Hi folks,
I need a little help for recover a HMAC-SHA1 hash value.
I have the hashed value and the (pass)key.
My *.hash file content looks like this (hash:key):
<removed>
and my command line like this:
Code:
hashcat-cli64.exe" -a 0 -m 150 examples
/A0.M0.hash examples/A0.M0.word
But I get no result and no error.
After a half second this comes out in the console:
Code:
Added hashes from file examples/A0.M0.hash: 1 (1 salts)
Activating quick-digest mode for single-hash with salt
NOTE: press enter for status-screen
Input.Mode: Dict (examples/A0.M0.word)
Index.....: 1/1 (segment), 0 (words), 0 (bytes)
Recovered.: 0/1 hashes, 0/1 salts
Speed/sec.: - plains, - words
Progress..: 0/0 (100%)
Running...: --:--:--:--
Estimated.: --:--:--:--
Started: Fri Jun 28 19:08:06 2013
Stopped: Fri Jun 28 19:08:06 2013
What I'm doing wrong?
Please help!
p.s. sorry for my bad english and greetings from germany
Are you using a dictionary attack? It seems like you do not have big .dic list and it finish the cracking fast.
Some details in this questions make no sense to me. It seems that you want to crack using mode 150 while you are using examples/A0.M0.word and examples/A0.M0.hash. Those files are for mode 0 (MD5) and I'm quite sure that at least hashes from examples/A0.M0.hash aren't accepted as input for -m 150.
Maybe you have sth. different in those files, but it is really confusing and you shouldn't modify those example files.
BTW: the *2* formats of HMAC-SHA1 (150, 160) are also documented here:
https://hashcat.net/wiki/doku.php?id=example_hashes (among others)
Try those examples first and see if they are recovered. The password is "hashcat", put it in a file like hash_0150.hash and use either a mask (-a 3 hashca?l ) or a dict containing the word hashcat
hi,
thanks for repsone.
Sorry for confusing with the file name. I change the content of the file to match "hashvalue:passkey" format.
I want to brute force the has key. so I now added "-a 3" to my commando. Looks now thie way:
Code:
hashcat-cli64.exe" -a 3 -m 150 data/my.hash data/my.word
But *.word file stays empty and the console output looks like this:
Code:
[...]
Input.Mode: Mask (data/my.w)
Index.....: 0/1 (segment), 1 (words), 0 (bytes)
Recovered.: 0/1 hashes, 0/1 salts
Speed/sec.: - plains, - words
Progress..: 1/1 (100.00%)
Running...: --:--:--:--
Estimated.: --:--:--:--
Input.Mode: Mask (data/my.wo)
Index.....: 0/1 (segment), 1 (words), 0 (bytes)
Recovered.: 0/1 hashes, 0/1 salts
Speed/sec.: - plains, - words
Progress..: 1/1 (100.00%)
Running...: --:--:--:--
Estimated.: --:--:--:--
Input.Mode: Mask (data/my.wor)
Index.....: 0/1 (segment), 1 (words), 0 (bytes)
Recovered.: 0/1 hashes, 0/1 salts
Speed/sec.: - plains, - words
Progress..: 1/1 (100.00%)
Running...: --:--:--:--
Estimated.: --:--:--:--
Input.Mode: Mask (data/my.word)
Index.....: 0/1 (segment), 1 (words), 0 (bytes)
Recovered.: 0/1 hashes, 0/1 salts
Speed/sec.: - plains, - words
Progress..: 1/1 (100.00%)
Running...: --:--:--:--
Estimated.: --:--:--:--
Started: Sat Jun 29 10:25:14 2013
Stopped: Sat Jun 29 10:25:14 2013
Why did hashcat brute force the file name??!?
Same with sample content (c898896f3f70f61bc3fb19bef222aa860e5ea717:1234)...
You really have to read the wiki (
https://hashcat.net/wiki/ ), all of it. After that try to run this:
hashcat-cli64.exe --help
and read the output too (whole output).
Then, read this:
https://hashcat.net/wiki/doku.php?id=brute_force_attack
and
https://hashcat.net/wiki/doku.php?id=mask_attack
(again).
And all of your questions are answered.
I don't know what you want to do with data/my.word, but if you read the --help, it clearly says output files are specified by --outfile=FILE (if this was what you wanted to do with my.word).
Furthermore, you didn't understand how bruteforce is done in hashcat, threrefore you need to read the WIKI (hint: you missed the mask and I told you already in post above how to do it, BUT read the wiki please).
I have a last question to this term.
The hash is build like this:
hash = HMAC-SHA1 (key, text)
My question:
Is it possible with hashcat to decrypt the key if I know the text and the result hash?
Regards