hashcat Forum Support hashcat v
rfc2898DeriveBytes

Thread Closed 
Threaded Mode
rfc2898DeriveBytes
quiya Offline
Junior Member
**
Posts: 3
Threads: 1
Joined: Oct 2018
#1
10-01-2018, 11:42 AM
Hello Everybody

Sorry if I post here the question and it is the wrong place. I´m new here and new with hashcat.

I´m development my own application and I´m using rfc2898DeriveBytes with .net.

I would like to know if hashcat can be used to testing penetration with rfc2898DeriveBytes, Because I´m using 4096 iterations and 24 Length


Code:
Rfc2898DeriveBytes(pass, salt, iterations)
return rfc2898DeriveBytes.GetBytes(24);

private byte[] CreateHash(string password, byte[] salt, long iterations)
    {
        byte[] hash;
        using (var hashGenerator = new Rfc2898DeriveBytes(pass, salt, (int)iterations))
        {
            hash = hashGenerator.GetBytes(_byteLength);
        }

        return hash;
    }

If it can be done, what it is the correct Algorithms?
How can I pass the iterations?


Thank you very much for your time
Regards
Find
undeath Offline
Sneaky Bastard
******
Posts: 2,301
Threads: 11
Joined: Jul 2010
#2
10-01-2018, 11:51 AM (This post was last modified: 10-01-2018, 11:52 AM by undeath.)
What is "rfc2898DeriveBytes" supposed to be? RFC2898 specifies mulitple KDFs, one of them being the supported PBKDF2 algorithm.

But anyway, all the algorithms in that RFC are not recommended nowadays. Use argon2, scrypt or bcrypt (in that order of preference).
Find
quiya Offline
Junior Member
**
Posts: 3
Threads: 1
Joined: Oct 2018
#3
10-01-2018, 12:11 PM
(10-01-2018, 11:51 AM)undeath Wrote: What is "rfc2898DeriveBytes" supposed to be? RFC2898 specifies mulitple KDFs, one of them being the supported PBKDF2 algorithm.

But anyway, all the algorithms in that RFC are not recommended nowadays. Use argon2, scrypt or bcrypt (in that order of preference).

Thank you very much for your response and your recommendation

For now, has to be this algorithm , because it is used in the old App. I can´t change it in this version. 

So, I have read and hashcat support :

  • PBKDF2-HMAC-MD5
  • PBKDF2-HMAC-SHA1
  • PBKDF2-HMAC-SHA256
  • PBKDF2-HMAC-SHA512
So if I want to try, how can be used? Because I don´t see the argument of iterations, pass and salt.

Sorry if this question don´t have sense. I never used hashcat, I was looking for testing penetrations and I found it, I decide to try it.


Thanks you.
Regards
Find
undeath Offline
Sneaky Bastard
******
Posts: 2,301
Threads: 11
Joined: Jul 2010
#4
10-01-2018, 01:38 PM
check out https://hashcat.net/wiki/doku.php?id=example_hashes

modes 10900 11900 12000 12100
Find
quiya Offline
Junior Member
**
Posts: 3
Threads: 1
Joined: Oct 2018
#5
10-01-2018, 01:49 PM
(10-01-2018, 01:38 PM)undeath Wrote: check out https://hashcat.net/wiki/doku.php?id=example_hashes

modes 10900 11900 12000 12100

Thank you very much for your support. Very grateful.
Find
Thread Closed