Need help working with masks

February 3, 2019, 4:56 am

≫ Next: hcxtools "whoismac" command

≪ Previous: Cannot see crakced password

$

0

0

Hello,

I want to crack a filevault2 hash from which I know that it starts with a word followed bye a 1-8 digit number.

So letz say the password starts with the word "test" followed bye a 4-digit number, then I use the following code:

Code:

hashcat64.exe -m 16700 hash.hash -a 3 test$d$d$d$d

But I think this is not working as I (for test purposes) used following code:

Code:

hashcat64.exe -m 16700 hash.hash -a 3 test$d$d$d$d$d$d$d$d$d$d$d$d$d$d$d$d

And Hashcat showed me "exhausted" after few seconds of work. I thought, that this command means, that all combinations of the word+16 digits after that will be tried, but I see that only 1 password is tried, so I think I have not understand how to work with masks.

Could anyone show me what I'm doing wrong?

Also can someone explain me how I start a combination-attack so that I create a small wordlist containing the possible words, followed bye the numbers? If there is a possiblity to tell hashcat, that the words in the list should also tried in uppercase letters, that would be helpful. Otherwise I will copy those in the .txt-file also.

Here are some stats of my system:

-Windows 10 (1803), 64-bit
-Hashcat 5.1.0
-NVIDIA RTX 2080, driver 417.35


Any help is highly appreciated

uennotec

---

hcxtools "whoismac" command

February 3, 2019, 6:53 am

≫ Next: Cannot generate PMKID.txt

≪ Previous: Need help working with masks

$

0

0

I'm trying to list all PMKIDs that were pulled with this command "hcxpcaptool hcxdump.pcapng -o hcxdump.hccapx -z PMKID -U usernames -P pmklist -E wordlist -T trafficlist -I identities". The problem I'm facing is I don't know the proper whoismac command that will list all the PMKIDs that were generated. I see a whoismac file in hcxtools folder but when I try to open it it shows a "cannot display error". So what whoismac command can I run to list all the PMKIDs and will I be able to view this PMKIDs?

Cannot generate PMKID.txt

February 3, 2019, 7:41 am

≫ Next: Rejecting candidates under X characters while using rules set?

≪ Previous: hcxtools "whoismac" command

$

0

0

I need help generating a PMKID.txt file. When I run this command "hcxpcaptool -z PMKID.txt -o hcxdump.hccapx -E wordlist -I identitylist -U usernamelist -P PMKlist -T trafficlist *.pcapng" no PMKID.txt file is generated. I need help , thanks.

Rejecting candidates under X characters while using rules set?

February 3, 2019, 11:28 am

≫ Next: where can i find an Compatible GUI for hashcat v.4.2.1 ?

≪ Previous: Cannot generate PMKID.txt

$

0

0

I have a situation where I know that user stored passwords are at least 15 characters long. However, it's possible that a non-standard user (admin, etc.) or an extremely legacy account (before min limits were put in place) could have created a "user" account with a password less than 15 characters. For political/organizational/layer 8 reasons, I want to make sure I only audit the system for these passwords (that is to say, those of length 1 to 14). This is a fast hash (call it MD4 ) .

Up to 8 characters is easy, I can mask attack with "-i ?a?a?a?a?a?a?a?a" and get everything. Past that and I run into the obvious issue of how long the attack will take.

Option #1 is to get intelligent about my mask attack, ?u?l?l?l?l?l?l?l?d for example. I might miss some things, but it's better than nothing.

Option #2 is to generate a dictionary and cut out everything that is less than 8 characters (I've already found those) or greater than 14 characters (I don't want to crack these!). Works fine with reasonably sized word lists, and combined with the above should find most things.

Option #3 is what I would like to do, use a dictionary and rules list, but reject every candidate in the results that is greater than 14 characters. Basically, what this person is asking for. I completely understand the answer given by Royce, it's not worth the trouble from a time perspective to reject these. However, in my case it's desired for other reasons.

I can pipe candidates through len, as was suggested by Royce, but I'm obviously losing a lot of speed with fast hashes. Reject rules only work on the wordlist itself or with hashcat-legacy.

Are there any other options for me? I understand what I want to do is atypical and I probably won't find anything that will operate at full speed, I'm fine with that. Basically, I just asking what my best option is at this point, or if there's something else I haven't thought of.

where can i find an Compatible GUI for hashcat v.4.2.1 ?

February 3, 2019, 2:42 pm

≫ Next: Hashrate

≪ Previous: Rejecting candidates under X characters while using rules set?

$

0

0

i am using version 4.2.1  of hashcat ..... but i didn't find the Compatible GUI of it i found 
HashcatGUI_050b1
&
HashcatGUI V1.1

...... the 050b1 doesn't have a lot of commands and hashes types ..

and HashcatGUI V1.1 require hashcat 5.1.0 ..... 

Hashrate

February 3, 2019, 9:30 pm

≫ Next: hashcat dictionary issues

≪ Previous: where can i find an Compatible GUI for hashcat v.4.2.1 ?

$

0

0

When I use benchmark:
Benchmark relevant options:
===========================
* --workload-profile=3

Hashmode: 0 - MD5

Speed.#1.........:   688.8 MH/s (72.08ms) @ Accel:512 Loops:128 Thr:256 Vec:1


But with the wordlist 89gb the hashrate so slow:
Session..........: 2019-02-04
Status...........: Running
Hash.Type........: MD5
Hash.Target......: F:\hashcat\hashcat-5.1.0\hashcat-5.1.0\peguerin.com - peguer5_2017.customers HASHES.txt
Time.Started.....: Mon Feb 04 12:29:31 2019 (18 secs)
Time.Estimated...: Mon Feb 04 13:18:15 2019 (48 mins, 26 secs)
Guess.Base.......: File (F:\hashcat\hashcat-5.1.0\hashcat-5.1.0\New folder\pass.txt)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:  2701.9 kH/s (7.24ms) @ Accel:1024 Loops:1 Thr:256 Vec:1
Recovered........: 0/379 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 45613804/7898146114 (0.58%)
Rejected.........: 748/45613804 (0.00%)
Restore.Point....: 45613804/7898146114 (0.58%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-1
Candidates.#1....: 54rutgerus -> davalo4452

Can fix that ?

hashcat dictionary issues

February 5, 2019, 10:35 am

≫ Next: Migrating from Passware to Hashcat (need guidance and opinion of experts here)

≪ Previous: Hashrate

$

0

0

Hello. to begin I split my 11 gb dictionary with unxupdates split.exe the file splits fine and is equal size down to the last byte. I have also split with fsplit and many other programs thinking it was a split error but i did a test and made them 100 lines long so i could open them with a text editor and everything was there



the first file testaa works fine and progress #'s are high and end candidates#1 are ( word -> word)


any of the other split parts result into this, progress #'s are 0 and candidates#1 [copying]



is this actually working and its just me thinking its bad or is something really wrong.

Migrating from Passware to Hashcat (need guidance and opinion of experts here)

February 5, 2019, 7:12 pm

≫ Next: hashcat finds cpu but not gpu

≪ Previous: hashcat dictionary issues

$

0

0

Greetings everybody, I have a 6 workstation with GPUs running on high speed network, I do Distributed network attack running passware software on one of my devices and agents on the others, recently some friends recommended using hashcat as they said it was much faster and powerful than passware, I just couldn't have the same DNA on my network, after a bit of searching and implementing I was able to install hashtopolis (A hashcat wrapper for distributed hashcracking)
I have some issues regarding the use of hashcat that I can't find solutions for online which are :
1- I can't detect file version or run brute force attack like I used to do in passware on some file types ( winrar) 
2- I can't detect or run attacks on encrypted volumes like truecrypt or veracrypt

Based on tutorials that I watched I think I must have a list containing all possible hashes to be able to match with the generated hash out of the attack that I run which seems pretty hard to get.

how do I run different attacks (Brute force, xieve, dictionary, .... ) I can't find videos or examples to this, all I find is a lot of types listed with corresponding hashes.

---

hashcat finds cpu but not gpu

February 6, 2019, 5:48 am

≫ Next: Can't crack ZIP file, No hashes loaded

≪ Previous: Migrating from Passware to Hashcat (need guidance and opinion of experts here)

$

0

0

OK so I have hashcat on my windows 10 PC and when I start going through a wordlist hashcat only finds my cpu an AMD FX(tm)-6300 as device 1 but by gpu a GTX 1060 is not found.

Using hashcat -I to see all devices only the cpu is found again. I have installed the latest drivers being 418.81 and I was wondering if anyone knows what I can do here?

Can't crack ZIP file, No hashes loaded

February 7, 2019, 5:17 am

≫ Next: Missing example hashes

≪ Previous: hashcat finds cpu but not gpu

$

0

0

Hello. 

I am very new to Hashcat and cracking in general. I have just started creating my own Zip files with passwords to crack. 

I've created a Zip folder with winrar. I am able to get the hash using John the ripper. 

When I try to crack the Zip hash with a word list I have no success. I recieve an error saying 

Token encoding exception

No hashes loaded.

Here is my command
> hashcat64.exe -a 0 -m 13000 $zip2$*0*3*0*abcdefghijklmnopqrstuvwxyz123456789.......*$/zip2$ C:\Users\User\Desktop\CrackMe.txt 

This hash is ovbiously not the one I am working with. I've tried to copy the format as someone may know what kind of hash it is. 

I have a feeling it has to do with the "-m 13000" argument. Perhaps I am not selecting the right hash ? 

Is my hash wrong ? Any help is appreciated. Like I say, Im very new to this, still learning, 
So if offering help please make it newbie friendly please. 

Thank you 


  Hashcat Help.png (Size: 30.04 KB / Downloads: 2)

Missing example hashes

February 7, 2019, 5:33 am

≫ Next: AMD Radeon VII benchmarks(?)

≪ Previous: Can't crack ZIP file, No hashes loaded

$

0

0

Hi there,

I'd like to ask someone from the hashcat stuff whethe they could add hash examples of hash-modes added in version 5.1.0 to Wiki. Those hashe-modes are:
  11750
  11760
  11850
  11860
  13771
  13772
  13773
  18200
  18300

Thanks

AMD Radeon VII benchmarks(?)

February 7, 2019, 9:02 am

≫ Next: Decrypt PGP encryption (Symantec).

≪ Previous: Missing example hashes

$

0

0

Greetings,

does anybody here have got the benchmarks on AMD Radeon VII? I know it is a little bit early since today is the release date and end of performance embargo I'm just curious since the gaming and rendering benchmarks are already online and some OpenCL benchmarks show somewhat competitive values.

Regards

Decrypt PGP encryption (Symantec).

February 7, 2019, 9:28 am

≫ Next: problems with -m 15700

≪ Previous: AMD Radeon VII benchmarks(?)

$

0

0

Hello.
I have a hard disk with one encryption partition. PGP encryption (Symantec).
How can I decrypt this partition with hashcat? 
Thanks in advance.

problems with -m 15700

February 8, 2019, 1:24 am

≫ Next: Using eGPU with hashcat

≪ Previous: Decrypt PGP encryption (Symantec).

$

0

0

hello,

after several month of mining i just forget my pass for ethereum wallet. i tried some of my st. phrasses but dont work. now i would try to find the right one with hascat and my keystore file.
i have allready done the steps to find everything i need for running hashcat (https://stealthsploit.com/2017/06/12/eth...-cracking/)

but now i got in trouble with hashcat cause i startet the benchmark with hashcat64 -b -m 15700 and my 6x Vega rig only reach 14H/s (yes..not kH/s)

i did a fresh install for the hashcat try with Win 1709 and 18.6.1 drivers (are they to old?!)





OpenCL Platform #1: Advanced Micro Devices, Inc.
================================================
* Device #1: gfx900, 4048/8176 MB allocatable, 56MCU
* Device #2: gfx900, 4048/8176 MB allocatable, 56MCU
* Device #3: gfx900, 4048/8176 MB allocatable, 56MCU
* Device #4: gfx900, 4048/8176 MB allocatable, 56MCU
* Device #5: gfx900, 4048/8176 MB allocatable, 56MCU
* Device #6: gfx900, 4048/8176 MB allocatable, 56MCU
* Device #7: Intel(R) Pentium(R) CPU G4400 @ 3.30GHz, skipped.

Benchmark relevant options:
===========================
* --optimized-kernel-enable

Hashmode: 15700 - Ethereum Wallet, SCRYPT (Iterations: 1)

Speed.#1.........:        2 H/s (16672.63ms) @ Accel:1 Loops:1 Thr:1 Vec:1
Speed.#2.........:        2 H/s (16848.66ms) @ Accel:1 Loops:1 Thr:1 Vec:1
Speed.#3.........:        2 H/s (16761.85ms) @ Accel:1 Loops:1 Thr:1 Vec:1
Speed.#4.........:        2 H/s (16682.83ms) @ Accel:1 Loops:1 Thr:1 Vec:1
Speed.#5.........:        2 H/s (16682.67ms) @ Accel:1 Loops:1 Thr:1 Vec:1
Speed.#6.........:        2 H/s (16903.64ms) @ Accel:1 Loops:1 Thr:1 Vec:1
Speed.#*.........:       14 H/s

(why is 6x2hs = 14h/s?)

any hints for me

Using eGPU with hashcat

February 8, 2019, 7:09 am

≫ Next: DES Hash

≪ Previous: problems with -m 15700

$

0

0

I sometimes am not able to use my main cracking rig while traveling but still require a decent amount of compute. I picked up a Razer Core X eGPU to test using hashcat with a eGPU connected via Thunderbolt 3. Does anyone have experience with this? After just plug and play the card (old AMD card) is detected by the OS (Mac OS), but the card does not appear in hashcat -I. Would be willing to be a test case if anyone has idea on how to make this work.

---

DES Hash

February 8, 2019, 10:27 am

≫ Next: CL_PLATFORM_NOT_FOUND_KHR on RTX 2080ti

≪ Previous: Using eGPU with hashcat

$

0

0

Hi everyone,
i want to crack a DES hash, which is generated by pythons crypt.crypt().
in the example (https://hashcat.net/wiki/doku.php?id=example_hashes)
this hash is given: "a28bc61d44bb815c:1172075784504605"
But my hash has only a Salt of two characters, like "sddXXXXXXXX8Op"
So i get a Token length exception.
It is possible in hashcat, to crack it

CL_PLATFORM_NOT_FOUND_KHR on RTX 2080ti

February 9, 2019, 10:23 am

≫ Next: Hashcat says its starting and then nothing happens

≪ Previous: DES Hash

$

0

0

Hello,

I have windows 10 64bit, and i installed the latest driver from nvidia.

When i run hashcat i get CL_PLATFORM_NOT_FOUND_KHR.

My GPU is Gigabyte AORUS RTX 2080ti. 


Thanks

Hashcat says its starting and then nothing happens

February 9, 2019, 10:16 pm

≫ Next: Hashcat stops after initializing OpenCL Runtime

≪ Previous: CL_PLATFORM_NOT_FOUND_KHR on RTX 2080ti

$

0

0

I am trying this for the first time and following a very out of date tutorial (on version 3.6.0), but anytime i run the command it says to run, the output is as follows.  I have tried other variations of this command, but nothing is starting when it says it is.

  hashcat.PNG (Size: 14.68 KB / Downloads: 4)

Hashcat stops after initializing OpenCL Runtime

February 9, 2019, 10:36 pm

≫ Next: Crack hash with known prefix

≪ Previous: Hashcat says its starting and then nothing happens

$

0

0

Whenever I run hashcat (both CLI and using the GUI application) it gets to initializing the OpenCL runtime and then the app just stops. It returns me back to the Command line. I have tried reinstalling the Device drivers (AMD 19.2 for RX570) and this still occurs.
  hashcatError.jpg (Size: 140.51 KB / Downloads: 0)

Crack hash with known prefix

February 10, 2019, 12:53 pm

≫ Next: Cannot see crakced password

≪ Previous: Hashcat stops after initializing OpenCL Runtime

$

0

0

I'm trying to crack some hashes which are made with a challenge (challenge-response authentication). I know what the challenge is, and I know that the challenge is prepended to the password before it is hashed. How could I pass in this challenge such that hashcat would prepend the it to the password before trying it?