Please note, this is a STATIC archive of website hashcat.net from 08 Oct 2020, cach3.com does not collect or store any user information, there is no "phishing" involved.

hashcat Forum

hashcat Forum > Deprecated; Ancient Versions > Very old oclHashcat-lite Support > md5(salt.pass) troubles and tricks
Full Version: md5(salt.pass) troubles and tricks
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3

d0znpp

08-06-2012, 12:39 AM
Hi all,
I'm use oclHashcat-lite-0.10 with HD6990 on Debian sid.
Need to brute md5($salt.$pass) hash, but could not find it in hash types ;(
Salt is 12345678
Pass is 8 bytes of [a-Z0-9]

First solution to brute it:
Code:
./oclHashcat-lite64.bin --gpu-accel 800 --gpu-loops 1024 --gpu-temp-disable --outfile-watch 0 --restore-timer 0 --custom-charset1 ?l?d?u --hash-type 0 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa' SALT1234?1?1?1?1?1?1?1?1

Got low speed (~370M/sec), while salt has 4 byte or more.
While salt has 3 bytes speed is ~8600M/sec
While salt has 1-2 bytes speed is ~10800M/sec

Second trick to brute:
Code:
./oclHashcat-lite64.bin --gpu-accel 800 --gpu-loops 1024 --gpu-temp-disable --outfile-watch 0 --restore-timer 0 --custom-charset1 ?l?d?u --custom-charset2 SALT1234 --hash-type 0 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa' ?2?2?2?2?2?2?2?2?1?1?1?1?1?1?1?1

Speed is ~10800M/sec

How to set --pw-skip to skip false combinations?
I can not understand in what sequence will move the characters from the ?2 charset

undeath

08-06-2012, 12:59 AM
you can try the OSC hash mode.

d0znpp

08-06-2012, 01:00 AM
(08-06-2012, 12:59 AM)undeath Wrote: [ -> ]you can try the OSC hash mode.

i'm sorry. What is OSC?

Quote:MD5
md5($pass.$salt)
Joomla
SHA1
nsldap, SHA-1(Base64), Netscape LDAP SHA
sha1($pass.$salt)
nsldaps, SSHA-1(Base64), Netscape LDAP SSHA
Oracle 11g
MSSQL(2000)
MSSQL(2005)
MySQL
MD4
md4($pass.$salt)
NTLM
Domain Cached Credentials, mscash
SHA256
sha256($pass.$salt)
descrypt, DES(Unix), Traditional DES
SHA512
sha512($pass.$salt)
SL3
Cisco-PIX MD5
Double MD5
vBulletin < v3.8.5
vBulletin > v3.8.5
IPB2+, MyBB1.2+
LM
Oracle 7-10g, DES(Oracle)

undeath

08-06-2012, 01:26 AM
uhm, sorry. Seems like OSC is not supported by lite. Due to the way lite works you should not use a mask like 12345678?1?1?1?1 ... because lite relies on the first part of the plaintext not to be fixed. Else you will get very low speed. Better use plus for this job.

d0znpp

08-06-2012, 01:31 AM
OSC is md5($pass.$salt)
i need md5($salt.$pass)

any suggestions?

undeath

08-06-2012, 01:58 AM
OSC is md5(salt.pass), however it is not supported by lite. Read my other post.

d0znpp

08-06-2012, 02:28 AM
OSC is md5($pass.$salt), not md5($salt.$pass) and $salt has only 2 bytes.
Try oclHashcat-plus to understand that.

M@LIK

08-06-2012, 03:44 AM
3947a147feac6b17e0937edbcd5bdff3:12:osCommerce
f63f4265660e1e80a27cfe7f97eba23d:c6:hashes
9e976555d232c95b69de92478c67389f:f6:are
5d3b86659593f8154ea272476c19f0f1:27:md5($salt.$pass)
ecec4eea1802097a51c2609f73ae9f3c:ca:!!

d0znpp

08-06-2012, 04:06 AM
Hmm. Really strange Wink

But anyway my salt has 8 bytes, not 2.

mastercracker

08-06-2012, 04:09 AM
(08-06-2012, 04:06 AM)d0znpp Wrote: [ -> ]Hmm. Really strange Wink

But anyway my salt has 8 bytes, not 2.
Just make a rule to prepend your salts to every password and use plain MD5 (-m 0) with oclhashcat-plus. However, this will cover only password from 1 to 7 characters. If you truncate your salt and put part as salt and part in the rule file you can increase it to 9 characters (using -m 21) but it starts to be a lot of trouble. From what I have understood, the next version of -plus will have generic mode again that you will be able to use.
Pages: 1 2 3
hashcat Forum > Deprecated; Ancient Versions > Very old oclHashcat-lite Support > md5(salt.pass) troubles and tricks