Scrypt wallet hash

November 28, 2017, 10:16 am

≫ Next: Combinator Attack and unique

≪ Previous: http authentication

$

0

0

Trying to figure out a couple things while working on one of my old wallets.

Its a scrypt wallet, do i use bitcoin2john.py for a $bitcoin hash or do I use the $etherium python script for the hash?

Also, what is outputted? Is it the private key or is it the wallet password?

Sucks staring at all those coins and I can't even remember what the password is.

---

Combinator Attack and unique

November 28, 2017, 12:42 pm

≫ Next: Quad 1080 ti Build | Need Hardware Advice

≪ Previous: Scrypt wallet hash

$

0

0

Hi,
When using Combinator attack (with two wordlists), hashcat does not unique duplicate words.
I think it's useful, but it may exist a reason why developers did not implement that ?
Thanks.

Quad 1080 ti Build | Need Hardware Advice

November 28, 2017, 2:38 pm

≫ Next: [sha256] Hash inside a hash

≪ Previous: Combinator Attack and unique

$

0

0

Hi All-

I'm looking to purchase a new GPU cracker with the following hardware below.  Would love to get some feedback on the build.  I have already procured the 4x1080ti FE graphics cards, so no need to comment how they are very low stock at this point.

• Motherboard: ASUS X99-E WS/USB 3.1 LGA 2011-v3 Intel X99 SATA 6Gb/s USB 3.1 USB 3.0 CEB Intel Motherboard
  
• GPU: 4x EVGA GeForce GTX 1080 Ti FE DirectX 12 11G-P4-6390-KR
  
• CPU: Intel Core i7-6800K Broadwell-E 6-Core 3.4 GHz LGA 2011-v3 140W BX80671I76800K Desktop Processor
  
• Memory: G.SKILL TridentZ Series 64GB (4 x 16GB) 288-Pin DDR4 SDRAM DDR4 3200 (PC4 25600) Intel X99 Platform Desktop Memory Model F4-3200C16Q-64GTZKO
  
• CPU Cooler: New Cooler Master GeminII S524 Ver 2 RR-G5V2-20PK-R1 120mm CPU Fan For Intel
  
• Case: Phanteks Enthoo Pro Series PH-ES614P_BK Black Steel / Plastic ATX Full Tower Computer Case
  
• PSU: Rosewill 1600W Modular Gaming Power Supply, Continuous @ 50 Degree C, 80 PLUS GOLD Certified, SLI & CrossFire Ready – HERCULES-1600S
  
• HDD: SAMSUNG 850 EVO 2.5″ 500GB SATA III 3-D Vertical Internal Solid State Drive (SSD) MZ-75E500B/AM
  

I'm open to all advice, but my primary question is if the LGA 2066 socket motherboards and CPU is something I should be considering at this point?  I'm not sure if the LGA 2066 motherboards offer the PCI-e x16/x16/x16/x16 speed throughput that the ASUS X99 offers and is known for.

[sha256] Hash inside a hash

November 28, 2017, 4:28 pm

≫ Next: [itunes backup 9] Password empty although cracked

≪ Previous: Quad 1080 ti Build | Need Hardware Advice

$

0

0

Hello dear hashcat community, im pretty new to hashing stuff, and even mask generating but, can you guys help me with something?


i know for sure that a sha256 im trying to break is indeed another sha256, so for sure a 64character between 0,9 and a to f.. so i was trying to generate it with maskprocessor but that will take how much of space? haha like 1tera?

is there any way of doing this better? any possible way to make at least "faster" or is this the only way?

any help is appreciated just a small light will also be greatfull 


Thanks in advance, eachzin

[itunes backup 9] Password empty although cracked

November 29, 2017, 6:46 am

≫ Next: Descrypt 8 Char PW

≪ Previous: [sha256] Hash inside a hash

$

0

0

Hey guys,

I've run into a problem:

I've got an itunes backup 9 hash (14700) which I tried to crack.
My first try was to run it against the rockyou list. 1 sek later: Password was cracked.

Now the problem: --show doesn't display any password. It's just empty space. The password isn't " ", and itunes doesn't allow empty passwords.

Any ideas?

Descrypt 8 Char PW

November 29, 2017, 9:09 am

≫ Next: Max Pass Length using Wordlists

≪ Previous: [itunes backup 9] Password empty although cracked

$

0

0

How long would it take to crack an 8 char DESCrypt password composed of ?a?a?a?a?a?a?a?a using a GTX 1060 ?

Max Pass Length using Wordlists

November 29, 2017, 12:21 pm

≫ Next: Cracking TACACS+ with hashcat

≪ Previous: Descrypt 8 Char PW

$

0

0

How do I set the maximum password length to say 16 characters? I'm using attack mode 1, two dictionary files.

I'm using Hashcat 4.0.1.

I checked --help and couldn't find what I'm looking for.

Cracking TACACS+ with hashcat

November 30, 2017, 4:48 am

≫ Next: Adding 4 digit variable number to Name wordlist

≪ Previous: Max Pass Length using Wordlists

$

0

0

The TACACS+ hash-mode was kind of fun to implement, as it's almost as close as being completely broken. However, I wouldn't use it personally as we only need to crack a single raw MD5 to break it.

Additionally there's a good analysis of the protocol security from Solar Designer, you can find it here: http://www.openwall.com/articles/TACACS+...l-Security 

For the rest of this post I will assume that you have understood the basic algorithm used by TACACS+ explained in the link above or the RFC that you can find here: https://tools.ietf.org/html/draft-ietf-opsawg-tacacs-07.

Here's some example hashes from JtR:

Code:

$tacacs-plus$0$6d0e1631$573908bd8ed2c28efaff1bf00d07578a9a$c001
$tacacs-plus$0$6d0e1631$f7711e4b904fc4a4753e923e9bf3d2cc33e9febd3d2db74b9aa6d20462c2072013c77345d7112400d7b915$c002
$tacacs-plus$0$6d0e1631$5361cabdcfaa9e1d1550$c003
$tacacs-plus$0$6d0e1631$d623c7692ca7b12f7ecef113bea72845$c004
$tacacs-plus$0$6d0e1631$8e8a9a886885084924b6$c005
$tacacs-plus$0$6d0e1631$db7c01e77499$c006

The third column is a session id. Since we also know the password (1234) I can use it in combination with the the sequence number in the fifth column to manually decrypt that data. It's important to visualize the plaintext data in order to explain how to crack TACACS+ in hashcat. It's not important how I did that exactly, I only need it for demonstration. Here's some keystreams I manually computed for each sequence:

Code:

563809bc8ed6c78e8e8b62c06c742ee4f9e2aee3482505cceabc608b90bfaea9f9e2aee3482505cceabc608b90bfaea9
f3711e6e904fcef1065be01eda90b1a9409adeeb585fde2df3c5b3700bad692a19920020a57f456db2833571b4a187d4
5364cabdcfcbfa707c3ecc094b283d35a0ab267b702eee9a3c3b90fdcfc57beb619e9073cee1576c4ba6df247296af93
d322c7632ca7e14e0dbd867cccc312659a62dae17678cb348df4f9eab4675eab6680ccda5cf423e403817e9c28dc084f
8e8f9a8868e46c244dd8900600ff4a953712d196f41454a04e1d0ace65caf32c3ff391b99952e1b176daa2e03be6d211
da7c01e7749931d89c47424a85316d296540b62ef082376c6b8d92ff37f249a468882fcbf4b4d843ee17bfc447b14d42

And if I apply these sequences and decrypt them, the output is the following:

1:

Code:

00000000: 0101 0101 0004 0500 7474 7930 6173 796e  ........tty0asyn
00000010: 63                                       c

2:

Code:

00000000: 0400 0025 0000 0a55 7365 7220 4163 6365  ...%...User Acce
00000010: 7373 2056 6572 6966 6963 6174 696f 6e0a  ss Verification.
00000020: 0a55 7365 726e 616d 653a 20              .Username: 

3:

Code:

00000000: 0005 0000 0061 646d 696e                 .....admin

4:

Code:

00000000: 0501 000a 0000 5061 7373 776f 7264 3a20  ......Password: 

5:

Code:

00000000: 0005 0000 0061 646d 696e                 .....admin

6:

Code:

00000000: 0100 0000 0000                           ......

Beside all the protocol insecurities described in Solar Designer analysis (the missing padding problem in this example), how can we crack the TACACS+ password? The problem is that we can't easily crack it, because there's not much of known plaintext data. 

Good thing is: We can attack it even if we only know *some* of the plaintext. But be warned, it's not much. Actually it's only the header (5-8 byte depending on sequence). Since there's multiple variations possible this goes down from 56 bits to 40 bits. We will end up in lots of false positives. However, there's a solution!

The sequence number in the MD5 comes to the rescue. Since this effectively changes the key produced by the MD5 we can compare all the passwords with each other. Very important: A password that is a false positive in sequence 2 will (very very likely) not produce a false positive in sequence 4.

To make use of that, I recommend putting hashcat into --keep-guessing mode for this hash-mode. In a post-process, we can then compare them and if we find one password that matched in all the sequences we can easily filter out the correct one:

Code:

$tacacs-plus$0$6d0e1631$f7711e...400d7b915$c002:I[s)|~#
$tacacs-plus$0$6d0e1631$f7711e...400d7b915$c002:4XdKNPF
$tacacs-plus$0$6d0e1631$f7711e...400d7b915$c002:9bf_6z+
$tacacs-plus$0$6d0e1631$f7711e...400d7b915$c002:1234
$tacacs-plus$0$6d0e1631$d623c7...3bea72845$c004:2u}0K!^
$tacacs-plus$0$6d0e1631$d623c7...3bea72845$c004:ei,}3W#
$tacacs-plus$0$6d0e1631$d623c7...3bea72845$c004:1234
$tacacs-plus$0$6d0e1631$d623c7...3bea72845$c004:i8}42d$

Here's a little perl script to automate that process and to use with your potfile:

Code:

$ perl -ne 'while (<>) { chomp; /(c00\d):(.*)/ or next; $db->{$2}->{$1} = undef; } for $pw (keys %{$db}) { next if scalar keys %{$db->{$pw}} == 1; print "$pw\n" }' < hashcat.potfile

And here it is:

Code:

1234

Finally let me add that you can convert your .cap files to hashcat compatible hashes using the hcxtools from https://github.com/ZerBea/hcxtools/commits/master

---

Adding 4 digit variable number to Name wordlist

November 30, 2017, 12:09 pm

≫ Next: Help with cracking a zip Password

≪ Previous: Cracking TACACS+ with hashcat

$

0

0

I have a wordlist of names and I want to add [4-digit-year] to end of each password using rule or maskprocessor:
abcd [abcd?d?d?d?d] =>abcd1965, abcd2015, abcd1722 ... and so on
I added a rule to the string:

Code:

-r /rules/year.rule

And inside of the rule file I added:

Code:

$?d $?d $?d $?d

but it didn't work! i realized it adds a "?" to the end of names and use "d" to duplicate that [4 times].
the results was like this:
abcd?abcd?abcd?abcd?abcd

please help.

Full string:

Code:

-m2500 -a0 hccapx/wifi_test.hccapx dics/names.lst -r rules/add_year.rule

Help with cracking a zip Password

November 30, 2017, 12:32 pm

≫ Next: Cyrillic --> English transliterated passwords wordlist

≪ Previous: Adding 4 digit variable number to Name wordlist

$

0

0

Hi there,

I'm trying to mess around with hashcat... but i don't really get it

I'm trying a simple example:
I create zip file with a 10 character Password, containing hex and + / -

like f7ab-f1a+4 

Then i extracted the hashes
zip2john test.zip > test.hash

i tried to mess around with the examples from the wiki, but i can't get anything to work...

hashcat64 -a 3 -1 abcdef1234567890+- ?1?1?1?1?1?1?1?1?1?1 test.hash

hashcat (v4.0.1) starting...
* Device #1: WARNING! Kernel exec timeout is not disabled.
             This may cause "CL_OUT_OF_RESOURCES" or related errors.
             To disable the timeout, see: https://hashcat.net/q/timeoutpatch
OpenCL Platform #1: NVIDIA Corporation
======================================
* Device #1: GeForce GTX 1080, 2048/8192 MB allocatable, 20MCU
Hash '?1?1?1?1?1?1?1?1?1?1': Line-length exception
No hashes loaded.
Started: Thu Nov 30 21:30:01 2017
Stopped: Thu Nov 30 21:30:02 2017


Any help would be appreciated

Cyrillic --> English transliterated passwords wordlist

November 30, 2017, 12:43 pm

≫ Next: 4.01 resume after pause don't activate video card cooler to useful speed.

≪ Previous: Help with cracking a zip Password

$

0

0

Hello, hashcat community.
I live in Ukraine and I'm faced with the problem that many WPA passwords in my country are transliterated from Cyrillic to English. I cannot find leaked transliterated Cyrillic passwords to use as a wordlist in hashcat.
If you have such a wordlist or a link, please, share.
Note: this problem is not about UTF-8 hashes. The passwords are still ASCII, they're just made from Russian / Ukrainian words.
Less common case is Russian words, typed in English keyboard ("лопата" -> "kjgfnf", etc.)

4.01 resume after pause don't activate video card cooler to useful speed.

November 30, 2017, 12:48 pm

≫ Next: Using PACK - Interesting Results

≪ Previous: Cyrillic --> English transliterated passwords wordlist

$

0

0

And Hello again, developers!
I ran into one small, not very important, but a bug.
If I put a pause during the job, and then, after some time I resume the job, the cooler of the video card starts to go very slowly to the working speed. The video card overheats and the job stops. If after this job is started again, the brute force continues without problems.
Shortened log attached.
Is it a problem with my hardware or the program?

Code:

Session..........: my4
Status...........: Running
Hash.Type........: descrypt, DES (Unix), Traditional DES
Hash.Target......: dc/MTCjpopPk.
Time.Started.....: Thu Nov 30 22:20:04 2017 (46 secs)
Time.Estimated...: Mon Dec 04 07:58:06 2017 (3 days, 9 hours)
Guess.Mask.......: ?1?2?2?2?2?2?2?3 [8]
Guess.Charset....: -1 ?l?d?u, -2 ?l?d, -3 ?l?d*!$@_, -4 Undefined
Guess.Queue......: 8/8 (100.00%)
Speed.Dev.#1.....: 12734.2 kH/s (34.56ms)
Speed.Dev.#2.....:  4306.0 kH/s (120.93ms)
Speed.Dev.#*.....: 17040.3 kH/s
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 526322259968/5533380698112 (9.51%)
Rejected.........: 0/526322259968 (0.00%)
Restore.Point....: 6547584/68864256 (9.51%)
Candidates.#1....: 1za84sz1 -> ztasgbpi
Candidates.#2....: 54p53lz1 -> Yt3zrrwi
HWMon.Dev.#1.....: Temp: 77c Fan: 79%
HWMon.Dev.#2.....: N/A
[s]tatus [p]ause [b]ypass [c]heckpoint [q]uit =>
Paused

[s]tatus [p]ause [b]ypass [c]heckpoint [q]uit =>
Resumed

Session..........: my4
Status...........: Running
Hash.Type........: descrypt, DES (Unix), Traditional DES
Hash.Target......: dc/MTCjpopPk.
Time.Started.....: Thu Nov 30 22:20:04 2017 (57 mins, 11 secs)
Time.Estimated...: Thu Mar 24 05:34:58 2022 (4 years, 113 days)
Guess.Mask.......: ?1?2?2?2?2?2?2?3 [8]
Guess.Charset....: -1 ?l?d?u, -2 ?l?d, -3 ?l?d*!$@_, -4 Undefined
Guess.Queue......: 8/8 (100.00%)
Speed.Dev.#1.....:    17207 H/s (34.42ms)
Speed.Dev.#2.....:    19604 H/s (118.45ms)
Speed.Dev.#*.....:    36811 H/s
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 526434805760/5533380698112 (9.51%)
Rejected.........: 0/526434805760 (0.00%)
Restore.Point....: 6549440/68864256 (9.51%)
Candidates.#1....: Z2mw1mff -> o4sk4a52
Candidates.#2....: S8tofmff -> coema2ie
HWMon.Dev.#1.....: Temp: 54c Fan: 33%
HWMon.Dev.#2.....: N/A
[s]tatus [p]ause [b]ypass [c]heckpoint [q]uit =>

.....

Session..........: my4
Time.Started.....: Thu Nov 30 22:20:04 2017 (58 mins, 25 secs)
HWMon.Dev.#1.....: Temp: 90c Fan: 33%
HWMon.Dev.#2.....: N/A

Temperature limit on GPU #1 reached, aborting...

Session..........: my4
Status...........: Aborted
Hash.Type........: descrypt, DES (Unix), Traditional DES
Hash.Target......: dc/MTCjpopPk.
Time.Started.....: Thu Nov 30 22:20:04 2017 (58 mins, 27 secs)
Time.Estimated...: Mon Dec 04 06:41:35 2017 (3 days, 7 hours)
Guess.Mask.......: ?1?2?2?2?2?2?2?3 [8]
Guess.Charset....: -1 ?l?d?u, -2 ?l?d, -3 ?l?d*!$@_, -4 Undefined
Guess.Queue......: 8/8 (100.00%)
Speed.Dev.#1.....: 12863.8 kH/s (34.35ms)
Speed.Dev.#2.....:  4651.5 kH/s (111.48ms)
Speed.Dev.#*.....: 17515.3 kH/s
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 527766978560/5533380698112 (9.54%)
Rejected.........: 0/527766978560 (0.00%)
Restore.Point....: 6565184/68864256 (9.53%)
Candidates.#1....: rvg5o9z1 -> Phknywz1
Candidates.#2....: g8q3f5xi -> Xqx65fvo
HWMon.Dev.#1.....: Temp: 91c Fan: 33%
HWMon.Dev.#2.....: N/A

  my4.txt (Size: 7.24 KB / Downloads: 0)

Using PACK - Interesting Results

November 30, 2017, 6:02 pm

≫ Next: Syntax Help

≪ Previous: 4.01 resume after pause don't activate video card cooler to useful speed.

$

0

0

New to using PACK so maybe using it incorrectly.. here's what I'm seeing:

Code:

python policygen.py --minlength=9 --maxlength=9 --mindigit=1 --maxdigit=3 --minspecial=1 --maxspecial=2 --minupper=1 --maxupper=2 --minlower=1 --maxlower=6
                      _
    PolicyGen 0.0.2  | |
     _ __   __ _  ___| | _
    | '_ \ / _` |/ __| |/ /
    | |_) | (_| | (__|   <
    | .__/ \__,_|\___|_|\_\
    | |                    
    |_| iphelix@thesprawl.org


[*]Using 1,000,000,000 keys/sec for calculations.
[*]Password policy:
   Pass Lengths: min:9 max:9
   Min strength: l:1 u:1 d:1 s:1
   Max strength: l:6 u:2 d:None s:2
[*]Generating [compliant] masks.
[*]Generating 9 character password masks.
[*]Total Masks:  262144 Time: >1 year
[*]Policy Masks: 63000 Time: >1 year

Even though I specify maxdigit=3, in the Max Strength section above, it still says d:None

If I do the following:

Code:

python policygen.py --minlength=9 --maxlength=9 --mindigit=1 --maxdigit=8 --minlower=1
                      _
    PolicyGen 0.0.2  | |
     _ __   __ _  ___| | _
    | '_ \ / _` |/ __| |/ /
    | |_) | (_| | (__|   <
    | .__/ \__,_|\___|_|\_\
    | |                    
    |_| iphelix@thesprawl.org


[*]Using 1,000,000,000 keys/sec for calculations.
[*]Password policy:
   Pass Lengths: min:9 max:9
   Min strength: l:1 u:None d:1 s:None
   Max strength: l:None u:None d:None s:None
[*]Generating [compliant] masks.
[*]Generating 9 character password masks.
[*]Total Masks:  262144 Time: >1 year
[*]Policy Masks: 223290 Time: >1 year

No matter what I do with maxdigit, it doesn't get recognized... I was thinking it was cosmetic so I ran the same command but output it to a file, and sure enough there were extra ?d in the mask lists.

Am I using this incorrectly?  I'm trying to create a mask file that has:
exactly 9 length
min 1 special
max 2 special
min 1 upper
max 2 upper
min 1 digit
max 3 digit
min 1 lower
max 6 lower (since 1 upper 1 special 1 digit is min - that would make 9)

Syntax Help

December 1, 2017, 4:11 pm

≫ Next: why does -i paremeter not working while pipe?

≪ Previous: Using PACK - Interesting Results

$

0

0

Hello, I am hoping someone can help as I am stumped.

I am trying to get the password for an old bitcoin wallet, I was able to extract the hash using bitcoin2john.py.  I am now stuck as I do not know what to do next or what I am doing wrong.  The following command throws an error of "hash not loaded":

hashcat -a 0 -m 11300 c:\dat\wallet.dat c:\dat\hash.txt

Hash.txt is the hash that I extracted using bitcoin2john.py and wallet.dat is my wallet.  Any help is appreciated.

why does -i paremeter not working while pipe?

December 2, 2017, 5:27 am

≫ Next: Parsing Hashes: 0/1 (0.00%)...No hashes loaded.

≪ Previous: Syntax Help

$

0

0

why does -i paremeter not working while pipe?
there should be  exist something like MASK:?l?l 1/5 or 2/5 ,but now there isn't
at first glance I think maybe a6 mode, then I tried another a6 attack and -i works fine.
So how can I make -i parameter working in pipe mode?
Atom suggest pipe many times and pipe really run fast,seldom drop speed too much.
Can anyone help? What's wrong in the code as follows with -i parameter? 

c:\hc>hashcat64 -a6 zm.txt ?l?l?l?l?l -i --stdout | hashcat64 -m 2500 -a0 --nonce-error-corrections=0 -w 3 -d 1,2 final26c4.hccapx
hashcat (v4.0.1) starting...
OpenCL Platform #1: NVIDIA Corporation
======================================
* Device #1: GeForce GTX 1060 6GB, 1536/6144 MB allocatable, 10MCU
* Device #2: GeForce GTX 1060 6GB, 1536/6144 MB allocatable, 10MCU
OpenCL Platform #2: Advanced Micro Devices, Inc.
================================================
* Device #3: Spectre, skipped.
* Device #4: AMD A10-7700K Radeon R7, 10 Compute Cores 4C+6G, skipped.
Hashes: 3 digests; 3 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates
Rules: 1
Applicable optimizers:
* Zero-Byte
* Single-Salt
* Slow-Hash-SIMD-LOOP
Password length minimum: 8
Password length maximum: 63
Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 75c
Starting attack in stdin mode...
Session..........: hashcat
Status...........: Running
Hash.Type........: WPA/WPA2
Hash.Target......: final26c4.hccapx
Time.Started.....: Sat Dec 02 20:37:19 2017 (9 secs)
Time.Estimated...: Sat Dec 02 20:37:28 2017 (0 secs)
Guess.Base.......: Pipe
Speed.Dev.#1.....:   174.0 kH/s (50.67ms)
Speed.Dev.#2.....:   170.6 kH/s (50.96ms)
Speed.Dev.#*.....:   345.0 kH/s
Recovered........: 0/3 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 5059830
Rejected.........: 2110710
Restore.Point....: 0
Candidates.#1....: lovewiee -> zhongeldr
Candidates.#2....: zhongwiee -> gunkaimnss
HWMon.Dev.#1.....: Temp: 56c Fan: 33% Util: 93% Core:1885MHz Mem:3802MHz Bus:16
HWMon.Dev.#2.....: Temp: 61c Fan: 52% Util: 78% Core:1873MHz Mem:3802MHz Bus:4

And here I tried another a6 attack and -i works fine.
c:\hc>hashcat64 -a6 -m 2500 --nonce-error-corrections=0 -w 3 -d 1,2 --session=final26c4 final26c4.hccapx sj.txt ?l?l -i
hashcat (v4.0.1) starting...
OpenCL Platform #1: NVIDIA Corporation
======================================
* Device #1: GeForce GTX 1060 6GB, 1536/6144 MB allocatable, 10MCU
* Device #2: GeForce GTX 1060 6GB, 1536/6144 MB allocatable, 10MCU
OpenCL Platform #2: Advanced Micro Devices, Inc.
================================================
* Device #3: Spectre, skipped.
* Device #4: AMD A10-7700K Radeon R7, 10 Compute Cores 4C+6G, skipped.
Hashes: 3 digests; 3 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates
Applicable optimizers:
* Zero-Byte
* Single-Salt
* Slow-Hash-SIMD-LOOP
Password length minimum: 8
Password length maximum: 63
Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 75c
Dictionary cache built:
* Filename..: sj.txt
* Passwords.: 6120000
* Bytes.....: 79560000
* Keyspace..: 159120000
* Runtime...: 1 sec
[s]tatus [p]ause [r]esume [b]ypass [c]heckpoint [q]uit =>
Session..........: final26c4
Status...........: Running
Hash.Type........: WPA/WPA2
Hash.Target......: final26c4.hccapx
Time.Started.....: Sat Dec 02 20:51:45 2017 (1 sec)
Time.Estimated...: Sat Dec 02 20:58:40 2017 (6 mins, 54 secs)
Guess.Base.......: File (sj.txt), Left Side
Guess.Mod........: Mask (?l) [1], Right Side
Guess.Queue.Base.: 1/1 (100.00%)
Guess.Queue.Mod..: 1/2 (50.00%)

---

Parsing Hashes: 0/1 (0.00%)...No hashes loaded.

December 2, 2017, 7:06 pm

≫ Next: merge dictionary or not?

≪ Previous: why does -i paremeter not working while pipe?

$

0

0

Hi, 
similar to a couple other threads, I can't actually see the error message because the hash takes up the whole space then cuts off. The hash file itself is unicode and seems to be complete AFAICT (it has all the $ delineated fields and they look proper. No dangling white space either. The other threads lead me to believe this problem was fixed as of 3.4 but I confirmed I am on the latest release.

Thanks for any help or ideas.

Cheers

merge dictionary or not?

December 2, 2017, 9:56 pm

≫ Next: No hashes loaded, line length exception?

≪ Previous: Parsing Hashes: 0/1 (0.00%)...No hashes loaded.

$

0

0

hi,
thank to the hashcat team for your beautiful app.
my question is: to have better performance we should merge dictionarys or not?
according to mask file, when i use 10 mask in mask file we get better performance (faster) instead of use 10 mask attack in same hardware. i think initialize time is reason of this.
now for dictionary attack what we should do? for example we have 3 dictionary. is it better to merge them? and why?


have a good time...

No hashes loaded, line length exception?

December 2, 2017, 11:52 pm

≫ Next: HD7970 really slow?

≪ Previous: merge dictionary or not?

$

0

0

Used 7z2hashcat, then loaded up hashcat and:
Hashfile 'hashuni.txt' on line 1 (▒▒$): Line-length exception

Parsing Hashes: 0/1 (0.00%)...No hashes loaded

In unicode save format.

Saved in UTF8 in case it was an encoding problem and it just overruns the text area and returns no hashes loaded without me being able to see the error message.

any ideas? The hash looks well formatted AFAICT. The only suspcious thing is the - in the header:
$7z$1$19$0$$8$b9bbba35e180b4e30000000000000000$-914293439$

Also the encrypted data following the header is very long, thousands of characters. Judging from the example hashes page this might not be right? It is just the output from 7z2hashcat, could the error be in that step? Could the original file be corrupted?

I also see on 7z2hashcat
1 means that the data must be decompressed using the LZMA1 decompressor
is there an additional intermediate step I am missing?

However I saw this:
"In addition to some bug fixes, they now also support decompressing LZMA1/LZMA data streams. The header decompression problem in 7z2hashcat.pl seems to be fixed too. Currently there are no further known problems" from the 7z2hashcat thread so I'm thinking it must be something else.

any help or thoughts much appreciated.

Cheers

HD7970 really slow?

December 3, 2017, 7:51 am

≫ Next: Does generate-rules.exe not have a help?

≪ Previous: No hashes loaded, line length exception?

$

0

0

hi, i have been playing wwith this, and i notice my HD7970 is always so slow hashing...
right now it hashes around 56H/s.....even my cpu core-i5 hashes higher than 1000H/s...
been trying different drivers to no avail...

i'm on windows 7 and tried:
non-whql-win7-64bit-radeon-software-crimson-16.11.5-nov25.exe

non-whql-win7-64bit-radeon-software-crimson-relive-17.11.4-nov27.exe

both say when starting i have the wrong driver...

requirements supposedly are:
AMD GPUs on Windows require "AMD Radeon Software Crimson Edition" (15.12 or later)

so, do i need to go back all the way to 15.12?

thanks

Does generate-rules.exe not have a help?

December 3, 2017, 10:24 pm

≫ Next: Password list

≪ Previous: HD7970 really slow?

$

0

0

c:\hcu\bin>generate-rules.exe -h
invalid rule count
c:\hcu\bin>generate-rules.exe -help
invalid rule count
c:\hcu\bin>generate-rules.exe /?
invalid rule count
c:\hcu\bin>generate-rules.exe /h
invalid rule count
c:\hcu\bin>generate-rules.exe /help
invalid rule count
c:\hcu\bin>generate-rules.exe --h
invalid rule count
c:\hcu\bin>generate-rules.exe --help
invalid rule count
c:\hcu\bin>generate-rules.exe
usage: generate-rules.exe number [seed]