Date: Sun, 27 Jun 2021 00:52:04 -0700 From: David Sontheimer <david.sontheimer@...il.com> To: john-users@...ts.openwall.com Subject: Cracking nested hashes with unknown salts Hello Alexander, I'm curious if John can crack this second password generation heuristic as well (beyond incremental mode): A password that is the truncated hash digest of a hashing algorithm, with a known input (or wordlist of possible inputs), along with an unknown salt of known length and of a known character set. For simplicity's sake, let's call this a "hashword." A hashword is now salted and hashed as usual - for our experiments, using sha1_crypt - and written to file. For additional specifics, let's say the following for generating hashwords: 1. The hashing algorithm is sha256_crypt - but again, only the digest is known - the initial salt remains unknown, removed from the output. 2. The digest is truncated to a known length between 4-8. 3. The salt is of length 8, of the custom alphabet [lowercase letters] + the five digits [0-4] + the three specials [!@$]. I'm comfortable writing an external script for generating these candidates, and using John's --stdin option, but I'm curious if John can generate these hashword candidates internally with a wordlist and appropriate rules. My goal is similar to the work done cracking pwdhash passwords using hashcat, as described here: https://www.flypig.co.uk/papers/dlj-gr-passwords16.pdf One difference is that pwdhash uses a website TLD as additional input, assumed to be known to the attacker; our hashword uses a client-side salt unknown to the attacker. I recognize incremental mode would eventually find the hashword. Yet I'd like to find the word and client-side salt used for initial input. I hope hashword generation makes sense. Please let me know if I've left out important details. Regards, -David
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.