Problem with PBKDF2-HMAC-SHA1
#1
Hi,

I am experimenting with some PBKDF2-HMAC-SHA1 hashes, but I can't seem to get oclHashcat to work.

I am trying the example hash:
sha1:1000:MzU4NTA4MzIzNzA1MDQ=:19ofiY+ahBXhvkDsp0j2ww==

with a dictionary just containing "hashcat" but it can't crack it.

Can anyone reproduce a successful match with this hash mode?
#2
We changed the encoding for the salt in the PBKDF2-HMAC-* generic hashes from raw to base64 with latest oclHashcat v1.38 (which is not yet released). For details see https://hashcat.net/trac/ticket/663#comment:2

For v1.37, take the salt and decode it, then replace it:

Quote:$ echo -n MzU4NTA4MzIzNzA1MDQ= | base64 -d
35850832370504
$

You should be able to crack this hash with oclHashcat v1.37:

Quote:sha1:1000:35850832370504:19ofiY+ahBXhvkDsp0j2ww==
#3
Thanks!
Now I can get the example to work.

The hashes I work with, however, does not have an integer as the salt.
Example salt: eI48aSYryTJ/JF0qaTdYaQ==

How can I use hashes which are not digits?
Do I have to wait for the next version of oclHashcat?

For the record I am doing some testing with .Net Rfc2898DeriveBytes
#4
Not just digits, it should work for all data as long as it does not include 0x00, \n or :
#5
(10-10-2015, 08:47 PM)atom Wrote: Not just digits, it should work for all data as long as it does not include 0x00, \n or :

I got it to work, thanks a lot!
A good part of my salts contain newline, colon and zero byte, but I guess that the next version will be able to crack those! When will it be released?
#6
Some weeks