hashcat Forum

chapcrack for ms-chapV2
https://github.com/moxie0/chapcrack

so anybody know the hash type of $99$ ?
Can I use plus or lite instead of Cloudcracker ?

thank you !

./chapcrack.py parse -i tests/pptp.cap
Got completed handshake []
Cracking K3.............
User = moxie
C1 = 1c93abce81540068
C2 = 6baeca315f348469
C3 = 256420598a73ad49
P = 6d0e1c056cd94d5f
K3 = c3d40000000000
CloudCracker Submission = $99$<removed>

(07-29-2012, 11:32 AM)box Wrote: [ -> ]salted wordpress?

I dont think so,because the cloudcracker said they can crack it in 1 day.

Ok so I'm tired and accidently deleted my post when I ment to edit it... I looked over this again and I'm almost positive the "cloudcracker submission" isn't even a hash It's base64 I'm not sure what the $99 is though...

---

And...... looking at this.... https://github.com/moxie0/chapcrack/blob...Command.py just confirmed that it's base64.... ok time for sleep....

(07-29-2012, 07:35 PM)box Wrote: [ -> ]Ok so I'm tired and accidently deleted my post when I ment to edit it... I looked over this again and I'm almost positive the "cloudcracker submission" isn't even a hash It's base64 I'm not sure what the $99 is though...

---

And...... looking at this.... https://github.com/moxie0/chapcrack/blob...Command.py just confirmed that it's base64.... ok time for sleep....

Your are absolutely correct, this is line from the sources:

print "CloudCracker Submission = $99$%s" % base64.b64encode("%s%s%s%s" % (plaintext, c1, c2, k3[0:2]))

Looks like $99$ is just a unique id for CloudCracker to identify hashed data for decription produced by chapcrack.