yes it cracks see:
echo Hashcat009? | ./
full: fb48ad370166a38cefdc083240a0fff362064e98312f48aeb8f5e67481d39dc7c1c144558ef49c4e
salt: fb48ad370166a38c
iv: efdc083240a0fff362064e98312f48ae
hash: b8f5e67481d39dc7c1c144558ef49c4e
started cracking...
match: 'Hashcat009?'
where is just a simple POC perl script:
#!/usr/bin/env perl
use strict;
use warnings;
use Crypt::PBKDF2;
use Crypt::CBC;
my $iterations = 10000;
my $key_encrypted = "53616c7465645f5ffb48ad370166a38cefdc083240a0fff362064e98312f48aeb8f5e67481d39dc7c1c144558ef49c4e";
#my $key_encrypted = "53616c7465645f5fc98fbec6ee5c2665cd1f2a6b204a0dd99e8f21bf2a6f3e63cace7d9c25b334cbf0443035e3d860e7";
$key_encrypted =~ s/53616c7465645f5f//; # strip of "Salted__"
my $length = length ($key_encrypted);
my $offset = 0;
my $prefix_length = $length;
my $salt_hex = substr ($key_encrypted, 0, 16);
my $salt = pack ("H*", $salt_hex);
$offset += 16;
$prefix_length -= 16 + 32 + 32;
my $prefix = substr ($key_encrypted, $offset, $prefix_length);
$offset += $prefix_length;
my $iv_hex = substr ($key_encrypted, $offset, 32);
my $iv = pack ("H*", $iv_hex);
$offset += 32;
my $hash_hex = substr ($key_encrypted, $offset);
print "full: " . $key_encrypted . "\n";
print "salt: " . unpack ("H*", $salt) . "\n";
print "prefix: " . $prefix . "\n";
print "iv: " . unpack ("H*", $iv) . "\n";
print "hash: " . $hash_hex . "\n";
my $data = pack ("H*", "10101010101010101010101010101010");
my $hasher = Crypt::PBKDF2->hasher_from_algorithm ('HMACSHA1');
my $pbkdf2 = Crypt::PBKDF2->new (
hasher => $hasher,
iterations => $iterations,
output_len => 16
print "\nstarted cracking...\n\n";
while (my $word_buf = <>)
chomp ($word_buf);
my $key = $pbkdf2->PBKDF2 ($salt, $word_buf);
my $cipher = Crypt::CBC->new({
key => $key,
cipher => "Crypt::Rijndael",
iv => $iv,
literal_key => 1,
header => "none",
keysize => 16
my $encrypted = unpack ("H*", $cipher->encrypt ($data));
my $hash_buf = substr ($encrypted, 0, 32);
if ($hash_buf eq $hash_hex)
print "match: '$word_buf'\n";
exit (0);
exit 1;
So this proofs that you only need that field starting with "Salted__", i.e. the keyEncrypted field, to verify the password.
Unfortunately, oclHashcat/cudaHashcat currently expects a fixed size 1040 bytes (or 2080 hex chars as "data") because of the new agilekeychain format (but the algo is indeed still the same!), you could go ahead and open a trac ticket with explanations here: such that the devs can implement it (i.e. maybe remove this 2080 hex chars restriction).
BTW the input for oclHashcat would be something like this (if this short non-2080 hex char version would be supported, which it is NOT yet):
it also works with a little bit of padding see this:
$ cat m06600.txt
$ cudaHashcat64 --quiet -m 6600 m06600.txt dict.txt
So it cracks already, you just need to pad it to the correct length (or open a trac ticket and devs may help to reduce this length restriction
