Quantcast
Channel: hashcat Forum - All Forums
Viewing all 7847 articles
Browse latest View live

track the cracking?

September 12, 2019, 9:42 am
$
0
0
Hi guys,

I've seen some graphs showing the cracking progress over time and I think that's quite neat. But how do you keep track of the time you have cracked each hash? Do you pipe it to get a timestamp before writing into the outfile, or is there even an build-in option?

Bye,
Eric
Search

Hashcat won't start ''insufficient memory available''

September 15, 2019, 6:25 am
$
0
0
Hi, I don't run hashcat for about a year of time, and now I changed my graphic card and want to run it again and I have some kind of error that I don't have before and try in FAQ but I can't find anything for this error ''insufficient memory available''...

Windows 7 64 bit platform, Hashcat 5.1.0, hashcat is on C ( SSD Drive ), worldlist and hccapx file are on D ( HDD Drive ), I use in this way before and it is working with my 1050ti without problems. Now I have rx570 and can't start it, of course a fresh copy of Windows 7 is installed and drivers for rx 570...

What is problem about ? As far as I can understand it tells me that there is insufficient memory available on my graphic card ?

.png   hashcat.png (Size: 50.67 KB / Downloads: 1)

OpenCL kernel self-test failed and slower than benchmark

September 3, 2019, 4:13 am
$
0
0
My GPU and CPU usually work fine with hashcat but when I use some attack modes with my Intel CPU, there is an error

ATTENTION! OpenCL kernel self-test failed

I followed the instruction for the wrong driver but it hasn't solved the error. How do I solve the error?

When I use the same attack modes with just my GPU, the benchmark is 10 times higher than the actual performance. Is that because the CPU isn't being used because of the error?

Help modifying a .restore file?

September 16, 2019, 8:42 am
$
0
0
Well, I've gone and done it...  I committed the cardinal sin of not naming my session, then not realizing that it would be overwritten by the next unnamed one...  no previous files, no backups of the .restore file...  so, I need to modify the new one to start nearby where I previously left off.  

Luckily, I DID manage to get a screen shot and copy / paste of that.


Code:
Session..........: hashcat
Status...........: Aborted (Checkpoint)
Hash.Type........: iTunes backup >= 10.0
Hash.Target......: $itunes_backup$*10*05c84e4bf45a3e245d4c73549341ab16...fa6ddd
Time.Started.....: Sun Sep 15 04:37:27 2019 (12 hours, 18 mins)
Time.Estimated...: Mon Sep 30 18:35:09 2019 (15 days, 1 hour)
Guess.Mask.......: ?1?2?2?2?2 [5]
Guess.Charset....: -1 ?l?d?u, -2 ?l?d, -3 ?l?d*!$@_, -4 Undefined
Guess.Queue......: 5/15 (33.33%)
Speed.#1.........:      77 H/s (5.59ms) @ Accel:2 Loops:250 Thr:256 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 3428352/104136192 (3.29%)
Rejected.........: 0/3428352 (0.00%)
Restore.Point....: 55296/1679616 (3.29%)
Restore.Sub.#1...: Salt:0 Amplifier:61-62 Iteration:9750-9999
Candidates.#1....: Xaz32 -> Xqoki
Hardware.Mon.#1..: Util:  0% Core:1312MHz Mem:2000MHz Bus:16



Yes, I'm brute forcing it...  idk how on earth I managed to type anything but my standard backup password twice, but I've tried all the typo generators out there and generated word lists including all the typical things I do.  No love.  I also know it'll be at least 6 characters, so I'd love to start around there, but this is what I have so far.

This is a restore file I created after overwriting the existing restore file mistakenly, which I cannot seem to get correct to jump ahead.  I'm unsure where the dicts_pos, words_cur, masks_pos, are supposed to come from the above?  I know they'll need to be converted to hex, of course, but I'm just not sure.

https://hashcat.net/wiki/doku.php?id=restore is what I'm going from.

Code:
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F

00000000  FE 01 00 00 43 3A 5C 55 73 65 72 73 5C 78 79 62  þ...C:\Users\xyb
00000010  65 72 5C 44 65 73 6B 74 6F 70 5C 48 61 63 6B 69  er\Desktop\Hacki
00000020  6E 67 49 74 75 6E 65 73 5C 68 61 73 68 63 61 74  ngItunes\hashcat
00000030  2D 35 2E 31 2E 30 00 00 00 00 00 00 00 00 00 00  -5.1.0..........
00000040  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
00000050  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
00000060  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
00000070  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
00000080  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
00000090  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
000000A0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
000000B0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
000000C0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
000000D0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
000000E0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
000000F0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
00000100  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
00000110  00 00 00 00 00 00 00 00 0C 00 00 00 00 00 00 00  ................
00000120  40 EC E7 00 00 00 00 00 68 61 73 68 63 61 74 36  @ìç.....hashcat6
00000130  34 0A 2D 64 0A 31 0A 2D 6D 0A 31 34 38 30 30 0A  4.-d.1.-m.14800.
00000140  2D 61 0A 33 0A 2D 77 0A 33 0A 2D 2D 73 65 73 73  -a.3.-w.3.--sess
00000150  69 6F 6E 0A 69 74 75 6E 65 73 0A 62 61 63 6B 75  ion.itunes.backu
00000160  70 68 61 73 68 2E 74 78 74 0A                    phash.txt.



Any assistance would be greatly appreciated.

Outputting Rules using stdout

September 17, 2019, 5:25 am
$
0
0
I have tried to use the example in this thread...
https://hashcat.net/forum/thread-3825.ht...dout+rules

At first this worked using the command below and a custom rule ..

hashcat-5.1.0>hashcat64.exe -r rules/vb.rule --stdout found.txt | sort.exe -u > magled.txt

But when I stop it using ctrl C and try to run it again I keep getting this error...

^Csort.exe: open failed: \s554.: No such file or directory

Both sort and the text file are in the hashcat folder and the vb.rule is in hashcats rules folder
can anyone shed any light on this problem for me.

Token length exception

September 17, 2019, 5:55 am
$
0
0
Hi,  i am new to hashcat and encountered problem with the hash file.   

I have the following encryption details about an MS Excel file (hash value masked).   Would someone help to provide hints on how to formulate the correct hashfile for feeding to the command?

Many thanks. 

@<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

<encryption xmlns="http://schemas.microsoft.com/office/2006/encryption" xmlns:p="http://schemas.microsoft.com/office/2006/keyEncryptor/password"><keyData saltSize="16" blockSize="16" keyBits="128" hashSize="20" cipherAlgorithm="AES" cipherChaining="ChainingModeCBC" hashAlgorithm="SHA1" saltValue="ZzzzzXWwXqRmy25MJ99Wg=="/><dataIntegrity encryptedHmacKey="ZzzzzzThci72rH/f3Dlik67i6CjaI4QchJaddLMhHuQ=" encryptedHmacValue="+ZzzzzzsGEkbmy8jCw/WjgdN/NXgHfXLPUHHxXs21d8="/><keyEncryptors><keyEncryptor uri="http://schemas.microsoft.com/office/2006/keyEncryptor/password"><p:encryptedKey spinCount="100000" saltSize="16" blockSize="16" keyBits="128" hashSize="20" cipherAlgorithm="AES" cipherChaining="ChainingModeCBC" hashAlgorithm="SHA1" saltValue="Zzzzzhu9SfCUQw4hu8JlQ==" encryptedVerifierHashInput="ZzzzzYW020MSTLA/QZ77g==" encryptedVerifierHashValue="ZzzzzzYbpUkIT/nTgU1CguV0uPN80KWz6cSbLncvqi4=" encryptedKeyValue="ZzzzzdEhisrCKJlgsTTdA=="/></keyEncryptor></keyEncryptors></encryption>

Defining character length.

September 17, 2019, 12:53 pm
$
0
0
When I start Hashcat it says 8 to 64 charcters, which is what I want. If I'm reading this right in the hash screen or whatever its called sorry if the terminology is wrong, anyways at the bottom when I press s in the candidates line it shows what I think is the current word it's guessing. If I'm correct about that being the password guess then why is it guessing passwords that are only two characters and up? How can I fix that? Thank you in advance for your help. Have a nice day.

Empty PMKID file generated by hcxpcaptool

September 18, 2019, 11:05 pm
$
0
0
Hi.
I hope I'm not offtopic by asking a question about hcxpcaptool usage.

I'm collecting PMKID packets using bettercap, and according to the logs some data is written to the pcap file. Unfortunately when I try to convert them to a file usable with hashcat it won't write anything.

According to the summary there are PMKIDs, but then they're not written to output.

What can be wrong? Thanks

Code:
hcxpcaptool -z bettercap-wifi-handshakes.pmkid bettercap-wifi-handshakes.pcap

reading from bettercap-wifi-handshakes.pcap

summary capture file:
---------------------
file name........................: bettercap-wifi-handshakes.pcap
file type........................: pcap 2.4
file hardware information........: unknown
capture device vendor information: 000000
file os information..............: unknown
file application information.....: unknown
network type.....................: DLT_IEEE802_11_RADIO (127)
endianness.......................: little endian
read errors......................: flawless
minimum time stamp...............: 17.09.2019 17:56:11 (GMT)
maximum time stamp...............: 17.09.2019 17:58:56 (GMT)
packets inside...................: 7
skipped packets (damaged)........: 0
packets with GPS data............: 0
packets with FCS.................: 7
EAPOL packets (total)............: 7
EAPOL packets (WPA2).............: 7
PMKIDs (not zeroed - total)......: 2
PMKIDs (WPA2)....................: 7
PMKIDs from access points........: 2
best PMKIDs (total)..............: 2

summary output file(s):
-----------------------
Search

Possible to use CUDA and OpenCL side-by-side?

September 19, 2019, 12:44 am
$
0
0
Hello,

I was wondering wether it is possible to use CUDA and OpenCL side-by-side on two different GPUs. Let's say, I have an NVIDIA GPU and an AMD one in my system and I would like two utilize both of them at the same time. Would that be possible?

---
Background info:
Why not just use OpenCL on both: The system is a Jetson Xavier for which only CUDA support is available. The dev-kit, however, has a PCIe slot, which I plan to plug another GPU into. Problem is that NVIDA does not provide aarch64 drivers for their GTX cards (or any GPUs I guess) which leaves me with the only option of using a RADEON. RADEON, of course, has no CUDA support and that's where OpenCL comes into play. In order to use the internal Volta GPU as well as the external RADEON GPU I would need to run CUDA and OpenCL side-by-side.

GTX 1060 3Gb

September 19, 2019, 8:14 am
$
0
0
Good day everyone, I hope everything goes well, I have a laptop with an Intel Core i7, and a GTX 1060 3Gb video card, and when I try to run hascat it throws the following:

************************************************** ******************
Cracking performance lower than expected?

* Update your OpenCL runtime / driver the right way:
https://hashcat.net/faq/wrongdriver

* Create more work items to make use of your parallelization power:
https://hashcat.net/faq/morework

[s] tatus [p] ause [b] ypass [c] heckpoint [q] uit => q
************************************************** ******************

I appreciate if you can please help me, thanks for your time.

Parsing salts w/o hashcat

September 19, 2019, 2:22 pm
$
0
0
Hey guys, 

I wanted to ask you, is there relatively easy way how to get (parse) salt from hashes? I want to do analysis of some hashlists and maybe grouping hashes by salts and such things. I know there are different types of salt and that some are really easy extract (SALT_TYPE_GENERIC) by splitting hash and salt using the separator (commonly ":"). But how about EMBEDDED and VIRTUAL salt types? Would I gennerally need exclusive parsers for each such hashmode? 

Any help or info is highly appretiated. Thanks.



PS.: I've checked the HC code but I didn't figure it out yet, so after some time trying to understand the code I'm rather asking here since it might be more productive and faster.

Noob question, bruteforce pmkid/wpa2 ISP default passwords

September 20, 2019, 4:00 am
$
0
0
hello,

I am trying to crack a wpa2/pmkid hash, using a mask or ruleset

the hash I am trying to brute has the following properties
  • exactly 12 characters long
  • only uppercase
  • numbers 0-9
my questions are is rule/mask based even the way to approach this?
or should i be using something else

Thanks in advance,

Shroom

core speed limitation - overclocking

September 20, 2019, 8:18 am
$
0
0
Hello everyone,

I've got an RTX 2070 and by default runs on 1410Mhz. I can achieve easily 1850Mhz with MSI afterburner (tested with Kombustor).

I achieved, just for once, about 2000Mhz speed on hashcat but i was getting the error CL_OUT_OF_RESOURCES, so I applied the .reg patch.

Unfortunately, i can't get the overclocked speed again after restarting the computer.

Hashcat remains on 1410Mhz core speed, but I get 1850Mhz+ when I run Kombustor.

Any ideas?

Thank you in advance.

Archer dual band t4u v1 monitor mode

September 20, 2019, 4:46 pm
$
0
0
Hi there hashcat'ers, I have one important wuestiom gor me, maybe someone can answer please? I want to use mz wifi adapter Tp link t4u ac1200 v1 to check how safe is my wifi, but before the hard work I would love to know if its possible with this adapter? I found that v2 and v3 is good for that but I just cant find anything about v1. If I need to buy new adaper or card I will, but if my actual adapter is good too - I really lile the idea to save a bit of money Smile sorry for bad english, I've tried my best

is anyone crack .adobe file 2019

September 21, 2019, 12:54 am
$
0
0
hi my files are encyrpted is anyone decyprtp .adobe extantion veracyprt
Search

Exploiting the human factor

September 21, 2019, 9:26 am
$
0
0
The Enigma was cracked much due to the human factor and the human errors.
So I thought: How about making a mask that will run a brute force attack that will cover most of the human laziness?

My first thoughts:
1. Password length set to 8-10 chars.  
2. First letter may be uppercase or lowercase.
3. Last 1-3 chars is probably lowercase or numbers.


What's your thoughts about this approach, and what should be included, without making a mask that takes "forever" to run?

Unknown Hashes

September 21, 2019, 5:57 pm
$
0
0
Hi,
I have several types of hash that I can not identify!

1:  (132char)
5b3b340b67f212909f9f0b3369acc768914fe1e69c1a5e2808b16687647e3afd699c712ccae5c06637e7c511472f8463d831891fbf7d4dc84d0017d0884e7632598e

2: (44 char)
566f58e8919b66c23717a8d619dc92a88f6c0c5f2749
566ffde078e94998bbab685526ee5feb0859dbcf0794
566f38661c01e1bde8b3ee56bc6f9fd148e6e3a535b7
5c40ab86d9716433a3ea98ac000c9e5509141ad1ec9f
56782ad7ed61a32b7bb55963eb1bf9a87fe40e75cb12

3: (160 char)
8A484F2FF4DA7A0DB869312B594B34588C25A4F562C1F7119DC05E3DA7EF83ABA330E0E6985ABB7867F648DA6172F73051779A2A00251EA7DE70676CD351F76F6C0876885DC445C6968894B7F61679BF
8A484F2FF4DA7A0DB869312B594B34587DEAD0A712D60C7A46E87E8BC5EFF8D793CF1C31964AD32CDE354E1532EC9BC4AB959A60CB2B4C4D3D16C267A32A7CB2EA08563E2309129C3942F825FABE588E
8A484F2FF4DA7A0DB869312B594B3458A1AAD850D2507F06A4758516787FC40B82025D8B871D0B911ED3772DBE14169D5BDBE3F7C2A1F1A6A15ED61FEFB2A13D22BD9469E8731556AC7AC78C50747DED


4:
Vj8GJAhsAmFSM1U0Dz8Mbgxo
VhgJQA8ZWhg=
ABxdG1cbB0s=
ACMCal11XHJRaFEgAiQAYg==

bye!

Fritzbox and PMKID is possible?

September 22, 2019, 6:45 am
$
0
0
hello crackers, maybe someone know if Fritzbox (german model) routers is able to give PMKID? I had hcxptools trying to get it for about 3 hours but I just didnt got PMKID, with aircrack-ng and tools I can get handshake, with hashcat tools I can get handshake too but without PMKID its not working so I cant use hashcat for that purpose. With handshake I have no problems, but I;m just looking for answer if fritzbox have PMKID ability? my model is Fritz Box 7430

[PrinceProcessor] Trying to change --pw-max

September 22, 2019, 7:19 am
$
0
0
Hi, folks.

I've been challenged to crack one of those dice-generated passphrases (portuguese words separated by spaces). I created an MD5 hash of the following string: "passaros banana montanha vista".

I have this very short wordlist that I'm passing to pp64 (merely for testing):

Code:
sol
passaros
banana
vista
cidade
montanha

Each line ends with a whitespace, which is removed only from the end of the candidate phrase with a hashcat rule.


As you can see, the longest words are composed of 8 characters (9 characters if we count the trailing whitespace), and the maximum number of words in my combination is 4. So I need to set --pw-max to 36.

This is what happens when I do:

Code:
>>> pp64 --pw-max=36 --elem-cnt-min=4 --elem-cnt-max=4 -o res.txt < shortlist.dict

Value of --pw-max (36) must be smaller or equal than 32

I don't understand the reason for this limitation, as we're not brute-forcing, we're simply giving it a few elements to rearrange - a few words. Why does the length of the candidate combination matters?

If I set --pw-max to 32 or lower (and use smaller words to fit into that), pp64 will simply hang forever without errors. It creates an empty res.txt file and sits there, presumably stalled. It only runs successfully if I don't specify --pw-max, which keeps the default limit of 16 characters.

Additional info:
- pp64 was built from source, running on Arch Linux.

I want to output the hashcat cracked password to the database

September 22, 2019, 7:27 pm
$
0
0
I want to output the hashcat cracked password to the database and display it on the webpage. Can this idea be implemented?
Viewing all 7847 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>