Quantcast
Channel: hashcat Forum - All Forums
Viewing all 7686 articles
Browse latest View live

Pdf crack issue

February 5, 2016, 9:46 am
$
0
0
I pull down a pdf file from a public site that allows one to view the pdf but not print without a paid password. I save the file and run pdftohashcat.py and get: $pdf$2*3*128*-8*1*16*9ce0<redacted>a204. I run oclhashcat and it cracks instantly with this output:$pdf$2*3*128*-8*1*16*9ce0<redacted>aa204:

Which I read as, "blank, no entry"

I attempt to enter this when the password is requested when I attempt to print the file but it is rejected. What am I not getting? Thanks.
Search

cudaHashcat64 Bruteforce to find MD5 Password

February 6, 2016, 4:07 am
$
0
0
Hi guys, could you help me to create a basic BATCH command to run a bruteforce attack on a MD5 password?

MD5 example: <redacted>

The example files do look like:

type example.dict | cudaHashcat64.exe -m 0 example400.hash
pause

ERROR: No NVidia compatible platform found

February 6, 2016, 11:20 am
$
0
0
is nvidia quadro fx ****(i forget the exact number but i paid over a grand for it ** but that was like 10 years ago so im sure they suck now)

are the quadro compatible with cuda?

Thanks,
m

.pae zip file

February 6, 2016, 2:58 pm
$
0
0
Does anyone know if this software can crack the password on a .pae zip file?  it was created in Power Archiver and the password was forgotten.

Any and all assistance is welcome and appreciated.

very slow gpu wpa ocl hashcat

February 6, 2016, 5:00 pm
$
0
0
cant find this issue solved in the forums (saw similar mentioned but didnt help me)
- ocl hashcat is very very slow on my gpu, getting just 2,700 hashes a second for wpa. All online benchmarks, info etc say should be getting much more.
Details: windows 10 64 bit, using latest hashcat - 2.01, and latest nvidia drivers catalyst 15.7. even with -w 3 command, i get 97% (aprox) usage of GPU, yet only 2,700 hashes per second speed.
a benchmark test said speed was 2807 a sec. I tried with  1.5, 1 and 10 gig wordlists seperately, (i have only tried using wordlists, not bruteforce etc), and the lists are stored localy on c drive. I am not using any rules, and my reject count is 0%.
My command line is: oclHashcat64 -m 2500  -w 3 optus.hccap C:\Users\TOSHIBA-PC\Desktop\wordlists/2.txt
pause
graphics card is: amd radeon hd 6300m series

status says: HWMon.GPU.#1 98% Util, -1c Temp, N/A Fan

tried: fully and properly reinstalling catalyst, using older versions of oclhaschat, using different hccap files and different wordlists, rebooting etc, -w 3 command,

Could try (if anyone thinks could help) :creating, then trying in a seperate windows 7 partition on same laptop

Thanks very, very much.

recover after reboot

February 7, 2016, 5:11 am
$
0
0
My computer accidentially  rebooted.
It had been running the following command:


hashcat-cli64 -m 2500 -a 8 R.hccap somewords.txt

I have read many things on recovery, but dont understand it.

I can't find a .recovery file anywhere, and it is possible that the --recovery option is no more? I don't seem to see it in the help.


I see there is a -s=####### option but cant see a recover option when I do a -help.

Can someone explain how to recover particularly if we dont know the place we left off..

Thanks.
Oh yes version 2.0 of Hashcat (64bit)

cap2hccap Problem.

February 8, 2016, 3:17 am
$
0
0
Hi. im just another noobie tries to crack AP.

I sucessfully Captured handshakes from sniffing tool called CommView, and saved packets as ".cap".
and i tried to use this website's cap2hccap tool to change extension for hashcat.
but, cap2hccap says it doesnt contains handshakes tho i can check it contains handshake at cap file.

[error   ] unable to find valid handshakes.

what is the problem? what did i missed?
Any helps will be appriciated. thanks.

P.S. i attached my cap files for analyzing.
Dump.Zip
ncf is originally saved file, and cap file is the file which i saved as different extension.

Cracked windows 2008 r2 hash does not work

February 8, 2016, 6:50 am
$
0
0
I extracted the following hash from a windows 2008 r2 server with iis7.5.

Administrator:500:aad3b435b51404eeaad3b435b51404ee:7df4f3446bbe71004b781c59d521f494:::

I can easily crack the latter part of the hash. The LM hash seems to correspond a default value (disabled).


When I connect a display to this device, I cannot login to the server with this password using Administrator username.

I seem to be missing something
Search

mask order change

February 9, 2016, 7:52 am
$
0
0
Hi,

I use oclhashcat with GPU which does 55 000 - 56 000 tries per second. I wanted you guys to confirm if I used the right command for my long-trip (43days) run.

How to use specific order?

-m 2500 --session ap -a 3 ap.hccap -1 DEAQXUYBPRSTVWZCFGHIJKLMNO ?1?1?1?1?1?1?1?1

is this means I'm starting

with DDDDDDDD and will finish at OOOOOOOO (so all D******* will be scanned within two days, * - capital letter only)

or

DAAAAAAA and will finish with OOOOOOOO

or

anything else

Only capital letters should be used so there are 208 827 064 576 tries and I see this count on the screen correctly.

Crack Salt

February 9, 2016, 9:12 am
$
0
0
I do have a certain plaintext, the hash and know the encryption algorithm, which is hmac sha256.
is it possible to brute the right salt? i know the salt is a 64char alphanumeric string.

as i'm completly new to hashcat, could anyone help me with the proper parameters?

thanks in advanced

Finaly the Rig of 8 GPU (titan x or 980)

February 10, 2016, 8:16 am
$
0
0
hey ya all,

i guess after abit of research i have come with system, ofc i would like to have some opinion about the rig and ofc correct me about it.

Quote:Component     Quantity    Description
Case & MOBO   1           TYAN FT77CB7079 (B7079F77CV10HR-2T (BTO)) (EOL) from http://www.tyan.com/datasheets/DataSheet...-B7079.pdf
from what i understand the PSU  come with the tyan, but not to sure if its possible to add more than 1 PSU of 3200W so if its possible to get 2 so x2 RPSU of 3200W plat (that come with the tyan)   
CPU           2               xeon e5-2660 v3
Memory        128 GB ECC DDR4 
GPU           8  Titan x from evga (the refference one)
SSD           2 950 pro 500gb (for a raid 1 incase anything fail in the future)
HDD 4TB/1TB (WD red enterprise (or segeat)  i know its not needed but incase i want some pre wordlist i can store it there
CPU Cooler    i didnt think of one yet Sad, i hope u can help me with this one to.


because their is 96 GB of vram from the gpus i decide to go for 128GB of ram mabe its over kill but i am ok with this.

incase i decide to go for the 980 gtx , i will reduce the ram and the PSU since its not needed, from what i saw the titan x need 250W and the gtx 980 165 W,

anyway thanks alot in advance.

Hashcat keeps restarting after it finishes?

February 10, 2016, 3:37 pm
$
0
0
./hashcat-cli64.bin -m 2500 -a 8 out.hccap new_8u_link_eng.txt

When I start the above command, I come back hours or days later and its gone from say 35% finished to 0.01 % completed. I asume that it has run thorough the words and is either trying them again or running some new rules or something. Can someone explain this to me. Is this normal.  I dont understand what is happening after it appears to run though one pass of trying the password file.txt
Thanks.

First GPU Rig - A few questions

February 10, 2016, 4:55 pm
$
0
0
Hi all I am new to the forum but have referenced posts here for all my curiosities up until I decided to get serious and build a small rig.

I would first of like to thank epixoip, every question I have had led to a solid answer by you so thank you for your help I am sure many other unregistered users are grateful for your help.

So back to my rig... specs are (currently) as follows

Motherboard: Asrock H81 Pro BTC Intel H81
PSU: Corsair AX1200 Professional Series AX 1200W
CPU: Intel Celeron G1840 Processor 2.8 GHz
RAM: Kingston 4 GB 1600 MHz DDR3
GPU: None purchased - either 7970 or 290x
SSD: Will order soon - Sandisk SSD Plus 120GB

OS: Not sure but probably a linux build

Accessories;
Add2PSU 24 Pin ATX Cable Adapter Splitter
6x PCI-E 1X to 16X Powered Extension USB 3.0 Risers
Homebuilt wooden frame - built it today Smile

Everything listed above has been ordered this week and should be arriving soon, I am wondering if apart from the GPU's am I missing any important or useful items?

GPU
Now I have looked at the GPU Hashcat benchmark and for WPA/2 and my budget (around £100 each) I believe the Radeon HD 7970 will be the best rated for my money, unless someone can advise me otherwise? I have also tried to get lucky and find a R9 290X within my budget but it seems far from likely - I have watched them go over the last few days and the cheapest was £170. (not including the OEM designs)

PSU
I have managed to get hold of a Corsair 1200w, my plan is to initially use this to power the mobo/cpu/ssd + 2 GPUs
Eventually I will be running a 6 (if possible to multiply the PCI-e slots then 8) GPUs. 
Scenario 1: Powering 6x 7970
Scenario 2: Powering 6x R9 290X
Scenario 3: Powering 8x 7970
Scenario 4: Powering 8x R9 290X
What would I need for my second PSU? would a 850w PSU be sufficient in the case of scenario 1?
850w powering 2xGPU + mobo/cpu/ssd - 1200w powering 4xGPU
Also want to know, how GPU's can I safely power using 1200w on this rig before requiring a second PSU?


OS
My aim is to have the rig working in 'headless' mode, ideally I could be at a different location using my laptop and via command line run oclHashcat on my home rig. RDP is an option but is not really what I am looking for.
To be honest I have not done research on this (don't flame), my rig was a spontaneous decision and I have only been reading up on this for around a week.


Summary for those who don't want to read everything;
1) What GPU do you recommend for WPA/2 and a £100 budget (will buy used on ebay)
2) What combination of PSU should I use assuming that I am gradually adding GPUs to it.
3) How many GPUs can I power with the whole rig using a 1200w PSU.
4) OS - I want to use the rig as a remote server that I can use via command line.

Any other recommendations or optional extras - anything at all you might deem useful I would be glad to hear and take it on board as a potential addition to my rig.

Thanks in advanced!!




p.s. for those who are interested my rig frame was based on this how-to video
https://www.youtube.com/watch?v=Cscm8blV40c

See photo below 

[Image: IMG_5449_zps1gudolkb.jpg]

[Help] Username:Hash to Username:Plaintext

February 10, 2016, 5:26 pm
$
0
0
I've been using hashcat for a while, I have a good rig and a good wordlist. I have no problem cracking hashes. Someone gave me a list user : hash : salt . I know --username ignores the email and cracks the hashes,great. In cudaHashcat.pot it saves the hashes as hash : salt : plain. I have no issue with this until now... The person wants a file Username : Plaintext only. How can I do this.
I tried:
oclhashcat.exe --username --outfile-format=2 --show --quiet -r rule.rule -m 20 hashlist.txt dic.txt in my .bat file

It refuses to work and says Usage: oclhashcat.exe [options].... hash:hashfile:hccapfile [ dictionary:mask:directory]..

So is it possible to save Username : Plain into cudaHashcat.pot without the hash? Or even if the hash : salt were in the beggining hash : salt : username : plaintext because then at least I can delete the first 35chars with textmechanic.

(Spaces because of smiley faces)

What is the storage requirement for OS to run hashcat?

February 10, 2016, 9:26 pm
$
0
0
I'm looking to test a rig with 4-6 GPUs and i'm wondering if i can use USB persistent Linux build as OS.

Does Hashcat use alot of IOs from the local OS?

Can i offset the storage data such as dictionary lists to an iSCSI/AoE server? Would that be a bottle neck due to the slower speed than a local SSD?

I'm also reading through a distributed setup called Hashtopus, i'm not clear about the storage for an agent also. Dont they get to share the same data from a SAN? or they each have a copy of the data to work on?

I'm sorry if these questions have been answered. I tried to use the search function on the forum with no success.

Best regards,
Search

Hashcat combining two wordlists - 0 progress

February 12, 2016, 12:28 am
$
0
0
Hi,

I am attempting to use hashcat with two wordlists, the command is as follows;
Code:
hashcat -m 2500 -a 1 handshake.hccap firstList.txt secondList.txt

firstList contains words of length 10, secondlist contains words of length 4.

I am trying to get it to use every combination of the words but my result is as follows;

Code:
Input.Mode: Dict (firstList.txt)
Index.....: 1/3 (segment), 2795862 (words), 33550344 (bytes)
Recovered.: 0/1 hashes, 0/1 salts
Speed/sec.: 1.39k plains, - words
Progress..: 0/2795862 (0.00%)
Running...: 00:00:01:07
Estimated.: --:--:--:--

It doesn't look like its combining the lists, and there is no progress... I will leave it running for the next 15 minutes or so.

If I bypass this it will run on the second list;
Code:
Input.Mode: Dict (secondList.txt)
Index.....: 1/1 (segment), 454 (words), 2723 (bytes)
Recovered.: 0/1 hashes, 0/1 salts
Speed/sec.: 1.25k plains, - words
Progress..: 63/454 (13.88%)
Running...: 00:00:00:24
Estimated.: --:--:--:--

So it seems to be working on the second list only but not as expected.

How can I optimise the command to get it to work as expected?

Thank you.


*******

I have come across this guide: https://hashcat.net/wiki/doku.php?id=combinator_attack
so I am using the wrong version of hashcat.

What command can I use to combine the two wordlists into one so that I can attempt this in hashcat?

Thanks

Many symbols how separator (--separator)

February 12, 2016, 11:33 pm
$
0
0
Hello. HC don`t allow a multiple symbol separators. In automatic interaction with hc i found trouble of one symbol separator. 
In some cases the salt or the password have a separator in itself. As a result, when HC found this case and write it in outfile, it`s hard to parse it right for program. 
For example: hash "abc", salt "123", password "!@:#$". In outfile from HC i have:
"abc:123:!@:#$"
This line don`t split on 3 parts by ":". But if the separator be a multiple symbols, this trouble will not exists. For example, delimiter "|||"
"abc|||123|||!@:#$"

May you add this change to HC?

Alg for Xenforo

February 13, 2016, 12:57 am
$
0
0
Hello. In some cases Xenforo create hashes with XenForo_Authentication_Core and sha256:
sha256(sha256(password) . salt)
I can`t find this alg in oclHashcat help. Is it exists in oclHashcat?

Praetorian's d3adhob0.rule

February 13, 2016, 11:12 am
$
0
0
A few days ago there was an announcement about "Hob0Rules Released: Statistics Based Password Cracking Rules"
at https://www.praetorian.com/blog/hob064-s...t-d3adhob0

A quick glance showed that 22,220 of the 57,540 rules are the classic 2010 KoreLogic style rules,
$0 through $9
$0$0 through $9$9
$0$0$0 through $9$9$9
$0$0$0$0 through $9$9$9$9
and then again cased by "c".

(The sequence of lines
:
c
T0
d
can be seen twice.)

I think that Praetorian should have packaged the basic append one though four numbers rules separately,
as they are nothing new, and something everyone will or should already have.

Figuring how many of the remaining 35,320 rules overlap with other rule sets out there won't be as
easy. Does anyone have any analyses they've done?

Has anyone tried using them, and seeing if any previously uncracked passwords were found?

WPA2 cracking yields shared hex key?

February 13, 2016, 9:24 pm
$
0
0
So I've looked at some examples of other cracking WPA2 handshakes, which is why this boggles me.  Why am I getting what appears to be the shared hex key?  Shouldn't it be the plaintext key?  furthermore, if this really is the plaintext key, then I would have needed to set a rule to 36 characters (plus colons and SSID).  I only set 10 characters.  Anyways, here is my result.

ATT802:383bc8999eb2:5065f3fa89d1:8790560512

I know that the username/SSID is printed, which explains the "ATT802," but what is the rest?  Is that hex? If so, how do I get the ASCII key? I tried plugging that into a converter and just got gibberish.


This is my first attempt at this process so bear with me while I learn.  Thanks for the help.
Viewing all 7686 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>