cannot recognise hash
#1
HI There,

I am working on a CTF challenge (HTB - Bizness) and it's my first time using Hashcat.

I have found the following Hash, which I know has root pwd in it:
Code:
$SHA1$d$uP0_QaVBpDWFeo8-dRzDqRwXQ2I

I know it's SHA1 w salt. The Salt is the character d. However when using hashcat with the following code it says separator unmatched:

Code:
hashcat -m 120 -a 0 'hash.txt' /path/to/wordlist

I changed to this format as well and tried:

uP0_QaVBpDWFeo8-dRzDqRwXQ2I:d

But still returns a token length exception.

Anyone has a clue on why it doesn't work?

If it helps I know the pwd is monkeybizness and this python script can successfully find it:

Code:
import hashlib
import base64
import os
def cryptBytes(hash_type, salt, value):
    if not hash_type:
        hash_type = "SHA"
    if not salt:
        salt = base64.urlsafe_b64encode(os.urandom(16)).decode('utf-8')
    hash_obj = hashlib.new(hash_type)
    hash_obj.update(salt.encode('utf-8'))
    hash_obj.update(value)
    hashed_bytes = hash_obj.digest()
    result = f"${hash_type}${salt}${base64.urlsafe_b64encode(hashed_bytes).decode('utf-8').replace('+', '.')}"
    return result
def getCryptedBytes(hash_type, salt, value):
    try:
        hash_obj = hashlib.new(hash_type)
        hash_obj.update(salt.encode('utf-8'))
        hash_obj.update(value)
        hashed_bytes = hash_obj.digest()
        return base64.urlsafe_b64encode(hashed_bytes).decode('utf-8').replace('+', '.')
    except hashlib.NoSuchAlgorithmException as e:
        raise Exception(f"Error while computing hash of type {hash_type}: {e}")
hash_type = "SHA1"
salt = "d"
search = "$SHA1$d$uP0_QaVBpDWFeo8-dRzDqRwXQ2I="
wordlist = '/usr/share/wordlists/rockyou.txt'
with open(wordlist,'r',encoding='latin-1') as password_list:
    for password in password_list:
        value = password.strip()
        hashed_password = cryptBytes(hash_type, salt, value.encode('utf-8'))
        # print(hashed_password)
        if hashed_password == search:
            print(f'Found Password:{value}, hash:{hashed_password}')
Reply
#2
You need to use -m 124 (and also put the hash in hex)
See https://hashcat.net/wiki/doku.php?id=example_hashes
Reply