1Password Competition
#1
Is anyone using Hashcat to play the 1Password Game competiton? (https://bugcrowd.com/onepasswordgame)

If you are, I'd like some help with the syntax of the command I should be using.  I can't get the samples to crack, so clearly I'm missing something Smile

Thanks,
   Philip.
#2
It's after the official period of the challenge, but since people could theoretically keep working on it ...

If you post the syntax you were using, we might be able to help. The hashcat hash mode is -m 10900, if that helps. Smile
~
#3
I also tried to verify the samples and failed. Same with the answers of the last challenge.

hash mode -m 10900, -a 0 (straight)
The input hash structure looks like this: "sha256:100000:Salt:Hash"

As a password I used either "word1[space]word2[space]word3" and "word1word2word3".
A sample creation running along side with the other hashes works perfectly.

Don't know if they did something special here.
#4
I'm looking at this example here: https://github.com/agilebits/crackme/tree/master/doc
{
"id": "CPU6BAGE",
"hint": "3 words",
"prf": "HMAC-SHA256",
"rounds": 100000,
"salt": "00bb202b205f064e30f6fae101162a2e",
"derived": "91976be95cd28e55e580ee9f69a2139202a9b65eabfbbf33c99bc42e3665564d",
"pwd": "tanbark artistic callus"
}

1) My test hashfile is this:
sha256:100000:00bb202b205f064e30f6fae101162a2e:91976be95cd28e55e580ee9f69a2139202a9b65eabfbbf33c99bc42e3665564d

2) My test dictionary has these two lines:
tanbark artistic callus
tanbarkartisticcallus
(I wasn't sure if they were including spaces between the words or not.)

3) I ran Hashcat like this:
/usr/local/bin/hashcat --hash-type 10900 --attack-mode 0 "sample_hash.txt" "test_dictionary.txt"

But it has no success.
#5
as you can see on https://hashcat.net/wiki/doku.php?id=example_hashes mode 10900 uses base64-encoded data, not hex
#6
Proof of concept:
Code:
# Convert salt and hash from hex to raw and then to base64:
$ echo -n '00bb202b205f064e30f6fae101162a2e' | xxd -p -r | base64
ALsgKyBfBk4w9vrhARYqLg==
$ echo -n '91976be95cd28e55e580ee9f69a2139202a9b65eabfbbf33c99bc42e3665564d' | xxd -p -r | base64
kZdr6VzSjlXlgO6faaITkgKptl6r+78zyZvELjZlVk0=

# Prepare hashfile in the expected format for hashcat
$ cat test.hash
sha256:100000:ALsgKyBfBk4w9vrhARYqLg==:kZdr6VzSjlXlgO6faaITkgKptl6r+78zyZvELjZlVk0=

# Perform simple attack, piping in expected plaintext. The hash is cracked as expected.
$ echo 'tanbark artistic callus' | hashcat --quiet -m 10900 -a 0 test.hash
sha256:100000:ALsgKyBfBk4w9vrhARYqLg==:kZdr6VzSjlXlgO6faaITkgKptl6r+78zyZvELjZlVk0=:tanbark artistic callus
~
#7
Ah, thank you!
#8
Thanks royce, that did the trick.

Although that 'challenge' is bit less challenging for the cracker than for the hardware. They deliver a wordlist which is easy to combine, but my two GTX980 hover around 13-14k in a quick test and would take years to crack only one password. Even by guessing and assuming you need MUCH better hardware to solve one of these in a reasonably time. Or luck.
#9
Yep. The only way to make real progress on it would be if multiple teams with lots of cards all cooperated. Which would itself be pretty cool, IMO.
~
#10
"The only way to make real progress on it would be if multiple teams with lots of cards all cooperated."

I see, thanks for the tip!