Skipping Russian passwords in ver. 0.14

August 25, 2013, 3:19 am

≫ Next: Big hash list problem

≪ Previous: how to limit the number of characters?

$

0

0

For example, I have a wordlist of 3614 Russian words, their length is 1 to 5:

http://www.sendspace.com/file/i9snlt

I hash them into MD5 with the Passwordspro Hash Generator plugin, receive 3614 hashes:

http://www.sendspace.com/file/sbfmjx

If I try to crack them with the ?R?R?R?R?R mask,



only 990 of them are cracked.



BUT! If you point out all the Russian alphabete in a charset



and use the mask ?1?1?1?1?1 - voila! All 3614 hashes are cracked!



So, the question is - how does it come out and what symbols does the ?R mask use? 10x.

PS: The version 0.15 doesn't work with the ?R mask at all:

---

Big hash list problem

August 25, 2013, 8:16 am

≫ Next: Rules Mask

≪ Previous: Skipping Russian passwords in ver. 0.14

$

0

0

Ey guys,

Just updated to 0.15

and now when trying to bruteforce a big list
(+5mil hashes) it gives an error and exits.
(this was good in 0.14, but I updated because I liked the +15 passwords)

===
oclHashcat-plus v0.15 by atom starting...

Hashes: 5743744 total, 1 unique salts, 5743744 unique digests
Bitmaps: 21 bits, 1048576 entries, 0x000fffff mask, 4194304 bytes
Rules: 1
Workload: 128 loops, 80 accel
Watchdog: Temperature abort trigger set to 80c
Watchdog: Temperature retain trigger set to 80c
Device #1: BeaverCreek, 512MB, 444Mhz, 4MCU
Device #2: Caicos, 1024MB, 444Mhz, 2MCU
Device #1: Kernel ./kernels/4098/m0100_a0.BeaverCreek_1124.2_1124.2 (VM).kernel (982864 bytes)
Device #1: Kernel ./kernels/4098/bzero.BeaverCreek_1124.2_1124.2 (VM).kernel (33872 bytes)
ERROR: clCreateBuffer() -61

Rules Mask

August 25, 2013, 9:40 am

≫ Next: New and learning

≪ Previous: Big hash list problem

$

0

0

Using Hashcat Plus with ATI card. I have a very large password list all numbers. I know the password i am trying to recover is 10 digit and does not use consecutive digits more than 2 time. (example 0122345678=valid or 1242424256=Valid 0123334567=Not valid)
Is there a mask rule or combination of mask rule to clarify to NOT check a word that contains Xnum 3 or more times consecutively. Thank you for the help.

New and learning

August 25, 2013, 3:01 pm

≫ Next: Best Configuration for optimal cracking

≪ Previous: Rules Mask

$

0

0

Hi Guys
im hoping to work eventually as a penetration tester and im trying to pickup the wireless security side of pentesting

so im experimenting on my own home wireless, WPA2
ive an NVIDIA GTX 550 Ti card

I cracked my own win8 user LM hash in 10 minutes (8characters, upper/lower and number) - pwdump etc
but when trying my WPA2 of a handshake i got from my wireless
using the following syntax:
cudaHashcat-plus64.exe --hash-type 2500 --attack-mode 3 --outfile C:\Users\username\Desktop\capture.hccap.out C:\Users\uername\Desktop\capture.hccap ?u?u?u?u?u?u?u?u?u

now I know my password is 9 digits all uppercase


but it reckons at 12515 H/s it will take more than 10 years to try every combination

can anyone point me in the right direction to optimising this based on the command line I supplied?
there must be quicker ways of bruteforcing this?

many thanks for your help

Best Configuration for optimal cracking

August 26, 2013, 12:53 am

≫ Next: line skip hcmask file

≪ Previous: New and learning

$

0

0

Hi All,

This si my first post, so aplologies if the question is too trivial. I have been asked to evaluate OCLHashcat plus for cracking wifi passwords. The layman requirement would probably be to run a brute force attack against possible password combinations. I would like to evaluate against passwords of varying strength of length >8 and < 32.

My question is what would be an optimal configuration? I would like to sue a GPU cluster, but the question then again is which make and how many? Is it better to use say 2 GPUs of a much better make (and more expensive) as compared to say 10 cheaper GPUs? Has anybody tested it on a larger scale (say > 8 GPUs) and what has been the experience?

I know a faster cracking would mean an expensive setup. I have some sort of a grant and I think budget should not be a big issue (within reasonable limit, I wont want a budget of USD100K!!). Is there a possibility of a decent config which can help me crack passwords (8 to 32 chars) in less than say 6 hours??? SOmething like-

http://arstechnica.com/security/2012/12/...n-6-hours/

Sorry for too many questions but I would like a good starting point so as to plan it out.

Thanks
Mac

line skip hcmask file

August 26, 2013, 11:41 pm

≫ Next: multi rules debugging

≪ Previous: Best Configuration for optimal cracking

$

0

0

similar to --runtime=N where it quits the command, is there a way to bypass or skip down to the next line within the .hcmask file? my .hcmask file have several hunderd lines, so i only want to spend maybe 10mins per line.

multi rules debugging

August 27, 2013, 4:06 am

≫ Next: multi rules debugging

≪ Previous: line skip hcmask file

$

0

0

Hello,

I'm trying to use multi rules on Hashcat.

As I uderstant I can use it by putting many -r option.

To debug my rules files I usually use a line like that:

./hashcat-cli64.bin -r 1.rule --stdout

But when I enter


./hashcat-cli64.bin -r 1.rule -r 2.rule --stdout

It seems that it don't take the second rules.
Am i missing something?

multi rules debugging

August 27, 2013, 7:38 am

≫ Next: cuCtxCreate_v2 Fatal Error

≪ Previous: multi rules debugging

$

0

0

Hello, I'm trying to debug my rules,

On Hashcat the --stdout option can be used, but not on oclHashcat (I guess).
Nevertheless i'm trying to use this option to see the result of using 2 rules!

Is there a way to see it the result in stdout or in a file with oclHashcat??

Thx a lot

---

cuCtxCreate_v2 Fatal Error

August 27, 2013, 3:49 pm

≫ Next: [fingerprint] combinator attack v0.13 bad, v0.15 good FYI upgrade!

≪ Previous: multi rules debugging

$

0

0

I've just downloaded Hashcat_plus v. 0.15, and it (32-bit code) seemed to run for a while, but after about 10 tries to enter runnable data, it stopped completely. Now, whenever I try to run it, I immediately get a fatal error, "The procedure entry point cuCtxCreate_v2 could not be located in the dynamic link library nvcuda.dll".

I have downloaded several versions of nvcuda.dll, up to 2012-07, and the error persists. These versions do include "cuCtxCreate", but not *_v2.

I am running Windows 2000 latest update (can't upgrade because of required sw compatibility), MS Dot Net v. 2, and I do not run Nvidia. This system has no internet connection for security reasons (I am online now using a disposable Linux machine).

How can I get a version of nvcuda with _v2 -- or, how can I disable this error?

[fingerprint] combinator attack v0.13 bad, v0.15 good FYI upgrade!

August 27, 2013, 4:16 pm

≫ Next: Why can I not Download oclHashcat-plus for 0.15?

≪ Previous: cuCtxCreate_v2 Fatal Error

$

0

0

using hc-plus 013 I get this for a straight wordlist attack:

Code:

Session.Name...: oclHashcat-plus
Status.........: Running
Input.Mode.....: File (words\words_combined_sort.txt)
Hash.Target....: File (dbs\fingerhash.txt)
Hash.Type......: vBulletin < v3.8.5
Time.Started...: Tue Aug 27 19:02:45 2013 (7 secs)
Time.Estimated.: Tue Aug 27 19:04:25 2013 (1 min, 32 secs)
Speed.GPU.#1...:    12450/s
Recovered......: 0/28808 (0.00%) Digests, 0/28331 (0.00%) Salts
Progress.......: 3935866880/51398071869 (7.66%)
Rejected.......: 0/3935866880 (0.00%)
HWMon.GPU.#1...: 61% Util, 55c Temp, 50% Fan

however.. I took 1000 cracked passwords, and ran it though expander, removed dupes etc and ended up with near 10,000 in the new wordlist. Besides that, it seems to be running overly slow .

Code:

Session.Name...: oclHashcat-plus
Status.........: Running
Input.Base.....: File (dbs\fingerword.txt)
Input.Mod......: File (dbs\fingerword.txt)
Hash.Target....: File (dbs\fingerhash.txt)
Hash.Type......: vBulletin < v3.8.5
Time.Started...: Tue Aug 27 19:06:31 2013 (31 secs)
Time.Estimated.: Fri Aug 30 02:02:53 2013 (2 days, 6 hours)
Speed.GPU.#1...:       74/s
Recovered......: 0/28808 (0.00%) Digests, 0/28331 (0.00%) Salts
Progress.......: 62457096/391213033136 (0.02%)
Rejected.......: 0/62457096 (0.00%)
HWMon.GPU.#1...: 72% Util, 56c Temp, 53% Fan

all of this was with version 0.13, so I upgraded to 0.15

Same exact command, wordlists etc except i used v0.15, and results are...

Code:

Session.Name...: oclHashcat-plus
Status.........: Running
Input.Base.....: File (dbs\fingerword.txt)
Input.Mod......: File (dbs\fingerword.txt)
Hash.Target....: File (dbs\fingerhash.txt)
Hash.Type......: vBulletin < v3.8.5
Time.Started...: Tue Aug 27 19:09:22 2013 (11 secs)
Time.Estimated.: Tue Aug 27 19:51:06 2013 (41 mins, 26 secs)
Speed.GPU.#1...:     5494 H/s
Recovered......: 1/28808 (0.00%) Digests, 1/28331 (0.00%) Salts
Progress.......: 1768459264/391213033136 (0.45%)
Rejected.......: 0/1768459264 (0.00%)
HWMon.GPU.#1...: 70% Util, 54c Temp, 50% Fan

All attacks are on oldvbull hashes (2611). Here are my commands for starting hc.

Code:

rem FYI - I rename the exe I want to use to hashcat.exe, I'm using the 64-bit opencl for a single AMD 6950 card
rem wordlist
oclHashcat-plus-0.13\hashcat.exe -m 2611 -a 0 --remove -o dbs\fingerhash_c.txt dbs\fingerhash.txt words\words_combined_sort.txt

rem 0.13 fingerprint
oclHashcat-plus-0.13\hashcat.exe -m 2611 -a 1 --remove -o dbs\fingerhash_c.txt dbs\fingerhash.txt dbs\fingerword.txt dbs\fingerword.txt

rem 0.15 fingerprint
oclHashcat-plus-0.15\hashcat.exe -m 2611 -a 1 --remove -o dbs\fingerhash_c.txt dbs\fingerhash.txt dbs\fingerword.txt dbs\fingerword.txt

Another FYI, with md5 (hashtype 0), there are no problems that I could see.

Why can I not Download oclHashcat-plus for 0.15?

August 27, 2013, 6:13 pm

≫ Next: cudahashcat 0.14 ERROR: cuMemcpyDtoH() 999

≪ Previous: [fingerprint] combinator attack v0.13 bad, v0.15 good FYI upgrade!

$

0

0

Why can I not Download oclHashcat-plus for 0.15?
I find many people all talk about oclHashcat-plus 0.15, please atom release it, we very much look forward to it, or tell us when to release 0.15? thank you!

cudahashcat 0.14 ERROR: cuMemcpyDtoH() 999

August 27, 2013, 11:46 pm

≫ Next: ERROR: clCreateKernel() -46

≪ Previous: Why can I not Download oclHashcat-plus for 0.15?

$

0

0

Hi all,

With regards to the following error:

ERROR: cuMemcpyDtoH() 999

Is it because of the multiple rules that I was using or the dictionary?

Rules.Type.....: File (rules\best64.rule), File (rules\combinator.rule), File (rules\passwordspro.rule)

I saw http://hashcat.net/forum/thread-1991.htm...MemcpyDtoH but not sure if it's relevant. I am aware of version 0.15 but just curious to see what triggered this error. Thanks!

ERROR: clCreateKernel() -46

August 28, 2013, 2:49 am

≫ Next: Hashes from freeradius-wpe

≪ Previous: cudahashcat 0.14 ERROR: cuMemcpyDtoH() 999

$

0

0

Hello, I used oclHashcat-plus v0.14 is work perfectly exept gpu temp i use (--gpu-temp-disable --force) and tooday i have update to the new version v0.15, i got error instantly after starting brute.

I have 2x 7970 (DirectCU2) .



Any idea to fix?

Hashes from freeradius-wpe

August 28, 2013, 6:59 am

≫ Next: --seq-max in hashcat plus?

≪ Previous: ERROR: clCreateKernel() -46

$

0

0

Hello everyone!

I have been experimenting with using freeradius-wpe to collect credentials from WPA enterprise wireless set ups.

the patched radius server is giving me the hashes in the following format:

Code:

mschap: Mon Aug 26 21:17:42 2013

    username: bob
    challenge: a4:15:00:1c:d5:90:0a:32
    response: 63:2e:80:34:15:16:2e:36:65:22:63:79:9f:8e:8a:1c:05:a6:bc:4d:0e:cf:5d:72
    john NETNTLM: bob:$NETNTLM$a415001cd5900a32$632e803415162e36652263799f8e8a1c05a6bc4d0ecf5d72

I've tried to convert this into a hashcat friendly format but I'm not getting it to work.

Can anyone point me in the right direction? I'd love to use my GPU on these!

--seq-max in hashcat plus?

August 28, 2013, 3:10 pm

≫ Next: Hashcat rules generate duplicates

≪ Previous: Hashes from freeradius-wpe

$

0

0

is it possible to use a construct to limit the sequential occurrence of a character like the maskprocessor does.

eg not the same char 3 times in a row

or do I need to create a wordlist with maskprocessor and hashcat it?

or how would I feed hascat plus with words from maskprocessor .. so i need JTR?

---

Hashcat rules generate duplicates

August 28, 2013, 4:49 pm

≫ Next: Radeon HD 7470m -- oclHashcat-plus64.exe has stopped working

≪ Previous: --seq-max in hashcat plus?

$

0

0

I'm using the following command to redirect the words generated by hashcat with the best64 rule to a file. The file 'test' contains only the word test.

hashcat -r /usr/share/hashcat/rules/best64.rule test --stdout >> best64.txt

The command creates a file with 201 words.

wc -l best64.txt
201

But it contains duplicates!

..
t3st
tet
te
tes
tes
te
t
tt
..
..

I did
sort -u best64.txt | wc -l
188

So it created 13 duplicates!

i'm probably doing something wrong, anyone able to help? Thanks guys!

Radeon HD 7470m -- oclHashcat-plus64.exe has stopped working

August 28, 2013, 8:24 pm

≫ Next: NTLMv2 -- Not finding password

≪ Previous: Hashcat rules generate duplicates

$

0

0

Hi, It runs and opens fine, But when I am to run the example, or any other crack, It closes with "oclHashcat-plus64.exe has stopped working".
I did search this forum but I couldn't find anything on the card, i'm not entirely sure if it's supported.

Edit: I can get you whatever sort of info you need.

Alright, I done a little digging, read that I needed to install some amd sdk, I installed it, It now loads and recognizes gpu, But now I have a new error.

Quote:oclHashcat-plus v0.15 by atom starting...

Hashes: 35 total, 35 unique salts, 35 unique digests
Bitmaps: 8 bits, 256 entries, 0x000000ff mask, 1024 bytes
Workload: 256 loops, 80 accel
Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 80c
Device #1: Caicos, 1024MB, 800Mhz, 2MCU
Device #1: Kernel ./kernels/4098/m0010_a3.Caicos_1016.4_1016.4 (VM).kernel not f
ound in cache! Building may take a while...
ERROR: clBuildProgram() -11

I'll go do some digging on that too.

NTLMv2 -- Not finding password

August 28, 2013, 11:05 pm

≫ Next: Is my test results normal?（oclhashcat-plus for truecrypt ,2*gtx690)

≪ Previous: Radeon HD 7470m -- oclHashcat-plus64.exe has stopped working

$

0

0

I know the password but I can't get hashcat to find it. It's NTLMv2. I've tried a dictionary file with the password in it, and brute/mask. Anyone know what I'm doing wrong?

The password is Newpass8

Here's the input:

Code:

hashcat-cli32.exe -m 5600 -a 3 -o key ntlm2.txt Newpass?d

Here is the contents of ntlm2.txt

Code:

Administrator::WIN-HMH39596ABN:1122334455667788:80be64a4282577cf3b80503f4acb0e5a:0101000000000000f0​77830c70a4ce0114ddd5c22457143000000000020000000000000000000000

Input.Mode: Mask (Newpass?d)
Index.....: 0/1 (segment), 10 (words), 0 (bytes)
Recovered.: 0/1 hashes, 0/1 salts
Speed/sec.: - plains, - words
Progress..: 10/10 (100.00%)
Running...: --:--:--:--
Estimated.: --:--:--:--

Started: Thu Aug 29 00:56:26 2013
Stopped: Thu Aug 29 00:56:27 2013


Many thanks for your help.

Is my test results normal?（oclhashcat-plus for truecrypt ,2*gtx690)

August 29, 2013, 12:01 am

≫ Next: is it possible to use hashcat for RAR file password ?

≪ Previous: NTLMv2 -- Not finding password

$

0

0

I use 2*gtx690, result as below:
•PBKDF2-HMAC-RipeMD160 / AES: 95.6kHash/s
•PBKDF2-HMAC-SHA512 / AES: 130 kHash/s
•PBKDF2-HMAC-Whirlpool / AES: 30 kHash/s *updated*
•PBKDF2-HMAC-RipeMD160 boot-mode / AES: 187 kHash/s


Comparison of the results of the official release：

Here are some speeds from 2x hd6990:
•PBKDF2-HMAC-RipeMD160 / AES: 223 kHash/s
•PBKDF2-HMAC-SHA512 / AES: 95 kHash/s
•PBKDF2-HMAC-Whirlpool / AES: 49 kHash/s *updated*
•PBKDF2-HMAC-RipeMD160 boot-mode / AES: 451 kHash/s


I think two result difference is large, Is there the results of the official about gtx690? thank you!

is it possible to use hashcat for RAR file password ?

August 29, 2013, 1:02 am

≫ Next: Kernel 3.11 Radeon Mesa drivers

≪ Previous: Is my test results normal?（oclhashcat-plus for truecrypt ,2*gtx690)

$

0

0

Hello,

I have a .rar file encrypted with password.

Is it possible to use hashcat to decrypt the password ?

Thanks !