Please note, this is a STATIC archive of website hashcat.net from October 2020, cach3.com does not collect or store any user information, there is no "phishing" involved.

hashcat Forum

Full Version: Can someone explain what Payload pbkdf2 information means
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Hello Forum,

Can someone tell me what this payload information is and what I can do with it. From what ive read its a response to a log in request from blockchain.info . It looks like this...

Payload: {"pbkdf2_iterations":5000,"version":3,"payload":"MpvvIebsIQ9rrdtnKqeas/LARGESTRINGOFLETTERSNUMBERSANDSOMEPLUSSYMBOLS/k8jk="}

I also have a password which I assume is linked to to this payload in some way but have no other bits of information.

My searches keep bringing up threads that talk about a tool called btcrecover however I have no clue what I am doing and could use a bit of advice.

Thanks
Hi simonh, let me try to help you.

From what it seems the program or site that you're using is doing a PKBDF2 derivation (imagine this as a simple hash, like MD5 or SHA1, only purposely 5000x slower).
This payload should also have a salt, which may be contained somewherre within the payload line (therefore the salt is public) or it might be something related like your whatevercoin address.

Salt is just a simple tad of information added to the text that you want to hash to avoid pre-calculated attacks, aka rainbow tables. For WPA2 password the salt is, along with other stuff, your network's name(SSID), on cryptocurrency I supposed they use your public address as salt, but it might be the string "MpvvIebsIQ9rrdtnKqeas", on Linux for example the salt is just a piece of text that precedes the actual payload of the PBKDF2 funcion. (Well, tbh it's not PBKDF2, but it could be just the same)

Now long story made short, seems like you're using a wrong password or maybe wrong public wallet address.
you can use this script to extract a string hashcat can handle from that file: https://github.com/stricture/hashstack-s...hashcat.py

note: change "version":3 to "version":2 otherwise that script will fail. v2 and v3 are the same.