Posts: 33
Threads: 16
Joined: Dec 2016
Just a simple question: Where did hashcat get the hashtype?
So, i have a simple command. Something like
Code:
hashcat example.hash example.dict
And in my example.hash are md5 hashes - does hashcat know the hashtype because of the specific pattern of md5? What if my example.hash only holds sha256 hashes - here the same? Does this mean, i don't need to give hashcat a parameter for the hashtype?
Sorry for the weird question.
Posts: 2,268
Threads: 16
Joined: Feb 2013
No, hashcat doesn't guess the hash type.
As many "hash identification" projects show, there is no such think as 100% knowing which hash type the input is from a random set of some (hex) bytes.
It only works if the "hash" input has a signature like "$7z$" for -m 11600 = 7-Zip.
But hashcat doesn't even try to search for signature.
The only thing it has, is a default hash type. Which is... well, MD5 (-m 0 = MD5).
But this isn't pullet proof either, there are other hashes that have exactly the same length and format like MD5.
So, the short answer is: just always specify the "-m" parameter. The only valid reason to omit is if you are an advanced user and know that the default is MD5 and that the hash/hashes are all MD5 hashes.
Posts: 33
Threads: 16
Joined: Dec 2016
Thanks for the answer. I was wondering, because i tested this before with
Code:
hashcat example.hash example.dict
-> one try with a md5-hashlist and one try with a sha256-hashlist (the input of these hash-lists was the same textfile). And everytime, hashcat could give me the plaintext of these passwords. And i never specified the -m parameter.
Posts: 5,185
Threads: 230
Joined: Apr 2010
Sure not, if you try to load a sh256 hash without setting -m hashcat will give you a line length exception.
