which is the correct salt file format?
#1
Hi,

I have a single password (00000000) and its' corresponding SHA256 hash (CAE201A8B791CA25B81B04876CACD62897883EE4C1907D2BD51D5671FEEC7562) and I am trying to find the salt. I expect that the salt is 8 bytes long and that each byte can vary from 00 to 09. So I have generated a salt file consisting in 8 byte combinations of 00-09 values. Examples:
0000000000000000
0000000000000001
0000000000000002
....
0107010003000207
0107010003000208
0107010003000209
.....and so on


Next, I fire up the hashcat command (trying to feed the salts to the single hash):

Code:
./hashcat-cli32.bin --bf-cs-buf=0 --bf-pw-min=8 --bf-pw-max=8 -m 1400 --salt-file=salt.txt --attack-mode=3 hash.txt

but I notice that the salts are NOT used:

Code:
Initializing hashcat v0.38 by atom with 8 threads and 32mb segment-size...

NOTE: press enter for status-screen

Added hashes from file ../cod.txt: 1 (1 salts)
Activating quick-digest mode for single-hash
Charset...: 0
Length....: 8
Index.....: 0/1 (segment), 1 (words), 0 (bytes)
Recovered.: 0/1 hashes, 0/1 salts
Speed/sec.: - plains, - words
Progress..: 1/1 (100.00%)
Running...: --:--:--:--
Estimated.: --:--:--:--
Started: Tue Feb 21 13:24:54 2012
Stopped: Tue Feb 21 13:24:55 2012

Wham am I doing wrong and how can I feed the salt file to the program?
Also how can I tell the program the format for the password and salt? (salt-password or password-salt)

Regards,
Cristian
#2
Is the salt left or right side of the plaintext?
#3
The quick answer is probably that since the mode 1400 don't use salts, the salt file does not get loaded and used. As for a solution for this, you could try oclHashcat-plus with rules that prepend or append your salts. However the problem would be the length so I don't have a real solution.
#4
@atom: the plaintext represents only the salts (each per row):

Code:
root@tlc2:/root/samsung_xcover $ head -4 salt.txt
0000000000000000
0000000000000001
0000000000000002
0000000000000003

am I making a mistake here?


@mastercracker: the problem is that I don't possess a compatible GPU that would enable the use of oclHashcat... so I have to do it using hashcat...


thank you for your fast answers!
#5
you said something about 8 byte salts but each line of your salt.txt has 16 byte.

please also not that hashcat is not able to do hex-salts - only oclHashcat-* can do that.
#6
Yes, I used the hex format for the salt file (two characters for one byte). I didn't know that it does not work with hashcat...
Is there any way in which I could feed "binary" salts to hashcat? (more like a hybrid text-binary file, in which each line consists of 8 bytes with 0 to 9 ASCII values in it).

thank you
#7
only 1 to 9
#8
Thank you.
To verify that I understood you right, could you tell me if my statements are correct (inside the following image)?

http://s13.postimage.org/z9uro03mf/binary_salts.jpg
#9
looks good
#10
Ok. I borrowed an AMD HD 5550 video card, so now I can use oclHashcat.
Please advise how the proper command line should look in order to crack this one:
- a SHA256 hash (such as CAE201A8B791CA25B81B04876CACD62897883EE4C1907D2BD51D5671FEEC7562)
- with an appended salt of Hex value 00 00 00 00 00 00 00 00 (8 bytes with 0 ASCII value)
- with decimal charset
- password length: 8 chars

How should I specify the above-mentioned salt to the program? I can only find the --hex-salt option, but no parameter to feed the salt...

thank you