These are SHA1_HMACs of the IP address or hostname where the Text (not the salt or key) is the password. (The Int at the beginning of the string defines the type of SHA hash e.g. 1, 256, 512).
e.g. if hmac.new(SALT, GUESS, sha1).digest() == TARGET then you have a match.
Hashcat has the modes 150 and 160 but nothing for unknown Text. Would it be hard to add support for this? I think it has some valuable uses when identifying hosts to move laterally within networks.
In this case the output of the hmac is known dfdf3c415d1513cc2664beecb8dad840b2132c28 and the key used is known 17513529ea04fde116862d745a91afe0e7623ba6 but I dont know the text that was hmac'd (in this case 192.168.1.61)
03-16-2018, 11:27 AM (This post was last modified: 03-16-2018, 11:31 AM by Phil.)
I dont think so but I could be completely mis-reading this. I have the key (17513529ea04fde116862d745a91afe0e7623ba6) but I dont know the plain text that was hmac'd (192.168.1.61) - its the plain text I want to brute-force
If it helps this is what I used to brute-force it in python (where tkey.txt) contains: