Search Results
|
Post |
Author |
Forum
[asc]
|
Replies |
Views |
Posted |
|
|
Thread: Identifying 53-char hash type
Post: RE: Identifying 53-char hash type
Could be itoa64 (kind of base64 encoding), see https://gchq.github.io/CyberChef/#recipe=From_Base64('./0-9A-Za-z%3D',true)To_Hexdump(16,false,true)&input=Y3l6V1h3SFhaQlBueHRCYWxGcFFpT3NCdlo1a21RcFdSb... |
|
DanielG |
General Talk
|
1 |
2,328 |
02-22-2018, 02:18 PM |
|
|
Thread: Help identifying this hash
Post: RE: Help identifying this hash
You mention AspNetUsers which lead me to https://msdn.microsoft.com/en-us/magazine/dn818488.aspx. This mentions that next to the passwordhash a SecurityStamp GUID is stored. The part you posted after ... |
|
DanielG |
General Talk
|
3 |
2,852 |
08-20-2018, 08:51 AM |
|
|
Thread: Dictionary for long passwords - Tips and ideas
Post: RE: Dictionary for long passwords - Tips and ideas
eriden Wrote: (08-03-2018, 12:10 PM)
--
My initial thought was that people using passwords of 16+ characters in length would mostly use pass phrases (I.e. "I love my two dogs!"). So perhaps combinin... |
|
DanielG |
General Talk
|
7 |
6,427 |
08-03-2018, 12:33 PM |
|
|
Thread: Dictionary for long passwords - Tips and ideas
Post: RE: Dictionary for long passwords - Tips and ideas
Unfortunately Cambridge University didn't post it (anywhere I could find), but researchers are nice people so you could try contacting the people in the paper.
You could look at https://github.com/... |
|
DanielG |
General Talk
|
7 |
6,427 |
08-08-2018, 10:36 AM |
|
|
Thread: Please, help identifying hash type
Post: RE: Please, help identifying hash type
It would help to tell us where you got the hash from, it saves us searching for it and discovering it is a HP Switch config password. On https://h20628.www2.hp.com/km-ext/kmcsdirect/emr_na-c04149503-1.... |
|
DanielG |
General Talk
|
3 |
2,806 |
09-06-2018, 09:08 AM |
|
|
Thread: hashcat recovers null results
Post: RE: hashcat recovers null results
Just to be really really sure, if you do sha512($salt) on for example https://passwordsgenerator.net/sha512-hash-generator/ you don't get the hash in your output? |
|
DanielG |
General Talk
|
5 |
3,251 |
11-05-2018, 05:25 PM |
|
|
Thread: hashcat recovers null results
Post: RE: hashcat recovers null results
That hashcat is correctly showing the results. There is no password for those hashes you have, only a salt. Depending on your source this might be logical. |
|
DanielG |
General Talk
|
5 |
3,251 |
11-05-2018, 05:52 PM |
|
|
Thread: word combinations with masks between
Post: RE: word combinations with masks between
I think the easiest way is to generate a wordlist on your own with the 2 passwords and every character or two between them (if you can't program, try making it in excel with the standard tables). Then... |
|
DanielG |
General Talk
|
2 |
2,118 |
11-14-2018, 04:32 PM |
|
|
Thread: About Winzip (13600) hash
Post: RE: About Winzip (13600) hash
Code:
--
filename:$zip2$*Ty*Mo*Ma*Sa*Va*Le*DF*Au*$/zip2$
Ty = type (0) and ignored.
Mo = mode (1 2 3 for 128/192/256 bit)
Ma = magic (file magic). This is reservered for now. See pkzip_fmt_p... |
|
DanielG |
General Talk
|
2 |
3,417 |
11-21-2018, 10:59 AM |
|
|
Thread: Best approach using hashcat
Post: RE: Best approach using hashcat
On https://hashcat.net/wiki/doku.php?id=example_hashes you'll see the option "5100 Half MD5" which checks the first half of MD5 as you described. So just use that option? |
|
DanielG |
General Talk
|
1 |
1,633 |
01-10-2019, 10:29 AM |
|
|
Thread: Help brute forcing a SHA512 7-character password
Post: RE: Hire someone to brute force a single SHA512 7-...
https://hashcat.net/forum/announcement-2.html
"Do not ask people to crack your hash. It does not matter if you are willing to pay." |
|
DanielG |
General Talk
|
2 |
2,075 |
01-11-2019, 01:52 PM |
|
|
Thread: how can i crack hexmd5 hash ?
Post: RE: how can i crack hexmd5 hash ?
On https://miloserdov.org/?p=1088 it says the hash 15b4c47a3e0e44b9e40db20ac1225023 is for hexMD5('\301' + "22222222" + '\237\174\357\335\234\211\367\356\273\105\215\277\226\361\103\120') on the scr... |
|
DanielG |
General Talk
|
27 |
14,953 |
02-19-2019, 02:04 PM |
|
|
Thread: how can i crack hexmd5 hash ?
Post: RE: how can i crack hexmd5 hash ?
Yeah what philsmd said.
The wrong login response was just the assumption you intercepted a random person logging in to the system. However the Arabic text after the login attempt says that the log... |
|
DanielG |
General Talk
|
27 |
14,953 |
02-21-2019, 11:42 AM |
|
|
Thread: how can i crack hexmd5 hash ?
Post: RE: how can i crack hexmd5 hash ?
I think this is going past what hashcat is about and more turning in how you can hack a certain piece of software.
You have all the information in this topic (and external sources) to understand inter... |
|
DanielG |
General Talk
|
27 |
14,953 |
02-22-2019, 10:23 AM |
|
|
Thread: LM Hashes
Post: RE: LM Hashes
I think you could do 2 things:
- the best one is https://hashcat.net/wiki/doku.php?id=hybrid_attack where you make a wordlist with all the variants of PASSWOR (such as Passwor, PAsswor, PaSswor, etc)... |
|
DanielG |
General Talk
|
11 |
5,710 |
08-27-2019, 08:38 AM |
|
|
Thread: 2x32 Bytes in base64, separated by $
Post: RE: 2x32 Bytes in base64, separated by $
Cool, nice way you found that out too |
|
DanielG |
General Talk
|
4 |
1,671 |
09-25-2019, 09:17 AM |
|
|
Thread: Is there a way to extract a password hash from AESCrypt archive?
Post: RE: Is there a way to extract a password hash from...
on the official forum there is a topic about bruteforce a forgotten password on https://forums.packetizer.com/viewtopic.php?f=72&t=1333 there is a slow python version using the tool itself but a user ... |
|
DanielG |
General Talk
|
20 |
5,128 |
01-08-2020, 09:56 AM |
|
|
Thread: Is there a way to extract a password hash from AESCrypt archive?
Post: RE: Is there a way to extract a password hash from...
okay, googling a bit more it seems the format is pretty open. The fileformat is described on https://www.aescrypt.com/aes_file_format.html and there is source on https://github.com/kenkendk/sharpaescr... |
|
DanielG |
General Talk
|
20 |
5,128 |
01-08-2020, 10:18 AM |
|
|
Thread: Intercept zip decryption key or files from an application
Post: RE: Intercept zip decryption key or files from an ...
Yes but it heavily depends on the application and how you have access to it. You can decompile the application and look for the password, debug the running application, run a trace on calls that are b... |
|
DanielG |
General Talk
|
1 |
719 |
03-12-2020, 05:33 PM |