Posts: 45
	Threads: 18
	Joined: May 2015
	
	
 
	
	
		Hey guys,
in AEM (Adobe Experience Manager), I can see the the following data on every app user:
rep:password "{SHA-256}fe90d85cdcd7e79c-1000-ef182cdc47e60b472784e42a6e167d26242648c6b2e063dfd9e27eec9aa38912"
the actual password in this case is: "Aa12345678!@"
how do i put this into Hashcat? do i need to change/rewrite the format? which module do i use?
thanks!
	
	
	
	
	
 
 
	
	
	
		
	Posts: 2,301
	Threads: 11
	Joined: Jul 2010
	
	
 
	
	
		first you need to find out how exactly the hash is generated
	
	
	
	
	
 
 
	
	
	
		
	Posts: 211
	Threads: 0
	Joined: Nov 2017
	
	
 
	
	
		Having never used Adobe Experience Manager, I googled and saw on 
http://experience-aem.blogspot.nl/2014/0...gging.html that you can change the hashing from SHA-256 to SHA-512 which also shows an interesting image with the following information:
Hash Algorithm: in this case SHA-256
Hash Iterations: 1000
Hash Salt Size: 8
This seems to be correlated with your hash {
SHA-256}
fe90d85cdcd7e79c-
1000-ef182cdc47e60b472784e42a6e167d26242648c6b2e063dfd9e27eec9aa38912
If this is correct then you would need to find an algorithm on 
https://hashcat.net/wiki/doku.php?id=example_hashes where you can give a salt and iterations for SHA-265. Maybe sha256crypt $5$, SHA256 (Unix) (only available in oclhashcat unfortunately)? I'm not sure yet.
	
 
 
	
	
	
		
	Posts: 2,301
	Threads: 11
	Joined: Jul 2010
	
	
 
	
	
		It could also be some custom scheme. There is an unlimited number of ways to do salted iterated hashing.
	
	
	
	
	
 
 
	
	
	
		
	Posts: 211
	Threads: 0
	Joined: Nov 2017
	
	
 
	
		
		
		05-01-2018, 04:22 PM 
(This post was last modified: 05-01-2018, 04:37 PM by DanielG.)
		
	 
	
		I tried the following schemes (with different iterations), but no luck:
- most likely, sha_265(salt+password) then rehash the hash 1000 times
 
- most likely too, sha_265(password+salt) then rehash the hash 1000 times
 
- less likely sha_265(password) then rehash the hash 1000 times prepending salt every time
 
- less likely sha_265(password) then rehash the hash 1000 times appending salt every time
 
- even less likely sha_265(salt) then rehash the hash 1000 times prepending password every time
 
- even less likely sha_265(salt) then rehash the hash 1000 times appending password every time
 
- same scenario's as above, but instead of using the raw bytes from the hash, print it as 'hex string' (very unlikely)
 
I have added the python code to replicate if you want different schemes. 
I used the 'default' password of admin from this script: 
https://gist.github.com/andrewmkhoury/da...50d4d83795
Code:
import hashlib
# {SHA-256}a9d4b340cb43807b-1000-33b8875ff3f9619e6ae984add262fb6b6f043e8ff9b065f4fb0863021aada275
# https://gist.github.com/andrewmkhoury/da868236e16a2415439b7750d4d83795, reset account admin to password admin
password = b'admin'
salt = bytearray.fromhex("a9d4b340cb43807b")
thehash = "33b8875ff3f9619e6ae984add262fb6b6f043e8ff9b065f4fb0863021aada275\n"
iterations = 1001
#most likely, sha_265(salt+password) then rehash the hash 1000 times
m = hashlib.sha256()
m.update(salt)
m.update(password)
for i in range(iterations):
    m.update(m.digest())
print m.hexdigest()
print thehash
#most likely too, sha_265(password+salt) then rehash the hash 1000 times
m = hashlib.sha256()
m.update(password)
m.update(salt)
for i in range(iterations):
    m.update(m.digest())
print m.hexdigest()
print thehash
#less likely sha_265(password) then rehash the hash 1000 times prepending salt every time
m = hashlib.sha256()
m.update(password)
for i in range(iterations):
    m.update(salt)
    m.update(m.digest())
print m.hexdigest()
print thehash
#less likely sha_265(password) then rehash the hash 1000 times appending salt every time
m = hashlib.sha256()
m.update(password)
for i in range(iterations):
    m.update(m.digest())
    m.update(salt)
print m.hexdigest()
print thehash
#even less likely sha_265(salt) then rehash the hash 1000 times prepending password every time
m = hashlib.sha256()
m.update(salt)
for i in range(iterations):
    m.update(password)
    m.update(m.digest())
print m.hexdigest()
print thehash
#even less likely sha_265(salt) then rehash the hash 1000 times appending password every time
m = hashlib.sha256()
m.update(salt)
for i in range(iterations):
    m.update(m.digest())
    m.update(password)
print m.hexdigest()
print thehash
#from here the same scenario's as above, but instead of using the raw bytes from the hash, print it as 'hex string' (very unlikely)
m = hashlib.sha256()
m.update(salt)
m.update(password)
for i in range(iterations):
    m.update(m.hexdigest())
print m.hexdigest()
print thehash
m = hashlib.sha256()
m.update(password)
m.update(salt)
for i in range(iterations):
    m.update(m.hexdigest())
print m.hexdigest()
print thehash
m = hashlib.sha256()
m.update(password)
for i in range(iterations):
    m.update(salt)
    m.update(m.hexdigest())
print m.hexdigest()
print thehash
m = hashlib.sha256()
m.update(password)
for i in range(iterations):
    m.update(m.hexdigest())
    m.update(salt)
print m.hexdigest()
print thehash
m = hashlib.sha256()
m.update(salt)
for i in range(iterations):
    m.update(password)
    m.update(m.hexdigest())
print m.hexdigest()
print thehash
m = hashlib.sha256()
m.update(salt)
for i in range(iterations):
    m.update(m.hexdigest())
    m.update(password)
print m.hexdigest()
print thehash
 
 
	
	
	
		
	Posts: 929
	Threads: 4
	Joined: Jan 2015
	
	
 
	
	
		Looks like this is the same as:
https://github.com/magnumripper/JohnTheRipper/pull/3240
... so John the Ripper (jumbo edition) may have it soon?
	
~