search

Ekultek / Dagon

Advanced Hash Manipulation
172 stars 54 forks source link

Hash guarantee ($P$V1GoRM) #56

Closed Dagon-Project closed 7 years ago

Dagon-Project commented 7 years ago

Dagon has failed to crack given hash: $P$V1GoRMlq$QKBbTAkBaHkZRcxMchjfe0.

This was attempted on 2017-08-13 16:25:20.685630..

Commands that were used during failure: ['dagon.py', '-c', '$P$V1GoRMlq$QKBbTAkBaHkZRcxMchjfe0', '--bruteforce', '-D', 'downloads']

Algorithm attempted: None

Ekultek commented 7 years ago

This looks to be a wordpress hash, give me a few days and I'll try to crack it for you

Ekultek commented 7 years ago

New wordpress regex: \$P\$\w+\$\S.\w+.\w+. (the old one matched other hash types) test: https://regex101.com/r/qMavKP/1

Ekultek commented 7 years ago

I'm having some trouble getting the wordpress hash to work, so it might take a little longer

Ekultek commented 7 years ago

So this one was a little tricky, this is not a wordpress hash, it's an MD5 crypt hash. The weird part is whoever created the hash added a $P$ instead of the normal $1$ onto it. You can tell the hash type by the fact that it has three dollars signs, the string after the second is the salt (V1GoRMlq). If you changed the $P$ to a $1$ it'll work and crack it. Hash cracked successfully. Nothing needs to be done to Dagon at the moment. I'm assuming that whoever made that hash obfuscated it for more security, and they did a hell of a job because it took me forever to figure that out. This was a tough one.

baal@baal-Aspire-5733Z:~/bin/python/dagon$ python dagon.py -c '$1$V1GoRMlq$QKBbTAkBaHkZRcxMchjfe0' --bruteforce -S V1GoRMlq back -D downloads
Dagon .. Advanced Hash Manipulation v1.14.32.54(dev)
Clone: https://github.com/ekultek/dagon.git

[*] Starting up at 22:03:55..

[22:03:55 INFO] Using salt: 'V1GoRMlq' on the 'back' of the hash...
[22:03:55 INFO] Reading from, downloads/Download-sTMtJkAU.txt..
[22:03:55 INFO] Found 1 possible hash types to run against: md5 crypt 
[22:03:55 INFO] Starting bruteforce with MD5 CRYPT..
---------------------------------------------------------------------------
[+] Match found:
---------------------------------------------------------------------------
[+] Clear Text: fasdfsdfasd
[+] Hash: $1$V1GoRMlq$QKBbTAkBaHkZRcxMchjfe0
[+] Tries attempted: 3138
[+] Algorithm Used: MD5 CRYPT
---------------------------------------------------------------------------

[*] Shutting down at 22:02:07..
Ekultek commented 7 years ago

Just for verification:

baal@baal-Aspire-5733Z:~/bin$ openssl passwd -1 -salt V1GoRMlq
Password: 
$1$V1GoRMlq$QKBbTAkBaHkZRcxMchjfe0
baal@baal-Aspire-5733Z:~/bin$ 

>>> "$1$V1GoRMlq$QKBbTAkBaHkZRcxMchjfe0" == "$1$V1GoRMlq$QKBbTAkBaHkZRcxMchjfe0"
True
>>>