Please note, this is a STATIC archive of website hashcat.net from 08 Oct 2020, cach3.com does not collect or store any user information, there is no "phishing" involved.

hashcat Forum

Full Version: Custom iterations count
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Hello everyone,

I'll admit this is a pretty weird scenario, but sadly I have to face it.
I have a sha512 salted hash, with custom iterations for each user. For example User A has 7200 iterations, User B 9100 and so on.
(Beats me why they didn't just use bcrypt with a freaking high cost value)

Any suggestions on how can I deal with it?
Github forking is the only way?
What are the details about the algorithm used?
"sha512 salted with custom iterations" doesn't really say much.
There are many different ways to use "sha512", "iterations" and "salt" all within a hashing scheme.

Do you mean something like sha512crypt ? PBKDF2-HMAC-SHA512 ? or is it really "just" some salted sha512 iterations ?
If so, when is the salt used (on each and every iteration? appended or prefixed)? Are hexadecimal or binary digests used etc?

Also see https://hashcat.net/wiki/doku.php?id=example_hashes
Since I don't have access to the code base, I can only perform an educated guess.
The hash resembles plain sha512 algorithm, the salt is something like 104e8bd5-462f-4974-a508-f2963be9da75

I suspect the developer followed the logic of Drupal hashing and "improved" it.
Since I have a small-medium collection (24k hashes), I was thinking about trying to validate the hash using very common passwords (ie password, 123456) until a match is found. Then is business as usual Big Grin