Looking for a Pascal-based Tesla Benchmark

October 10, 2017, 3:47 am

≫ Next: dash/darkcoin

≪ Previous: network cluster cracking

$

0

0

Does anyone out there have benchmark speeds for a NVIDIA P40 or another Pascal-based Tesla card?

Latest Tesla benchmarks I could find on here were for Kepler-based cards.

Yes, I know the Teslas aren't the right card for cracking. Need numbers to convince some managers that getting a Tesla-based box from one of the big name OEM vendors isn't the best use of money...

---

dash/darkcoin

October 10, 2017, 5:40 am

≫ Next: PRINCE processor weights to wordlists

≪ Previous: Looking for a Pascal-based Tesla Benchmark

$

0

0

I found an old dash / darkcoin wallet. Does hashcat support dash wallets? If so, how do I pull the hash from it? Or can I just point hashcat at the wallet?

PRINCE processor weights to wordlists

October 10, 2017, 7:51 am

≫ Next: Converting cRARk PCL RAR dictionary attack to hashcat-speciffic

≪ Previous: dash/darkcoin

$

0

0

Hi,

Is it possible to assign weights to specific wordlists when using PRINCE processor?

For example combining a targeted wordlist with rockyou. 

Anything better than duplicating the targeted list several times?


Regards,
Sjohnny

Converting cRARk PCL RAR dictionary attack to hashcat-speciffic

October 12, 2017, 2:28 pm

≫ Next: new upcoming GTX cards

≪ Previous: PRINCE processor weights to wordlists

$

0

0

Hello, I would like to recover password to my RAR archive knowing the following info:

• It was composed using the following "words": 9, 10, Pat, Kin and the "-" character.
  
• None of the words are repeated (except "-" character) e.g. AndAnd, 99, 1010)
  
• I don't have info how many times they were used and in which configuration.
  

Till now, I've used cRARk program which uses PCL library. Contents of password.def:

Code:

$u = "my.dic"
##
$u$u$u$u$u$u$u$u$u
$u$u$u$u$u$u$u$u$u$u
$u$u$u$u$u$u$u$u$u$u$u
$u$u$u$u$u$u$u$u$u$u$u$u
$u$u$u$u$u$u$u$u$u$u$u$u$u
$u$u$u$u$u$u$u$u$u$u$u$u$u$u
$u$u$u$u$u$u$u$u$u$u$u$u$u$u$u

Contents of my.dic:

Code:

9
-
10
Pat
Kin

Which commandline parameters or script / template would you propose to be optimized as most as possible?

I've figured the following but I don't know what to do next:

Code:

hashcat64 -d 1 -w 2 -a 0 -m 12500 $RAR3$*0*xxxxxxxxxxxxxxxx*xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx my.dic

Thanks in advance for answering.

new upcoming GTX cards

October 13, 2017, 4:53 am

≫ Next: What to look when buy a computer for HASHCAT

≪ Previous: Converting cRARk PCL RAR dictionary attack to hashcat-speciffic

$

0

0

Hi folks, would like to listen your advices on upcoming new gforce gtx cards. What should we expect from GTX 1070ti? Is it worth to get it after its release, or wait for next year, for nvidia volta cards?

What to look when buy a computer for HASHCAT

October 13, 2017, 4:59 pm

≫ Next: i want to get mail:pass

≪ Previous: new upcoming GTX cards

$

0

0

What i should look up, i am going to start in a job for 1 year to know, in some month ill have a available budget off 4500/5000$ for sure i dont want to spend everything but i can. I will use the computer for mostly everything, editing/gaming and more things. But i want to put like main goal to achieve a nice score in hashcat pw/s for decrypting at nice performance, so i have not to pay montly a Dedicated server like now.



Thanks

i want to get mail:pass

October 14, 2017, 2:59 pm

≫ Next: Keep hitting GPU threshold.

≪ Previous: What to look when buy a computer for HASHCAT

$

0

0

Hi, i have the mail:hash
i use 

Code:

hashcat64.exe -a 3 -m 0 --username hash.txt

in the hashcat.potfile i get this pass, and i want to get the mail:pass. What I should do?
sorry my bad english.

Keep hitting GPU threshold.

October 16, 2017, 9:54 am

≫ Next: cores or flops

≪ Previous: i want to get mail:pass

$

0

0

So when running certain hash-types, i'm frequently hitting "GPU threshold" of around 83c with my GTX 1080ti.


Also to note, it pretty much only happens when using Rules.

Build:
Case   - NZXT S340
GPU1  - GTX 1080
GPU2  - GTX 1080ti
PSU    - 750W

I suppose I could increase temp limit in afterburner or something, but surely this temp is a little too high?

Anything I can do to lower temps?

Update:
GPUs are not FE, GPUs are in Slot 1 + Slot 2 in my motherboard. Would seperating them in Slot 1 + Slot 3 make a difference?
My GTX 1080ti model - https://i.imgur.com/nV3O2Zi.png

---

cores or flops

October 17, 2017, 9:54 am

≫ Next: No idea how to succeed cracking hashes

≪ Previous: Keep hitting GPU threshold.

$

0

0

i have a gtx 960 and i am in the market to upgrade but seeing how much even used cards  on ebay are going for i was wondering is it the core count or the flops that i should be looking for?

right now all i can afford is a gtx 970 at $180 and it being double the flops of the 960 should i be looking for the flops rather than cores?

No idea how to succeed cracking hashes

October 19, 2017, 5:16 am

≫ Next: do hashcat-utils use the gpu's?

≪ Previous: cores or flops

$

0

0

Greetings!
I'm new here, but I've used hashcat before.

My problem, which is giving me a huge headache, is that I can't succesfully crack anything!
I'm here to ask for help and advices.

So far, my use of hashcat has been with wordlists, straight attacks, but as you can imagine, I found nothing.
I would love to crack some hashes, but I don't know how to move. Can you please help me, telling how do you do it?

For example, how can you crack an MD5? I am 100% sure you use a rule or something like that, but I have no idea. Also, my wordlists are big (>5Gb), so I think they are pretty useless if I'm not sure the password is inside that file.

Another example, how to crack a wpa2? Usually, I search for the router name, find some passwords and make a mask on that. But what if that has been changed? how can I crack it?

Hope you can help me, because I'm lost.

do hashcat-utils use the gpu's?

October 19, 2017, 12:36 pm

≫ Next: IOS 10 OpenCL kernel self-test failed

≪ Previous: No idea how to succeed cracking hashes

$

0

0

Hi there - I've been tinkering with hashcat for a few weeks now.  I'm interested in using the combinator3 function within the hashcat-utils package.  I was able to get it to work, but it is incredibly slow.  Something tells me it is not using the GPUs.

I decided to pivot back to the normal hashcat tool and performed the combinator attack using just 2 out of the 3 files.  This works, but I would also like to receive an output of the password candidates and that isn't going very well.

so, 2 questions:
1. Is there a way to ensure the combinator3 is using the gpus i have on-board...?

2. how do i get hashcat to output the pw candidates to a text file?  

Thanks!

IOS 10 OpenCL kernel self-test failed

October 20, 2017, 1:54 am

≫ Next: MD5 hash seed? Find the hash that hashes to this

≪ Previous: do hashcat-utils use the gpu's?

$

0

0

When trying to -a 3 ?d?d?d?d attack on IOS 10 hash


./hashcat Manifest.5.txt -m 14800 -a 3 ?d?d?d?d


Getting 

Initialized device kernels and memory...* Device #2: ATTENTION! OpenCL kernel self-test failed.

when trying switch -O 

Optimized OpenCL kernel not found, falling back to pure OpenCL kernel

Tried steps as: 

make clean

make

just FYI: cracking an IOS 9 hash works and I dont get the kernel self test failure


./hashcat --benchmark is running well 

Any ideas?

MD5 hash seed? Find the hash that hashes to this

October 20, 2017, 4:52 pm

≫ Next: [OT] ROCA cracking on GPU

≪ Previous: IOS 10 OpenCL kernel self-test failed

$

0

0

Hi Guys,

This is my first post so hello to everyone.

I'm new to hashing and working on assignment. 

Quote:You've registered as user 'nOOB’ and have been given the hash chain seed <here is the hash1>

The given hash is MD5 and crack to inverted case of the username -> Noob 

Quote:Use the given information to figure out how to authenticate as the user 'ECSC' for the given challenge hash <here is the hash2> 
i.e. Find the hash that hashes to this - This hash will be your solution.

Knowing that the case is flipped echo -n ecsc | md5sum should give me my new seed.

seed = MD5(ecsc)
hash_0 = H(seed)
hash_1 = H(hash_0)
hash_2 = H(hash_1)
...
hash_n = H(hash_n-1)

How do I run hash chain to confirm that this is correct seed? Is there any other approach I could take?

[OT] ROCA cracking on GPU

October 20, 2017, 4:52 pm

≫ Next: Help with Win Zip / Zip2 Hash from zip2john

≪ Previous: MD5 hash seed? Find the hash that hashes to this

$

0

0

I have a question that is off-topic from hashcat, so i won't be offended if the gods of mod decide to nuke it or something, but i figured I'd give it a shot as some people here might have thoughts.

The recently announced ROCA vulnerability enables cracking of RSA keys generated by the affected Infineon TPMs. As part of the announcement, they mentioned the factorization can be readily parallelized, and they further outlined the following rough attack costs:

Quote:The time complexity and cost for the selected key lengths (Intel E5-2650 v3@3GHz Q2/2014):

• 512 bit RSA keys - 2 CPU hours (the cost of $0.06);
  
• 1024 bit RSA keys – 97 CPU days (the cost of $40-$80);
  
• 2048 bit RSA keys – 140.8 CPU years, (the cost of $20,000 - $40,000).
  

I will first admit that i haven't looked at the technical details of this at all yet, I am actually not even sure if they have released the full attack details yet or if that's not going to hit until they give their talk on Nov 2. My completely uninformed guess is that the attack is going to amount to normal RSA factorization but where you don't have to try nearly as many possibilities as you should because of constraints in how the primes are generated.

So, with those caveats appropriately caveated, does anyone have a sense of whether the type of work that must be done to crack these keys is suited to GPUs? I know that both CADO-NFS and msieve have some amount of GPU support but i'm not really sure what kind of performance differences they really yield.

Ultimately i'd really like to see if cost/time to factor 2048 keys can be brought down to more readily achievable levels.

Help with Win Zip / Zip2 Hash from zip2john

October 21, 2017, 8:44 am

≫ Next: Exhausted after skipping right password?

≪ Previous: [OT] ROCA cracking on GPU

$

0

0

Hello;

I am trying to recover a password from a zip file and have had issues getting hashcat to accept the zip file hash.  I created the has using zip2john and jtr ids the hash as: ZIP, WINZIP, PBKDF2-SHA1 4x SSE2.  

If I try and use: 
hashcat -m 13600 -a 3 -o answer.txt -d 2 myhash.hash I get the error:

Hashfile on line 1 () Salt-value exception
No Hashes loaded

The has file itself looks like this:

[redacted]

Raw output from zip2john at the terminal gives this:

[code][redacted]

[redacted]

If I use the full output from the terminal of zip2john then Hashcat complains of Signature unmatched - no hashes loaded.

[color=#000000][size=small]Any help would be well received.  JTR is much slower than using my GPU/hashcat 

---

Exhausted after skipping right password?

October 21, 2017, 9:53 am

≫ Next: hashcat keeps ending with "killed"

≪ Previous: Help with Win Zip / Zip2 Hash from zip2john

$

0

0

I have two similar runs for password 123456. In first run I use mask 1234?d?d, and in second run I use 123?d?d?d. First run succeeds and second one ends up in exhausted state. Why?

Code:

D:\Desktop\hashcat-3.6.0>hashcat64 -a 3 -m 1800 $6$ztgjNeRR$ibhPsLvMsFwAORrH9rp8Kqoh9XBFm6CQJzO/olwixugkPXJv6fd4u7a5UxRTjUjQYwhPS5jGXPJ0mL/6SMGRI1 1234?d?d
hashcat (v3.6.0) starting...

* Device #1: WARNING! Kernel exec timeout is not disabled.
            This may cause "CL_OUT_OF_RESOURCES" or related errors.
            To disable the timeout, see: https://hashcat.net/q/timeoutpatch
OpenCL Platform #1: NVIDIA Corporation
======================================
* Device #1: GeForce GTX 1070, 2048/8192 MB allocatable, 15MCU

Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates

Applicable optimizers:
* Zero-Byte
* Single-Hash
* Single-Salt
* Brute-Force
* Uses-64-Bit

Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 75c

The wordlist or mask that you are using is too small.
This means that hashcat cannot use the full parallel power of your device(s).
Unless you supply more work, your cracking speed will drop.
For tips on supplying more work, see: https://hashcat.net/faq/morework

Approaching final keyspace - workload adjusted.

$6$ztgjNeRR$ibhPsLvMsFwAORrH9rp8Kqoh9XBFm6CQJzO/olwixugkPXJv6fd4u7a5UxRTjUjQYwhPS5jGXPJ0mL/6SMGRI1:123456

Session..........: hashcat
Status...........: Cracked
Hash.Type........: sha512crypt $6$, SHA512 (Unix)
Hash.Target......: $6$ztgjNeRR$ibhPsLvMsFwAORrH9rp8Kqoh9XBFm6CQJzO/olw...SMGRI1
Time.Started.....: Sat Oct 21 19:11:50 2017 (0 secs)
Time.Estimated...: Sat Oct 21 19:11:50 2017 (0 secs)
Guess.Mask.......: 1234?d?d [6]
Guess.Queue......: 1/1 (100.00%)
Speed.Dev.#1.....:        0 H/s (0.24ms)
Recovered........: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts
Progress.........: 100/100 (100.00%)
Rejected.........: 0/100 (0.00%)
Restore.Point....: 0/100 (0.00%)
Candidates.#1....: 123456 -> 123493
HWMon.Dev.#1.....: Temp: 49c Fan:  0% Util: 98% Core:2037MHz Mem:3802MHz Bus:16

Started: Sat Oct 21 19:11:46 2017
Stopped: Sat Oct 21 19:11:51 2017

D:\Desktop\hashcat-3.6.0>hashcat64 -a 3 -m 1800 $6$ztgjNeRR$ibhPsLvMsFwAORrH9rp8Kqoh9XBFm6CQJzO/olwixugkPXJv6fd4u7a5UxRTjUjQYwhPS5jGXPJ0mL/6SMGRI1 123?d?d?d
hashcat (v3.6.0) starting...

* Device #1: WARNING! Kernel exec timeout is not disabled.
            This may cause "CL_OUT_OF_RESOURCES" or related errors.
            To disable the timeout, see: https://hashcat.net/q/timeoutpatch
OpenCL Platform #1: NVIDIA Corporation
======================================
* Device #1: GeForce GTX 1070, 2048/8192 MB allocatable, 15MCU

Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates

Applicable optimizers:
* Zero-Byte
* Single-Hash
* Single-Salt
* Brute-Force
* Uses-64-Bit

Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 75c

The wordlist or mask that you are using is too small.
This means that hashcat cannot use the full parallel power of your device(s).
Unless you supply more work, your cracking speed will drop.
For tips on supplying more work, see: https://hashcat.net/faq/morework

Approaching final keyspace - workload adjusted.

Session..........: hashcat
Status...........: Exhausted
Hash.Type........: sha512crypt $6$, SHA512 (Unix)
Hash.Target......: $6$ztgjNeRR$ibhPsLvMsFwAORrH9rp8Kqoh9XBFm6CQJzO/olw...SMGRI1
Time.Started.....: Sat Oct 21 19:12:04 2017 (0 secs)
Time.Estimated...: Sat Oct 21 19:12:04 2017 (0 secs)
Guess.Mask.......: 123?d?d?d [6]
Guess.Queue......: 1/1 (100.00%)
Speed.Dev.#1.....:    16789 H/s (10208606442408.98ms)
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 1000/1000 (100.00%)
Rejected.........: 0/1000 (0.00%)
Restore.Point....: 1000/1000 (100.00%)
Candidates.#1....: 123456 -> 123939
HWMon.Dev.#1.....: Temp: 51c Fan:  0% Util: 98% Core:2037MHz Mem:3802MHz Bus:16

Started: Sat Oct 21 19:12:00 2017
Stopped: Sat Oct 21 19:12:04 2017

hashcat keeps ending with "killed"

October 22, 2017, 7:01 am

≫ Next: Range for the mask

≪ Previous: Exhausted after skipping right password?

$

0

0

Hello!

Firstly, I saw the thread: https://hashcat.net/forum/thread-4642.html , where the conclusion was that OP ran out of memory. Hope it's not a duplicate, if it is, I'm sorry in forward!
I use hashcat v3.60 on a GTX 980 rig, with newest nvidia driver, on a Ubuntu machine. It worked flawlessly for years, with different hashes and modes.
Now I tried a RAR3 type hash (-m 12500), which I got with rar2john from the rar file, edited a little, so it won't cause line length exception.
Now I tried it with different modes, but always ends with "Killed" error.
Previous thread concluded it was because of insufficient memory, but he tried loading thousands of hashes, while I only worked with one (also he used much older version of hashcat).
I have 2 gigs of memory (I know it is not much), and it always was sufficient for my cracking rig.
Is it possible, that there is another cause for the error?
I know upgrading RAM isn't a big deal nowadays, but our rig is stored remotely, so reaching it and upgrading takes quite some effort, that's why I wanted to ask here before!

Thanks in forward!

Range for the mask

October 23, 2017, 3:50 am

≫ Next: brute forcing sha256 - need help locating salt in open source code

≪ Previous: hashcat keeps ending with "killed"

$

0

0

There is an example of the password that the system creates

password|21|6|8|3|19|17|5|15|3|8|5|6|30|19|0|29|29|18|30|30|1|1|28|15|27|22|24|1|2|17|30|2017

hash md5: 38258CF3CCA96640A92B3DB1849B3F25

My need to make a mask from 0 to 30.
Tell me how you can do this mask.
Adding ?D is not an option, since it will be 99 values instead of 30

Please help implement this.

brute forcing sha256 - need help locating salt in open source code

October 23, 2017, 4:02 am

≫ Next: Fingerprinting attack

≪ Previous: Range for the mask

$

0

0

Hi respected Hashcat members,

Yep it's another new guy who needs some help. Hi! 

I have familiarized myself with hashcat enough to run some brute force attempts on a SHA256 hash and successfully tested it.

My issue is with a crypto wallet of mine, NEO in particular. Due to some rather uninformative instructions on their website and also a bad decision of mine to make a new variation of my my password. Yes short story is I locked myself out without backing up private key.

Please hear me out as I have been working hard to try and do this myself and I thought I was on my way (i still have my modest 2x1070 rig having an attempt at a 3 day custom charset and mask brute force on my wallets password hash)

Using SQLite Db reader to open my wallet's .db3 file I found the stored passwordHash along with 2 other fields called IV and MasterKey (not sure how these other 2 come in to play) - So, bingo! i thought I found it and started my current bruteforce attempt.

I had an idea to create a new wallet file with a super simple 4 letter password - I explored this wallet db3 file, got the stored password hash and copied/pasted that into (a backup copy) of my own wallet file. Amazingly when saving it this actually worked and I was able to open my wallet through the provided neo-gui. Of course that is about all I can do though as this would be an absolutely major fault in their (NEO's) product security. No transferring my balance to a new wallet. (so close yet so far)

Having access to the features in the wallet gui i decided to run the Change Password tool. This too worked but when i checked the stored PasswordHash compared to a plain SHA256 encryption of the same password they were indeed different (salted is my guess).

So you may be asking what do I need help with ? Well the code for the wallet is open source on github and after contacting neo with no response I needed to discuss with some experts elsewhere. 

Is it possible for some one on these forums to look at or assist me with the code on github and determine the hashing process for the stored passwords, im sure there is a salt used. If i can just get the salt then i can add that to my brute force attempts yeah ?

If this Forum is not the right place for this I do apologize and if someone could then contact me on email separately who may be able to help.

The github is https://github.com/neo-project/neo-gui/t...er/neo-gui (or just in case i can not yet post links its available on the neo site through the download page link)

Fingerprinting attack

October 23, 2017, 8:19 am

≫ Next: Hashcat and itunes backup 10+ (-m 14800) vs itunes backup recover tools

≪ Previous: brute forcing sha256 - need help locating salt in open source code

$

0

0

Hi guys,nowadays I'm really hearing about this fingerprinting attack-can anybody tell me what it means?.I've tried searching the web but none of the articles contain a good explanation.Does this attack has something to do with the bio-metric security?.A good explanation will be deeply appreciated:-)