Bcrypt recovery with known salt?
#1
Hi there, I was interested in testing out your bcrypt speed vs johns.

I have a known password, a known salt, and the bcrypt hash.

To avoid breaking any rules, let's say my password is password, the salt is aBcDeFG, and the hash is $2a$10$randomstuff

In john, if I place the hash file in the format of aBcDeFG:$2a$10$randomstuff, and use my wordlist, my known password is discovered nearly instantly.

In oclHashCat, I receive a WARNING: Hashfile 'knownPassword.txt' in line 1 (*salt:hash*): Line-length exception

I've looked for how to use custom hashes, but cannot find it. Is this not supported?
Reply
#2
it would help if you posted your command line.

also, if you're going to specify a username before the hash, you need to use the --username flag. otherwise, get rid of it and just supply the hash.
Reply
#3
For my command line I am simply using "./oclHashcat64.bin -a 0 -m 3200 hlist.txt wlist.txt"

There is no username, only a known hash, unless I am confused as to what you are referring to?

Thank you for your reply.
Reply
#4
Using the --username option I am able to get it to run against my hashes, unfortunately it does not work, my known password is not cracked. Very strange..

Using a larger dictionary, I'm seeing it run about 15% slower than John, very disappointing.

Thanks for your help
Reply
#5
Please have a look at the bcrypt example (http://hashcat.net/wiki/doku.php?id=example_hashes - see line w/ hash type 3200), the format is:
$2a$cost$base64(salt).base64(hash)

iteration = 2 ^ cost

So there is no colon (as epixoip said) within the bcrypt format (if you add --username you need to add a username before the *whole* thing - including signature, cost, salt, raw hash).
But I suppose the salt:hash format you mention does not have a username in it... therefore forget about usernames and the colon-format, but please try to convert it to the format *hashcat expects. (I assume aBcDeFG in your example is not a username, is it?)

So it seems that you are trying to use a different format - but this format is not supported by hashcat. You might need to (bulk) convert your hashes etc.

Anyway, please try to play around first w/ the examples and understand the hash format used.

I also suspect that the speed will be (much) different you get it working correctly (i.e. correct input hash format).

Further speed considerations:
1. try to run ./oclHashcat64.bin -b -m 3200 to get an idea of how fast oclHashcat is when benchmarking bcrypt
2. it is widely known that bcrypt is one of the few algorithms that is faster on CPU and slower on GPU (because of it's design) - so if you have a modern CPU (Intel i7 or AMD XOP-enabled CPU) use cpu hashcat https://hashcat.net/hashcat/
3. please make sure your comparisons between e.g. jtr and hashcat are valid. For instance you should not compare jtr CPU speeds w/ oclHashcat (= GPU) speed, because we all know bcrypt is "slow" on GPU
4. reminder: https://twitter.com/hashcat/status/349192539443699713
Reply