hashcat Forum Support hashcat v
Noob: SHA1 problem

Thread Closed 
Threaded Mode
Noob: SHA1 problem
Pen Offline
Junior Member
**
Posts: 2
Threads: 1
Joined: Feb 2017
#1
02-05-2017, 01:20 PM
Hi all,

I'm very new to Hashcat and password cracking in general, but I'm trying to solve a challenge puzzle and I'm not quite sure how to move forward. Maybe you guys can help.

It goes like this:

1. Having a password's SHA1 hash value of:

6xxe1axxx61ac8b449xxx6f58c4822408ddxxxxx

2. And the possible characters of which the password is made are: (I don't know the password length)

qwinQWIN*+~@580%(=}[


Find the password ...

Having 20 chars to permute in (for exSmile 8 chars passwords would create a very loooong list, making a dictionary attack hard.

Is there a way to hash this with hashcat that does not require a wordlist ? I'm a noob and not very familiar with how every mode and rules work.

So far I got this:

hashcat64.exe -m 100 -a 3 Hash.txt charsets/Sha1.hcchr

Hash.txt is the location of the hash value and Sha1.hcchr is the location for the string of chars.
Find
philsmd Offline
I'm phil
******
Posts: 2,268
Threads: 16
Joined: Feb 2013
#2
02-05-2017, 02:18 PM (This post was last modified: 02-05-2017, 02:22 PM by philsmd.)
First, welcome to the hashcracking world!

You should be able to find the answer to your question both within the --help output or the hashcat wiki (especially https://hashcat.net/mask_attack ).

Hint (assuming the file charsets/Sha1.hcchr contains "qwinQWIN*+~@580%(=}[" - without quotes - within the first line):
Code:
hashcat64.exe -m 100 -a 3 --custom-charset1 charsets/Sha1.hcchr Hash.txt ?1?1?1?1?1?1?1?1
that means with --custom-charset1 (or short -1, minus one) you define a new set of characters and with the mask ?1?1?1?1?1?1?1?1 you use your previously defined custom charset (and tell hashcat that it should use the length 8, otherwise you need to use --increment --increment-min x --increment-max y and a mask that is at least the length of y - the increment-max value )

The answer to the question about where to put the hash file should be available here (first lines of --help):
Code:
Usage: hashcat [options]... hash|hashfile|hccapfile [dictionary|mask|directory]...
Find
Pen Offline
Junior Member
**
Posts: 2
Threads: 1
Joined: Feb 2017
#3
02-05-2017, 03:00 PM
(02-05-2017, 02:18 PM)philsmd Wrote: First, welcome to the hashcracking world!

You should be able to find the answer to your question both within the --help output or the hashcat wiki (especially https://hashcat.net/mask_attack ).

Hint (assuming the file charsets/Sha1.hcchr contains "qwinQWIN*+~@580%(=}[" - without quotes - within the first line):
Code:
hashcat64.exe -m 100 -a 3 --custom-charset1 charsets/Sha1.hcchr Hash.txt ?1?1?1?1?1?1?1?1
that means with --custom-charset1 (or short -1, minus one) you define a new set of characters and with the mask ?1?1?1?1?1?1?1?1 you use your previously defined custom charset (and tell hashcat that it should use the length 8, otherwise you need to use --increment --increment-min x --increment-max y and a mask that is at least the length of y - the increment-max value )

The answer to the question about where to put the hash file should be available here (first lines of --help):
Code:
Usage: hashcat [options]... hash|hashfile|hccapfile [dictionary|mask|directory]...


Thanks Philsmd

I found the password with ease.
Find
Thread Closed