3

I want to crack the preimage of a SHA-256 hash, it is an exercise and my only hint is: Concatenation of four visible words.

I have tried to google the hash and put it into several online crackers / rainbow tables already. I think bruteforce is not an option because four words should be too long in sum, even if each word on its own is short.

So the only thing left would be a dictionary attack, right? But four word dictionaries should be too large to search through, I have tried to generate some via hashcat-utils/combinator.bin and got a RAM overflow at about 50GB even for a short input dictionary. For more popular English nouns (top100) I have created small dictionaries of 4 words with no success either.

Any ideas how to approach this further?

PS: visiblevisiblevisiblevisible is unfortunately not the answer - I tried these puns as well. :-)

BeatriceCastiglioni
  • 57
  • 2
  • Four "visible" words? I would suggest getting a list of [concrete nouns](https://www.writing.com/main/view_item/item_id/1757079-Concrete-Nouns-List) and try your search using this restricted dictionary. If you have no more than 2^12 common nouns, then you should be able to complete a 2^48 search in reasonable time. I hope. – TheGreatContini May 10 '17 at 03:34
  • Have you tried 'fourvisiblewords'? The hint suggests this might be the password. Also, have you tried a dictionary containing just the words in the text of the exercise question (or from the entire page, if printed)? I presume these are the 'visible words' – Ryan May 10 '17 at 04:28
  • Thanks for the answers: Yes I have tried "fourvisiblewords" and a lot of other combinations which are possible if I take the hint literally. Today I tried the approach of Ryan without success and created two more dictionaries myself which did not work. – BeatriceCastiglioni May 10 '17 at 10:57

1 Answers1

0

You should try shorter wordlists like google-10000-english.txt or wordlists relating to hints from the exercise. Have a look at this article too: https://www.netmux.com/blog/cracking-12-character-above-passwords

Minh-Triet Pham Tran
  • 349
  • 4
  • 13