hashcat for md5($salt.$pass)

md5 hashcat
David Mathias picture David Mathias · Dec 29, 2017 · Viewed 8.5k times · Source

How could i use hashcat to crack this hash?

Syntax:

md5(eWVzX3RoaXNfaXNfdmVyeV9sb25nX3NhbHRfdG9vpassword@123) = 531e89f00f009ced5e0001e33758d3c3

Salt: eWVzX3RoaXNfaXNfdmVyeV9sb25nX3NhbHRfdG9v

Plaintext: password@123

MD5: 531e89f00f009ced5e0001e33758d3c3

I have used following syntax and got Line-length exception error.

Syntax used:

  1. hashcat -a 0 -m 0 hash_pass rockyou.txt
  2. hashcat -a 0 -m 30 hash_pass rockyou.txt

Error:

Hashfile 'hash_pass' on line 1 (eWVzX3RoaXNfaXNfdmVyeV9sb25nX3NhbHRfdG9vpassword@123): Line-length exception

I know the salt. I have a wordlist. I have MD5 of above, i.e. md5($salt.$pass)

I am not sure, how to use hashcat to solve this challenge.

Request help.

Answer

Royce Williams picture Royce Williams · Feb 3, 2018

In this example, the salt is '123'.

$ echo -n 'password123' | md5sum
482c811da5d5b4bc6d497ffa98491e38  -

$ cat test.hash
482c811da5d5b4bc6d497ffa98491e38:123

$ echo "password" | hashcat --quiet -m 10 -a 0 -o test.out test.hash
$

$ cat test.out
482c811da5d5b4bc6d497ffa98491e38:123:password

(Note that --quiet is optional, and there to make my demonstration output simpler. And I use -a 3 for simplicity also, your attack will vary)

Related questions

How can I generate an MD5 hash?

Is there any method to generate MD5 hash of a string in Java?

Read More
Is it possible to decrypt MD5 hashes?

Someone told me that he has seen software systems that: retrieve MD5 encrypted passwords from other systems; decrypt the encrypted passwords and store the passwords in the database of the system using the systems own algorithm. Is that possible? I …

Read More
encrypt and decrypt md5

I am using code $enrypt=md5($pass) and inserting $encrypt to database. I want to find out a way to decrypt them. I tried using a decrypting software but it says the hash should be of exactly 16 bytes. is there …

Read More