Breaking AIX hashes with hashcat
#1
Hey Guys,

I just wanted to inform you about the accomplished work that philsmd and me spend some time in the last week.

The hashes used in AIX:

  • {smd5}
  • {ssha1}
  • {ssha256}
  • {ssha512}

They are supported to crack with hashcat now. Do not confuse them with OpenLDAP ones.

Quote:
root@sf:~/hashcat-0.45# ./hashcat-cliXOP.bin -m 6300 test6300 -a 3 ?l?l?l?l?l?l?l!
{smd5}01234567$yOImZPvBC8dg1HjGYfH7j.:hashcat!

root@sf:~/hashcat-0.45# ./hashcat-cliXOP.bin -m 6700 test6700 -a 3 ?l?l?l?l?l?l?l!
{ssha1}06$0123456789abcdef$pPDynUWwKgFKx8N5CP.d8D5C.wZ:hashcat!

root@sf:~/hashcat-0.45# ./hashcat-cliXOP.bin -m 6400 test6400 -a 3 ?l?l?l?l?l?l?l!
{ssha256}06$0123456789abcdef$9zHeDVOh2swHIvL1O9LPvTDeWwv0zbsB5n531R3J.UP:hashcat!

root@sf:~/hashcat-0.45# ./hashcat-cliXOP.bin -m 6500 test6500 -a 3 ?l?l?l?l?l?l?l!
{ssha512}06$0123456789abcdef$WGuBLjBECNeZKYKPqZUz8QTIbXCYLKqm0SoMnjvJaCwKR...:hashcat!


Here are the speeds, captured on a stock clocked AMD FX(tm)-8120 Eight-Core Processor using 8 threads:

  • {smd5} 80.60 KH/s
  • {ssha1} 822.22 KH/s
  • {ssha256} 394.14 KH/s
  • {ssha512} 175.61 KH/s

I will soon port all hashes to oclHashcat-plus and update the post with the GPU speeds.

The hashes will be supported with hashcat CPU v0.45 and oclHashcat-plus v0.15. Beta-Tester can already download hashcat b6 version.

For details of how the hashes are generated check out the follow-up post.

--
atom
#2
Hi guys, thx @atom,
and here are the details, it is (partially) too easy to be true and not understandable why nobody else came up with this details b4 ;-):
- smd5 uses md5_crypt basically
- ssha* variants use pbkdf2-hmac-sha-* (there are three of those ssha1, ssha256 and ssha512 connected to the pbkdf2-hmac-sha-* variant)

Furthermore, there is a non-standard (but well-known) base64 table in use:
"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"

The main difference of smd5 from standard md5_crypt() is that smd5 doesn't use the "$1$" within the md5_crypt digest generation.
But there is an option, they told me, that enables the "standard" version of md5_crypt, i.e. w/ std_hash=true or similar.

There are also very small base64 hacks in ssha* variants but of no big deal, i.e. the length of the outcome hash, what happens w/ padding etc.
If you have some sample hashes (or better password/hash pairs), it is easy to spot this details.


Too much words, here I open a ticket w/ source code attached (be warned: this code is hackish, was quickly written down, w/o looking at performance etc, but should be working too. Don't blame me for the (bad) code, ok?):
https://hashcat.net/trac/ticket/135
#3
cool stuff
#4
awesome Big Grin
#5
I like how md5-based variant is more secure in terms of computation than sha-2 based variant.
#6
thanks atom and phil :-)
#7
Finished the port to GPU. Speeds on two stock clocked hd6990's:
  • smd5: 10 MH/s
  • ssha1: 44 MH/s
  • ssha256: 18 MH/s
  • ssha512: 2 MH/s
#8
Amazing speeds! Great, thx for the port and update here