I have a list of hashes around ~14 char long.
I would like to understand if there is any way to brute force only with valid words.
let's say i have around 20k words that i believe that most of the passwords are "built" from.
i am asking if there is any way to brute-force the following way :
(?w - is a word from the 20k list,?s is a symbol)
?w?s?w?s?w?s
until now i just used combinator for 4 times but i got a file size ~30GB
Thanks in advance Image may be NSFW. Clik here to view.
hashcat64 -a 0 -m 6221 hashcat_ripemd160_aes.tc demo.txt
And I get the output:
Code:
hashcat (v5.1.0) starting...
* Device #1: This hardware has outdated CUDA compute capability (3.5).
For modern OpenCL performance, upgrade to hardware that supports
CUDA compute capability version 5.0 (Maxwell) or higher.
* Device #1: WARNING! Kernel exec timeout is not disabled.
This may cause "CL_OUT_OF_RESOURCES" or related errors.
To disable the timeout, see: https://hashcat.net/q/timeoutpatch
* Device #2: Not a native Intel OpenCL runtime. Expect massive speed loss.
You can use --force to override, but do not report related errors.
nvmlDeviceGetCurrPcieLinkWidth(): Not Supported
nvmlDeviceGetClockInfo(): Not Supported
nvmlDeviceGetClockInfo(): Not Supported
nvmlDeviceGetTemperatureThreshold(): Not Supported
nvmlDeviceGetTemperatureThreshold(): Not Supported
The wordlist or mask that you are using is too small.
This means that hashcat cannot use the full parallel power of your device(s).
Unless you supply more work, your cracking speed will drop.
For tips on supplying more work, see: https://hashcat.net/faq/morework
Hello
I am trying to crack passwords using hashcat using the straight mode (Dictionary Attack). I am trying to compare the speed of running hashcat against files that have different number of hashes using the same dictionary. I noticed that the first run takes a while and all consecutive runs finish very fast even if the files have more hashes than the first file. I assumed that hashcat stores the hashes of previously calculated entries and stores them somewhere in the RAM. ( I am not talking about the potfile because i delete the potfile after each run. Hashcat seems to store the calculated hashes even they weren't a match for the cracked list)
Is there a way to delete this cache, so that you can get a fair comparison between different runs (without rebooting)?
Are there any plans to add support for cracking Argon2? If so, how far down the road would this be?
Reason for asking - performing a undergraduate study comparing Argon2 and PBKDF2, and would like to do testing using a common cracking software. JtR supports Argon2, but seems to have some issues with PBKDF2-hmac-sha512, whereas hashcat does not.
Any information and/or advice would be greatly appreciated!
hello,
I am playing with Ubuntu for some weeks now and want to go feather. I have an AMD RX 480 and try cracking with it but I have problems with the drivers.
Most time I followed the introduction "I may have the wrong driver installed, what should I do?" (only with point 4 I am not sure). So I installed ROCm and "/opt/rocm/bin/rocminfo" show me my RX480 (gfx803) but when i try to run the hashcat-benchmark following issue appears:
Code:
Benchmarking uses hand-optimized kernel code by default.
You can use it in your cracking session by setting the -O option.
Note: Using optimized kernel code limits the maximum supported password length.
To disable the optimized kernel code in benchmark mode, use the -w option.
Cannot find an OpenCL ICD loader library.
You are probably missing the native OpenCL runtime or driver for your platform.
* AMD GPUs on Linux require this runtime and/or driver:
"RadeonOpenCompute (ROCm)" Software Platform (1.6.180 or later)
* Intel CPUs require this runtime and/or driver:
"OpenCL Runtime for Intel Core and Intel Xeon Processors" (16.1.1 or later)
* Intel GPUs on Linux require this runtime and/or driver:
"OpenCL 2.0 GPU Driver Package for Linux" (2.0 or later)
* NVIDIA GPUs require this runtime and/or driver:
"NVIDIA Driver" (367.x or later)
I know this is probably a shot in the dark, but I wanted to ask just in case I'm missing something.
If you have a hashcat session going, is it possible to "throw" new - but the same type - of hashes into the hash file you initially loaded to crack new hashes on-the-fly? Or is the only option to - stop hashcat, add the new hash to the hash file, then start hashcat again?
I wasn't sure if hashcat did some real-time file checking in case new hashes are added, and automatically adjusts itself to accommodate for the added hashes.
hey guys,
does someone know if it's possible to identify a GPU (specifically a GTX 1080) as reference/founders edition without looking at the fan/cooler?
i'm asking, cuz i'm about to buy a used gtx 1080 and the seller admits to having used it with watercooling and just recently put the original cooler back on.
so i was thinking:
is it technically possible, someone just buys an original cooler (~10bucks) and slaps it on a non-reference card to make it look like reference/FE and no one could ever tell the difference ?!?
...lol, guess i sound a little paranoid... but it's a lot of money for me... and i'm buying off the internet and people do crazy stuff on the internet... ^^
First of all: thank you very much for open sourcing OpenCL hashcat!
For a custom application based on sha256, I must get the digest value in `Byte` format.
It's OK with CPU implementation with deps\LZMA-SDK\CSha256.c
Code:
void Sha256_Final(CSha256 *p, Byte *digest)
{
.....
for (i = 0; i < 8; i += 2)
{
UInt32 v0 = p->state[i];
UInt32 v1 = p->state[i + 1];
SetBe32(digest , v0);
SetBe32(digest + 4, v1);
digest += 8;
}
}
How to do with OpenCL implementation? (OpenCL\inc_hash_sha1.cl)
Code:
__kernel void ocl_sha256(__global input_t *input, const unsigned int gid_max)
{
unsigned int lid = get_local_id(0);
unsigned int gid = get_global_id(0);
I installed hashcat on android with Linuxdeploy - emulator linux. When you try to start a benchmark, this error crashes:
Image may be NSFW. Clik here to view.
Are there any drivers for android? It was interesting to see the speed brute force. I think nvidia gpu K1 was bi on a level with a best notebook processor.
I've asked similar question about 2 years ago. I was not able to run hashcat on Intel Xeon X5482 CPU, because the processor is old. Today I found that hashcat works with AMD APP SDK v3.0, but I could not make it work with any Intel OpenCL driver (18.1, 16.1.1, 16.1.2). Do you know why AMD driver works with Intel Xeon CPU, but Intel drivers don't? I thought it should be the opposite. Is there a way for me to use the Intel driver? Is there a better driver than AMD 3.0?
Thanks.
Here is the log. It shows that hashcat does not run with Intel drivers (clCreateContext(): CL_DEVICE_NOT_AVAILABLE), but runs fine with AMD.
I:\Programs\Hashcat\hashcat-5.1.0\hashcat-5.1.0>hashcat64 -I
hashcat (v5.1.0) starting...
OpenCL Info:
Platform ID #1
Vendor : NVIDIA Corporation
Name : NVIDIA CUDA
Version : OpenCL 1.2 CUDA 9.1.84
Device ID #1
Type : GPU
Vendor ID : 32
Vendor : NVIDIA Corporation
Name : GeForce GT 430
Version : OpenCL 1.1 CUDA
Processor(s) : 2
Clock : 1400
Memory : 512/2048 MB allocatable
OpenCL Version : OpenCL C 1.1
Driver Version : 391.35
Platform ID #2
Vendor : Intel(R) Corporation
Name : Intel(R) CPU Runtime for OpenCL(TM) Applications
Version : OpenCL 2.1 WINDOWS
Device ID #2
Type : CPU
Vendor ID : 8
Vendor : Intel(R) Corporation
Name : Intel(R) Xeon(R) CPU X5482 @ 3.20GHz
Version : OpenCL 2.1 (Build 0)
Processor(s) : 8
Clock : 3200
Memory : 16383/65533 MB allocatable
OpenCL Version : OpenCL C 2.0
Driver Version : 18.1.0.0920
I:\Programs\Hashcat\hashcat-5.1.0\hashcat-5.1.0>hashcat64 -b -m 2500 -D 1,2 --force
hashcat (v5.1.0) starting in benchmark mode...
Benchmarking uses hand-optimized kernel code by default.
You can use it in your cracking session by setting the -O option.
Note: Using optimized kernel code limits the maximum supported password length.
To disable the optimized kernel code in benchmark mode, use the -w option.
nvmlDeviceGetCurrPcieLinkWidth(): Not Supported
nvmlDeviceGetClockInfo(): Not Supported
nvmlDeviceGetClockInfo(): Not Supported
nvmlDeviceGetTemperatureThreshold(): Not Supported
nvmlDeviceGetTemperatureThreshold(): Not Supported
nvmlDeviceGetUtilizationRates(): Not Supported
OpenCL Platform #1: NVIDIA Corporation
======================================
* Device #1: GeForce GT 430, 512/2048 MB allocatable, 2MCU
OpenCL Platform #2: Intel(R) Corporation
========================================
* Device #2: Intel(R) Xeon(R) CPU X5482 @ 3.20GHz, 16383/65533 MB allocatable, 8MCU
Benchmark relevant options:
===========================
* --force
* --opencl-device-types=1,2
* --optimized-kernel-enable
Hashmode: 2500 - WPA-EAPOL-PBKDF2 (Iterations: 4096)
clCreateContext(): CL_DEVICE_NOT_AVAILABLE
Started: Mon Apr 01 00:15:39 2019
Stopped: Mon Apr 01 00:15:55 2019
I:\Programs\Hashcat\hashcat-5.1.0\hashcat-5.1.0>hashcat64 -I
hashcat (v5.1.0) starting...
OpenCL Info:
Platform ID #1
Vendor : NVIDIA Corporation
Name : NVIDIA CUDA
Version : OpenCL 1.2 CUDA 9.1.84
Device ID #1
Type : GPU
Vendor ID : 32
Vendor : NVIDIA Corporation
Name : GeForce GT 430
Version : OpenCL 1.1 CUDA
Processor(s) : 2
Clock : 1400
Memory : 512/2048 MB allocatable
OpenCL Version : OpenCL C 1.1
Driver Version : 391.35
Platform ID #2
Vendor : Advanced Micro Devices, Inc.
Name : AMD Accelerated Parallel Processing
Version : OpenCL 2.0 AMD-APP (1800.8)
Device ID #2
Type : CPU
Vendor ID : 128
Vendor : GenuineIntel
Name : Intel(R) Xeon(R) CPU X5482 @ 3.20GHz
Version : OpenCL 1.2 AMD-APP (1800.8)
Processor(s) : 8
Clock : 3192
Memory : 16383/65533 MB allocatable
OpenCL Version : OpenCL C 1.2
Driver Version : 1800.8 (sse2)
I:\Programs\Hashcat\hashcat-5.1.0\hashcat-5.1.0>hashcat64 -b -m 2500 -D 1,2 --force
hashcat (v5.1.0) starting in benchmark mode...
Benchmarking uses hand-optimized kernel code by default.
You can use it in your cracking session by setting the -O option.
Note: Using optimized kernel code limits the maximum supported password length.
To disable the optimized kernel code in benchmark mode, use the -w option.
nvmlDeviceGetCurrPcieLinkWidth(): Not Supported
nvmlDeviceGetClockInfo(): Not Supported
nvmlDeviceGetClockInfo(): Not Supported
nvmlDeviceGetTemperatureThreshold(): Not Supported
nvmlDeviceGetTemperatureThreshold(): Not Supported
nvmlDeviceGetUtilizationRates(): Not Supported
OpenCL Platform #1: NVIDIA Corporation
======================================
* Device #1: GeForce GT 430, 512/2048 MB allocatable, 2MCU
OpenCL Platform #2: Advanced Micro Devices, Inc.
================================================
* Device #2: Intel(R) Xeon(R) CPU X5482 @ 3.20GHz, 16383/65533 MB allocatable, 8MCU
Benchmark relevant options:
===========================
* --force
* --opencl-device-types=1,2
* --optimized-kernel-enable
Hashmode: 2500 - WPA-EAPOL-PBKDF2 (Iterations: 4096)
Speed.#1.........: 4876 H/s (64.45ms) @ Accel:64 Loops:16 Thr:640 Vec:1
Speed.#2.........: 5827 H/s (87.19ms) @ Accel:1024 Loops:256 Thr:1 Vec:4
Speed.#*.........: 10703 H/s
Started: Mon Apr 01 00:25:20 2019
Stopped: Mon Apr 01 00:26:06 2019
I'm trying to find the best way to create a rule/mask for a very specific password scheme.
The scheme goes like this - 4 numbers + english word + 3 symbols + english word + 1 digit.
What would be the best way to accomplish this? I was initially looking at -a 6 and -a 7 attacks but they only prepend and append. Could this also be done with just one English dictionary wordlist? Or will I need to make a copy of it, and load it to combine with the first english dictionary?
Thank you all for letting me join this forum.
I have just started out with Hashcat, after finding that Pyrit was a dead end.
I want to try some kind of "conditional bruteforcing", and here's what I know about the password:
- The password is 12 chars long.
- The password consists of numbers and uppercase letters.
The possible number of combinations are way too many to bruteforce without some rules to exclude the least possible ones.
So, I'm looking for a clue about how to set up such rules.
Some example conditions:
No more than 3 identical chars after each other.
No more than 3 numbers after each other.
No more than a total of N of each char in the passphrase.
It's very unlikely that the password is "AAAAAAAAAAA2", so there should be possible to exclude quite a lot of combinations.
I'm trying to crack a wpa2 wifi password, and when i want to use hashcut i have a problem.....
im using virtual box with The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) linux.
*console*
hashcat -m 2500 -a 0 /root/Desktop/capture.hcccapx /root/hashcat/rockyou.txt --force
hashcat (v5.1.0) starting...
No hashes load....
and quits.... Please someone help me, i dont know what to do
Hello everyone - I am sorry my English is poor Image may be NSFW. Clik here to view. so I help myself through Google Translator
I have AMD Threadripper x1950 + GTX 1080TI + 64Gb RAM
System - 1 - Windows 10 64BIT on the NVME Samsung SSD
System - 2 - Linux 64BIT on a SATA drive
System - 2 - The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) LINUX
1. how to compile Hashcat to use my hardware more efficiently (RAM, CPU)
- NVIDIA GPUs perform better on Windows
- AMD CPU better results under Linux (after installing Intel OpenCL drivers !!!)
- differences are the fault of the system, architecture or drivers?
2. How to force the AMD Threadripper CPU to help GPU GTX 1080TI in password cracking?
- support by PP64, KWP64, others?
3. OpenCL-INTEL (CPU) driver works better than original AMD under Windows? magic or a weak joke?
4. How does Hashcat use memory access? memory access: NUMA (local) or UMA (distributed)?
5. Does Hashcat use multi-core processors or does it leave it to the operating system?
I have narrowed down the tests to (Hashmode: 2500 - WPA-EAPOL-PBKDF2) to make my post more readable, I can paste everything if there's a need
Thank you for your help
=========================== TEST =============================
So I've been playing with some masks based on consonant/vowel patterns extracted from the top 1M words (according to google) and was seeing some surprising hashrate drops vs just using the built in mask place holders.
They crack at 42563.9 MH/s.
Comparably:
?l?l?l?l?l?l?l?l?l?l?l?l?l 63469.2 MH/s
?d?d?d?d?d?d?d?d?d?d?d?d 36738.2 MH/s
At the longer password lengths, the decrease in hashrate vs target space is still a lot faster in completing than using ?l and ?u, so it's still very much worth it.
I've also noticed something similar with masks containing static pieces in certain spots:
Ilove?a?a?a?a?a 572.7 MH/s <-wut
?sIlove?a?a?a?a?a 16587.4 MH/s
I imagine it might have something to do with specific places having fewer options to iterate through, but whats going on that would cause that?
Hello everyone,
i know where the wiki is https://hashcat.net/wiki/doku.php?id=mask_attack but I am struggling to get a custom charset to work with a mask file.
Below hcmask contains several masks. For example:
?l?1?d
./hashcat64.bin -m 0 -a 3 hash [charsets/special/German/de_ISO-8859-1-special.hcchr]masks/rockyou-1-60.german.hcmask
./hashcat64.bin -m 0 -a 3 hash [charsets/special/German/de_ISO-8859-1-special.hcchr],masks/rockyou-1-60.german.hcmask
./hashcat64.bin -m 0 -a 3 hash [charsets/special/German/de_ISO-8859-1-special.hcchr,]masks/rockyou-1-60.german.hcmask
none of which works. The wiki is not being clear where to put the comma and the [], so i tried basically every combination i could think of.
Could anybody provide me a simple usage example for pipeing the first custom charset to the maskfile?
Thank you.
![[Image: 9da5b0ab86d7.png]](http://b.radikal.ru/b05/1903/4f/9da5b0ab86d7.png)
