-3

I want use hashcat or John the Ripper to crack the hash of a password. I know the password was created using the following command:

openssl passwd -crypt -salt tl ********

The asterisks, of course, are placeholders for the actual password. I know for sure that the password has 8 characters, and that the salt is tl. How exactly can I use hashcat or John the Ripper to crack the password hash?

Diego
  • 3
  • 2
  • 4
    Have you made any attempts at answering the question yourself yet? –  Sep 25 '19 at 18:01
  • I tried to do a decrypt with hashcat but i don't know how pass a dictionary with a salt to try to decrypt. Could you help me? – Diego Sep 26 '19 at 15:56
  • 1
    Please [edit] your question and add those steps that you have tried. The more you add, the easier it is for us to help. –  Sep 26 '19 at 16:36

1 Answers1

2

openssl passwd creates a traditional DES crypt hash:

-crypt
    Use the crypt algorithm (default).

Hashcat mode 1500 will process that type of hash:

Hashcat generic hash types table

You don't need to provide the salt, it's part of the encoded hash string, and hashcat will automatically parse it when using hash mode 1500.

gowenfawr
  • 71,975
  • 17
  • 161
  • 198
  • If your hash is in the file `hashfile`, then `hashcat64.bin -m 1500 -a 3 hashfile` should do it and it shouldn't take too long on modern hardware. – Chris W. Oct 26 '19 at 14:59