0

I am attempting to understand the format for this Salted SHA1 hash for an assignment. The line of text I was given was:

nameExample@email.com,nameExample,nameExample@email.com,nameExample,,,aadefeff82b5c1a2272079151dc489822aeaa6ca,7391178a855af48e59ced36447c6bc2b9ade2536,f0c06e699ca51d75d97225fdabf1f04e8d1cffe7,a52e60313972af51e0787d8c3eb20abaa33eb7e1,,,,2012-06-01 12:29:15,2014-11-08 20:38:14,1,0,38526305,6,,,,BAh7BzoSYWNjZXB0ZWRfZXVsYXsGbCsHgF37U2wrBzB/XlQ6G2dhbWVfY2VudGVyX2FjY291bnRfaWRpA2C0Lw==,33481266665,

I got numerous errors (Separator unmatched, Token length exception) when I tried running Hashcat on the string of text with the following arguments:

hashcat64.exe -a 0 -m 110 hashExample.txt dictionaryExample.txt -r rules/best64.rule

hashcat64.exe -a 0 -m 120 hashExample.txt dictionaryExample.txt -r rules/best64.rule

hashcat64.exe -a 0 -m 130 hashExample.txt dictionaryExample.txt -r rules/best64.rule

hashcat64.exe -a 0 -m 140 hashExample.txt dictionaryExample.txt -r rules/best64.rule

Any tips on how to sift through the jargon and find the format for the Salted SHA1 hash?

WillForSchool
  • 1
  • 2

1 Answers1

0

hashcat wont do this for you, you need to extract the fields you want

using the seperator (-p) and ignore username (--username) switches might help, but you are going to have to get the text into a format hashcat understands first.

looking at your extract there are 25 fields:

  • 9 empty
  • 4 username/email
  • 4 Hex SHA1 hashes
  • 3 single digits
  • 2 timestamps
  • an 11 digit number
  • an 8 digit number
  • a base 64 encoded SHA512 hash

If this is consistant theres not many options

EnviableOne
  • 157
  • 8
  • Yes, it seems that the information is part of a table and needs to be shortened. I just can't figure out which field is the salt for the hashes. – WillForSchool Mar 04 '20 at 02:19
  • the problem is you can't nativley tell which format it is SHA1 will allways come out at the same size, however its salted. Its part of the process to work out which format the encrypter used. the hash is probably one of the 4 hex strings, its possible the salt is too, or the salt could be the base64 string, or the 11 digit number. Do you have any more information about which is which? – EnviableOne Apr 24 '20 at 09:47