Please note, this is a STATIC archive of website hashcat.net from 08 Oct 2020, cach3.com does not collect or store any user information, there is no "phishing" involved.

hashcat Forum

Full Version: Lotus HTTP Hash
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2
Hi there, please, hashcat is a very good hash cracker and is possible to implement the Domino HTTP Hash algorithm in this?
The .C files is from Lepton's Cracker, but this isn't multi-threaded and don't work with multi-cores, haven't the many options as hashcat.
I'll attach the .h and .c file, and the hash:plaintext example is the only one that I have for the moment,hope it help,because I really need a good hash breaker like hashcat with this algorithm. Here it go:
Quote:871D6EEEF59C1384531CB1D00CC7FCE7:trocar
Thank's...
(05-05-2010, 06:04 AM)subgenius Wrote: [ -> ]Hi there, please, hashcat is a very good hash cracker and is possible to implement the Domino HTTP Hash algorithm in this?
The .C files is from Lepton's Cracker, but this isn't multi-threaded and don't work with multi-cores, haven't the many options as hashcat.
I'll attach the .h and .c file, and the hash:plaintext example is the only one that I have for the moment,hope it help,because I really need a good hash breaker like hashcat with this algorithm. Here it go:
Quote:871D6EEEF59C1384531CB1D00CC7FCE7:trocar
Thank's...

never heared of this algo. are you sure that this important for a bigger number of users? i try to add it in a later version, but i will give it a lower priority until more users reply to this thread asking for support.
(05-06-2010, 09:09 AM)atom Wrote: [ -> ]
(05-05-2010, 06:04 AM)subgenius Wrote: [ -> ]Hi there, please, hashcat is a very good hash cracker and is possible to implement the Domino HTTP Hash algorithm in this?
The .C files is from Lepton's Cracker, but this isn't multi-threaded and don't work with multi-cores, haven't the many options as hashcat.
I'll attach the .h and .c file, and the hash:plaintext example is the only one that I have for the moment,hope it help,because I really need a good hash breaker like hashcat with this algorithm. Here it go:
Quote:871D6EEEF59C1384531CB1D00CC7FCE7:trocar
Thank's...

never heared of this algo. are you sure that this important for a bigger number of users? i try to add it in a later version, but i will give it a lower priority until more users reply to this thread asking for support.

This algorithm is from LotusNotes, the webmail system uses it. Hope you can add it in next release. Thank's for the attention!
Hi there, first post, so I'll first say how great your app is, love it!
That Lotus Domino/Notes password is still in use in a fair amount of places, however people seem to use other apps to crack them, I'd love if it was included in hashcat. I understand you're obviously very busy with the project, but I'd like to add another '+1' vote to including this algorithm.
From what I understand, there is two hashing types, an old one, and a newer one. The old one uses a modified RC4 implementation, and I'm not sure what the newer one uses, although I do know that it uses the username as a salt.
I'm busy 3 days now bruteforcing lotus5 hashes and found out that there's nothing better than
Hashcat.. :-)
so please add! grinn..

the jumbo patch of john can do it. but I don't like john.

keep in mind.. that it's using 2 different hashes. 1 unsalted old rc4 (or something)
the other one (Starting with G) is salted with username
(it's the id hash of the user for using the lotus api on port 1352)
Hi, hashcat is excellent tool. It will be great to implement Domino HTTP Hash algorithms. I know many people needed it. Please, add them.
Thanks.
+1 for salted domino http hash =)
sorry but theres no need for it.it would place it in the lower lower lower priority class.
+1 salted (Starting with G) http hash needed
+1 for both lotus5 and dominosec - to take the hash type names from John the Ripper.

I have personally collected ~1.25 million Lotus (both unsalted "lotus5" and salted "more secure" dominosec type hashes) from various sources. There are many more in active use that I don't have. That said, even though the exposure to date has been relative low-key, I believe there is a real need for faster cracking than is currently available only from Lepton's crack and John the Ripper.
Pages: 1 2