OPVault format and hashcat
Hi - Has anyone been able to run hashcat on the opvault format? It looks a bit different than the cloudkeychain format.
I've tried -m 8200 but obviously that fails.
I'm currently syncing via icloud and dropbox, and using
1Password 7
Version 7.1.BETA-3 (70100003)
AgileBits Beta
Thanks, Scott
1Password Version: 7.1.BETA-3 (70100003)
Extension Version: Not Provided
OS Version: MacOS 10.13.6
Sync Type: icloud and dropbox
Comments
-
Last I checked it wasn't really feasible to brute force OPVault (unless you're trying to brute force your own password and know it to be relatively weak, thus shrinking the search space). Vendors out there who work on stuff like this for law enforcement have been using AgileKeychain (and old ones with low iterations at that) to demo last I saw.
0 -
I recall that the both the John the Ripper community and the hashcat community have developed modules for OPVault shortly after it was first published. But you will have to ask them, as I looked at these when they were first developed and have forgotten about them.
0 -
@jpgoldberg: I was thinking of Elcom, since they're selling the capability to brute force 1Password data...but only advertise this (as far as I've seen) for old AgileKeychains. Since it's their business, I imagine they'd be promoting the same for OPVault if they had a viable solution to sell for that.
0 -
Thanks @brenty. It might be interesting to know why Elcomsoft isn't advertising a cracker of OPVault. My guess is that they don't have optimized libraries for PBKDF2-H512 and so their guessing rate would be embarrassingly slow.
0
