Cracking a salted hash using a dictionary in python

Question

im currently attempting a question where i have to crack a salted hash in python given the hash e77decd0e7c8a7b4688b010241bece45 and the salt "$goodluck$". I have tried downloading 10 million of the most popular passwords (https://github.com/danielmiessler/SecLists/blob/master/Passwords/Common-Credentials/10-million-password-list-top-1000000.txt), and using that as a dictionary. I then attach the salt to the word, encrypt it and then hash it. This is then compared to the given hash value. However i still have not been able to crack it. Here is my code:


import hashlib 
from Crypto.Cipher import AES
from Crypto.Random import get_random_bytes
from Crypto.Hash import MD5

def dictionary_attack(password_hash):

    dic = lines #extracted from file
    pass_found = False

    for word in dic:
        word = word+"$goodluck$"

        key = get_random_bytes(16)
        cipher = AES.new(key, AES.MODE_EAX)
        ciphertext, tag = cipher.encrypt_and_digest(word.encode('utf-8'))

        hashed_val = MD5.new()
        hashed_val.update(ciphertext)
        hashed_val = hashed_val.hexdigest()

        if hashed_val == password_hash:
            pass_found = True
            recovered_password = word

    if pass_found:
        print("Your password is: {}".format(recovered_password))
    else:
        print("Password not found")

dictionary_attack("e77decd0e7c8a7b4688b010241bece45")

Any help would be greatly appreciated. Thanks

Maybe the password is not on the 10 million list. Is this some homework assignment? Did someone tell you the password is in that list? — Joe, Apr 22 '20 at 06:49
This is a homework question. I wasn't given any dictionary or word list or anything so its possible the password is not in the list, but i doubt they would make it that difficult. — BarTM, Apr 22 '20 at 08:36

Joe · Answer 1 · 2020-04-23T04:58:20.863

0

Did you use this or this list?

Please try a reverse approach so see if you algorithm works or if there is something wrong:

pick a password
salt it
get the hash
generate some small list with that password and some others
feed that list and the hash to your function and see if it works

Ok, so that means that your code actually works and the password is not on the list. Instead of using that list, find the "The Top 500 Worst Passwords " and try them.

I don't know which library is faster, so just try it and get the duration for a reasonable amount of passwords to average out overhead, e.g. pick that many passwords that the duration is about one minute.

edited Apr 23 '20 at 04:58

answered Apr 22 '20 at 10:04

Joe

6,758
2
26
47

Did you try it? – Joe Apr 23 '20 at 04:36
I am trying it now, its just a bit slow. Do you recommend using pycryptodome to do the hashing and encoding? Or would hashlib be fine? – BarTM Apr 23 '20 at 04:37
It works. I picked some passwords form the first link, salted then hashed it and fed that to the function and managed to get the password back. – BarTM Apr 23 '20 at 04:44
Edited my question. – Joe Apr 23 '20 at 04:58
Oh i managed to get it. It was small mistakes with Pycrypto, so i switched back to hashlib. Then the salt just had to be placed in front of the word. Thanks for your help – BarTM Apr 23 '20 at 04:59

Cracking a salted hash using a dictionary in python

1 Answers1