Quantcast
Channel: hashcat Forum - All Forums
Viewing all 7847 articles
Browse latest View live

Wallet.dat recovery

January 10, 2020, 7:07 am
$
0
0
Hi guys,

I have wallet.dat btc which I didnt use for long time and forgot passphrase. I have some candidates for it and it doesnt work. 

My question is related to this great software which I started for hashing. So I hashed out wallet.dat and import it in .bat file which is starting hashcat.exe. I am doing this with 3x1060 6gb gpus and those are working good on 100% but...

1. I didnt import words in it cause when tried it says need -a 0, when try to make -a 0 it doesnt recognize hash. So how to import words?

2. when will I know if it found passphrase?

3. What about masking, I read it a lot about it but do not have clue of passphrases?

4. what rules is best in my case?

edit:
5. if electricity stops what about log file?

I am on win7 64bit 

Thanks in advance for help and maybe this will hlp somebody else Smile
Search

In The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) No device found/left

January 11, 2020, 7:56 am
$
0
0
Hello I am using The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) linux with noveau graphic driver. And when I tried to do following

sudo hashcat -m 500 md5hash.txt /usr/share/wordlists/rockyou.txt

it says
No devices found/left.
I am using hashcat 5.1.0
Am I missing any package?

How to view SSID of cracked PMKID (16800) PCAP?

January 11, 2020, 10:47 pm
$
0
0
Hi all, 

I've got a grouped pcap file of about 11 Wifi PMKID captures. 

I've run this with Hashcat and cracked a couple with the below: 

Code:
./hashcat64 -m 16800 -o .\output\results.txt .\handshakes\all.pmkid .\wordlist\1stAttackWordlist.txt

The results in the output file are like: 

Code:
cf5ae152s57d97ba4336e13162f34ac7*807d1452c6e4*0ace1b4b5967*43616d616e64417269:P@ssw9rd
etc...
etc...

Why doesn't Hashcat save the SSID with it, or how can I tell what cracked hash belongs to which SSID? 

Any help appreciated. 
Cheers

Hashcat on VPS (CPU only)

January 13, 2020, 5:53 am
$
0
0
Hi folks,

I'm struggling a bit with running hashcat on VPS with KVM in CPU only mode.
I installed opencl from Intel and here are some major command's output:

clinfo:
Code:
Number of platforms                              2
  Platform Name                                  Intel(R) OpenCL
  Platform Vendor                                Intel(R) Corporation
  Platform Version                                OpenCL 1.2 LINUX
  Platform Profile                                FULL_PROFILE
  Platform Extensions                            cl_khr_icd cl_khr_global_int32_base_atomics cl_khr_global_int32_extended_atomics cl_khr_local_int32_base_atomics cl_khr_local_int32_extended_atomics cl_khr_byte_addressable_store cl_khr_depth_images cl_khr_3d_image_writes cl_intel_exec_by_local_thread cl_khr_spir cl_intel_vec_len_hint
  Platform Extensions function suffix            INTEL

  Platform Name                                  Clover
  Platform Vendor                                Mesa
  Platform Version                                OpenCL 1.1 Mesa 13.0.6
  Platform Profile                                FULL_PROFILE
  Platform Extensions                            cl_khr_icd
  Platform Extensions function suffix            MESA

  Platform Name                                  Intel(R) OpenCL
Number of devices                                1
  Device Name                                    Common KVM processor
  Device Vendor                                  Intel(R) Corporation
  Device Vendor ID                                0x8086
  Device Version                                  OpenCL 1.2 (Build 37)
  Driver Version                                  1.2.0.37
  Device OpenCL C Version                        OpenCL C 1.2
  Device Type                                    CPU
  Device Profile                                  FULL_PROFILE
  Max compute units                              2
  Max clock frequency                            0MHz
  Device Partition                                (core)
    Max number of sub-devices                    2
    Supported partition types                    by counts, equally, by names (Intel)
  Max work item dimensions                        3
  Max work item sizes                            8192x8192x8192
  Max work group size                            8192
  Preferred work group size multiple              <getWGsizes:494: create context : error -2>
  Preferred / native vector sizes               
    char                                                1 / 16     
    short                                                1 / 8     
    int                                                  1 / 4     
    long                                                1 / 2     
    half                                                0 / 0        (n/a)
    float                                                1 / 4     
    double                                              0 / 0        (n/a)
  Half-precision Floating-point support          (n/a)
  Single-precision Floating-point support        (core)
    Denormals                                    Yes
    Infinity and NANs                            Yes
    Round to nearest                              Yes
    Round to zero                                No
    Round to infinity                            No
    IEEE754-2008 fused multiply-add              No
    Support is emulated in software              No
    Correctly-rounded divide and sqrt operations  No
  Double-precision Floating-point support        (n/a)
  Address bits                                    64, Little-Endian
  Global memory size                              2101669888 (1.957GiB)
  Error Correction support                        No
  Max memory allocation                          525417472 (501.1MiB)
  Unified memory for Host and Device              Yes
  Minimum alignment for any data type            128 bytes
  Alignment of base address                      1024 bits (128 bytes)
  Global Memory cache type                        Read/Write
  Global Memory cache size                        524288
  Global Memory cache line                        64 bytes
  Image support                                  Yes
    Max number of samplers per kernel            480
    Max size for 1D images from buffer            32838592 pixels
    Max 1D or 2D image array size                2048 images
    Max 2D image size                            16384x16384 pixels
    Max 3D image size                            2048x2048x2048 pixels
    Max number of read image args                480
    Max number of write image args                480
  Local memory type                              Global
  Local memory size                              32768 (32KiB)
  Max constant buffer size                        131072 (128KiB)
  Max number of constant args                    480
  Max size of kernel argument                    3840 (3.75KiB)
  Queue properties                               
    Out-of-order execution                        Yes
    Profiling                                    Yes
    Local thread execution (Intel)                Yes
  Prefer user sync for interop                    No
  Profiling timer resolution                      1ns
  Execution capabilities                         
    Run OpenCL kernels                            Yes
    Run native kernels                            Yes
    SPIR versions                                1.2
  printf() buffer size                            1048576 (1024KiB)
  Built-in kernels                               
  Device Available                                Yes
  Compiler Available                              Yes
  Linker Available                                Yes
  Device Extensions                              cl_khr_icd cl_khr_global_int32_base_atomics cl_khr_global_int32_extended_atomics cl_khr_local_int32_base_atomics cl_khr_local_int32_extended_atomics cl_khr_byte_addressable_store cl_khr_depth_images cl_khr_3d_image_writes cl_intel_exec_by_local_thread cl_khr_spir cl_intel_vec_len_hint

  Platform Name                                  Clover
Number of devices                                0

NULL platform behavior
  clGetPlatformInfo(NULL, CL_PLATFORM_NAME, ...)  Intel(R) OpenCL
  clGetDeviceIDs(NULL, CL_DEVICE_TYPE_ALL, ...)  Success [INTEL]
  clCreateContext(NULL, ...) [default]            <checkNullCtx:2241: create context with device from default platform : error -2>
  clCreateContext(NULL, ...) [other]              <error: no devices in non-default plaforms>
  clCreateContextFromType(NULL, CL_DEVICE_TYPE_CPU)  No devices available in platform
  clCreateContextFromType(NULL, CL_DEVICE_TYPE_GPU)  No devices found in platform
  clCreateContextFromType(NULL, CL_DEVICE_TYPE_ACCELERATOR)  No devices found in platform
  clCreateContextFromType(NULL, CL_DEVICE_TYPE_CUSTOM)  No devices found in platform
  clCreateContextFromType(NULL, CL_DEVICE_TYPE_ALL)  No devices available in platform

ICD loader properties
  ICD loader Name                                OpenCL ICD Loader
  ICD loader Vendor                              OCL Icd free software
  ICD loader Version                              2.2.11
  ICD loader Profile                              OpenCL 2.1


lscpu:

Code:
Architecture:          x86_64
CPU op-mode(s):        32-bit, 64-bit
Byte Order:            Little Endian
CPU(s):                2
On-line CPU(s) list:  0,1
Thread(s) per core:    1
Core(s) per socket:    2
Socket(s):            1
NUMA node(s):          1
Vendor ID:            GenuineIntel
CPU family:            15
Model:                6
Model name:            Common KVM processor
Stepping:              1
CPU MHz:              2599.998
BogoMIPS:              5199.99
Hypervisor vendor:    KVM
Virtualization type:  full
L1d cache:            32K
L1i cache:            32K
L2 cache:              4096K
L3 cache:              16384K
NUMA node0 CPU(s):    0,1

hashcat -I

Code:
hashcat (v3.30) starting...

clGetDeviceIDs(): CL_DEVICE_NOT_FOUND

OpenCL Info:

Platform ID #1
  Vendor  : Intel(R) Corporation
  Name    : Intel(R) OpenCL
  Version : OpenCL 1.2 LINUX

  Device ID #1
    Type          : CPU
    Vendor ID      : 8
    Vendor        : Intel(R) Corporation
    Name          : Common KVM processor
    Version        : OpenCL 1.2 (Build 37)
    Processor(s)  : 2
    Clock          : 0
    Memory        : 501/2004 MB allocatable
    OpenCL Version : OpenCL C 1.2
    Driver Version : 1.2.0.37

Platform ID #2
  Vendor  : Mesa
  Name    : Clover
  Version : OpenCL 1.1 Mesa 13.0.6

Note, that I also tried HC 4 and 5 but none of this seemed to work.
I tried running a benchmark like this:

Code:
nism0@smoke:~$ hashcat -b -D1
hashcat (v3.30) starting in benchmark mode...

clGetDeviceIDs(): CL_DEVICE_NOT_FOUND

OpenCL Platform #1: Intel(R) Corporation
========================================
* Device #1: Common KVM processor, 501/2004 MB allocatable, 2MCU

OpenCL Platform #2: Mesa, skipped or no OpenCL compatible devices found

Hashtype: MD4

clCreateContext(): CL_UNKNOWN_ERROR

Started: Mon Jan 13 14:53:03 2020
Stopped: Mon Jan 13 14:53:04 2020
nism0@smoke:~$

Any help would be apprecieated.

Pantagrule, a really large last-resort ruleset

January 13, 2020, 8:49 pm
$
0
0
i made this a while back but thought i should post it here as a "user contribution", even though the end result was mediocre.

when studying iphelix's PACK, i wanted to see if using newer, larger data sources provided better rules than NSAKEY's old set did. i decided to try to make a ruleset that was generated from breaches using PACK's LRP algorithm, which led to this very very large ruleset. while it's huge and thus not great on slow hashes, it has proven itself on some pentests to yield some extra cracks. 



https://github.com/rarecoil/pantagrule




The conclusion:



Quote:This work confirms the limitations of the PACK LRP algorithm originally witnessed by _NSAKEY on modern data sets when using the rockyou dictionary. While the LRP algorithm does generate rules that increase cracking percentage, it does so at a large increase in keyspace. For this reason, Pantagrule is most useful in cases where difficult cracking requires exotic rules.


In this purpose, Pantagrule is successful. Pantagrule's massive rule list was originally made and honed in an attempt to break more of the long tail from the Pwned Passwords list than was being seen with existing rules. The
pantagrule.1m list cracked 8% of the remaining HIBP hashes that had stood up to the dictionary used to generate Pantagrule, the above common rule sets, a 7-character alphanumeric brute force, and KoreLogic's PathWell topologies.

CL_INVALID_VALUE - yes, OpenCL is installed

January 13, 2020, 9:41 pm
$
0
0
Hi all,
I googled, I searched the wiki, I searched the forum but cannot find even the slightest hint how to solve this problem. Symptoms:

D:\programs\hashcat-5.1.0>hashcat64.exe -I
hashcat (v5.1.0) starting...
clGetDeviceInfo(): CL_INVALID_VALUE


Additional info:
-  First and foremost: I am only interested to run hashcat on CPU. My graphics card is old, unsupported, I don't plan to obtain another.
- Windows 7 pro, 64 bit     (the 32 bit executable behaves exactly the same way as above)
- hashcat 5.1.0
- OpenCL installation:  opencl_runtime_18.1_x64_setup.msi
- CPU: Intel Core i5 760

Any hints?
Thank you very much!

Emanuel

Create PKZIP Master Key

January 14, 2020, 5:21 am
$
0
0
Hello,

I want to understand how to create a valid Pkzip master key for the mode 20500 or 20510 from this hash generated from 
zip2john:

Code:
test.zip:$pkzip2$1*1*2*0*XXX*$/pkzip2$:::::test.zip

I need to know how to do it, I have try with explanations from the PDF ICISSP_2019_45.pdf but I can't get something functional and because the mode 17200 is not compatible with my AMD GPU's.

Thank you for your help.

veracrypt pim

January 15, 2020, 8:20 am
$
0
0
can i use hashcat to recover my pim i know the range and i have passwords and keyfiles?
Search

Gpu Limit

January 15, 2020, 4:35 pm
$
0
0
I'm looking to build a password cracking setup as a project

I know someone that wants to sell 24 x RX570 out a mining rig. I already have a asus extreme motherboard and a amd 3790x cpu and a 1600w power supply , the power supply I'm sure Im going to maybe need two or three

Can anyone advise me ?

Is there a limit to mulitple gpu's i.e risers etc with hashcat etc, or what would I require to be able to get 24 x RX570 work, or is what I'm trying to do not feasible and a waste of time, if so can advise and explain any info/help would be appreciated 

EDIT : so quickly looking into pci spec , I'm guessing I'm restricted to 6 to 8 per motherboard via risers, so in order to use more than 8 I'll have to add more motherboards/powersupplies. can you setup three motherboards and 24 x RX570 as a slave and use one more motherboard as the primary to get hashcat to utilize all the gpu's ?

After looking for motherboards I found the asus b250 19 gpu mining board
has anyone tried using this with 19 gpu and hashcat ???

Telegram and hashcat.

January 16, 2020, 1:36 am
$
0
0
Hello,
Is it possible to crack the Telegram local password with hashcat?

Thank you.

kwprocessor stalling

January 16, 2020, 1:03 pm
$
0
0
Hey all, not sure if questions about kwprocessor are allowed here, but i'm having some issues so i thought i'd give it a shot.

I recently built v1.00 of kwprocessor on up to date Ubuntu 18.04.3 LTS box and it seems to get into some sort of infinite loop with some of the included route files, although others work fine.

For instance:

Code:
$ ./kwp basechars/tiny.base keymaps/en-us.keymap routes/2-to-16-max-3-direction-changes.route | head -3
1q
qa
1`


That works instantly and correctly as far as i can tell. However:


Code:
./kwp basechars/tiny.base keymaps/en-us.keymap routes/2-to-16-max-4-direction-changes.route

Simply never returns. If i look at system stats kwp is using 100% of a core, but i've let it run for some time and it never outputs anything, plus I would assume it to start outputting things very quickly anyway.

This seems related to an issue i see on github. I also see the same issue with 2-to-32-max-5-direction-changes.route.

I split 2-to-16-max-4-direction-changes.route into multiple pieces to see if I could narrow down what specific route was causing the hang, but things got even weirder. If I split it into two pieces, both pieces will hang. If I split it into 4 (or more) pieces, none of them hang, so i'm guessing its some combination of routes or something.

Any help would be appreciated. Obviously I can break it up to work around this issue if i need to, but it seems like it might be good to fix the underlying cause as others are experiencing it as well.

Help with unknown MSSQL HASHBYTES function hash

January 17, 2020, 8:40 am
$
0
0
Hello,
I'm trying to test an old .net application which is using MSSQL database to store user accounts. As far I found that this application uses 2 columns for storing passwords. I suppose that one of the columns contains some kind of encrypted password and the other one contains hash of the same password.

Here is my test password:

Clear text password:
Pass123$

SQL HASH
Code:
0xXE9XX2685XX09XX6X191XX16944D9D01179266F

I made some checks and found that the SQL query "SELECT HASHBYTES('SHA1', 'Pass123$');" creates the same hash.
Code:
0xXE9XX2685XX09XX6X191XX16944D9D01179266F

I tried guessing the hashes with https://www.onlinehashcrack.com/hash-identification.php

I found that first one is unknown so I think is not hash function. The second reports to mssql2005


I tried these three but unsuccessful:

131 | MSSQL (2000)                                    | Database Server
132 | MSSQL (2005)                                    | Database Server
1731 | MSSQL (2012, 2014)                              | Database Server


with the following warning: Hashfile '1.txt' on line 297 (0xFF70...XXXXX00BXXXXXBBE1XXXXX55XXXXX447): Token length exception

I also found more about MSSQL hashing here:

https://passlib.readthedocs.io/en/stable...l2005.html

It looks like SHA-1 without the salt and in uppercase.

So my two questions are:

1) How to match my test hash?
2) Any suggestions for the encryption of the first password, I think that it should be reversible.

Kind regards,
Nikolay

Mode 22000 Bad file descriptor

January 17, 2020, 2:51 pm
$
0
0
Using hashcat-5.1.0 beta 1610 :

Code:
hashcat.exe -m 22000  hash dic
works OK with sample hash WPA*01*9d42bfc4ab79cf3a3a85761efd2a0cf0*e8e61d2bfe07*e21f445660bb*3c3429452aba22e9a7a6*** (passwd hashcat)

but if I add a username :
username:WPA*01*9d42bfc4ab79cf3a3a85761efd2a0cf0*e8e61d2bfe07*e21f445660bb*3c3429452aba22e9a7a6***

Code:
hashcat.exe -m 22000  --username  hash dic
hashcat (v5.1.0-1610-g4b166317) starting...
...
Hashfile 'hash': Bad file descriptor
No hashes loaded.
Why ? Thanks.

What to watch out for when running two instances of Hashcat at once?

January 17, 2020, 4:15 pm
$
0
0
As the title says, I want to run two instances of hashcat at once, on the same computer, from the same folder. What should I look out for when I'm doing this, or should I not do this at all?

Currently on Windows 10 Education, using Hashcat v5.1.0-1602-gda7a13af+(due to Hashcat v5.1.0 not recognizing my GPU properly) on a Radeon RX 580.

All advice is appreciated!

Why Is Hashcat Soooooo Slow

January 17, 2020, 9:51 pm
$
0
0
Howdy All,

I am trying to crack an iTunes backup file for a friend that swears black and blue he never set a password on it. Unfortunately it contains all the photos,videos of his new born Sad 

I am running the following command.
hashcat hash.txt -m 14800 -a 6 dict.txt ?d?d?d?d --session 4Digits

I have prepared a word list of all his common passwords in the various combinations uppercase, lowercase, sentence case, reverse sentence case etc and this is saved in dict.txt. 

I am running it on my MAC mini and it is slow as hell! I thought this was because it only has an embedded Intel HD Graphics 4000. I created a Nv6 VM in Azure which runs the Nvidia Tesla card and loaded the GRID drivers and still the speed was slow extremely slow (a 90 day attack dropped to 30 days). 

When I start HashCat it states the following 

Filename: dict.txt
Password: 24
Bytes:163
Keyspace: 240,000


The wordlist or mask that you are using is too small. 

It doesn't seem to matter what I do to the mask or word list it still throws the wordlist too small error. According to hashcat.net/faq/morework I am suppose to use rules? 

./hashcat64.bin --stdout wordlist.txt -r rules/best64.rule | ./hashcat64.bin -m 2500 test.hccapx

What I can't figure out is which rule I am suppose to use? I presume my command would look something like
hashcat --stdout dict.txt -r rules/somerule | hashcat -m 14800 -a 6 ?d?d?d?d hash.txt --session 4Digits

I have read and reread the morework faq but I find it very confusing and can't work out if the speed is because the algorithm is simply slow or if it's because my word list is quote small (just 24 words) which I would have thought would made it faster and simpler to crack. 

Any help would be greatly appreciated. 

Thanks,
Chipper
Search

how long it takes

January 19, 2020, 12:40 am
$
0
0
Hi guys,

64 character hexadecimal hashed with sha512
128 character hexadecimal hashed with sha512
I found out that some of the apps are using 128 character version of this while some of them using 64 character version for seed generation.

I wonder if 64 character hexadecimal could be cracked with very very powerful vps setup?

Really appreciate answers,

Thanks!

password 8 letters

January 19, 2020, 11:48 am
$
0
0
Hello, having the password 8 letters (huberus) what command you need to do for hashcat

hashcat -m 2500 -a 3 -o password.txt dom.hccapx? l? l? l? l? l? l? l? l

if this command will be correct please help

ALFA AWUS036NHR V2 handshake

January 21, 2020, 2:43 am
$
0
0
Hello, do you also have trouble capturing WPA handshake?
ALFA AWUS036NHR V2
Chipset RTL8188RU 

rocktastic -> PACK

January 21, 2020, 10:57 pm

precompute bcrypt hashes

January 22, 2020, 4:11 am
$
0
0
Hi


I have a case in which i want to precompute a set of bcrypt hashes with a high difficulty.

I tried a ton of cpu based implementations and it is not comparable with the cracking throughput of hashcat on nvidia.

However I am missing the option to precompute a hashlist instead of cracking it with existing hashes. 

I guess it isnt possible with hashcat since rainbow tables are a thing of the past?

If thats the case can someone please reference me to a opencl or cuda implementation of a bcrypt digest.

Is it possible to port it from the hashcat codebase?

Would also be interested in hiring a freelancer to help with it.

Thanks!
Viewing all 7847 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>