Identifying 53-char hash type

February 21, 2018, 11:40 am

≫ Next: Mask + Brute Force with repeated password

≪ Previous: [HOW TO] Install Hashcat on a VPS

Found inside a black box PHP application.

All 53 chars long, for instance:

cyzWXwHXZBPnxtBalFpQiOsBvZ5kmQpWRmW.qhJt17Mayni4Wg7L*

E/ZxRp0egk16mlvLhU6TEeiBHUy7QlEKoqQOpjNvvqWr45MerYg1*

iXlNxNCHec675fIGhjPFI.POsPAeolTJgk9ghLjwKfv2G9OUc1sg*

jXP1jyPbDrmxR7ZLSaXFKuUO6b.9ES/R/tLX0RuAat7PAM7zPvCk*

M69s5pnKcNqMwlp36sr6Nezpyz7nq6MWFwL.rhO0Q6xuG9bu/DlL*

MDkZlWL7XbN3yrMjQuA3zuyTPM0d33BRzfVOEcDSubp1rUfGYwMD*

nNWHeqpUgdNr8y6ezjSX2eqULpC4lqEpqnagJ1k/LdLLJ3FHSyk.*

wAnIPQvRC7sjcy9E8voeJOMaUM3ugxqz1mWwTL6giK3VAdKhdXr.*

ytBIDIr3Mvwc2iMKToh2uuPMbYQE5tPZzUt4c9ewFHrDARDLEXK0*

zB5z1wpD37B/4RWaUC//SuFAZJhjGU.b75eJyDo6QZ45oUcpepIx*

I realize it's a long shot seeing as how it could be anything at all but maybe someone stumbled across something similiar.

Due to board rules about not posting actual hashes, last characters replaced with an asterisk.

Thanks!

↧

Mask + Brute Force with repeated password

February 21, 2018, 3:10 pm

≫ Next: Hashed password list

≪ Previous: Identifying 53-char hash type

Hey everyone,

New to the forums here, and have found a bunch of great information so far! I am just getting familiar with using masks and customs rules, and haven't been able to find an exact answer to my question:

I know the beginning and end of my password, but want to brute force the middle portion. However for every brute force guess, I want to duplicate the characters in the middle because I know I repeated my "subpassword" twice. For example:

[know this part of the password] + bruteforce + bruteforce + [know this part of the password]

I would like to increment up to a character length of 8 (for a total of 16 in the "subpassword")

so one guess might be: [known] + pass123pass123 + [known]

Thanks in advance for any help, and hopefully this makes sense!

↧

Hashed password list

February 21, 2018, 3:30 pm

≫ Next: v4.1.0 relative current working directory

≪ Previous: Mask + Brute Force with repeated password

Troy Hunt has published a list of 500M passwords hashed with SHA-1. He says they're available elsewhere in raw form, but if you can't find them (I haven't looked) or want some fun, give it a go. The list comes from a source of about 6B passwords, and also includes frequencies.

Download.

You want the v2. Torrent if possible or it'll cost him lots of money.

His [/url][url=https://www.troyhunt.com/ive-just-launched-pwned-passwords-version-2/]Blog post.

↧

v4.1.0 relative current working directory

February 22, 2018, 12:14 am

≫ Next: Linux GPU accelerated cracking

≪ Previous: Hashed password list

Small issue with this new version, I think it's coming with this fix :

Quote:- Files: Switched back to relative current working directory on windows to work around problems with Unicode characters

I put hashcat directory in env path to get hashcat64.exe working from eveywhere. Worked well with old version.
But now I have :

Quote:./hashcat.hctune: No such file or directory

Indeed this file does not exist from where I call hashcat.
How to fix that ?
Thank you.

↧

Linux GPU accelerated cracking

February 22, 2018, 4:53 am

≫ Next: Wpa/Wpa2 dictionary attack is very slow after the latest update

≪ Previous: v4.1.0 relative current working directory

Could anyone point me to a distribution of linux where it would be easiest to setup an AMD Radeon 7970 GPU for parallel computing? I've had a very hard time getting this going. I am able to use my cpu currently and I've gotten pretty far into making my gpu work on The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) but not quite there. If someone could point me to the best option, and maybe an existing tutorial that they know works, I would be really grateful. Thank you for your time!

↧

Wpa/Wpa2 dictionary attack is very slow after the latest update

February 22, 2018, 10:59 am

≫ Next: invalid argument hashcat 4.1.0 --gpu-temp-retain=

≪ Previous: Linux GPU accelerated cracking

after the latest updates (current version: 4.0.1) I saw that the brute force speed is slower than before...

Example....
I use hash cat utils to convert .cap to hccpax and devices available are the following:

OpenCL Platform #1: Apple
=========================
* Device #1: Intel(R) Core(TM) i7-3635QM CPU @ 2.40GHz, skipped.
* Device #2: HD Graphics 4000, 384/1536 MB allocatable, 16MCU
* Device #3: GeForce GT 650M, 256/1024 MB allocatable, 2MCU

Now... the devices speeds are very lower than before, example:

now:

Speed.Dev.#2.....: 2345 H/s (5.11ms)
Speed.Dev.#3.....: 4944 H/s (5.10ms)
Speed.Dev.#*.....: 7286 H/s

but before the update (to 4.0.1) speed was about (I don't remember precisely):

Speed.Dev.#1.....: 3500 H/s
Speed.Dev.#2.....: 5800 H/s
Speed.Dev.#3.....: 16890 H/s

The time for a dictionary attack or brute force was increased so much.
Why now Is slower than before for no apparently reasons?
How can I resolve?

Thank you

↧

invalid argument hashcat 4.1.0 --gpu-temp-retain=

February 24, 2018, 10:06 am

≫ Next: Need help buying a rig, and not GPU based

≪ Previous: Wpa/Wpa2 dictionary attack is very slow after the latest update

Hi,

The argument "--gpu-temp-retain" isn't accepted on the new hashcat 4.1.0.
(note : "--gpu-temp-abort" gives no problem.

In the error message there seemes to be a space before 'gpu' which isn't in my original command.
erro : "invalid argument : -- gpu-temp-retain"

thanks

tibit

↧

Need help buying a rig, and not GPU based

February 24, 2018, 5:32 pm

≫ Next: How do I extract the hashes from a file encrypted with PBKDF2-HMAC-SHA-1?

≪ Previous: invalid argument hashcat 4.1.0 --gpu-temp-retain=

Hey team, so my main goal is to have hashcat and john crack passwords as fast as possible, but i'm not brute forcing. most the passwords i will attempt are 16 characters, but doubled. so i need to run a stdout of 8 characters, or so, and insert rules to those. I can't seem to get massive increases with a GPU over cpu on this method.

Does anyone know the best rig for rules mixed with combinator etc... would a 32 core cpu setup outperform a gpu on this? Most the rules i use will require john to perform the final hashing, and i know this ISN'T john's forums, but i know you guys are experts.

Also note money is not a problem (but want to be smart). I was thinking an i9 7960x or a dual Xeon e5-something

Any tips are much appreciated.

↧

How do I extract the hashes from a file encrypted with PBKDF2-HMAC-SHA-1?

February 25, 2018, 1:58 pm

≫ Next: My practice attempt to decrypt a SHA-256 hash of an IP address

≪ Previous: Need help buying a rig, and not GPU based

Hello. I can't seem to extract the needed hash code from a file encrypted with PBKDF2-HMAC-SHA-1 that is needed for Hashcat. Does anyone have any suggestions? Much appreciated.

↧

My practice attempt to decrypt a SHA-256 hash of an IP address

February 25, 2018, 4:01 pm

≫ Next: is hashcat still support VCL?

≪ Previous: How do I extract the hashes from a file encrypted with PBKDF2-HMAC-SHA-1?

My practice attempt to decrypt a SHA-256 hash of an IP address. Has anyone here tried this?

https://github.com/djangofan/hashcat-crack-ip

I generated the SHA-256 hashed IP from this website:  https://passwordsgenerator.net/sha256-hash-generator/

I made 2 scripts (in the above Github repo):
1. crackit.sh :  -a 1 left right
2. crackitBruteForce.sh :  -a 3 ?d?d?d.?d?d?d.?d?d?d.?d?d?d

Am I doing this right? The process only seems to be using 1 CPU on the brute force attack. How do I get it to consume more CPU cores?

-Jon

↧

is hashcat still support VCL?

February 26, 2018, 8:16 pm

≫ Next: Problem with Device #1? shuts down process

≪ Previous: My practice attempt to decrypt a SHA-256 hash of an IP address

Dear All,

Is hashcat still support VCL? and is intel GPU support also?

Thanks a lot!

↧

Problem with Device #1? shuts down process

February 27, 2018, 1:47 am

≫ Next: Sorry but: TrueCrypt USB-Drive

≪ Previous: is hashcat still support VCL?

I am new to hashcat, For the past 2 days I have been trying to crack my wpa2 hash but fail to do so because of "Device #1" It seems to be my Intel i3 Core Processor? I am not sure. any help would be great. I am using The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) Linux on a live USB.

The command I give is:

hashcat -m 2500 -a3 .hccapx ?d?d?d?d?d?d?d --force

after this it starts but then encounter 114 errors then tells me the problem is with Device #1

If needed I can post the whole message it gives concerning the problem.

Any help would be much appreciated, I am not satisfied with cracking my wpa2 with a wordlist.

↧

Sorry but: TrueCrypt USB-Drive

February 27, 2018, 4:58 am

≫ Next: Bcrypt Blowfish Unix Hash

≪ Previous: Problem with Device #1? shuts down process

I know. I'm sorry. Here I go:

What I've done:

Created an encrypted USB-Drive (2GB) with TrueCrypt 7.1a. Password is 0123456789. No options changed.
Created an dd dump of the USB-Drive

Than I used John the Ripper first:

Used truecrypt2john.py to get the hashes: got 6 Hashes, 3 normal, 3 hidden (why?)
Used John with -mask=12345678?d to crack the password.
Got password 123456789 for the first hidden hash (why?). Nonetheless everything fine so far.

Now the hashcat part:

fdisk -l /dev/sdc1 to get the size of my USB-Drive in bytes
sudo dd if=/dev/sdc1 of=./banana/512.dd bs=1 skip=1993276928 count=512 to get the last 512 bytes according to https://hashcat.net/wiki/doku.php?id=fre...pt_volumes
hashcat -m 6211 ./banana/512.dd -a 3 12345678?d to crack the password. But nothing is found. Hashcat even tries 123456789 but doesn't recognize it as password.
tried to run hashcat with hashes produced by truecrypt2john.py. Same result.

What am I doing wrong?

I even tried to crack the examples from https://hashcat.net/wiki/doku.php?id=example_hashes, but they work flawlessly. Password is hashcat. Got that.

So I think somethings wrong with my attempt to get the password hashes.
I've also tried:

First 512 bytes of USB-Drive
First and last 512 bytes of /dev/sdc instead /dev/sdc1
complete dd image of USB-Drive

Any hints on what i'm doing wrong?

Using hashcat 4.1.1 on Ubuntu 16.4.

↧

Bcrypt Blowfish Unix Hash

February 27, 2018, 7:33 am

≫ Next: include SHA1 Hash with the results

≪ Previous: Sorry but: TrueCrypt USB-Drive

I am tying to decrypt a Hash which is bcrypt blowfish (Unix). The hash is like this $2a$04$xxxxxxxxxx.
I already know the hash is a 6 digit numerical code.
As I know its going to be a 6-digit numerical code so I used a brute force with mask and it tried all the possible combinations in aorund 10 minutes and the hash could not be cracked.
Here is the command line I am using:
./hashcat -m 3200 -a 3 -1 ?d hash ?1?1?1?1?1?1

Note: I am using it on Mac OS and I tried another md5 hash which was also a 6-digit numerical code and was cracked with the same attack in less than a second

Now the question is why I am unable to crack the bcrypt hash with brute force mask attack? Am I missing something? Or I need to use some other way?

↧

include SHA1 Hash with the results

February 27, 2018, 8:37 am

≫ Next: Problems with speed of brute-force by GPU

≪ Previous: Bcrypt Blowfish Unix Hash

Hi I'm new to hashcat and I'm struggling to find the answer top what I want to do. I have a list of SHA1 Hash but I would like to show the hash and the password (If its cracked it or not). It would be probably better if I show you.

I'm trying to get the results of hashcat to show as below so I can see which ones its cracked. At the moment Im just getting a list of the cracked passwords

sha1
5a1bc9bed2a7bd518d366798e5a2c76d334f94c0 sha1 MNYFUN
8dc4fc0a94ba80d0ba0bad817022c50cee104f84 (Not Found)
6f8af0474ab2a36781ee04d43e2f7a0a290f7916 (Not Found)
1999e4893f732ba38b948dbe8d34ed48cd54f058 sha1 buster
488753238083cee40b78f95cc23f6787483ce95d sha1 amyd01

I hope this makes sense, I'm not good at explaining things

↧

Problems with speed of brute-force by GPU

February 28, 2018, 2:11 pm

≫ Next: Status Exhausted???

≪ Previous: include SHA1 Hash with the results

Hello every one , can somebody help me with this problem ?
The problem is that Hashcat 4.1.0. worked with low performance .
I write code like that ↓ to try brute my own AP and hashcat show me Speed.Dev.#1 25 H/s

Code:
hashcat64.exe -a 3 -m 2500 -w 4 E:\wi-fi24.hccapx E:\Top204Thousand-WPA-probable-v2.txt

But , i have run Benchmark and he show me 62330 H/s .

I saw thah he write ↓ but when i give him larger wordlist (250MB) , it have "freeze" on it.

Code:
 The wordlist or mask that you are using is too small.

This means that hashcat cannot use the full parallel power of your device(s).

Unless you supply more work, your cracking speed will drop.

For tips on supplying more work, see: https://hashcat.net/faq/morework

Approaching final keyspace - workload adjusted.

Does anybody hawe any solutions ?
Thank you in advance!

P.S. Hardware - i5 6300HQ , GTX 960m ( driver 391.01)

↧

Status Exhausted???

March 1, 2018, 12:57 am

≫ Next: OpenCL ERROR

≪ Previous: Problems with speed of brute-force by GPU

it hit status exhausted just before finished (99%)
here's the log
https://pastebin.com/raw/8PUPHUg3

↧

OpenCL ERROR

March 1, 2018, 5:13 pm

≫ Next: WPA/WPA2 PMK mode (2501)

≪ Previous: Status Exhausted???

First of all, Hello
I've got a question.
I'm using the Graphic Card as you have seen it in the picture

The question is How do I install OpenCL driver on the Intel Hd Graphic 3000 Card ?
I'll be glad if anybody is interested with my trouble Smile

↧

WPA/WPA2 PMK mode (2501)

March 1, 2018, 11:13 pm

≫ Next: Gtx 1050 Ti Experiences?

≪ Previous: OpenCL ERROR

WPA/WPA2 PMK mode (2501) - is this mode no longer supported by Hashcat? I thought this mode was designed to speed up cracking hashes by pre-calculating PMK for given SSID and a list of pass phrases, so then can be used along with dictionary that will run quicker.

Here is some information I have found:

"We can speed this up by pre-calculating the Pre-Shared Key, also called the Pairwise Master Key (PMK) in the 802.11 standard parlance. It is important to note that, as the SSID is also used to calculate the PMK, with the same passphrase but a different SSID, we would end up with a different PMK. Thus, the PMK depends on both the passphrase and the SSID."

↧

Gtx 1050 Ti Experiences?

March 2, 2018, 6:56 am

≫ Next: Call custom algorithm form hashcat

≪ Previous: WPA/WPA2 PMK mode (2501)

Hey All,

I am in the process of building a budget rig, and Yes i know Cheap=Expensive, etc, but regardless, i do not expect top of the line. I have been planning to use the 1050 Ti, as it costs less than most used older GPU's, and has quite a bit of power for the price.

I have heard of people using them and seen no issues so far, however I have lately been reading posts from people who do not own one, that are saying that the 1050, is a newer cheaper model, designed for short bursts like video gaming, and that the card would likely burn out and damage your pc when using it for such an exhaustive task like hash cracking.

Can anyone verify the truth in this statement? If so, can anyone suggest a card around the same price/efficiency? I am in Canada and have trouble getting older Radeon models.

Thanks for your time, and I eagerly await your responses Smile

↧

Latest Images