I am having trouble loading Oracle 11g hashes (type 112) in to oclhashcat-plus.
They are stored in the SYS.USER$.spare4 column and are of the form of 'S:' followed by 40 characters of hex SHA1 hash followed by 20 characters of hex salt.
I've tried the string as is, removing the 'S:', separating the hash and salt, and other permutations, but I am consistently getting line length exceptions.
Does anyone know what the proper format is for Oracle 11g hashes?
The format is hash:username
Hmm. Let's say we have a user named foo with a hash "S:123456789A123456789B123456789C123456789D123456789E123456789F".
The proper format would be oclHashcat-plus -m 112 123456789A123456789B123456789C123456789D123456789E123456789F:foo wordlist.txt?
I'm still getting line length exceptions with and without the 'S:' or username. The old DES format was salted with the username but the new one has a random salt.
When you are referring to Oracle 11g hashes, I'm assuming that you are referring to the SHA format and not the old DES format with case sensitivity.
I see. In this case you have to export the random salt. The random salt must be an hex encoded string which replaces the username. It is exactly of length 10. Example:
Password for this is 874
Awesome, that explains why I was getting the line length exceptions.
However, there seems to be one small problem. Oracle uses 10 bytes of hex salt, yet oclHashcat seems hard-coded to accept up to 5 bytes.
Thanks for the explanation.
i guess you have to use the --hex-salt option
Undeath, that wouldn't work, as --hex-salt is already implied by the hash type (-m 112).
Atom, is it possible to expand the max length for the salt or is it a remnant from optimizing for a different hash type?
Why do you need it expanded. Your 5 byte binary data encoded in hex is exactly 10.
You were right. I fixed it. If you need access to a beta version send me a PM.
Quote:root@sf:~/oclHashcat-lite-0.10# ./oclHashcat-lite64.bin -m 112 61CE616647A4F7980AFD7C7245261AF25E0AFE9C:9763FCF0D54DA667D4E6
oclHashcat-lite v0.10 by atom starting...
** Valid keyfile for beta usage: atom (expires 26.03.2013)
GPU-Loops: 128
GPU-Accel: 160
Password lengths range: 1 - 55
Platform: AMD compatible platform found
Watchdog: Temperature limit set to 90c
Device #1: Tahiti, 2931MB, 0Mhz, 32MCU
Status.......: Cracked
Hash.Target..: 61ce616647a4f7980afd7c7245261af25e0afe9c:9763fcf0d54da667d4e6
Hash.Type....: Oracle 11g
Time.Running.: 0 secs
Time.Left....: 0 secs
Plain.Mask...: ?1?2?2
Plain.Text...: ***
Plain.Length.: 3
Progress.....: 60416/80352 (75.19%)
Speed.GPU.#1.: 66926/s
HWMon.GPU.#1.: 0% GPU, 43c Temp
Started: Mon Apr 9 18:48:25 2012
Stopped: Mon Apr 9 18:48:26 2012