Posts: 6
Threads: 2
Joined: Mar 2011
03-23-2011, 12:55 AM
(This post was last modified: 03-28-2011, 01:52 AM by juasjuas.)
Hello eveyone.
I have a shadow with this hash:
Quote:user_name:$1$eXmgr24C$NjeEHTZJ8gpSbJRtltggj.:15136:0:99999:7:::
That I know:
Quote:$1$
It means the cipher is MD5
Quote:eXmHZ24C
Is this the SALT???
Quote:NjeEHTZJ8gpSbJRtltXgj.
What is it?
I dont know if the final point (.) in this last string is a part of the cipher pass.
How i crack this???
Thanks a lot!!!
Posts: 5,185
Threads: 230
Joined: Apr 2010
its md5crypt, 1000 times iterated md5. you can crack it with hashcat or oclHashcat+. Use -m 500
Posts: 6
Threads: 2
Joined: Mar 2011
03-23-2011, 12:58 PM
(This post was last modified: 03-28-2011, 01:52 AM by juasjuas.)
(03-23-2011, 10:21 AM)atom Wrote: its md5crypt, 1000 times iterated md5. you can crack it with hashcat or oclHashcat+. Use -m 500
Thanks a lot. I have search the -m 500 option and i see it is md5(UNIX). What i must enter in the hasfile box??? (i use hascar gui)
Quote:eXmHZ24C$NjeEHTZJ8gpSbJRtltXgj.
this???
Quote:user_name:$1$eXmgr24C$NjeEHTZJ8gpSbJRtltXggj.:15136:0:99999:7:::
This???
What format???
Thank you very very much im starting in hash cracking.
Posts: 18
Threads: 1
Joined: Jan 2011
03-23-2011, 01:17 PM
(This post was last modified: 03-23-2011, 01:29 PM by San.)
Just put '$1$eXmHZ24C$NjeEHTZJ8gpSbJRtltXgj.' ($1$salt$hash) in 'hash.txt' and use the following syntax:
Code:
hashcat-cli32.exe -m 500 -o hash.out hash.txt Your-Dictionnary.txt
Read the help btw: hashcat-cli.exe -h
You just have to choose which binary you want to use (32 or 64bits) or use the .bin if you're on a Linux system.
And yes, the final "." is part of the hash.
Posts: 6
Threads: 2
Joined: Mar 2011
03-23-2011, 03:53 PM
(This post was last modified: 03-28-2011, 01:52 AM by juasjuas.)
(03-23-2011, 01:17 PM)San Wrote: Just put '$1$eXmgr24C$NjeEHTZJ8gpSbJRtltggj.' ($1$salt$hash) in 'hash.txt' and use the following syntax:
Code:
hashcat-cli32.exe -m 500 -o hash.out hash.txt Your-Dictionnary.txt
You just have to choose which binary you want to use (32 or 64bits) or use the .bin if you're on a Linux system.
And yes, the final "." is part of the hash.
Here is how i use the hascat and the error that happends.
I dont want to use dicctionary. I want to do bruteforce attack.
What is wrong?
Thanks!!!
Posts: 5,185
Threads: 230
Joined: Apr 2010
bruteforce a md5crypt is a bad idea. but i can guarantee you by 100% if use the dictionary rockyou.txt you will find the pass. oh and it does not work because a hashfile is not a hash.
Posts: 6
Threads: 2
Joined: Mar 2011
DONE! It has been cracked thanks so much.
My new challenge is
http://hashcat.net/forum/thread-341.html
Thank you very much
