A Difficult Salting Method
#1
Hello everyone,

I am trying to use oclHashcat on some SHA-512 hashes, but the way they were constructed is very odd. The method is: "salt1 + Password + salt2 + length(Password)"

For example, if salt1 is "foo", salt2 is "bar" and the password is "password1", then the hash would be the SHA-512 of "foopassword1bar9" (where 9 is the number of characters in "password1").

My question is how can I set up oclHashcat to tackle such a challenge?

As an additional detail: I am planning on using some wordlists/dictionaries for the attack.

Thank you,
Spencer
#2
Technically, you're dealing with a sha-512($salt1.$pass.$salt2), where $salt2 = $salt2.len($pass); it's just a number appended to salt2.
You'll have to filter your dictionaries / keyspace to a certain length and only attack hashes which have such length in the second salt (otherwise you're just wasting cycles).
But I don't see sha-512($salt1.$pass.$salt2) being supported by oclHashcat at the moment.
Hope this helps.
#3
So there's no way to set up oclHashcat (or even standard Hashcat) to automatically handle this?

If not, I suppose I'll just work on writing something in C++ to handle this.
#4
Correct. There is not.
#5
Alright, thank you anyway.