Crack salted sha1 hash

March 10, 2020, 10:43 am

≪ Previous: A question about constant Exhausted

Greetings,

I'm trying to crack a salted sha1 hash with hashcat with no information about the password, but I have the salt.
All I know is that the hash was made with the following calculation: hash = sha1(--salt--password--).
I tried different things:

- hashcat -m 120 -a 0 -w 4 -O hashtocrack.hash wordlist.txt -r rulefile
with the following rule "$-$-"

I used the biggest word list that I had found on weakpass but all I got from hashcat was "Exhausted"...

I also tried to brute force it with different masks but no luck for now:
- hashcat -m 120 -a 3 -w 4 -O hashtocrack.hash maskfile

My main hypothesis, because of the website this hash comes from, was that the password started with an upper case later and ended with 1 to 4 figures (because I know from old passwords of the same user that they like to use meaningful years as a number in their passwords). The characters between the first letter and the figures are lower case letters in my hypothesis. And I used masks meeting the requirements of this hypothesis, like ?u?l?l?l?l?l?d?d?d?d for example.
Would it take too much time to use a weaker hypothesis to try to crack it?

Do you guys have any advice on how I could crack it? Whether it be about the masks I should use or other features of hashcat I am not aware of...

↧

Distributed Computing question

March 10, 2020, 1:39 pm

≫ Next: bitlocker Hash-types Mask Attack ?l?l?l Unable to crack the password correctly

≪ Previous: Crack salted sha1 hash

Beginner here, go easy.

First off, I have a repurposed mining rig (6 x 1080ti, Celeron CPU, 8GB RAM, 2 x 1200W PSUs). Second, I will be getting a Dual Xeon E5-2620 (6 cores, 12 threads ea) server with 96GB RAM, which I realize is a few years old, but it's available at my budget.

Here's my question: Can split the work so the server does the work that CPU and RAM do best, and the Nvidia rig does what GPUs do best? Or would it be better to spend my time and money finding a solution to integrate it all into one machine?

↧

bitlocker Hash-types Mask Attack ?l?l?l Unable to crack the password correctly

March 10, 2020, 5:39 pm

≫ Next: Multiple GPU Problem

≪ Previous: Distributed Computing question

Hello， everyone！
I would like to ask what's wrong with the following part?
Thanks for your answers!

My password is set to 88888aaa, when I cracking it, I used 88888?l?l?, but the program shows "Exhausted".

I WOULD like to Find Out what's wrong with my operating.

After a simple test, three consecutive? L? L? L hashcats will produce incorrect results.

Session..........: hashcat

Status...........: Exhausted

Hash.Name........: BitLocker

Hash.Target......: $bitlocker$0$16$**************$10...975e6d

Time.Started.....: Tue Mar 10 23:13:22 2020 (10 secs)

Time.Estimated...: Tue Mar 10 23:13:32 2020 (0 secs; Runtime limited: 14 mins, 50 secs)

Guess.Mask.......: 88888?l?l?l [8]

Guess.Queue......: 1/1 (100.00%)

Speed.#1.........: 1797 H/s (38.08ms) @ Accel:1 Loops:4096 Thr:1024 Vec:1

Recovered........: 0/1 (0.00%) Digests

Progress.........: 17576/17576 (100.00%)

Rejected.........: 0/17576 (0.00%)

Restore.Point....: 17576/17576 (100.00%)

Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:1044480-1048576

Candidates.#1....: 88888ane -> 88888qgx

Hardware.Mon.#1..: Temp: 45c Fan: 0% Util:100% Core:1890MHz Mem:6801MHz Bus:16

Started: Tue Mar 10 23:13:14 2020

Stopped: Tue Mar 10 23:13:33 2020

PS C:\Users\ly\Desktop\hashcat-5.1.0> .\hashcat -a 3 -m 22100 88888.txt --increment --increment-min 8 --increment-max 12 88888?l?l?l

↧

Multiple GPU Problem

March 11, 2020, 5:26 am

≫ Next: Recovered hashes spreadsheets help

≪ Previous: bitlocker Hash-types Mask Attack ?l?l?l Unable to crack the password correctly

Hello,
Os : Windows 10
Hascat Version: v5.1.0
GPUs : 12 X Manli P106L Mining Card
https://www.techpowerup.com/gpu-specs/ma...6-gb.b6880

I have speed problem

one gpu 5883.6 MH/s for md5
all gpu each one : 1591 - 1913.5 MH/s for md5

I need help.

One GPU Benchmark

Code:
hashcat (v5.1.0) starting in benchmark mode...

Benchmarking uses hand-optimized kernel code by default.

You can use it in your cracking session by setting the -O option.

Note: Using optimized kernel code limits the maximum supported password length.

To disable the optimized kernel code in benchmark mode, use the -w option.

* Device #13: Intel's OpenCL runtime (GPU only) is currently broken.

            We are waiting for updated OpenCL drivers from Intel.

            You can use --force to override, but do not report related errors.

OpenCL Platform #1: NVIDIA Corporation

======================================

* Device #1: P106-090, 1519/6077 MB allocatable, 5MCU

* Device #2: P106-090, skipped.

* Device #3: P106-090, skipped.

* Device #4: P106-090, skipped.

* Device #5: P106-090, skipped.

* Device #6: P106-090, skipped.

* Device #7: P106-090, skipped.

* Device #8: P106-090, skipped.

* Device #9: P106-090, skipped.

* Device #10: P106-090, skipped.

* Device #11: P106-090, skipped.

* Device #12: P106-090, skipped.

OpenCL Platform #2: Intel(R) Corporation

========================================

* Device #13: Intel(R) HD Graphics 510, skipped.

* Device #14: Intel(R) Pentium(R) CPU G4400 @ 3.30GHz, skipped.

Benchmark relevant options:

===========================

* --opencl-devices=1

* --optimized-kernel-enable

Hashmode: 0 - MD5

Speed.#1.........:  5883.6 MH/s (56.70ms) @ Accel:64 Loops:1024 Thr:1024 Vec:1

Started: Wed Mar 11 12:11:51 2020

Stopped: Wed Mar 11 12:12:00 2020

ALL GPU:

Code:
hashcat (v5.1.0) starting in benchmark mode...

Benchmarking uses hand-optimized kernel code by default.

You can use it in your cracking session by setting the -O option.

Note: Using optimized kernel code limits the maximum supported password length.

To disable the optimized kernel code in benchmark mode, use the -w option.

* Device #13: Intel's OpenCL runtime (GPU only) is currently broken.

            We are waiting for updated OpenCL drivers from Intel.

            You can use --force to override, but do not report related errors.

OpenCL Platform #1: NVIDIA Corporation

======================================

* Device #1: P106-090, 1519/6077 MB allocatable, 5MCU

* Device #2: P106-090, 1519/6077 MB allocatable, 5MCU

* Device #3: P106-090, 1519/6077 MB allocatable, 5MCU

* Device #4: P106-090, 1519/6077 MB allocatable, 5MCU

* Device #5: P106-090, 1519/6077 MB allocatable, 5MCU

* Device #6: P106-090, 1519/6077 MB allocatable, 5MCU

* Device #7: P106-090, 1519/6077 MB allocatable, 5MCU

* Device #8: P106-090, 1519/6077 MB allocatable, 5MCU

* Device #9: P106-090, 1519/6077 MB allocatable, 5MCU

* Device #10: P106-090, 1519/6077 MB allocatable, 5MCU

* Device #11: P106-090, 1519/6077 MB allocatable, 5MCU

* Device #12: P106-090, 1519/6077 MB allocatable, 5MCU

OpenCL Platform #2: Intel(R) Corporation

========================================

* Device #13: Intel(R) HD Graphics 510, skipped.

* Device #14: Intel(R) Pentium(R) CPU G4400 @ 3.30GHz, skipped.

Benchmark relevant options:

===========================

* --optimized-kernel-enable

Hashmode: 0 - MD5

Speed.#1.........:  1646.4 MH/s (56.72ms) @ Accel:64 Loops:1024 Thr:1024 Vec:1

Speed.#2.........:  1647.0 MH/s (57.50ms) @ Accel:64 Loops:1024 Thr:1024 Vec:1

Speed.#3.........:  1647.1 MH/s (57.36ms) @ Accel:64 Loops:1024 Thr:1024 Vec:1

Speed.#4.........:  1591.2 MH/s (59.66ms) @ Accel:64 Loops:1024 Thr:1024 Vec:1

Speed.#5.........:  1724.4 MH/s (57.47ms) @ Accel:64 Loops:1024 Thr:1024 Vec:1

Speed.#6.........:  1666.7 MH/s (58.25ms) @ Accel:64 Loops:1024 Thr:1024 Vec:1

Speed.#7.........:  1640.9 MH/s (57.27ms) @ Accel:64 Loops:1024 Thr:1024 Vec:1

Speed.#8.........:  1667.5 MH/s (59.23ms) @ Accel:64 Loops:1024 Thr:1024 Vec:1

Speed.#9.........:  1667.6 MH/s (57.57ms) @ Accel:64 Loops:1024 Thr:1024 Vec:1

Speed.#10.........:  1752.7 MH/s (56.79ms) @ Accel:64 Loops:1024 Thr:1024 Vec:1

Speed.#11.........:  1913.5 MH/s (59.07ms) @ Accel:64 Loops:1024 Thr:1024 Vec:1

Speed.#12.........:  1905.4 MH/s (58.32ms) @ Accel:64 Loops:1024 Thr:1024 Vec:1

Speed.#*.........: 20470.4 MH/s

Started: Wed Mar 11 12:08:43 2020

Stopped: Wed Mar 11 12:09:17 2020

↧

Recovered hashes spreadsheets help

March 11, 2020, 5:34 am

≫ Next: No hashes loaded

≪ Previous: Multiple GPU Problem

Hi, i'm fairly new to the picture, just got a handle on output files and management. I run an attack on a file that has usernames and hashes formatted like

Code:
username:hash

by running --username hashcat ignores the first field and analizes only the hashes.
after the attack if remove the dictionaries and run

Code:
--username --show outputfile.txt

the program saves in the outputfile.txt the recovered hashes in the format

Code:
username:hash:recoveredPass

The question is the following, can anybody reccomend a way to pull the results from the file into an excel file divided by ordinated columns : username / hash and recovered passes?

↧

No hashes loaded

March 11, 2020, 1:55 pm

≫ Next: Is my psu dead?

≪ Previous: Recovered hashes spreadsheets help

Hello, I'm just new to hashcat and cybersecurity, in general, I don't know if someone had the same error as mine, in this case I'll delete the post to avoid useless spam. I got this error:
hashcat (v3.00) starting...

WARNING: Hash 'Desktop/voda.hccapx': Invalid eapol size
WARNING: Hash 'Desktop/voda.hccapx': Invalid eapol size
WARNING: Hash 'Desktop/voda.hccapx': Invalid eapol size
WARNING: Hash 'Desktop/voda.hccapx': Invalid eapol size

ERROR: No hashes loaded

Can anyone help me?
Thanks.

↧

Is my psu dead?

March 12, 2020, 3:31 am

≫ Next: Intercept zip decryption key or files from an application

≪ Previous: No hashes loaded

So the story is i have an i3 4170 with a new rx570 using a 520w 80 plus psu(not a known brand). After 3 and a half years of using the psu my computer started freezing with a buzzing noise coming out.After a couple of freezes in a day it started restarting every 5 seconds and now there is no power at all.I swapped out motherboard and cpu but it refused to work once again.My question is,is my psu dead?Im willing to buy a new one but i dont know if thats the problem yet.I should also mention that the ram is no older than 6 months too.

↧

Intercept zip decryption key or files from an application

March 12, 2020, 6:10 am

≫ Next: Weird behaviour when cracking RAR?

≪ Previous: Is my psu dead?

If an application is reading from a password protected zip file, is there a way to intercept the key being sent to decrypt the zip file. Or, is there a way to dump the files being read themselves?

↧

Weird behaviour when cracking RAR?

March 7, 2020, 9:43 am

≫ Next: Advice for a bcrypt hash

≪ Previous: Intercept zip decryption key or files from an application

Hello,

First of all, thanks for this wonderfull piece of software. Ive been playing with it a bit and I am impressed.

However, I ran into some weird behaviour and was wondering if someone might have some insight.

I am cracking a rar file. To do this, I first generated some test files of which I know of course the password.
I noticed some of those were being cracked, some not. So I ran some tests and I noticed that rar files with longer passwords were not being cracked, even though the correct password was in the dictionary file?

I created for now several rar files (I tried attaching them, but is not allowed). The filename is the same as the password:

test.rar --> cracked
longertest.rar --> cracked
evenlongertest.rar --> cracked
evenevenlongertest.rar --> cracked
evenevenevenlongertest.rar --> exhausted
evenevenevenevenlongertest.rar --> exhausted

the process is the same everytime: extract hash with rar2john, than hashcat on extracted hash (I understand hashes need to be removed, so I did):

hashcat -a 0 -m 12500 '$RAR3$*0* REST OF HASH' password.txt

Same password file, which has the passwords (= filenames) of the above test files.

Am I missing something? Is there a maximum password length (if so, why no error is thrown, just exhausted?)?
Can anybody reproduce this maybe?

Many thanks,

↧

Advice for a bcrypt hash

March 12, 2020, 9:01 am

≫ Next: Weird behaviour when cracking RAR?

≪ Previous: Weird behaviour when cracking RAR?

Hello everyone,

I started to work with hashcat last week and I managed to crack some hashes on my own but I struggle with a bcrypt hash that looks like this: $2a$08$randomThings.moreRandomThings. (Unfortunately, it has not been cracked by hashed.org yet...)
First question: have I correctly identified the hash and am I right to use -m 3200?

I started with a brute force/mask attack like so: hashcat -m 3200 -a 3 -w4 hashfile maskfile
I was then kindly told by my computer that it will take it 5 years and a half to perform its calculations!!!

I read on a different thread that I'd better use my CPU instead of my GPU for a bcrypt hash. So I added -D 1 to the previous command and my computer now tells me that it "only" needs 2 years and a half (that's better^^).

However, since I have no information about the password, I don't really know how I can help hashcat to crack this hash.
Can I use both a mask and a dictionary attack at the same time? I know an old password used by the same user (only lower case letters and a year) that I could not find on any word list. Maybe this can help...

Any advice form you guys would be helpful.

↧

Weird behaviour when cracking RAR?

March 7, 2020, 9:43 am

≫ Next: history hash

≪ Previous: Advice for a bcrypt hash

↧

history hash

March 12, 2020, 2:01 pm

≫ Next: Hash Extraction

≪ Previous: Weird behaviour when cracking RAR?

Hi, everybody. Please tell me how I can get information about all hacked hashes in the Linux operating system ? If I type in the terminal:

Code:
hashcat --show

then a message appears:

Code:
Usage: hashcat [options]... hash|hashfile|hccapxfile [dictionary|mask|directory]...

Try --help for more help.

I look at the help, and this parameter is specified there, but it does not display anything, what should I do?
For example, there is no such problem on the Windows operating system, the --show parameter works.
Thanks

↧

Hash Extraction

March 12, 2020, 6:12 pm

≫ Next: help me

≪ Previous: history hash

So, I have my .cap file, I've converted it to .hccapx, now I would like to view/extract the hash itself. How would I accomplished this ?

Thank you.

↧

help me

March 12, 2020, 7:40 pm

≫ Next: password length

≪ Previous: Hash Extraction

how to crack pdf hash

/root/test.pdf:$pdf$4*4*128*-4*1*0**32*e59556afa7d0e318fecd41eaa0786c396113efad0325edee1775f2fbe698331b*32*818d2c18cecc9cd396aa97f1985fef0422dd9f10c5abd55a4832fa252af892bf

↧

password length

March 13, 2020, 11:06 am

≫ Next: Is any benchmark of INTEL cpu s ?

≪ Previous: help me

Hello guys,

i was wondering, is there a way to scan with hashcat how long a pw is?
i do have a wallet.dat but i am absolut clueless how i should set the commands if i dont know how long die PW is.
Any ideas?
Kind Regards
Abravarietas

↧

Is any benchmark of INTEL cpu s ?

March 14, 2020, 5:11 pm

≫ Next: Hashcat Capabilities

≪ Previous: password length

Hello , i am intresting in buing of xeon for Scrypt hash.
What can i expect from e5-2699v3 in Scrypt?
My i7-8700k speed is ~27 h/s

↧

Hashcat Capabilities

March 14, 2020, 8:05 pm

≫ Next: cap2hccapx

≪ Previous: Is any benchmark of INTEL cpu s ?

I came across hashcat today and it seems like it is potentially a much better version of the code I have currently been writing on my own. My question is, when using a brute force attack, can I specify dimensions as specific as: 40 characters, 30 unique (13 upper, 12 lower, 5 numbers), with the last 10 characters being repeated. I don't know the order so I can't just ?d my way to it, but using ?a will take much longer than using the specifications I have narrowed it down to.

Is this something I am able to do with this program?

↧

cap2hccapx

March 16, 2020, 6:32 am

≫ Next: How to use Hashmode: 2501

≪ Previous: Hashcat Capabilities

I have installed the latest version of The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) Linux(2020.1) and for some reason, I have the cap2hccapx.bin file, but everytime I try to run:
sudo cap2hccapx.bin tim192.cap tim192.hccapx
it says:
sudo: cap2hccapx.bin: command not found
pls help me, I know maybe this is stupid but I'm new to cybersecurity.

↧

How to use Hashmode: 2501

March 16, 2020, 6:41 am

≫ Next: Bitcoin encryption algorithm

≪ Previous: cap2hccapx

HI TO ALL,
I WANT BRUTE-FORCE WITHOUT PASSWORDLIST.TXT BY HASHMODE: 2501 FOR CRACKING WPA/WPA2 .CAP HANDSHAKE FILE. OR ANY FASTEST WAY EVER.

IS THERE ANYONE TO GUIDE ME?

↧

Bitcoin encryption algorithm

March 16, 2020, 8:24 am

≫ Next: Connect two PCs

≪ Previous: How to use Hashmode: 2501

Hello everyone!

I want to implement a bitcoin wallet password crack algorithm on my own, or at least to understand how it works. I hope you help me to reinvent this wheel) i didnt manage to get enougth info on that, but need to.

As far as i learned, the result of bitcoin2john.py gives the hash, that contains master key, salt, number of iterations and some public keys, that refer to operations with the wallet. Also, i got that the whole algorithm consists of two steps:

1. password+salt are hashed with SHA512 a number of times, defined in the wallet

2. master_key in the wallet is encrypted with the resulted hash using AES256.

So, i get some password that i think must work, concatenate it with salt from the wallet, then SHA512 a number of times from the wallet, then AES256 with the master_key from the wallet, and... how i check that the result is correct? Or my understanding is entirely wrong?

Help me, please. =_=

↧