[Kli]

Still slightly confused about decrypting the hash, specifically the hashcat command I have the full hash, converted it to hex and trying to figure out the salt etc. Am I missing something or am I just stupid?

Read the java code you will get to know the sald

[AZUR]

Still slightly confused about decrypting the hash, specifically the hashcat command I have the full hash, converted it to hex and trying to figure out the salt etc. Am I missing something or am I just stupid?

The salt is there in its initial form. Just need to use that right as it is. The hash needs to be reconverted to hex, then cracked.

that I can't crack I only understood that i needed to go on cyberchef and (from base64 then + in hex)

That's exacly what you need to do.

what's the salt,my mind is gonna blow up ,i have been on this challenge for 5houres i thought about kms many times

So what you did in that 5 hours? If you was not able to check sources https://github.com/apache/ofbiz/blob/tru...Crypt.java

bro im 14  i can't fucking read java and i was trying other privesc

[Kli]

Still slightly confused about decrypting the hash, specifically the hashcat command I have the full hash, converted it to hex and trying to figure out the salt etc. Am I missing something or am I just stupid?

The salt is there in its initial form. Just need to use that right as it is. The hash needs to be reconverted to hex, then cracked.

that I can't crack I only understood that i needed to go on cyberchef and (from base64 then + in hex)

That's exacly what you need to do.

what's the salt,my mind is gonna blow up ,i have been on this challenge for 5houres i thought about kms many times

This is the code I used to crack the password since python do not support SHA like in java it is referred as sha1 in python

import hashlib
import base64
import os
def cryptBytes(hash_type, salt, value):
    if not hash_type:
        hash_type = "SHA"
    if not salt:
        salt = base64.urlsafe_b64encode(os.urandom(16)).decode('utf-8')
    hash_obj = hashlib.new(hash_type)
    hash_obj.update(salt.encode('utf-8'))
    hash_obj.update(value)
    hashed_bytes = hash_obj.digest()
    result = f"${hash_type}${salt}${base64.urlsafe_b64encode(hashed_bytes).decode('utf-8').replace('+', '.')}"
    return result
def getCryptedBytes(hash_type, salt, value):
    try:
        hash_obj = hashlib.new(hash_type)
        hash_obj.update(salt.encode('utf-8'))
        hash_obj.update(value)
        hashed_bytes = hash_obj.digest()
        return base64.urlsafe_b64encode(hashed_bytes).decode('utf-8').replace('+', '.')
    except hashlib.NoSuchAlgorithmException as e:
        raise Exception(f"Error while computing hash of type {hash_type}: {e}")
hash_type = "SHA1"
salt = "d"
search = "$SHA1$d$uP0_QaVBpDWFeo8-dRzDqRwXQ2I="
wordlist = '/usr/share/wordlists/rockyou.txt'
with open(wordlist,'r',encoding='latin-1') as password_list:
    for password in password_list:
        value = password.strip()
        hashed_password = cryptBytes(hash_type, salt, value.encode('utf-8'))
        # print(hashed_password)
        if hashed_password == search:
            print(f'Found Password:{value}, hash:{hashed_password}')

[haventdiedyet]

Still slightly confused about decrypting the hash, specifically the hashcat command I have the full hash, converted it to hex and trying to figure out the salt etc. Am I missing something or am I just stupid?

The salt is there in its initial form. Just need to use that right as it is. The hash needs to be reconverted to hex, then cracked.

that I can't crack I only understood that i needed to go on cyberchef and (from base64 then + in hex)

That's exacly what you need to do.

what's the salt,my mind is gonna blow up ,i have been on this challenge for 5houres i thought about kms many times

This is the code I used to crack the password since python do not support SHA like in java it is referred as sha1 in python

import hashlib
import base64
import os
def cryptBytes(hash_type, salt, value):
    if not hash_type:
        hash_type = "SHA"
    if not salt:
        salt = base64.urlsafe_b64encode(os.urandom(16)).decode('utf-8')
    hash_obj = hashlib.new(hash_type)
    hash_obj.update(salt.encode('utf-8'))
    hash_obj.update(value)
    hashed_bytes = hash_obj.digest()
    result = f"${hash_type}${salt}${base64.urlsafe_b64encode(hashed_bytes).decode('utf-8').replace('+', '.')}"
    return result
def getCryptedBytes(hash_type, salt, value):
    try:
        hash_obj = hashlib.new(hash_type)
        hash_obj.update(salt.encode('utf-8'))
        hash_obj.update(value)
        hashed_bytes = hash_obj.digest()
        return base64.urlsafe_b64encode(hashed_bytes).decode('utf-8').replace('+', '.')
    except hashlib.NoSuchAlgorithmException as e:
        raise Exception(f"Error while computing hash of type {hash_type}: {e}")
hash_type = "SHA1"
salt = "d"
search = "$SHA1$d$uP0_QaVBpDWFeo8-dRzDqRwXQ2I="
wordlist = '/usr/share/wordlists/rockyou.txt'
with open(wordlist,'r',encoding='latin-1') as password_list:
    for password in password_list:
        value = password.strip()
        hashed_password = cryptBytes(hash_type, salt, value.encode('utf-8'))
        # print(hashed_password)
        if hashed_password == search:
            print(f'Found Password:{value}, hash:{hashed_password}')

This worked, although I'm confused on how you would do this using cyberchef + hashcat. Any step by step guide?

[Sidiyo]

Thanks for the clarification guys

[maldev]

https://breachforums.rs/Thread-HackTheBo...e-Write-Up

[hackwell]

Still slightly confused about decrypting the hash, specifically the hashcat command I have the full hash, converted it to hex and trying to figure out the salt etc. Am I missing something or am I just stupid?

The salt is there in its initial form. Just need to use that right as it is. The hash needs to be reconverted to hex, then cracked.

that I can't crack I only understood that i needed to go on cyberchef and (from base64 then + in hex)

That's exacly what you need to do.

what's the salt,my mind is gonna blow up ,i have been on this challenge for 5houres i thought about kms many times

This is the code I used to crack the password since python do not support SHA like in java it is referred as sha1 in python

import hashlib
import base64
import os
def cryptBytes(hash_type, salt, value):
    if not hash_type:
        hash_type = "SHA"
    if not salt:
        salt = base64.urlsafe_b64encode(os.urandom(16)).decode('utf-8')
    hash_obj = hashlib.new(hash_type)
    hash_obj.update(salt.encode('utf-8'))
    hash_obj.update(value)
    hashed_bytes = hash_obj.digest()
    result = f"${hash_type}${salt}${base64.urlsafe_b64encode(hashed_bytes).decode('utf-8').replace('+', '.')}"
    return result
def getCryptedBytes(hash_type, salt, value):
    try:
        hash_obj = hashlib.new(hash_type)
        hash_obj.update(salt.encode('utf-8'))
        hash_obj.update(value)
        hashed_bytes = hash_obj.digest()
        return base64.urlsafe_b64encode(hashed_bytes).decode('utf-8').replace('+', '.')
    except hashlib.NoSuchAlgorithmException as e:
        raise Exception(f"Error while computing hash of type {hash_type}: {e}")
hash_type = "SHA1"
salt = "d"
search = "$SHA1$d$uP0_QaVBpDWFeo8-dRzDqRwXQ2I="
wordlist = '/usr/share/wordlists/rockyou.txt'
with open(wordlist,'r',encoding='latin-1') as password_list:
    for password in password_list:
        value = password.strip()
        hashed_password = cryptBytes(hash_type, salt, value.encode('utf-8'))
        # print(hashed_password)
        if hashed_password == search:
            print(f'Found Password:{value}, hash:{hashed_password}')

This worked, although I'm confused on how you would do this using cyberchef + hashcat. Any step by step guide?

this is a trick with base64.urlsafe_b64encode(). it replaces / by _ and + by - , thus the b64 is invalid and the hash length is not 40. Hashcat mode is 120.
this one cracks just fine : b8fd3f41a541a435857a8f3e751cc3a91c174362:d

[St4rry]

Still slightly confused about decrypting the hash, specifically the hashcat command I have the full hash, converted it to hex and trying to figure out the salt etc. Am I missing something or am I just stupid?

The salt is there in its initial form. Just need to use that right as it is. The hash needs to be reconverted to hex, then cracked.

that I can't crack I only understood that i needed to go on cyberchef and (from base64 then + in hex)

That's exacly what you need to do.

what's the salt,my mind is gonna blow up ,i have been on this challenge for 5houres i thought about kms many times

The hash format is $SHA$salt$xxxx, concealed within this hash, where the salt is 'd'.

[1mn0tb4tm4m]

To everyone who is searching for password. here is some hint. <logo><machine> no spaces. This is a big and only hint you need if you force your mind to see what is present in front of your eyes.
Happy Rooting!!!!

[raiderado]

Imagine there was no hint, this box wouldn't be called easy.