20

I'd like to attack a self-created sha256 hash with john --wordlist=

So far I've done the following:

$ echo 'testpassword' | sha256sum > mypassword

removed the tail of the output with vim

$ cat mypassword
dc460da4ad72c482231e28e688e01f2778a88ce31a08826899d54ef7183998b5

penetrate with john

$ john --wordlist=list.txt --format=raw-sha256 mypassword

result:

Using default input encoding: UTF-8
Loaded 1 password hash (Raw-SHA256 [SHA256 128/128 SSE2 4x])
Press 'q' or Ctrl-C to abort, almost any other key for status
0g 0:00:00:06 DONE (2017-01-06 12:47) 0g/s 2347Kp/s 2347Kc/s 2347KC/s
Session completed

show

$ john --show mypassword
0 password hashes cracked, 1 left

What did I do wrong? Is raw-sha256 not the right format? The test password is definitely in the wordlist.

user430
  • 303
  • 1
  • 2
  • 5

1 Answers1

40

Your string has an unintended line break at the end. Use -n to omit the trailing newline character:

echo -n 'testpassword' | sha256sum > mypassword

Otherwise you end up with a different hash:

$ echo testpassword | sha256sum
e0d7d338cb1259086d775c964fba50b2a84244ba4cd2815e9f6f4a8d9daaa656  -
$ echo -n testpassword | sha256sum
9f735e0df9a1ddc702bf0a1a7b83033f9f7153a00c29de82cedadc9957289b05  -

Then just proceed as you did.

Demo:

$ echo -n "abc123" | sha256sum | cut -f 1 -d " " > password
$ john --format=raw-sha256 password
$ john --show password
?:abc123

1 password hash cracked, 0 left

(I used cut to remove the hyphen after the hash.)

Matthias Braun
  • 421
  • 3
  • 12
Arminius
  • 43,922
  • 13
  • 140
  • 136