Please note, this is a STATIC archive of website hashcat.net from 08 Oct 2020, cach3.com does not collect or store any user information, there is no "phishing" involved.

hashcat Forum

Full Version: Two hashes one result - why?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
I got two hashes

hash number 1:

Code:
$ml$26246$87487bb03941a7d1e702cc54ee81e7f61e5e46f554b47677279a59185baaba5f$4b98bb3ebefd1c7195aa991916b7d7e683e992fd9a9d1355533456d62bad58c1ccc0380351252b5215a3b064dd9fa00513566db80a297858473828882305b8ce


hash number 2:

Code:
$ml$26246$87487bb03941a7d1e702cc54ee81e7f61e5e46f554b47677279a59185baaba5f$4b98bb3ebefd1c7195aa991916b7d7e683e992fd9a9d1355533456d62bad58c1ccc0380351252b5215a3b064dd9fa00513566db80a297858473828882305b8ce0437f57d7b9da19fe19d2384d7221d7e8264a6f035562ab1937b57948856eff531f60777ee5f71aa3507cc5b71caee7cf39b914623230e7f844401cb29f6df84

Both produce the same password. How is it possible?
they are salted and seemingly even different algorithms judging from the size.
it's the same hash:

87487bb03941a7d1e702cc54ee81e7f61e5e46f554b47677279a59185baaba5f

and the same salt (only first 512 bit matter)

4b98b​b3ebefd1c7195aa991916b7d7e683e992fd9a9d1355533456d62bad58c1

and the same iteration count.
I know it same salt and same iteration. But hash is different. One is much longer than another.
They are not
well I guess there is more about hashing I need to learn.
There is not much you need to learn here. It is very simple.

OS X v10.8+ (-m 7100) uses PBKDF2, which allows to have a variable output (digest/hash) length.
oclHashcat doesn't care much about this hash length (it could be very long, or just the minimum length), but the only thing to know is that given the same password and salt you will end up with the same hash (which you could extend in length or not).
But why would one care about the length, if oclHashcat did find the correct password and hence the hash was cracked everything is fine. So why should/would oclHashcat try to distiguish them if they are identical (except the output size)?