Quantcast
Channel: hashcat Forum - All Forums
Viewing all 8117 articles
Browse latest View live

Can only find one hash of two - Office 2013

December 11, 2018, 12:43 pm
$
0
0
I have a file containing two Office2013 hashes. The pwd for the two is 1920.

Code:
$ cat office2013.hash

$office$*2013*100000*256*16*e166509e5a4e05670dc5f3a57c4f30ff*636ae6f842a8f6b2939eb611b5912903*a4471efa793e407aae675b1601527215ac6ba179f18e5e4c9b1d29eec4bc04ef

$office$*2013*100000*256*16*e166509e5a4e05670dc5f3a57c4f30ff*f2e4fe453c2451d9070a485ffae7e1e8*48dce31f17ce6b1c4fe59d450cd7cf28c0041b435dbd1e29caade645318c5a76

When I try to crack the two hashes, Hashcat only finds the first one.

Code:
$ hashcat -m9600 office2013.hash -w3 -a3 ?d?d?d?d --quiet

$office$*2013*100000*256*16*e166509e5a4e05670dc5f3a57c4f30ff*636ae6f842a8f6b2939eb611b5912903*a4471efa793e407aae675b1601527215ac6ba179f18e5e4c9b1d29eec4bc04ef:1920

When I run one hash at the time, Hashcat is able to find the pwd for both

Am I missing a detail here?
Thanks!
Search

Avoiding startup lag when running hashcat in a loop

December 11, 2018, 1:17 pm
$
0
0
Hi,

I would like to run a combinator attack, but the issue is, that the left wordlist is different for each hash to crack (the right wordlist stays the same).

Now, that is not a problem as I can start individual hashcat commands, one by one, with the proper left wordlist for each. This leads to quite some performance degradation however, as hashcat initializes device kernel and memory at every invocation, which takes a bit of time (i should say 15 - 30 secs.)

Am I overcomplicating matters and is there another way? Rule based wouldn't work for the left wordlist, as the left wordlist is a combination of words itself (in fact, it's a list of candidate emails).

I should note that I am using --force, as I am testing this on a CPU. Maybe once I run this on a machine with a GPU and abandon --force, the startup lag goes away?

Thanks for your guidance.

Hashcat64 cannot detect GPU @ driver Nvidia 417.22 Cuda 10

December 12, 2018, 2:24 am
$
0
0
Hello

Hashcat64 Detect only  CPU, 
My GTX 1080 with latest driver 417.22 CUDA 10  does not seem at benchmark results.

hashcat32 no problem


.jpg   cudaz.JPG (Size: 51.64 KB / Downloads: 4)

hashcat always exhausted even with every character given in mask

December 12, 2018, 10:29 am
$
0
0
Hi there, I actually have two problems I need help with and wondered if any of you kind people may be able to point me in the right direction?

First of all i'm using windows gui version on 5.0.0 hashcat. I have The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) but its running in a virtual box and can't get gpu drivers to work properly in there. So am collecting handshake and pmkid and transferring them to windows via shared folder.

1) Every time I try to crack handshake it reports exhausted even though it has cracked it and dumped it in pot file and in the output.txt

2) Secondly I can't seem to get it to crack a PMKID even though its been converted to hashcat format and even if I give it every letter of the code in the mask except one. It just says exhausted but doesn't dump anything in the pot file or output text I'm using the command:

hashcat64.exe -m 16800 C:\sdsds\sdsds\Documents\Shared\hotspotcap.16800 -a 3 -w 3 -1 ABCDEFGJKV -2 01234567 ?1?1?1?1?2?1?1?1

Code i'm trying to crack is BEJV7EEA

Nvidia RTX 2070 vs AMD Vega RX 64

December 12, 2018, 10:51 am
$
0
0
Hi there,

I plan to buy new GPU and I consider this two: Nvidia RTX 2070 vs AMD Vega RX 64. I found two benchmarks:
RTX 2070 with hashcat 5.0.0:
https://pastebin.com/b2i9kQFx

Vega 64 with hashcat 4.0.0:
https://docs.google.com/spreadsheets/d/1...=785768233



I don't know how much performance changed from hashcat 4 to hashcat 5, but I make comparison based on two benchmarks above:
https://ethercalc.org/yu2pz7lakmob
Red color - AMD is better
Green color - Nvidia is better

Based on comparison I can't figured out which one will be better.

Pros for me for Nvidia:
 - better performance in games
 - less power consumption
 - some new fancy technologies (which may be useful or not, like ray tracing)

Pros for me for AMD:
 - I have Radeon R7 260, so I could use both GPU
 - I have monitor with Freesync

Whats your opinion on this two cards?

Ransomware

December 13, 2018, 9:07 am
$
0
0
Hello,

I don't know if anyone can help but we got hit with Ransomware over the weekend. This has taken out a number of servers and client PC's totalling about 25 hard drives. They have used Diskcryptor to encrypt the all our drives (including all backups, NAS etc). 

What we know so far is that the passwords used were only numeric and vary in length from 8 digits to 11 digits. This means that hashcat will be able to find the codes. However our one stumbling block is we do not know how to find the hash from the encrypted drives. We also know they used version 1.1.846.118 of diskencryptor which was the last released in 2014. The source files for this are available on the website.

Any help appreciated as we feel this is the only way forward to retrieve our data and with our rough calcs even an 11 digit number should crack in under 3 days.

Thank you

Ian

Not finding my own set password

December 14, 2018, 6:17 am
$
0
0
Hi, I'm working on a  Office 2013 file and I'm pretty sure I have the correct password in my dictionary, but after hours spent cracking I get no results. So I did a pretty simple test: I created a Word document, applied the procedure to encrypt it with passpass as password, extracted the hash with office2hashcat (or office2john is the same) and tried:
- a simple wordlist of 10 password, containing also passpass
- a bruteforce session for passpas?l
Both end with no success, even if the password is there for sure.
Using 5.10 on Win as:
hashcat64.exe -a 3 -m 9600  \Work\test.hsh  \Work\test.txt
or
hashcat64.exe -a 0 -m 9600   \Work\test.hsh  passpas?l

The hash was obtained as:
$office$*2013*100000*256*16*8b35c1c9d47628bcd8e6fd3225c7a816*56f7f0f311080fe61fef145f14072971*221e2a3a0957a92021da211700d3ea44ca7759f9f1b1e56c2acc7ea308ea52f4

I think I'm doing somethign horribly wrong, but can't find what it is. Anyone who can help me?
Thanks

Try this 5 app instead of Snapchat.....

December 15, 2018, 5:30 am
$
0
0
If you want to use another app instead of snapchat, you can try these apps.

If you want to use any other app other than Snapchat, you will be happy to know that many such apps are equipped with features like Snapchat. If you do not want to leave the Snapchat features and you like it too much, then you can use other apps equipped with features like snapcat emoji meanings.

Let me tell you that recently the CEO of Snapchat was a big fan of the statement depicting India as poor. The anger of the people about the snapchat was such that they started giving app 1 star.

[b]1. Instagram[/b]
[b]2. Facebook[/b]
[b]3. MSQRD[/b]
[b]4. SNOW[/b]
[b]5. Camera360[/b]
Search

Hashcat saying wrong driver

December 15, 2018, 6:24 am
$
0
0
Hi
I am running Ubunto 18.04 server version on msi  X470 motherboard with a  AMD Ryzen 5 2600 Six-Core Processor and rx 570 GPU.  I have installed the ROCM drivers according to their instructions and that installed with no issues, i tested the ROCM install with their helloworld app and that works fine. However when i run Hashcat i get the following error

* Update your OpenCL runtime / driver the right way:
 
  https://hashcat.net/faq/wrongdriver

It is running but considerably slower than it should do.

Any ideas on how to fix this would be greatly appreciated.

FileVault 2 performance issue?

December 20, 2018, 1:06 am
$
0
0
Hey guys.

Decided to test my new rig (RTX2080) against my old(ish) imac with filevault 2 enabled, as i cant remember what i put in for the password Wink After some tedious (fun...) work to extract the hash, I've put it to work. As FileVault hashcracking with hashcat is fairly new, I cant find a lot of benchmarks on it - but I found one from a 1080ti card, which shows that it does around 90000 H/s. My tests so far give me around 21000 H/s. I wonder what might be wrong?  Newest sparkling CUDA was installed yesterday - and from my other post here with the benchmark, it kicks ass on most other hashes Big Grin

Any ideas? If it could be related to the mask im testing with, thats my one option so far to look at - i havent tried a dictionary attack yet.

Hybrid attack workload increase incase of small dic

December 20, 2018, 5:33 pm
$
0
0
Hello,

I've noticed in hybrid attacks the workload highly dependant on the amount of entries in the dictionary.
Take the following attack as example:

mask + wordlist

?l?l?l?l?l?l?l?l [8]

Code:
@hotmail.com
@yahoo.om
@gmail.com
97 other domains...


Performance will be horrible. 100 seperate masks attacks would also be not very efficient.

My suggestion is the following. Munge a part of the mask into the rules to increase workload. So above example would become:

?l?l?l?l?l [5]

Code:
aaa@hotmail.com
aaa@yahoo.om
aaa@gmail.com
aab@hotmail.com
aab@yahoo.om
aab@gmail.com
aac@hotmail.com
aac@yahoo.om
aac@gmail.com
etc.

Can i modify hashcat to make it generate random instead of all possible combination?

December 21, 2018, 9:37 am
$
0
0
I know this is not how brute force work, but can i make the it generate random password with declared length & possible characters:
1. Choose password length
2. Choose possible charsets
3. Input list of hashs you want to break
Run the tools & it simply generate random possible candidate instead of go from aaa->zzz
I have run some small tests in this case with my own application in C# to break lists of hundreds hash created from 7-10 characters random passwords. Assume 10 characters password with upper, lower, numeric chars have 604,661,760,000,000,000 possible combinations, when i generate 777,600,000 possible candidates (sqrt(N)), i always find at least 1 or even more hash of them. This is way more fast & time-saving if i knew the passwords was random. C# run super slow compare to C & i just learn C recently so i want to give it a try. Do i have to edit the code in source or write a attack rule for this? Thank you

combine password with ?d?d?d?d

December 21, 2018, 6:37 pm
$
0
0
I am using this command to crack password.
hashcat.exe -m 2500 -a3 capture.hccapx ?d?d?d?d?d?d?d?d

If I want to add a combine password, example dictionary.txt contain word "john", "alex", "bong“
I want the generated password as

john5523
johnbong2365
alex3235bong
98bong23

How do I edit the command above?

How can I use the hashcat brain?

December 21, 2018, 7:25 pm
$
0
0
I want to use the function of the hashcat brain, what command parameters are used on the server side and the client side to make the brain work.

My 2 computers are all windows10 systems under one LAN.
The hashcat version I am using is 5.1.0
I want to use a computer as the server side and b computer as the cracking host of hashcat.
What command parameters should I use on a computer, and what command parameters do b computers use to make a and b work?

Please help me, I hope to give a reference to the command.

Can external code used as a custom hash for hashcat?

December 23, 2018, 6:42 am
$
0
0
I want to add brain wallet ethereum into hashcat using available code on the internet. What standard in hashcat hash function do i have to follow & make it work?
Search

Power connectors for GPUs

December 24, 2018, 1:42 pm
$
0
0
I'd like to upgrade my hashcat rig, a 4 GPU box. The PSU can deliver more than enough power (pro redundant rack hardware), cards are on real (physical, not lane-wise) x16 slots but the number of physical connectors on the PSU power backplane is limited. So now I've got a bunch of options. What will work / will be the best option according to you pros?

1) 1080Ti connected with a single 8 pin power connector only. Will it work to start with? If so: e.g. power limit on 225W?
2) 1080Ti connected with a 8 + 6 using a splitter (reading advice telling not to use them).
3) Use 1080s.
4) Something else?

And in general:
- How many Watts can you safely pull through a single 8 pin GPU power cable?
- How many Watts will a 1080/1080Ti burn in -w4 mode, worst case seen and what cracking mode will that be?

Thanks!

Help performing a mask-attack on 1 MD5

December 26, 2018, 8:10 pm
$
0
0
Hello, I've never used anything but straight attack mode with rules, however i'd like to try mask attack on a specific single MD5.

Based on other hashes I've cracked its expected to to start with Uppercase char, lowercases in middle, followed by numerics, ends with special characters.

These are actual cracked hashes, im expecting the one i want is to be similiar:

Support@123
Nishani2!
Hello12345!

Expected length is between 8 to 14 chars

How do i perform such attack?

blockchain hash problem

December 27, 2018, 4:30 am
$
0
0
Trying to  decrypt blockchain wallet, work with mode 15200 with wordlist (which is have current password) but hashcat can't find password. I read all search results here which are about "blockchain" word but not work. 

wallet.aes.json like:
{"pbkdf2_iterations":5000,"version":3,"payload":"......................"}

Scenario 1:

Convert wallet.aes.json to hash with current blockchain2john.py 

- Failed


Scenario 2:

Convert wallet.aes.json to hash with blockchain2john.py of Bleeding-Jumbo (https://github.com/magnumripper/JohnTheRipper/blob/bleeding-jumbo/run/blockchain2john.py)

Hash is looks like: 
$blockchain$v2$5000$1760$a71ba2460f126706..........................................

- Failed

Scenario 3:


I try to cut hash manually like
$blockchain$v2$5000$288$First576CharFromHash

- Failed


What is wrong ? Can you help ?

New project

December 27, 2018, 6:37 am
$
0
0
Hi folks.
Am about to setup a cluster with 28 GPU, 22 pcs of RX580 and 4 1080Ti..
Any recommendation about memory and cpu choice of each node?
Any recommendations of cluster software so spread the load over several nodes?
Like VCL once did

Reason is for HashCat work only..

Idea of best Linux distro?

All ideas are welcome, both as Direct messages and as replies in this thread

KeePass/ Word list help!!!!

December 28, 2018, 2:59 pm
$
0
0
I mean the big opps over storing all my Crypto passwords in keepass and then forgetting the master password when I was not on it all the time. ALL my Crypto data is in here and I can't seem to get in. 

I already tried to extract the hash using John the ripper and then using rockyou.text word list to get in and after 3 hours I didn't get any luck. 

After thinking about this for a while I was thinking maybe there is a better way. I have a good idea what words, numbers and symbols were used, but can't get it right. Is there a way to either generate a list of all the possible combos using the words, numbers and symbols I typically use and then using Hashcat to attempt them all? for instance if I usually use the words BasketBall, BaseBall,Football, the numbers 1, 2, 11, 21, 22, and the symbols !$@, and the order always starts with the word. 


Please help if you can!
Viewing all 8117 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>