Quantcast
Channel: hashcat Forum - All Forums
Viewing all 7816 articles
Browse latest View live

how do i stop duplicate characters brute force

January 6, 2015, 11:39 am
$
0
0
Hi,

I have searched high and low, near and far but i can't seem to figure out how to disable duplicate characters in row when brute forcing my hash or if you can disable say more than 3 of the same character in a row, i briefly read about the -q command but straight after it they said it doesn't work with hashcat.
The advantaged it would be it will be significantly quicker this way knowing there are no duplicates

The problem incase i made it sound confusing

disabling 2 or more of the same characters in a row but allowing to used again as long as its not next to the same character
AABCA
ABBCB

disabling 3 or more of the same characters in a row but allowing to used again as long as its not next to the same character
AAABCDA
ABCCCDC

I am using cuda hashcat 1.31 for windows

If its easier to do it in a linux OS i could do a side by side install (would rather not) i do have a old laptop with linux on it but its lacking any sort of processing power

I am more than happy to read up on it, i just don't know a specific phrase to search for, it would be much appreciated if someone could point me in the right direction

Thanxz in advance
Search

How to make Hashcat include dupes in outfile?

January 6, 2015, 3:23 pm
$
0
0
Hi, I run hashcat on hashlist & and I need output with all words for statistics. There is duplicates in hashlist but hashcat doesn't output same word twice. "--disable-potfile" option didn't help to make hashcat work on dupe hashes. I'm a bit lost here, so any help is welcome.


I'm using this command(paths removed):
"hashcat-cli64.exe -a 0 -m 0 -p : -o "E:\" --outfile-format=2 --disable-potfile -n 4 -c 64 "E:\" "E:\""

PrinceProcessor now open source

January 7, 2015, 8:32 am

Hardware suggest

January 8, 2015, 4:56 am
$
0
0
I'm planning to use my Mac for password cracking it has a GT750M-1GB GPU and CPU of Core i5 2.9(haswell).
I know using hashcat against oclhashcat for brute-force method is not good practice... so the answer i need to know is about "GT750M-1GB GPU", Does it perform well or i need to use a better GPU?

note: the password i need to crack has 69 length

oclHashcat complaining with correct driver installed

January 8, 2015, 5:11 am
$
0
0
Hi,

I have Version 1.31 runnining on Ubuntu 14.04 with AMD Catalyst 14.9.

Somehow oclhashcat complains about a wrong driver version:

Code:
~/oclHashcat-1.31$ ./oclHashcat64.bin -b
oclHashcat v1.31 starting in benchmark-mode...

Device #1: Tahiti, 3022MB, 1050Mhz, 32MCU
Device #2: Tahiti, 3022MB, 1050Mhz, 32MCU
Device #3: Tahiti, 3022MB, 1050Mhz, 32MCU

STOP! Unsupported or incorrect installed GPU driver detected!
[...]

Installed driver

Code:
$ fglrxinfo
display: :0  screen: 0
OpenGL vendor string: Advanced Micro Devices, Inc.
OpenGL renderer string: AMD Radeon HD 7900 Series
OpenGL version string: 4.4.13084 Compatibility Profile Context 14.301.1001

Code:
$ clinfo | grep -i "driver version"
  Driver version:                                1214.3 (VM)

Any hints what I did wrong?

Parsing multipe wpa handshake from a merged cap file.

January 8, 2015, 6:49 am
$
0
0
Hi all,
I have a cap file (resulted in mergeing multipe wpa cleaned cap files,using: mergecap), but the original cap files that made the final BIG cap files are deleted. So i'm trying to extract the cap files and converting them to hccap, i can do that with: aircrack-ng & -J command but that would convert only 1 cap bassing on the index i give, ex:
Quote:$ aircrack-ng tt1.cap -J out2
Opening tt1.cap
Read xxxx packets.

# BSSID ESSID Encryption

1 XX:XX:XX:XX:XX:XX xx WPA (1 handshake)
2 XX:XX:XX:XX:XX:XX xx WPA (1 handshake)
3 XX:XX:XX:XX:XX:XX xx WPA (1 handshake)
4 XX:XX:XX:XX:XX:XX xx WPA (1 handshake)
5 XX:XX:XX:XX:XX:XX xx WPA (1 handshake)
6 XX:XX:XX:XX:XX:XX xx WPA (1 handshake)
7 XX:XX:XX:XX:XX:XX xx WPA (1 handshake)
........ (real ... :-) )

Index number of target network ? 1

Opening tt1.cap
Reading packets, please wait...

Building Hashcat (1.00) file...

[*] ESSID (length: x): xx
[*] Key version: 1
[*] BSSID: XX:XX:XX:XX:XX:XX
[*] STA: XX:XX:XX:XX:XX:XX
[*] anonce:
XX:XX:XX:XX:XX:XXXX:XX:XX:XX:XX:XXXX:XX:XX:XX:XX:XXXX:XX:XX:XX:XX:XXXX:XX:XX:XX:​XX:XX
[*] snonce:
XX:XX:XX:XX:XX:XXXX:XX:XX:XX:XX:XXXX:XX:XX:XX:XX:XXXX:XX:XX:XX:XX:XXXX:XX:XX:XX:​XX:XX
[*] Key MIC:
XX:XX:XX:XX:XX:XXXX:XX:XX:XX:XX:XXXX:XX:XX:XX:XX:XXXX:XX:XX:XX:XX:XXXX:XX:XX:XX:​XX:XX
[*] eapol:
XX:XX:XX:XX:XX:XXXX:XX:XX:XX:XX:XXXX:XX:XX:XX:XX:XXXX:XX:XX:XX:XX:XXXX:XX:XX:XX:​XX:XXXX:XX:XX:XX:XX:XXXX:XX:XX:XX:XX:XXXX:XX:XX:XX:XX:XXXX:XX:XX:XX:XX:XXXX:XX:X​X:XX:XX:XXXX:XX:XX:XX:XX:XXXX:XX:XX:XX:XX:XXXX:XX:XX:XX:XX:XXXX:XX:XX:XX:XX:XXXX​:XX:XX:XX:XX:XXXX:XX:XX:XX:XX:XXXX:XX:XX:XX:XX:XXXX:XX:XX:XX:XX:XXXX:XX:XX:XX:XX​:XXXX:XX:XX:XX:XX:XXXX:XX:XX:XX:XX:XXXX:XX:XX:XX:XX:XX

Successfully written to out2.hccap


Quitting aircrack-ng...

$
And i've trying extracting cap files from the big file, using tshark:
Quote:tshark -r tt1.cap wlan.bssid == XX:XX:XX:XX:XX:XX -w out.cap
and when trying to convert them to hccap using aircrack-ng:
Quote:$ aircrack-ng extract.cap -J out3
Opening extract.cap
Unsupported file format (not a pcap or IVs file).
Read 0 packets.

No networks found, exiting.


Quitting aircrack-ng...
$
Even that when oppening the file with wireshark i see it's -kind of- normal.
There's a solution (a stupid one) is to make a script to open the aircrack-ng with the tt1.cap and enter every time an index until the nth, but that mean that the aircrack-ng will need to read the file every time, it would need days to finish.
So what i need is to extract the cap files from tt1.cap (and them i can convert them with aircrack or cap2hccap) or to undo mergecap.
I've also tried to read the file by parsing it bassing on offset range (i've read http://hashcat.net/wiki/doku.php?id=hccap), but faild cause the every cap in tt1.cap have some random bytes before essid and so i can't parse it by using the range: 0x00-0x187 for every cap.

Thanks and sorry for my bad english.

PRINCE creating dups

January 8, 2015, 9:47 am
$
0
0
for example i have a wordlist containing the following:
Code:
my
password
is
the
best

but i get a lot of dups even though the wordlist itself has unique words:
Code:
mypasswordisthebest
mypasswordisthebest
mypasswordisthebest
mypasswordisthebest
mypasswordisthebest
mypasswordisthebest

hashcat-cli64.bin -a 6 --stdout example.dict | wc -l
124184
hashcat-cli64.bin -a 6 --stdout example.dict | sort -u | wc -l
113987

any way to de-dup this?

cracked WPA doesnt work

January 8, 2015, 1:05 pm
$
0
0
Hi all,

So i have been cracking WPA keys for quite a while now. Yesterday i collected myself a handshake and started running a few dic attacks with succes. When trying to connect with the password however i get a popup asking me to re-enter my password. To try and find the cause i tried the following:
1. deleted specific entry in cudahashcat.pot
2. captured new handshake with different method and reran dict attack (validated handshake with cowputty)
3. tried placing same password in different dic and it found the password again
4. Cloned mac addresses of (past) connected clients before connecting
5. Confirm signal strength is OK

I am running out of idea's what might cause this problem. Whatever i do, i keep getting the same key. Whats up with this?


Generated dictionary stats for C:\homegrown.dic: 3558 bytes, 503 words, 503 keyspace


INFO: approaching final keyspace, workload adjusted

WIRELESS:1449e070xxxx:4ceb4223xxxx:passwordhere

Session.Name...: cudaHashcat
Status.........: Cracked
Input.Mode.....: File (C:\homegrown.dic)
Hash.Target....: WIRELESS (14:49:e0:70:XX:XX <-> 4c:eb:42:23:XX:XX)
Hash.Type......: WPA/WPA2
Time.Started...: 0 secs
Speed.GPU.#1...: 94 H/s
Recovered......: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts
Progress.......: 503/503 (100.00%)
Skipped........: 0/503 (0.00%)
Rejected.......: 455/503 (90.46%)
HWMon.GPU.#1...: 58% Util, 49c Temp, N/A Fan
Search

performance diffrence PCIe

January 9, 2015, 6:30 am
$
0
0
I know there isn't really any performance difference in games between PCIe 2.0/3.0 and/or x8/x16, but is this also the case with oclHashcat, or can it actually make use of the extra bandwidth?

ERROR: cuModuleLoad() 301

January 9, 2015, 6:51 am
$
0
0
os: linux 2.6.32
version:cudaHashcat-1.31
gpu:nvida k80

ERROR: cuModuleLoad() 301

oclHashcat arent recovering hash

January 9, 2015, 10:42 am
$
0
0
Hi.
I tried to use hashcat but arent recovering any hash, used a simple MD5 to test: 2e9e46ee0434d56576d2907b6a9cc7d6 and I didnt get any result, should be: zakz1
In CPU hashcat worked fine, recovered the MD5.

Results:

GPU

Code:
Session.Name...: oclHashcat
Status.........: Running
Input.Mode.....: Mask (?1?1?1?1) [4]
Hash.Target....: 2e9e46ee0434d56576d2907b6a9cc7d6
Hash.Type......: MD5
Time.Started...: 0 secs
Time.Estimated.: 0 secs
Speed.GPU.#1...: 11320.2 kH/s
Recovered......: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.......: 1679616/1679616 (100.00%)
Skipped........: 0/1679616 (0.00%)
Rejected.......: 0/1679616 (0.00%)
HWMon.GPU.#1...:  5% Util, 52c Temp, N/A Fan


INFO: approaching final keyspace, workload adjusted


Session.Name...: oclHashcat
Status.........: Exhausted
Input.Mode.....: Mask (?1?1?1?1?1) [5]
Hash.Target....: 2e9e46ee0434d56576d2907b6a9cc7d6
Hash.Type......: MD5
Time.Started...: 0 secs
Time.Estimated.: 0 secs
Speed.GPU.#1...:   208.3 MH/s
Recovered......: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.......: 60466176/60466176 (100.00%)
Skipped........: 0/60466176 (0.00%)
Rejected.......: 0/60466176 (0.00%)
HWMon.GPU.#1...:  0% Util, 53c Temp, N/A Fan

Started: Fri Jan 09 16:40:27 2015
Stopped: Fri Jan 09 16:40:29 2015

CPU
Code:
Input.Mode: Mask (?1?1?1?1) [4]
Index.....: 0/1 (segment), 1679616 (words), 0 (bytes)
Recovered.: 0/1 hashes, 0/1 salts
Speed/sec.: 16.62M plains, 16.62M words
Progress..: 1679616/1679616 (100.00%)
Running...: --:--:--:--
Estimated.: --:--:--:--

2e9e46ee0434d56576d2907b6a9cc7d6:zakz1

All hashes have been recovered

Input.Mode: Mask (?1?1?1?1?1) [5]
Index.....: 0/1 (segment), 60466176 (words), 0 (bytes)
Recovered.: 1/1 hashes, 1/1 salts
Speed/sec.: - plains, 16.91M words
Progress..: 19347348/60466176 (32.00%)
Running...: 00:00:00:01
Estimated.: 00:00:00:02

Started: Fri Jan 09 16:39:11 2015
Stopped: Fri Jan 09 16:39:12 2015



GPU: AMD Radeon R7 260x
Catalyst: 14.12
oclHashcat: 1.31
Command in GPU: oclHashcat64.exe --force -m 0 -a 3 -1 ?l?d --increment hash.txt ?1?1?1?1?1
Command in CPU: hashcat-cli64.exe -m 0 -a 3 -1 ?l?d --pw-min 2 --pw-max 5 hash.txt ?1?1?1?1?1
Windows: 8.1 Pro


Thanks!

Question about masks

January 10, 2015, 6:45 am
$
0
0
Hi.

I can't seem to be getting the idea of using masked brute force attack.
Example: i have 8 lowercase letters or numbers in a password.

I could use the following parameters:

1) -1 ?l?d ?1?1?1?1?1?1?1?1

or

2) ?l?d?l?d?l?d?l?d

Is that so far correct?

If yes, then I don't get why the number of possible hashes is so different?
1) - 2821109907456
2) - 4569760000

Am I getting something wrong?

ms office

January 10, 2015, 7:05 pm
$
0
0
absolutely not convenient:
(it's horrible)

9400 = Office 2007
9500 = Office 2010
9600 = Office 2013
9700 = MS Office <= 2003 MD5 + RC4, oldoffice$0, oldof
9710 = MS Office <= 2003 MD5 + RC4, collider-mode #1
9720 = MS Office <= 2003 MD5 + RC4, collider-mode #2
9800 = MS Office <= 2003 SHA1 + RC4, oldoffice$3, oldo
9810 = MS Office <= 2003 SHA1 + RC4, collider-mode #1
9820 = MS Office <= 2003 SHA1 + RC4, collider-mode #2



the only one option:

hc -m x msofficefile dic.txt

otherwise easier to download elcomsoft+crack or AOPB+crack
is a lesser evil

OS Recommendation / Experience?

January 11, 2015, 7:26 pm
$
0
0
I've got a Gigabyte motherboard with 7 R9-280's in it (using USB risers)
My thought was to install ESXi so that I could move GPU's between VMs as needed. ESXi sees them all, but can only assign 4 cards (8 PCI devices) to a VM, so isn't going to be a good platform for me.
I then tried using Ubuntu, but that distro only seems to see the GPU's on one PCI bus (4 cards).
Has anyone had a similar experience? Do other distro's seem to deal better with multiple PCI busses?

Stuck in the starting blocks

January 13, 2015, 4:25 pm
$
0
0
I am trying to download. When I try to open the file I get an error code:
Installer Name param is missing

Am I doing something wrong?

Thx
Search

ERROR: oclHashcat.induct: Operation not permitted

January 13, 2015, 5:06 pm
$
0
0
Hey folks,

I need to upgrade my oclHashcat installation (since it's preventing me from running an outdated version of hashcat) to 1.31. Unfortunately I am getting the following error:

ERROR: oclHashcat.induct: Operation not permitted

I have a bunch of diskless ubuntu nodes that are mounting their filesystem using nfs.

I have tried using --restore-disable to disable this error (I don't even know if that's the correction option for it). I have also tried specifying a different output directory, to no avail.

Anyone have any suggestions on how to fix this error?

Rusty

2 salt problem

January 14, 2015, 4:43 am
$
0
0
Hello!
there is my hash:
salt1:HASH:salt2

salt1 and salt2 are different and so 3890 does not suit me.

I do so:

Code:
-a 3 -m 10 hash-file 'salt1?a?a?a?a?a?a?a?a?a' -n

thus, salt 2 is taken from hashfile and is inserted from the right. A substituted salt1 left directly from the mask.

but here's the problem. Speed - 140000 h/s
If you remove salt1 from mask, the speed is good, 900 million
How can I be?
ried on linux debian 64bit and windows7 64bit
videocard - ge force 750M

oclhashcat32 how to

January 14, 2015, 9:10 am
$
0
0
Hi All,

please excuse my newbie question but I am trying to get hashcat to decrypt a MD5 Unix encrypted password but I simply don't understand what to do.

I get to open Hashcat32 via CMD. So far my achievement. I am not a total nebie to computers but CMD is a bit in the dark for me.

I want this encrypted hash be solved by mask attack. What is the exact line I should use in Hashcat CMD?

The password probably starts with one capital letter followed by a few letters and ending by one or more numbers.

Any help on this would be extremely welcome as I am very desperate to decrypt this thing.

TIA

truncating passwords instead of rejecting them

January 14, 2015, 11:20 am
$
0
0
In this 2011 thread:

http://hashcat.net/forum/thread-698.html

... someone asked about "wordlist clipping" - being able to truncate passwords instead of rejecting them.

The suggestion at the time was to modify all rules to truncate words. Is this still the best answer?

When working large collection of rules, it would be very convenient to not have to maintain separate rule sets for various lengths of password, and keep both truncated and non-truncated rules in sync.

Ideally, it would be great if oclhashcat could recognize the maximum possible word length of the target hash format, and automatically truncate rather than rejecting (unless it results in a duplicate password). This is what JtR does, IIRC.

This would be especially handy for DES crypt.

Identifying hash type

January 14, 2015, 12:52 pm
$
0
0
Hello there.

I'm actually stumbled as to what those 22 character hashes are.

vwJ8zfry/aXXXGkX+04NgQ
Aa4gbGXXTGH1DeVt7kA5QA
XcIQXXXTfywAEl+3eXHgKA
y5pwXXXvzCUoYBmwil2lpQ

Obfuscated as per the forum rules. Don't seem to be base64. Obtained during a pentest of a custom CRM developed ca. 2002.

hash-identifier (https://code.google.com/p/hash-identifier/) doesn't seem of much help.

Any ideas?

Thanks.
Viewing all 7816 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>