match column

February 16, 2017, 6:56 am

≫ Next: Mask attack issues

≪ Previous: GTX 1080: errors

$

0

0

hi all, i want to solve a little problem

i have two csv files

file1 contain

emails,hashs

and file2 contain

hashs,crackedhashs

i want to merge those two file with a condition that hashs in file1 match the hashs in file2

and get a result like this in file3:

emails,crackedhashs

thanks

---

Mask attack issues

February 16, 2017, 9:01 am

≫ Next: DES-ECB: mask on plain text?

≪ Previous: match column

$

0

0

Hi All,

I recently faced an issue with mask attack trying to crack a bunch of NTLM passwords. 

The command I used which did not work is: hashcat -a 3 -m 1000 hash.txt -i --increment-min=8 --increment-max=15 ?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a

It tried all 8 character and did not crack a single password in the hash.txt list (There were a lot of 8 character passwords)

I tried a command without trying the mask: hashcat -a 3 -m 1000 hash.txt -i --increment-min=8 --increment-max=15

The above command cracked a bunch of passwords. (I know it takes a default mask and it is a smaller subset)

Not sure why the first command did not yield any passwords. Can somebody suggest or help me with this issue.

DES-ECB: mask on plain text?

February 16, 2017, 10:50 am

≫ Next: Dual GPU & OPenCL/Mesa Issues

≪ Previous: Mask attack issues

$

0

0

Hi, I'm trying to run hashcat to find DES-ECB key. What I know is part of plain text and full encrypted text. Is there a way to apply a mask on the plaintext so that hashcat only consideres part of the plaintext, for example only 6 of 8 bytes? I realize this will result in false positives but that's fine.

Example:

Decrypted bytes:

Code:

AA BB CC DD EE FF ?? ??

DES-ECB Encrypted bytes:

Code:

01 02 03 04 05 06 07 08

Now I want to find all DES keys that will decrypt 0102030405060708 into AABBCCDDEEFFxxxx where xxxx doesn't matter, I just want the keys, any of it, that produces

Code:

AABBCCDDEEFF

by decrypting

Code:

0102030405060708

thanks

Dual GPU & OPenCL/Mesa Issues

February 16, 2017, 1:57 pm

≫ Next: 1080ti vs Titan x Pascal

≪ Previous: DES-ECB: mask on plain text?

$

0

0

Hi,

apologies if this is in the wrong subforum.

I recently posted here for some advice on my previous GPU (https://hashcat.net/forum/thread-6265.html) and after banging my head against a wall, decided to bite the bullet and invest in a better GPU that was compatible with the AMD-GPU-pro driver (why i didnt just go for NVidia then, i dont know, i hate myself)

Purchased a AMD R9 290x, and after again banging my head trying to get the AMDGPU-pro driver installed on Kali with 4.9.6 kernel (its wouldnt install the module against that kernel version, only 4.4) i managed to get this GPU running on hashcat on Mint 18 with a 4.4 kernel.

Great! so i bought a second GPU, another R9 290x. Plug and play i think.

However this is where i encountered the problems. The PC recognizes both cards, and can benchmark both at around 190K each for WPA. But when actually cracking, i get the following errors:

Code:

hashcat (v3.30) starting...

OpenCL Platform #1: Advanced Micro Devices, Inc.
================================================
* Device #1: Hawaii, 2047/3865 MB allocatable, 14MCU
* Device #2: Hawaii, 2047/4043 MB allocatable, 14MCU
* Device #3: AMD FX(tm)-4100 Quad-Core Processor, skipped

OpenCL Platform #2: Mesa
========================
* Device #4: AMD HAWAII (DRM 3.2.0 / 4.4.0-53-generic, LLVM 3.9.1), 2047/4094 MB allocatable, 44MCU
* Device #5: AMD HAWAII (DRM 3.2.0 / 4.4.0-53-generic, LLVM 3.9.1), 2047/4094 MB allocatable, 44MCU

Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates
Rules: 390625

Applicable Optimizers:
* Zero-Byte
* Single-Hash
* Single-Salt
* Slow-Hash-SIMD

Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 75c

* Device #1: build_opts '-I /usr/share/hashcat/OpenCL -D VENDOR_ID=1 -D CUDA_ARCH=0 -D VECT_SIZE=1 -D DEVICE_TYPE=4 -D DGST_R0=0 -D DGST_R1=1 -D DGST_R2=2 -D DGST_R3=3 -D DGST_ELEM=4 -D KERN_TYPE=2500 -D _unroll -cl-std=CL1.2'
* Device #1: Kernel /root/.hashcat/kernels/m02500.b9797364.kernel (1228600 bytes)
* Device #1: Kernel /root/.hashcat/kernels/amp_a0.b9797364.kernel (776312 bytes)
* Device #2: build_opts '-I /usr/share/hashcat/OpenCL -D VENDOR_ID=1 -D CUDA_ARCH=0 -D VECT_SIZE=1 -D DEVICE_TYPE=4 -D DGST_R0=0 -D DGST_R1=1 -D DGST_R2=2 -D DGST_R3=3 -D DGST_ELEM=4 -D KERN_TYPE=2500 -D _unroll -cl-std=CL1.2'
* Device #2: Kernel /root/.hashcat/kernels/m02500.b9797364.kernel (1228600 bytes)
* Device #2: Kernel /root/.hashcat/kernels/amp_a0.b9797364.kernel (776312 bytes)
* Device #4: build_opts '-I /usr/share/hashcat/OpenCL -D VENDOR_ID=16 -D CUDA_ARCH=0 -D VECT_SIZE=4 -D DEVICE_TYPE=4 -D DGST_R0=0 -D DGST_R1=1 -D DGST_R2=2 -D DGST_R3=3 -D DGST_ELEM=4 -D KERN_TYPE=2500 -D _unroll -cl-std=CL1.2'
* Device #4: Kernel m02500.a465c7df.kernel not found in cache! Building may take a while...
clBuildProgram(): CL_BUILD_PROGRAM_FAILURE

input.cl:20:1: error: OpenCL version 1.1 does not support the 'static' storage class specifier
input.cl:118:1: error: OpenCL version 1.1 does not support the 'static' storage class specifier
input.cl:169:1: error: OpenCL version 1.1 does not support the 'static' storage class specifier
input.cl:203:1: error: OpenCL version 1.1 does not support the 'static' storage class specifier
input.cl:331:1: error: OpenCL version 1.1 does not support the 'static' storage class specifier
input.cl:384:1: error: OpenCL version 1.1 does not support the 'static' storage class specifier
input.cl:420:1: error: OpenCL version 1.1 does not support the 'static' storage class specifier
input.cl:548:1: error: OpenCL version 1.1 does not support the 'static' storage class specifier

* Device #4: Kernel /usr/share/hashcat/OpenCL/m02500.cl build failure. Proceeding without this device.

* Device #5: build_opts '-I /usr/share/hashcat/OpenCL -D VENDOR_ID=16 -D CUDA_ARCH=0 -D VECT_SIZE=4 -D DEVICE_TYPE=4 -D DGST_R0=0 -D DGST_R1=1 -D DGST_R2=2 -D DGST_R3=3 -D DGST_ELEM=4 -D KERN_TYPE=2500 -D _unroll -cl-std=CL1.2'
* Device #5: Kernel m02500.a465c7df.kernel not found in cache! Building may take a while...
clBuildProgram(): CL_BUILD_PROGRAM_FAILURE

input.cl:20:1: error: OpenCL version 1.1 does not support the 'static' storage class specifier
input.cl:118:1: error: OpenCL version 1.1 does not support the 'static' storage class specifier
input.cl:169:1: error: OpenCL version 1.1 does not support the 'static' storage class specifier
input.cl:203:1: error: OpenCL version 1.1 does not support the 'static' storage class specifier
input.cl:331:1: error: OpenCL version 1.1 does not support the 'static' storage class specifier
input.cl:384:1: error: OpenCL version 1.1 does not support the 'static' storage class specifier
input.cl:420:1: error: OpenCL version 1.1 does not support the 'static' storage class specifier
input.cl:548:1: error: OpenCL version 1.1 does not support the 'static' storage class specifier

* Device #5: Kernel /usr/share/hashcat/OpenCL/m02500.cl build failure. Proceeding without this device.

and the cracking will proceed with only one GPU. Sometimes its device #1, sometimes #2, but never both at the same time.

Looking at the messaging, it would appear that OpenCL version 1.1 is not compatible, but this is what was installed with the AMDGPU-pro driver. I dont think my hardware is at fault as both were able to benchmark successfully together and if both run when cracking (at times seperately) i dont think its the hardware.

Really stumped as to why these dont work together, and cannot seem to upgrade OpenCL to 1.2 or 2.0 if compatible (cards are compatible with 2.0 after reading the wiki) or if this would even fix the issue.

Any advice would be greatly appreciated.

Thanks

DrR

1080ti vs Titan x Pascal

February 17, 2017, 6:29 am

≫ Next: mask help

≪ Previous: Dual GPU & OPenCL/Mesa Issues

$

0

0

Hello!
Which of these cards is better to take? Wait 1080ti, or buy a titan x pascal.
8xcard

mask help

February 17, 2017, 7:32 am

≫ Next: GTX 1080 Nvidia driver performance

≪ Previous: 1080ti vs Titan x Pascal

$

0

0

Hi guys,

I'm a newbie with a problem. Some months ago I password protected a word 2013 document (because paranoia) and didn't write down the password. Of course I forgot the password and now I am getting a bit desperate as I need that doc for my job. 

This is how I got to hashcat. I looked up how this can be done, managed to extract the hash and got hashcat running and doing it's job. I believe that my password was strictly alphanumeric and of maximum 8 characters. I came up with this: 

hashcat64.exe -a 3 -m 9600 -o found.txt -1 ?l?d -i --increment-min=4 --increment-max=8 my_word_hash.txt 

However I have no ideea what I can do to improve the odds of finding the pass, although I am pretty sure that I did not put more then 1 numeric character in there somewhere (most likely either at the beginning of at the very end). When I start hashcat I get the following message:

The wordlist or mask you are using is too small.

Therefore, hashcat is unable to utilize the full parallelization power of your device(s).
The cracking speed will drop.
Workaround: https://hashcat.net/wiki/doku.php?id=fre...full_speed

INFO: approaching final keyspace, workload adjusted

I am not sure that that means and although I did read online about this warning, tbh I feel like I am way out of my league here. 

If anyone could help with some advice, it would be very much appreciated. I would like to get a p2.x8large Amazon instance to try to get some juice under the hood for this job, but it would be nice to know that I am not throwing my hard earned money out the window with a poor hashcat request. 

Many thanks

GTX 1080 Nvidia driver performance

February 17, 2017, 8:46 pm

≫ Next: Utils for analyzing *hccap files

≪ Previous: mask help

$

0

0

Has anyone run benchmarks for the most recent Nvidia driver versions?

Specifically, what are the speed differences between 370, 375, and 378 for the GTX 1080 FE?

I haven't found this anywhere.  I might make this a weekend project and report back.

Utils for analyzing *hccap files

February 18, 2017, 11:52 am

≫ Next: des raw algorithm

≪ Previous: GTX 1080 Nvidia driver performance

$

0

0

Hello.
Are there any utils that can give some information about access point? I mean from handshake (*cap) converted to *hccap. I know about utils that work with *cap file, like wireshark, capper etc., but they are not that comfortable for me.
Thanks in advance.

---

des raw algorithm

February 18, 2017, 4:55 pm

≫ Next: csv output for benchmarking

≪ Previous: Utils for analyzing *hccap files

$

0

0

Hello,
i was playing around with hashcat especially the des mode.
what was making me curious, if use a generated test vector with 5000, 10000 and 2000 random key/plain/cipher blocks
on my test hardware(hd7870) it takes around 3 years for each to complete, but the same is true for a set with 5x10^6
also the keyspace progress is about same.

from my understanding there would be a significant difference.
because if we test a key against plain or cipher (encode/decode) key expansion and IP just needs to be calculated
ones and can be used in every thread but for the 16 rounds of F we need either plaintext or cipher and with this we need to iterate over every single block.

even with many gpu cores and bit slicing, the difference is for my knowledge to big for the same results.

can some one please point out how this is possible?

-m 14000 des.vector -o our.txt -a 3 -1 charsets/DES_full.charset --hex-charset ?1?1?1?1?1?1?1?1 -w 4

csv output for benchmarking

February 18, 2017, 4:58 pm

≫ Next: gaming laptop for occassionall hash cracking

≪ Previous: des raw algorithm

$

0

0

In viewing the various Google sheets that exist that contain hashcat benchmarks, I decided to script something to get csv output after running a benchmark.  Manually copying values from "./hashcat64.bin --benchmark" takes too long.

I hope you guys find this useful.

#!/bin/bash

#set -x

if [[ $# -eq 0 ]];then
echo ' '
echo 'Error: no benchmark output specified'
echo ' '
echo 'Usage: print_columnar_benchmark_values.sh hashcat_benchmark_logfile_from_tee.log'
echo ' '
echo 'Obtain the hashcat benchmark output by executing:'
echo '/path/to/hashcat/hashcat64.bin --benchmark | tee hashcat_benchmark_logfile_from_tee.log'
echo ' '
echo 'Optional: output this to a csv file by executing:'
echo 'print_columnar_benchmark_values.sh hashcat_benchmark_logfile_from_tee.log | tee benchmark_output.csv'
echo ' '
echo 'This script was made for hashcat-3.30 under Linux and may need to be updated in the future.'
echo ' '
exit 1
fi

cat $1 | sed '/^$/d' | paste -s -d",\n" | grep 'Hashtype:' | grep -v 'hashcat' | grep -v 'Stopped' | grep -v 'Started' | grep -v 'OpenCL' | grep -v '===' | while read hashtype_line
do
        hashtype=$(echo $hashtype_line | cut -d ':' -f 2 | cut -d ',' -f 1 | xargs)
        unparsed_speed=$(echo $hashtype_line | cut -d ':' -f 3 | cut -d '(' -f 1 | cut -f 1 | xargs)
        # split unparsed_speed into two parts
        speed_number=$(echo $unparsed_speed | cut -d ' ' -f 1)
        speed_multiplier=$(echo $unparsed_speed | cut -d ' ' -f 2)
        hashes_per_second_detect=$(echo $speed_multiplier | grep -i 'h/s' | grep -v -i 'k' | grep -v -i 'm')
        kilohashes_per_second_detect=$(echo $speed_multiplier | grep -i 'kh/s')
        millionhashes_per_second_detect=$(echo $speed_multiplier | grep -i 'mh/s')
        # multiply base number by detected multiplier
        if [[ $hashes_per_second_detect != "" ]]; then
                echo "$hashtype,$speed_number"
        fi
        if [[ $kilohashes_per_second_detect != "" ]];then
                speed_number_k=$(perl -e "print $speed_number * 1000")
                echo "$hashtype,$speed_number_k"
        fi
        if [[ $millionhashes_per_second_detect != "" ]];then
                speed_number_m=$(perl -e "print $speed_number * 1000000")
                echo "$hashtype,$speed_number_m"
        fi
done

Code:

#!/bin/bash

#set -x

if [[ $# -eq 0 ]];then
echo ' '
echo 'Error: no benchmark output specified'
echo ' '
echo 'Usage: print_columnar_benchmark_values.sh hashcat_benchmark_logfile_from_tee.log'
echo ' '
echo 'Obtain the hashcat benchmark output by executing:'
echo '/path/to/hashcat/hashcat64.bin --benchmark | tee hashcat_benchmark_logfile_from_tee.log'
echo ' '
echo 'Optional: output this to a csv file by executing:'
echo 'print_columnar_benchmark_values.sh hashcat_benchmark_logfile_from_tee.log | tee benchmark_output.csv'
echo ' '
echo 'This script was made for hashcat-3.30 under Linux and may need to be updated in the future.'
echo ' '
exit 1
fi

cat $1 | sed '/^$/d' | paste -s -d",\n" | grep 'Hashtype:' | grep -v 'hashcat' | grep -v 'Stopped' | grep -v 'Started' | grep -v 'OpenCL' | grep -v '===' | while read hashtype_line
do
       hashtype=$(echo $hashtype_line | cut -d ':' -f 2 | cut -d ',' -f 1 | xargs)
       unparsed_speed=$(echo $hashtype_line | cut -d ':' -f 3 | cut -d '(' -f 1 | cut -f 1 | xargs)
       # split unparsed_speed into two parts
       speed_number=$(echo $unparsed_speed | cut -d ' ' -f 1)
       speed_multiplier=$(echo $unparsed_speed | cut -d ' ' -f 2)
       hashes_per_second_detect=$(echo $speed_multiplier | grep -i 'h/s' | grep -v -i 'k' | grep -v -i 'm')
       kilohashes_per_second_detect=$(echo $speed_multiplier | grep -i 'kh/s')
       millionhashes_per_second_detect=$(echo $speed_multiplier | grep -i 'mh/s')
       # multiply base number by detected multiplier
       if [[ $hashes_per_second_detect != "" ]]; then
               echo "$hashtype,$speed_number"
       fi
       if [[ $kilohashes_per_second_detect != "" ]];then
               speed_number_k=$(perl -e "print $speed_number * 1000")
               echo "$hashtype,$speed_number_k"
       fi
       if [[ $millionhashes_per_second_detect != "" ]];then
               speed_number_m=$(perl -e "print $speed_number * 1000000")
               echo "$hashtype,$speed_number_m"
       fi
done

gaming laptop for occassionall hash cracking

February 19, 2017, 3:29 am

≫ Next: 2x6 gtx1080 cluster

≪ Previous: csv output for benchmarking

$

0

0

Hello. 
I'm new to the subject and just making first steps to get the right hardware. 


I have some issues concerning choosing right laptop for hash cracking. 
Choosing laptop is a priority because I'm not planning to make cracking rig and tunnel to it remotely. Considering portability i've found few 14 inch gaming ones which could meet ocassional hash cracking. I've found MSI phantom pro and Aero 14 both with gtx 1060. As my laptop would also be used in office tasks it should last long on battey. For now I have no idea which one to choose. Any experience with these two would be appreciated.

But recently I've found some nice ultrabooks like 13inch big and with thunderbolt 3 port. I also consider such installation with external GPU but didn't found much info about performance on net or any reviews how does it behave. Are there any issues in such installation? Or should I go for gaming 14 inch laptop. In this case I have bussinees class hardware which can do the job.

Another question is if I can connect to MSI phantom pro with thunderbolt another nvidia GPU but eg different model 1080 and can hashcat use both internal and external GPU at same time for cracking?

Waiting for some advise.
Thanks.

2x6 gtx1080 cluster

February 19, 2017, 9:55 am

≫ Next: hashcat CL_BUILD_PROGRAM_FAILURE

≪ Previous: gaming laptop for occassionall hash cracking

$

0

0

hope i post this question in the right forum, if not please move it

i got two identical systems:

opsystem: ubuntu 14
motherboard: ASUS Z9PE‑D8 WS
gpu: 6x gtx1080 FE
psu: evga gold
custom close frame (i can upload pictures if you guys wish to see 12 cards in a row
fan: cloud x7

i would like to make a cluster out of this two systems, is there any tutorial how to do that under ubuntu ? maybe load balancing also ? any research papers would be greatly appreciated

hashcat CL_BUILD_PROGRAM_FAILURE

February 19, 2017, 12:15 pm

≫ Next: decryption problem with enctype 7500

≪ Previous: 2x6 gtx1080 cluster

$

0

0

Hi, I've just upgrade my kali linux to newest version and I have problem with hashcat. Below are errors. 

Code:

root@Manekin:/usr/share/hashcat# hashcat -b
hashcat (v3.30) starting in benchmark mode...

OpenCL Platform #1: Mesa
========================
* Device #1: NV117, 2047/1048576 MB allocatable, 5MCU

Hashtype: MD4

clBuildProgram(): CL_BUILD_PROGRAM_FAILURE

invalid source
* Device #1: Kernel /usr/share/hashcat/OpenCL/m00900_a3.cl build failure. Proceeding without this device.

It's very frustraiting and I can't deal with it. I can't install nvidia drivers for my kali linux, because graphics mode after that won't run. I don't see my intel CPU also. What shuld I do?

decryption problem with enctype 7500

February 19, 2017, 6:28 pm

≫ Next: "No hashes loaded" using 11600

≪ Previous: hashcat CL_BUILD_PROGRAM_FAILURE

$

0

0

I try to use cudaHashcat 1.35 to decrypt two hash of the encryption type 7500(kerberos 5 AS-REQ-Pre-Auth etype 23). The first hash(signed as hash1) comes from the hashcat forum and I use the command '$krb5pa$23$user$realm$salt$hash1' to decrypt it. The second hash(signed as hash2 ) comes from my experinment: I use wireshark to get the kerberos 5 AS-REQ pack, then pick up the enc PA-ENC-TIMESTAMP as the second hash. Also, I use the command '$krb5pa$23$user$realm$salt$hash2' to decrypt it. The first hash can be decrypted successfully but  I failed to decrypt the second hash. What should I do?

"No hashes loaded" using 11600

February 20, 2017, 4:22 am

≫ Next: Hashcat 1080(s) gpu error

≪ Previous: decryption problem with enctype 7500

$

0

0

Greetings.

Today i have a problem with recovering my 7z archive password. As indeed i used 7z2hashcat from github to get the archive hash. I saved the hash in the output file called "hash". When i try to run hashcat on windows i always get this error "No hashes loaded". The command i use:

Code:

hashcat64 -m 11600 path_to_"hash" path_to_wordlist

I also tried:

Code:

hashcat64 -m 11600 -a 3 path_to_"hash" ?d?d?d?d?d?d

Give me a helping hand please.
Thanks in advance.

---

Hashcat 1080(s) gpu error

February 20, 2017, 12:14 pm

≫ Next: Hashcat64.exe not valid win32 app

≪ Previous: "No hashes loaded" using 11600

$

0

0

I have a 5x 1080 build.

2x psu

Sometimes (please note sometimes as if i restart the rig there is times where they will all run fine) when running hashcat I get this error :

nvmlInit(): GPU is lost

NvAPI_GPU_GetBusId(): NVAPI_ERROR

NvAPI_GPU_GetBusId(): NVAPI_ERROR

NvAPI_GPU_GetBusId(): NVAPI_ERROR

NvAPI_GPU_GetBusId(): NVAPI_ERROR

NvAPI_GPU_GetBusId(): NVAPI_ERROR

NvAPI_GPU_GetBusId(): NVAPI_ERROR

and either 1 or 2 of my gpus will be no longer run.

Help?

Hashcat64.exe not valid win32 app

February 20, 2017, 2:30 pm

≫ Next: AMD FX6100 CPU

≪ Previous: Hashcat 1080(s) gpu error

$

0

0

I have been using hashcat 3.30 in cmd window on win 7 64 bit OS for the last 5 days to work on a 10 bit
wpa hash.
I have done a few checkpoints and restores in the 5 days, but today after I entered the restore command
 I get a window warning "hashcat64.exe is not a valid win32 application". I rebooted - still
the same. Windows downloaded a windows defender update during the 5 days KB915597. I can't unistall
the KB without re-installing windows. Restores all fail probably because the KB cannot be uninstalled.
Anyone got a suggestion?

AMD FX6100 CPU

February 20, 2017, 5:41 pm

≫ Next: Display error with driver Nvidia 378.13

≪ Previous: Hashcat64.exe not valid win32 app

$

0

0

Hello!

I have a PC with na AMD FX6100 (six-core) processor and installed all about OpenCL I could find here:
http://support.amd.com/en-us/kb-articles...river.aspx

and here:

http://developer.amd.com/tools-and-sdks/...g-app-sdk/

But hashcat continues to tell me I don't have OpenCL drivers installed (on Windows 7).


Is there a way of making hashcat work with a AMD CPU?

Thanks!

Display error with driver Nvidia 378.13

February 21, 2017, 1:00 pm

≫ Next: Hashcat 3.30 problems

≪ Previous: AMD FX6100 CPU

$

0

0

Hello,
I have found that the Nvidia driver 378.13 the MHz number is displayed incorrectly

Quote:HWMon.Dev.#1.....: Temp: 35c Fan:  0% Util:100% Core:  40Mhz Mem:5005Mhz Lanes:16

With the driver 375.39 the display is ok

Hashcat 3.30 problems

February 22, 2017, 10:56 am

≫ Next: Don't detect any device - clGetDeviceIDs(): CL_DEVICE_NOT_FOUND

≪ Previous: Display error with driver Nvidia 378.13

$

0

0

Hi, 

I have a WPA2 handshake (hccap file) which I am doing tests on and I know the passphrase in advance, as I set it myself

There is clearly something wrong, and I am trying to figure out where the problem is. 

System: GTX 970M with an i7 6700HQ, Hashcat 3.30

Let's assume the passphrase for that handshake is simply: Goldfreak123

When put that same passphrase in a custom.txt dictionary file, hashcat cracks it without issues.   

However my goal is testing the rules functionality of hashcat. So I changed the passphrase in the custom.txt dictionary file to Goldfreak, and created a rule file (temprule.txt) with one entry as follow: $1 $2 $3 

which will append 123 at the end of every passphrase. 

I know the rule works because this command works: 
hashcat64.exe -r temprule.txt --stdout custom.txt 

The output is Goldfreak123 as expected. 

However, the problem is that the rule-based attack itself does not work: 

hashcat64.exe -m 2500 handshake.hccap -r D:\rules\temprule.txt D:\custom.txt

The wordlist or mask you are using is too small.
Therefore, hashcat is unable to utilize the full parallelization power of your device(s).
The cracking speed will drop.
Workaround: https://hashcat.net/wiki/doku.php?id=fre...full_speed

INFO: approaching final keyspace, workload adjusted

Session..........: hashcat
Status...........: Exhausted
Hash.Type........: WPA/WPA2
Hash.Target......: TestSSID (MAC_hidden <-> MAC_hiden)
Time.Started.....: Wed Feb 22 13:39:21 2017 (0 secs)
Time.Estimated...: Wed Feb 22 13:39:21 2017 (0 secs)
Input.Base.......: File (D:\custom.txt)
Input.Mod........: Rules (D:\rules\temprule.txt)
Input.Queue......: 1/1 (100.00%)
Speed.Dev.#1.....:        0 H/s (0.00ms)
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 1/1 (100.00%)
Rejected.........: 1/1 (100.00%)
Restore.Point....: 1/1 (100.00%)
Candidates.#1....: [Copying]
HWMon.Dev.#1.....: Temp: 47c Util: 99% Core:1037Mhz Mem:2505Mhz Lanes:16

Started: Wed Feb 22 13:39:18 2017
Stopped: Wed Feb 22 13:39:22 2017


Any ideas why the Rule attack is not working? I did delete the previous potfile.