PBKDF2-HMAC-* not recognized

[lap1nou]

Hello,

Thank you for this amazing tool.

I think hash of type PBKDF2-HMAC-* is not recognized, for example the hash mode 11900 of hashcat:

haiti -e 'md5:1000:MTg1MzA=:Lz84VOcrXd699Edsj34PP98+f4f3S0rTZ4kHAIHoAjs='

# Unknown hash type

• PBKDF2-HMAC-MD5 (11900)
• PBKDF2-HMAC-SHA1 (12000)
• PBKDF2-HMAC-SHA256 (10900)
• PBKDF2-HMAC-SHA512 (12100)

Regards.

[github-actions]

Hey, thank you for opening this issue! 🙂 To boost priority on this issue and support open source please tip the team at https://issuehunt.io/r/noraj/haiti/issues/160

[noraj]

Where those hash are coming from? Which software and version? The format don't seem common.

Not supported yet:

• PBKDF2-HMAC-MD5 (HC 11900)
• PBKDF2-HMAC-SHA1 (HC 20400)
• PBKDF2-HMAC-SHA512 (HC 12100)

Supported:

• PBKDF2-HMAC-SHA1 (JtR pbkdf2-hmac-sha1)
• PBKDF2-HMAC-SHA256 (JtR pbkdf2-hmac-sha256 + django, vbox, cisco, etc.)
• PBKDF2-HMAC-SHA256 (HC 10900 (PHP))
• PBKDF2-HMAC-SHA512 (HC 7100 (OSX) JtR pbkdf2-hmac-sha512)

[lap1nou]

Hey @noraj,

I saw one of them being used by this: https://werkzeug.palletsprojects.com/en/3.0.x/utils/#module-werkzeug.security.

[noraj]

Ok I'll check if it's python hashlib format or if it's werkzeug that is formating them this way.

[noraj]

hashlib by itself format classical format either in hex or raw binary

>>> import hashlib
>>> hashlib.pbkdf2_hmac('md5', b'password', b'bad salt' * 2, 500_000).hex()
'07fbc83dbfa2c08236c1fb59a56e58ef'

werkzeug use this format

>>> import werkzeug
>>> werkzeug.security.generate_password_hash('password', method='pbkdf2:md5', salt_length=16)
'pbkdf2:md5:600000$KeQ0sF2wqnb9UI5Z$9cc66c4bde295ec5d5ed1417cd36aa1b'

So could you tell me more about where does this hash come from? Because the format doesn't match.

[noraj]

I added a lot of new formats and enhanced existing ones related to PBKDF2 in this branch: https://github.com/noraj/haiti/compare/noraj/pbkdf2?expand=1

There is still some work:

• fix
  • PBKDF2-SHA512(Generic) / HC 20200
  • Telegram Desktop >= v2.1.14 (PBKDF2-HMAC-SHA512) / HC 24500
• add
  • Web2py pbkdf2-sha512 / HC 21600
  • Telegram Desktop < v2.1.14 (PBKDF2-HMAC-SHA1) / HC 22600
  • VMware VMX (PBKDF2-HMAC-SHA1 + AES-256-CBC) / HC 27400
  • ENCsecurity Datavault (PBKDF2) / HC 29910 / 29920
  • werkzeug format
• verify
  • HC 20300
  • HC 20400
  • Telegram Mobile App Passcode (SHA256) / HC 22301 (not related to PBKDF2)
  • telegram JtR

[lap1nou]

@noraj Thank you really much, sorry I couldn't help you I had a lot of work this week, hope I can contribute someday.

Regards.

[noraj]

@lap1nou Do you want me to assign you #162?

[lap1nou]

@noraj I can try to propose some changes yup.

[noraj]

About PBKDF2?

[lap1nou]

About #162.

[noraj]

Yeah please do. Make a comment on it so I can assign it to you.

[noraj]

@lap1nou I would like to release 2.0.0 this weekend, so I'll manage #162 myself as I see on your fork that you don't have a WPA branch yet. So please don't start to work on it. If you want to add some new types, please look at uncommon hash types on https://hashcat.net/wiki/doku.php?id=example_hashes and check if they exist in prototypes.json. Thanks for wanting to help ;)

Update: I tagged #162 for 2.0.1 milestone so please feel free to work on it.