11-07-2014, 01:42 AM
Hello guys,
I have a few SHA1 hashes/salts. Some of the passwords are known and they are truncated sha1 hashes (40 - last 14 chars =) 26 chars long. So I have two options right?
(a) Try to mask attack the salted hash or
(b) use a wordlist to crack the known truncated sha1 hash (the actual pwd) and look for a pattern to guess the others, but for that I have to config oclHashcat to check for partial matches, right? Is that even possible?
And how can I take advantage of the fact, that the password is itself a hash? Is there any rule I can use for hashes besides a hex custom charset?
Thanks,
Hyloron
I have a few SHA1 hashes/salts. Some of the passwords are known and they are truncated sha1 hashes (40 - last 14 chars =) 26 chars long. So I have two options right?
(a) Try to mask attack the salted hash or
(b) use a wordlist to crack the known truncated sha1 hash (the actual pwd) and look for a pattern to guess the others, but for that I have to config oclHashcat to check for partial matches, right? Is that even possible?
And how can I take advantage of the fact, that the password is itself a hash? Is there any rule I can use for hashes besides a hex custom charset?
Thanks,
Hyloron