tips on cracking SHA1 hash - Printable Version

Please note, this is a STATIC archive of website hashcat.net from 08 Oct 2020, cach3.com does not collect or store any user information, there is no "phishing" involved.

tips on cracking SHA1 hash - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: tips on cracking SHA1 hash (/thread-9529.html)

tips on cracking SHA1 hash - ninjahhash - 09-23-2020

I'm doing this for the first time.

I have a SHA1 hash with salt and looking for a password between 4 and 12 characters, that's all I know.

I'm wondering how I can minimise the keyspace, as all I can guess is the length of the password.

Are there any tips on how to best go about this? Is it generally a good idea to use wordlists? where do i store the wordlist file or the charset file?

my hashrate is around 3000 MH/s

RE: tips on cracking SHA1 hash - Mem5 - 09-24-2020

Quote:SHA1 hash with salt

First, choose the right mode, speed is not the same for all:

Code:
110    sha1($pass.$salt)

120    sha1($salt.$pass)

130    sha1(utf16le($pass).$salt)

140    sha1($salt.utf16le($pass))

Quote:minimise the keyspace

To achieve that, you need to have hints about charset (a-z A-Z etc)/ keyboard used ? For example, a russian keyboard is not the same as an English or a Spanish one. Any weird letters?
If you don't have any clues, I would go for wordlists + rules. If it is really random, you'll need to go for a brutefroce.

RE: tips on cracking SHA1 hash - ninjahhash - 09-24-2020

Thanks so it is english letters.

How do I use a wordlist + rules? Can you give an example?

Im thinking the first letter could be capital or a number, so how would I do that as a mask?

?H?wordlist

(09-24-2020, 10:10 AM)Mem5 Wrote:
Quote:SHA1 hash with salt
First, choose the right mode, speed is not the same for all:

Code:
110 sha1($pass.$salt) 120 sha1($salt.$pass) 130 sha1(utf16le($pass).$salt) 140 sha1($salt.utf16le($pass))

Quote:minimise the keyspace
To achieve that, you need to have hints about charset (a-z A-Z etc)/ keyboard used ? For example, a russian keyboard is not the same as an English or a Spanish one. Any weird letters?
If you don't have any clues, I would go for wordlists + rules. If it is really random, you'll need to go for a brutefroce.

RE: tips on cracking SHA1 hash - philsmd - 09-24-2020

Code:
-a 7 -1 ?u?d hash.txt ?1 dict.txt

or rules:

Code:
-a 0 -r my.rules hash.txt dict.txt

where my.rules is

Code:
^0

^1

^2

^3

^4

^5

^6

^7

^8

^9

^A

^B

^C

^D

^E

^F

^G

^H

^I

^J

^K

^L

^M

^N

^O

^P

^Q

^R

^S

^T

^U

^V

^W

^X

^Y

^Z