modx modPBKDF2 hashes
#1
Need help about modPBKDF2 hashes brute.

Got some hashes from modx database.
Columns look like:
password is '+7WYTHGVutZhmE9KYjb93Rvtd/XIy0aM+I8t42EyVDc='
salt is 'a9a3cd2a52f4ead8bff477941ceb62f5'
Clear password is 123123.

Algo is presented here https://fossies.org/dox/modx-2.4.3-pl/mo...ource.html
Looks like it`s pbkdf2_sha256 (module Django (PBDKF2-SHA256) for oclHashcat?), but I cannot brute it with this module.
Hash input set as pbkdf2_sha256$1000$a9a3cd2a52f4ead8bff477941ceb62f5$+7WYTHGVutZhmE9KYjb93Rvtd/XIy0aM+I8t42EyVDc=. just as I use it with HashManager.
Mistake in oclHashcat is "Line-length exception". I think, I need to use another input format for hash, am I right?
#2
Looks like a direct implementation of Taylor Hornsby's PHP PBKDF2 function, which should be compatible with -m 10900, but doesn't look like it is. I modified the input format to match 10900, but it's not finding the plaintext. Will need to dig into the code to see where the minor differences are.
#3
The salt must also be specified as base64 encoded string, like this:
Code:
./oclHashcat -m 10900 -a 3 --quiet 'sha256:1000:YTlhM2NkMmE1MmY0ZWFkOGJmZjQ3Nzk0MWNlYjYyZjU=:+7WYTHGVutZhmE9KYjb93Rvtd/XIy0aM+I8t42E
yVDc=' 123123
sha256:1000:YTlhM2NkMmE1MmY0ZWFkOGJmZjQ3Nzk0MWNlYjYyZjU=:+7WYTHGVutZhmE9KYjb93Rvtd/XIy0aM+I8t42EyVDc=:123123

so if a9a3cd2a52f4ead8bff477941ceb62f5 is the "raw salt", then base64 ("a9a3cd2a52f4ead8bff477941ceb62f5") = YTlhM2NkMmE1MmY0ZWFkOGJmZjQ3Nzk0MWNlYjYyZjU= must be specified as salt
#4
Argh I thought I tried that, but I didn't get the padding character in copy/paste so I only tried "sha256:1000:YTlhM2NkMmE1MmY0ZWFkOGJmZjQ3Nzk0MWNlYjYyZjUK:+7WYTHGVutZhmE9KYjb93Rvtd/XIy0aM+I8t42EyVDc=". Oops!
#5
It works, thanks!