Please note, this is a STATIC archive of website hashcat.net from 08 Oct 2020, cach3.com does not collect or store any user information, there is no "phishing" involved.

hashcat Forum

Full Version: Hash seems simple but i can't identify it
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Hello everyone, i m testing web application, and made an account with simple password and got a hash like this:
c2tuXllXXXXyXnXXdXXxajXjXXhXdz09
Then i made another account with the same password and got the same hash. I suppose there is no salt in it.
So i tried with hash-identifier (which showed me MD5 ) and HashID (which showed me DNSSEC NSEC3)
I proceeded with the hashcat and tried to "crack" it with the dictionary (my password in it):
Code:
hashcat -m 0 -a 0 -o found.txt --remove testmyhash.txt bigpass.txt


Quote:Input.Mode: Dict (bigpass.txt)
Index.....: 3/3 (segment), 960618 (words), 10499593 (bytes)
Recovered.: 0/1 hashes, 0/1 salts
Speed/sec.: - plains, - words
Progress..: 960618/960618 (100.00%)
Running...: --:--:--:--
Estimated.: --:--:--:--


with no results , also tried dictionary with only one password (correct one)


and i m confused. All right, maybe it is NSEC3 (that method looks very rare), and i need oclhashcat to "crack" that. Videocard only in my windows pc. I'm doing this:
Code:
cudahashcat64.exe -m 8300 -a 0 -o found.txt --remove testmyhash.txt bigpass.txt
,
but it keeps yelling at me:
Quote:WARNING: Hash 'testmyhash.txt' Line-length exception

Is there a method which helps me to identify hash algorithm if i know the password? Is it really NSEC3? Thanks in advance.
Hash identification programs like HashID are worthless because the only hashes that can be positively identified are those that have signatures, and if a hash has a signature, you don't need some program to identify it. Hashes without signatures can quite literally be anything. There's an infinite number of possibilities. A string of 32 hex characters could literally be an infinite number of things. You're just going to have to make educated guesses. DNSSEC is not an educated guess.
Thanks very much, i will try to guess changing the -m parameter in hashcat program.
If you don't get anywhere try a simple script with your known password to test every mode hashcat does. If it's there, it'll find it. If not, then you have to use something else anyway.