Couldn't make SIP Digest work on hashcat
Hello again,

I tried using hashcat on a SIP Digest Authentification and I haven't managed to make it work on hashcat. I've read the wiki + others posts on the forum doing so. So I tried to pipe a hash I knew the passphrase but again, I did not work. To illustrate this, I use here a hash from this tutorial and format it for a hash type input A friend used this method and it worked for him. I hoped to make it work through hashcat

Their raw file is :""0950236158""BYE"sip:

hashcat format is :

I tried their way, by dictionary, to get the '507ZEy' password. I also tried very specific masks, but I always got an exhausted status.
This time I don't have any OpenCL warning.

Am I doing something wrong ?
Have you tried cracking the example hash?

Try using the 4.2.0-rc2 version here:
well, who says that the example and passwords are correct on that page? It could be just a tutorial without a working hash/password.

Indeed, I tried with sipcrack and it doesn't crack with that password.

What is also suspicious is the hashes dc59445f8ef78a615a2ad4... vs dc59495f8eb78a605a2ad5... It really seems that this is a modified hash or something like this. Hashes generally are not that similar even if you would be very lucky you wouldn't end up with 2 hashes that look almost the same.

I would recommend to just do your own capture or use some examples where at least by following the tutorial you would also get a postive hit (in this case the sipcrack run does not work, at least not on my stystem).
the actual password noted in the wiki article is "507ZEy@l" but I can't crack the hash with hashcat.
Thank you both for your answers. Actually I think you are right and the displayed passcode is not correct.

I have tried to reproduce the hashcat format of that hash here and it worked :
--> $sip$***user151*Apple*REGISTER*sip**5060*b57aa7088ae5cac88d298d66f2c809cd****MD5*77795e92300dcc3c2fd974b2b47e5f0c
--> hashcat -m 11400 -a 3 brute_test ?l?l?l?l?d?d?d