Quantcast
Channel: hashcat Forum - All Forums
Viewing all 7847 articles
Browse latest View live

No output from office2john.py against xp/2003 excel file

May 3, 2016, 11:59 am
$
0
0
Hi hashcat forum,
I am attempting to get the hash from an excel xp/2003 file but office2john gives no output when I run it against this particular file. I am able to extract the hash from other older 97/2003 excel files I have tried. I don't have any other xp/2003 excel files to try.
The same xp/2003 excel file works in elcomsoft advanced Office Password Recovery and it says it is:
file format: "Excel XP/2003 with CSP Encryption"
However cracking this with elcomsoft is far too slow so I'd really like to get this into hashcat.
Search

Using --pw-skip --pw-limit to distribute workload

May 3, 2016, 12:51 pm
$
0
0
Hi everyone, I'm currently trying to crack an 8 character uppercase WPA using a mask.

This is my current command that I'm using (single pc at around 1.58%, speed 39000H/s):
cudaHashcat64 -m 2500 -a 3 --pwd-min=8 capture.hccap ?u?u?u?u?u?u?u?u

Is it possible to distribute the work across multiple computers using the --pw-skip and --pw-limit, with a mask, for example (using arbitrary numbers):

PC 0: --pw-limit 1000
PC 1: --pw-skip 1000 --pw-limit 2000
PC 2: --pc-skip 2000 --pw-limit 3000
and so on...

If so, can this also be used with hashcat and oclhashcat on the same machine? To utilise the CPU and GPU power of the machine.

Or am I misunderstanding how this works?

Or maybe a better way?

Thank you.

Am I doing something wrong to cause this poor performance?

May 5, 2016, 5:31 am
$
0
0
Hello all,

     I'm new to the forum and hashcat in general, but I've been experimenting and learning over the past few weeks and I'm trying to determine if I'm getting the most performance out of my cards with the way I'm using hashcat.

I have two nvidia (evga) gtx 970's (not bridged together) running hashcat as such:

cudaHashcat64.bin --status -a 3 -w 3 -m 11300 ../test.hash ?a?a?a?a?a?a?a?a?a?a?a

Here are the stats:

motherboard: asrock extreme4 970
psu: corsair 750w
video card: nvidia gtx 970 (x2)
memory: pny 8 gig ddr3 1866mhz
hard disk: western digital sata


Session.Name...: cudaHashcat
Status.........: Running
Input.Mode.....: Mask (?a?a?a?a?a?a?a?a?a?a?a) [11]
Hash.Target....: $bitcoin$96$ab76d8cbdb7c65e16048847acc67c...
Hash.Type......: Bitcoin/Litecoin wallet.dat
Time.Started...: Thu May  5 07:06:52 2016 (1 hour, 16 mins)
Time.Estimated.: > 10 Years
Speed.GPU.#1...:        0 H/s
Speed.GPU.#2...:        0 H/s
Speed.GPU.#*...:        0 H/s
Recovered......: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.......: 24041472/6403748062057711647 (0.00%)
Rejected.......: 0/24041472 (0.00%)
Restore.Point..: 79872/67407874337449596 (0.00%)
HWMon.GPU.#1...: 99% Util, 76c Temp, 39% Fan
HWMon.GPU.#2...: 99% Util, 71c Temp, 27% Fan

In the start, Progress was showing about 1 million per second.  Now it's at around 200k per 10 seconds or so in terms of that number increment.

Any guidance would be appreciated.  I set the password on this to 'testing123' to see how effective the mask attack would be and how long it would take to recover.

     Best,

MP

GTX 960m Benchmark

May 5, 2016, 9:05 am
$
0
0
If any of you have laptop with a GTX 960m GPU, could you please post it's benchmark in cudahashcat.I am thinking of buying a new laptop and just want to know how it would perform,though I know the the performance won't be great but still the information would be appreciated. (Sorry for my bad English, English is not my first language.)
THANKS IN ADVANCE Big Grin

Output the calculated hashes to file?

May 5, 2016, 1:54 pm
$
0
0
Hi,

is it possible to output the hashes to a file, instead of comparing the generated hash to the provided one? For some unsalted encryption methods I could build my own rainbowtable instead having to run the job x times ;-)

Best approach when knowing several words in a long passphrase?

May 5, 2016, 7:56 pm
$
0
0
Hey all,

     I remember several words used in my passphrase, just not the order they're in, nor the case used.  I also know that  I used two special characters at the end (I know which they are) just not sure what order either.  For example, if I know the following is used in the beginning for a fact:

dogsheep1234crayon

and the rest contains some combination of upper/lower alpha mixed in with some numbers and ending with special characters -

Would it be best to use a custom mask straight-away at it as such:

--status -a 3 -w 3 -m 11300 ../forgotten.hash -1 ?u?l -2 ?d?l?u??'#$' ?1ogsheep1234?1crayon?2?2?2?2?2?2?2?2?2?2?2?2?2?2?2?2?2?2?2?2?2


Or better to throw 'dog' 'sheep' and 'crayon' in a list and somehow run through permutations including trying alphanumeric + special char through each iteration?

     Thanks a lot,

MP

Prince

May 6, 2016, 1:11 am
$
0
0
Hello

Prince explain about the attack?

First time trying to crack something

May 6, 2016, 1:36 am
$
0
0
Hi,
I'm trying to figure if what I'm trying to do is viable with Hashcat(or the beta of oclHashcat for OS X). This is my first time using hashcat/oclhashcat.

I got the file where it's supposed to be the hash for my 1Password vault. But it's the last version of 1Password and the file is from a "container" called "1Password.opvault", it is not a ".filevault" extension one.

In this file I've found(among others) the file "profile.js" which seems to have my password. The fields in this file are(among less interesting ones) salt, masterKey, passwordHint(just text), iterations, uuid, overviewKey.

iteration is 25000
salt is 24 char long.
masterKey is 449 char long
overviewKey is 196 char long

The passwordHint one is not interesting for cracking but for making sure this is where the masterpassword is stored. I'm assuming masterKey is the hash and I have no idea what overviewKey is.

The problem is that I don't know what king of hash I have here, and thus I don't know what mode to use. If I try the -m 6600 I get the "Line-length exception" error. I've tried with padding(based on this question) so the hash is 2080 char long but I get the same error(the hash without padding is 449 char long).

With the mode 8200 I get the "Hash-length exception" with both padding and without padding.

Is it even possible to get this hash cracked with either oclhashcat or hashcat on OS X? And if so, a little help, please?

BTW, this is from an old 1Password that I can't remember the password. I have a new one since some months ago, but this is just for fun/is interesting.
Search

NetNTLMv2 Cyrillic symbols issue

May 6, 2016, 6:23 am
$
0
0
Hi!
I'm trying to crack NetNtlmv2 hash with known password

test::test-PC:1122334455667788:EE8BE66E931EE5F78502E43AB0755EB7:0101000000000000B74CFB6137A6D101B672CD72950FCF320000000002000A0073006D006200310032000100140053004500520056004500520032003000300038000400160073006D006200310032002E006C006F00630061006C0003002C0053004500520056004500520032003000300038002E0073006D006200310032002E006C006F00630061006C000500160073006D006200310032002E006C006F00630061006C000800300030000000000000000000000000300000EFD2A20880C73783FE82407EB41E4B3FE2D57CF015812BDC3DBC367618B9B8E30A0010000000000000000000000000000000000009001C0063006900660073002F0064006100750074006F0076002D00700063000000000000000000

password is cyrillic "a" (unicode 0430)

when i try method described here hashcat didn't manage to recover this pass.

Then i tried to run hashcat using mask ?b?b --incremental

Useless again. 

Password was successfully cracked using john.

Hashcat successfully crack hashes with latin passwords, for example 

test::test-PC:1122334455667788:66B41928700FEA503B80D86372FE1164:0101000000000000206CC1C437A6D101A0D0BEE8D9BE72C80000000002000A0073006D006200310032000100140053004500520056004500520032003000300038000400160073006D006200310032002E006C006F00630061006C0003002C0053004500520056004500520032003000300038002E0073006D006200310032002E006C006F00630061006C000500160073006D006200310032002E006C006F00630061006C00080030003000000000000000000000000030000037DE47151778061BAA06DCDCE4F1ACAB2B85419749F92F70F4921AAA5677A3F80A0010000000000000000000000000000000000009001C0063006900660073002F0064006100750074006F0076002D00700063000000000000000000:te

Am I right that there is some issue with non latin symbols in netntlmv2 method in hashcat?

Trying several numbers at various positions within words in a wordlist after combine?

May 6, 2016, 8:14 am
$
0
0
Hey all,

     I've been reading for the better part of a week here and finding myself answering my own questions with just the proper reading.  One I'm unable to answer thus far however, is let's say I have created a word list with the combinator utility.  Now I want to process that using some rules (the top_5000.rule shared on the forum).  However, perhaps I wanted to add the number "1001" at every possible position because I know it's a strong possibility it's contained in the password, just not *where*.  Is there a way to do this?

     Thanks a lot,

MP

GTX 980 Ti Build

May 6, 2016, 3:08 pm
$
0
0
Hello, first time building a desktop!

Before anything, here is what I am going to be doing with this setup:
    
     1. oclHashcat (WPA and a few others)
     2. Some gaming (GTA5 and similar)
     3. 4k video editing/picture editing
     4. Average uses (YouTube, 4k video watching, etc)

Other notes:

     1. I have an absolute MAX budget of $3,000
          -Also need to buy a monitor and case
     2. I may wait for Pascal chips to arrive and purchase them instead if there are significant improvements
     3. Primary OS's will be Debian 8 and Windows 10
     4. I may buy some not critical components used from eBay/Amazon or similar

Part List:

      Motherboard: Gigabyte GA-Z170X-Gaming 7 ATX LGA1151 http://www.gigabyte.com/products/product...id=5481#ov
      Processor: Intel Core i7-6700K http://ark.intel.com/products/88195/Inte...o-4_20-GHz
      CPU Cooler: Cooler Master Hyper 212 EVO 82.9 CFM Sleve Bearing CPU Cooler http://www.coolermaster.com/cooling/cpu-...r-212-evo/
      GPU: 2x Nvidia GTX 980 Ti (Reference Design) http://www.geforce.com/hardware/desktop-...gtx-980-ti
      RAM: 32GB G.Skill Ripjaws V Series DDR4-2400 http://www.gskill.com/en/product/f4-2400c15q-32gvr
      SSD: 500GB Samsung 850 EVO 2.5" http://www.samsung.com/us/computer/memor...75E500B/AM
      HDD: 4TB Western Digital Black Series 3.5" 7200rpm http://www.wdc.com/en/products/products....d=760#Tab3
           -May drop to 2TB instead
      PSU: EVGA SuperNOVA 850 Gold 80+ http://www.evga.com/Products/Product.asp...G2-0850-XR
      Other components below

Semi-Complete Build: http://pcpartpicker.com/p/7WXHf7

Questions:

     1. Are there any alternative/better/cheaper parts you'd recommend?
     2. Can you recommend me a good case+cooling fans?
     3. Am I safe buying reference design cards for both hashcat and some gaming/video editing?

Thanks!

GTX 1070 & 1080

May 6, 2016, 8:20 pm
$
0
0
One of you was going to start this thread anyway, so I figured I'd be the one to do it. 

GTX 1070

We don't know. But it will cost $379 and will be available on June 10. So... yeah. 

GTX 1080

2560 cores
1607 Mhz base clock, 1733 Mhz boost clock
8GB GDDR5X (10Gbps)
180W, 1x 8pin power
94C max temp

Available May 27 for $600, "Founders Edition" with "crazy overclocking, over 2Ghz clocks" available for $699. Demo showed this card running at 2114 Mhz. At 2114 Mhz, this card very well may be up to 15% faster than an overclocked Titan X. Won't know for sure until we get our hands on one, but no doubt this is a pretty serious piece of hardware.

This post will be updated with pictures and benchmarks as we get them.

Hash seems simple but i can't identify it

May 7, 2016, 7:05 pm
$
0
0
Hello everyone, i m testing web application, and made an account with simple password and got a hash like this:
c2tuXllXXXXyXnXXdXXxajXjXXhXdz09
Then i made another account with the same password and got the same hash. I suppose there is no salt in it.
So i tried with hash-identifier (which showed me MD5 ) and HashID (which showed me DNSSEC NSEC3)
I proceeded with the hashcat and tried to "crack" it with the dictionary (my password in it):
Code:
hashcat -m 0 -a 0 -o found.txt --remove testmyhash.txt bigpass.txt


Quote:Input.Mode: Dict (bigpass.txt)
Index.....: 3/3 (segment), 960618 (words), 10499593 (bytes)
Recovered.: 0/1 hashes, 0/1 salts
Speed/sec.: - plains, - words
Progress..: 960618/960618 (100.00%)
Running...: --:--:--:--
Estimated.: --:--:--:--


with no results , also tried dictionary with only one password (correct one)


and i m confused. All right, maybe it is NSEC3 (that method looks very rare), and i need oclhashcat to "crack" that. Videocard only in my windows pc. I'm doing this:
Code:
cudahashcat64.exe -m 8300 -a 0 -o found.txt --remove testmyhash.txt bigpass.txt
,
but it keeps yelling at me:
Quote:WARNING: Hash 'testmyhash.txt' Line-length exception

Is there a method which helps me to identify hash algorithm if i know the password? Is it really NSEC3? Thanks in advance.

WPA method advice

May 8, 2016, 8:30 am
$
0
0
Hi all,

I just discovered oclHashcat yesterday, great piece of software!

I'm just after some advice on the best/most efficient way of obtaining WPA pass-phrases (-m 2500).

I've read through the information on the site, and gone over the mask-attack information, but tbh I didn't really fully grasp it 100%.

I've got the 4 way handshake files from my router, and I know the current WPA password is: k3t3kyta

What would be the best way of obtaining the above password from the files? I'm currently running the below command, but unsure if there is a better/faster way?

-m 2500 .\handshakes\output.hccap -a 3 -1 ?l?d ?1?1?1?1?1?l?l?l

Basically just trying to figure out the most efficient command/mask for a password length of 8, which could possibly contain numbers at any point within the password. 


Thanks for any help or suggestions you can offer Smile

Trying to crack NTLMv2

May 9, 2016, 8:06 am
$
0
0
So I captured a NTLMv2 hash using embedded UNC from one of my Windows 7 machines using the Metasploit SMB server.

When I try to crack it using -m 1000 and a mask attack knowing the first characters I get an error saying something about the length is wrong and "skipping line"?  Can someone tell me the exact command I should be using to perform a mask attack against NTLMv2 hash?

Thank-you in advance!
Search

cracking unicode plain text

May 9, 2016, 8:31 am
$
0
0
Hello,

can hashcat bruteforce unicode hashed text?
how bute force works when cracking that type of text?
Does it takes more time to crack if we use unicode?

Thanks

Input.Mode max 8?

May 10, 2016, 1:30 pm
$
0
0
I try to use a mask over 8, but it always shows this:

Input.Mode .....: Mask (?1?1?1?1?1?1?1?1) [8]

I've tried 10, 12, 15.. it always indicates 8 instead, is this the max supported mask when brute forcing?

I'm using cudaHashcat64.exe with a GTX 970.

Can't crack multiple hashes, only single

May 11, 2016, 9:27 am
$
0
0
I'm experiencing some odd behavior here. When I run a command on a file with a single hash, it works as expected. If I add a second line with a different hash I come up empty - it doesn't even crack the first one. 

I created several test SHA1 salted hashes using test1, test2, etc. I start with one line so my hash file looks like this:

Code:
test1:xxhashxx:xxsaltxx

I run
Code:
cudahashcat60.exe -m 110 -a 3 --username -o test_cracked.txt test.hash test?d
and it cracks it and writes the output to test_cracked.txt as expected. Now I add a second line to the file:
Code:
test1:xxhashxx:xxsaltxx
test2:xxhashxx:xxsaltxx

I run the same command but get no output in the test_cracked.txt file. The command terminates with a Status of exhausted:

Code:
Session.Name...: cudaHashcat
Status.........: Exhausted
Input.Mode.....: Mask (test?d) [5]
Hash.Target....: File (test.hash)
Hash.Type......: sha1($pass.$salt)
Time.Started...: 0 secs
Time.Estimated.: 0 secs
Speed.GPU.#1...:        0 H/s
Recovered......: 0/2 (0.00%) Digests, 0/2 (0.00%) Salts
Progress.......: 20/20 (100.00%)
Rejected.......: 0/20 (0.00%)
HWMon.GPU.#1...:  0% Util, 62c Temp, 282rpm Fan

I've tried it with several combinations of hashes, and it always works with one and always fails with more than one. I've checked to make sure there aren't trailing spaces at the end of the lines. Complete newbie here so it's probably something simple that I'm doing wrong, but I've simplified this as much as possible and can't get past it. Any help is appreciated.

Is cudaHashcat slower without a desktop manager?

May 11, 2016, 1:10 pm
$
0
0
I recently removed gdm3 from my Kali 2.0 install as I planned on mainly running this machine headless.  I seem to recall getting closer to 200 kH/s between my 2 Nvidia GeForce GTX750TI's.  Now it seems to do around 110 kH/s between the 2 of them.  I could be remembering this wrong as it's been awhile since I fired up cudaHashcat but I'm pretty sure I am seeing the cards run slower.  Would there be anything in gdm3 allowing the cards to run faster?

GPU #2 shuts down. Temperature control?

May 12, 2016, 9:37 am
$
0
0
I've just noticed that my second card seems to be going down during a crack.  Temperature is only around 60c on this card.  But when I start another crack it will start working for awhile anyway... is this normal?  Possible hardware issue?
Viewing all 7847 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>