Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Sat, 9 Jun 2018 22:12:07 -0500
From: jfoug <jfoug@...nwall.net>
To: john-users@...ts.openwall.com
Subject: Re: Using PBKDF2-HMAC-SHA256

On 6/9/2018 2:56 PM, Chris Bonk wrote:
> I'm trying to get PBKDF2-HMAC-SHA256 hashes to be loaded. The example hash
> below loads just fine.
>
>         rounds: 100000
> "salt": "e65814e4382759f85550029e723dc7e7",
> "derived":
> "5f37a3bd08ac1c7d163294a3cb192ed1407b62bbc6a6259fee55f6e53f754273"
>
> My hash file:
> $pbkdf2-sha256$100000$ZTY1ODE0ZTQzODI3NTlmODU1NTAwMjllNzIzZGM3ZTc=$NWYzN2EzYmQwOGFjMWM3ZDE2MzI5NGEzY2IxOTJlZDE0MDdiNjJiYmM2YTYyNTlmZWU1NWY2ZTUzZjc1NDI3Mw==
>
>
PW:  "governor washout beak"

$ ./base64conv.exe -i hex -o mime e65814e4382759f85550029e723dc7e7
e65814e4382759f85550029e723dc7e7  -->  5lgU5DgnWfhVUAKecj3H5w

$ ./base64conv.exe -i hex -o mime 
5f37a3bd08ac1c7d163294a3cb192ed1407b62bbc6a6259fee55f6e53f754273
5f37a3bd08ac1c7d163294a3cb192ed1407b62bbc6a6259fee55f6e53f754273 -->  
XzejvQisHH0WMpSjyxku0UB7YrvGpiWf7lX25T91QnM


Hash: 
$pbkdf2-sha256$100000$XzejvQisHH0WMpSjyxku0UB7YrvGpiWf7lX25T91QnM$5lgU5DgnWfhVUAKecj3H5w

$ cat in
$pbkdf2-sha256$100000$5lgU5DgnWfhVUAKecj3H5w$XzejvQisHH0WMpSjyxku0UB7YrvGpiWf7lX25T91QnM

$ echo -n "governor washout beak" | ./john -pipe in
Using default input encoding: UTF-8
Loaded 1 password hash (PBKDF2-HMAC-SHA256 [PBKDF2-SHA256 256/256 AVX2 8x])
Cost 1 (iteration count) is 100000 for all loaded hashes
Press Ctrl-C to abort, or send SIGUSR1 to john process for status
governor washout beak (?)
1g 0:00:00:00  4.219g/s 4.219p/s 4.219c/s 4.219C/s governor washout beak
Use the "--show" option to display all of the cracked passwords reliably
Session completed

@magnum, you can not use base64 on a hex encoded string.  You first have 
to 'de' hex it into raw, then base64 that raw data.  That is why I use 
the tools available within john.

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.