I'm curious.
How many lines of code are we (i.e. the atom) up to?
How many lines of code are we (i.e. the atom) up to?
↧
How many lines of code is oclHashcat?
↧
Problem in HashcatGUI_0311
Hello all
I finished just ahead of the download HashcatGUI_0311
But encounter a problem, I can not run and the button is not activated
![.png]()
2014-02-17_044648.png (Size: 21.24 KB / Downloads: 14)
![.png]()
2014-02-17_044724.png (Size: 24.87 KB / Downloads: 10)
I finished just ahead of the download HashcatGUI_0311
But encounter a problem, I can not run and the button is not activated
2014-02-17_044648.png (Size: 21.24 KB / Downloads: 14)
2014-02-17_044724.png (Size: 24.87 KB / Downloads: 10)
↧
↧
Laptop with GeForce or Radeon M series
Hello
First, sorry , but my english is not so good to describe my problem, but I try write here all what I want ...
I want to use laptops to SL3 counting. I know , that`s is not good idea, but I want try...
Last 3 days i try, but still without results. I can use many laptops with the best cards on the market ( Ge Force GT-780M or Ati 6xxx or 7xxx series) but the problem is ( i think so ) with hashcat and support for these cards.
Could any say me, it`s possible these cards with ocl hashcat or maybe I want to use hashcate ?
Which version of ocl hashcat or hashcat should I use on Win7 (It can be Win8) This is not a Problem.
I want to use Martech SL3 program.
Could any one help me ?
![.jpg]()
Kernel.jpg (Size: 114.27 KB / Downloads: 7)
First, sorry , but my english is not so good to describe my problem, but I try write here all what I want ...
I want to use laptops to SL3 counting. I know , that`s is not good idea, but I want try...
Last 3 days i try, but still without results. I can use many laptops with the best cards on the market ( Ge Force GT-780M or Ati 6xxx or 7xxx series) but the problem is ( i think so ) with hashcat and support for these cards.
Could any say me, it`s possible these cards with ocl hashcat or maybe I want to use hashcate ?
Which version of ocl hashcat or hashcat should I use on Win7 (It can be Win8) This is not a Problem.
I want to use Martech SL3 program.
Could any one help me ?
Kernel.jpg (Size: 114.27 KB / Downloads: 7)
↧
NTLM hash, how practical is it?
Hi, I'm a kind of a noob at cryptography but I am trying to learn about cracking hashes. And I've got a an NTLM hash and a R9 280X, I was wondering how practical would it be to crack that hash using that card keeping in mind that all I know about the password is that it's supposed to be a strong one, and I've tried oclHashcat with a 14 char mask with lower,upper,dig and special and est time is >10 years, I understand the possibilities are huge but is there any practical way of approaching this problem?
Thanks
Thanks
↧
Joomla 3.2 hashing support?
Can somebody tell me if it's possible to crack the new joomla hash.
(ex. $P$DZCM4wGDIl4htDisvUrR1t3Rlbz6HY/:test123)
Thank you.
(ex. $P$DZCM4wGDIl4htDisvUrR1t3Rlbz6HY/:test123)
Thank you.
↧
↧
Hashtopus - distributed solution
Hi, I have been developing a distributed solution around oclHashcat and I am here to hear your thoughts on this, perhaps request features and to find out, if there is actualy someone out there with the same picture in mind.
My solution is a centralized one with a web server written in PHP+MySQL (might be swapped for SQLite). The server keeps computing tasks, files related to those tasks (rules, wordlists, ...) and hashlists for those tasks. It also keeps list of computing agents.
Computing agent is aimed for BFUs with powerfull GPUs, Windows system (partly because my programming knowledge is limited to C# and PHP) and very little IT knowledge. In other words, gamers, which are willing to contribute their computing power but not able to operate in command line and stuff like that.
The operator can generate an agent deployer, which contains hardcoded address for his/her server. Once the deployer is started at the target machine, it detects platform (32/64 and ati/nvidia) and downloads oclHashcat specific for this platform (to avoid unnecessary traffic). It then checks the server for its assignments.
If the operator assigns an agent to a specific tasks, the agent downloads all files and hashlist related to this task and then requests a chunk of work. If it is first chunk for this task, the server orders the agent to execute a benchmark for this specific task. The result is then extrapoled, so each agent is given exactly 5 minutes (server side configurable) worth of computing chunk.
The assignment of an agent to a task bears a certain level of agressivity as an integer number. This number essentialy says, how many seconds the agent computer needs to be inactive, before it starts cracking where 0=crack all the time.
The results (e.g. cracked hashes) are transferred in real time while they are being cracked. After each completed chunk, the benchmark of an agent for this task is adjusted to maintain more or less constant time length of chunks. If a chunk has not been marked as completed for more than 3 times (configurable) of its size, it is reassigned to another agent who first requests a new chunk after the previously mentioned chunk has timeouted.
When submitting completed hashes to server, as a response the agent receives a list of hashes that were in the meantime cracked by other agents so they could be removed from the local hashlist. You may be familiar with a term "zap" for this actions, and my solution implements that. A zap takes action in the next chunk (so mostly in 5 minutes) untill i find a way to instruct running oclHashcat to quit and restore, thus reload the zap-stripped hashlist.
As for now the agent operates as a Windows console application with further aim to run it as a Windows service to make it possible to crack even before user logs in.
It was pointed out to me that with so much control on the server side and automation on the agent side, my solution pretty much resembles a botnet.
I would like to hear your thoughts on this as well as feature ideas.
I will be publishing server and agent source codes. Agent binaries will be generated directly from the server web gui. I would also be glad if there was anyone who liked the idea enough to port the agent on Unix-based systems, as this is beyond my programming skills.
My solution is a centralized one with a web server written in PHP+MySQL (might be swapped for SQLite). The server keeps computing tasks, files related to those tasks (rules, wordlists, ...) and hashlists for those tasks. It also keeps list of computing agents.
Computing agent is aimed for BFUs with powerfull GPUs, Windows system (partly because my programming knowledge is limited to C# and PHP) and very little IT knowledge. In other words, gamers, which are willing to contribute their computing power but not able to operate in command line and stuff like that.
The operator can generate an agent deployer, which contains hardcoded address for his/her server. Once the deployer is started at the target machine, it detects platform (32/64 and ati/nvidia) and downloads oclHashcat specific for this platform (to avoid unnecessary traffic). It then checks the server for its assignments.
If the operator assigns an agent to a specific tasks, the agent downloads all files and hashlist related to this task and then requests a chunk of work. If it is first chunk for this task, the server orders the agent to execute a benchmark for this specific task. The result is then extrapoled, so each agent is given exactly 5 minutes (server side configurable) worth of computing chunk.
The assignment of an agent to a task bears a certain level of agressivity as an integer number. This number essentialy says, how many seconds the agent computer needs to be inactive, before it starts cracking where 0=crack all the time.
The results (e.g. cracked hashes) are transferred in real time while they are being cracked. After each completed chunk, the benchmark of an agent for this task is adjusted to maintain more or less constant time length of chunks. If a chunk has not been marked as completed for more than 3 times (configurable) of its size, it is reassigned to another agent who first requests a new chunk after the previously mentioned chunk has timeouted.
When submitting completed hashes to server, as a response the agent receives a list of hashes that were in the meantime cracked by other agents so they could be removed from the local hashlist. You may be familiar with a term "zap" for this actions, and my solution implements that. A zap takes action in the next chunk (so mostly in 5 minutes) untill i find a way to instruct running oclHashcat to quit and restore, thus reload the zap-stripped hashlist.
As for now the agent operates as a Windows console application with further aim to run it as a Windows service to make it possible to crack even before user logs in.
It was pointed out to me that with so much control on the server side and automation on the agent side, my solution pretty much resembles a botnet.
I would like to hear your thoughts on this as well as feature ideas.
I will be publishing server and agent source codes. Agent binaries will be generated directly from the server web gui. I would also be glad if there was anyone who liked the idea enough to port the agent on Unix-based systems, as this is beyond my programming skills.
↧
Radeon HD 5850 power question
Hello All,
I have just bought a HD 5850 to speed things up a bit, I am also completely new to this GPU business.
The card has two 6 pin power sockets on its back however I only received one cable that has one 6 pin plug attached to two molex female connectors.
Would that be enough to get the card running or there has to be two of those?
Thanks in advance,
I have just bought a HD 5850 to speed things up a bit, I am also completely new to this GPU business.
The card has two 6 pin power sockets on its back however I only received one cable that has one 6 pin plug attached to two molex female connectors.
Would that be enough to get the card running or there has to be two of those?
Thanks in advance,
↧
Length of my hash
--So scared of radix and his ban hammer that I have spent hours researching this --
I recently used Usercake to create a login system in PHP. After playing about with hashcat and trying to get it to work, I realized that I was trying to crack MD5 when it is actually SHA1.
So I tried changing it about and researched and realized that a salt and the first 9 chars i.e. hash:salt.
Every time I try any combination (think I have gone through them all in ocl) I keep getting invalid string. Checking it out the hash length is 65 chars in length.
Now am I right in thinking that there is a limit on the length, or am I just doing something majorly wrong?
I recently used Usercake to create a login system in PHP. After playing about with hashcat and trying to get it to work, I realized that I was trying to crack MD5 when it is actually SHA1.
So I tried changing it about and researched and realized that a salt and the first 9 chars i.e. hash:salt.
Every time I try any combination (think I have gone through them all in ocl) I keep getting invalid string. Checking it out the hash length is 65 chars in length.
Now am I right in thinking that there is a limit on the length, or am I just doing something majorly wrong?
↧
plz crack my password
plz crack my password
<removed by philsmd>
<removed by philsmd>
↧
↧
Updated Drivers and Hashcat fail to work?
I recently updated my Nvidia graphics card driver (new release that came out today or tomorrow I believe). I updated to GeForce 334.89 Driver for GTX 660. When I did so, when I run cudahashcat on the hash, I get the following error:
Desktop\oclHashcat-1.01>cudahashcat64.exe -a 3 -m 1000 --o
utfile=cracked.txt --increment hash.txt -1 ?l?u?d ?1?1?1?1?1?1?1?1?1?1?1?1?1
ERROR: No NVidia compatible platform found
It was working 100% fine before this update of the driver occurred. I am curious as to how i can fix this issue in any way AND why it is happening. I presume oclhashcat-1.01 simply does not have support for this updated driver as of now but if I am mistaken please correct me.
As well, as I just said, how can I fix this issue?
1. Should I wait for an update to hashcat (ETA would be nice, assuming the problem is it does not support the new driver yet, which may not be the case)
2. Downgrade my drivers (if so if you could point me into the right direction to do so it would be greatly appreciated.)
3. It can't be fixed and it is only my computer going insane (which means I would cry).
Thank you for your time and I appreciate any response with any information regarding the subject.
Desktop\oclHashcat-1.01>cudahashcat64.exe -a 3 -m 1000 --o
utfile=cracked.txt --increment hash.txt -1 ?l?u?d ?1?1?1?1?1?1?1?1?1?1?1?1?1
ERROR: No NVidia compatible platform found
It was working 100% fine before this update of the driver occurred. I am curious as to how i can fix this issue in any way AND why it is happening. I presume oclhashcat-1.01 simply does not have support for this updated driver as of now but if I am mistaken please correct me.
As well, as I just said, how can I fix this issue?
1. Should I wait for an update to hashcat (ETA would be nice, assuming the problem is it does not support the new driver yet, which may not be the case)
2. Downgrade my drivers (if so if you could point me into the right direction to do so it would be greatly appreciated.)
3. It can't be fixed and it is only my computer going insane (which means I would cry).
Thank you for your time and I appreciate any response with any information regarding the subject.
↧
Workstation GPU support (NVIDIA Quadro, ATI FirePro)
I realize it's suboptimal, but work password auditing must be done on work supplied hardware, unfortunately - compliance with corporate standards trumps speed. As long as I can get similar or faster results with the GPU than with the CPU, it's still a win.
I'd like to ask if anyone knows if Hashcat will run either on the straight workstation GPUs + drivers, or if there's some Frankensteinian kludge of consumer drivers + workstation GPU's that has worked.
At this point, there may be a "workstation class" laptop limitation as well, so the FirePro and Quadro mobility cards are not unlikely to be options.
I'd like to ask if anyone knows if Hashcat will run either on the straight workstation GPUs + drivers, or if there's some Frankensteinian kludge of consumer drivers + workstation GPU's that has worked.
At this point, there may be a "workstation class" laptop limitation as well, so the FirePro and Quadro mobility cards are not unlikely to be options.
↧
STOP! Unsupported or incorrect Driver
Hi Guys
I have a problem with hashcat.
I have the latest drivers from ATI installed 14.1
System consisting of
i5-4670k
r9 280x toxic
Corsair 16GB RAM
windows 8
can someone help me?
best regards Abdula01
![.jpg]()
123456789.jpg (Size: 98.93 KB / Downloads: 11)
I have a problem with hashcat.
I have the latest drivers from ATI installed 14.1
System consisting of
i5-4670k
r9 280x toxic
Corsair 16GB RAM
windows 8
can someone help me?
best regards Abdula01
123456789.jpg (Size: 98.93 KB / Downloads: 11)
↧
ASRock Z87 Pro4
Hello,
will I be able to put two same cards in this one? (it says it has "1 x PCIe 3.0 x16, 1 x PCIe 2.0 x16, 2 x PCIe 2.0 x1" I'm not sure)
will I be able to put two same cards in this one? (it says it has "1 x PCIe 3.0 x16, 1 x PCIe 2.0 x16, 2 x PCIe 2.0 x1" I'm not sure)
↧
↧
Table attack, or what?
Hello,
I've got three files.
First file includes syllables with 3 characters,
2nd syllables with 2 characters und 3rd all
two digit combinations.
Now, I want that all 3 parts will combined to
passwords with length between
8 and max 12 digits.
For example 1*3 char + 1*2 digit + 3*2 char or
2*3 char and 1*2 char .... for all possibilities.
Could someone can give me some hints how
I should do that?
I think, the table attack was right, but how?
Greetings
calculate
I've got three files.
First file includes syllables with 3 characters,
2nd syllables with 2 characters und 3rd all
two digit combinations.
Now, I want that all 3 parts will combined to
passwords with length between
8 and max 12 digits.
For example 1*3 char + 1*2 digit + 3*2 char or
2*3 char and 1*2 char .... for all possibilities.
Could someone can give me some hints how
I should do that?
I think, the table attack was right, but how?
Greetings
calculate
↧
GTX 780M benchmark
Hi,
Here is the benchmark of my msi gt60-2od 1x gtx 780m
Hashtype: MD4
Workload: 512 loops, 128 accel
Speed.GPU.#1.: 3008.5 MH/s
Hashtype: MD5
Workload: 512 loops, 128 accel
Speed.GPU.#1.: 2000.6 MH/s
Hashtype: SHA1
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 521.5 MH/s
Hashtype: SHA256
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 204.5 MH/s
Hashtype: SHA512
Workload: 32 loops, 64 accel
Speed.GPU.#1.: 85919.9 kH/s
Hashtype: SHA-3(Keccak)
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 48254.2 kH/s
Hashtype: RipeMD160
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 348.6 MH/s
Hashtype: Whirlpool
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 61677.4 kH/s
Hashtype: GOST R 34.11-94
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 50072.5 kH/s
Hashtype: SHA-1(Base64), nsldap, Netscape LDAP SHA
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 522.1 MH/s
Hashtype: SSHA-1(Base64), nsldaps, Netscape LDAP SSHA
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 515.2 MH/s
Hashtype: descrypt, DES(Unix), Traditional DES
Workload: 16 loops, 64 accel
Speed.GPU.#1.: 27872.6 kH/s
Hashtype: md5crypt, MD5(Unix), FreeBSD MD5, Cisco-IOS MD5
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 810.1 kH/s
Hashtype: sha256crypt, SHA256(Unix)
Workload: 4 loops, 8 accel
Speed.GPU.#1.: 12370 H/s
Hashtype: sha512crypt, SHA512(Unix)
Workload: 4 loops, 8 accel
Speed.GPU.#1.: 8922 H/s
Hashtype: bcrypt, Blowfish(OpenBSD)
Workload: 16 loops, 8 accel
Speed.GPU.#1.: 576 H/s
Hashtype: LM
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 485.5 MH/s
Hashtype: NTLM
Workload: 512 loops, 128 accel
Speed.GPU.#1.: 2968.8 MH/s
Hashtype: DCC, mscash
Workload: 256 loops, 64 accel
Speed.GPU.#1.: 840.6 MH/s
Hashtype: NetNTLMv1-VANILLA / NetNTLMv1+ESS
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 1529.9 MH/s
Hashtype: NetNTLMv2
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 149.7 MH/s
Hashtype: Kerberos 5 AS-REQ Pre-Auth etype 23
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 5783.1 kH/s
Hashtype: EPiServer 6.x < v4
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 462.0 MH/s
Hashtype: EPiServer 6.x > v4
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 189.2 MH/s
Hashtype: MSSQL(2000)
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 492.0 MH/s
Hashtype: MSSQL(2005)
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 497.7 MH/s
Hashtype: MSSQL(2012)
Workload: 32 loops, 64 accel
Speed.GPU.#1.: 85413.7 kH/s
Hashtype: MySQL
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 224.2 MH/s
Hashtype: Oracle 7-10g
Workload: 64 loops, 8 accel
Speed.GPU.#1.: 132.7 MH/s
Hashtype: Oracle 11g
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 514.8 MH/s
Hashtype: OSX v10.4, v10.5, v10.6
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 468.1 MH/s
Hashtype: OSX v10.7
Workload: 16 loops, 64 accel
Speed.GPU.#1.: 80956.2 kH/s
Hashtype: OSX v10.8
Workload: 4 loops, 8 accel
Speed.GPU.#1.: 0 H/s
Hashtype: Samsung Android Password/PIN
Workload: 16 loops, 64 accel
Speed.GPU.#1.: 407.6 kH/s
Hashtype: Cisco-PIX MD5
Workload: 512 loops, 64 accel
Speed.GPU.#1.: 1569.6 MH/s
Hashtype: Cisco-IOS SHA256
Workload: 256 loops, 64 accel
Speed.GPU.#1.: 205.7 MH/s
Hashtype: WPA/WPA2
Workload: 8 loops, 8 accel
Speed.GPU.#1.: 21406 H/s
Hashtype: IKE-PSK MD5
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 161.6 MH/s
Hashtype: IKE-PSK SHA1
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 49179.3 kH/s
Hashtype: Password Safe SHA-256
Workload: 8 loops, 8 accel
Speed.GPU.#1.: 74925 H/s
Hashtype: 1Password
Workload: 8 loops, 8 accel
Speed.GPU.#1.: 163.4 kH/s
Hashtype: AIX {ssha1}
Workload: 8 loops, 8 accel
Speed.GPU.#1.: 2277.3 kH/s
Hashtype: TrueCrypt 5.0+ PBKDF2-HMAC-RipeMD160 + AES
Workload: 8 loops, 8 accel
Speed.GPU.#1.: 45448 H/s
Hashtype: TrueCrypt 5.0+ PBKDF2-HMAC-SHA512 + AES
Workload: 8 loops, 8 accel
Speed.GPU.#1.: 29408 H/s
Hashtype: TrueCrypt 5.0+ PBKDF2-HMAC-Whirlpool + AES
Workload: 8 loops, 8 accel
Speed.GPU.#1.: 7104 H/s
Hashtype: TrueCrypt 5.0+ PBKDF2-HMAC-RipeMD160 boot-mode + AES
Workload: 8 loops, 8 accel
Speed.GPU.#1.: 90895 H/s
Hashtype: HMAC-MD5 (key = $pass)
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 294.7 MH/s
Hashtype: HMAC-MD5 (key = $salt)
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 610.2 MH/s
Hashtype: HMAC-SHA1 (key = $pass)
Workload: 32 loops, 64 accel
Speed.GPU.#1.: 120.4 MH/s
Hashtype: HMAC-SHA1 (key = $salt)
Workload: 32 loops, 64 accel
Speed.GPU.#1.: 230.2 MH/s
Hashtype: HMAC-SHA256 (key = $pass)
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 42097.1 kH/s
Hashtype: HMAC-SHA256 (key = $salt)
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 82517.5 kH/s
Hashtype: HMAC-SHA512 (key = $pass)
Workload: 16 loops, 64 accel
Speed.GPU.#1.: 16965.4 kH/s
Hashtype: HMAC-SHA512 (key = $salt)
Workload: 16 loops, 64 accel
Speed.GPU.#1.: 33355.3 kH/s
Hashtype: Half MD5
Workload: 512 loops, 64 accel
Speed.GPU.#1.: 608.1 MH/s
Hashtype: Double MD5
Workload: 256 loops, 64 accel
Speed.GPU.#1.: 632.0 MH/s
Hashtype: GRUB 2
Workload: 4 loops, 8 accel
Speed.GPU.#1.: 0 H/s
Hashtype: phpass, MD5(Wordpress), MD5(phpBB3)
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 548.1 kH/s
Hashtype: Joomla
Workload: 512 loops, 128 accel
Speed.GPU.#1.: 1977.1 MH/s
Hashtype: osCommerce, xt:Commerce
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 1141.2 MH/s
Hashtype: IPB2+, MyBB1.2+
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 454.3 MH/s
Hashtype: vBulletin < v3.8.5
Workload: 256 loops, 64 accel
Speed.GPU.#1.: 632.2 MH/s
Hashtype: vBulletin > v3.8.5
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 428.1 MH/s
Hashtype: SMF > v1.1
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 464.4 MH/s
C:\wpa2c>
Here is the benchmark of my msi gt60-2od 1x gtx 780m
Hashtype: MD4
Workload: 512 loops, 128 accel
Speed.GPU.#1.: 3008.5 MH/s
Hashtype: MD5
Workload: 512 loops, 128 accel
Speed.GPU.#1.: 2000.6 MH/s
Hashtype: SHA1
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 521.5 MH/s
Hashtype: SHA256
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 204.5 MH/s
Hashtype: SHA512
Workload: 32 loops, 64 accel
Speed.GPU.#1.: 85919.9 kH/s
Hashtype: SHA-3(Keccak)
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 48254.2 kH/s
Hashtype: RipeMD160
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 348.6 MH/s
Hashtype: Whirlpool
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 61677.4 kH/s
Hashtype: GOST R 34.11-94
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 50072.5 kH/s
Hashtype: SHA-1(Base64), nsldap, Netscape LDAP SHA
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 522.1 MH/s
Hashtype: SSHA-1(Base64), nsldaps, Netscape LDAP SSHA
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 515.2 MH/s
Hashtype: descrypt, DES(Unix), Traditional DES
Workload: 16 loops, 64 accel
Speed.GPU.#1.: 27872.6 kH/s
Hashtype: md5crypt, MD5(Unix), FreeBSD MD5, Cisco-IOS MD5
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 810.1 kH/s
Hashtype: sha256crypt, SHA256(Unix)
Workload: 4 loops, 8 accel
Speed.GPU.#1.: 12370 H/s
Hashtype: sha512crypt, SHA512(Unix)
Workload: 4 loops, 8 accel
Speed.GPU.#1.: 8922 H/s
Hashtype: bcrypt, Blowfish(OpenBSD)
Workload: 16 loops, 8 accel
Speed.GPU.#1.: 576 H/s
Hashtype: LM
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 485.5 MH/s
Hashtype: NTLM
Workload: 512 loops, 128 accel
Speed.GPU.#1.: 2968.8 MH/s
Hashtype: DCC, mscash
Workload: 256 loops, 64 accel
Speed.GPU.#1.: 840.6 MH/s
Hashtype: NetNTLMv1-VANILLA / NetNTLMv1+ESS
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 1529.9 MH/s
Hashtype: NetNTLMv2
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 149.7 MH/s
Hashtype: Kerberos 5 AS-REQ Pre-Auth etype 23
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 5783.1 kH/s
Hashtype: EPiServer 6.x < v4
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 462.0 MH/s
Hashtype: EPiServer 6.x > v4
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 189.2 MH/s
Hashtype: MSSQL(2000)
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 492.0 MH/s
Hashtype: MSSQL(2005)
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 497.7 MH/s
Hashtype: MSSQL(2012)
Workload: 32 loops, 64 accel
Speed.GPU.#1.: 85413.7 kH/s
Hashtype: MySQL
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 224.2 MH/s
Hashtype: Oracle 7-10g
Workload: 64 loops, 8 accel
Speed.GPU.#1.: 132.7 MH/s
Hashtype: Oracle 11g
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 514.8 MH/s
Hashtype: OSX v10.4, v10.5, v10.6
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 468.1 MH/s
Hashtype: OSX v10.7
Workload: 16 loops, 64 accel
Speed.GPU.#1.: 80956.2 kH/s
Hashtype: OSX v10.8
Workload: 4 loops, 8 accel
Speed.GPU.#1.: 0 H/s
Hashtype: Samsung Android Password/PIN
Workload: 16 loops, 64 accel
Speed.GPU.#1.: 407.6 kH/s
Hashtype: Cisco-PIX MD5
Workload: 512 loops, 64 accel
Speed.GPU.#1.: 1569.6 MH/s
Hashtype: Cisco-IOS SHA256
Workload: 256 loops, 64 accel
Speed.GPU.#1.: 205.7 MH/s
Hashtype: WPA/WPA2
Workload: 8 loops, 8 accel
Speed.GPU.#1.: 21406 H/s
Hashtype: IKE-PSK MD5
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 161.6 MH/s
Hashtype: IKE-PSK SHA1
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 49179.3 kH/s
Hashtype: Password Safe SHA-256
Workload: 8 loops, 8 accel
Speed.GPU.#1.: 74925 H/s
Hashtype: 1Password
Workload: 8 loops, 8 accel
Speed.GPU.#1.: 163.4 kH/s
Hashtype: AIX {ssha1}
Workload: 8 loops, 8 accel
Speed.GPU.#1.: 2277.3 kH/s
Hashtype: TrueCrypt 5.0+ PBKDF2-HMAC-RipeMD160 + AES
Workload: 8 loops, 8 accel
Speed.GPU.#1.: 45448 H/s
Hashtype: TrueCrypt 5.0+ PBKDF2-HMAC-SHA512 + AES
Workload: 8 loops, 8 accel
Speed.GPU.#1.: 29408 H/s
Hashtype: TrueCrypt 5.0+ PBKDF2-HMAC-Whirlpool + AES
Workload: 8 loops, 8 accel
Speed.GPU.#1.: 7104 H/s
Hashtype: TrueCrypt 5.0+ PBKDF2-HMAC-RipeMD160 boot-mode + AES
Workload: 8 loops, 8 accel
Speed.GPU.#1.: 90895 H/s
Hashtype: HMAC-MD5 (key = $pass)
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 294.7 MH/s
Hashtype: HMAC-MD5 (key = $salt)
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 610.2 MH/s
Hashtype: HMAC-SHA1 (key = $pass)
Workload: 32 loops, 64 accel
Speed.GPU.#1.: 120.4 MH/s
Hashtype: HMAC-SHA1 (key = $salt)
Workload: 32 loops, 64 accel
Speed.GPU.#1.: 230.2 MH/s
Hashtype: HMAC-SHA256 (key = $pass)
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 42097.1 kH/s
Hashtype: HMAC-SHA256 (key = $salt)
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 82517.5 kH/s
Hashtype: HMAC-SHA512 (key = $pass)
Workload: 16 loops, 64 accel
Speed.GPU.#1.: 16965.4 kH/s
Hashtype: HMAC-SHA512 (key = $salt)
Workload: 16 loops, 64 accel
Speed.GPU.#1.: 33355.3 kH/s
Hashtype: Half MD5
Workload: 512 loops, 64 accel
Speed.GPU.#1.: 608.1 MH/s
Hashtype: Double MD5
Workload: 256 loops, 64 accel
Speed.GPU.#1.: 632.0 MH/s
Hashtype: GRUB 2
Workload: 4 loops, 8 accel
Speed.GPU.#1.: 0 H/s
Hashtype: phpass, MD5(Wordpress), MD5(phpBB3)
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 548.1 kH/s
Hashtype: Joomla
Workload: 512 loops, 128 accel
Speed.GPU.#1.: 1977.1 MH/s
Hashtype: osCommerce, xt:Commerce
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 1141.2 MH/s
Hashtype: IPB2+, MyBB1.2+
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 454.3 MH/s
Hashtype: vBulletin < v3.8.5
Workload: 256 loops, 64 accel
Speed.GPU.#1.: 632.2 MH/s
Hashtype: vBulletin > v3.8.5
Workload: 128 loops, 64 accel
Speed.GPU.#1.: 428.1 MH/s
Hashtype: SMF > v1.1
Workload: 64 loops, 64 accel
Speed.GPU.#1.: 464.4 MH/s
C:\wpa2c>
↧
Recover NTLM with charset: !@$etaoinshrdlu134579
How do I recover an NTLM password by using Hashcat with this charset: !@$etaoinshrdlu134579
↧
Help to BruteForce WPA
Good morning all,
Long time lurker - first time posting. I've recently got a new Sky router from sky simply to update my old one, after giving me fibre FOC. Post is quite long, apologies for this and I thank you in advance if you have had patience to read and help.
I haven't changed any WPA/2 passwords as of yet as I have found this system to be quite secure so far. I have tried both bully and reaver attacks through virtual machines running BackTrack 5 R3 & Kali Linux, as well as a fully native installation on a Dell Latitude D420, using the inbuilt wireless adapter, as well as an Alfa one I purchased a few months back.
I was able to crack my last sky router with Reaver but this one seems to be protected against the WPS attacks, so now I am trying to crack it using a brute force attack.
I originally was using a combination of 'crunch' and Aircrack-ng, which allowed for the codes to be generated whilst cracking, meaning a ridiculously sized file was not necessary to work from as a word list.
As I know my Sky router has the original passkey, I know this is only uppercase alphabetical which is no longer or shorter than eight characters long. Now as I know this code will work from AAAAAAAA to ZZZZZZZZ like this;
AAAAAAAA
AAAAAAAB
AAAAAAAC
--
ZZZZZZZX
ZZZZZZZY
ZZZZZZZZ
^ Start, to finish respectively; I used the following options with crunch & aircrack;
./crunch 8 8 ABCDEFGHIJKLMNOPQRSTUVWXYZ -t ,,,,,,,,|aircrack-ng -w- -b MACADDRESSHERE '/root/CAPFILEHERE.cap'
As well as running on a separate machine in the reverse order, by adding the '-i' flag.
Considering I'm running that on what I regard to be a fast computer (8 core FX8350, clocked to 4.8ghz, 16gb ram, SSD, Asus 990FX Sabertooth mobo), it still only manages an absolute max of around 10,000 keys/s.
I thought there must be a faster way, which is when I discovered hashcat. Now I don't have the exact code to hand, but I used the code -m 2500 and cracking uppercase alphabetical only. This is being done on two identical X3D HD7850 2GB cards, overclocked, I can achieve around 120,000 h/s, running under windows 8.1.
What I am looking to do is run the same code on the WPA .cap with handshake included by running so any two characters are not the same together in each password tested.
ie; instead of AAAAAAAA, make the code stop it from duplicating the same letter next to eachother;
ABABABAB
ABABABAC
ABABABAD
--
GHGHGHGH
GHGHGHGI
GHGHGHGL
I saw a similar post mentioning mp64 and some other information, but as far as my oclHashcat folder (v 1.01) I cannot see mp64 anywhere or how to get it. I'm looking to do this as I've noticed on my last three routers (could be coincidence) but there has not been the same character next to eachother in each passcode. This should cut down the amount of keys to test also. Currently 8 characters with 26 possibilities puts 8 to the power of 26 working out to 208billion or so possible keys. Which appears with my setup will run for 26 days.
Is this a plausible way to cut down the hashing time, or does anyone have any other suggestions?
Could someone please help point me in the right direction? I hope I've explained this well enough! Any questions please feel free to ask, and apologies in advance if I've been unclear.
I look forward to the help!
Many thanks,
Sam
Long time lurker - first time posting. I've recently got a new Sky router from sky simply to update my old one, after giving me fibre FOC. Post is quite long, apologies for this and I thank you in advance if you have had patience to read and help.
I haven't changed any WPA/2 passwords as of yet as I have found this system to be quite secure so far. I have tried both bully and reaver attacks through virtual machines running BackTrack 5 R3 & Kali Linux, as well as a fully native installation on a Dell Latitude D420, using the inbuilt wireless adapter, as well as an Alfa one I purchased a few months back.
I was able to crack my last sky router with Reaver but this one seems to be protected against the WPS attacks, so now I am trying to crack it using a brute force attack.
I originally was using a combination of 'crunch' and Aircrack-ng, which allowed for the codes to be generated whilst cracking, meaning a ridiculously sized file was not necessary to work from as a word list.
As I know my Sky router has the original passkey, I know this is only uppercase alphabetical which is no longer or shorter than eight characters long. Now as I know this code will work from AAAAAAAA to ZZZZZZZZ like this;
AAAAAAAA
AAAAAAAB
AAAAAAAC
--
ZZZZZZZX
ZZZZZZZY
ZZZZZZZZ
^ Start, to finish respectively; I used the following options with crunch & aircrack;
./crunch 8 8 ABCDEFGHIJKLMNOPQRSTUVWXYZ -t ,,,,,,,,|aircrack-ng -w- -b MACADDRESSHERE '/root/CAPFILEHERE.cap'
As well as running on a separate machine in the reverse order, by adding the '-i' flag.
Considering I'm running that on what I regard to be a fast computer (8 core FX8350, clocked to 4.8ghz, 16gb ram, SSD, Asus 990FX Sabertooth mobo), it still only manages an absolute max of around 10,000 keys/s.
I thought there must be a faster way, which is when I discovered hashcat. Now I don't have the exact code to hand, but I used the code -m 2500 and cracking uppercase alphabetical only. This is being done on two identical X3D HD7850 2GB cards, overclocked, I can achieve around 120,000 h/s, running under windows 8.1.
What I am looking to do is run the same code on the WPA .cap with handshake included by running so any two characters are not the same together in each password tested.
ie; instead of AAAAAAAA, make the code stop it from duplicating the same letter next to eachother;
ABABABAB
ABABABAC
ABABABAD
--
GHGHGHGH
GHGHGHGI
GHGHGHGL
I saw a similar post mentioning mp64 and some other information, but as far as my oclHashcat folder (v 1.01) I cannot see mp64 anywhere or how to get it. I'm looking to do this as I've noticed on my last three routers (could be coincidence) but there has not been the same character next to eachother in each passcode. This should cut down the amount of keys to test also. Currently 8 characters with 26 possibilities puts 8 to the power of 26 working out to 208billion or so possible keys. Which appears with my setup will run for 26 days.
Is this a plausible way to cut down the hashing time, or does anyone have any other suggestions?
Could someone please help point me in the right direction? I hope I've explained this well enough! Any questions please feel free to ask, and apologies in advance if I've been unclear.
I look forward to the help!
Many thanks,
Sam
↧
↧
Hybrid attack and -s value
Hi. When you do a dictionary attack with rules, the -s value represents the words in the dictionary or the equivalent in the keyspace including the words mangled with rules?
↧
How to crack md5 hash where long cleartext is *almost* known?
Hi,
I have unsalted md5 hashes of longer-than-usual-passwords strings -- think of SMS or Twitter messages -- where I know more or less the cleartext, but not exactly.
For example I have the md5 hash <removed by philsmd> and know that the cleartext string is similar to "this is a example String?". How can I get hashcat to find the true cleartext, which is "this is an Example string!"? In this example one char changed from lower case to upper case, one char was added and one special char changed.
I'd like to have a way to automatically modify the string in 1, 2 or even 3 positions with changing upper/lower cases and adding/deleting a character. Is that possible with hashcat?
I have unsalted md5 hashes of longer-than-usual-passwords strings -- think of SMS or Twitter messages -- where I know more or less the cleartext, but not exactly.
For example I have the md5 hash <removed by philsmd> and know that the cleartext string is similar to "this is a example String?". How can I get hashcat to find the true cleartext, which is "this is an Example string!"? In this example one char changed from lower case to upper case, one char was added and one special char changed.
I'd like to have a way to automatically modify the string in 1, 2 or even 3 positions with changing upper/lower cases and adding/deleting a character. Is that possible with hashcat?
↧
Tesla K20m sha512crypt dictionary attack performance issues
Hello,
I'm experiencing a puzzling (at least, for me) behaviour while performing a dictionary-only attack on a sha512crypt hash.
Scenario:
Hardware is a server with dual Xeon E5-2603v2 CPU, 32GB RAM, 4x Nvidia Tesla K20m with 5GB memory each.
Software is Linux Centos 6.5 64 bit, nvidia 319.37 driver from official Nvidia repos, oclHashcat 1.01.
SElinux is disabled and the system isn't doing anything else.
my command line is:
The sha512.hashes contains ten sha512 hashes (with different salts) and the dictionary contains 60 million 8-char-long passwords.
The gpu-accel and gpu-loops parameters were choosen through exhaustive benchmarking (= trying a set of possible gpu-accel and gpu-loops combos).
What happens is that I during bruteforcing I get 400% CPU usage; it's a dual core, 4-core-per CPU, non hyperthreaded machine, so thus 800% would mean the server is truly completely CPU saturated, but I still don't understand what's going on; I thought that dictionary-only attacks weren't really CPU bound, since there was no wordlist to generate on the fly.
There's something else bothering me as well: if I check the status while cracking, the data is something like that:
While the GPU utilization is high, the machine actually seems able to crack 25K/s password, which is a bit low IMHO, since I saw posts like that:
http://hashcat.net/forum/archive/index.p...-2340.html
Where a dual Tesla K20m system seems to perform at the same level as mine. Tthe sha512crypt benchmark is not available in such page, but the sha512 benchmark is the same despite my system having 2x the GPUs of the posted one.
This is my sha512 + sha512crypt benchmark result :
But I've noticed other strange behaviours:
- Using
to limit CPU usage seems to lower the system load (e.g.
just shows 100% load) but the bruteforcing performance stays the same at about 25K H/s.
- Letting one single GPU device with
to fully employ the CPUs doesnt' improve speed (the single GPU cracks about 6.3K hashes/s)
So, my questions are:
- Is it normal for the CPU usage to be that high?
- Is there a change the system us CPU bound?
- Is there any way to improve my performance?
Thanks to anyone that can help me.
I'm experiencing a puzzling (at least, for me) behaviour while performing a dictionary-only attack on a sha512crypt hash.
Scenario:
Hardware is a server with dual Xeon E5-2603v2 CPU, 32GB RAM, 4x Nvidia Tesla K20m with 5GB memory each.
Software is Linux Centos 6.5 64 bit, nvidia 319.37 driver from official Nvidia repos, oclHashcat 1.01.
SElinux is disabled and the system isn't doing anything else.
my command line is:
Code:
cudaHashcat64.bin --gpu-accel=1 --gpu-loops=1024 -m 1800 /root/tests/sha512.hashes /root/tests/60milliondict.txtThe sha512.hashes contains ten sha512 hashes (with different salts) and the dictionary contains 60 million 8-char-long passwords.
The gpu-accel and gpu-loops parameters were choosen through exhaustive benchmarking (= trying a set of possible gpu-accel and gpu-loops combos).
What happens is that I during bruteforcing I get 400% CPU usage; it's a dual core, 4-core-per CPU, non hyperthreaded machine, so thus 800% would mean the server is truly completely CPU saturated, but I still don't understand what's going on; I thought that dictionary-only attacks weren't really CPU bound, since there was no wordlist to generate on the fly.
There's something else bothering me as well: if I check the status while cracking, the data is something like that:
Quote:Speed.GPU.#1...: 628 H/s
Speed.GPU.#2...: 635 H/s
Speed.GPU.#3...: 635 H/s
Speed.GPU.#4...: 635 H/s
Speed.GPU.#*...: 2533 H/s
Recovered......: 0/10 (0.00%) Digests, 0/10 (0.00%) Salts
Progress.......: 692224/600000000 (0.12%)
Rejected.......: 0/692224 (0.00%)
HWMon.GPU.#1...: 99% Util, 36c Temp, -1% Fan
HWMon.GPU.#2...: 99% Util, 37c Temp, -1% Fan
HWMon.GPU.#3...: 99% Util, 39c Temp, -1% Fan
HWMon.GPU.#4...: 99% Util, 40c Temp, -1% Fan
While the GPU utilization is high, the machine actually seems able to crack 25K/s password, which is a bit low IMHO, since I saw posts like that:
http://hashcat.net/forum/archive/index.p...-2340.html
Where a dual Tesla K20m system seems to perform at the same level as mine. Tthe sha512crypt benchmark is not available in such page, but the sha512 benchmark is the same despite my system having 2x the GPUs of the posted one.
This is my sha512 + sha512crypt benchmark result :
Quote:cudaHashcat64.bin -b --benchmark-mode 1 -m 1700
cudaHashcat v1.01 starting in benchmark-mode...
Device #1: Tesla K20m, 4799MB, 705Mhz, 13MCU
Device #2: Tesla K20m, 4799MB, 705Mhz, 13MCU
Device #3: Tesla K20m, 4799MB, 705Mhz, 13MCU
Device #4: Tesla K20m, 4799MB, 705Mhz, 13MCU
Hashtype: SHA512
Workload: 128 loops, 256 accel
Speed.GPU.#1.: 50713.8 kH/s
Speed.GPU.#2.: 50854.4 kH/s
Speed.GPU.#3.: 51067.6 kH/s
Speed.GPU.#4.: 50880.3 kH/s
Speed.GPU.#*.: 203.5 MH/s
Quote:cudaHashcat v1.01 starting in benchmark-mode...
Device #1: Tesla K20m, 4799MB, 705Mhz, 13MCU
Device #2: Tesla K20m, 4799MB, 705Mhz, 13MCU
Device #3: Tesla K20m, 4799MB, 705Mhz, 13MCU
Device #4: Tesla K20m, 4799MB, 705Mhz, 13MCU
Hashtype: sha512crypt, SHA512(Unix)
Workload: 5000 loops, 8 accel
Speed.GPU.#1.: 6321 H/s
Speed.GPU.#2.: 6383 H/s
Speed.GPU.#3.: 6406 H/s
Speed.GPU.#4.: 6401 H/s
Speed.GPU.#*.: 25511 H/s
But I've noticed other strange behaviours:
- Using
Code:
--cpu-affinityCode:
top- Letting one single GPU device with
Code:
-dSo, my questions are:
- Is it normal for the CPU usage to be that high?
- Is there a change the system us CPU bound?
- Is there any way to improve my performance?
Thanks to anyone that can help me.
↧