0

I installed the lastest version of PostgreSQL (13.2) to understand it better and I used the command SELECT usename, passwd from pg_shadow; to extract the hash with the default username postgres but I could not find any documantation of how to crack the password hash using john or hashcat so how can I do that ? the hash example which is 1234

SCRAM-SHA-256$4096:bPlu66YYvUgvDwY31jQZTA==$ZbSxNzZQqdtLi+fcj15pg7ywEg5mO3xNOVfZJ+/2n0Q=:9ll3Le0+81qTnFwonM4ROCzeTjCRizYdm3ZO5yu/wcE=
Improve this question
0

    1 Answer 1

    Reset to default
    0

    You need to use a crack method that is designed for SCRAM-SHA-256. If jtr or hashcat do not have this (and it looks like they don't at this point in time), then you cannot use those tools.

    Hashcat is working on this for -m 24200. You might be able to find a dev version that includes this.

    Improve this answer

      You must log in to answer this question.

      Start asking to get answers

      Find the answer to your question by asking.

      Ask question

      Explore related questions

      See similar questions with these tags.