Quantcast
Channel: hashcat Forum - All Forums
Viewing all 8042 articles
Browse latest View live

TrueCrypt system drive and non-system partition

September 1, 2014, 6:05 am
$
0
0
I was experimenting with TrueCrypt on a computer and during my weeks away from that computer I ending up forgetting the TrueCrypt password.

In Win7 64 I created two different TrueCrypt 7.1 standard (not hidden) volumes(?) using the default AES encryption algorithm. I believe I used either RIPEMD-160 or SHA-512 as the hash algorithm, I'm leaning towards SHA-512.

On SDA, I encrypted the entire system drive. On SDB, I encrypted a single non-system partition.

I believe my password was 10 characters and I remember some characters that will let me make a mask to significantly narrow down the possibilities.

Using 'dd', I pulled the first 512 bytes from every partition (for example, dd if=/dev/sdb3 of=/hashSDB3 bs=512 count=1), I also did dd on the straight device name (i.e. if=/dev/sdb).

To be comprehensive, I've been running 6211, 6221, 6231, and 6241 against my hash copies with a mask. I use at least one custom charset, referencing a .hcchr file containing the characters (UTF-8 file format). My charset(s) are just a small number of latin upper and lower letters, along with digits 0 to 9, and the special characters associated with digits 0 to 9.

As a test, in Linux, I used TrueCrypt to encrypt a different non-system partition on SDB and pulled the hash using the above dd command. I ran hashcat (in Linux, too) with 6211 and the password was found.

I've been trying to have the same luck with my Windows created volumes over the last few days and have had no success.


Could I be copying the hash wrong for my Windows created volumes? Not enough bytes? Do I need to use dd or can I just run hashcat directly against /dev/SDA, etc.?

Could I be having a character encoding issue do to creation in Win7 and working in Linux with UTF-8 charsets? In Linux, I ran my Linux-created non-system partition (mentioned above) against charset .hcchrs that were saved with 1252 encoding and another time with 8859-1 encoding and was still successful in recovering the password.

Booting SDA (the encrypted system drive) does show me the TrueCrypt prompt, but I still wonder if I might have damaged my disk during recent travel.

I have my TrueCrypt Rescue Disk, too. Not sure if there is some way to recover a hash from the disk. I've tried what I believe to be my password and a few variations after doing a boot to the rescue disk. I've had no luck.

I have a Nvidia 600 series. I'm using cudaHashcat-1.30 in Linux.

Any suggestions would be very appreciated. Thank you.
Search

Support for multiple input files

September 1, 2014, 1:31 pm
$
0
0
Hello there,

is there a way for oclHashcat to specify multiple input and output files in one instance?

So i want to give multiple input files like "hash1.txt" and "hash2.txt" and set the output files like "hash1_found.txt" and "hash2_found.txt".

Is there a way to do this or planned in future versions?

R9 285

September 2, 2014, 8:32 am
$
0
0
wiki for details. Awaiting benchmarks Smile (they may be similar but 60 watt less consumption) In games the 280 and 285 perform basically the same but 285's TDP is 190 instead of 250watt. New users about buying a 280 may get a 285 I guess. But first benchmarks..

Hashcat

September 2, 2014, 11:06 am
$
0
0
Does hashcat crack online passwords or it only does with system?

Trying to get the password to a skype account

September 2, 2014, 1:18 pm
$
0
0
i think i did everything correctly i got a wordlist hash and everything but when i start it it waits like a couple of seconds and says it is completed but it does bot give me my password any help?

Using WPA2 DK PSK (derrived Key) instead of 4Way Handshake

September 2, 2014, 4:27 pm
$
0
0
Hi All,

I'm trying to audit WPA2 keys set on a number of branch location sites automatically. The controllers don't keep the plaintext, only the PSK (PBKDF2 derived key) from the following process:

DK = PBKDF2(Passphrase,SSID,SSID.length,2096,256).

There doesn't appear to be a way of feeding this data into oclHashcat ... to my mind the ability to crack this has to be supported due to the existing WPA2 support?

I guess as a workaround, would it be possible to use this data to create a 'fake' 4 way handshake capture, allowing (in a rather backwards) way to achieve this?

Would be interested to know if theres something more complex I haven't considered going on here between the two formats, or if this functionality could be easily supported? A lot of WLAN controllers store the passphrase in this way in on-disk configs and backups etc.

Regards,
TrX

Line length exception with sha1-hmac (mode 150)

September 3, 2014, 4:28 am
$
0
0
I've managed to get hashcat working just fine for cracking sha1-hmac for small amounts of data, but for larger I am getting line length exception. I won't post the real hashes I'm working on, but I've created a new hash that exhibits the same problem:

Code:
echo -n "BAhbB2wrB9IClklVOiBBY3RpdmVTdXBwb3J0OjpUaW1lV2l0aFpvbmVbCEl1OglUaW1lDaulHMDYsjYx​BzoLQF96b25lSSIIVVRDBjoGRVQ6DXN1Ym1pY3JvIgYASSIIVVRDBjsIRkAL" | openssl sha1 -hmac "secret"
4ec76d1731998e6aeaa176d4962d9531d4e5f500

When I try to crack this with hashcat (./hashcat-cli64.app -m 150 hashes.txt wordlist.txt) I get:

Code:
Skipping line: 4ec76d1731998e6aeaa176d4962d9531d4e5f500:BAhbB2wrB9IClklVOiBBY3RpdmVTdXBwb3J0Ojp​UaW1lV2l0aFpvbmVbCEl1OglUaW1lDaulHMDYsjYxBzoLQF96b25lSSIIVVRDBjoGRVQ6DXN1Ym1pY3J​vIgYASSIIVVRDBjsIRkAL (line length exception)

Is there any way around this?

CudaHashcat 1.30 TrueCrypt Test Fails

September 3, 2014, 5:14 pm
$
0
0
CudaHashcat 1.31 seems to fail under the following circumstances:

Using TrueCrypt 7.1a, create a 1 megabyte encrypted file container as a Standard TrueCrypt volume named Test.tc using the default AES Encryption Algorithm with the RIPEMD-160 Hash Algorithm. Use a simple 4 character password such as Test making it easy to crack. Format the drive, then mount it in TrueCrypt to verify it is readable. Quit TrueCrypt and copy the file container test.tc to a fresh copy of the cudaHashcat-1.30 system.

Using Windows XP SP 3 with an updated NVidia display driver version 337.88 or greater, open a DOS box and change directories to the cudaHashcat-1.30 folder. Create a cmd file Test1.cmd and add the following lines:

cudaHashcat32.exe -a 3 -m 6211 Test.tc ?a?a?a?a
pause

Save, then run the cmd file. On my system(s) Hashcat loads and begins operating as expected, however it processes the entire hash set in about an hour before exiting as if it was unable to find any password.

Adding the known password to a dictionary file and re-running Hashcat with a mode 0 straight attack returns instantly with a status of Exhausted and no password found.

Is there anything I can do to try and track down this type of failure?

Thanks in advance.
Search

Cannot run cudaHashcat-1.30 - nvcuda.dll error

September 4, 2014, 7:04 am
$
0
0
I am trying to run cudaHashcat -1.30 and it gives me this error. The error comes when i run the file form both manually or hashcatgui.

[Image: 3a49d6b7ad0fb626820fbada9b051bda.png]

I am using an Nvidia graphics card and using the nvidia version of cudaHashcat.

I see that NV users require ForceWare 331.67 or later. Could this be the problem? I tried searching a download for ForceWare but nothing came up. Maybe could someone link me to a download?

I appreciate if someone could help me fix this error. Thanks.

WARN: Failed to get ADL Target Tempature Data.

September 4, 2014, 1:31 pm
$
0
0
Right now I have 4 r280x and one 7950 connected to my box.
.png  all.cards.png (Size: 237.68 KB / Downloads: 2)


However, one of these cards is a problem child.
.png  all.cards.png (Size: 237.68 KB / Downloads: 2)


I am using oclhashcat 1.30 and (driver fusion to erase first, then I put) amd-catalyst-14.7-rc3-windows-aug12 for my driver.
.png  drivers.14.7.rc3.png (Size: 26.59 KB / Downloads: 0)


So I had the idea of ignoring all temperatures and I get this result
.png  what happens.when I disable all gpu-temp.png (Size: 47.21 KB / Downloads: 1)


So when I remove the problem child card everything seems to working out. It will go through the --benchmark, (it stalls on scrypt for some reason), but it works good for what I need to do.

Is there are way I can get access to oclHashcat 1.31? Is there a public repo?

I am adding 4 more cards to the same box by the end of the week. I am gonna to see if this 8 card limit matters when you are not using crossfire.

.png  GPU.TEMP.ABORT.png (Size: 77.9 KB / Downloads: 2)

.png  after taking out the bad card..png (Size: 201.83 KB / Downloads: 2)

Performance / GeForce GTX 760

September 4, 2014, 8:47 pm
$
0
0
I am running 1x NVIDIA GeForce GTX 760 and want to share my speed results. What do you say about these values?

OS: Windows 8.1 Pro x64

---

Wordlist attack on cudaHashcat (MD5): 560 MH/s

Bruteforce attack on cudaHashcat (MD5): 1480 MH/s

Error with bruteforce using mask

September 5, 2014, 3:23 pm
$
0
0
I try using masks in bruteforce attack but never finish...only aborted...

Quote:Session.Name...: 1
Status.........: Aborted
Input.Mode.....: Mask (?d?d?d?d?d?d?d?d?d?d) [10] (24.61%)
Hash.Target....: File (C:\cudaHashcat-1.30\cudaHashcat
-1.30\buscarcuda.txt)
Hash.Type......: vBulletin > v3.8.5
Time.Started...: Sat Sep 06 00:07:47 2014 (1 min, 3 secs)
Time.Estimated.: Sat Sep 06 00:13:30 2014 (21 secs)
Speed.GPU.#1...: 126.9 MH/s
Recovered......: 0/3 (0.00%) Digests, 0/3 (0.00%) Salts
Progress.......: 22362368000/30000000000 (74.54%)
Skipped........: 0/22362368000 (0.00%)
Rejected.......: 0/22362368000 (0.00%)
HWMon.GPU.#1...: 99% Util, 77c Temp, N/A Fan


My command.

Quote:cudaHashcat64.exe -a 3 -m 2711 -p : --session=1 -o "C:\cudaHashcat-1.21\buscarcuda_found.txt" --outfile-format=3 -n 240 --markov-disable -u 1024 --gpu-temp-abort=80 --gpu-temp-retain=75 -d 1 "C:\cudaHashcat-1.30\buscarcuda.txt" "C:\cudaHashcat-1.30\masks\rockyou-1-60.hcmask"

Thnks in advance!

Hashcat won't crack same hash twice

September 6, 2014, 11:01 am
$
0
0
I've been messing with hashcat and i noticed that it wont attempt to crack a hash i already cracked. I've been testing with MD5.

For exmaple:
I put c4ca4238a0b923820dcc509a6f75849b in hash.txt from my dekstop.
It successfully cracks it and stores 1 in hash.txt in hashcat folder.

I delete both files and i also put the same hash in a different file name. Ex: I put the same hash c4ca4238a0b923820dcc509a6f75849b in hash2.txt
It should output the cracked hash in hash2.txt in hashcat folder but it does not. It works fine if i put a different hash i never cracked before.
In the cmd it shows as if it was cracked. It just does not output it.

[Image: dc6e22ba6059f8fbf13e5a3875dbde3f.png]

Why does it only crack a hash once?

wordpress md5 help

September 6, 2014, 1:08 pm
$
0
0
hey all hello Smile

i need help for wordpress dycrpto

<removed>

or use the command you tell me a single list.


Thanks for your helping.

Stacking Wordlists

September 6, 2014, 2:39 pm
$
0
0
Hi everyone

I just started playing around with oclHashcat and I am having some trouble figuring something out.

In a nutshell I want to row up several wordlists and have oclHashcat kind of just bruteforce its way through all of them, rather then sit there and wait for it to finish one then load the next.

Is this even possible?

If yes could someone help me with the commands that I would need to enter.

Thank you.
Search

need help about crack hash

September 7, 2014, 3:39 am
$
0
0
Hello to all !
I am new members at this forum !
I want to learn how to crack email:hash list password md5 32 digits
I had read about hashcat, download worldlist but i dont know how to crack them.
Who know please teach me, show tutorial about it
I ready need, plsssssss
What tool or software need?
How to do it? from first thing to all
Help pls
I am using windows 7 64bits, just CPU

how 2 compile olchashcat in kali linux 386 ??

September 7, 2014, 8:20 pm
$
0
0
please help me getting start with olchashcat iin linux

i have finaly install ubuntu 14.04 in a partition and kali linux 386 (32bits) in another 50gig partition ext4.
i haved destroyed my windows 8 lollllllllllllllllll accidently ....ok time to go to the next level... Smile
i have used crunch and aircrack............ with no success up to now
i am still scrolling codes since 500 hours now on another pc on kali
i have crack 3 wep easaly with beinni but only captured handshakes for wpa2....
so now i think by converting those cap files to olchascat cap format i will have the luck to decrypt easaly with the powerfull olchashcat engine.....

but i even not know how 2 compile a unassemble program in linux....

makefile something but how in configure parameters in a root terminal

ie: makefile olchashcat .........................................??????

Need a good word list

September 8, 2014, 7:00 am
$
0
0
Hi, i need a good word list for dictionary attacks. So far i'm only cracking 1/2 of my MD5s with my 3GB word list. I heard there's a 10GB one. Can anyone hook me up? Peace.

Colliding password protected MS office 97-2003 documents

September 8, 2014, 12:46 pm
$
0
0
I recently worked on adding support to oclHashcat in order to crack the different versions of password protected MS Office documents. So far I've finished MS Office 2013, 2010, 2007 and the 97-2003 versions (there are different ones). The next version of oclHashcat (v1.31) will ship with support for all these versions.

While I was working on the 97-2003 version I found out that there's a weakness in the scheme that I want to share. I'm not sure if this technique is already known, but I've never seen a cracker that does what is neccessary to exploit it. OTH, I don't know all of them. Also, as far as I understood it, this attack is different to the flaw discovered back in 2005, when Office is using the same keystream to encrypt two different versions / revisions of the same document, but don't nail me on that!

The following explanations describe the vulnerability to a meet-in-the-middle attack. If you don't know what I mean with meet-in-the-middle attack, see here: https://hashcat.net/events/p13/js-ocohaaaa.pdf

With a single hd7970 I'm able to collide every password protected MS Office 97-2003 documented using MD5/RC4 in less than 6 hours! And yes, you can open the document "normally" with a collided password. In order to explain it you first need to understand the KDF MS office uses.

KDF
  1. Generate 16 byte random salt
  2. Calculate MD5 of unicode version of the password
  3. Truncate 16 byte result to 5 byte
  4. Generate a string of length 336 byte by repeating the string "$digest$salt" 16 times -- (16 * (5 + 16)) = 336
  5. MD5 the 336 bytes
  6. Truncate 16 byte result to 5 byte
  7. Append 4 byte zeros to result
  8. MD5 the 9 bytes
  9. Use 16 byte result as 128 bit RC4 Key
  10. Decrypt encryptedVerifier with RC4 to decryptedVerifier
  11. Decrypt encryptedVerifierHash with RC4 to decryptedVerifierHash
  12. MD5 the decrypted encryptedVerifier
  13. Compare 16 byte result with decrypted encryptedVerifierHash

OK, what is this encryptedVerifier and encryptedVerifierHash? From oclHashcat's view it's just two blocks of random data of length 16 bytes. Why is MS office doing this? The answer is it enables a key validation. The idea is the following: generate 16 bytes of random data, then run it through MD5. Then store both, the original random data and the MD5 result after both were encrypted with RC4. Now, if one has the correct RC4 Key, he can decrypt back to the original random data and MD5 it. If the result matches the decryptedVerifierHash data we know we use the correct RC4 Key. Office will work the same way.

MS original description: http://msdn.microsoft.com/en-us/library/...12%29.aspx

Problem

The problem here is the truncation of the MD5 digest in step 6. OK, the key for the RC4 is 128 bit, but it is calculated out of a MD5 which uses just a 40 bit input (because the last 32 bit are just zeros).

Exploitation

The idea is to iterate through those 2^40 combinations, beginning from step 8. Once we find the correct RC4 Key, which is the case when step 13 is true, we do not need to do those steps ever again. From now on, in oclHashcat, we will just calculate steps 1-5 and then compare the first 5 byte with our pre-cracked intermediate hash. That's the meet-in-the-middle attack.

To make it more comfortable, this technique requires two seperate oclHashcat modes. The first to brute-force the intermediate hash and once you cracked it just store it. Then you can use oclHashcat "normally" with the second mode. This mode works with the previosly cracked key and therefore only needs to calculates steps 1-5. Note that in this second mode you are not stick to Brute-Force, you can use any attack-mode you want. Actually you will not need to do that unless you try to find the real password that was used (forensic stuff). Just continue reading...

So I made some real life tests how the cracking performance changes. One need to know RC4 isn't very GPU friendly. If we can avoid to compute it we will speed up the performance alot. The current speed, on a single hd7970, to crack password protected MS office 97-2003 documents is ~65 MH/s. That's still faster than any other cracker but if we exploit the weakness the numbers changes as following (on a single hd7970):
  • The first mode to pre-crack 2^40 combinations with a speed of ~80MH/s
  • The first mode is guaranteed to succeed and will take a maximum of 4 hours (2 hours avg)
  • The second mode to calculate steps 1-5. I tried it with a hand-hacked kernel, as a form of a prototype, it will do ~ 390MH/s

So we can speed up from 66MH/s to 390MH/s on a single hd7970. Not too bad, eh?

Colliding

With 390MH MH/s, all we need to find is a MD5 digest where the first 5 byte matches the precomputed intermediate hash. Problem is that in theory even by iterating through 2^40 combinations it's not guaranteed to find at least one matching one. But I believe there's still a good chance as it's only the first 5 byte we need to collide. After that, the collision will work as a valid password in MS Office.

In the following experiment below I found my first collision after 14 seconds :-)


Here's the log from my experiment that I made to ensure all this theoretical stuff is really working:

Note: If you're wondering what this code section is about, ignore it. It's just info for myself if I want to reproduce it

First mode, precompute intermediate hash

Code:
// kernel hacked at position step 5, check final hash to get out the intermediate hash
// comment out everything up to here
// use ?b?b?b?b?b mask to simulate countercracker
// --outfile-format 5
// --markov-disable (easier to debug)
// remove unicode in host

// w0_t[0]  = digest[0];
// w0_t[1]  = digest[1] & 0xff;
w0_t[0]  = w0[0];
w0_t[1]  = w0[1] & 0xff;

Quote:
root@et:~/oclHashcat-1.31# ./oclHashcat64.bin -m 9700 hash -a 3 ?b?b?b?b?b -w 3 --potfile-disable
oclHashcat v1.31 starting...

Device #1: Tahiti, 2967MB, 1000Mhz, 32MCU
Device #2: Tahiti, 2967MB, 1000Mhz, 32MCU
Device #3: Tahiti, 2967MB, 1000Mhz, 32MCU

Hashes: 1 hashes; 1 unique digests, 1 unique salts
Bitmaps: 8 bits, 256 entries, 0x000000ff mask, 1024 bytes
Applicable Optimizers:
* Zero-Byte
* Precompute-Init
* Not-Iterated
* Single-Hash
* Single-Salt
* Brute-Force
Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 80c
Device #1: Kernel ./amd/m9700_a3.cl (31816 bytes)
Device #1: Kernel ./amd/markov_le_v1.cl (10294 bytes)
Device #1: Kernel ./amd/bzero.cl (887 bytes)
Device #2: Kernel ./amd/m9700_a3.cl (31816 bytes)
Device #2: Kernel ./amd/markov_le_v1.cl (10294 bytes)
Device #2: Kernel ./amd/bzero.cl (887 bytes)
Device #3: Kernel ./amd/m9700_a3.cl (31816 bytes)
Device #3: Kernel ./amd/markov_le_v1.cl (10294 bytes)
Device #3: Kernel ./amd/bzero.cl (887 bytes)

$oldoffice$1*d6aabb63363188b9b73a88efb9c9152e*afbbb9254764273f8f4fad9a5d82981f*6​f09fd2eafc4ade522b5f2bee0eaf66d:$HEX[f2ab1219ae]

Session.Name...: oclHashcat
Status.........: Cracked
Input.Mode.....: Mask (?b?b?b?b?b) [5]
Hash.Target....: $oldoffice$1*d6aabb63363188b9b73a88efb9c9152e*afbbb9254764273f8f4fad9a5d82981f*6​f09fd2eafc4ade522b5f2bee0eaf66d
Hash.Type......: MS Office <= 2003 MD5 + RC4, oldoffice$0, oldoffice$1
Time.Started...: Mon Sep 8 19:44:59 2014 (52 mins, 9 secs)
Speed.GPU.#1...: 79666.8 kH/s
Speed.GPU.#2...: 79675.2 kH/s
Speed.GPU.#3...: 79660.5 kH/s
Speed.GPU.#*...: 239.0 MH/s
Recovered......: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts
Progress.......: 747777294336/1099511627776 (68.01%)
Skipped........: 0/747777294336 (0.00%)
Rejected.......: 0/747777294336 (0.00%)
HWMon.GPU.#1...: 92% Util, 43c Temp, 37% Fan
HWMon.GPU.#2...: 88% Util, 43c Temp, 37% Fan
HWMon.GPU.#3...: 92% Util, 44c Temp, 37% Fan

Started: Mon Sep 8 19:44:59 2014
Stopped: Mon Sep 8 20:37:12 2014


Now that we have the intermediate hash $HEX[f2ab1219ae], we can move forward to our second module:

Second mode, collide intermediate hash

Code:
// kernel hacked at Position step 5, check intermediate Hash:
// switch back to unicode

uintx a = 0;
uintx b = 0;
uintx c = 0;
uintx d = 0;

if ((digest[0] == swap_workaround (0xf2ab1219)) && ((digest[1] & 0xff) == swap_workaround (0xae000000)))
{
  a = search[0];
  b = search[1];
  c = search[2];
  d = search[3];
}

// comment out everything from here

Quote:
root@et:~/oclHashcat-1.31# ./oclHashcat64.bin -m 9700 hash -a 3 ?a?a?a?a?a?a -w 3 --potfile-disable
oclHashcat v1.31 starting...

Device #1: Tahiti, 2967MB, 1000Mhz, 32MCU
Device #2: Tahiti, 2967MB, 1000Mhz, 32MCU
Device #3: Tahiti, 2967MB, 1000Mhz, 32MCU

Hashes: 1 hashes; 1 unique digests, 1 unique salts
Bitmaps: 8 bits, 256 entries, 0x000000ff mask, 1024 bytes
Applicable Optimizers:
* Zero-Byte
* Precompute-Init
* Not-Iterated
* Single-Hash
* Single-Salt
* Brute-Force
Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 80c
Device #1: Kernel ./amd/m9700_a3.cl (32100 bytes)
Device #1: Kernel ./amd/markov_le_v1.cl (10294 bytes)
Device #1: Kernel ./amd/bzero.cl (887 bytes)
Device #2: Kernel ./amd/m9700_a3.cl (32100 bytes)
Device #2: Kernel ./amd/markov_le_v1.cl (10294 bytes)
Device #2: Kernel ./amd/bzero.cl (887 bytes)
Device #3: Kernel ./amd/m9700_a3.cl (32100 bytes)
Device #3: Kernel ./amd/markov_le_v1.cl (10294 bytes)
Device #3: Kernel ./amd/bzero.cl (887 bytes)

$oldoffice$1*d6aabb63363188b9b73a88efb9c9152e*afbbb9254764273f8f4fad9a5d82981f*6​f09fd2eafc4ade522b5f2bee0eaf66d:zvDtu!

Session.Name...: oclHashcat
Status.........: Cracked
Input.Mode.....: Mask (?a?a?a?a?a?a) [6]
Hash.Target....: $oldoffice$1*d6aabb63363188b9b73a88efb9c9152e*afbbb9254764273f8f4fad9a5d82981f*6​f09fd2eafc4ade522b5f2bee0eaf66d
Hash.Type......: MS Office <= 2003 MD5 + RC4, oldoffice$0, oldoffice$1
Time.Started...: Mon Sep 8 21:31:16 2014 (14 secs)
Speed.GPU.#1...: 392.6 MH/s
Speed.GPU.#2...: 392.6 MH/s
Speed.GPU.#3...: 392.6 MH/s
Speed.GPU.#*...: 1177.8 MH/s
Recovered......: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts
Progress.......: 15860301824/735091890625 (2.16%)
Skipped........: 0/15860301824 (0.00%)
Rejected.......: 0/15860301824 (0.00%)
HWMon.GPU.#1...: 98% Util, 43c Temp, 37% Fan
HWMon.GPU.#2...: 98% Util, 43c Temp, 39% Fan
HWMon.GPU.#3...: 98% Util, 43c Temp, 41% Fan

Started: Mon Sep 8 21:31:16 2014
Stopped: Mon Sep 8 21:31:34 2014

Collision found in 14 seconds Smile

Of course, there's no guarantee always to find a collision in 14 seconds, but it will not take to long...


Test

Yes, you can use the collision to open the document. If you want to try, here's the .doc I've been using:

Document: https://hashcat.net/misc/DocOld2010.doc

You can use both passwords:
  • hashcat
  • zvDtu!
I'm going to add the above mentioned two special modes to oclHashcat v1.31. Feedback welcome!

Jens "atom" Steube

Question on word lists

September 9, 2014, 4:26 pm
$
0
0
I'm thinking of stacking a lot of word lists i find on the web.

In other words. Will having multiple word lists with the same passwords take longer?
Does it make sense to stack a lot of word lists?
Viewing all 8042 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>