Quantcast
Channel: hashcat Forum - All Forums
Viewing all 7822 articles
Browse latest View live

Third-party utility: analyze_hc_restore

January 28, 2015, 1:45 am
$
0
0
analyze_hc_restore is a perl script I have developed that can be very handy to help analyze and mofify oclHashcat .restore files ( https://hashcat.net/wiki/doku.php?id=ocl...store-file ).

The github repository can be found here:
https://github.com/philsmd/analyze_hc_restore

With this tool it is for instance possible to add some specific options/switches to the command line string ("argv") stored in the .restore file (for instance add -w 3 if you have forget it at first run) and hence change some switches/parameters which oclHashcat will be recognize when restarting with:
oclHashcat --restore

To display all options available, use:
analyze_hc_restore.pl --help

Let me know if you find this tool useful.
Any suggestion, comments, pull request and issue reports are of course very appreciated.
Thx
Search

special character problem with standarad hash generators

January 28, 2015, 5:39 am
$
0
0
Hopefully this is the correct area ^^. I have searched the forum but couldn’t find any help for my problem and google wasn’t successful with that either, so it was time to make a post.

I am trying to crack some self-created md5 hashes (the hash type doesn’t really matter for me, it’s just an example/test) from words with special characters like könig, lözt, €uro, wutbürger, Ömmaken. The hashes have been created with different websites and checked with Linux’s (mint 17) md5sum command (echo –en | könig md5sum) to "verify" the correctness.

Linux Mint, http://www.md5hashgenerator.com/ and many other websites show the same hash for the words listed above while http://md5-generator.de/ creats a different result AND this is only one that actually works with oclHashcat.

I have also read about problems with special character sets reported at http://hashcat.net/forum/archive/index.p...-2763.html and that md5 hashes from the md5hashgenerator website are wrong, most likely due encoding problems but then this would be true for all the other website (with one exception) and Linux Mint/Ubuntu.

While using the ?b option for the charset, some of the hashes are cracked correctly but others have strange characters (the encoding seems to be wrong (and yes I set my hex editor (wxHexEditor) to Windows CP1252 Ansi) ;-))

My Question is rather simple. How do I get the md5 hashes from the other sources solved with oclHashcat?






========================================================================

Here’s the configuration of my System, but that’s not the problem from my point of view.

Win7x64 PC with AMD HD 7800 (Catalyst 14.9) and oclHashcat-1.32

And that's the code I ran with a batch script (removed some gpu options (temperature stuff, accel, loops) for a better overview) just in case someone asks.

"C:\Users\%username%\Downloads\oclHashcat-1.32\oclHashcat64.exe" --potfile-disable -m 0 -a 3 -i --increment-min=1 --increment-max=8 --custom-charset1="C:\Users\%username%\Downloads\oclHashcat-1.32\charsets\standard\German\de_cp1252.hcchr" --custom-charset2=?1?a "C:\Users\%username%\Desktop\ocl\md5\md5.txt" ?2?2?2?2?2?2?2?2

Speed Problem with R9 295X2

January 28, 2015, 1:06 pm
$
0
0
Hey hashcat forum Smile I finally did it!

Bought today a R9 295X2 and I really LOVE it! But I have some questions about it, maybe I am using hashcat wrong Tongue Here is a screenshot.
http://prntscr.com/5y9pf1
My question now is: Why do they have different speeds? I mean why has the GPU#1 7000MH/s
GPU#2 2000MH/s

Shouldnt they be the same? I mean both at 7000MH/s?

Any solution for that?

The hashtype is Raw-MD5 Tongue

I am using Catalyst 14.12 Omega

MS-CACHEv2

January 28, 2015, 1:34 pm
$
0
0
I am trying to crack some MS-CACHEv2 credentials and I am not sure where to start with my plan of attack. I am rather new to cracking. I have my hashes all formatted according to the 2100 example: $DCC2$10240#tom#e4e938d12fe5974dc42a90120bd9c90f

I am not sure what would be the most effective use of my GPU's time. I have a 7970m at my disposal. This is what I am thinking for a command.

oclhashcat64.exe -m 2100 -a 3 -n 8 hash.txt

I am not sure if there is a way to do hybrid/dictionary attacks and I am not familiar enough with the rules to be confident with what I am doing.

Thanks!

Noob - Output Question

January 28, 2015, 3:12 pm
$
0
0
I am seeing the following on my system (just learning, nothing professional)..

Speed.GPU.#1...: 43787 H/s
Speed.GPU.#2...: 43581 H/s
Speed.GPU.#*...: 87368 H/s

I see posts like;

Speed.GPU.#1...: 4348.1 kH/s
Speed.GPU.#2...: 4356.3 kH/s
Speed.GPU.#*...: 8704.4 kH/s

noob question, what does the H/s and kH/s stand for? I am assuming kH/s is better than H/s?

Question on why 1 GPU is showing ~100H/s less than the other

January 28, 2015, 6:49 pm
$
0
0
I have two GPU's same vendor; os Ubuntu Server latest release, drivers I believe the latest, amd-catalyst-14-9-linux.

Board name: AMD Radeon R9 200 Series
Board name: AMD Radeon R9 200 Series
Board name:

Platform Name: AMD Accelerated Parallel Processing
Platform Name: AMD Accelerated Parallel Processing
Name: Pitcairn
Name: Pitcairn
Name: Intel® Core™ i3 CPU 530 @ 2.93GHz

./oclHashcat64.bin -m 7100 -b
oclHashcat v1.32 starting in benchmark-mode...

Device #1: Pitcairn, 2000MB, 1070Mhz, 20MCU
Device #2: Pitcairn, 2000MB, 1070Mhz, 20MCU

Hashtype: OSX v10.8 / v10.9
Workload: 35000 loops, 2 accel

Speed.GPU.#1.: 382 H/s
Speed.GPU.#2.: 287 H/s
Speed.GPU.#*.: 669 H/s

Started: Wed Jan 28 21:41:41 2015
Stopped: Wed Jan 28 21:42:07 2015

GPU #2 is about 100 H/s less in the benchmark mode.. is this normal?

Combine to user:pass, Crashes with --show

January 29, 2015, 1:46 am
$
0
0
Hi,

I have some issues combining two files. I have a 250k IPB hash file (yes this one is posted here before, and no I don't need it cracked further)

My 250k file is formatted: User:Hash:Salt
my 100k file is formatted : Hash:Salt:Password

I need to get user:pass

I have tried doing this with hashcat:

hashcat-cli64.exe -m 2811 --username --show --outfile-format=2 -o Output.txt Hashes.txt

But it crashes with OCL version, and with CPU version I only get plain passwords, no usernames.

Thank you for helping!!

PS filesize to big for attachment, can be downloaded here:

https://ugaris.com/zipme.zip

PACK-0.0.4

January 29, 2015, 9:02 am
$
0
0
Hi

I have a 170MB wordlist I am analysing with rulegen and so far it's taken a few hours and made a rule file 2.6GB in size.

I thought the rules would be extracted and displayed 1 per line. However my wordlist contains 15M words and the analysis file contain 117M and growing. Is this suppose to happen, it's taking a very long time.

Anyone has experience with PACK and can share their insight? Anyone know of a better alternative?
Search

hashes are recorded cracked, but no password.

January 29, 2015, 9:33 am
$
0
0
ok I am rather new, so expect this to be something i am doing wrong.. but I don't see it.

Using oclHashCat 1.32 on windows 7 with an nvidia card (not expecting the fastest results)

my command line is

(have renamed the hashcat exe to HC64.exe)

HC64.exe -m 3000 -a 0 --potfile-disable --outfile-check-timer 0 --outfile-format=3 -o E:\Plains.txt E:\LMHash.txt C:\HC132\Wordlists\DBPass.txt


E:\Plains.txt is my target results file
E:\LMHash.txt is my LM Hash list
E:\DBPass.txt is my wordlist, contain exactly 3 password KNOWN to be in the list


The program runs without any apparent errors

I get 'Recovered....: 1/5101 (0.02%) Digests, 0/1 (0.00%) Salts'

when i look at the E:\Plains.txt

i see 1 <hash>:<no password>

It is finding the hash of one of the known password (i checked) and reporting it, but is not reporting the value of the cracked password... and only finding 1 of 3..

Any suggestions??

DB

SHA1-Hash and Password, what is the syntax?

January 29, 2015, 12:03 pm
$
0
0
Sorry to bother you guys with my newbie question, but i am totally lost.

To be honest, i have to solve a little riddle. I managed to pass some stages, but now i have to "crack" a found 40 character hash-value. I think it must be SHA-1.

And i found a password, that is hidden inside the riddle.

But as i am completely new to this material, i have no idea, what i can do with those values now? I guess i have to find the user name? Or maybe the so called salt?

Can anybody helpt me out with the correct syntax? What i tried to do is following:

hashcat-cli64.exe -m 110 -a 0 Test.hash Test.dict --outfile=test.txt

I am thankful for every hint i get! Smile

Launching an attack NTLM

January 29, 2015, 1:16 pm
$
0
0
So I am trying to crack the password on my laptop for practice. I have been reading all through the wiki and forum posts and am stuck getting my initial command right.
I enter:

oclhashcat64.exe -m 1000 -a 3 -o C:\output.txt ?a?a?a?a?a -i max=10 Localhashes.txt

I get a warning on the ?a?a?a?a line length exception and and error no hashes loaded.

I am using the NTLM format forom the wiki:

1000 NTLM b4b9b02e6f09a9bd760f388b67351e2b

It's probably something stupid I am overlooking or some syntax that's not making sense to me. Help is appreciated.

Get plain text password knowing hash and salt

January 30, 2015, 4:05 am
$
0
0
So first of all hi, I just want to say that im completely new to hashcat, and I noticed it's missing some docs... so that's why im here asking.

Recently I got a complete dump of a SQL members table (as of 13-01-2015) that contains lots of info but im particularly interested in 4 fields only: name (it's the username in fact), email, members_pass_hash and members_pass_salt.

The table itself comes from a site using IP.Board, so they store they passwords like this (more info) :

Code:
$hash = md5( md5( $salt ) . md5( $password ) );

Now, checking hashcat wiki I found one mode that's ALMOST the same, but concatenated in different order:

Code:
3910 = md5(md5($pass).md5($salt))

So my question is, is still possible to find those passwords? If so, how can I find them all at once? How would the args be?

Finally, if someone has some "newbie guides" or whatever, please link them Smile

Regards.

R9 M200 series compatibility

January 30, 2015, 9:35 am
$
0
0
I am currently in the process of scouting new laptops to use for school/pentesting as a hobby/education. I need a laptop because I need to be able to haul it to lab twice a day 5 days a week so a desktop is out of the question but I would like to have the ability to play around with oclhashcat as it seems like an awesome tool and has me very interested. I have found a Toshiba on sale with a lot of ram and an i7 4710hq (not so worried about battery life) and I believe it is the one. A big bonus is that it does have a dedicated GPU. Its not the best but I don't plan on gaming with it, although i would like to utilize it with oclhashcat if possible. I have read and read all the resources that I can find about this GPU on this forum and others and I cant seem to find if it is compatible or not. I have found that AMD does provide a catalyst 14.9 driver for it but upon following the link for OpenCL AMD compatible cards, I can not find it.
The card that I'm looking for is the AMD R9 M265X.

There is a R7 M240 as well as the R9 290 and R9 290X (obviously) on the AMD OpenCL compatibility link but not the card i am looking for. I know that the M series cards are not as common but the fact that there is at least one on there gives me hope. Should I assume that it works because it is a new card in the R9 series or should I assume it does not run with OpenCL because it is not on the AMD OpenCL page? Is there any other way for me to verify the compatibility or lack there of on the R9 M265X? I know that it is supported by Catalyst 14.9, but I am not sure that OpenCL will run on it. Can I check its chip set against the regular R9 series to determine compatibility? You guys seem to have a lot of knowledge on the subject- Help! I need a hardware guru.

PS- here is the link I was referring to that I followed from the beginning of the hardware forum discussing compatibility:

http://developer.amd.com/tools-and-sdks/...atibility/

Thank you very much for your time. It is very appreciated!

----UPDATE----
I have found an OpenCL 2.0 Driver that says that it is compatible with the R9 m200 series at this link:

http://drivers.softpedia.com/get/GRAPHIC...-bit.shtml

Now my question is this: Dose this mean my card is compatible as they offer Catalyst 14.9 and OpenCL 2.0 drivers? An issue I see is that the link with the drivers says Catalyst 14.41. I guess I am confuse about the difference between catalyst and OpenCL. Is there a difference and I need both, or are they the same thing, and if so, will I have to wait until OCLHashcat becomes compatible with a later version of Catalyst? Sorry for all of the question.

Hash Help

January 30, 2015, 12:45 pm
$
0
0
Background:
I have a pair of 6500 Running CatOS.
I am running tacacs on them, so I have full access to them.
I am trying to decommission them, and one of the issues I ran into is that I don't know what the console password is. (I want to remove tacacs as a part of the decom.)
On this version of CatOS, when you change the password (set password) it asks for an old password. Since I don't know the password, I can't set a new one. (Crusty old CatOS)
Anyway, we are going to do password recovery, so I don't actually have a need to crack the password...

However, I would like to know:
The password appears to be encrypted in a $2$SALT$Pass format.
I have ran through the supported types, and I don't see this particular format listed.
What type of password is this? The switch is old, so it would be a very old algorithm.
I have searched for Cisco type $2$ but I get all sorts of noise.

Any help is appreciated and sorry if this is a dumb question.

Hashcat won't launch.

January 30, 2015, 1:33 pm
$
0
0
I try to open it, but it just flashes and vanishes. Where is the problem? Does anybody knows? I use Windows 7.
Search

A Radeon HD 6990 for hash cracking. Good or bad idea?

January 30, 2015, 11:54 pm
$
0
0
Hey guys,

I've got a mate selling his old Radeon HD 6990 for like $150 US which is pretty cheap as far as I know. What are the downsides of cracking on one of these monsterous beasts and would you recommend a different card?

Mask vs salt

January 31, 2015, 4:23 pm
$
0
0
Hi!

I'm new to hashcat and just trying it out so please take it easy on me. I read about the mask attack and I know about salting.
If I have one fixed salt and a mask with some static characters, are they different?
Let's take for example:
1. 10 = md5($pass.$salt) + mask ?l?l?l?l + [hash]:SALT
2. 0 = MD5 + mask ?l?l?l?lSALT + [hash]

Is there any difference between the above two run modes? If so, what are the differences?

Also, I can't find the difference between the straight mode and brute-force. Can someone explain the differences?

Thanks a lot! Smile

hashcat is not downloading right. Help?

February 1, 2015, 3:23 pm
$
0
0
so i'm having a problem downloading hashcat. Instead of downloading a folder of some sort it downloads as some sort of command prompt. If you give me your email, i can send you a copy of the picture.

oclHashcat bruteforce

February 2, 2015, 7:52 am
$
0
0
Which options should I use to check all combinations of 1-3 symbol passwords during bruteforcing hashes?
I use -m 0 -a 3 -o cracked.txt -1 ?a

Tesla - GPU Cluster

February 3, 2015, 2:51 am
$
0
0
hello,

I found this article for clustering amd cards with VCL. There is a warning at the top that says that it is out of date and most likely will not work. Is there a recommended approach? Does anyone have experience with clustering nvidia cards for use with hashcat? I can use any open source OS. The cluster is ~50 nodes with 1 GPU card each. Any help is appreciated.

Thanks
Viewing all 7822 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>