2

I'm using Kali Linux and trying to crack my own /etc/passwd file with the username "matt". I've unshadowed it however trying to use Hashcat or JohnTheRipper to identify and crack it has yielded no results. The $y$ prefix doesn't seem to come up on any hash lists or help files. Can anyone identify it or know which has to use to crack Kali passwords.

Appreciate the help, here is the hash below:

matt:$y$j9T$Yj1Xe/fDeKFEWkvfg5v280$yy6OrSBDv6QX4eUN7Mq8LmCJFR3BcGrllIi5Ogk8RQ6:1005:1005::/home/matt:/bin/sh
schroeder
  • 123,438
  • 55
  • 284
  • 319
Valkyr
  • 21
  • 1
  • 3
  • 1
    As a general suggestion, posting your password hash on public forums is not necessarily a good idea. Of course, you were probably using a test password, but it's still worth saying: if this hash represents an actual password you use, you should consider this password compromised and change it everywhere. – Conor Mancone May 04 '21 at 10:39
  • Is it `$y$` or `$2y$`? – schroeder May 04 '21 at 10:56
  • 2
    This is more of a linux question than a security question. You want to know which hash was used based on the Linux hash types. And upon googling your issue, I got: https://unix.stackexchange.com/questions/430141/how-to-find-the-hashing-algorithm-used-to-hash-passwords and https://unix.stackexchange.com/questions/642570/the-format-of-encrypted-password-in-etc-shadow – schroeder May 04 '21 at 10:58
  • 2
    I appreciate it @ConorMancone however this was just a test account created for this specific purpose, the password is "helloworld" – Valkyr May 04 '21 at 11:00
  • 2
    So it turns out that it is a yescrypt hash and isn't supported by hashcat for cracking yet – Valkyr May 04 '21 at 11:12

0 Answers0