Date: Fri, 27 Nov 2020 13:58:50 +0100 From: magnum <john.magnum@...hmail.com> To: john-users@...ts.openwall.com Subject: Re: cracking HMAC-SHA1 (key=salt) On 2020-11-27 11:52, Sebastian Reitenbach wrote: > prepared hash file for john: > tryhackme#e5d8870e5bdd26602cab8dbe07a942c8669e56d6 > however, john --format=HMAC-SHA1 doesn't crack it, as it's using the password as key, > instead of the salt. Indeed: Since you know the password we can verify the reverse: $ echo '481616481616#e5d8870e5bdd26602cab8dbe07a942c8669e56d6' > test.in $ ./john test.in -form:hmac-sha1 -mask:tryhackme (...) Press 'q' or Ctrl-C to abort, almost any other key for status tryhackme (?) 1g 0:00:00:00 100.0g/s 100.0p/s 100.0c/s 100.0C/s tryhackme No remaining hashes ...but this only works for verifying a known password, of course. > I was looking through the formats john supports, as well as the DYNAMIC documentation, > but was unable to spot anything that could help me to crack that hash with john. > > Can I crack HMAC-SHA1 (key=salt) hashes with JtR, am I overlooking something? Unfortunately not. We have some old issue for implementing HMAC "salt is key" but the demand seems low. magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.