Posts: 1
Threads: 1
Joined: Jul 2018
07-02-2018, 10:53 PM
(This post was last modified: 07-03-2018, 10:57 AM by undeath.)
I'm trying to crack what I believe to be SHA-256 Base-64 but am unsure the best way to approach it, due to this being my first time dealing with this hash type,
[edit]snip[/edit]
If anyone could help me out I'd really appreciate it. As I am a quite a bit past my knowledge of it all
Thank you.
Posts: 197
Threads: 0
Joined: Nov 2017
07-03-2018, 09:17 AM
(This post was last modified: 07-03-2018, 10:46 AM by DanielG.
Edit Reason: changed example url just in case hashes should be removed
)
You can just attack it as any other hash? I think you will need to be more specific on what isn't clear.
For example, to attack sha-256 you need
mode 1400. As you can see in the example hash, hashcat expects it to be in a hex format. You have a base64 format, so you wil need to convert it first before giving it to hashcat. You could to this like this:
Online example how to convert this.
Also you need to know how the hashes are made, if you got this from a program that does not explicitly say it's just raw sha-265 of input then you will first need to find out if they use a static salt, per user salt, multiple iterations or other transformations on the input.
Then you need to choose whether a wordlist, brute force or other attack is most likely to get you results. This depends on your knowledge on where the hashes come from. User passwords of users who aren't tech or privacy savvy will have weak passwords that are relatively easy to guess.