XVWA PBKDF2 with sha256 and 1000 iteration

Question

In XVWA (Xtreme Vulnerable Web Application) I presented with an PBKDF2 with sha256 and 1000 iteration as such:

<?php

function create_hash($password)
{
    // format: algorithm:iterations:salt:hash
    $salt = base64_encode(mcrypt_create_iv(PBKDF2_SALT_BYTE_SIZE, MCRYPT_DEV_URANDOM));
    return  $salt . " : " . 
        base64_encode(pbkdf2(
            PBKDF2_HASH_ALGORITHM,
            $password,
            $salt,
            1000,
            24,
            true
        ));
}
// where $password is a user supplied data.

https://github.com/s4n7h0/xvwa/blob/master/vulnerabilities/crypto/PasswordHash.php

Is there a way to retrieve the password?

Answer 1

You can try to reverse a hash value by trying to brute force it, i.e. run the has function over a list of possible (password) values until you encounter the same output. If this procedure can be successful is dependent on two questions:

• How fast can I compute a password hash (or in other words: how many passwords can I try per second)
• How complicated is the password (how many password will I have to try before I find the password)

The calculation time is the quotient of those two values. That is why one uses designated password hashing functions which are slow.

While PBKDF2 is designed as a password hashing function, it has a rather dated design and the parameters chosen here (1000 iterations) are not appropriate for modern hardware.

So, assuming the password is not too complicated, you might have a realistic chance to reverse the hash. The standard tools for such an attack are hashcat and john the ripper.