Quantcast
Channel: hashcat Forum - All Forums
Viewing all 7847 articles
Browse latest View live

hashcat—bitcoin

October 24, 2021, 10:14 am
$
0
0
Code:
hashcat binaries
v6.2.4

python bitcoin2john.py wallet.dat

$bitcoin$64$9de529051d808b5d........4c8$16$0979...368cb$49019$2$00$2$00

./hashcat.exe -m 11300 $bitcoin$64$9de529051d808b5d........4c8$16$0979...368cb$49019$2$00$2$00  ????


I want to know the command. I won't use it


thank you


------------

./hashcat.exe -a 0 -m 11300 ./hash.txt ./wordlist.txt -O -w 3
How to convert the password file wordlist.txt to hash.txt
Search

John the Ripper and AMD Threadripper 64 core

October 25, 2021, 9:13 am
$
0
0
Sorry folks - I know this is an odd place to ask about JTR, also Mods apologies if inappopriate I won't ragequit if the thread is removed.

Does anyone know the answer to the following question OR can anyone point me at a more appropriate forum to ask this question:

Will John the Ripper use all of the cores available on a 64 core AMD ThreadRipper?

Error

October 26, 2021, 1:43 pm
$
0
0
Hi guys I am getting this error :
Hashfile 'wpa2.hccapx' on line 1 (HCPX♦): Separator unmatched
Hashfile 'wpa2.hccapx' on line 2 (á`ö╥sΣ...π)╗  tπΩ6╖â∟òö«╥&⌡·Ö♀≤sgáΦå¬Dâ►y): Separator unmatched
Hashfile 'wpa2.hccapx' on line 3 (): Separator unmatched
Hashfile 'wpa2.hccapx' on line 4 (á`ö╥sΣ...π)╗  tπΩ6╖â∟òö«╥&⌡·Ö♀≤sgáΦå¬Dâ►y): Separator unmatched
Hashfile 'wpa2.hccapx' on line 5 (): Separator unmatched
Hashfile 'wpa2.hccapx' on line 6 (Σ├*≥,→...╟úô8╘♣±/RX∞)╒µì╧8╡-YJ«▼≈L≤s☺gÑ⌡y): Separator unmatched
Hashfile 'wpa2.hccapx' on line 7 (): Separator unmatched
Hashfile 'wpa2.hccapx' on line 8 (Σ├*≥,→...╟úô8╘♣±/RX∞)╒µì╧8╡-YJ«▼≈L≤s☺gÑ⌡y): Separator unmatched
Hashfile 'wpa2.hccapx' on line 9 (): Separator unmatched


while running this command :- hashcat.exe -m 22000 -a 3 wpa2.hccapx ?d?d?d?d?d?d?d

It looks like something's wrong with m4510 and m4710

October 27, 2021, 2:34 pm
$
0
0
Hello!

I noticed that optimized kernels for modes: 4510 and 4710 don't support salt length they are supposed to support (51 max length in both cases). Seems like there is an error with sha1 transform because whenever data block size is bigger than 55 bytes hash won't be cracked even if correct hash, salt and plain is given. This sadly leaves us with max salt length 15 (m4510) and 23 (m4710). This has been tested on hashcat 6.2.4 but it looks like kernels haven't been modified for 13 months so I assume hashcat version isn't the issue here.

Cheers!

zip hash noob question

October 28, 2021, 1:48 am
$
0
0
Hi everyone, I recently had to (try) to crack a zipped file hash.

What I did was extracting the hash with zip2john and search the header of the hash in the hashcat example hashes I cannot find any exact match.

The one I got is $pkzip2$2*2*1*0*8*24 .

So my question is, is there any mod in hashcat that can correctly generate such a hash?

I can see from zip2john source code what those values refer to but still not sure whether hashcat can compute that hash and if yes, which module can do it successfully.


Thanks!!

Help w/ build

October 29, 2021, 8:57 am
$
0
0
Hello all,

I want to start a build but have some questions. I'm super familiar with most consumer PC components, and through my job as a sysadmin have built/fixed my share of workstations, but find myself lost when it comes to how to power a rig with 4-8 cards in it.

I want to build a cracking rig with 4x GPUs and possibly have room for expansion to eight. I've done a bit of reading and have an idea of what kind of CPU, RAM, etc., but I'm not sure how this works in terms of the PSU(s) and probably the motherboard too. Are there single PSUs that are large enough to power that many GPUs? Or do I need several PSUs?

If these builds need several PSUs, do they live in the chassis or are they external? Do I need a special motherboard to interface with multiple PSUs?

If anyone has a link to a blog or article that details each component of a cracking rig from the last year or two, I would love to take a look at it. Also, if anyone has recommendations on a rack-mounted chassis and motherboard, I would very much appreciate those as well! As I understand, I need a CPU with 10+ cores if I wanted to have 8 GPUs, so I've been leaning towards a 5900x, unless there's a Xeon build that will be cheaper (which I'm curious about given the motherboards that are made for Xeons vs consumer CPUs).

Lots of questions here, thanks for any answers!

How would this work for cracking?

October 31, 2021, 12:36 pm

Hashcat on Apple silicon?

November 1, 2021, 2:17 am
$
0
0
Quick question: I have this Apple laptop coming with a M1 pro chip. My colleagues from the ethical hacking team are interested to know how good it is with tasks such as Hashcat. Only thing I know is the chip is very fast in certain tasks but mainly when using software that is optimized for the (ARM based) M1 chip. Not sure if it has benifits if run under Rosetta (used for running sw intended for intel based macs).

Can anyone please tell me what the current posibilities are running Hashcat on macs or even M1 macs? Only thing I can offer in return is to let you know the results of any tests.

Appriciate it!
Search

How to combine white space characters with masks

November 1, 2021, 1:45 pm
$
0
0
I am performing an attack that requires thousands of masks, resulting in tens of trillions of passwords and that is al fine.
But now I need to check for white space characters (space, return) in combination with those masks, and I do not know how to do so.
Previously create a rule set to prepend and append white space characters:
https://hashcat.net/forum/thread-9951.ht...+character
but hashcat does not allow combining masks and rules.

So my question is, is there a (best) way to incorporate these characters in my masks? As further restriction, I am already using all 4 custom character slots and am nearing the computation limits. Storing all passwords and making it a password attack probably does not fit on my hard disk, so that is also a poor solution for me. I prefer not add these characters to one of my 4 custom character sets, and preferably I do not use "?s" since it does not contain net line characters and contains other characters that would slow down the attack. So many restrictions to take into account
Any hints are appreciated.

Need help Verberos username contains a $

November 2, 2021, 2:30 pm
$
0
0
Hi,

This is the hash :
19900 | Kerberos 5, etype 18, Pre-Auth
$krb5pa$18$pc-nilux-me$$NILUX.ME$39eac3cf5ceb6ef4....

The problem is from the username that has a $ symbole at the end.

And Hashcat alerts that as a error of seperator so is that exist an option to change that ?

Best regards.

.png   Snipaste_2021-11-02_22-30-34.png (Size: 65.11 KB / Downloads: 1)

Sha255 with custom amount of iterations.

November 2, 2021, 8:59 pm
$
0
0
Hey! I'm looking to crack some hashes that are basically pass.salt sha256 but with 1024 iterations. I can't see any reference regarding iterations in hashcat docs. Any easy way to accomplish this? Maybe modify the implementation of the hastype 1410 but I'm not sure where to go code wise.

too slow ntlm

November 3, 2021, 10:26 am
$
0
0
HI, i have win10 + rx 5700 xt

When im using bench it shows me 

Code:
-----------------------
* Hash-Mode 1000 (NTLM)
-----------------------

Speed.#1.........: 40515.0 MH/s (65.72ms) @ Accel:2048 Loops:1024 Thr:64


looks ok, but on real ONE hash it shows me 


Code:
Session..........: 2021-10-21
Status...........: Running
Hash.Mode........: 1000 (NTLM)
Hash.Target......: 6***c92955fe7***6e2e291682fbf***
Time.Started.....: Wed Nov 03 19:18:12 2021 (4 mins, 3 secs)
Time.Estimated...: Tue Jan 23 19:51:06 2024 (2 years, 81 days)
Kernel.Feature...: Optimized Kernel
Guess.Mask.......: ?1?1?1?1?1?1?1?1 [8]
Guess.Charset....: -1 ?d?l?u, -2 Undefined, -3 Undefined, -4 Undefined
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:  3115.9 kH/s (1.84ms) @ Accel:4096 Loops:1 Thr:32 Vec:1
Recovered........: 0/1 (0.00%) Digests
Progress.........: 752353280/218340105584896 (0.00%)
Rejected.........: 0/752353280 (0.00%)
Restore.Point....: 752353280/218340105584896 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-1
Candidate.Engine.: Host Generator + PCIe
Candidates.#1....: 1vFkDANA -> i4EwONAN
Hardware.Mon.#1..: Temp: 47c Fan: 25% Util:  0% Core:  10MHz Mem: 520MHz Bus:16

and this result i have with 8k hashes from file:
Code:
Kernel.Feature...: Pure Kernel
Guess.Mask.......: ?1?1?1?1?1?1?1?1 [8]
Guess.Charset....: -1 ?d?l?u, -2 Undefined, -3 Undefined, -4 Undefined
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:  7288.4 kH/s (1.88ms) @ Accel:2048 Loops:1 Thr:32 Vec:1

coolers on fire while benchmark is running, but silence when bruteforce attack.

What is that, can anyone help me?

Separator unmatched - file hccapx

November 3, 2021, 2:14 pm
$
0
0
Hello. I recently watched this video file of cracking wifi password:



i used The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) linux on vmware virtual machine. I successfully found handshake, got cap file. I converted it to a hccapx file.

When i try to use this hccapx file in hashcat (does not matter if with brute force or dictionary) it says:

Hashfile 'wpa2.hccapx' on line 1 (HCPX♦): Separator unmatched
Hashfile 'wpa2.hccapx' on line 2 (): Separator unmatched
Hashfile 'wpa2.hccapx' on line 3 (): Separator unmatched
No hashes loaded.


Screenshot below

[Image: HiK8Mnt.jpg]

If this is allowed i'd like to share my cap and hccapx files with you. It is available here: https://mbaraniecki.pl/files/myhandshakefiles.zip

Am i using wrong command? Or my files may be corrupted? hccapx file has 786 bytes. cap file has 92kb (about).

I've got handshake file on The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) linux, but i am using hashcat on windows (on The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) it does not using my gpu - i don't know why, only cpu)

IS IT possible when i sent hccapx file to gmail from linux, and from gmail i downloaded to windows the file was corrupted? Anyway file size did not change even before and after i send it.

Please help and thanks to all.

Status exhausted

November 3, 2021, 2:27 pm
$
0
0
Hello. I always get this error: 
Session..........: hashcat
Status...........: Exhausted
Hash.Mode........: 11300 (Bitcoin/Litecoin wallet.dat)
Hash.Target......: $bitcoin$64$6cd7092de21faf4fdb824169b24167e68949cb4...0$2$00
Time.Started.....: Wed Nov 03 23:22:03 2021 (1 hour, 2 mins)
Time.Estimated...: Thu Nov 04 00:24:50 2021 (0 secs)
Kernel.Feature...: Pure Kernel
Guess.Mask.......: ?a?a?a [3]
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:      227 H/s (0.41ms) @ Accel:768 Loops:64 Thr:256 Vec:1
Recovered........: 0/1 (0.00%) Digests
Progress.........: 857375/857375 (100.00%)
Rejected.........: 0/857375 (0.00%)
Restore.Point....: 9025/9025 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:94-95 Iteration:0-1
Candidate.Engine.: Device Generator
Candidates.#1....:  O} ->  ~
Hardware.Mon.#1..: Temp: 54c Fan: 44% Util: 88% Core:1979MHz Mem:6794MHz Bus:16


I already tried a few versions and I have last gpu drivers. Help pls

Do I need a good CPU?

November 4, 2021, 7:51 pm
$
0
0
Hello all, I have a mining RIG and I would like to know if I need a good CPU to use the full power of all my GPUs on hashcat?
Search

Mask-Attack

November 5, 2021, 3:14 pm
$
0
0
Hey guys,

so I am trying to crack my Apple Secure Notes hash, for explanation reasons I fabricated this one:
$ASN$*1*20000*d6ca2e9ae031d385b5fa1583652a7216*c6d6b20ff9c659b908a38e68a2a3c9c103b3c8af3256185e:Admin

I have created the following files:
charset1.hcchr
Content:
Code:
abdehimnoz123


and


my1.hcmask
content:
Code:
?b
?b?b
?b?b?b
?b?b?b?b
?b?b?b?b?b
?b?b?b?b?b?b
?b?b?b?b?b?b?b
?b?b?b?b?b?b?b?b
?b?b?b?b?b?b?b?b?
?b?b?b?b?b?b?b?b?b?b
?b?b?b?b?b?b?b?b?b?b?b
?b?b?b?b?b?b?b?b?b?b?b?b


and I try to run them all together like this:
Code:
.\hashcat.exe -m 16200 -a 3 -w 3 -1 .\charsets\charset1.hcchr  .\hash.txt .\masks\my1.hcmask

With the code I try to accomplish, for every ?b it replaces a letter from my charset.

The Problem is, the charset is not beeing utilised. So Hashcat takes the "?b" tries every possiblity of ?b as stated in the manuel.

Does anybody know, how I can code it, so it only takes my charset?

Thanks in advance for the help

Regards,
Degus22

Upper&Lower cases rules

November 6, 2021, 4:29 am
$
0
0
Hi,

I have my own wordlist. All words are lower cases. Is there any rule which can create all possible version of upper and lower cases for every single word (plus some numbers and special characters (Hybrid Attack))?

help me pls

November 6, 2021, 6:32 am
$
0
0
* Device #1: This hardware has outdated CUDA compute capability (3.0).
            For modern OpenCL performance, upgrade to hardware that supports
            CUDA compute capability version 5.0 (Maxwell) or higher.
* Device #1: WARNING! Kernel exec timeout is not disabled.
            This may cause "CL_OUT_OF_RESOURCES" or related errors.
            To disable the timeout, see: https://hashcat.net/q/timeoutpatch
* Device #2: This hardware has outdated CUDA compute capability (3.0).
            For modern OpenCL performance, upgrade to hardware that supports
            CUDA compute capability version 5.0 (Maxwell) or higher.
* Device #2: WARNING! Kernel exec timeout is not disabled.
            This may cause "CL_OUT_OF_RESOURCES" or related errors.
            To disable the timeout, see: https://hashcat.net/q/timeoutpatch

I downloaded the cuda toolkit 2 times
the latest drivers
gtx 770

Invalid Device id 0 Specified

November 7, 2021, 2:41 am

Lost cause? Double crack..

November 9, 2021, 1:52 pm
$
0
0
Hello hashmashers!

I'm new to hashcat, got recommended by a friend.
I wanted to present a case of a double crack that is staring back at me :3

1) Is the following a lost cause? 
bis) If not, what is the best strategy given what I believe to be true about the password?

1) Double crack:
a. Rar archive (encrypted in 2017): $RAR3$ ... *33
b. Ethereum keystore (created via the Mist wallet)

> What I believe to be true about the password:
-> Consists of words; best case = English only, worst case = English + Dutch
-> Can contain names (e.g: Bilbo) (but very unlikely, ignore this for evaluation) 
-> Can contain upper case letters; best case = Only first letter, worst case = CamelCasing
-> Can contain numbers, reduced to "1", "5", "8", used at the end, only could be followed by max 5 characters
E.g: "xoxo!"
-> Have a list of specific numbers that can be in there
E.g: "123581321"
-> Can contain special symbols, reduced to "!" and "$", used only at the end
-> Length estimation: Min length = 8, max length = 18
(!) It could be real bad and be closer the amount of char of the file name =  29
(!) But in the case of 29, it's likely to be related to words used in the file name (dutch)
(!) Let's ignore the real bad case identified with (!) because very unlikely

bis) Strategy?
Do I compile a word list with all the typical words/numbers/symbols I use in my passwords?
=> Word lists + mask? What mask format tho? Have trouble coming up with a comprehensive one that covers the load
=> English + Dutch dictionary?
=> Brute force? How long would worst case take with a typical hash rate machine that can be found with AWS?

I hope to be able to say once the double crack is done: "Aaaaaaaand that's the way the cookie crumbles"
*Jim Carrey face*
Viewing all 7847 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>