multihashing of sha1($salt.$pass) possible?
#1
Hi,I'm new to this so a simple answer will be helpfulWink

I want to use this command:

Code:
oclHashcat.exe sha1.hash -1 ?d?d ?1?1?1?1?1 ?1?1?1?1?1?1  -m 102

where:
sha1.hash is something like this:
Code:
22E674C15D2DA3C80125CCF661A82BF0F59EDC82:00000000001234567890123400
2DC32126178B84938AA2663F747D5749ADA7E644:00000000001234567890123400
8CA3C4D678ECD6D7189E48AC52C5B8D46427A8CB:00000000001234567890123400  
176A5D3D2B367C941C1E1E0E73798E99C44FE71B:00000000001234567890123400
AEFD542D7A22CE7305D8F33E9B3D2B32D02067A9:00000000001234567890123400
3A35AFF0EC2A705DFC28E9DCF736CC3AD7896135:00000000001234567890123400
BBF01B752EB3E6826A16B39CB731D4E7C851CD20:00000000001234567890123400
734C785DDB7498E67AE9DB8A23E025B843A931B7:00000000001234567890123400
22E674C15D2DA3C80125CCF661A82BF0F59EDC82:00000001001234567890123400
2DC32126178B84938AA2663F747D5749ADA7E644:00000001001234567890123400
8CA3C4D678ECD6D7189E48AC52C5B8D46427A8CB:00000001001234567890123400  
176A5D3D2B367C941C1E1E0E73798E99C44FE71B:00000002001234567890123400
AEFD542D7A22CE7305D8F33E9B3D2B32D02067A9:00000002001234567890123400
3A35AFF0EC2A705DFC28E9DCF736CC3AD7896135:00000002001234567890123400
BBF01B752EB3E6826A16B39CB731D4E7C851CD20:00000002001234567890123400
734C785DDB7498E67AE9DB8A23E025B843A931B7:00000002001234567890123400
22E674C15D2DA3C80125CCF661A82BF0F59EDC82:00000002001234567890123400
2DC32126178B84938AA2663F747D5749ADA7E644:00000002001234567890123400
8CA3C4D678ECD6D7189E48AC52C5B8D46427A8CB:00000002001234567890123400  
176A5D3D2B367C941C1E1E0E73798E99C44FE71B:00000002001234567890123400
AEFD542D7A22CE7305D8F33E9B3D2B32D02067A9:00000002001234567890123400
3A35AFF0EC2A705DFC28E9DCF736CC3AD7896135:00000002001234567890123400
BBF01B752EB3E6826A16B39CB731D4E7C851CD20:00000002001234567890123400
734C785DDB7498E67AE9DB8A23E025B843A931B7:00000002001234567890123400
...................

and so on,list must have 8x10000 hashes(same 8 hashes with different value inside $salt(the value is some digit in range 0-9999 in hex)!

The target is to obtain 11-digit pass!

10x for infoWink
#2
Yes, I am pretty sure it is feasible. The question is why you did not try it instead and/or what problem did you get?

I suggest also you modify your order of ?1 and put it like this:

?1?1?1?1?1?1?1?1 ?1?1?1

It's better to have a multiple of 4 in the left section.
#3
(12-27-2010, 04:23 AM)mastercracker Wrote: Yes, I am pretty sure it is feasible. The question is why you did not try it instead and/or what problem did you get?

I suggest also you modify your order of ?1 and put it like this:

?1?1?1?1?1?1?1?1 ?1?1?1

It's better to have a multiple of 4 in the left section.

10x for your replay!

First,before i try the above,i must receive one valid hashConfusedalt with password(must happen this days),so can be able to see if the command works or not in some good time-frame,else I'll have to wait with days(80000*10^11 combinations are a lot of computing time)before eventually receive conformation is it correct or not.Also generating a file with those hashConfusedalt variables are too much time also for me,because I don't have the knowledge to make some script who will generate it for me at this time!Maybe someone here will help me with this script,maybe notSmile

EDIT:Maybe I do all wrongSad for example here is command line for ighashgpu,off course with only one hash,coz ighashgpu does not support multihashing for sha1:

ighashgpu.exe -hm:0 /tConfusedha1 /min:11 /max:11 /uh:00010203040506070809 /salt:0405040200XXXXXXXXXXXXXX00 /h:22E674C15D2DA3C80125CCF661A82BF0F59EDC82

for info:
green text X in salt is value that i know by default;
red text are the values from 0-9999 in HEX(in my case the number is 4542).I must try them until i get match witch will lead me to my 11digit code
orange is my hash(i can get 8 hashes).

So I want to crack simultaneously with those 8 hashes do decrease the time maybe x8 times.If any of these hashes match I'll have my password.

How can I do that?

BR
#4
Updating info.....

So here is correct pair of pass,salt and hash:
tested with this cmd
Code:
ighashgpu.exe /t:sha1 /min:11 /max:11 /uh:00010203040506070809 /salt:07070902003543010412367400 /h:07381fe21f9a4e56740ee3162a7c06e6aad15493
pause

I can not reproduce the result in oclHASHcat,don't know why...this is the command i used:
Code:
oclHashcat.exe hash.hash -1 ?d?d ?1?1?1?1?1?1 ?1?1?1?1?1  -m 102

in hash.hash file i have only one line:
Code:
07381fe21f9a4e56740ee3162a7c06e6aad15493:07070902003543010412367400

Code:
pass:0709010007050508040804(in hex) or 79107558484
salt:07070902003543010412367400(in hex)
hash:07381fe21f9a4e56740ee3162a7c06e6aad15493

here is initial data that i know:
Code:
354301041236740
hash_1:07381fe21f9a4e56740ee3162a7c06e6aad15493    
        2:6f937b59267113842c9ef56e30be83b6258dd5b8    
        3:a9d1d66cffa7dad56599179426b29304f567bbf9    
        4:fb46582728351214d8765b63b2df124cebbf21a8    
        5:3b171cff784b5fb06208ae40fcae8fd7fb322046    
        6:b9227c81394809c43efb331b639135fa8ddee60c    
        7:11f341fd9db2aab2ea560dcc00c42b724dc317ac    
        8:6c0b9c3db41ab03d78464a2462b3dbdbce4b2ec5

So..cracking all hashes will lead me to same(or other but still useful) 11-digit password!
About salt( here is the keyWink )....
salt:07070902003543010412367400 where:
random_number _from_00000000-09090909 in hex (0-9999) in my example 07070902 in hex(7792)
00 - zero byte
initial_data in my example 35430104123674
00-zero byte

The target:I must try one hash with salt that has changing random_number _from_00000000-09090909 until i find password 11-digit(22 in HEX)

Every hash has different random_number(in other words different salt) but leads to the same (maybe different but still usable) 11-digit password(not proved yet)!

How to test all 8 hashes simultaneously with current salt is my question??!!!Because 1st match will give me my password!!!Also how to organize all things together....

10x again for contribution!
#5
sorry, but this does not work with oclHashcat for two reasons:

1. you can not add salts or charsets in hex
2. you can not crack plains of size 15 or bigger and you need 24
#6
multihashing of sha1($salt.$pass) is (and was) possible but the reasons why sl3 unlocking with oclHashcat is not possible still remain the same even with the latest version.
#7
support for salted hex and salted charsets comes in oclHashcat v0.26