how should i crack this type of hash (sha1 & salt)
#1
Wink 
mail                    | crypted_password                                                        |  salt
  
dp@gmail.com:848XXXc9e5baf34d6dba20XXX755f4984b6d77cc:725372XXX5e22195365fbf266cd3aXXX20f1c140

w@gmail.com:00XXXX759d68827b090c63dcXXX115361fd5dc0c:NULL

its sha1 i think i can't figure out
help Tongue
Reply
#2
The only way to know for sure is to have the source code (algorithm, or name and version of the platform, cms etc) that generated the hashes ... or to guess the algorithm by having at least one user for which you are 100% (one HUNDRED percent) sure about the password.

otherwise it's just a lame guessing game that could be impossible to solve (because there could be too many ways how the passwords could be hashed (like sha1 (sha1 ($s . sha1 ($s . $p) . $s) . $p) etc)
Reply
#3
i used this website https://hashes.com/decrypt/basic/
e77d773f8aa5c12ef649d33e731fb58c66bee9e5:74e3c24fd83d92ea72383e9b3a4292bdfb8eb174
and
cracked this got
e77d773f8aa5c12ef649d33e731fb58c66bee9e5:37346533633234666438336439326561373233383365396233613432393262646662386562313734:7365637265743838:SHA1DASH

e77d773f8aa5c12ef649d33e731fb58c66bee9e5:74e3c24fd83d92ea72383e9b3a4292bdfb8eb174Confusedecret88

e77d773f8aa5c12ef649d33e731fb58c66bee9e5:74e3c24fd83d92ea72383e9b3a4292bdfb8eb174Confusedecret88:SHA1DASH
Reply
#4
SHA-1('--'.$salt.'--'.$pass.'--') it algo
Reply
#5
you are NOT allowed to post hashes. read the forum rules. You will get banned by not following the rules.

As far as I understand, you are saying the algorithm is basically:
Code:
echo -n --74e3c24fd83d92ea72383e9b3a4292bdfb8eb174--secret88-- | sha1sum

so you must use -m 120 with a salt of "--74e3c24fd83d92ea72383e9b3a4292bdfb8eb174--" (without quotes):
Code:
hash:salt

where salt is --74e3c24fd83d92ea72383e9b3a4292bdfb8eb174--

furthermore you need to apply the rule: $- $-
i.e. the append rule function is used twice to add both of the dashes

append_two_dashes.txt:
Code:
$- $-

Code:
hashcat -m 120 -r rules/best64.rule -r append_two_dashes.txt hashes_with_dashed_salts.txt rockyou.txt
Reply
#6
Tongue 
sorry for hash thanks for the help

hashcat -m 120 -r rules/best64.rule --username -r append_two_dashes.txt hashes_with_dashed_salts.txt rockyou.txt

hashes_with_dashed_salts.txt=
a@gmail.com:848XXXc9e5baf34d6dba20XXX755f4984b6d77cc:74e3c24fd83d92ea72383e9b3a4292bdfb8exxxx

it's that correct?

and just one more help sorry for Tongue
(and am using gtx 1660 super but its giving me jus 8k-khs speed for md5 i used -w 3 update drivers still)
  
Reply
#7
no, the salt must be with the dashes:
a@gmail.com:848XXXc9e5baf34d6dba20XXX755f4984b6d77cc:--74e3c24fd83d92ea72383e9b3a4292bdfb8exxxx--

if you add users, you need to use --username to skip them.

for salted hashes the hash rate depends a lot on the number of salts.

It also depends on the number of rules and how huge your word list is. Normally, we would suggest to use -O too, but you might already be very close to the maximum length (55) if you combine salt and pass with optimized kernels (-O)... Therefore, it might not be worth the risk of not being able to crack the hashes (just because -O might fail because the combination is "too long").
Reply
#8
okay thankyou 
for two dashes have to put it manually or "-r append_two_dashes.txt"
this is okay?
Reply
#9
6 dashes total = 2+2 (around salt) + 2 (after pass)

the rules only add 2 dashes, that's why I named the file append_two_dashes.txt
Reply
#10
so final this

a@gmail.com:--passhash:--salt--

or

a@gmail.com:--salt--:--passhash
.txt file ?
thankyou
Reply