md5 bruteforce with 2 known salts
#1
Given a known left salt and right salt, how can I bruteforce a md5 hash with a unknown password between them? For example:

md5($salt1 . $password . $salt2)

$salt1 is known
$salt2 is known too
$password is unknown and needs to be bruteforced (unknown length and unknown charset)

I tried using a mask attack but the performance wasn't so great.

Mask:
Code:
?a,SALT1_EXAMPLE?1SALT2_EXAMPLE
?a,SALT1_EXAMPLE?1?1SALT2_EXAMPLE
?a,SALT1_EXAMPLE?1?1?1SALT2_EXAMPLE
?a,SALT1_EXAMPLE?1?1?1?1SALT2_EXAMPLE
?a,SALT1_EXAMPLE?1?1?1?1?1SALT2_EXAMPLE
?a,SALT1_EXAMPLE?1?1?1?1?1?1SALT2_EXAMPLE
?a,SALT1_EXAMPLE?1?1?1?1?1?1?1SALT2_EXAMPLE
?a,SALT1_EXAMPLE?1?1?1?1?1?1?1?1SALT2_EXAMPLE
?a,SALT1_EXAMPLE?1?1?1?1?1?1?1?1?1SALT2_EXAMPLE
?a,SALT1_EXAMPLE?1?1?1?1?1?1?1?1?1?1SALT2_EXAMPLE

Command:
Code:
hashcat -m 0 -a 3 -w 3 --force --opencl-device-types 1,2 test.hash mask.txt

Speed of this method in a RTX 2060 Super:
Code:
Time.Started.....: Wed Dec 16 19:35:52 2020 (26 mins, 31 secs)
Time.Estimated...: Wed Dec 23 08:44:37 2020 (6 days, 12 hours)
Speed.#1.........:  123.4 MH/s (4.53ms) @ Accel:256 Loops:1 Thr:256 Vec:1

I was expecting something close to 12940.3 MH/s (as performed in benchmark mode)

Can someone guide me in how to perform this in hashcat?

Thanks in advance!
Reply
#2
Use mode 20 (md5($salt.$pass)) for good performance. Never use --force.
Reply
#3
(12-17-2020, 01:05 AM)undeath Wrote: Use mode 20 (md5($salt.$pass)) for good performance. Never use --force.

Mode 20 only supports 1 salt as far as I know, is there some workaround to add another salt?
Reply
#4
You already posted the workaround in your first post: append the second salt to your mask.
Reply
#5
(12-17-2020, 01:26 AM)undeath Wrote: You already posted the workaround in your first post: append the second salt to your mask.

It works but the problem remains the same, the performance is extremely low compared to a simple md5 bruteforce. I think the problem is in the mask attack itself :/

Code:
Speed.#1.........:  123.2 MH/s (3.98ms) @ Accel:256 Loops:1 Thr:256 Vec:1

Additionally, hashcat gives me this warning, but I don't think I need/can increase the work amount:
Code:
The wordlist or mask that you are using is too small.
This means that hashcat cannot use the full parallel power of your device(s).
Unless you supply more work, your cracking speed will drop.
For tips on supplying more work, see: https://hashcat.net/faq/morework

Approaching final keyspace - workload adjusted.

Do you have another idea?
Reply
#6
Did you only measure that speed with the first mask in your list or also with longer ones? Masks with only few variable chars will always produce low performance.
Reply
#7
(12-17-2020, 01:37 AM)undeath Wrote: Did you only measure that speed with the first mask in your list or also with longer ones? Masks with only few variable chars will always produce low performance.

Alright, I was doing something wrong, I changed to mode 20 without removing the first salt of the mask file.

Now the speed increased from ~123.2 MH/s in mode 0 to ~6126.4 MH/s in mode 20.

Still is a little under the 12940.3 MH/s speed I got in the benchmark. Maybe some optimization I have to do?

My current mask (9999999999 is a placeholder with the same length of the real salt):
Code:
?h,?19999999999
?h,?1?19999999999
?h,?1?1?19999999999
?h,?1?1?1?19999999999
?h,?1?1?1?1?19999999999
?h,?1?1?1?1?1?19999999999
?h,?1?1?1?1?1?1?19999999999
?h,?1?1?1?1?1?1?1?19999999999
?h,?1?1?1?1?1?1?1?1?19999999999
?h,?1?1?1?1?1?1?1?1?1?19999999999

I measured the speed with the largest mask.
Reply