NEW: We have a Discord server now. Click here to go there now!

NOTE: Why not use our List Manager to crack your lists? Its easy and enables better management.

NOTE: When cracking WPA/WPA2 passwords, make sure you check gpuhash.me first incase it's already been processed.

Home - General Discussion - Zynga hash format


11 Results - Page 1 of 1 -
1
Author Message
Avatar
team_cyclone

Status: Cracker
Joined: Sun, 25 Aug 2019
Posts: 389
Team:
Reputation: 360 Reputation
Online
Tue, 05 Nov 2019 @ 14:25:15

Zynga database hash type.

I can confirm Zynga hash format is sha1:--salt--:pass-- (same structure as 8tracks).

ex:
b9b1db231c3fe3459e7add0c6448e9ff62d36d07:--a6cace9c88ca86d1b783829214081d13bc1b60c9--:gjn54321--

Hashcat example:

Use -m120 and create dash.rule to append -- to the end of the passwords candidates:
ex dash.rule which turns "password" into "password--":
$-$-

ex:
hashcat.bin -m120 -a0 -w4 -O 'b9b1db231c3fe3459e7add0c6448e9ff62d36d07:--a6cace9c88ca86d1b783829214081d13bc1b60c9--' wordlist.txt -r dash.rule

You can also stack rules, just make sure to put dash.rule last so the password candidate has -- appended:
-r best64.rule -r dash.rule

Verified cracked Zynga hash:
https://hashes.org/verifier.php?accessKey=7c0fzUCkblqrbrlSTgPKb27PpaM2bMDXNSdtApBAEpE3cNS8OnZNuQjw56ce3NlD


Sysadmin by day | Hash cracker by night | GPU: 120 GH/s
ETH: 0xc6016a2D04031f9665761E4Db2363Cceaa4146A3
BTC: 1Fg38ik9xBFCQiVdAi9ztobJ9rGUYyefR5
+rep

Avatar
team_cyclone

Status: Cracker
Joined: Sun, 25 Aug 2019
Posts: 389
Team:
Reputation: 360 Reputation
Online
Tue, 05 Nov 2019 @ 15:40:24

Note: Only certain Zynga hashes are confirmed SHA1DASH. The remaining hash formatting is unknown as of this post.


Sysadmin by day | Hash cracker by night | GPU: 120 GH/s
ETH: 0xc6016a2D04031f9665761E4Db2363Cceaa4146A3
BTC: 1Fg38ik9xBFCQiVdAi9ztobJ9rGUYyefR5
+rep

Avatar
dnimativ

Status: Member
Joined: Wed, 27 Feb 2019
Posts: 220
Team:
Reputation: 65 Reputation
Offline
Tue, 05 Nov 2019 @ 16:08:42

team_cyclone said:

Note: Only certain Zynga hashes are confirmed SHA1DASH. The remaining hash formatting is unknown as of this post.

Thanks for confirming this. I thought they looked a bit funny in the original format ... it's 8tracks all over again.


Avatar
marviha1

Status: Cracker
Joined: Wed, 24 Jul 2019
Posts: 123
Team:
Reputation: 73 Reputation
Online
8 days ago

team_cyclone said:

Zynga database hash type.

I can confirm Zynga hash format is sha1:--salt--:pass-- (same structure as 8tracks).

ex:
b9b1db231c3fe3459e7add0c6448e9ff62d36d07:--a6cace9c88ca86d1b783829214081d13bc1b60c9--:gjn54321--

Hashcat example:

Use -m120 and create dash.rule to append -- to the end of the passwords candidates:
ex dash.rule which turns "password" into "password--":
$-$-

ex:
hashcat.bin -m120 -a0 -w4 -O 'b9b1db231c3fe3459e7add0c6448e9ff62d36d07:--a6cace9c88ca86d1b783829214081d13bc1b60c9--' wordlist.txt -r dash.rule

You can also stack rules, just make sure to put dash.rule last so the password candidate has -- appended:
-r best64.rule -r dash.rule

Verified cracked Zynga hash:
https://hashes.org/verifier.php?accessKey=7c0fzUCkblqrbrlSTgPKb27PpaM2bMDXNSdtApBAEpE3cNS8OnZNuQjw56ce3NlD

I correctly understood that if the hash is b9b1db231c3fe3459e7add0c6448e9ff62d36d07:--a6cace9c88ca86d1b783829214081d13bc1b60c9--, then in hashcat we use -m 120 b9b1db231c3fe3459e7add0c6448e9ff62d36d07:a6cace9c88ca86d1b783829214081d13bc1b60c9 ?


Please + rep If I helped you.
BTC: 1BpYCcocrQtFzck7RFPmELfMRnoP4HEju6

Avatar
team_cyclone

Status: Cracker
Joined: Sun, 25 Aug 2019
Posts: 389
Team:
Reputation: 360 Reputation
Online
8 days ago

You’ll need to keep the -- on both sides of the salt as illustrated in my example (same formatting as 8tracks).

b9b1db231c3fe3459e7add0c6448e9ff62d36d07:--a6cace9c88ca86d1b783829214081d13bc1b60c9--

Most of the Zynga hashes showing up here on HK don’t appear to be crackable.


Sysadmin by day | Hash cracker by night | GPU: 120 GH/s
ETH: 0xc6016a2D04031f9665761E4Db2363Cceaa4146A3
BTC: 1Fg38ik9xBFCQiVdAi9ztobJ9rGUYyefR5
+rep

Avatar
stackerofwheat

Status: n/a
Joined: Mon, 05 Nov 2018
Posts: 121
Team:
Reputation: 10 Reputation
Online
8 days ago

Seems like there's two possibilities:

1) Most of the Zynga hashes aren't user-created passwords but computer-genereated login tokens for people who login via sites like facebook. Since the tokens are most likely long randomly generated strings of letters and numbers prob next to impossible to crack.

2) Most of the Zynga hashes are some variation of SHA1 algorithm other than SHA1DASH but impossible to distinguish from regular SHA1 unless you know the variation in advance. In this case gotta use trial and error to try and uncover the modified algorithm. Who discovered how to modify the 8tracks hashes? They might be able to provide some insight.


Avatar
r00r

Status: n/a
Joined: Tue, 28 Jun 2016
Posts: 62
Team:
Reputation: 18 Reputation
Online
8 days ago

stackerofwheat said:

Seems like there's two possibilities:

1) Most of the Zynga hashes aren't user-created passwords but computer-genereated login tokens for people who login via sites like facebook. Since the tokens are most likely long randomly generated strings of letters and numbers prob next to impossible to crack.

2) Most of the Zynga hashes are some variation of SHA1 algorithm other than SHA1DASH but impossible to distinguish from regular SHA1 unless you know the variation in advance. In this case gotta use trial and error to try and uncover the modified algorithm. Who discovered how to modify the 8tracks hashes? They might be able to provide some insight.

Whether or not the second part is true, I'm 99% certain the first part is. There will be a small amount that have standard logins, but it seems like the vast majority of Zynga's userbase came from Facebook and therefore will just have a token


Avatar
dnimativ

Status: Member
Joined: Wed, 27 Feb 2019
Posts: 220
Team:
Reputation: 65 Reputation
Offline
7 days ago

stackerofwheat said:

Who discovered how to modify the 8tracks hashes? They might be able to provide some insight.

The dash format of the 8tracks was almost certainly discovered by brute forcing, and then seeing that the ones that were solved had two dashes at the end.

That's doable processing-wise if you stick to less than 10 keyspaces, and work on a huge batch for a good sample size. Some of them are bound to be shorter solutions.


Avatar
dnimativ

Status: Member
Joined: Wed, 27 Feb 2019
Posts: 220
Team:
Reputation: 65 Reputation
Offline
7 days ago

team_cyclone said:

Zynga database hash type.

[color=#cccccc]I can confirm Zynga hash format is sha1:--salt--:pass-- (same structure as 8tracks).

Just want to do a followup here - are you sure about this? Because I thought it was hash:salt, with dashes added, which would make it -m110, not -m120. I'm pretty sure I've verified a few 8tracks using this format. Though I guess that might depend on how you list the hash & salt in the file that hashcat reads, since I have it set up as hash:salt.


Avatar
Mexx666666
Moderator
Status: Elite
Joined: Fri, 21 Jul 2017
Posts: 1412
Team:
Reputation: 3319 Reputation
Online
7 days ago

dnimativ said:

team_cyclone said:

Zynga database hash type.

[color=#cccccc]I can confirm Zynga hash format is sha1:--salt--:pass-- (same structure as 8tracks).

Just want to do a followup here - are you sure about this? Because I thought it was hash:salt, with dashes added, which would make it -m110, not -m120. I'm pretty sure I've verified a few 8tracks using this format. Though I guess that might depend on how you list the hash & salt in the file that hashcat reads, since I have it set up as hash:salt.

It's 100% -m 120 same as 8tracks hashes (sha1:--salt--:pass--).


PLZ +rep if I helped out!

BTC: 1FxAJJhcqf2DXt[remove]PkdTQi56uc3EGxYQjG4T
PP: mexx66[remove]@gmx.net
Discord: Mexx666666#2361 for PRIVATE & confidential quality hash cracking @ reasonable compensation (email hashes, ALL hashtypes in general)
Telegram: mexx666666

Avatar
team_cyclone

Status: Cracker
Joined: Sun, 25 Aug 2019
Posts: 389
Team:
Reputation: 360 Reputation
Online
7 days ago

dnimativ said:

...I thought it was hash:salt, with dashes added, which would make it -m110, not -m120..

You have the correct formatting with hash:salt, but that is -m120. -m110 is hash:pass:salt.

https://hashcat.net/wiki/doku.php?id=example_hashes

110 sha1($pass.$salt)
120 sha1($salt.$pass)


Sysadmin by day | Hash cracker by night | GPU: 120 GH/s
ETH: 0xc6016a2D04031f9665761E4Db2363Cceaa4146A3
BTC: 1Fg38ik9xBFCQiVdAi9ztobJ9rGUYyefR5
+rep


11 Results - Page 1 of 1 -
1

We have a total of 211057 messages in 25903 topics.
We have a total of 22945 registered users.
Our newest registered member is ThomasOverLord.