ssh mode 22921 ($6$) token length exception

[x86lidt]

Hello.
I have a problem while trying to crack an ssh hash with mode 6. I've also tried the beta version with no success.
The corresponding hash is:

Code:

$sshng$6$16$a967fe6f59f545c49fdaa934a5c438f5$1926$6f70656e7373682d6b65792d7631000000000a6165733235362d637472000000066263727970740000001800000010a967fe6f59f545c49fdaa934a5c438f5000000100000000100000197000000077373682d727361000000030100010000018100c99433df07a959383018408b8424b7be3feb664b003c24f7575849213a9e89b34f83de3bdb68e082ea861fd1fe1111edeec6ca37233d0bfc5cef2f4d3f0bd8fb0217d8a1788972cbbefc309aaeda6443e25b1d9950af2c86d5dcfc0f0897a32c82864a1987daf125600eb80ad8117670a7ce3072ebbcf8f2cead3653d72e9fd5f5eaa61cd7b2ccb68e91a7ff0aed820e6013b0b8cdb9cb78270d3441471de38b2a637f39922c9198dd7ccd93676153774306c2ebec329f957d8c1e480a2729943ab38008fabab1422f132b57481d6fb37eee50c847eb18741a1020f074d8a7c361da5ce13ff83a8e9cfe3c5295a7750d8cf3405d5cb38a5cf8540ad926bb6a8371daf658acea12474a6616dcdad7c340a183f0f880a10591dc4b4aaca1db45f9ccc2d20331df5f8bf2b23b10f3010ff2ae7f0b6c03e75d7793e1d6f4963f3cce4cdecfbfee9602e3f9515f7bf7eae54f505bd5f254b683c3b55fac287af41244955f128c084a81b734e059b72889c48c8642077fb86f366aeecf00d706b28061000005a0c27ad73fe928591eebf284cee088f047a49f9fc71f379d308899d1e19d29a922b7954a8184d915f2132ef2c0709a1912240e4a8207699b47421e002c34357029a49fc60a4fa301ca468e74fe0c3c0b2187967e71a3a6f73a300a5447a0576039fdb5d8e0e27bc35c08362df03f160fe270b12300d112aeda8dadc31684ca4492228a83c6a094cdfcd131f880b26e78e1147d48f01f8356fc9df44d3fcc7cdfeb7f31d9424be1ba64216155b07c58eb061fdc8855d73a57b95be2562709dbe06ec1539cd2976a2968e2ffb926850e21f6e8792534e5601cbd9f9e2be08b83be45c213c342a1a7a61e7d7cc2e1b9e09351b19f99e67182c56b033440345b7ad747ed9ce51ae0cd1affe6d75134e938a4ef2ef01de0d1aec67666814ec97e8147d58a03e7a536a2c2440442a60ffe4b235a76d8c05bb90405a71648e6b0c93a74a2ff007acf4a9c5da000f1b897341c0a6a636c4e7a4bb622d25e2d86dd6d9d6c536f55f3f8a43e9e85c49bcd53478a49bc51cb4f98017386fc843575e2148fdc26e8d90ec78955703b43f6bcae25dc60d10a8945c4103c9469dd0b7a54765fbfe6dd941eeb902a91018af036ded44853ee1a4070976d4ee3f429c7d47835bdf2a00de65c1cdb5da3274140fbc2db291b6138c3eb2733cf201d98c4c7b944cb3dfd27904a6e081dc1eb21ad0ef90690d6506c11d90d683a75db243db50d3171d8c6beeb6863ca72429f29f4026d008e9ae4d179ca02cd95fcb310a7d1230a3ddcf118a52a1935e6813bdc5b442f755ca756648d04f4b9629b81f3801f5a2777372759724fc73aec10d470d98dd777442421d2de5878edfca6b8da91e9ef18a35c7970fe2448f8e31f2f73d5e97768a8e5abf4c392fa3bc1893f8bc313e468b3421148282b8b5c33f867acad834da4bf034b719682b3f491c12e93313e115ca5849e693a618bd6bbe87d48c1b548027a291ae2f4264cde6bd85273096ffc8f483e41eb257e53572f5609e2a54093cbc894a770ade3d0d3d6c45f0a69626704180946c64fca9c2f3279574d850ced8843099904d81ec1a5c8d8ac6076f12ce798faf53bb302470d7015826ebb1d5f018886f61e7e24e043c845e958bf994c41208936d513ed87cc02057e911b58212f86109f4b6941d61297f461ea18f67e0fce5fb6dc5f029dac9354cf1de659c39a448adc40ddca9dfd25f00ea845a9f736ed832c57871530dd95eb7cbe8d678f38e03f6fd9dc95b560739fe1c08b66cee8c97e2671e6ef7d0ed466f8b4fa6c9a651725094c471671809536791c12922ef8e247b4b752d342d5ac138315802d36f2f478a397c8a07a66e5686431ad8a12114ba521146f11a188cbd066b1ac91c53b3ccd8c9d4edc950605522fec08794e45b8f1570d8a542477bfe5bd4897d3cd4a47a58d6669147199d6c4e4faebdecc673001cbd8d968f768e7215ec97ad7c74a5461d14a9e4024967581cde44b8be606b02dc7855e67c43351ebb1ac713de36ca38409ff14e13f35eb37ebaea6f99fcfc3f04eb4baf7169f85e58137146556128cc47665753010236a329df2438ebff45ef25ce42f9815a5b9397dea6e69f23c8bb06b7c7fe903c44a695f088cd8d0f49c5f8669c11f7be852acae180ef05221dc1c9a060f025e2ccc876bfd6844828e41cc86d608c55ccddec70b233512a9920604619fa8c16fbc799ebed8c80ad07626df7170463e7af943c5a380d9f768a83ca9ae3d70789abc2d911b795c7c38c5b40856d9496e1419e9ab68415d879b3ce937c46299e20e8f70a123c4080b6bd4ae129c873098ba2e737b48d3b9d58905ebf080476ad12ac4126620e6044d582319b63c36367b4f19bf59e711d0ba534f7db8edec1a9795011a9aecb113a5a06a2967e40f1429f38a68910457c59c075b0d3f1f607b8ce922ea0e37eab4be331b8f4acf5d79a0c925d2d1f6a9ec25d39cdc9e7d2145d564548af916bd3cb4d0fcd8b660bb7732ac293c7cc0fe86e230719197d72211fb29e7c58b54bbfc23c6f144419d$16$486

It's pretty long compared to the version in the example page. It's the output of ssh2john.py.
hashcat throw me:

Code:

Hashfile 'id_rsa.hash' on line 1 ($sshng...9e7c58b54bbfc23c6f144419d$16$486): Token length exception

with the command:

Code:

hashcat -a 0 -m 22921 id_rsa.hash ~/wordlist

If anyone has suggestion. Does it's say me this because of dollars at the end of the hash?
Thanks you!

[Snoopy]

hashcat uses the $ sign to split the different parts of the hash like mode, iterations and so on

a quick look in https://github.com/hashcat/hashcat/blob/...le_22921.c

tells, that this mode has 6 token total, your provided hash has 8, so your provided hash is to long, resulting in token length exception, some digging deeper

the next thing your third token is number 16, token 4 is 32 in length 

$sshng$6$16$a967fe6f59f545c49fdaa934a5c438f5$1926$
example hash 8 and 16 in lenght
$sshng$6$8$7620048997557487$1224$

the max length for token 3 is 1, and token 4 16  so this is another problem, it seems ssh doubled these parts (longer iv) these modifiyings are mostly done for security reasons , its like increasing the iterationcount for hashalgos just to slow them down

so the module has to be modified or a new module has to be made (im not quite sure what ssh2john outputs in token 7 and 8) maybe i will take a look later

EDIT:
okay 7 and 8 is rounds and offset for data,  i opened a github issue, we will see what the devs will say how easy this will be to implement

EDIT2:
found this issue on jtr https://github.com/openwall/john/issues/4069
problem seem to be the switch from aes-256-cbc to  aes-256-ctr with some openssh version, so you will need a new module i think

[Snoopy]

okay, it seems these aes-256-ctr mode isn't supported yet by mode 22921

i was able to crack my own "simple" test pw with with latest john the ripper, git version, compiled using wsl for windows or directly on a pure linux

[x86lidt]

Hello. Yes thanks for the reply. I'm currently using, also, the latest git version of john.
I was not aware of the openssh switch. Too bad because in general cbc are faster to crack.