Quantcast
Channel: hashcat Forum - All Forums
Viewing all 8239 articles
Browse latest View live

Launch hashcat with conrete letters in password counts

July 6, 2018, 7:34 am
$
0
0
Hello. For example, i has md5 hash. And i known what this hash it`s a 7-length password contains: 2 letters "a", 2 letters "b", 3 letter "c". I don`t known positions of those letters.
How can launch hashcat for fastest brute in this situation? If i run mask ?1?1?1?1?1?1?1 and --custom-charset1 abc - this will low effectively because hashcat check "aaaaaaa", "bbbbbbb" and other wrong passwords.
Search

Learn Next?

July 6, 2018, 11:27 am
$
0
0
Once someone has gotten up to speed on the basics of hashcat, like using various rules/wordlists, playing with masks, finding that ones that seem to work best, what would you suggest that a noob learn next? PRINCE? Or is there something else in between? Trying to learn to be good and efficient at pw cracking. Looking for a suggestion from the experts. 

Thanks.

Combinator - how to save combined files.

July 6, 2018, 11:50 am
$
0
0
Hello,

im getting some troubles with saving output after combining 2 word list using Combinator from hashcat utils.

I cant remember how I did before (like a year ago), could you guys help me? I just want to save output to file.

Thanks

Crypto for newbies: How to crack Office 97-2003

July 6, 2018, 3:07 pm
$
0
0
Hello,

Today I will share with you a little info about how Word 97-2003 encryption works.
If you found some mistake, please, fell free to report it.
If you found things that can be optimized, fell free do share it in comments.


Introduction

Microsoft Word, from version 97-2003 use a crypto scheme defined in MS-OFFCRYPTO. (https://msdn.microsoft.com/en-us/library...e.12).aspx)
The Encryption Key Derivation can be found here: https://msdn.microsoft.com/en-us/library...12%29.aspx
After reading this documents, I dig a little more trying to find an easiest/better explanation.


Understanding

Thanks to atom, this was not a hard task.
Here is everything explained step-by-step: https://hashcat.net/forum/thread-3665.html
So, you will see that MS Word uses RC4 + MD5 for mode $0 and $1 and RC4 + SHA1 for mode $3 and $4.
RC4 = algo used for encryption.
SHA1 = hash function.
MD5 = hash function.
So, you will use RC4 and MD5 or SHA1.
Where you find this $0, $1, $3, $4? It is the first part of hash extracted with office2hashcat.py (https://github.com/stricture/hashstack-s...hashcat.py)
Eg. of extracted hash: $oldoffice$1*d6aabb63363188b9b73a88efb9c9152e*afbbb9254764273f8f4fad9a5d82981f*6f09fd2eafc4ade522b5f2bee0eaf66d (https://hashcat.net/forum/thread-3665.html)
As you can see, after the word old office, we have $1, so, this hash uses RC4 + MD5.


Extracted hash

The extracted hash have this fields:
1) Kind of encryption scheme used ($1, $2, $3, $4)
2) Salt => what are between 1 and 2 asterisk => d6aabb63363188b9b73a88efb9c9152e
3) EncryptedVerifier => what are between 2 and 3 asterisk => afbbb9254764273f8f4fad9a5d82981f
4) EncryptedVerifierHash => what are after 3 asterisk => 6f09fd2eafc4ade522b5f2bee0eaf66d


What to do now?

Atom posted this:
Quote:"KDF

1. Generate 16 byte random salt
2. Calculate MD5 of unicode version of the password
3. Truncate 16 byte result to 5 byte
4. Generate a string of length 336 byte by repeating the string "$digest$salt" 16 times -- (16 * (5 + 16)) = 336
5. MD5 the 336 bytes
6. Truncate 16 byte result to 5 byte
7. Append 4 byte zeros to result
8. MD5 the 9 bytes
9. Use 16 byte result as 128 bit RC4 Key
10. Decrypt encryptedVerifier with RC4 to decryptedVerifier
11. Decrypt encryptedVerifierHash with RC4 to decryptedVerifierHash
12. MD5 the decrypted encryptedVerifier
13. Compare 16 byte result with decrypted encryptedVerifierHash"

This is what we will do, step-by-step.


Preparation

To this task we will need some tools.
I will use here online tools, to be easy for everyone follow.

 1) http://rc4.online-domain-tools.com => RC4 online

 2) https://www.mobilefish.com/services/lati...to_hex.php => Convert password plain text to UTF-16LE (LE = Little-Endian)

 3) https://www.fileformat.info/tool/hash.htm => Hash MD5 as hex input, instead of ASCII input

 4) https://github.com/stricture/hashstack-s...hashcat.py => Extract hash from office files.
       4.1) We will not need this, because we will use a provided hash.

 5) https://hashcat.net/misc/DocOld2010.doc => file used in this example. Generated by atom.


Hands on

So, we know the password is hashcat, this is useful to do every step and understanding what we are doing.
Let's do it

Quote:Password                                            hashcat
Password converted to UTF-16LE.         6800610073006800630061007400 => https://www.mobilefish.com/services/lati...to_hex.php

Salt                                                    d6aabb63363188b9b73a88efb9c9152e
EncryptedVerifier                                 afbbb9254764273f8f4fad9a5d82981f
EncryptedVerifierHash                          6f09fd2eafc4ade522b5f2bee0eaf66d

KDF

01. Generate 16 byte random salt
Quote:R = d6aabb63363188b9b73a88efb9c9152e

02. Calculate MD5 of unicode version of the password
Quote:R = MD5(6800610073006800630061007400) = 2303b15bfa48c74a74758135a0df1201 
https://www.fileformat.info/tool/hash.htm => use the field "Binary hash" and past 6800610073006800630061007400

03. Truncate 16 byte result to 5 byte
Quote:R = 2303b15bfa
Each byte is composed for 2 hex chars, so <23><03><b1><5b><fa> = 5 byte.


04. Generate a string of length 336 byte by repeating the string "$digest$salt" 16 times -- (16 * (5 + 16)) = 336
Quote:R = MD5(2303b15bfad6aabb63363188b9b73a88efb9c9152e2303b15bfad6aabb63363188b9b73a88efb9c9152e2303b15bfad6aabb63363188b9b73a88efb9c9152e2303b15bfad6aabb63363188b9b73a88efb9c9152e2303b15bfad6aabb63363188b9b73a88efb9c9152e2303b15bfad6aabb63363188b9b73a88efb9c9152e2303b15bfad6aabb63363188b9b73a88efb9c9152e2303b15bfad6aabb63363188b9b73a88efb9c9152e2303b15bfad6aabb63363188b9b73a88efb9c9152e2303b15bfad6aabb63363188b9b73a88efb9c9152e2303b15bfad6aabb63363188b9b73a88efb9c9152e2303b15bfad6aabb63363188b9b73a88efb9c9152e2303b15bfad6aabb63363188b9b73a88efb9c9152e2303b15bfad6aabb63363188b9b73a88efb9c9152e2303b15bfad6aabb63363188b9b73a88efb9c9152e2303b15bfad6aabb63363188b9b73a88efb9c9152e)

05. MD5 the 336 bytes
Quote:R = f2ab1219aec36ce247dfb13a03940d3e

06. Truncate 16 byte result to 5 byte
Quote:R = f2ab1219ae

07. Append 4 byte zeros to result
Quote:R = f2ab1219ae00000000

08. MD5 the 9 bytes
Quote:R = e5d13462ff792f3ed224acd4bfb03da9

09. Use 16 byte result as 128 bit RC4 Key
Quote:R = e5d13462ff792f3ed224acd4bfb03da9
http://rc4.online-domain-tools.com

10. Decrypt encryptedVerifier with RC4 to decryptedVerifier
Quote:R = RC4(afbbb9254764273f8f4fad9a5d82981f) = d6aabb63363188b9b73a88efb9c9152e

11. * Decrypt encryptedVerifierHash with RC4 to decryptedVerifierHash *
Quote:R = RC4(6f09fd2eafc4ade522b5f2bee0eaf66d) = 1aad4f1dd3efa5f11ca9670a4b7335fd

See note below

12. MD5 the decrypted encryptedVerifier
Quote:R = MD5(d6aabb63363188b9b73a88efb9c9152e) = 1aad4f1dd3efa5f11ca9670a4b7335fd

13. Compare 16 byte result with decrypted encryptedVerifierHash
Quote:MD5(RC4Decrypt(EncryptedVerifier)) == RC4Decrypt(EncryptedVerifierHash)
MD5(d6aabb63363188b9b73a88efb9c9152e) == 1aad4f1dd3efa5f11ca9670a4b7335fd
1aad4f1dd3efa5f11ca9670a4b7335fd == 1aad4f1dd3efa5f11ca9670a4b7335fd

So, as we can see, the password are correct.

* For some reason that I haven't a single clue, this step always give me error. To found this value, you should process this:
RC4(decryptedVerifier + decryptedVerifierHash) = RC4 (afbbb9254764273f8f4fad9a5d82981f6f09fd2eafc4ade522b5f2bee0eaf66d)
RC4 = d6aabb63363188b9b73a88efb9c9152e1aad4f1dd3efa5f11ca9670a4b7335fd
The first 16 bytes = decryptedVerifier = d6aabb63363188b9b73a88efb9c9152e
The last 16 bytes = decryptedVerifierHash = 1aad4f1dd3efa5f11ca9670a4b7335fd
The RC4 key is: f2ab1219ae (step 06)


Understanding how to crack the password

Atom said:
Quote:"Exploitation

The idea is to iterate through those 2^40 combinations, beginning from step 8. Once we find the correct RC4 Key, which is the case when step 13 is true, we do not need to do those steps ever again. From now on, in oclHashcat, we will just calculate steps 1-5 and then compare the first 5 byte with our pre-cracked intermediate hash. That's the meet-in-the-middle attack."

Translating: Generate 5 byte -> append 4 byte zeros -> MD5(5 byte + 00000000) -> Using the result as RC4 key -> MD5(RC4Decrypt(EncryptedVerifier)) == RC4Decrypt(EncryptedVerifierHash) -> If this is true, you found a RC4 key to decrypt this file.


Colliding

Ok, now you know the RC4 key.
You can decrypt the file with this key, using other tools, but, you still do not have a password to open the file.
Well, decrypting the file, you have access to it's content, but, the point here is obtain a password to open it, not only decrypt it. 
Here, when we generate a candidate password and go through step 01 to 06.
If the step 06 is equal to the hex key found, you found a valid password. 

Quote:Password candidate                    zvDtu!
Password converted to UTF-16LE 7a0076004400740075002100

Salt                                          d6aabb63363188b9b73a88efb9c9152e
EncryptedVerifier                       afbbb9254764273f8f4fad9a5d82981f
EncryptedVerifierHash                6f09fd2eafc4ade522b5f2bee0eaf66d

KDF

01. Generate 16 byte random salt
R = d6aabb63363188b9b73a88efb9c9152e

02. Calculate MD5 of unicode version of the password
R = MD5(7a0076004400740075002100) = 2c280e504af43aaa1d6bbfb205302424

03. Truncate 16 byte result to 5 byte
R = 2c280e504a

04. Generate a string of length 336 byte by repeating the string "$digest$salt" 16 times -- (16 * (5 + 16)) = 336
R = MD5(2c280e504ad6aabb63363188b9b73a88efb9c9152e2c280e504ad6aabb63363188b9b73a88efb9c9152e2c280e504ad6aabb63363188b9b73a88efb9c9152e2c280e504ad6aabb63363188b9b73a88efb9c9152e2c280e504ad6aabb63363188b9b73a88efb9c9152e2c280e504ad6aabb63363188b9b73a88efb9c9152e2c280e504ad6aabb63363188b9b73a88efb9c9152e2c280e504ad6aabb63363188b9b73a88efb9c9152e2c280e504ad6aabb63363188b9b73a88efb9c9152e2c280e504ad6aabb63363188b9b73a88efb9c9152e2c280e504ad6aabb63363188b9b73a88efb9c9152e2c280e504ad6aabb63363188b9b73a88efb9c9152e2c280e504ad6aabb63363188b9b73a88efb9c9152e2c280e504ad6aabb63363188b9b73a88efb9c9152e2c280e504ad6aabb63363188b9b73a88efb9c9152e2c280e504ad6aabb63363188b9b73a88efb9c9152e)

05. MD5 the 336 bytes
R = f2ab1219ae2fa884df9f25a50b9dc5cb

06. Truncate 16 byte result to 5 byte
R = f2ab1219ae

07. Append 4 byte zeros to result
R = f2ab1219ae00000000

08. MD5 the 9 bytes
R = e5d13462ff792f3ed224acd4bfb03da9

09. Use 16 byte result as 128 bit RC4 Key
R = e5d13462ff792f3ed224acd4bfb03da9

10. Decrypt encryptedVerifier with RC4 to decryptedVerifier
R = RC4(afbbb9254764273f8f4fad9a5d82981f) = d6aabb63363188b9b73a88efb9c9152e

11. Decrypt encryptedVerifierHash with RC4 to decryptedVerifierHash
R = RC4(6f09fd2eafc4ade522b5f2bee0eaf66d) = 1aad4f1dd3efa5f11ca9670a4b7335fd

12. MD5 the decrypted encryptedVerifier
R = MD5(d6aabb63363188b9b73a88efb9c9152e) = 1aad4f1dd3efa5f11ca9670a4b7335fd

13. Compare 16 byte result with decrypted encryptedVerifierHash
MD5(RC4Decrypt(EncryptedVerifier)) == RC4Decrypt(EncryptedVerifierHash)
MD5(d6aabb63363188b9b73a88efb9c9152e) == 1aad4f1dd3efa5f11ca9670a4b7335fd
1aad4f1dd3efa5f11ca9670a4b7335fd == 1aad4f1dd3efa5f11ca9670a4b7335fd

Here you can see that steps 01 to 05, everything is different.
But, after step 06, it is the same, for password <hashcat> and <zvDtu!>, so, both passwords can open the file.
Why this happen? Because we have to match only the 5 bytes of step 05 (40 bits) not the whole value (128 bits).
This is called collision because two different password generate the same 40 bits value.


Independent Key file

I saw a lot of programs and scripts that are designed to crack the RC4 key.
One of this programs have one feature that call my attention : "Search for file-independent key, allowing to instantly decrypt files with the same password"
Well, we have here a thing that is very useful: only one key to decrypt every file with the same password.
If you generate a new file with the password hashcat, you will see, the RC4 key will be different.
This means: for every single file, you have to crack the RC4 key, even if they use the same password.
I really liked this feature, but, how to replicate it?
We have salt here, what make every every key unique even with the same password. That is the point of using salt, by the way. Password + salt(random) = unique output.
After thinking, the answer was obvious: you have to process everything BEFORE you enter in the salt part.
What? Relax , lets do it.

Quote:Password                                   hashcat
Password converted to UTF-16LE 6800610073006800630061007400

Salt                                          d6aabb63363188b9b73a88efb9c9152e
EncryptedVerifier                       afbbb9254764273f8f4fad9a5d82981f
EncryptedVerifierHash                6f09fd2eafc4ade522b5f2bee0eaf66d


KDF

02. Calculate MD5 of unicode version of the password
R = MD5(6800610073006800630061007400) = 2303b15bfa48c74a74758135a0df1201 

03. Truncate 16 byte result to 5 byte
R = 2303b15bfa

Look at the step 03. The result is <2303b15bfa>.
This value IS the independent key file.
Why? Because every single time that you use the password hashcat, the result will be the same, because we do not have a interaction with salt in this step.
So, with this key, every file (Office 97-2003) created with the password hashcat, you will be able to decrypt it.
By the way, I do not know any program that make use of it, except for that one. It is paid.


Using Hashcat

After understanding how to do it manually, lets do it with hashcat.
First create a file and save this inside: $oldoffice$1*d6aabb63363188b9b73a88efb9c9152e*afbbb9254764273f8f4fad9a5d82981f*6f09fd2eafc4ade522b5f2bee0eaf66d
Now, we will understand the hashcat modes that you can use:
-m 9700 = find a password
-m 9710 = crack the RC4 key
-m 9720 = collide the RC4 key with a candidate password

So, we can do this path
hashcat -m 9700 -a 3 <file.hash> -i ?a?a?a?a?a?a => you will try to find a valid password to open the file. This mode will do the something that mode -m 9710 plus -m 9720
hashcat -m 9710 -a 3 --hex-charset ?b?b?b?b?b => this will recover the RC4 key only, not the password.
hashcat -m 9720 -a 3 <file.rc4> -I ?a?a?a?a?a?a => this will try to find a password from the RC4 key.

Inside <file.hash> $oldoffice$1*d6aabb63363188b9b73a88efb9c9152e*afbbb9254764273f8f4fad9a5d82981f*6f09fd2eafc4ade522b5f2bee0eaf66d
Inside <file.rc4>: $oldoffice$1*d6aabb63363188b9b73a88efb9c9152e*afbbb9254764273f8f4fad9a5d82981f*6f09fd2eafc4ade522b5f2bee0eaf66d:f2ab1219ae

You do not have to use the 3 options; use only -m 9700 OR -m 9710 then -m 9720.


Conclusion

That is the whole process that I did to understand how to calculate the RC4 key, RC4 independent key and how to collide the RC4 to found a valid password.
If you saw the flag $3 and $4, you should replace the MD5 for SHA1. 
If you like the post, let me know that.
It it have a positive review, I will do my best to write more post in this style.
Thank you for your time and patience.


Free Notes

I would like to give a special "thank you" for bmenrigh, Chick3nman, and to atom for your help providing me a lot of valuable info and/or help.

Source
http://www.woodmann.com/forum/archive/in...-2971.html
https://blogs.msdn.microsoft.com/openspe...ification/
https://hashcat.net/forum/thread-3665.html

Help for rule

July 7, 2018, 12:44 am
$
0
0
any one help me please 

how to create rule prepend_ldu ( 2hex) mix

can't figure this out, new to hashcat

July 7, 2018, 7:57 am
$
0
0
so I tried this, after looking through loads of guides.
I suspect my hash is in base64, and it is salted? (How do I know if I'm right?)
So that's why I used -m101
Can't really figure out what's wrong with it.
If it's to do with the fact it's salted, can someone help me figure out how to unsalt it (hahahaha… Is that even possible)



(By the way it's not a real password it's just a fun challenge so I'm fine with sharing the hash if someone asks haha)


C:\Users\[my irl name]\Desktop\hashcat\hashcat-4.1.0>hashcat64.exe -m101 -a3 -o cracked.txt P******lUW3R0****fWMf4*******BPS4GT8+bzoLE=
hashcat (v4.1.0) starting...
* Device #1: WARNING! Kernel exec timeout is not disabled.
             This may cause "CL_OUT_OF_RESOURCES" or related errors.
             To disable the timeout, see: https://hashcat.net/q/timeoutpatch
OpenCL Platform #1: NVIDIA Corporation
======================================
* Device #1: GeForce GTX 970, 1024/4096 MB allocatable, 13MCU
Hash 'P******lUW3R0****fWMf4*******BPS4GT8+bzoLE=': Line-length exception
No hashes loaded.
Started: Sat Jul 07 15:52:22 2018
Stopped: Sat Jul 07 15:52:22 2018

improving workload?

July 7, 2018, 10:15 am
$
0
0
hi there,
so not ones ppl are dealing to crack slow hashs or have to deal with big hash list .

to me it happen more than ones. 
and this is a pin in the butt if u want to crack hashs which have not much keyspace such as ?d?d?d?d or ?d?d?d?d?d?d and so on.
most of the time hashcat will optimize the gpus for it to work as it base.
however, some time hashcat dont make use of all ur hardware , for example if hashcat "thinks" its a small keyspace for 8 gpus and for this hash (slow\fast hash), it wont use 8 of ur gpus,  since  it does not to consider how many hash candidate there is and does not make the use of all gpus.

so on my journey to find out a way to use all gpus to optimize all of ur hardware i acounter some bugs?

my initial idea is trying to supply more work to my 8 gpus by manually carving up the keyspace for the attack and running 8 separate hashcat jobs, one for each GPU.

^
by that i mean  to take a certain keyspace and split it to 8,
maybe by doing skip/limit between the gpus will make them work togther.

in my example when i ran ?d?d?d?d?d?d on a 2.3~mil+ hash candidates only 1 gpu was used and the others did not, which is a shame. because hashcat "thinks" its a small number to cover. (which is ! if u have only one candidate.)

however in the proccess of trying my idea i came to a weird bug.
remember what i want is to split manualy the workload by skip/limit to give each gpu a job .

in attack one, i havent use any skip limit, this is just showing that only 1 gpu is working and it took around 40min+- to complete this simple job. if 8 gpus was working on the same job it would be 1/8 of time time that it took me (5min~ instead of 40~)

in attack 2 and 3 i decide to put my idea to the test.
as u can see i have put skip/limit to make it easier.


Code:
attack one.

hashcat64.exe -m 2711 -a 3 "t1m3l1n3 .left7" -o "t1m3l1n3.out" --session t1m3l1n3 -w 4 -1 ?l?u?d!@#$ -i --increment-min=6 ?d?d?d?d?d?d -O --remove
Session..........: t1m3l1n3
Status...........: Running
Hash.Type........: vBulletin >= v3.8.5
Hash.Target......: t1m3l1n3 .left7
Time.Started.....: Sat Jul 07 17:47:24 2018 (39 mins, 0 secs)
Time.Estimated...: Sat Jul 07 18:29:22 2018 (2 mins, 58 secs)
Guess.Mask.......: ?d?d?d?d?d?d [6]
Guess.Charset....: -1 ?l?u?d!@#$, -2 Undefined, -3 Undefined, -4 Undefined
Guess.Queue......: 1/7 (14.29%)
Speed.Dev.#1.....:   919.0 MH/s (0.59ms) @ Accel:64 Loops:100 Thr:1024 Vec:2
Speed.Dev.#2.....:        0 H/s (0.00ms) @ Accel:64 Loops:100 Thr:1024 Vec:2
Speed.Dev.#3.....:        0 H/s (0.00ms) @ Accel:64 Loops:100 Thr:1024 Vec:2
Speed.Dev.#4.....:        0 H/s (0.00ms) @ Accel:64 Loops:100 Thr:1024 Vec:2
Speed.Dev.#5.....:        0 H/s (0.00ms) @ Accel:64 Loops:100 Thr:1024 Vec:2
Speed.Dev.#6.....:        0 H/s (0.00ms) @ Accel:64 Loops:100 Thr:1024 Vec:2
Speed.Dev.#7.....:        0 H/s (0.00ms) @ Accel:64 Loops:100 Thr:1024 Vec:2
Speed.Dev.#8.....:        0 H/s (0.00ms) @ Accel:64 Loops:100 Thr:1024 Vec:2
Speed.Dev.#*.....:   922.2 MH/s
Recovered........: 18461/2435603 (0.76%) Digests, 18461/2435561 (0.76%) Salts
Recovered/Time...: CUR:517,N/A,N/A AVG:427,25647,615551 (Min,Hour,Day)
Progress.........: 2271729000000/2435561000000 (93.27%)
Rejected.........: 0/2271729000000 (0.00%)
Restore.Point....: 0/10000 (0.00%)
Candidates.#1....: 120123 -> 688373
Candidates.#2....: [Generating]
Candidates.#3....: [Generating]
Candidates.#4....: [Generating]
Candidates.#5....: [Generating]
Candidates.#6....: [Generating]
Candidates.#7....: [Generating]
Candidates.#8....: [Generating]
HWMon.Dev.#1.....: Temp: 48c Fan: 90% Util: 57% Core:1885MHz Mem:4811MHz Bus:16
HWMon.Dev.#2.....: Temp: 32c Fan: 90% Util:  0% Core: 139MHz Mem: 405MHz Bus:16
HWMon.Dev.#3.....: Temp: 26c Fan: 90% Util:  0% Core: 139MHz Mem: 405MHz Bus:16
HWMon.Dev.#4.....: Temp: 28c Fan: 90% Util:  0% Core: 139MHz Mem: 405MHz Bus:16
HWMon.Dev.#5.....: Temp: 30c Fan: 90% Util:  0% Core: 139MHz Mem: 405MHz Bus:16
HWMon.Dev.#6.....: Temp: 30c Fan: 90% Util:  0% Core: 139MHz Mem: 405MHz Bus:16
HWMon.Dev.#7.....: Temp: 31c Fan: 90% Util:  0% Core: 139MHz Mem: 405MHz Bus:16
HWMon.Dev.#8.....: Temp: 27c Fan: 90% Util:  0% Core: 139MHz Mem: 405MHz Bus:16


attack 2

hashcat64.exe -m 2711 -a 3 "t1m3l1n3 .left7" -o "t1m3l1n3.out" --session t1m3l1n3 -w 4 -1 ?l?u?d!@#$ -i --increment-min=6 ?d?d?d?d?d?d -O --remove -d1 -l 1250


Session..........: t1m3l1n3
Status...........: Quit
Hash.Type........: vBulletin >= v3.8.5
Hash.Target......: t1m3l1n3 .left7
Time.Started.....: Sat Jul 07 20:02:06 2018 (2 mins, 17 secs)
Time.Estimated...: Sat Jul 07 20:34:37 2018 (30 mins, 14 secs)
Guess.Mask.......: ?d?d?d?d?d?d [6]
Guess.Charset....: -1 ?l?u?d!@#$, -2 Undefined, -3 Undefined, -4 Undefined
Guess.Queue......: 1/1 (100.00%)
Speed.Dev.#1.....:   154.8 MH/s (0.46ms) @ Accel:64 Loops:100 Thr:1024 Vec:2
Recovered........: 1/2415740 (0.00%) Digests, 1/2415698 (0.00%) Salts
Recovered/Time...: CUR:0,N/A,N/A AVG:0,0,0 (Min,Hour,Day)
Progress.........: 21043375000/301962250000 (6.97%)
Rejected.........: 0/21043375000 (0.00%)
Restore.Point....: 0/10000 (0.00%)
Candidates.#1....: 120123 -> 688220
HWMon.Dev.#1.....: Temp: 42c Fan: 90% Util: 34% Core:1885MHz Mem:4811MHz Bus:16





attack 3

Session..........: t1m3l1n31
Status...........: Quit
Hash.Type........: vBulletin >= v3.8.5
Hash.Target......: t1m3l1n3 .left7
Time.Started.....: Sat Jul 07 20:02:09 2018 (2 mins, 12 secs)
Time.Estimated...: Sat Jul 07 20:34:41 2018 (30 mins, 20 secs)
Guess.Mask.......: ?d?d?d?d?d?d [6]
Guess.Charset....: -1 ?l?u?d!@#$, -2 Undefined, -3 Undefined, -4 Undefined
Guess.Queue......: 1/1 (100.00%)
Speed.Dev.#2.....:   309.4 MH/s (0.46ms) @ Accel:64 Loops:100 Thr:1024 Vec:2
Recovered........: 1/2415740 (0.00%) Digests, 1/2415698 (0.00%) Salts
Recovered/Time...: CUR:0,N/A,N/A AVG:0,0,0 (Min,Hour,Day)
Progress.........: 342634250000/905886750000 (37.82%)
Rejected.........: 0/342634250000 (0.00%)
Restore.Point....: 1250/10000 (12.50%)
Candidates.#2....: 120301 -> 688242
HWMon.Dev.#2.....: Temp: 47c Fan: 90% Util: 60% Core:1885MHz Mem:4811MHz Bus:16



funny fact is, by giving the work to one gpu only , it show a less cracking hashrate.

first attack less keyspace. less hashrate , only one gpu , take less time.
second and third attack, are splited work. , less hashrate per gpu, less keyspace , take more\same time as one gpu on first attack would.


anyhow my idea failed perhaps because of an hashcat bug.
but maybe by spliting the workload between the gpus for the same job with skip/limit within the same job all gpus will be used.

i've read the FAQ , and i understand that when gpus are not "working" that mean they dont have enough work to work on Big Grin

i know that by when appending some stuff like rules etc.. that mean i must skip what i want to find, for example i want to find x6 ?d if i append something to create "more work" that mean  gota skip this x6 ?d ..

mp64 ?d?d?d?d?d?d | hashcat ....  was the same result. 

Building Configuration Questions

July 7, 2018, 4:23 pm
$
0
0
its my first time thath i will build a pc configuration so if someone out here can help me will be nice, my new pc will be dual boot, ubuntu server and windows i will use ubuntu server for hashcat and other own projects like for large periods, windows for play but main intention is to use these for hashcat not for gaming i have my laptob for every day use so.

My idea is to start with 1 1080ti  and go putting more (4 in total) i listen out of here thath next gen gpu will not be good for hashcat so i think take 1080ti is the best option so far.

Anyway i have some questions.

1-Its liquid refrigeration obligatory for let gpus for large period times working i think yes anyway just asking.

2- I should search something special in motherboad appart from slots for 4gpus? does PCI extensions loose hashcat performance?

3-for what cpu i should look if i want to put 4gpus in hashcat?


Appart from these should i worry about something? i mean look in something special? thanks 



right now i have 1800€ budget but in some months(3 max) ill have around 3000€ or more, so  if i can buy now(pretty hard) would be nice but i think still pretty much more.
Search

Combinator Attack issue with rules

July 7, 2018, 8:40 pm
$
0
0
I came across hashcat and asked someone from the IRC about this and seems like I'm at an impasse.

I'm trying to test out a particular set of patterns in the following format
[word][4 digits][word][4 digits]

The word of course coming from a word list and the four digits going from 0 to 9

I tried the following 
hashcat64.exe -m 2500 -a 1 -j"?d ?d ?d ?d" -k"?d ?d ?d ?d" cap.hccapx six.dict six.dict
Only to come up with six.dict is empty when it isn't (i've checked everytime I ran it)

I realized that the -j and -k rules are for single characters only and can't do mask based input.

Any solution you guys can think off about this?

Thanks so much, hashcat's given my old crypto mining rig a new lease on life

hashcat deletes restore on CL_OUT_OF_RESOURCES

July 8, 2018, 10:29 am
$
0
0
From time to time I get CL_OUT_OF_RESOURCES (on Windows). If this occurs then hashcat deletes the restore file and exits. Thus I am not able to recover from a time (shortly) before the error occurs.
Am I doing something wrong? Or is this intended? Is there a way to get around to start from the beginning?

I do not know why I'm getting this error or how to find out the reason. I'm aware of https://hashcat.net/wiki/doku.php?id=timeout_patch and this is done months ago. Before this registry key was set, hashcat warns about it. After setting the key hashcat does not warn any more but the error still occurs. It could happen just minutes after starting or after hour/days. It is also possible that it took a month before there is another CL_OUT_OF_RESSOURCES (hashcat is not running all the time).
I reinstalled different version of driver and also test different cards (also using two or only one).

Because I do not know why it happens, how to prevent it and how to prevent hashcat from deleting the restore file I only see a workaround in a task periodically copying the restore-file out of the hashcat folder. Is there a better way?

Thank you in advanced!

I already searched for the reason of CL_OUT_OF_RESSOURCES (e.g. it occurs on buffer out of index and also as a dummy error) and here on the forum but did not find anything helpful . If I missed something, I'm sorry.

Problems with installing and using hashcat

July 8, 2018, 10:59 am
$
0
0
I'm a absolut beginner and I need help for my Itunes backup, because i didn't know my itunes backup password. All my important photos are in this backup.

I'd bought a computer Fujitsu Siemens Esprimo P7936 with a NVIDIA GeForce GT 710 - 1 GB - VGA / DVI / HDMI installed ubuntu an tried to install hashcat.

First I had some problems with signing the pgp-signature and then i tried another way, but the result is crashing.

Is there a step by step installation and cracking guide availible?

Hashcat doesn't find password

July 9, 2018, 11:29 am
$
0
0
Hi !

-Windows7 
-i7 860
-Old ati radeon 5870 vapor-x

This is my problem :

I make a .txt with this MD5 hash " slipknot "
Code:
f34c903e17cfeea18e499d4627eeb3ec
and i save it.
I have a wordlist with only one word "slipknot"
I run Hashcat but doesn't find anything Sad

I try Hashcat with 2500 WPA/WPA2  - file example hashcat.hccapx and a wordlist with only "hashcat" and nothing Sad

Hashcat works only with the examples in the folder:
example0.hash / example400.hash / example500.hash --> with example.dict

Where am I doing wrong? Thanks !



Code:
hashcat64.exe -a 0 -m 0  hs\s0.hash   wordlist\test.txt
hashcat (v4.1.0) starting...

* Device #2: Not a native Intel OpenCL runtime. Expect massive speed loss.
            You can use --force to override, but do not report related errors.
OpenCL Platform #1: Advanced Micro Devices, Inc.
================================================
* Device #1: Cypress, 512/1024 MB allocatable, 20MCU
* Device #2: Intel(R) Core(TM) i7 CPU         860  @ 2.80GHz, skipped.

Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates
Rules: 1

Applicable optimizers:
* Zero-Byte
* Early-Skip
* Not-Salted
* Not-Iterated
* Single-Hash
* Single-Salt
* Raw-Hash

Minimum password length supported by kernel: 0
Maximum password length supported by kernel: 256

ATTENTION! Pure (unoptimized) OpenCL kernels selected.
This enables cracking passwords and salts > length 32 but for the price of drastically reduced performance.
If you want to switch to optimized OpenCL kernels, append -O to your commandline.

Watchdog: Temperature abort trigger set to 90c

* Device #1: ATTENTION! OpenCL kernel self-test failed.

Your device driver installation is probably broken.
See also: https://hashcat.net/faq/wrongdriver

Dictionary cache hit:
* Filename..: wordlist\test.txt
* Passwords.: 1
* Bytes.....: 8
* Keyspace..: 1

The wordlist or mask that you are using is too small.
This means that hashcat cannot use the full parallel power of your device(s).
Unless you supply more work, your cracking speed will drop.
For tips on supplying more work, see: https://hashcat.net/faq/morework

Approaching final keyspace - workload adjusted.

Session..........: hashcat
Status...........: Exhausted
Hash.Type........: MD5
Hash.Target......: f34c903e17cfeea18e499d4627eeb3ec
Time.Started.....: Mon Jul 09 19:59:42 2018 (0 secs)
Time.Estimated...: Mon Jul 09 19:59:42 2018 (0 secs)
Guess.Base.......: File (wordlist\test.txt)
Guess.Queue......: 1/1 (100.00%)
Speed.Dev.#1.....:     1172 H/s (0.08ms) @ Accel:64 Loops:1 Thr:256 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 1/1 (100.00%)
Rejected.........: 0/1 (0.00%)
Restore.Point....: 1/1 (100.00%)
Candidates.#1....: slipknot -> slipknot
HWMon.Dev.#1.....: Temp: 57c Fan: 36% Util:  0% Core: 875MHz Mem:1250MHz Bus:16

Started: Mon Jul 09 19:59:39 2018
Stopped: Mon Jul 09 19:59:43 2018

Quad 1080ti Workstation

July 9, 2018, 3:17 pm
$
0
0
Hello after reading some post, i found some things, im gonna post here cause  i want to go for quad 1080ti, i will start buying all unless all GPU and i would add periodicaly(like 2-3months) each 1080ti , in like 8-10) months i could have done.

Motherboard: Asus X99E WS
CPU: i7 5930k
Tower:Big Tower EATX case
PSU: 1500W PSU
Samsumg Evo 860 500GB


And about the cooler, what is better fan or liquid refrigeration?

Masks for Multiple Language Charsets in UTF-8

July 11, 2018, 8:30 am
$
0
0
Hi all.

I've read pretty much everything i can find on the subject of masks and charsets, but can't find or work out a solution for this issue. For the record, the resource I most followed was: http://www.netmux.com/blog/ultimate-guid...-using-has, in concert with the FAQ and Wiki entries on custom character sets and masks.

I am trying to adapt the rockyou masks to support both the Russian and Basic Latin (English) character sets within the same password strings. The hashes were originally created on a system with UTF-8 encoding. From my understanding, the best (only?) way to create UTF-8 representation is to use --hex-charset, with -1 being the first byte range and -2 being the second byte range. For the record, I'm able to crack a password which uses ONLY the Russian language.

I've tried creating masks where ?1/2/3/4 are the literal characters, but it was unsuccessful in cracking any known passwords. (The cracking was done on an Ubuntu system with hashcat 4.x with UTF-8 as the locale/environment.) I've also tried cracking hashes of known passwords solely using Russian which were created on UTF-8 by using the built in Russian character sets, and that fails. (1 byte vs 2 bytes I'm assuming.)

Here is a mask which successfully cracks a 3 character (6 byte) Russian password when used with --hex-charset:
Code:
d0,808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf,d0d1,b0b1b2b3b4b5b6b7b8b9babbbcbdbebf808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f,?1?2?3?4?3?4

The issue I'm encountering is that it appears that the Basic Latin character set in UTF-8 is encoded with only one byte. Therefore, a 2 bytes per character mask will not work. I used the same password cracked with the above mask, appended a Latin 's' (lower case s) to it, and updated the mask line to the following, hoping that addressing a Latin character with \x00\x## would work. It does not. It appears that for whatever reason in the combination of hashcat, hash environment, crack environment, and encoding specs, that "s" in UTF-8 is just \x73, not \x00\x73.

Code:
00d0,808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf4142434445464748494a4b4c4d4e4f505152535455565758595a,00d0d1,b0b1b2b3b4b5b6b7b8b9babbbcbdbebf808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f6162636465666768696a6b6c6d6e6f707172737475767778797a,?1?2?3?4?3?4?3?4

(If need be for anyone, i can break down what is what within the mask. But I'm assuming anyone who knows enough to help answer the question also knows enough about character sets to be able to parse it for themselves if needed.)

And obviously, that Latin character could be anywhere inside the password, not just at the end, so the specific mask isn't the important part. 

So, I guess what my most direct question is, is this possible? Is it possible to setup a mask with a variable length, optional or dependent component? For example, using the mixed-language hex charset, is there a way to tell it to ignore the first ?1 if the next character in the mask will be ?2 between \x41 and \x5a? Or, a even a simple way of saying "some of these are one byte, and some are two bytes"? Or, some other workaround?  Also, if I'm entirely barking up the wrong tree with a core assumption here, please let me know. 

Any other thoughts on what i'm missing, or something else I should try?

Thanks in advance.
A guy named Lou.

(So, it looks like I rambled a bit. Please feel free to ask if you want clarification on anything.)

EDIT to Add - No, my test didn't work.

Building a 65 GPU distributed Rig... Open to suggestions.

July 11, 2018, 2:37 pm
$
0
0
I am just beginning the process of creating a 65 AMD GPU Hashcat pen-testing rig that consists of 5 13GPU servers. Just wanted to see if anyone here has done something similar in the past and get recommendations as to the best possible way this might be accomplished. I am aware of the various options available for distributed network Hashcat configurations such as Hashtopolis, Cracklord, & Hashview but would like to see what others recommend based on experience before I start. Also, are there any new options out there that might be better than the ones mentioned?

Thanks for your replies in advance!
Search

bcript+salt?

July 12, 2018, 8:16 am
$
0
0
guys, i'm using hashcat on windows, but it seems that hashcat can not recognised mine hash, which should be bcript, but i have salt too.., i use this command:

Code:
hashcat64.exe -m 3200 -a 0 --username --session name --status hash.txt rockyou.txt --gpu-temp-abort=80 -r best64.rule

and hash.txt have lines in this form:

email@email.com:$2a$13$XXXXX...X:YY...YYY
(total 53 charaters on X,in Y there are  22 chars which is the salts)

but hashcat say: "no hashed loaded" caused from the salt.. how can i do? thanks



edit: i don't know if i cant post link.. but i've found a site that with the only hash in input says is bcript and it gives me the salt too in output.. which is quite the same the one with i've got.. but the last char is different.. so i'll assume it is possibile to gain the salt from the hash

Hash bitcoin brain wallet address from passphase?

July 13, 2018, 1:59 am
$
0
0
So i just found some of my old paper wallet generated. Unfortunately, the ink was blur when i fold it which make some of the characters was lost like this
######a2f52RR4xrcLKxWpVA

It lost 6 characters, i calculate & it has 53981544960 combinations, pretty posssible to generate & get it back. Some ppl introduce me to hashcat & recommend me to use this, but i can't seem to find the options to hash bitcoin address from direct passphase so i plan to modify the source . How can i do this? Can any body recommend where should i start? Thank You

VeraCrypt Decryption [mac OSX]

July 13, 2018, 10:17 am
$
0
0
Hello dear community, 

I have a problem and I need your help. I can't get it done for days. 
Hopefully you can help me and this problem can help others who have the same problem. 

I have forgotten my VeraCrypt password and want to recover it. I also know the word combinations, which could help me with the Combinator attack. 

---------------------

Information about the VeraCrypt-File:

Encryption Alg.: AES

Primary Key Size: 256 bits
Secondery key size (XTS mode): 256 bits
PKCS-5 PRF: HMAC-SHA-512
Hidden Volume Protected: no

Information about my operating system and Hashcat:

I am using Mac-Pro and installed hashcat via terminal link (GitHub).

---------------------

Problems:

1st problem: Combinator Attack does not work 
./hashcat -a 1 -m 0 example0.hash mydict2.dict mydict2.dict 

It is executed, but the words in mydict2.dict do not combine.
In mydict2.dict are words (letters, numbers). 

-------

2nd Problem: Brute-force attack 
./hashashcat -m 13721 -a 3 Vera.txt

I saved my VeraCrypt container as Vera. Then I added.txt after Vara, so hashcat recognizes the file (Vera.txt).

Where is the error here?

I would be very happy if you could help me!


Kind regards

[Newb] Mask attack on FNV1a-32

July 14, 2018, 12:51 pm
$
0
0
Hi guys,

I have 10 hashes of an ASCII string, hashed with FNV-1a 32bit variant, which i'd like to get the original string from back.
I searched the supported hashes list but FNV isn't there, google pointed me to an issue which didn't seem of any relevance.
Is it somehow possible to use Hashcat for this task? I know FNV isn't a cryptographic hash.
Writing my own hashcracker for this seems a really big job, which I'd like to avoid.

I also know that a lot of collisions could be discovered, but it know (parts of) the mask of these string:
/(prefix\.)([a-z0-9_]+.)+([A-Z][a-zA-Z0-9]+)/
This is basically a package name, i can definitely recognize the correct one if it see it. The total length of the string shouldn't be longer than 60 chars.

What are my options if this is not possible with (the current version of) HashCat?
Should i then look into trying to fork and introduce this behaviour myself? If yes, any quick-start pointers on how?

Thank you in advance,
Bert

[Help] Small Wordlist, Rule based Attack 4H/s

July 15, 2018, 1:34 pm
$
0
0
Hi together i have a problem with my Rule Based attack.

My "word list" has 4 Passwords in it i wanna try all possible combinations for this 4 passwords.
Like: leetspeak, upper lowercase double pressed keys.

I found the Rule "OneRuletoRuleThemAll" on GitHub but i only get it to work with 4H/s.
I know my word list is to small, but is it sill possible to get higher H/s?


I using Windows 10 64bit, Nvidia GTX 1060, Hashcat 4.1.0 and the Hashcat GUI, 
if its only possible without using the GUI i can switch to the console.


Thanks for your Help.
Viewing all 8239 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>