|
Message-Id: <0ED3CFD0-BCD9-43A9-AD17-B6D654C3493D@m.patpro.net> Date: Fri, 11 Nov 2016 11:56:43 +0100 From: Patrick Proniewski <p+password@...atpro.net> To: john-users@...ts.openwall.com Subject: reconstruct usable hash from separate hash and salt Hi, I've got a dump of Salted SHA1 hashes, but unfortunately the salt is not attached to the hash. For example: hash of salt.password: B4A2E194AF922B03470C8D17B5613DC2DE912727 salt: 1357926 password: dwayne I've tried to recreate a hash that john can understand: ./hextoraw.pl 31333537393236B4A2E194AF922B03470C8D17B5613DC2DE912727 | base64 -e MTM1NzkyNrSi4ZSvkisDRwyNF7VhPcLekScnCg== where 31333537393236 is hex of salt. yielding to this password file: login:{SSHA}MTM1NzkyNrSi4ZSvkisDRwyNF7VhPcLekScnCg== Then I've tried to crack it, and failed: ./john --session=toto /tmp/toto --wordlist=/tmp/dwayne --pot=toto.pot Using default input encoding: UTF-8 Loaded 1 password hash (Salted-SHA1 [SHA1 128/128 AVX 4x]) Press 'q' or Ctrl-C to abort, almost any other key for status 0g 0:00:00:00 DONE (2016-11-11 11:44) 0g/s 21.33p/s 21.33c/s 21.33C/s dwayne Session completed I guess I've failed to reconstruct the SSHA hash, but I don't know how to fix that... Any idea? patpro
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.