's in -plus only, I don't know why there's no such option in CPU's hashcat.
#3
But oclHashcat-plus cannot crack hashes of created by this algorithm:

md5($salt.$pass.$salt)

:/ any other ideas?
#4
Can you post some of the salts? In hex if it's required.
#5
Here is an example salt in hex: a2cdde9445d0c3e285cac24b0632b6df7d2c74c8

The salts are 20 characters long and are composed of random ascii characters in the range 0-255.

The example salt I have posted contains the hex value 0x06... This is a non printable character, herein lies my problem - I cannot write it to a file and have hashcat recognize it!

On the plus side I have written my own wordlist cracker in php (the language the salt was created in) that seems to work... But very slowly. Its a shame not to be able to utilize hashcat's speed and functionality.
#6
(12-02-2012, 03:01 PM)seanmheff Wrote: This is a non printable character, herein lies my problem - I cannot write it to a file and have hashcat recognize it!

you can use printf etc to write it to a file if you wish. e.g.,

Code:
printf "\x06\n" >somefile
#7
Got it working now..

I have my data saved in the form username:hash:hex(salt)

I wrote a program to parse the data, and output it to a file saved in the form hash:ascii(salt)

The resulting file appears corrupt on my system (Linux based) and is not readable by any text editor I have installed. However, hashcat can read most of the data and crack the hashes Smile

Thanks for your help guys Smile All along my problem has arisen from me not trying hashcat on a corrupt file as I thought it would be unable to read it...
#8
"shit in, shit out"
-Not-me