.

What crypto hash function is used...

<<

cb122

Newbie
Newbie

Posts: 20

Joined: Tue Jan 15, 2013 8:54 am

Post Tue Jan 15, 2013 10:04 am

What crypto hash function is used...

Is it at all possible for a trained eye to be able to determine which cryptographic hash function is used to hash users passwords in a database table for a specific application. We have an application that doesn’t use oracles default authentication so the application user hashes aren’t stored within $sys.users, they are in a random table specific to the application.  My question is, if you can see the hashes in that table, could you tell which hash function hashed them? Or is there a tool to feed the hash into and for it to tell you which hash function hashed these passwords? Its hard to identify a tool to run dictionary password tests over if you don’t know what hash function is used.
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Tue Jan 15, 2013 10:09 am

Re: What crypto hash function is used...

There is a tool called hash_id.py in backtrack that will do exactly that.

/pentest/passwords/hash-identifier/
<<

cb122

Newbie
Newbie

Posts: 20

Joined: Tue Jan 15, 2013 8:54 am

Post Tue Jan 15, 2013 10:14 am

Re: What crypto hash function is used...

Thanks for the reply. Is there anyway to use that tool "outside" of the backtrack framework tool? Would you need to export the hashes first, how does the process work, how are the hashes "fed in" to the tool? Please excuse my ignorance as I'm new to this.
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Tue Jan 15, 2013 10:19 am

Re: What crypto hash function is used...

Just use fgdump on a non-critical DC: http://www.foofus.net/~fizzgig/fgdump/

I say "non critical" because LSASS has been known to crash.

This will dump all the domain hashes to a text file and then use them in whatever tool you want, wherever it lives.

This will get flagged by your AV so be sure to shut it down first.
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Tue Jan 15, 2013 11:30 am

Re: What crypto hash function is used...

Thanks cd1zz for the replay, I didn't know about this tool.

And cd122 stoled cd1zz username!! I see double now...  :D
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 448

Joined: Thu Mar 03, 2011 3:54 am

Post Tue Jan 15, 2013 12:04 pm

Re: What crypto hash function is used...

H1t M0nk3y wrote:And cd122 stoled cd1zz username!! I see double now...  :D


cb122 ;)  Close enough, had me doing a double-take haha
GSEC, eCPPT, Sec+
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Tue Jan 15, 2013 1:20 pm

Re: What crypto hash function is used...

Now you all now that I am dyslexic... I mix my d, b, p and q, along with u, n and m...

I hate that!!!  :-[
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 448

Joined: Thu Mar 03, 2011 3:54 am

Post Tue Jan 15, 2013 1:58 pm

Re: What crypto hash function is used...

Well now I feel like an asshole... :-[
GSEC, eCPPT, Sec+
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Tue Jan 15, 2013 2:36 pm

Re: What crypto hash function is used...

No, don't feel bad!!

Sorry about this, I re-read my last post and I appologize, I really didn't mean to make you feel bad.

I hate being dyslexic, but I didn't hate your comment.

Sorry about the confusion, it's my fault.  ;)
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 448

Joined: Thu Mar 03, 2011 3:54 am

Post Tue Jan 15, 2013 2:44 pm

Re: What crypto hash function is used...

Oh good *phew* (re: your feelings about my comment) :)

cd1zz wrote:There is a tool called hash_id.py in backtrack that will do exactly that.

/pentest/passwords/hash-identifier/


I didn't know about this tool, thanks!
GSEC, eCPPT, Sec+
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Tue Jan 15, 2013 2:59 pm

Re: What crypto hash function is used...

Ouff, I will try to read my emails twice next time!  :D
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Tue Jan 15, 2013 11:33 pm

Re: What crypto hash function is used...

The day you stop learning is the day you start becoming obsolete.

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software