Please note, this is a STATIC archive of website hashcat.net from 08 Oct 2020, cach3.com does not collect or store any user information, there is no "phishing" involved.

hashcat Forum

hashcat Forum > Deprecated; Previous versions > General Help > A Difficult Salting Method
Full Version: A Difficult Salting Method
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

S.Doak

02-21-2015, 05:22 AM
Hello everyone,

I am trying to use oclHashcat on some SHA-512 hashes, but the way they were constructed is very odd. The method is: "salt1 + Password + salt2 + length(Password)"

For example, if salt1 is "foo", salt2 is "bar" and the password is "password1", then the hash would be the SHA-512 of "foopassword1bar9" (where 9 is the number of characters in "password1").

My question is how can I set up oclHashcat to tackle such a challenge?

As an additional detail: I am planning on using some wordlists/dictionaries for the attack.

Thank you,
Spencer

Rolf

02-21-2015, 09:49 AM
Technically, you're dealing with a sha-512($salt1.$pass.$salt2), where $salt2 = $salt2.len($pass); it's just a number appended to salt2.
You'll have to filter your dictionaries / keyspace to a certain length and only attack hashes which have such length in the second salt (otherwise you're just wasting cycles).
But I don't see sha-512($salt1.$pass.$salt2) being supported by oclHashcat at the moment.
Hope this helps.

S.Doak

02-21-2015, 09:54 PM
So there's no way to set up oclHashcat (or even standard Hashcat) to automatically handle this?

If not, I suppose I'll just work on writing something in C++ to handle this.

undeath

02-22-2015, 01:15 AM
Correct. There is not.

S.Doak

02-22-2015, 11:53 PM
Alright, thank you anyway.
hashcat Forum > Deprecated; Previous versions > General Help > A Difficult Salting Method