Please note, this is a STATIC archive of website hashcat.net from October 2020, cach3.com does not collect or store any user information, there is no "phishing" involved.

hashcat Forum

Full Version: decryption problem with enctype 7500
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
I try to use cudaHashcat 1.35 to decrypt two hash of the encryption type 7500(kerberos 5 AS-REQ-Pre-Auth etype 23). The first hash(signed as hash1) comes from the hashcat forum and I use the command '$krb5pa$23$user$realm$salt$hash1' to decrypt it. The second hash(signed as hash2 ) comes from my experinment: I use wireshark to get the kerberos 5 AS-REQ pack, then pick up the enc PA-ENC-TIMESTAMP as the second hash. Also, I use the command '$krb5pa$23$user$realm$salt$hash2' to decrypt it. The first hash can be decrypted successfully butĀ  I failed to decrypt the second hash. What should I do?
v1.35 was released 2 years ago, and cudaHashcat doesn't even exist anymore. Upgrade to hashcat 3.30 or newer before reporting any bugs or errors.
Follow the above suggestion, I tried hashcat 3.30. However the problem can't be solved yet. Here is hash1 used in my testcase:
$krb5pa$23$user21$realm22$salt1234$4e751db65422b2117f7eac7b721932dc8aa0d9966785ecd958f971f622bf5c42dc0c70b532363138363631363132333238383835. It is from the hashcat forum.
This is hash2:
$krb5pa$23$user21$realm22$salt1234$5c7698871dc87e96aacd8a94614a48b327bf06b64879150a863ba8246f50f70eda670b1b1370d7d5a2aa81487603b3de31e3024d. I copied it from the keberos AS-REQ package.
What should i do now?
I think you need to update the salt as well
I find that if I change the value of the "user", "realm" and "salt" at will in hash1, it can still be decryted successfully. So there are two another questions. First, does the decryption of kerberos enctype 23 need a salt? Second, If it needs a salt, where can I find it in the kerberos AS-REQ package?
Yes, it's salted. See: https://hashcat.net/wiki/doku.php?id=example_hashes

I don't know about that kerberos AS-REQ package you're talking about.
The AS-REQ package is one of the message types of kerberos protocol during the authentication. I get it from the network which takes kerberos as its authentication way by using wireshark. Then I pick up the '
enc PA-ENC-TIMESTAMPĀ ' in this package as the input hash of the algorithm of 7500 to decrypt. Also, I can find other corresponding parameters include 'user' and 'realm' in the AS-REQ package. But I haven't found the 'salt'. So, where can i find the corresponding salt of the input hash?
I don't know how the hash is extracted, but I know it's salted.