Telegram and hashcat.
#1
Lightbulb 
Hello,
Is it possible to crack the Telegram local password with hashcat?

Thank you.
Reply
#2
do you mean this: https://github.com/hashcat/hashcat/issues/1534 ?
The Telegram Android/IOS APP hash ?

We have recently added this format https://github.com/hashcat/hashcat/pull/2282 , it's still in beta: https://hashcat.net/beta/
. You would need to use telegram2john.py to convert the xml file, but also need to make some modification to the output as explained here: https://github.com/hashcat/hashcat/pull/2282

you can always use
Code:
hashcat -m 22301 --example-hashes
to see how the format is and to try to crack the example hashes.

Again, you would need to use the beta version (at the time of this wrinting), because the release version currently doesn't support it.
Reply
#3
(01-16-2020, 11:44 AM)philsmd Wrote: do you mean this: https://github.com/hashcat/hashcat/issues/1534 ?
The Telegram Android/IOS APP hash ?

We have recently added this format https://github.com/hashcat/hashcat/pull/2282 , it's still in beta: https://hashcat.net/beta/
. You would need to use telegram2john.py to convert the xml file, but also need to make some modification to the output as explained here: https://github.com/hashcat/hashcat/pull/2282

you can always use
Code:
hashcat -m 22301 --example-hashes
to see how the format is and to try to crack the example hashes.

Again, you would need to use the beta version (at the time of this wrinting), because the release version currently doesn't support it.
Thank you.
I know "telegram2john.py" can crack the Telegram local password, but I wanted to crack it via hadhcat because it is faster.
Reply
#4
that's what I already told you. The beta version of hashcat has this new hash algorithm support:

Code:
-m 22301 = Telegram client app passcode (SHA256)

This means that with the beta version of hashcat you can use -m 22301 to crack the telegram hash (the format of the hash is similar to john... as I already explained and you can extract the hash with telegram2john.py. I think there is a huge misunderstanding that the extraction script telegram2john is not cracking at all, but just extracting the data !)
Reply
#5
My hash has the format $telegram$1*4000 * xxxxxxxxxxx .... xx * xxxxxxxx ... xxxx. Is it possible to convert it to a form that hashcat supports?
Reply
#6
looks exactly like the format hashcat expects.
Reply
#7
(01-20-2020, 07:07 PM)undeath Wrote: looks exactly like the format hashcat expects.

the hash format that telegram2john.py generates differs from the required.
the hash contains the value localencryptitercount = 4000 , salt and encrypted_key (288byte)






Reply