Quantcast
Channel: hashcat Forum - All Forums
Viewing all 7847 articles
Browse latest View live

APFS encrypted device with T2-Chip

February 6, 2020, 6:50 am
$
0
0
Following to this post, I successfully extracted an apfs-hash with apfs2hashcat and was able to attack it with hashcat. Now the question arises how the hash behaves when a T2 chip is installed in the Macbook? Can you still read out the hash like that or what should i watch out for?
Is there anything to be considered when restoring the password or can you attack as usual, for example with wordlists and rules?
Search

Apple Secure Notes Help

February 6, 2020, 7:22 am
$
0
0
Hey everyone!

I am brand new to this whole thing and have been trying to learn all I can. My wife has Apple Notes that are locked with a password that she can't remember. I have tried everything from using every password we know of to jailbreaking an iPad and trying to pull it down from there. 

After some research, I found hashcat. I am trying to see where a good start is. I have dabbled in it and when I run using the brute force method, it doesn't show there are any hashes available. I know there is a password on them though and can see them protected when looking at the file in a DB explorer.

I think I am pulling the correct file in (NoteStore.sqlite) and I can see data in it. 

What am I doing wrong here or where is a good start?

Thanks guys!!

Deleting symbols with rules?

February 6, 2020, 10:31 am
$
0
0
Hello,
Is there a way to write a rule to delete/purge symbols from the candidate? I tried "@?s" but hashcat is not very happy. Is there a way to do this that's better than "@? @! @_ @,....."? I haven't seen it in the documentation...
Thanks!

DCC2 Cracking from a file not working

February 7, 2020, 6:26 am
$
0
0
DCC2 cracking from a file doesn't seem to work anymore. 
 
If I don't use a file and put the hash in single quotes into the command like ./hashcat64.bin -m 2100 '$DCC2$10240#tom#e4e938d12fe5974dc42a90120bd9c90f' ../wordlists/all.txt -r rules/dive.rule then it's fine.

 I also tried putting the single quotes around the hash in the file as well with no luck.



./hashcat64.bin -m 2100 ../hash.txt ../wordlists/all.txt -r rules/dive.rule
hashcat (v5.1.0) starting...

OpenCL Platform #1: NVIDIA Corporation
======================================
* Device #1: GeForce GTX 1070 Ti, 2029/8119 MB allocatable, 19MCU
* Device #2: GeForce GTX 1070 Ti, 2029/8119 MB allocatable, 19MCU
* Device #3: GeForce GTX 1070 Ti, 2029/8119 MB allocatable, 19MCU
* Device #4: GeForce GTX 1070 Ti, 2029/8119 MB allocatable, 19MCU

Hashfile '../hash.txt' on line 1 (8268b9bdcf75cd24551bd0b39c406a90): Separator unmatched
No hashes loaded.

eGPU

February 7, 2020, 6:29 am
$
0
0
I am planning to buy an eGPU box for a 2080ti card.

Do you know of any eGPU with great performance that works with Hashcat in both Linux and Windows?

I noticed on egpu.io that there's a column labelled "I/O ports bandwidth", some cards have 5Gbps and some 10Gbps. How does this affect on the cracking speed?

Razor Core X seems to be in top but the Razer Core X Chroma has more GPU power which I assume is good since these card draw a lot of current.

Then the Asus XG Station Pro seems to be the first card in the list having 10Gbps bandwidth.

I hope that any of you have experience to share so I don't have to buy several boxes before I find one that works great.

Thanks!

/p

Combinator or Rules Assistance

February 7, 2020, 6:33 pm
$
0
0
Hello,

Hashcat is a great utility.  With it, I am able to recover my buddy's will after he lost the password in a cellular phone (single point of) failure.  It saves retyping dozens of pages of information.

The current goal is to recover the password that is partially known.  It is a combination of three words in pseudo-1337 ( i/1, e/@ and o/0).  Can Hashcat be set to combinator with three or more dictionaries?  Failing that, can someone assist with or minimally point to a means to design a rules file?

T. I. A.

silekonn

Need assistance with veracrypt container

February 7, 2020, 7:56 pm
$
0
0
Good day,



I have spent the last two days banging my head against the wall and I am very confused as to why my hash files are not working. I used dd running on debian linux to extract the first 512 bytes from my encrypted file and I saved the file using SHA-512 default settings within veracrypt. However no matter what algorithm I use I am always met with Exhausted status.



.png   hashencrypt.png (Size: 330.57 KB / Downloads: 4)


This is bizare to me as I created a test encrypted file with a password of abc123 and I am using the following instructions to hashcat.



Code:
.\hashcat64 -m 13721 -a 3 -w 4 -S img512.vc abc12?d --self-test-disable


.png   exhausted.png (Size: 147.86 KB / Downloads: 8)



What am I doing wrong here? I feel like I am following the instructions to a tee however it never guesses the right hash even when I have such a simple password as abc123. I am running hashcat on my windows pc because I have two GPU's to use for faster hashing, my other computer (running debian) is using a low end nvidia card so the two AMD cards in this one are much faster. 



I should also add that I even created a txt file wordlist that contained only the exact password abc123 and changed my attack mode from mask attack to brute force and even with the exact password I used, it returns Exhausted status.



Any help is greatly appreciated. Thanks!

1660 familly

February 8, 2020, 3:34 am
$
0
0
Gonna buy a GPU for hashcat, and as I dont hash large dicts, I was considering a 1070 used or a 1660 new.
Have anyone tried the 1660 already? wondering if the hashrates woul be better than a 1060 and closer to a 1070.

thanks
Search

Vega 10 on Ryzen 7

February 8, 2020, 11:36 am
$
0
0
Hi,
I might buy a notebook with Ryzen 7 3700U which comes with Vega 10 GPU. I wonder if it can run hashcat on Linux (Ubuntu/Debian). I know if the card supports running hashcat, it won't be very fast but just need it running since most of the time i will be using rockyou or seclists.
Regards.

Need help to identify encryption

February 8, 2020, 1:08 pm
$
0
0
I have a router Huawei HG8145V5 and I backed-up config file in order to find root password, but I found that password is encrypted and here is how does it look like
Code:
    UserName="root" Password="$2tMx=+eY3+*g46l*b@Uk<3YN$L`<#K!j(5a%(5\G1ma7;;hP=RH.:q[XMze!FL43,O#}Fz9zLFQ6/>!:)aHY:QL/Bg<TMj(5^U2$I$"
and
Code:
    Salt="8d72593e65eac9eccfc75ce7"
I tried SHA256(MD5(password)) but its not sha256 its something diferent, can anyone guess what encryption is it ?

3DES Known Plaintext - How?

February 9, 2020, 5:19 pm
$
0
0
Hi,
I've a 3DES ECB block and know the plaintext, can you help me on the hashcat syntax?

I'm trying:
Code:
./hashcat -m 14100 -a 3 0123456789abcdef:1234567 "?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a"

while "0123456789abcdef" represents the cipher text and 1234567 represents the known plaintext.

I just receive "Hash '0123456789abcdef:1234567': Token length exception"...

The documentation to 3DES says:
Code:
  14100 | 3DES (PT = $salt, key = $pass)                  | Raw Cipher, Known-Plaintext attack

but i have no idea how to use that.

Hex keyspace reducer

February 10, 2020, 1:49 am
$
0
0
Hi, I'm attempting to crack a 10 char Hex hash.
Brute-forcing is not practical for obvious reasons therefore I'm trying to reduce the keyspace.
I'm trying to use 10-Hex-Generator.. hereins the issue.
The 10-Hex-Generator project is a few years old now but I suspect the math still stands where as the instructions in the README doesn't.
Does anyone have any experience with this and could possibly help.
Thanks as always.

Linux vs Win speed

February 10, 2020, 1:56 pm
$
0
0
I get better performance in Ubuntu 18.04 vs Win7. In Ubuntu, hashcat chooses different -n -u -T values ant it works faster 8-11% on few tested hashes. I tried forcing these values in Win7 but I get same (low) result. Card is EVGA GTX1080 Classified. Both OS on stock clock. There is difference in driver version (Win7 442.19 / Ubuntu 418.43) and cuda versions (10.2 vs 10.1). Still, in Win7 using latest drivers. Wiki implies no difference in speed between OS's, but in my case I just can't make it work on the same level as in Ubuntu. Can anyone confirm this on any Linux distro?


PMKID:
Code:
./hashcat64.bin -m 16800 -w 3 -b
Speed.#1.........:  453.1 kH/s (89.92ms) @ Accel:128 Loops:64 Thr:1024 Vec:1

./hashcat64.bin -m 16800 -w 4 -b
Speed.#1.........:  474.0 kH/s (342.97ms) @ Accel:128 Loops:256 Thr:1024 Vec:1

hashcat64.exe -m 16800 -w 3 -b
Speed.#1.........:  432.3 kH/s (93.27ms) @ Accel:512 Loops:64 Thr:256 Vec:1

hashcat64.exe -m 16800 -w 4 -b
Speed.#1.........:  430.5 kH/s (374.79ms) @ Accel:512 Loops:256 Thr:256 Vec:1

Forcing same -n -u -T values in Windows as per 1st example top:
Code:
hashcat64.exe -m 16800 -a 3 -n 128 -u 64 -T 1024 d:\test.16800 ?a?a?a?a?a?a?a?a --force
Speed.#1.........:  435.0 kH/s (93.16ms) @ Accel:128 Loops:64 Thr:1024 Vec:1

MD5
Code:
./hashcat64.bin -m 0 -w 3 -O -b
Speed.#1.........: 28317.4 MH/s (93.24ms) @ Accel:128 Loops:1024 Thr:1024 Vec:4

./hashcat64.bin -m 0 -w 4 -O -b
Speed.#1.........: 28280.4 MH/s (94.19ms) @ Accel:128 Loops:1024 Thr:1024 Vec:4

hashcat64.exe -m 0 -w 3 -O -b
Speed.#1.........: 25635.4 MH/s (51.49ms) @ Accel:512 Loops:512 Thr:256 Vec:4

hashcat64.exe -m 0 -w 4 -O -b
Speed.#1.........: 25763.1 MH/s (102.63ms) @ Accel:512 Loops:1024 Thr:256 Vec:4

cap to hccapx problem [Zero value timestamps detected]

February 11, 2020, 12:17 am
$
0
0
I have a problem my friends.
I got a cap files from wifislax.
Normal cap files have at least 100-200 kb sizes but this file is 1 kb
So when i convert it to  HCCAPX  it gives error at hashcat converter page

Zero value timestamps detected in file: in/1620_1581406797.cap.
This prevents correct EAPOL-Key timeout calculation.
Do not use preprocess the capture file with tools such as wpaclean.


Before i could convert this type files from below tool without a problem
https://www.onlinehashcrack.com/tools-ca...verter.php
But now this tool is under maintenance.
How can i solve this problem?
How can i convert these without getting error?

I added my cap files also.
https://s4.dosya.tc/server9/ywk39k/handshakes.rar.html
Thnaks for your replies

A bit of an issue with rules.

February 11, 2020, 11:45 am
$
0
0
I have a wordlist that contains several 5 char words using it as a test password dictionary, all lower case.
I have a WPA .cap (from airodump) file for my AP that has been converted to .hccapx (via website)
I have a rule file that contains simply c $6 $6 $6

if I run:
/usr/local/bin/hashcat -a 0 -m 2500 /home/Andy/Desktop/11776_1581445165.hccapx /home/Andy/Desktop/000.txt -r /home/Andy/Desktop/my.rule

I get:
Session..........: hashcat                     
Status...........: Exhausted
Hash.Type........: WPA-EAPOL-PBKDF2
Hash.Target......: Ap3301 (asdfasdfasdfasdfasdf)
Time.Started.....: Tue Feb 11 13:36:11 2020 (0 secs)
Time.Estimated...: Tue Feb 11 13:36:11 2020 (0 secs)
Guess.Base.......: File (/home/Andy/Desktop/000.txt)
Guess.Mod........: Rules (/home/Andy/Desktop/my.rule)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:        0 H/s (0.00ms) @ Accel:128 Loops:32 Thr:64 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 3/3 (100.00%)
Rejected.........: 3/3 (100.00%)
Restore.Point....: 3/3 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-0 Iteration:0-32
Candidates.#1....: [Copying]
Hardware.Mon.#1..: Temp: 52c Fan:  0% Util:  0% Core:1410MHz Mem:6801MHz Bus:16

Note: if I run it with --stdout it does show the rules applied and thus my password.
also if ran as -a 3 -w 2500, no rule file and the *correct* password inside the dictionary file it does indeed find it correctly.
Search

Building 4 GPU Rig - Thoughts?

February 11, 2020, 8:26 pm
$
0
0
I've been researching some different options to create a password cracking rig that will contain 4 GPUs. I'm looking for your input to see if this "semi-budget" build using a mix of new and used parts will work out with the following parts I've listed below. Please let me know if there's better options in the same price range and maybe other cheaper options I should consider that con accomplish the same thing. I'm vendor agnostic and don't mind used/open box parts.

        Part | Cost | Condition
  • Samsung - 860 EVO 1TB Internal SATA SSD | $109 | Used
  • Rosewill Hercules 1600w Power Supply | $130 | Used
  • NVIDIA GeForce GTX 1080 8 GB Founders Edition GPU | $350 | Used
  • CHENBRO RM41300-FS81 Black Server Case | $163 | New
  • Intel Core i7-5930K | $100 | Used
  • Cooler Master Hyper 212 Black Edition CPU Cooler | $30 | New
  • 2 x Crucial Ballistix Sport LT 16 GB (1 x 16 GB) DDR4-2400 RAM | $130 | New
  • Gigabyte X99 SLI ATX Motherboard | $170 | Used
  • Total Cost: $1,181.97 as of 2-11-2020
Let me know what you think, thanks in advance!

Note: This build will start with one GPU in the beginning and the additional GPUs will be added over time. Also a server case is preferred right now so it can be rack-able (open to suggestions on other cases).

Cap file convert to hccapx HELP

February 12, 2020, 7:48 am

Performance Difference PMKID vs HCCAPX?

February 12, 2020, 12:40 pm
$
0
0
I learned how to get mode 22000 PMKID 2 mode 16800 files.
I use m 2500 HCCAPX

Are there any differences between these?
I mean how about speed difference for cracking a file

Thanks very much.

Need advice of Drivers for my setup.

February 13, 2020, 6:30 am
$
0
0
Hi, after dealing with some rest and error with drivers and versions. I wanna ask for advice of what drivers to install after a clean Ubuntu Server install just for Hashcat. I will access via SSH so no GUI is needed.

CPU: AMD 630 fx
GPU: nVidia 1660 Super

Do I need to install Intel OpenGL drivers? what Order to do it?

Install Ubuntu --
Intel OpenGL Core drivers --

1) terminal install dependencies
sudo apt-get install lsb-core -y
sudo apt-get install opencl-headers -y
2) Download Intel OpenCL driver


Nvidia Drivers --
Hashcat from GIT

thanks.

hcxpcaptool does not detect beacon packet

February 14, 2020, 3:13 am
$
0
0
I have pcapng file of 5 packets (attachment https://easyupload.io/74zyro). Four of them are handshake EAPOLs and one is beacon. I think it should be enough information for hcxpcaptool to create hash file.

But when I run command "hcxpcaptool -o /root/HS.hash /root/hs_plus_beacon.pcapng"

I get this result:

summary capture file:                         
---------------------
file name........................: hs_plus_beacon.pcapng
file type........................: pcapng 1.0
file hardware information........: unknown
capture device vendor information: 000000
file os information..............: Linux 5.2.0-kali2-amd64
file application information.....: Mergecap (Wireshark) 3.0.3 (Git v3.0.3 packaged as 3.0.3-1) (no custom options)
network type.....................: DLT_IEEE802_11 (105)
endianness.......................: little endian
read errors......................: flawless
minimum time stamp...............: 11.10.2005 23:07:52 (GMT)
maximum time stamp...............: 11.10.2005 23:07:52 (GMT)
packets inside...................: 5
skipped damaged packets..........: 0
packets with GPS NMEA data.......: 0
packets with GPS data (JSON old).: 0
packets with FCS.................: 0
association requests.............: 1
EAPOL packets (total)............: 4
EAPOL packets (WPA2).............: 4
best handshakes (total)..........: 1 (ap-less: 0)

summary output file(s):
-----------------------


Beacon is not detected, just EAPOLs, and I don't get any output file.

I need to say that, this pcapng file was created with text2pcap and mergecap tools, because I am using raw packets captured by tshark and written to database.

I use this commands:

"text2pcap ap_rawfile ap_raw_file.pcapng -n -l 127"
"text2pcap eapols_rawfile eapols_rawfile.pcapng -n -l 105"
"mergecap ap_raw_file.pcapng eapols_rawfile.pcapng -F pcapng -w hs_plus_beacon.pcapng"
Viewing all 7847 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>