Hashcat fails on MacBook hardware. Any cloud suggestions?

May 26, 2020, 7:59 am

≪ Previous: Make a word list with hashcat

I am trying to learn hashcat for educational/white-hat purposes. It seems that whenever I run the tool using larger wordlists and/or masks of average complexity, it dies out with this error:
[i]Abort trap: 6[/i]
I believe this means that the device ran out of memory or something.
I have read on GitHub that MacBooks seem to be an unsuitable platform for hashcat, hardware-wise. So I am thinking of standing up a Linux environment on the cloud someplace for testing, like on AWS possibly.
Any recommendations for something like that?

↧

SHA-256 64 char password

May 26, 2020, 9:13 am

≫ Next: Missing characters from hashcat brute-force?

≪ Previous: Hashcat fails on MacBook hardware. Any cloud suggestions?

Hi there, my name is Lok, and i'm not a english native speaker, so i will ask for patience with my english in advance :p

I've just recently downloaded the hashcat newest version and i'm struggling with this task
i need to crack a password that's 64 characters long and was hashed with SHA-256
i know for a fact that it is 64 characters long, so i think to "tell" that to hashcat would make it calculate faster
also the possible characters are digits and lowercase

how should i configure the commandline for hashcat to crack it?

↧

Missing characters from hashcat brute-force?

May 26, 2020, 10:16 am

≫ Next: Can semi broken gpu still work for hashcat?

≪ Previous: SHA-256 64 char password

hello,

is there any possibility there are missing characters from the implemented brute force attack of hashcat?

So in my case looking for MD5, which is 8 charcaters long.
hashcat64 --force -D 1,2,3, -m 0 -O -i --increment-min=8 --increment-max=8 --hwmon-disable -a 3 -o X:\md5.cracked X:\md5.crack

Session..........: hashcat
Status...........: Exhausted
Hash.Name........: MD5
Hash.Target......: 397e531bf3da8e8ef982103c29XXXXXX
Time.Started.....: Tue May 26 18:56:59 2020 (5 mins, 17 secs)
Time.Estimated...: Tue May 26 19:02:16 2020 (0 secs)
Guess.Mask.......: ?1?2?2?2?2?2?2?3 [8]
Guess.Charset....: -1 ?l?d?u, -2 ?l?d, -3 ?l?d*!$@_, -4 Undefined
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 17589.5 MH/s (1.78ms) @ Accel:1024 Loops:256 Thr:32 Vec:4
Speed.#2.........: 545.0 MH/s (10.98ms) @ Accel:256 Loops:64 Thr:16 Vec:4
Speed.#*.........: 18134.5 MH/s
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 5533380698112/5533380698112 (100.00%)
Rejected.........: 0/5533380698112 (0.00%)
Restore.Point....: 68734368/68864256 (99.81%)
Restore.Sub.#1...: Salt:0 Amplifier:80128-80352 Iteration:0-256
Restore.Sub.#2...: Salt:0 Amplifier:80320-80352 Iteration:0-64
Candidates.#1....: v7qex2v$ -> Xqxqxqg$
Candidates.#2....: 7z7dvo6$ -> Xqxq76z$

So you will think okay the PW is not 8 characters right? Then I went to https://www.onlinehashcrack.com/ and they cracked it. And yes it is 8 character. How is this possible?

When the brute force option doesn't cover all possible characters, then is it possible to use an option which uses it?

Or in this case I should use something like:
hashcat64 --force -D 1,2,3, -m 0 -O -i --increment-min=8 --increment-max=8 --hwmon-disable -a 3 -o X:\md5.cracked X:\md5.crack (somewhere I need to specify ?s?s?s?s?s?s?s?s ??? )

↧

Can semi broken gpu still work for hashcat?

May 26, 2020, 6:48 pm

≫ Next: Rule for targetting CamelCase passwords?

≪ Previous: Missing characters from hashcat brute-force?

I keep seeing on ebay about sellers says display doesnt work on a gpu, would it affect using hashcat or does it depend if theres more problems than "no display" on the monitor.

↧

Rule for targetting CamelCase passwords?

May 26, 2020, 6:50 pm

≫ Next: 2nd life for 1070 cards - preferred cooling solution

≪ Previous: Can semi broken gpu still work for hashcat?

I'm trying to crack a hash I created which I know has a CamelCase password.
I'm using the rockyou wordlist and was trying to find out if there are pre-existing rules to target CamelCase passwords. It would have to take 2 words from the dictionary, capitalise the first letter, then combine them (much like the combinator attack)

Any suggestions would be awesome

↧

2nd life for 1070 cards - preferred cooling solution

May 27, 2020, 3:15 am

≫ Next: Combinator attack - hashcat internals

≪ Previous: Rule for targetting CamelCase passwords?

Does anyone here have experience with the Arctic Accelero III GPU cooler?

https://www.youtube.com/watch?v=A_xqBidOjpQ

I have a number of 1070 cards that I was mining with, but I might use some of them in a hashcat rig. Before I put them in a case, I wanted to give them a better cooling solution. I could invest in water cooling for this, but that is extra expense and work.

I usually only run 2 GPUs per hashcat rig, so the extra space that the Accelero III cooler uses shouldn't be a problem.

The 75mm fans (40mm mounting) on the Gigabyte 1070 cards that I have been using have been reaching end of life because they only use a sleeve bearing that wears out quickly.

Possible solutions include buying replacement fans from AliExpress, finding replacement fans that use another bearing (like ball bearing), go to water cooling, or going to an aftermarket cooling solution like this one. The Accelero III is supposed to use a fluid dynamic bearing for its 3 fans, which, I have read, is supposed to last longer than both a sleeve bearing fan and a ball bearing fan.

It appears to be a good way to go, but I'm curious what the preferred cooling solutions are these days, especially for the Nvidia GTX 10 series cards.

↧

Combinator attack - hashcat internals

May 27, 2020, 5:07 pm

≫ Next: Save restore file each NUM seconds

≪ Previous: 2nd life for 1070 cards - preferred cooling solution

Hello folks,

Based on some bcrypt cracking experiments with combinator attack with same dictionary used as dict1 and dict2 and princeprocessor with this dictionary and "min/max elements in chains" = 2 (so, this is basically combinator attack using pp, same keyspaces), I have got quite interesting numbers - prince attack is much faster than combinator attack.

Prince attack is performed using a traditional way - "pp.bin | hashcat" so generation/cracking phrase overlaps as we dont need to wait until pp creates a final big dictionary and just then run hashcat with that big dictionary.

BTW, is password piping the best solution?

As the results for combinator attack are worse, I am wondering how hashcat internally performs combinator attack and I would liek to possibly find explanation why prince attack is significatly faster here.

A) does it combine dictionaries at the start and then distribute "combined wordlist" to GPU to crack candidate passwords?
B) does it combine passwords from both dictionaries on CPU at the same time also cracks them on GPU? (generation/cracking phrase overlaps)
C) does it combine passwords directly on GPU somehow too?
D) ... ?

↧

Save restore file each NUM seconds

May 28, 2020, 7:01 am

≫ Next: Improved Mask Attack

≪ Previous: Combinator attack - hashcat internals

Hello.

I would like to configure an attack so that the restore file is saved each 600 seconds.

I have installed the v5.1.0 beta version of HashCat.

I have seen that in previous versions the parameter “--restore-timer = NUM ---> Save restore file each NUM seconds” existed, but in this version I cannot find it.

How should I do it?

A greeting.

↧

Improved Mask Attack

May 28, 2020, 11:32 am

≫ Next: Hashcat Mask Attack

≪ Previous: Save restore file each NUM seconds

If I already knew the first 2 letters of a password or at the very least the range of what the first 2 letters are, is it possible to limit mask attack to these only?

Like I know that the first 2 letters are numbers from 1-25, can I limit hashcat to these only?

↧

Hashcat Mask Attack

May 28, 2020, 12:47 pm

≫ Next: 7 GPU Motherboards

≪ Previous: Improved Mask Attack

Hi,

I need hashcat to use a specific mask attack, how can I make/use specific charsets that I have made up?

"
1st Character
1-2

2nd Character
0-5, -

3rd Character
-, abcd, ABCD, 0-9

4th Character - 22/23th Character
abcd
ABCD
0-9

"

Experts can you help?

↧

7 GPU Motherboards

May 28, 2020, 12:57 pm

≫ Next: How long to decrypt SHA256

≪ Previous: Hashcat Mask Attack

Will it actually fit 7 units of RTX 2080 TI's?

↧

How long to decrypt SHA256

May 29, 2020, 8:24 am

≫ Next: Brain server can't write above 4GB

≪ Previous: 7 GPU Motherboards

How long to decrypt SHA256(23 character password mask attack) with 7 GPU cards?

Is there some way of calculating how long decryption would take? is there a calculator somewhere?

↧

Brain server can't write above 4GB

May 29, 2020, 9:52 am

≫ Next: hashcat 6.2.4 problem - it doesnt run

≪ Previous: How long to decrypt SHA256

OS: Win10
Hashcat: found on beta 1774, tested and verified on beta 1807

Brainserver

Code:
hc --brain-server

Client

Code:
hc -m 0 -a 0 -O -z --brain-client-features=1 --brain-password=0000000000000000 0123456789abcdef0123456789abcdef dict.dic -r rules\dive.rule

Quote:1590552137.126935 | 67.14s | 0 | Wrote 4274278992 bytes from session 0x54d586c0 in 3950.13 ms
1590552137.127936 | 0.00s | 0 | Wrote 0 bytes from attack 0xce7edf05 in 0.26 ms
1590552568.477292 | 431.35s | 1 | C | 1539.12 ms | Hashes: 1453712
1590552569.332072 | 0.85s | 1 | L | 829.34 ms | Long: 535738586, Inc: 2228224, New: 913715
1590552570.329519 | 1.00s | 1 | L | 560.60 ms | Long: 535738586, Inc: 1314509, New: 547767
1590552743.492558 | 173.16s | 0 | Wrote 4285908688 bytes from session 0x54d586c0 in 3942.89 ms
1590552743.492558 | 0.00s | 0 | Wrote 0 bytes from attack 0xce7edf05 in 0.22 ms
1590553065.668118 | 322.18s | 1 | C | 2750.89 ms | Hashes: 1461482
1590553066.538457 | 0.87s | 1 | L | 845.53 ms | Long: 537200068, Inc: 2228224, New: 962131
1590553067.523353 | 0.99s | 1 | L | 554.01 ms | Long: 537200068, Inc: 1266093, New: 561895

At this point nothing more happens, no errors. But the brain.54d586c0.ldmp file is now only 2.5MB

It seems to me that first time it tries to write to the ldmp file where write-size is above 4GB, it writes only the part above 4GB and the brain server gets stuck. At this point the brain-server can only be killed from task manager.

↧

hashcat 6.2.4 problem - it doesnt run

October 22, 2021, 7:55 pm

≫ Next: mode 3000(LM) skip 0x61~0x7A even if ?b used

≪ Previous: Brain server can't write above 4GB

hi team, i am very new to this. i found an article online explaining how to use hashcat5.1.0 that i can successfully crack the example passwords. i am trying to crack my own wifi password using it, i have a gtx3090 and an amd5950x cpu. when i run 5.1.0 with the md5 version of my wifi's .pcap file (that i retrieved with an pwnagotchi) the time remaining is 1 minute then it becomes hours after the first minute is up.

i thought i would download the latest version of haschat but when i try running it (using the command hashcat.exe -m0 -a3 -o cracked.txt hash.txt) , i get the following:

Code:
C:\Users\Murat\Downloads\hashcat-6.2.4\hashcat-6.2.4>hashcat.exe -m0 -a3 -o cracked.txt hash.txt

hashcat (v6.2.4) starting

* Device #1: WARNING! Kernel exec timeout is not disabled.

            This may cause "CL_OUT_OF_RESOURCES" or related errors.

            To disable the timeout, see: https://hashcat.net/q/timeoutpatch

* Device #2: WARNING! Kernel exec timeout is not disabled.

            This may cause "CL_OUT_OF_RESOURCES" or related errors.

            To disable the timeout, see: https://hashcat.net/q/timeoutpatch

CUDA API (CUDA 11.1)

====================

* Device #1: GeForce RTX 3090, 23336/24576 MB, 82MCU

OpenCL API (OpenCL 1.2 CUDA 11.1.96) - Platform #1 [NVIDIA Corporation]

=======================================================================

* Device #2: GeForce RTX 3090, skipped

Minimum password length supported by kernel: 0

Maximum password length supported by kernel: 256

Hashes: 1 digests; 1 unique digests, 1 unique salts

Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates

Optimizers applied:

* Zero-Byte

* Early-Skip

* Not-Salted

* Not-Iterated

* Single-Hash

* Single-Salt

* Brute-Force

* Raw-Hash

ATTENTION! Pure (unoptimized) backend kernels selected.

Pure kernels can crack longer passwords, but drastically reduce performance.

If you want to switch to optimized kernels, append -O to your commandline.

See the above message to find out about the exact limits.

Watchdog: Temperature abort trigger set to 90c

nvrtcCompileProgram(): NVRTC_ERROR_INVALID_OPTION

nvrtc: error: invalid value for --gpu-architecture (-arch)

* Device #1: Kernel ./OpenCL/shared.cl build failed.

* Device #1: Kernel ./OpenCL/shared.cl build failed.

Started: Sat Oct 23 13:54:11 2021

Stopped: Sat Oct 23 13:54:12 2021

can anyone please let me know what i have to do to get it running, and whether its even possible to crack my wifi password (which is only random characters that my isp provided)

thank you

↧

mode 3000(LM) skip 0x61~0x7A even if ?b used

October 23, 2021, 2:03 am

≫ Next: Radeon RX5700 XT + ubuntu 20.04 LTS

≪ Previous: hashcat 6.2.4 problem - it doesnt run

Hi, I'm trying to crack a LM hash, but I found that hashcat can't crash hashes if they're from password contains 0x61~0x7A

Here are 2 hashes I tested

bc7428e54df23ab9:$HEX[a141]
cda35c9a7e8590be:$HEX[a161]

If I use:

Code:
hashcat -m 3000 -a 3 hashes ?b?b

Only the first one would be found

Is there anything I can do to force hashcat to use all 0x00~0xFF ?

btw, the hashcat version is 6.2.4

↧

Radeon RX5700 XT + ubuntu 20.04 LTS

October 23, 2021, 8:52 am

≫ Next: How to clean a wordlist?

≪ Previous: mode 3000(LM) skip 0x61~0x7A even if ?b used

I have tried to install amdgpu and ROCm, but it only works with my processor Ryzen 9 3900X and can't recognize the gpu.

GPU: AMD Radeon RX5700 XT

lsb_release -a:
LSB Version:    core-11.1.0ubuntu2-noarch: security-11.1.0ubuntu2-noarch
Distributor ID: Neon
Description:    KDE neon User - Plasma 25th Anniversary Edition
Release:        20.04
Codename:       focal

uname -r:
5.8.0-050800-generic

./hashcat.bin -I: (the latest beta version has been used and a few other)
OpenCL Info:
============

OpenCL Platform ID #1
Vendor..: Intel(R) Corporation
Name....: Intel(R) OpenCL
Version.: OpenCL 1.2 LINUX

Backend Device ID #1
Type...........: CPU
Vendor.ID......: 8
Vendor.........: Intel(R) Corporation
Name...........: AMD Ryzen 9 3900X 12-Core Processor
Version........: OpenCL 1.2 (Build 37)
Processor(s)...: 24
Clock..........: 0
Memory.Total...: 64329 MB (limited to 8041 MB allocatable in one block)
Memory.Free....: 32132 MB
OpenCL.Version.: OpenCL C 1.2
Driver.Version.: 1.2.0.37

What should I do to make it run correctly?

↧

How to clean a wordlist?

October 23, 2021, 10:38 am

≫ Next: How to write a wordlist

≪ Previous: Radeon RX5700 XT + ubuntu 20.04 LTS

Can Hashcat be used to clean out invalid entries from a wordlist?
I see that some wordlists have as much as 30% rejection ratio with Hashcat.
Must be a bit of time to save here.

↧

How to write a wordlist

October 23, 2021, 12:23 pm

≫ Next: RTX 3080 ti LHR speed bug

≪ Previous: How to clean a wordlist?

How to write a wordlist

my password : abc123456testpassword%$,abcabc123456testpassword,abcabc123456abctestpassword%$??

How can I write a rule?

I forgot the case of the password and the specific length?

Hope to get a reasonable rule

And how to compare passwords that have been tested before

↧

RTX 3080 ti LHR speed bug

October 23, 2021, 6:12 pm

≫ Next: Utf32 support

≪ Previous: How to write a wordlist

I have last nvidia driver, CUDA 11.5 and hashcat 6.2.4 version installed. I'm running on a RTX 3080 ti LHR. My issue is that hashcat is running insanly slow. For example if I run: hashcat.exe -m 100 -a 0 7e833a995c978d9037139017423f45aafc0e8449 rockyou.txt -O It takes 6 minutes to run, but if I run the same command on my 1060 laptop it runs in only 1 second.
Another weird thing that happens is, the first seconds when I run the command I get:
Time.Estimated: 0 secs
Speed.#1.........: 12871.4 kH/s
But after 5 seconds I get:
Time.Estimated: 1 sec
Speed.#1.........: 2220.7 kH/s
If I keep pressing "s" (status) the Speed keeps decreasing.
I have tried with MD5 too. But same issue.
I takes 6 minutes to finish but it should only take less than 1 second to run. So something is very wrong :/
I hope someone can help me.

↧

Utf32 support

October 24, 2021, 3:00 am

≫ Next: hashcat—bitcoin

≪ Previous: RTX 3080 ti LHR speed bug

hashcat support mode: 1770 = sha512(utf16le($pass))

How can I add support for this mode?

sha512(utf32le($pass))

Do I need to patch hashcat source code to add a custom mode or it can be achieved by some rules?

↧