Quantcast
Channel: hashcat Forum - All Forums
Viewing all 8191 articles
Browse latest View live

Hi, noob query.

August 6, 2017, 4:48 pm
$
0
0
Hello,

Im new to password recovery. I have a question. I have a list in the format [email:hashedpassword].

Is there any way to out put the results so they matched their hash/ email?

My specs are:
NVidia 1050
Intel i7-7700
16GB RAM

Any help MUCH appreciated!

Thanks
Search

Please Help

August 6, 2017, 7:12 pm
$
0
0
Dear All,

I'm newbie here.
I'm very interesting in this because I would like to recover my password in some wallet which is encrypted three year ago, thus I do not remember my password at that time. (and now i have save them the wallet in a USB)

So now I have download hashcat-3.6.0, but i do not know what I should to do next ...

please someone else show me where I can find either a tutorial or user guide for this software.

thanks in advance.

Performance Stats

August 7, 2017, 3:13 am
$
0
0
Hi,

Is there a way to log the time taken to recover a hash the output file?
I'd like to be  able to demonstrate how quickly certain logins/hashes were able to be recovered using certain wordlists/rules.

user:hash   recoverytime 


this possible?

Unresponsive hashcat - ignoring keyboard input

August 7, 2017, 4:10 am
$
0
0
I'm posting this on behalf on CyberGuard who is still waiting for his confirmation email to arrive.

I am currently running a 1080 Ti on an ubuntu 16.04.3 machine but am facing an unusal issue with hashcat. Hashcat does not seem to respond to any input once running.
No pause, no status, no resume, no quitting. CTRL+C is how I terminate the application.
It also seems that once an attack is finished, it doesn't quit on its own.
I was wondering if someone here has experience with this issue.

https://gyazo.com/f3bc81f585a865ecc70c1067c7cdeb19

Help with graduate assignment

August 7, 2017, 4:25 am
$
0
0
ok, i have assignement to run hashcat in cluster enviroment and does anyone know, what those strings mean?
XRSL example:

&
(count = 8)
(countpernode = 8)
(environment=
( "OMP_NUM_THREADS” "8" )
)
(jobname = primer)
(inputfiles =
(primer.tar.gz "")
(primer.sh "")
)
(executable = primer.sh)
(outputfiles = (primer.out.tar.bz2 ""))
(stdout=primer.log)
(join=yes)
(cputime=“2 days")
(gmlog=log)
(memory=2000)
(runTimeEnvironment = “APPS/BASE/GPU")
(walltime="4 hours”)

br
bojan

How to set the minimum password length?

August 7, 2017, 11:21 am
$
0
0
I Have very big dictionary (10 Gb)
I want run hashcat with this dictionary + best64.rule, I know that the password is more than 7 characters long.

It is possible to set the minimum length of the password when starting the cracking?

ecryptfs brute force attack

August 7, 2017, 5:57 pm
$
0
0
Hi,

i have ercyptfx file system that needs the password recovered. (it guy lost the key) we know the key is about between 8 and 11 ascii char's long. 

Is hash cat the right tool to use? I have to sadly admit its been years since I've look at any of these tools. From the reading i'm doing it looks like what I first need to do is get the hash using code from john the ripper, and then feel the code the hashcat . However from what I'm reading it looks like is not going to actually try to crack the password but rather undo the hash some how.. Is there no tool made to attack ecryptfs directly?

I don't know how much help i can ask for but i figured I would start here by asking the question as bluntly as possible

Thanks in advice for any help provided.

Strategies for cracking with known password parameters

August 7, 2017, 6:01 pm
$
0
0
Hi,

I was hoping some of the experienced folks here could help me crack passwords where I know most of the requirements. A friend at an old job several years ago challenged me to crack his password. I didn't put much effort in at the time but I stumbled across the old hashes and decided to give it a go on newer hardware.

This was an AD environment that only stored NTLM hashes and the requirements were to include three of the following:
  • Uppercase characters
  • Lowercase characters
  • Base 10 digits (0 through 9)
  • Nonalphanumeric characters: ~!@#$%^&*_-+=`|\(){}[]:;"'<>,.?/

I also know the length was forced to 14 characters. After speaking with him recently, he gave me a few hints such as he puts two words together with random capitalization, followed by a 2-4 digit number, followed by a special character at the end.

I have run through some of the larger wordlists I can find with several different rulesets and haven't hit it yet. I tried combining the google 10,000 most used english words together into a dictionary, applied rules, and that did not yield a result.

I've thought about combining the 100,000 most used words in english together, then running rules against that, but that dictionary is like 100GB and that doesn't seem like the most efficient approach to me.

Trying to brute force the entire 14 character range even with these known parameters seems too large.

Does anyone have any strategies for how to approach this in a more efficient way?

Thanks.
Search

Locked out of Keepass 1.x

August 7, 2017, 7:48 pm
$
0
0
Hi.

I've managed to lock myself out of my own KeePass database. I know some details about length and characters used so I can whittle it down to a reasonable bruteforce.

My only issue is that I'm unable to crack the example hash on the front page despite supplying the following input:
Code:
./hashcat64.exe -m 13400 -a 3 $keepass$*1*50000*0*375756b9e6c72891a8e5645a3338b8c8*82afc053e8e1a6cfa39adae4f5fe5e59f545a54d6956593d1709b39cacd7f796*c698fbfc7d1b71431d10611e2216ab21*24a63140f4eb3bfd7d59b7694eea38d1d93a43bc3af989755d2b326286c4d510*1*192*1a65072f436e9da0c9e832eca225a04ab78821b55d9f550860ade2ef8126a2c4050cf4d033374abd3dac6d0c5907c6cbb033643b203825c12e6c9853b5ac17a4809559fe723e01b4a2ab87cc83c8ba7ee4a757b8a0cf1674106f21f6675cba12064443d65436650df10ea0923c4cadfd4bfe341a6f4fa23a1a67f7d12a489fc5410ef6db9f6607905de491d3b3b915852a1b6c231c96366cbdee5ea9bd7f73ffd2f7a579215528ae1bf0ea540947ebfe39ca84bc6cbeded4f8e8fb6ed8f32dd5 ?l?l?l?l?l?l?l

Which yields the following output:
Code:
Hash '1*50000*0*375756b9e6c72891a8e5645a3338b8c8*82afc053e8e1a6cfa39adae4f5fe5e59f545a54d6956593d1709b39cacd7f796*c698fbfc7d1b71431d10611e2216ab21*24a63140f4eb3bfd7d59b7694eea38d1d93a43bc3af989755d2b326286c4d510*1*192*1a65072f436e9da0c9e832eca225a04ab78821b55d9f550860ade2ef8126a2c4050cf4d033374abd3dac6d0c5907c6cbb033643b203825c12e6c9853b5ac17a4809559fe723e01b4a2ab87cc83c8ba7ee4a757b8a0cf1674106f21f6675cba12064443d65436650df10ea0923c4cadfd4bfe341a6f4fa23a1a67f7d12a489fc5410ef6db9f6607905de491d3b3b915852a1b6c231c96366cbdee5ea9bd7f73ffd2f7a579215528ae1bf0ea540947ebfe39ca84bc6cbeded4f8e8fb6ed8f32dd5': Signature unmatched

I'm not quite clued up as to what that means and why it is occurring.

I've tried the very basic MD5 one too and that's working for me alright so I'm not entirely sure what is happening with the KeePass hashes in particular.

Any help would be greatly appreciated.

So I'm dumb and lost my ETH password

August 8, 2017, 2:35 am
$
0
0
To make a short story, I was new to ETH and my brother helped me set up a wallet in which I farmed with 6 gtx 1070 for a month.
Somehow we saved not the entire password used when creating the account using GETH, only the first 7 character.
I know the password was 8 to 10 char long, only using what can be entered by the keyboard as we didn't mess with anything special so most likely the 95 ascii printable character.

I've seen the mask attack generator but have no idea if that's what I should be using, neither how to generate the possible list using it.

If for example I know (made up here for the example):

MyPas$1
And it could go from:
MyPas$1a up to MyPas$1999 including \!@#$%?&*()


How do I use Hashcat and other tools to crack the password?
I have no idea how to use it and wouldn't say I'm a pro at coding/ETH/other, yet do have decent hardware (6x 1070 gtx mining rig) to my disposition.

Thanks for helping a newbie

Axcrypt: axcrypt2john.py (how to use python)

August 8, 2017, 3:45 am

Hashcat cant find my GPU

August 8, 2017, 6:45 pm
$
0
0
Ok so, i have amd hd 6870 and intel xeon 5440 and when i tried to benchmark hashcat i got error saying i dont have anything that supports opencl (sorry i cant remember exactly what it was but the problem was i didnt have open cl driver) BUT i have Crimson Edition 16.2.1 Beta so it should work. Anyway i read somewhere i need to install
Catalyst Software Suite so i did, and still nothing. then i installed amd sdk and finally gpu caps viewer showed i have opencl so i ran hashcat onice agan and it recognizes only my cpu. Wat do?
theoreticaly it should work only with crimson am i doing something wrong?

.png   2017-08-09 03_44_12-Administrator_ C__Windows_system32_cmd.exe.png (Size: 4.82 KB / Downloads: 0)

foreign words and --remove

August 8, 2017, 7:56 pm
$
0
0
I've got two questions I can't find the answer to:

1) I do my hashcat runs using --remove thinking it might be faster since hashcat doesn't have to check a particular hash again. But now I'm wondering if the disk i/o from having to update the hash file more than offsets any checking time saved. I can't be the only one to think of this but I can't find anything either way. Is it better to use --remove (speed-wise) when hunting for passwords, or using it with the found password list from the last run before the next, or don't use it? I have a backup of my original list, so I'm not worried about screwing that up.

2) What character set does hashcat assume/use? For example, the spanish alphabet (and keyboard) has a ñ character. Could I use a wordlist with that character without hex encoding it? What about in a mask?

Help with hash type

August 9, 2017, 2:10 am
$
0
0
Hello,
I would like to ask for some help I dont know what type of encoding is that hash, is it possible to decode it?

pc21mczhhaHBqd2FieG3lI3B8YX9lYmYxbHNrd2ZxancucGlgZGZrvmdmd3VvqNg9NDcwNTwvNjQ4OT0uYnx3YGdqbWJkdXFDSUNPREVDTGx5YWw0YXpgYWpqclZFbWZcbGqqcGleZGGgZnFrOXFxeWQ=

Help with SIP digest authentication

August 9, 2017, 6:38 am
$
0
0
Hi,
This is my SIP authorization request (I replaced some data with test data):
Authorization: Digest username="33333", realm="sip.aaa.it", nonce="1234:d6e8ea03e10d4e39954c0f75e9f1547f", uri="sipConfusedip.aaa.it", response="7468b74b7257b05671242ad0a8b0eb16", algorithm=MD5

So I want to use SIP digest attack and the sintax should be this:
$sip$*[URI_SERVER]*[URI_CLIENT]*[USERNAME]*[REALM]*[METHOD]*[URI_PREFIX]*[URI_RESOURCE]*[URI_SUFFIX]*[NONCE_SERVER]*[NONCE_CLIENT]*[NONCE_COUNT]*[QOP]*[DIRECTIVE]*[MD5]

So I run this command:
hashcat -m 11400 '$sip$*sipConfusedip.aaa.it**33333*sip.aaa.it*REGISTER*sip*sip.aaa.it**1234****MD5*7468b74b7257b05671242ad0a8b0eb16'

But it seems the requests are hanging, what I'm doing wrong?
I have many doubt about  uri prefix, uri_resource, nonce client / server.

Someone can help me?
Search

cap2hccapx

August 9, 2017, 3:38 pm
$
0
0
Hi


I must be dumb but when I load my cap file in the tool :
https://hashcat.net/cap2hccapx/
i get a result in a webpage but whre is the actual files.

Alternatively I tried to donwnload the tool locally but I cant get to run it (on macOS) doing this command

./cap2hccapx.bin: cannot execute binary file

Can anyone help ?

mask attack with a max occurrence

August 3, 2017, 7:01 am
$
0
0
I'd like to run a mask attack wherein I know the length of a given password and also that there will be no more than 2 occurrences of a specific charset (i.e. certain symbols). What util or type of attack would help me limit the occurrence symbols in a mask attack? Thanks for any tips.

Pronouncable passwords cracking

August 10, 2017, 6:21 am
$
0
0
I am using apg tool to generate my passwords. Unfortunately I've lost my ethereum password. It was generated this way:
Code:
apg -a 0 -M NCL -m 16
Here is sample output for that configuration:
Dexuxyat8druetVu
fivniHiJottherg5
Mebobthigeovtef0
BovEjFuFritceed7
gavAfdin7Swepsea
Lol9gludCohiczys

Are there any way to recover this password using my mining rig? I have tried this way:
Code:
./hashcat64.bin -m 15700 wallet-known -a 3 -1 ?l?u ?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?d
but got error: Integer overflow detected in keyspace of mask: ?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?d

Founders Edition out of stock

August 10, 2017, 9:13 am
$
0
0
It looks like our procurement  process took so long that founders editions are now out of stock and are unavailable going forward.  We are now looking for recommendations on non-FE cards, specifically the GTX 1080 Ti.   Any insight would be greatly appreciated.

Regards,

clGetEventProfilingInfo(): error on EVGA 1080ti

August 10, 2017, 10:26 am
$
0
0
Has anyone come across the error "clGetEventProfilingInfo(): CL_UNKNOWN_ERROR" on the brand new EVGA GeForce GTX 1080 Ti SC2 HYBRID GAMING, 11G-P4-6598-KR, 11GB GDDR5X, HYBRID & LED board?

I'm running it headless (although lowering the boards priority to 3 or 2 from 4 doesn't help), have installed multiple NVIDIA driver versions on the board, downgraded Hashcat versions to 3.0 from 3.6.0 - without success.  Windows 7 64 bit

I am using it to run 6213 Truecrypt hash.  It won't even get to the computing part and crashes with this error before you get to interactive mode.

My setup works without errors with my EVA gtx970.  When the new board is enabled in pairing, or by itself - I get the same error.  But the board will run benchmarks just fine and renders correctly.  I'm not overclocking it at all.

This is run using the batch file - and no, it also fails in direct mode, very simple stuff - two predefined character sets, and 4 characters total on substitution.  This should run in just a few minutes.  No dictionary either.

I have two batch files and run all sequences of the hash I need.  I have converted the two into the final form at the end.

HASHDO.BAT
call m:\H360\HashdoFile2.bat 6213 filler_enc.bin ?a FILLER_NOFILE_GAN ?1andalf?2?2?2 8_12_3 M:\Work\ Gg

HASHDO2.BAT
m:\h360\hashcat64.exe -a 3 -m %1 %7%2 -1 %8 -2 %3 %5 --session=%4_%1_%6 -p : --force -o "%7Password_%4_%1_%6.txt" --outfile-format=4 --remove -w 4 --gpu-temp-abort=86

CONVERTED LINE:
m:\h360\hashcat64.exe -a 3 -m 6213 m:\work\filler_enc.bin -1 Gg -2 ?a  ?1andalf?2?2?2 --session=FILLER_NOFILE_GAN_6213_8_12_3 -p : --force -o "m:\work\Password_FILLER_NOFILE_GAN_6213_8_12_3.txt" --outfile-format=4 --remove -w 4 --gpu-temp-abort=86


I have run out of ideas.  All system updates are installed.  No virus activity that I can tell - the board sits inactive like it should when not queried.  I could not include the log file or the binary, in .rar or native modes - not sure why.
Viewing all 8191 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>