Posts: 30
Threads: 7
Joined: Dec 2012
Many of the hashes I am dealing with lately seem to have embedded end-of-line (\n) characters in them. What is the best way to represent these in password lists, for future attacks?
For example, consider the password: a\nb\nc\n
md5 -s 'a
> b
> c'
MD5 ("a
b
c") = c32b2057b9bd62...
What's the best way to represent this?
Posts: 414
Threads: 14
Joined: Mar 2012
Posts: 5,185
Threads: 230
Joined: Apr 2010
I guess what he wanted to say is to use --hex-charset
Posts: 414
Threads: 14
Joined: Mar 2012
No, "SHex" means --outfile-format=5.
Posts: 30
Threads: 7
Joined: Dec 2012
Ok. But, back to my original question, how does this help structure future attacks?
I see that the .pot/output file can be written as hex values in oclHashcat-plus (and somewhat less-so in the cpu hashcat), but there appears to be no way to either read .pot/output files created using this format back into hashcat or oclHashcat-plus, unless I am confused about the options somehow.
There _appears_ to be no way to represent a newline character in an input dictionary, other that to use rules to create it. Multiple LFs are even more of a challenge. Am I confused?
Posts: 414
Threads: 14
Joined: Mar 2012
- Pot output cannot be customized.
- Outfile output can be customized, using --outfile-format=N.
- I believe hashcat reads dicts line by line, chops \n, and \r if found first, and then processes it.
- The only way to "input" these eol chars to hashcat is to use -a3 (brute-force), --hex-charset, SHex (--outfile-format=5) and user-defined charset with all eol chars needed, represented hex of course.
Something like:
Code:
-plus -a3 -1 0d0a?d --hex-charset -o OUT --outfile-format=5 HASHFILE ?1?1?1?1?1
There are other tricky ways, but they're just too dirty to do.
