Separator unmatched when using example hash
#1
I'm running this command:
Code:
sudo ./hashcat64.bin -m 3200 -a 0 -p $ $2a$05$LhayLxezLhK1LhWvKxCyLOj0j1u.Kj0jZ0pEmm134uzrQlFvQJLF6 wordlists/realuniq.dict

Which is the example hash for bcrypt on https://hashcat.net/wiki/doku.php?id=example_hashes

When I run this I get the following error and it looks like something weird happened to the hash:
Code:
Hash 'a-bash5.Kj0jZ0pEmm134uzrQlFvQJLF6': Separator unmatched

No hashes loaded.

The same thing happens when I try the pbkdf2 sha256 example hash:
Code:
sudo ./hashcat64.bin -m 10000 -a 0 -p $ pbkdf2_sha256$20000$H0dPx8NeajVu$GiC4k5kqbbR9qWBlsRgDywNqC2vd9kqfk7zdorEnNas= wordlists/realuniq.dict

Code:
Hash 'pbkdf2_sha2560000=': Separator unmatched

No hashes loaded.

I then replaced the $ signs with : and stopped overwriting the default separator and got the same issue:
Code:
sudo ./hashcat64.bin -m 10000 -a 0 pbkdf2_sha256:20000:H0dPx8NeajVu:GiC4k5kqbbR9qWBlsRgDywNqC2vd9kqfk7zdorEnNas= wordlists/realuniq.dict

The hash in the error looks slightly better formed this time around but the error still exists:

Code:
Hash 'pbkdf2_sha256:20000:H0dPx8NeajVu:GiC4k5kqbbR9qWBlsRgDywNqC2vd9kqfk7zdorEnNas=': Separator unmatched

No hashes loaded.


This is obviously something simple I'm doing wrong, do I need to do any sort of sanitisation/re formatting of the hash before running it through hashcat?
Reply
#2
Hashes containing '$' need to be enclosed in single quotes on the Unix commandline. This is because $[string] is a way to do variable substitution in bash and related shells.

Once you fix that, you won't need to specify the separator on the commandline.
~
Reply
#3
(03-16-2019, 08:10 PM)royce Wrote: Hashes containing '$' need to be enclosed in single quotes  on the Unix commandline.

Once you do that, you also shouldn't need to specify the separator on the commandline.

Ah of course, thank you!
Reply
#4
(03-16-2019, 08:10 PM)royce Wrote: Hashes containing '$' need to be enclosed in single quotes  on the Unix commandline. This is because $[string] is a way to do variable substitution in bash and related shells.

Once you fix that, you won't need to specify the separator on the commandline.

Just how do you format it then? Let's have an example please?

I have this same situation but with a bcrypt hash and I was unable to get it to work. I ended up placing the hash in a a file and then used that file as input parameter.

Instead of this:

Code:
hashcat -m 3200 -a 0 $2a$05$LhayLxezLhK1LhWvKxCyLOj0j1u.Kj0jZ0pEmm134uzrQlFvQJLF6 ./wordlist

I figured I would do this:

Code:
hashcat -m 3200 -a 0 '$'2a'$'05'$'LhayLxezLhK1LhWvKxCyLOj0j1u.Kj0jZ0pEmm134uzrQlFvQJLF6 ./wordlist

But I ended up doing this:

Code:
hashcat -m 3200 -a 0 ./hashfile ./wordlist

What am I doing wrong here?

This bcrypt string is a valid hash string taken from Hashcat list of example hashes.
Reply
#5
Quoting only needs to happen on the outside of the string:

'blah$blah$blah'
~
Reply
#6
(10-01-2022, 08:20 PM)royce Wrote: Quoting only needs to happen on the outside of the string:



'blah$blah$blah'

So I guess this is why I see so many people use a file for hash input, even if they only have a single hash to work on.

At one point, I did actually try enclosing the whole string in double quotes rather than single quotes (coming from a Windows world). That was very close, but not quite adequate. So I went on to read about single vs. double quotes and why my method failed, and I came across this explanation at GeeksForGeeks.org:

Quote:Single quotes:

Enclosing characters in single quotation marks (‘) holds onto the literal value of each character within the quotes.  In simpler words, the shell will interpret the enclosed text within single quotes literally and will not interpolate anything including variables, backticks, certain \ escapes, etc. No character in the single quote has special meaning. This is convenient when you do not want to use the escape characters to change the way the bash interprets the input string.

Double quotes:

Double quotes are similar to single quotes except that it allows the shell to interpret dollar sign ($), backtick(`), backslash(\) and exclamation mark(!). The characters have special meaning when used with double quotes, and before display, they are evaluated. A double quote may be used within double quotes by preceding it with a backslash.

Today I learned something that goes well beyond the realm of Hashcat. Much appreciated. Thank you!
Reply