07-23-2018, 04:28 PM
Hello again,
I tried using hashcat on a SIP Digest Authentification and I haven't managed to make it work on hashcat. I've read the wiki + others posts on the forum doing so. So I tried to pipe a hash I knew the passphrase but again, I did not work. To illustrate this, I use here a hash from this tutorial and format it for a hash type input https://www.aldeid.com/wiki/Crack-VoIP. A friend used this method and it worked for him. I hoped to make it work through hashcat
Their raw file is :
192.168.1.29"212.27.52.5"0950236158"freephonie.net"BYE"sip:172.17.20.241:5062
"04cd38e646e760da129f99fa734ac1e4""""MD5"dc59445f8ef78a615a2ad4d57835a383
hashcat format is :
$sip$*[URI_SERVER]*[URI_CLIENT]*[USERNAME]*[REALM]*[METHOD]*[URI_PREFIX]*[URI_RESOURCE]*[URI_SUFFIX]*[NONCE_SERVER]*[NONCE_CLIENT]*[NONCE_COUNT]*[QOP]*[DIRECTIVE]*[MD5]
--->
$sip$*192.168.1.29*212.27.52.5*0950236158*freephonie.net*BYE*sip*172.17.20.241*5062*04cd38e646e760da129f99fa734ac1e4****MD5*dc59445f8ef78a615a2ad4d57835a383
I tried their way, by dictionary, to get the '507ZEy' password. I also tried very specific masks, but I always got an exhausted status.
This time I don't have any OpenCL warning.
Am I doing something wrong ?
I tried using hashcat on a SIP Digest Authentification and I haven't managed to make it work on hashcat. I've read the wiki + others posts on the forum doing so. So I tried to pipe a hash I knew the passphrase but again, I did not work. To illustrate this, I use here a hash from this tutorial and format it for a hash type input https://www.aldeid.com/wiki/Crack-VoIP. A friend used this method and it worked for him. I hoped to make it work through hashcat
Their raw file is :
192.168.1.29"212.27.52.5"0950236158"freephonie.net"BYE"sip:172.17.20.241:5062
"04cd38e646e760da129f99fa734ac1e4""""MD5"dc59445f8ef78a615a2ad4d57835a383
hashcat format is :
$sip$*[URI_SERVER]*[URI_CLIENT]*[USERNAME]*[REALM]*[METHOD]*[URI_PREFIX]*[URI_RESOURCE]*[URI_SUFFIX]*[NONCE_SERVER]*[NONCE_CLIENT]*[NONCE_COUNT]*[QOP]*[DIRECTIVE]*[MD5]
--->
$sip$*192.168.1.29*212.27.52.5*0950236158*freephonie.net*BYE*sip*172.17.20.241*5062*04cd38e646e760da129f99fa734ac1e4****MD5*dc59445f8ef78a615a2ad4d57835a383
I tried their way, by dictionary, to get the '507ZEy' password. I also tried very specific masks, but I always got an exhausted status.
This time I don't have any OpenCL warning.
Am I doing something wrong ?