how?

Problems with the hash cracking system? Suggestions?
  • Ads

how?

Postby zenchi » Mon Jan 23, 2012 4:45 pm

I'm sorry but I'm a real n00b to this stuff..

I need to decrypt the following pass:
[16 byte hash]:ABdyv9GTo2g6B5bTUlMZVEBfCf7gCnKC

But I don't know what hash type that is, or how to use the -h command so that it doesn't return unknown hash type and what line should I use for this? The pass will probably not be in any wordlist so it will have to be bruteforced...

I'm using win7...

Help would be greatly appreciated! Also if you can PM me the decrypted pass so I can continue with working on my site. But I'd love to learn how I can do this myself in case I forget stuff again :oops:
zenchi
 
Posts: 5
Joined: Mon Jan 23, 2012 4:27 pm

Re: how?

Postby zenchi » Mon Jan 23, 2012 4:53 pm

ps: it is md5 encrypted, but I dont know which type of md5...?
zenchi
 
Posts: 5
Joined: Mon Jan 23, 2012 4:27 pm

Re: how?

Postby Bitweasil » Tue Jan 24, 2012 3:05 pm

I was going to let this slide, but since you're going to PM me and pester me about it, I'll rip into you instead.

zenchi wrote:I'm sorry but I'm a real n00b to this stuff..


Obviously.

I need to decrypt the following pass:
[16 byte hash]:ABdyv9GTo2g6B5bTUlMZVEBfCf7gCnKC


Great. What type of hash is it? You sort of need to know that to crack it, because otherwise there's a whole lot of options.

But I don't know what hash type that is,


Then you're not going to have much luck cracking it, are you? Where did you steal it from? You could have been useful & said that you got it from a BB of whatever type, but, instead, you just don't know, and won't provide enough useful information. So, no, I can't just magically look at it and tell you what type of hash it is. I can think of 3 or 4 likely options, but that's still quite useless for starting hash cracking.

or how to use the -h command so that it doesn't return unknown hash type and what line should I use for this? The pass will probably not be in any wordlist so it will have to be bruteforced...


You could actually have read the wiki and learned to use the tool. It is documented. Also, the source is freely available...

I'm using win7...


Clearly. Most Linux users have a clue.

Help would be greatly appreciated! Also if you can PM me the decrypted pass so I can continue with working on my site. But I'd love to learn how I can do this myself in case I forget stuff again :oops:


And where did you get the idea that I was in the business of cracking anyone's hashes for fun? I write tools, I don't engage in paid hash cracking, much less free hash cracking. Build your own system.

Further, I actually don't support posting hashes on my forum and asking for them to be cracked. I was going to leave it for a day or two and see if anyone else recognized the format, but because you felt the need to send me a PM to remind me to "look at your thread," I've scrubbed out the hash value.

Good luck.
Bitweasil
Site Admin
 
Posts: 912
Joined: Tue Jan 20, 2009 4:26 pm

Re: how?

Postby zenchi » Wed Jan 25, 2012 10:36 am

You wrote a program, to crack hashes. I do not understand the documentation well enough, so I use the forum to ask something.
No need to get pissed. And everyone starts out as a n00b, don't they?

What type of hash it is, I'm not sure, I think it's hashed with $salt. It hashed by joomla 1.7 I can't find it in the php files, there are different things on different sites after the md5 (....)

I checked the supported hashes and I'm guessing your software can't crack it. Though I'm not sure.
zenchi
 
Posts: 5
Joined: Mon Jan 23, 2012 4:27 pm

Re: how?

Postby Bitweasil » Wed Jan 25, 2012 3:34 pm

joomla 1.7


Hey, look! Useful information!

It appears to use a salted MD5 of the "pass:salt" variety.

Joomla 1.7, as far as I can tell, uses:

$passhash = md5($password . $salt)

$storedhash = $passhash : $salt

So the first part is the actual MD5 hash, the second part is the salt.

I tried a quick test with a generated password and the MD5_PS algorithm, which should handle it, but it doesn't appear to work - I'll debug later.

Describing what software you got the hash from is a whole lot more useful than "some MD5." It's like saying "She was some kind of Italian... or Spanish, maybe."
Bitweasil
Site Admin
 
Posts: 912
Joined: Tue Jan 20, 2009 4:26 pm

Re: how?

Postby zenchi » Wed Jan 25, 2012 4:25 pm

Yeah, I should have given more info since there is not just one way of hashing with md5.

So to be sure: at the moment the multi tool will not work on this. But you are going to add that functionality at some later time?
I'll be happy to hear from you once you know more about it then :)
zenchi
 
Posts: 5
Joined: Mon Jan 23, 2012 4:27 pm

Re: how?

Postby Bitweasil » Wed Jan 25, 2012 4:41 pm

zenchi wrote:So to be sure: at the moment the multi tool will not work on this. But you are going to add that functionality at some later time?


Correct. I'm not actually sure *why* it's not working, because it should. But there may be some hardcoded limits on the salt length that are causing trouble.

I'm in the process of rewriting the tool completely to resolve issues like this and give me better performance and better hash support.
Bitweasil
Site Admin
 
Posts: 912
Joined: Tue Jan 20, 2009 4:26 pm

Re: how?

Postby zenchi » Wed Jan 25, 2012 5:51 pm

Ok, then I'll be waiting for the update ;)
zenchi
 
Posts: 5
Joined: Mon Jan 23, 2012 4:27 pm


Return to Hash cracking

Who is online

Users browsing this forum: No registered users and 2 guests

cron