Quantcast
Channel: hashcat Forum - All Forums
Viewing all 8191 articles
Browse latest View live

How to use hashcat on multiple pc network(master-slave configuration)

June 14, 2018, 11:22 pm
$
0
0
I have few PC with different hardware configurations, AMD, intel, nvidia etc. All connected to a single network. I want utilize the all the resources on the network in a master - slave configuration. Is there any possible way? Or should i code a script myself? 

NOTE: I want use wordlist input generated by another python script and piped to hashcat. I cant generate a huge dictionary, its exceeding terra bytes.
Search

Newbie - help please

June 15, 2018, 10:52 am
$
0
0
Hi there - I am a total newbie trying to find my way around.  I've never used hashcat before and am learning how to to access an itunes backup I can't remember my password for.

I have watched quite a few tutorials and read some articles but never having used anything like this before its clear that my brain can't compute a lot of it and my head is now spinning!

I have extracted all the information I need from my manifest.plist to run 
Hash mode: 14800
Hash Name:iTunes backup >= 10.0 11 

I thought I had all I needed to go ahead and try to run hashcat... but then I couldn't even open hashcat on my terminal - doh!

I downloaded the zip file and have extracted Hashcat-4.1.0 folder to my desktop so I thought I had everything I needed 

Sorry if this is a really dumb question but how do I open hashcat in my terminal and then run the itunes back up hash?

Is there a really simple video or written tutorial which can take me through this step my step?

Many thanks in advance for any help Smile

Custom installation path

June 15, 2018, 11:53 am
$
0
0
Hello.

I'm trying to install hashcat on an HPC cluster for student research. I would like to install it to a custom path in a shared drive. Users ssh into a login node and queue jobs to be run on worker nodes. Worker nodes have access to the user's home directory and a large shared partition with all the executables, libraries, and other files needed to run processes, both of which are stored in the login node's file system.

Does hashcat support custom paths for its own files and dependencies (such as the opencl runtime)? I poked around in the Makefile and saw some options for a shared install, but haven't seen any official documentation for this.

Thank you.

freeeRadius PAP

June 16, 2018, 11:17 am
$
0
0
Hi,

I want ask, how easy is to crack user password captured between freeradius and vpn client using PAP even when I use really strong secret password ?
I attached captured RADIUS communication. (pcap file)
And user is "custom2" and his password is "Passw0rd2" and radius secret is "password2".

Thanks

Custom rule for 8Track hashes

June 16, 2018, 12:51 pm
$
0
0
For 8Track hashes I use this command:
Code:
"hashcat -m 120 -a 0 8Track_hashes -j '$-$-' dictionary"

Is it possible to combine this command with best64.rule like:
Code:
"hashcat -m 120 -a 0 hashes dictionary -r best64.rule"

I tried to combine, but did not work:
Code:
"hashcat -a 0 dictionary -r best64.rule | hashcat -m 120 -a 0 -j '$-$-'"

-m 11300 broken in version 4.1?

June 16, 2018, 1:12 pm
$
0
0
Im trying to use hashcat in mode 11300 for an old darkcoin wallet, but version 4.1 doesnt find a known password for a test wallet I made, but version 3.5 does. This would not normally be a problem but it seems version 3.5 has a password length max of 40 characters.


So to better explain I made a new test wallet, with a known password that I just added to a small wordlist. I tested hashcat version 3.0, 3.5, and 4.1. Using the same command on all 3 versions, only version 3.5 recovers the known password.

On version 4.1 I am getting this error "
* Device #1: ATTENTION! OpenCL kernel self-test failed.

Your device driver installation is probably broken.
See also: https://hashcat.net/faq/wrongdriver "

I am using AMD RX580s and ROCM drivers.

Is there a way to disable the OpenCL kernel self test?
If the ROCM drivers work on version 3.5 shouldnt they work on 4.1?

Hashcat 4.1.0 not using AMD RX 570 & amdconfig: command not found

June 16, 2018, 9:01 pm
$
0
0
I'm trying install hashcat on a fresh ubuntu 18.04 installation. I'm using an AMD Radeon RX 570. Both my desktop monitors are connected to the GPU (not sure if that matters or makes a difference).

Immediately after installing Ubuntu, I updated:

Code:
$ apt-get update && apt-get dist-upgrade && reboot

Then began following the install instructions as per the hashcat FAQ:

Code:
$ sudo find / -name libOpenCL\* -print0 | xargs -0 rm -rf && reboot

Code:
$ sudo apt-get install ocl-icd-libopencl1 opencl-headers clinfo && reboot

Then I downloaded what I think is the correct driver:

Code:
$ wget https://www2.ati.com/drivers/linux/ubuntu/18.04/amdgpu-pro-18.20-606296.tar.xz

Unpacked it and ran the following:

Code:
$ ./amdgpu-install --version="1.6.180"

No installation errors reported. I ran it again for this forum post, here's the output:

Code:
Reading package lists... Done
Building dependency tree       
Reading state information... Done
amdgpu is already the newest version (18.20-606296).
amdgpu-lib32 is already the newest version (18.20-606296).
0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.

Then rebooted again.

Code:
$ sudo mv ~/.hashcat/kernels /tmp/old_kernels

Then rebooted again. Using `clinfo` only reports 1 platform and its my CPU. After downloading hashcat and unpacking it, I ran it with:

Code:
$ ./hashcat64.bin -b -m2500

But hashcat only uses the CPU. Looking again at the FAQ, I tried the `amdconfig` command but its not found.

Code:
$ amdconfig --adapter=all --initial -f
amdconfig: command not found

Where did I go wrong? I could really use some help.

Save all valid password candidates

June 17, 2018, 8:48 am
$
0
0
Hello,

I'm trying to implement support for a file format that has barely any header information in the cleartext to check candidate password validity. Is it possible to return all of the valid candidates from the GPU?

It is my first time adding support for a hash format, but it was not difficult, the code is very well structured.

Thank you very much!
Search

Pass for Veracrypt file container, algorithm Twofish-Serpent

June 18, 2018, 5:50 am
$
0
0
Hi guys,

I have a problem: I can't find out my password for a Veracrypt File Container anymore - Nothing new for you, ok..

So the detailed problem:
I use the latest Veracrypt version (Windows) v1.22 64bit. I created a file container, but I used
  • a Password (about 20 chars), consisting of two blocks of numerics and possibly a letter
  • a PIM which is definite 710 (I am sure)
  • a keyfile, which I know definitvely too
  • there is no hidden volume
The algorithm is Twofish-Serpent and the hash is SHA512.

First question: Now, do I have to extract the first 512 bytes of the encrypted file container to a seperate file or the first 1024 bytes to get a hash file? I ask this because Veracrypt Twofisch-Serpent mode is "XTS 1024" as hashcat help says.

Second question: Doeas anybody know a Windows software to move the first 512 (or 1024) bytes of a file to a second file?

Last question: As said in this forum earlier, Veracrypt cracking works exactly like Truecrypt cracking... But why is there a Veracrypt checkbox which says "use old Truecrypt mode" (when mounting a file container) if the method is the same?


Thank you very much for your help,

Frank

Extracting Hashes

June 18, 2018, 9:47 am
$
0
0
Hi,

I've been lurking around trying to learn how to use Hashcat and I have had some success using the actual program. The point at which I struggle is acquiring password hashes. 

I have found some python and perl scripts for John the Ripper that work sometimes but was wondering if someone could tell me what the most commonly used methods for extracting hashes are.

I spoke to someone that says they look up on the internet at which byte hashes are located and then navigate there using hex editors. Is this how you guys do it? 

Thanks for the help ppl.

keep-guessing + rules?

June 18, 2018, 1:33 pm
$
0
0
Is there a way to log *all* of the rules that would have cracked a given hash?

Would/should --keep-guessing and --debug-mode be combine-able?  It could be quite chatty - being able to ignore ':' would probably be useful. Smile

Kernel outputting CL_UNKNOWN_ERROR

June 18, 2018, 2:57 pm
$
0
0
Hello, Im developing a mode for an old file format. At some point in my code, I do something like;
Code:
__kernel function1() {
     struct mytype;
     function2(&mytype);
}

function2(struct *mytype) {
     uchar *ptr = mytype->value2;
     function3(ptr);
}

function3(byte* ptr) {
     uint16 v1 = 10;
     uint16* ptr2 = (uint16*) ptr;
     *ptr2 = v1 >> 8;
}


struct mytype {
      uchar value1[8];
      uchar value2[8];
      uint key[52];
      uint bufleft;
 }


This code fails at
Code:
*ptr2 = v1 >> 8;
with clWaitForEvents(): CL_UNKNOWN_ERROR. If I remove this single assignment, the code runs without errors. Does anybody has any tip on how to solve this problem?

Help algoritm ExpressionEngine

June 19, 2018, 7:29 am
$
0
0
ExpressionEngine 2.5.4
password
salt
crypt_key

________________________________
password
ca92d563fed99f3e20f75f24415514a011eda1cc604dec36f1f9beadb0694396217cd8cf14ddc5ba4a01da103659bc6de28c5d405e0fff4a7257cabb32ef2372
salt
>*+<pf5\\fLm#K2={gUHN_&e^c\\!-)x^(b#)'8!v,!e?;{1:i31{Cgm-aVc;4V7$=C']4:M)hjjX0}Q~P0:?mLvs{'5D=]'b&fESm]mQ3\\;.D,qc<XsA&^{W;03@'|~c"
crypt_key
fb11d15bb67d2e3954e0d3ee0c2686cb16cd90dc

How are hash mode numbers chosen?

June 20, 2018, 2:33 am
$
0
0
I am just curious because why numbers in the first place and how do they choose them?

Single-mode john analog for hashcat

June 20, 2018, 10:42 am
$
0
0
Hi.

It seems there is no Single mode implemented in hashcat, it's a very fast mode to crack passwords using some derived data (e.g. usernames or emails) for salted hashes.

And it should be very fast because the derived candidate should be tried only for certain hash (not for every hash).

Any chance of implementing it in hashcat?

Thanks.
Search

Hashcat source code compilation problem

June 20, 2018, 11:15 pm
$
0
0
Want to learn the hashcat, compile the windows64 version, the latest source code downloaded is always an error,as follows:

Include/sort_r.h:212:7: error: implicit declaration of function ‘qsort_s’ [-Werror=implicit-function-declaration]
        Qsort_s(base, nel, width, sort_r_arg_swap, &tmp);
Src/affinity.c:70:3: error: implicit declaration of function ‘strtok_r’ [-Werror=implicit-function-declaration]
    Char *next = strtok_r (devices, ",", &saveptr);

Compiler environment: Ubuntu 16.04.4 LTS
Thread model: posix
Gcc version 5.4.0 20160609

Custom cracking algorithm

June 21, 2018, 3:32 am
$
0
0
Hello forum members , 

I am new here. I was playing with hashcat and its really interesting the way it cracks a hash. I want to ask if its possible to supply hashcat with a custom written script in c or any other language to perform some steps. Or if its possible to pipe output of one command into another hashcat instance. 

I am trying to crack hash generated from sha256 hash of md5 hash of a string.

Hopefully its possible. Doesnt matter even if it takes millions of years as i am going to try it on known input and output mixed in a million other strings. Just to test its capability.

Thanks

Telegram Desktop passcode

June 21, 2018, 4:05 am
$
0
0
Hello everyone!

Diving into the Telegram Desktop source code I was able to write a program that decrypts and parses the local storage.
One option the client provides is to set a passcode - any string of any length - that is optionally used to encrypt a part of said local storage.

Testing whether the passcode is valid is a multi-step process (shortened for clarity):
1. Read the salt (32 bytes), encrypted data and sha1 of decrypted data from a file.
2. Compute a PKCS5_PBKDF2_HMAC_SHA1 on the UTF8(passcode), using the salt, 4000 iterations, keysize of 256 bytes
3. Use a Telegram-specific KDF to get the AesKey and AesIV (Relatively cheap - bunch of memcpy and 4x sha1)
4. Perform an AES-IGE-DECRYPT on the encrypted data using the derived key and IV from step 3.
5. Compare sha1 of decrypted data with the sha1 read in step 1. If they match - passcode is correct.

Using OpenSSL I am able to test around 100 passcodes/s on a Ryzen 1700. That is a sad number.
The obvious time-hog in this process is the 4000 iterations on the PKCS5_PBKDF2_HMAC_SHA1.
Judging from the benchmarks (that use 1000 iterations as far as I'm aware) I estimate that I could achieve a few MH/s using a GPU powered approach.

Since the process is probably too complex to be added as a whole is it possible to use hashcat (or other programs that I am unaware of) to compute the PKCS5_PBKDF2_HMAC_SHA1 keys with the mentioned parameters and pipe generated passcode-key pairs into another program that then validates the keys?

Thank you in advance,
Miha Zupan

World Biggest Noob Help With VeraCrypt

June 21, 2018, 5:13 am
$
0
0
Hey guys! (and girls!)

I generated a 3GB Veracrypt container file that contains important docs a couple of weeks back.
Unfortunately I've forgotten the password but do remember the words I used which I normally would with a password.
In my quest to getting the password back, I came accross Crunch to generate a wordlist and Hashcat to crack the password, unfortunately, I'm a complete noob when it comes to this, just wondering if anyone could give a few tips on how I would go about doing this?

P.S. I'm running Windows 10

Thanks for your help, it's appreciated.

Custom OpenCL kernel question

June 21, 2018, 6:01 am
$
0
0
Hi.

I'm trying to write a custom kernel to implement algorythm like this:

PHP Code:
$static_salt1 "123jjdsfhjrhfjrhdkedjkewdjdwjdwkjdkewjdkewjdkewjkdjwefjrhfjrhfjrhfjrhfjhrjfhrjsbdnsbdfrfjeh4jh43jhj34hjd3hdjbnbedbwedkjewbdkjedwkejdefre\n\rs";
$static_salt2 "djkedjewkdewjkdjk32bj3432h4o3240324h32432hjsdnbkjdnakdsadhldkhlhd3ljlk3dl4kdj43lkdj43ld3";
$hash md5($static_salt2.md5(md5(md5($pass).$static_salt1))); 

$static_salt1 is more than 64 symbols and contains special symbols like "\r\n", $static_salt2 is more than 64 symbols as well, both are fixed for every hash.

Obviously, because of the big fixed salts I can't use optimized kernel feature, so I'm trying to figure out how to write pure OpenCL kernel.

I'm a total noob in C / hashcat, but previously I've implemented similar algorythm in hashcat-legacy and it works there, but new hashcat has completely different architecture. In hashcat-legacy it was easier because there were multiple examples of hash algorithms using fixed salts, but I can't find any proper examples in new hashcat code base.

Where/How  should I pass both these static salts? 

Do I do this directly in OpenCL kernel?

Should I put both salts definition in include/interface.h ?

Maybe you can point me into some example algorithm which passes multiple static salts as an example.

Sorry, for stupid questions just trying to figure it out.

Thanks.
Viewing all 8191 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>