cracking sha256 with a 2 digit salt
#1
Hey everyone, I'm very new hashcat and cracking in general. I'm currently trying to learn, but am very very very clueless! Having said that, I have ~400k hashes and I would like to crack as many of them as possible. All I know is that it's sha256 with prepended with a 2 digit salt. I'm very confused syntactically as to how to proceed.

when I try

Code:
./hashcat-cli64.app ../test.txt -m 1410 ../../../dict.txt

I get line length exceptions. I'm not really sure how I'm supposed to specify what the salt is, or how to try all 100 salt possibilities. Any and all advice is appreciated!


Thanks!
#2
well if the salt is prepended then you are not using the right mode. it should be 1420.

As for the line line length exception are you sure the format is right? look at
https://hashcat.net/wiki/doku.php?id=example_hashes

for how it should look


if you dont have much of an idea of what is going on the look at this also
it will help a lot
https://hashcat.net/wiki/doku.php?id=fre..._questions
#3
(06-07-2015, 01:44 AM)coolbry95 Wrote: well if the salt is prepended then you are not using the right mode. it should be 1420.

As for the line line length exception are you sure the format is right? look at
https://hashcat.net/wiki/doku.php?id=example_hashes

for how it should look


if you dont have much of an idea of what is going on the look at this also
it will help a lot
https://hashcat.net/wiki/doku.php?id=fre..._questions

I see! Thank you for the links, the formatting one is really helpful and I'll make sure to read through the FAQ carefully. I'm a bit confused now because the hashes I have are similar to the ones listed under SHA256. There are no colons in them, but I was told specifically that these had a 2 digit salt. Would I have to manually insert the colons? I'm not sure if it's allowed or not but I could post one of the hashes.
#4
If you didn't obtain the salts along with the hashes, then you'll need to crack the salts along with the hashes. This is trivial since the salt is only two digits. Basically you'd just use -m 1400 and ensure you are prepending digits to each attack you run.
#5
(06-07-2015, 02:40 AM)epixoip Wrote: If you didn't obtain the salts along with the hashes, then you'll need to crack the salts along with the hashes. This is trivial since the salt is only two digits. Basically you'd just use -m 1400 and ensure you are prepending digits to each attack you run.

Understood. Out of curiosity, does hashcat have some sort of built in functionality to help with this or should I basically write a script or make a copies of my dictionary pre-salted?
#6
You'd just build it into your attack organically. Instead of a straight dictionary attack you'd either use -a 0 with prepend rules, -a 1, or -a 6. With -a 3 you'd prepend each mask with ?d?d.