V3.10 signature unmatched
#1
Hi

I have tried running on the latest The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) Linux (inside VirtualBox) and under Windows 10 with version 3.10.
The example.cmd files run OK, but when I try a SHA512Crypt ie $6$ hash I get a Signature Unmatched error.
I double checked the hash I have + checked login.defs to double check the type and checked to ensure I did not have a hidden space etc.
I also took the example (1800) hash from https://hashcat.net/wiki/doku.php?id=example_hashes and got the came error.
This is the command line I am using hashcat64 -m 1800 -a 0 -o cracked.txt hash.txt rockyou.txt
I also tried -m 1600, same error.

Hopefully what I am doing wrong is obvious to more experienced users as at this point i cant see the wood from the trees.

Note, I fired up John the Ripper (in The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) Linux inside VirtualBox) and it accepted the hash, reported it as SHA512crypt and off it went. Problem is that its is very slow running inside a VM and the Windows verions 1.79 will not run under windows 10.
My ideal solution is Hashcat under Win10 using my GTX1080, that way I can let it work on a hash, while still using my computer for basic day to day work (web, email, word, its also my plex server etc).

Thanks in advance.
#2
Double check your hashfile. I had to explicitly paste the hash into my hashfile because i couldnt echo it into my hashfile without escaping the $ or else the shell would parse it as a variable. The resulting hashfile would only load 2450745/ giving me a mismatch error. Explicitly pasting the hash into a file or escaping the $ in my echo redirect gave me no problems. I ran this without a problem on my windows laptop with version 3.10, and on my ubuntu box version 3.00.

I know a lot of people have had problems with hashcat under The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) as well. So it could also be an OS issue, in which case I would recommend using ubuntu server 14.04 if you want to use linux, else just use the windows binary because there is no point in wasting system resources running hashcat under a VM.
#3
ubuntu server 16.04 not 14.04
#4
(11-03-2016, 12:09 AM)atom Wrote: ubuntu server 16.04 not 14.04

Hi

Thanks for the reply.
I tried pasting the hash indirectly into my hash file, same problem. By paste directly, this means that I copied it from the Shadow file, also checked it against what John the ripper produced using unshadow (same hash)
This is the hash, nothing super secret, as its from an small appliance box I own.
$6$07PSYWWk$lBbhaqMhn.YUQIu7/082y2BGnD0JNH2dWiHrG2Ot9HIepc0DJvemHLa7BaxH2hj6RayvP8J8B1LJM2QM3EYGl.


I have 16.04 32bit Ubuntu in Virtual Box, I'll get the 64bit version and give hashcat a shot on Thur or Fri. If it works, I might try a dual boot. Maybe I'll be lucky and sort out the password in a day, if not I'll have to see if I can get hascat accepting the hash under Win 10.

Thanks again.
#5
The hash posted works perfect, I have no problem loading it.
#6
(11-03-2016, 01:29 AM)atom Wrote: The hash posted works perfect, I have no problem loading it.

Thanks for checking the hash.
Any chance you could post the command you used to check the hash. I dont think there is anything wrong with the command I used m -1800 etc, but trying to eliminate possible causes to see if I can discovery what is gogin wrong.

Thanks.
#7
Just do what darkseid4nk said. Just paste it into a file to save struggling with quotes and escapes.
#8
(11-03-2016, 04:38 PM)atom Wrote: Just do what darkseid4nk said. Just paste it into a file to save struggling with quotes and escapes.

I did try that, ie paste it directly into a txt file, unfortunatly I still have the same problem.
Tried pasting in Linux using Getit 3.22.0 as the text editor and in Windows using notepad. Also pulled across the Gedit created hash.txt file to Windows. Same issue.

Rem the command line entry I am using is
hashcat64 -m 1800 -a 0 -o cracked.txt hash.txt rockyou.txt

Thanks
#9
(11-03-2016, 07:53 PM)Bops Wrote:
(11-03-2016, 04:38 PM)atom Wrote: Just do what darkseid4nk said. Just paste it into a file to save struggling with quotes and escapes.

I did try that, ie paste it directly into a txt file, unfortunatly I still have the same problem.
Tried pasting in Linux using Getit 3.22.0 as the text editor and in Windows using notepad. Also pulled across the Gedit created hash.txt file to Windows. Same issue.

Rem the command line entry I am using is
hashcat64 -m 1800 -a 0 -o cracked.txt hash.txt rockyou.txt

Thanks
I got it working, despite reading many other posts that say enclosing the hash in " in the command line will not work, that is what worked for me.

hashcat64 -m 1800 -a 0 -o cracked.txt "$6$07PSYWWk$lBbhaqMhn.YUQIu7/082y2BGnD0JNH2dWiHrG2Ot9HIepc0DJvemHLa7BaxH2hj6RayvP8J8B1LJM2QM3EYGl." I:\ZZZ\Hashcat-3.10\H\rockyou.txt

I exhausted all my wordlists in a few minutes, so I'll see if I can get brute force running. 1st attempt produced a speed of 0H/s so something is not quite right. I do some searching and reading on this.
#10
This works only on windows, because windows shell does not interpret the $