DES ECB password search
#1
hi guys! I have a question about DES ECB and hashcat.
I have ~5Gb clear byte array and the same byte array encrypted with DES ECB mode. This arrays synchronized. (encArray[0]...encArray[7] is ecncypted version of clearArray[0]...clearArray[7])
DES ECB use 64 byte block. How can i find password for decrypt with hashcat?
Reply
#2
With clear byte array, do you mean zero bytes? If yes you can use -m 14000 and set the salt to 0000000000000000
Reply
#3
(03-18-2020, 08:38 AM)atom Wrote: With clear byte array, do you mean zero bytes? If yes you can use -m 14000 and set the salt to 0000000000000000

No i mean unencrypted byte array with different values. and next array is the same data as encrypted.

And i found that unencrypted data:
0000 0000 0000 0000
always encrypted to:
040f e8b7 a2d2 6feb
Reply
#4
i test example from https://hashcat.net/wiki/doku.php?id=example_hashes for DES with key -m 14000
and get some strange result

-a3 -m 14000 a28bc61d44bb815c:1172075784504605 ?l?l?l?l?l?l?l?d give me passwod: harhbat1
but on page shown password: hashcat1
this is collision or mistake?
Reply
#5
It's a valid collision. both hashcat1 and harhbat1 are valid keys which will do exactly the same encryption/decryption of every input you give. you can verify with openssl.
Reply