I can not determine the number in the hashcat
#1
Hi, I have a wallet Obsidian.
I pulled a hash from blockchain2john.py
Hash type $blockchain$81920$0000000001000000000000006231050009000000002000000009000.......
The rest did not write, but he does not define it.
Reply
#2
https://hashcat.net/wiki/doku.php?id=example_hashes
Reply
#3
(02-10-2018, 02:13 PM)undeath Wrote: https://hashcat.net/wiki/doku.php?id=example_hashes

it is not there, I apply a doctem with a hash.


Attached Files
.txt   dat.txt (Size: 160.02 KB / Downloads: 9)
Reply
#4
Hashfile '/home/admin/dat.txt' on line 1 ($block...9572f2e258757d077ab1f2e52f7642ea): Line-length exception
No hashes loaded.
Reply
#5
can anyone help?
Reply
#6
does the example hash work for you?
are you sure you are using the correct hash type? you need to use -m 12700
Reply
#7
(02-11-2018, 09:35 AM)philsmd Wrote: does the example hash work for you?
are you sure you are using the correct hash type? you need to use -m 12700

yes, I used 12700 and gave me the error that I indicated above, I attached a hash to see.
https://hashcat.net/wiki/doku.php?id=example_hashes   --   $blockchain$288$ 
and I have -- $blockchain$81920$
Reply
#8
can someone help me?
Reply
#9
can someone help me?
Reply
#10
See this issue https://github.com/hashcat/hashcat/issues/112 . I think it might be possible to just truncate the long encrypted data for -m 12700 = Blockchain, My Wallet .

You could for instance try to make it only 288 bytes long and therefore use $blockchain$288$ and also truncate the data to 576 hex chars (which corresponds to 576 / 2 = 288 bytes).

Without an example for which we for sure know the password I can't tell for sure.

The first 32 chars are the salt and after that we have the raw data.

for -m 12700 it should be possible to use a truncated version of the raw data and still be able to verify if the decryption reveals known plaintext bytes.

Maybe you can provide examples with password (test accounts) on the github issue or send them to me in a PM (you are not allowed to post hashes on the forums without a moderator/admin requesting it, don't copy-paste hashes into public available forum posts).



your example also does not seem to contain only random data. There is way to many zero-bytes etc. Did you edit this hash or is this the unmodified version?
It doesn't seem to have a valid random salt and random data etc.
Reply