Quantcast
Channel: hashcat Forum - All Forums
Viewing all 8146 articles
Browse latest View live

Help understanding NetNTLMv2

February 25, 2019, 8:30 pm
$
0
0
So just trying to grok how hashcat does the cracking around the NetNTLMv2  hash and could use some help getting straightened out.

What parts of a captured NetNTLMv2 hash are necessary for hashcat to work correctly?

I was reading up on the algorithm and it seems like everything captured is required; username, domain, and the challenge. I'm guessing then that hashcat takes the working pw candidate, ntlm hashes it, and builds out the full NetNTLMv2 hash for comparison based on the other fields.

Can any of the fields be sanitized without breaking the process, like perhaps hashcat is pulling data out of the blob?

The code is a bit over my head, so a breakdown would be appreciated. Smile


Thanks!
Search

1060ti or 2060 benchmarks

February 26, 2019, 4:51 am
$
0
0
I am planning to build my first dedicated cracking rig out of a Dell Poweredge r720 that I have here at home.  In evaluating which cards to buy I am having a hard time finding benchmarks for Nvidia's newest products.  Does anyone have benchmarks for the GTX 1660 TI or RTX 2060 they would be willing to share?  I am trying to build this on a budget and would like to be able to compare hashcat performance against something like the GTX 1070.

Thanks in advance

Any help With hcxdumptool and hashcat

February 27, 2019, 12:50 am
$
0
0
Hi, i get this error with hcxdumptool  when i capture the PMKID.

i capture the PMKID no problem, FOUND PMKID

but when i try to convet the capture file that i -o utput in hcxdumptool

i get this error

EAPOL timout is to low

So i cannot convert the file for hashcat

Any ideas why im getting this error any1

is it a common error with hcxdumptool

thanks for any advice...





i capture with this code.

hcxdumptool -i wlan0mon -o pmkid.pcapng --enable_status=1


get resuts
[08:50:37 - 006] 002417bdb675 -> d8cf9c805f44 [FOUND PMKID]


the convert code i use is as follows after i capture the pmkid

hcxdumptool -E essidlist -I identitulist -U usernamelist -z capturedthis.16800 pmkid.pcapng

then i get the error

EAPOL timeout is low

Can someone explain what Payload pbkdf2 information means

February 27, 2019, 7:00 am
$
0
0
Hello Forum,

Can someone tell me what this payload information is and what I can do with it. From what ive read its a response to a log in request from blockchain.info . It looks like this...

Payload: {"pbkdf2_iterations":5000,"version":3,"payload":"MpvvIebsIQ9rrdtnKqeas/LARGESTRINGOFLETTERSNUMBERSANDSOMEPLUSSYMBOLS/k8jk="}

I also have a password which I assume is linked to to this payload in some way but have no other bits of information.

My searches keep bringing up threads that talk about a tool called btcrecover however I have no clue what I am doing and could use a bit of advice.

Thanks

Recover password from FreeArc file

February 27, 2019, 12:44 pm
$
0
0
Hello everyone, I recently created a compressed file using "Freearc". I liked a password and I would like to know how I can extract the hash of that password.
Use a bat file to create it "arc to -lc512 -ld512 -ep1 -ed -r -hp -pYourPassword -w. \ Data \ Setup-1.bin -msrep + lzma: a1: mfbt4: d256m: fb128: mc1000: lc8 "
Freearc uses standard aes-256 method to encrypt the files.
I checked the interior trying to find the hash, but I do not know if I'm doing well.

https://ibb.co/6gskjsF

Total Noob hoping for some Hashcat help.

February 27, 2019, 3:48 pm
$
0
0
So I am very new to the world of hashcat, but I have a couple of hashes I was hoping someone could help with. No real malicious intent involved here, just trying to use hacking to improve my computer skills / job prospects and get out of the dead end job I'm in. I have a couple of {x-issha, 1024} target hashes which I believe is structured as pass.salt. I am trying to crack what the salt value is in each hash because I have a feeling it maybe a fixed value rather than randomized value.

I maybe completely off base here and my question maybe stupid or make no sense. But here goes...


So I wanted to first try a wordlist against the salt value and then try an incremental brute force attack, but I'm not sure how to structure things.

For the first one, does anyone know how I combine my (pass) value which is an SHA1 hash of the clear text password, with my wordlist of possible salts? Is it something like this:

hashcat -m 10300 -a 1 /root/Desktop/targethash /root/Desktop/passwordinSHA1 /root/Desktop/PossibleSalts


For the second one, does anyone know how I can combine my SHA1 password with an incremental brute force attack against the salt? Would it be something like this:

hashcat -m 10300 -a 3 -i /root/Desktop/Hashcat/TargetHashes /root/Desktop/Hashcat/PasswordSHA1?l?l?l?l?l?l?l?l


Thanks, any help would be appreciated. Feel free to mock if nothing I have said makes even the most remote sense.

real noob looking for help!

February 28, 2019, 12:41 am
$
0
0
hey guys! real noob here.

I'm trying to solve a problem where there is a unknown MD5 hash

and that hash is repeated several times, with a few known words in-between them.

for example like this:

(hash)(hash)someKnownWord(hash)anotherKnownWord(hash)

which is then made into a given hash2.

right now i know the number of repeated hashes, the content and position of the known words.

so the questions is: 

1. how do i set up the rules in this situation?
2. will it take a reasonable amount of time to find the first hash?

no such directory after make install

February 28, 2019, 3:55 am
$
0
0
Hi, i recently upgraded hashcat for the PMKID wifi hack because i only had the old version and 16800 was not a known hash type.

So i followed the instructions to remove and re install the latest version with the followingg commands.


apt-get remove hashcat

git clone https://github.com/hashcat/hashcat.git

cd hashcat

make

make install

But when i tried to run hashcat i got this error

bash: usr/bin/hashcat: no such file or directory

Any1 have any idea as to why this wont run

i have found a haschat directory and i can ls and return all files including hashcat

but then there is another directory 

/usr/local/share/doc/hashcat the does not contain a hashcat file

has all the others  
charsets docs directorys(ect) 
and files example.dict (ect) 
but i cant see a hashcat


P.S

I could not place a thread in the troubleshooters forum
Search

is anyone crack .adobe file

February 28, 2019, 6:49 am
$
0
0
hi my files are encyrpted is anyone decyprtp .adobe extantion veracyprt

Try all combinations in a wordlist and apply rules

February 28, 2019, 10:26 am
$
0
0
Hello all!

hashcat is a great tool, I have a question though that I was unable to solve myself.

I do know:
- I have a list of 60 words that probably somehow make up the password.

I do not know:
- I have no idea whether any character of any word is capitalized or not.
- The order of the words is unknown.
- There might be additional numbers of special characters somewhere in the password.

Does anyone know if a rule based attack would work? If so can anyone give me hints how generate rules that check for the stuff I do not know listed above.


Basically it should try everything with the available words (any possible combination, any possible capitalization, add numbers/special chars at will)

Thank you so much!

Wordlist massive attack

February 28, 2019, 8:35 pm
$
0
0
Usually when you run a bruce force attack, hardware can generate & compare millions or even billions passphase per seconds. But in wordlist attack, store billions of passphase in text file already take GBs of harddrive & time to generate & prepare. If i want to run a wordlist attack with trillions of passphase. Is there any trick for this to make it fast or take less space?

power

March 2, 2019, 3:45 am
$
0
0
building first fig following mining builds are similar. if not let me know plx before im to far . question  can I use two 600w pwU's instead of one 1200w  or two 800 instead of 1600 I haven't done the math.ans any tip or thricks from experienced woulds would realy help. thank u. oh it'll be open frame probably 6 gtx 960 (for now)

build for windows from linux

March 2, 2019, 2:46 pm
$
0
0
I tried to build hashcat targeting win32 and win64 (following BUILD.md) from lubuntu but got an error "no rule to make target win32" Stop. Can I build on linux targeting windows or should I build from windows using msys2?

Strange behavior when using two GPUs

March 3, 2019, 5:12 am
$
0
0
I started using hashcat with my old GTX670, which does 48kH/s WPA. It is stable and can run 24/7 for a long time. Then I replaced it with a GTX970. It's as stable as the old GPU and does 170kH/s WPA. Improvement is great.

.png   gtx970.png (Size: 58.62 KB / Downloads: 3)

As you can see the core is at 1316 MHz, temp at 70c (never goes higher) and fan at 61%. Everything is perfect.

But then I thought why not use both cards? So I attached back GTX670 to the second PCIE slot (I have 3 in total; MB is MSI Z77A-GD65) and then GTX970 started behaving strange:

.png   both-cards.png (Size: 61.59 KB / Downloads: 4)

It quickly reaches 79c, fan runs faster too and gets so loud. Meanwhile GTX670 is running fine, like before, when it was alone. I tried underclocking GTX970 and it didn't help much:

.png   underclock.png (Size: 66.48 KB / Downloads: 2)

Core is down to 813 MHz, cracking speed to 134kH/s but the temp is still high: 74c.

I see the bus speed is 16 when GTX970 is alone but 8 when both cards are present but I read that even PCIE x1 is fine for hashcat cracking.

What am I missing, what did I do wrong?

Macbook Pro starts at a decent speed but after a bit it is stuck at a low speed

March 3, 2019, 8:04 am
$
0
0
I'm using a Macbook Pro running Mac OS X 10.14 with two GPUs (Intel HD Graphics 630 and Radeon Pro 555). Unfortunately, of all the computers I have, this is the fastest setup I have.


When I start hashcat running on both GPUs, I get a reasonable speed of 50K WPA hashes/sec. However, after it's been hashing for a while, it gets stuck at 3K WPA hashes/sec. Both GPUs go at a significantly lower speed, not just one of them.

I've tried pausing hashcat and even waiting hours (when the system is a normal temperature) before resuming, but it is still stuck at 3K WPA hashes/sec. It seems the only way to get back to normal speed is to quit hashcat and start a new instance.

Any idea how to prevent this from happening? Thanks
Search

Hashcat not recognizing 2070 RTX after driver update

March 4, 2019, 2:55 am
$
0
0
It seems hashcat 5.1.0 (release) isn't recognizing my GPU anymore after a driver update.

Platform: Windows
GPU: NVIDIA GeForce RTX 2070
Driver: NVIDIA GeForce 419.17 WHQL Windows 10

From DXDIAG:
Driver File Version: 25.21.0014.1917 (English)
Driver Version: 25.21.14.1917

E:\tools\hashcat>hashcat64.exe -a 0 sha1.txt rockyou.txt -m 100
hashcat (v5.1.0) starting...

* Device #1: Not a native Intel OpenCL runtime. Expect massive speed loss.
             You can use --force to override, but do not report related errors.
No devices found/left.

Started: Mon Mar 04 11:44:27 2019
Stopped: Mon Mar 04 11:44:27 2019


Device 1 here is my CPU. There used to be two devices.

It was working just fine before the driver update. Any ideas?

Doing nothing when trying to output potfile

March 4, 2019, 6:49 am
$
0
0
I have cracked hashes with the --username arg originally that had format (user : pass : salt) and the pot file has the cracked hashes in (hash : salt : plaintext) and I have the original hash file. So I am trying to output them into a seperate file and combine them back with usernames (user : plaintext) using command
Code:
hashcat64.exe -m 120 --potfile-path=filename.pot --username --show -o "outfilehere" --outfile-format=2 "originalhashfilehere"

pause

Like I have always used but it just seems to launch and then sit there, doesn't error/doesn't end/just sits open...
Usually I launch this and its completed in 20 seconds tops?

Any ideas?

Just to add I am using latest version (5.1.0) on windows 10 - I used to use 3.1.0 and that command worked fine to output them has something changed?

VeraCrypt with PIM/keyfile seems to be ignored

March 4, 2019, 9:13 am
$
0
0
I probably do a stupid mistake but I could not find out which one it is. The problem: hashcat only find the password on partition/volume with nothing else (pim/key file).

Story/a part of the history:
I tested a bit with VeraCrypt and created some partition/volume encrypted with password and:
a) custom PIM
b) 2 key files
c) custom PIM and 2 key files
and as a result of the problems a fourth one:
d) normal, only password.

Every partition was encrypted with the same password. The first 512 byte of every partition was extracted and given to hashcat to recover the password. The basic command for a) is:
Code:
hashcat64.exe -a 3 -m 13751 [VeraCrypt header] [mask] -o [outputfile] --potfile-path=[potfile] --veracrypt-pim=[pim number] -O -w 4
For key file "--veracrypt-keyfiles=[file1],[file2]" (or "veracrypt-keyf" as suggested from example of help text) was used.

Initially I run every algorithm (13711-13773) over the header of a) to c) in every configuration (no pim/keyf, pim, keyf, pim and keyf), but hashcat found nothing. It is possible to mount the volumes with VeraCrypt without any problem.
After I tested a bit, I add d), ignored the last case (pim and keyf) and reduced the "hash-type" to 13751 because I used AES with SHA256 to create the partitions/volumes.

Now hashcat is able to recover the password, but only for d), however in every case. Thus hashcat find password for d) even if pim or keyf is present. So it seems that hashcat ignores the parameter. To be sure I'm using the right parameter I used copy+paste from help.
I am aware of that hashcat complains about no optimized kernel, thus I removed -O without luck. And I moved the pim/keyf parameter directly after "-m 13751" but nothing changed.

I am not sure what I am doing wrong. I hope you can understand me and my problem and probably even help me. Thank you in advanced.

And just one side question because I already writing this post:
Are there any special constrains for VeraCrypt (besides extracting the right byte and using correct "hash-type")? An example to know what I mean: it's problematic with UTF-16 based hashes and chars above U+000FF because hashcat inserts zero bytes. Thus mask "?b?b" probably does not do what it is meant to do by the user.

used:
- hashcat 5.1.0
- GeForce GTX 1060 with current driver

Password combination question

March 5, 2019, 4:21 am
$
0
0
Hi, im trying to find this but i'm not understanding the help topics i find so im going to probably repost a question, but i really need some help with this one right now.

When using the combination attack with the hashcat gui i see 2 rule boxes, left rule and right rule.
How can i combine 2 lists and play with their upper and down casing?

like list1 word 1
password
list2 word 1
test

i wanted to use a rule that would try all possible combinations with different casing like
Passwordtest
PaSwOrDTeSt
etc
is there a rule that can do this ?

thanks in advance

HEX pssword list

March 5, 2019, 4:51 am
$
0
0
How to create a dictionary in HEX for 3des?
For example, the dictionary needs passwords such as:
AD53C190FF4C1841ABF2D6E742B4AB31AD53C190FF4C1841
BD53C190FF4C1841ABF2D6E742B4AB31AD53C190FF4C1841
CD53C190FF4C1841ABF2D6E742B4AB31AD53C190FF4C1841
DD53C190FF4C1841ABF2D6E742B4AB31AD53C190FF4C1841

thank's
Viewing all 8146 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>