Lotus Note User ID Hashing
#1
Hi

I have a Lotus User ID password in which I need to crack open.

Have no idea of the version nor password length since it was used a long time ago in the office.

The problem is my hashing results with "lotus2john.py" is nowhere close to the examples given in the page:

lotus2john.py user.id

user.id:6247FE2575XXXXXXXXEB73CF63EECEB719XXXXXXXXF2A202FE23A29BXXXXXX9BA06DBC792191XXXXXX86697B14D36F394C67XXXXXXXX668F

Hopefully someone can help.
#2
It's possible that hashcat's format is a little different in its conversion, but I'm not sure what the difference might be.

It's also possible that it's a slightly newer version or variant. Do you know what version of Lotus it is? If everything after the colon is a single, uninterrupted string of hex, then it's a 56-byte string, which is pretty close to -m 9100 (Lotus Notes/Domino 8).

Do you have access to the platform itself, such that you could hash a known plaintext (like 'hashcat') and post its unredacted hash for analysis?
~
#3
(05-28-2018, 04:37 PM)royce Wrote: If everything after the colon is a single, uninterrupted string of hex, then it's a 56-byte string, which is pretty close to -m 9100 (Lotus Notes/Domino 8). 
Yes. No idea about the version of Lotus used.

(05-28-2018, 04:37 PM)royce Wrote: Do you have access to the platform itself, such that you could hash a known plaintext (like 'hashcat') and post its unredacted hash for analysis?
No access to the platform, I'm trying to access the files using a trial copy of Lotus Notes 8.5.

I've created a user ID with the password 'hashcat', and hashing using lotus2john give me the results with the same number of characters:

user.id:67CB83F48C62EF662656FF0945EAB77DD30017703384B627494DEAACFB6349C1AA71D16E3317EA6FCBF6E4C1F07F45EE3C8343081EE1DA2B

Hope it helps.
#4
Huh - if the trial copy produces hashes of the same type, then this may indeed simply be a new variant.

Please create an issue on hashcat's GitHub here:

https://github.com/hashcat/hashcat/issues/new

... and include the Lotus version, the plain, the produced hash, and more about your use of lotus2john - where you got it from, and the procedure that you followed to extract the hash.
~
#5
Will do. Thanks for your help, Royce.
#6
Not sure how much help I was ... but you're welcome, just the same. Big Grin
~