Waraxe IT Security Portal
Login or Register
November 24, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 70
Members: 0
Total: 70
Full disclosure
APPLE-SA-11-19-2024-5 macOS Sequoia 15.1.1
Local Privilege Escalations in needrestart
APPLE-SA-11-19-2024-4 iOS 17.7.2 and iPadOS 17.7.2
APPLE-SA-11-19-2024-3 iOS 18.1.1 and iPadOS 18.1.1
APPLE-SA-11-19-2024-2 visionOS 2.1.1
APPLE-SA-11-19-2024-1 Safari 18.1.1
Reflected XSS - fronsetiav1.1
XXE OOB - fronsetiav1.1
St. Poelten UAS | Path Traversal in Korenix JetPort 5601
St. Poelten UAS | Multiple Stored Cross-Site Scripting in SEH utnserver Pro
Apple web content filter bypass allows unrestricted access to blocked content (macOS/iOS/iPadOS/visionO S/watchOS)
SEC Consult SA-20241112-0 :: Multiple vulnerabilities in Siemens Energy Omnivise T3000 (CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879)
Security issue in the TX Text Control .NET Server for ASP.NET.
SEC Consult SA-20241107-0 :: Multiple Vulnerabilities in HASOMED Elefant and Elefant Software Updater
Unsafe eval() in TestRail CLI
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> All other hashes -> Salted SHA-1 hashes
Post new topicReply to topic View previous topic :: View next topic
Salted SHA-1 hashes
PostPosted: Fri Nov 07, 2008 7:38 pm Reply with quote
ApolloJain
Beginner
Beginner
Joined: Nov 07, 2008
Posts: 4




I have no access to a good computer so it is impossible to crack a hash in a reasonable amount of time. Thanks in advance. Also, post what dictionary you used and which program.

hash1: 2B74D47199B354D472437CCB57040A21FACB72CF4B5B0AF4
hash2: 003AA2321FE6379EF15DB450CA50D8A3FA735E92631EFD66

Thanks!,
Apollo
View user's profile Send private message
PostPosted: Sat Nov 08, 2008 8:53 pm Reply with quote
waraxe
Site admin
Site admin
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




Salted? Where is salt then? And what algorithm?
View user's profile Send private message Send e-mail Visit poster's website
Al Gore - ithim
PostPosted: Mon Nov 10, 2008 1:51 pm Reply with quote
ApolloJain
Beginner
Beginner
Joined: Nov 07, 2008
Posts: 4




I believe the algorithm to be SHA-1

They are from Mac OSX 10.4.11 and were extracted using MacKrack

Does that help at all? Smile

Also, I thought the salt was the first 6 digits but IDK for sure. Confused
View user's profile Send private message
Re: Al Gore - ithim
PostPosted: Mon Nov 10, 2008 2:23 pm Reply with quote
ApolloJain
Beginner
Beginner
Joined: Nov 07, 2008
Posts: 4




Excuse my pun



I imagine the passwords being between 7 and 10 but they could probably be anywhere from 5 to 12.
View user's profile Send private message
PostPosted: Mon Nov 10, 2008 2:45 pm Reply with quote
waraxe
Site admin
Site admin
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




I found good article about such hashes:

http://www.dribin.org/dave/blog/archives/2006/04/28/os_x_passwords_2/

... and i'm trying right now some tricks in order to be able to crack them with passwordspro. But there is no guarantee of course. And there was information, that JohnTheRipper is able to crack this hashes - i suggest to look at it.
View user's profile Send private message Send e-mail Visit poster's website
Rainbox Tables
PostPosted: Mon Nov 10, 2008 5:30 pm Reply with quote
ApolloJain
Beginner
Beginner
Joined: Nov 07, 2008
Posts: 4




Would online SHA-1 rainbow table be put to any use or not

in Sha-1 salt algorithm, isn't the format SALTPASSWORD
so if your password was qwerty with a salt of 12345 wouldn't it be hashed Sha1 as 12345qwerty and if you took off the salt of the front of the hash you could search it in a rainbow table and if the rainbow table had 12345qwerty could you find it?



I ramble. Rolling Eyes
View user's profile Send private message
PostPosted: Mon Nov 10, 2008 5:45 pm Reply with quote
waraxe
Site admin
Site admin
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




In case of MacOSX SHA-1 salted hashes you can't use traditional rainbow tables, because salt is 4 bytes of binary data. Chances are, that all four bytes of salt are alpha or alphanumeric or something like that, but in most cases those 4 bytes are containing non-traditional characters. For example, in one of your salts there is binary zero. So in other words you can't find downloadable rainbow tables with such charset (all 256 char variations) and building them yourself is not helping either, because they will be too big and performance too poor.
Only real choices are bruteforce and wordlist methods. I tried all my wordlists and some limited bruteforce and got no success. If the password is strong enough, then it's very hard to crack or it can be virtually uncrackable in case of very good password ...
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Sat Nov 15, 2008 4:18 am Reply with quote
Ricardo-san
Regular user
Regular user
Joined: Nov 13, 2008
Posts: 11




Well, well, well...what do we have here? It seems Apollo wants to extract the root pass for our iBooks! Heh heh searching the pass on Google automatically came to this thread, seems like waraxe has a pretty good PageRank. Smile
I've been following this thread for a couple days now Apollo...seems you've gotten just as far as me. Wink
I've found the exact same hash hidden in var/db/shadow/hash/<guid>
Code:
2B74D47199B354D472437CCB57040A21FACB72CF4B5B0AF4

I'm trying to compile John the Ripper thru single-user mode, but apparently the -make command doesn't exist.
Anyway, I've tested around 200 wordlists with macKrack all with no results. Trying the brute force method just freezes my box.
Btw, the salted hash should be this:
Code:
root:2B74D47199B354D472437CCB57040A21FACB72CF4B5B0AF4

If I'm not mistaken. Smile
Thanks for the help...um also another thing there is a way to reset the administrator password thru single-user mode, but extracting the hash is much more discreet. Resetting the password is easily noticeable lol if one of the admin's attempts to login.
View user's profile Send private message Visit poster's website MSN Messenger
Salted SHA-1 hashes
www.waraxe.us Forum Index -> All other hashes
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 1 of 1

Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.050 Seconds