Quantcast
Channel: hashcat Forum - All Forums
Viewing all 7673 articles
Browse latest View live

Correct syntax for oclHashcat when piping dictionary from samba share

March 16, 2015, 5:04 pm
$
0
0
I am running the following command:

Code:
dylan@hashcat:~/crack/oclHashcat-1.33$ smbclient \\\\xaelah\\wordlists -E -Udylan%qwe -c "get 18_in_1 /dev/fd/1" 2>/dev/null' |  oclHashcat64.bin -m 2500 -a3 ~/crack/captures/papabear.hccap

It runs perfect, the problem I am running into is that I am unable to check status, pause, bypass or execute any of the commands that are typically available.

I then press ctrl ^ c to kill the process or kill it from another terminal. At that point it then prints out the normal status message. I am thinking that this is due to some sort of bash shell issue. Can anyone shed any light on this? I have spent a long time googling and trying different escape strategeis so I am not looking for a simple walk-through, I am happy to do the work but just have hit a dead end.

Below is the output from the terminal to give you an idea of what I am dealing with.

Code:
dylan@hashcat:~/crack/oclHashcat-1.33$ 'smbclient \\\\xaelah\\wordlists -E -Udylan%qwe -c "get 18_in_1 /dev/fd/1" 2>/dev/null' |  oclHashcat64.bin -m 2500 -a3 ~/crack/captures/papabear.hccap
-bash: smbclient \\\\xaelah\\wordlists -E -Udylan%qwe -c "get 18_in_1 /dev/fd/1" 2>/dev/null: No such file or directory
oclHashcat v1.33 starting...

Device #1: Pitcairn, 2005MB, 975Mhz, 16MCU
Device #2: Pitcairn, 2005MB, 1100Mhz, 20MCU

Hashes: 1 hashes; 1 unique digests, 1 unique salts
Bitmaps: 8 bits, 256 entries, 0x000000ff mask, 1024 bytes
Applicable Optimizers:
* Zero-Byte
* Single-Hash
* Single-Salt
* Brute-Force
Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 80c
Device #1: Kernel ./kernels/4098/m02500.Pitcairn_1573.4_1573.4 (VM).kernel (258848 bytes)
Device #1: Kernel ./kernels/4098/markov_le_v1.Pitcairn_1573.4_1573.4 (VM).kernel (35072 bytes)
Device #1: Kernel ./kernels/4098/amp_a3_v1.Pitcairn_1573.4_1573.4 (VM).kernel (13624 bytes)
Device #2: Kernel ./kernels/4098/m02500.Pitcairn_1573.4_1573.4 (VM).kernel (258848 bytes)
Device #2: Kernel ./kernels/4098/markov_le_v1.Pitcairn_1573.4_1573.4 (VM).kernel (35072 bytes)
Device #2: Kernel ./kernels/4098/amp_a3_v1.Pitcairn_1573.4_1573.4 (VM).kernel (13624 bytes)

[s]tatus [p]ause [r]esume [b]ypass [q]uit => s
^c
Session.Name...: oclHashcat
Status.........: Aborted
Input.Mode.....: Mask (?1?2?2?2?2?2?2?3) [8]
Hash.Target....: Papa Bear (00:23:31:e4:65:8b <-> 58:23:8c:be:5d:a7)
Hash.Type......: WPA/WPA2
Time.Started...: Mon Mar 16 17:43:16 2015 (3 secs)
Time.Estimated.: Thu Jul 21 09:11:09 2016 (1 year, 127 days)
Speed.GPU.#1...:    61773 H/s
Speed.GPU.#2...:    82882 H/s
Speed.GPU.#*...:   144.7 kH/s
Recovered......: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.......: 481280/5533380698112 (0.00%)
Skipped........: 0/481280 (0.00%)
Rejected.......: 0/481280 (0.00%)
Restore.Point..: 10240/89248075776 (0.00%)
HWMon.GPU.#1...: 61% Util, 26c Temp, 40% Fan
HWMon.GPU.#2...: 37% Util, 31c Temp, 40% Fan

Started: Mon Mar 16 17:43:16 2015
Stopped: Mon Mar 16 17:43:26 2015
dylan@hashcat:~/crack/oclHashcat-1.33$
Search

Any hash cracking competition?

March 17, 2015, 8:42 am
$
0
0
I've google'd but got nothing. Curious if anyone knows of an upcoming competition besides defcon cmiyc? Not looking to win anything just practice.

Parsed list

March 17, 2015, 5:10 pm
$
0
0
Possible to load a list like this:
user:email:password:salt

In hashcat to make it look like this :
user:email:(cracked password)

thank you

Hashcat only using ~2% of GPU?

March 17, 2015, 7:00 pm
$
0
0
Hi! If I sound like a noobie, I apologize. It's probably because I'm a newbie. But anyways, I'm having some (I think?) troubles with Hashcat. I'm trying to use it to crack a WPA2 captured handshake password that I got with aircrack-ng using Kali Linux. I'm using Hashcat in Windows because installing the drivers in Kali was getting a bit tedious and it just wasn't working. However, it appears to be working.. sort of. It's using my GPU, which is what I wanted, and it's running a lot faster that my CPU, which is also what I wanted. (CPU got about 4,300 k/s, GPU getting around 12k) However, I don't believe Hashcat is using my GPU 100%. In fact, I think it's using about 2%. Although Hashcat says it's using 98%, Window's Resource Monitor only shows about 2-5%. On top of that, my GPU temperature hasn't changed from its normal temperature like it has when I used it to mine Bitcoin. If you have any more questions, please ask. And again, sorry if this is a stupid question or anything. Thanks!

Almost forgot! Here's my specs:

16gb of RAM
CPU: Intel i7-4700MQ 4 cores (8 logical cores) Generation 4
GPU: nVidia GT 750M 1gb memory
OS: Windows 7 Home Premium
This is all in an Alienware 14 (2013 model) laptop. From what I've read, laptop GPUs don't have near the power of desktop GPUs, but I should be getting more than the 12k k/s I'm getting now, right?

Command I'm using: cudahashcat64.exe -m 2500 -a 0 -d 1 -o textfile.txt WPAHandshake.hccap G:\CustomWPA.txt

Thanks again!

EDIT: Forgot to mention, there is also an Intel HD Graphics 4600 built into the CPU, but the nVidia one is separate.

See output of oclhashcat

March 18, 2015, 3:39 pm
$
0
0
Is it possible to see the most recent hash attempt by oclhashcat. So for example I want to see the most recent password that hashcat tried. Is this possible? Is there a more verbose status update than just pressing `s` while it is running? For example while `dd` is running you can issue `kill -USR1 8789` and it will output its progress. Anything similar?

Help with oclhashcat

March 18, 2015, 3:53 pm
$
0
0
So I'm starting to use oclhashcat but I cant seem to fully understand how to create a basic batch file for the program, I have this :


cudaHashcat64 -m 1000 hashes.txt -a 3 -l ?l?d 1?1?1?1?1?1?1?1?1? -o cracked.txt


What I want is to crack an NTLM password in hashes.txt using brute force with loweralpha-numeric charset from 6-9 characters.

Dump Scraper

March 19, 2015, 2:22 am
$
0
0
As you already know, Internet is full of passwords (plain and hashed ones): when a leak occurs, usually it's posted to PasteBin.
The pace of these dumps is so high that it's not humanly possible to collect them all, so we have to rely on a bot, scraping PasteBin site for interesting filea.

Dump Monitor will exactly do this: every time some leaked information are posted on PasteBin, he will tweet the link.

Sadly Dump Monitor is not very efficient: inside its tweets you will find a lot of "false positives" (debug data, log files, Antivirus scan results) or stuff we're not interested into (RSA private keys, API keys, list of email addresses).

Moreover, once you have the raw data you need to extract such information and remove all the garbage.

That's the reason why Dump Scraper was born: inside this repository you will find several scripts to fetch the latest tweets from Dump Monitor, analyze them (discarding useless files) and extract the hashes or the passwords.

https://github.com/tampe125/dump-scraper/releases

Please remember to read the wiki before continuing:
https://github.com/tampe125/dump-scraper/wiki

Finally, this is a super-alpha release, so things may be broken or not working as expected. Moreover, I know it's a kind of "hackish": a single program with a GUI would be 100 times better. Sadly I'm running out of time and I don't know anything about Python GUI development: if anyone wants to contribute, it would be more than welcome!

Please leave here your thoughts and opinions.

Look Up Tables

March 19, 2015, 7:36 am
$
0
0
Is it still possible to use lookup tables and if so with
what version?

I ask only because I tried this morning and ran into difficulties.
One of the errors being "access denied"

Rab.
Search

Recovery not even starting

March 20, 2015, 12:54 pm
$
0
0
So, I just started using oclHashcat and after my first test passed, and worked (just a simple md5 masked attack against password "hello"), the next ones don't even start.

Or rather, it says it started, and immediatelly stops. Here's the output: (yes, I did modify exec timeout in the registry)

edit: The password I'm testing for now is "aaa".

Code:
D:\Pentesting\PasswordCracking\cudaHashcat-1.33>cudaHashcat64.exe -a 3 -m 0 aab.
hash ?l?l?l
cudaHashcat v1.33 starting...

Device #1: GeForce GTX 780 Ti, 3072MB, 1084Mhz, 15MCU

Hashes: 1 hashes; 1 unique digests, 1 unique salts
Bitmaps: 8 bits, 256 entries, 0x000000ff mask, 1024 bytes
Applicable Optimizers:
* Zero-Byte
* Precompute-Init
* Precompute-Merkle-Demgard
* Meet-In-The-Middle
* Early-Skip
* Not-Salted
* Not-Iterated
* Single-Hash
* Single-Salt
* Brute-Force
* Scalar-Mode
* Raw-Hash
Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 80c
Device #1: Kernel ./kernels/4318/m00000_a3.sm_35.64.ptx
Device #1: Kernel ./kernels/4318/markov_le_v1.64.ptx


Session.Name...: cudaHashcat
Status.........: Exhausted
Input.Mode.....: Mask (?l?l?l) [3]
Hash.Target....: ***
Hash.Type......: MD5
Time.Started...: 0 secs
Time.Estimated.: 0 secs
Speed.GPU.#1...: 23811.5 kH/s
Recovered......: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.......: 17576/17576 (100.00%)
Skipped........: 0/17576 (0.00%)
Rejected.......: 0/17576 (0.00%)
HWMon.GPU.#1...:  0% Util, 36c Temp, N/A Fan

Started: Fri Mar 20 20:49:30 2015
Stopped: Fri Mar 20 20:49:31 2015

oclhashcat

March 20, 2015, 2:59 pm
$
0
0
HI. I would appreciate any help I can get. I am running kali 1.1 (kali-linux-gpu). I am using an AMD R9 270x graphics card. I installed Catalyst 14.9. However, when I run ocl, I get this error -ERROR: clGetDeviceIDs() -1. Another thing that I noticed is that in the readme file in kali, it is using ocl-hashcat 1.31 not 1.33, even though I did the updates. Here is my - lspci | grep VGA output.
00:02.0 VGA compatible controller: Intel Corporation Haswell Integrated Graphics Controller (rev 06)
01:00.0 VGA compatible controller: Advanced Micro Devices [AMD] nee ATI Device 6810
I am pretty new to kali, and hashing. Thanks in advance for the help.

email:hash to email:unhash?

March 20, 2015, 6:03 pm
$
0
0
Hey guys!

I've started using hashcat, did a bit of research, and asked some friends, but can't find the answer to do this.

I have an .txt file with email:hash how can I crack and get as output email:password?

Thanks in advance.

I'm trying: hashcat -m 5000 -a 0 -o cracked.txt --username "list-email:pass" wordlist
and I'm getting separator unmatched"

oclhashcat-"display driver stopped working....."

March 21, 2015, 5:54 am
$
0
0
Some backround first:
Windows 7
AMD Gigabyte HD 5870
Catalyst 14.9
Oclhashcat 1.33

My problem is this...When I do a straight dictionary attack using a larger dic file (10+ gb) I get the dreaded " display driver stopped working but recovered..." Using a smaller dic file (> 2g) it may, but not always, finish. The card runs at 100 fan at 70° -75.° When I do a brute force attack...say l?u?...the process runs fine. I've had the brute force attack running for two days now just to see if I 'd get the "driver" problem and so far no problem. So what's up with this...anybody have any thoughts?

Thanks

Webserver hashcat.net now with IPv6

March 21, 2015, 6:49 am
$
0
0
Both HTTP and HTTPS should work with IPv6 now.

oclHashcat v1.34

March 21, 2015, 9:12 am
$
0
0

Download here: https://hashcat.net/oclhashcat/


This version 1.34 is about performance increase and bug fixes. Even if you did not face any errors with v1.33 we recommend upgrading.

Good thing is both oclHashcat v1.34 and oclHashcat v1.33 share the same driver dependancies. If you had a running v1.33 then v1.34 will work, too.

Most important changes:
  • Increased speed for SHA1 raw kernels, all AMD GPU
  • Increased speed for PDF kernel, all NVidia GPU
  • Increased speed for all multihash kernel using a different bitmap technique, all GPU
  • Fixed a race condition in multihash kernels
  • Fixed a buffer overflow that could lead to all kinds of segmentation fault or system freezing
  • Fixed a bug which caused clCreateBuffer() -61 Error even on single hashes


Full changelog v1.33 -> v1.34

Quote:
Type: Feature
File: Kernel
Desc: Increased speed for SHA1 raw kernels (-m 100/110/120/130/140) on GCN cards (7970, 280x, 290x, ...)

Type: Feature
File: Kernel
Desc: Increased speed for PDF kernel (-m 104xx and -m 105xx) for all NVidia GPU

Type: Feature
File: Kernel
Desc: Increased speed for all multihash kernel using a different bitmap technique

Type: Feature
File: Kernel
Desc: Added oclHashcat compile timestamp to buffered binary kernels to avoid collisions with older versions

Type: Feature
File: Kernel
Desc: Added new hash mode -m 11000 = PrestaShop
Trac: #589

Type: Feature
File: Kernel
Desc: Added new hash mode -m 11100 = PostgreSQL Challenge-Response Authentication (MD5)
Trac: #490

Type: Feature
File: Kernel
Desc: Added new hash mode -m 11200 = MySQL Challenge-Response Authentication (SHA1)
Trac: #490

Type: Feature
File: Kernel
Desc: Added support for 32 bytes ID objects for hash type -m 10500 = PDF 1.4 - 1.6
Trac: #594

Type: Feature
File: Host
Desc: Inform user with small wordlists how to avoid slow speed with slow hashes
Trac: #597

Type: Change
File: Host
Desc: Renamed -m 7100 = OS X v10.8 / v10.9 to OS X v10.8+

Type: Workaround
File: Host
Desc: New workaround for -m 2500 = WPA/WPA2 key versions which are not valid (should always be < 256)

Type: Bug
File: Kernels
Desc: Fixed a race condition in multihash kernels

Type: Bug
File: Kernels
Desc: Fixed a buffer overflow that could lead to all kinds of segmentation fault or system freezing
Trac: #591

Type: Bug
File: Host
Desc: The key size (AES 128 vs AES 256) for office 2007 hashes was not shown correctly in output/status
Trac: #590

Type: Bug
File: Host
Desc: Fixed a bug if a rule in -j changes the length of the words in the wordlist, ex. ]
Trac: #593

Type: Bug
File: Host
Desc: Fixed a crash when using the outfile remove feature together with some hash types
Trac: #593

Type: Bug
File: Host
Desc: Fixed a problem where wrong restore point percentage was shown
Trac: #606

Type: Bug
File: Host
Desc: Fixed a buffer overflow in stdin mode

Type: Bug
File: Host
Desc: Fixed a bug which caused clCreateBuffer() -61 Error even on single hashes

Type: Bug
File: Host
Desc: Fixed a bug which caused clEnqueueCopyBuffer() -30 Error by limiting --gpu-loops to a maximum of 1024

Type: Bug
File: Host
Desc: Fixed a bug related to the maximum password length supported per hash-type

--
atom

HashCat t-shirt !

March 21, 2015, 10:15 am
$
0
0
2 days ago i made cool t-shirt in "printing" shop.
Sample of design here:
[Image: attachment.php?aid=308]
[Image: attachment.php?aid=309]

You are have any ideas about make it better?

.png  front.png (Size: 475.51 KB / Downloads: 48)

.png  back.png (Size: 310.87 KB / Downloads: 46)
Search

oclHashcat v1.35

March 21, 2015, 7:07 pm
$
0
0

Download here: https://hashcat.net/oclhashcat/


This version 1.35 is about performance increase and bug fixes. Even if you did not face any errors with v1.33 we recommend upgrading.

Good thing is both oclHashcat v1.35 and oclHashcat v1.33 share the same driver dependancies. If you had a running v1.33 then v1.35 will work, too.

Most important changes:
  • Increased speed for SHA1 raw kernels, all AMD GPU
  • Increased speed for PDF kernel, all NVidia GPU
  • Increased speed for all multihash kernel using a different bitmap technique, all GPU
  • Fixed a race condition in multihash kernels
  • Fixed a buffer overflow that could lead to all kinds of segmentation fault or system freezing
  • Fixed a bug which caused clCreateBuffer() -61 Error even on single hashes


Full changelog v1.34 -> v1.35

Quote:
Type: Feature
File: Kernel
Desc: Increased speed for all multihash kernel using a bitmap technique

Type: Bug
File: Kernels
Desc: Fixed a bug in NVidia multihash kernels that a hash was not found even with the correct plain

Full changelog v1.33 -> v1.34

Quote:
Type: Feature
File: Kernel
Desc: Increased speed for SHA1 raw kernels (-m 100/110/120/130/140) on GCN cards (7970, 280x, 290x, ...)

Type: Feature
File: Kernel
Desc: Increased speed for PDF kernel (-m 104xx and -m 105xx) for all NVidia GPU

Type: Feature
File: Kernel
Desc: Increased speed for all multihash kernel using a different bitmap technique

Type: Feature
File: Kernel
Desc: Added oclHashcat compile timestamp to buffered binary kernels to avoid collisions with older versions

Type: Feature
File: Kernel
Desc: Added new hash mode -m 11000 = PrestaShop
Trac: #589

Type: Feature
File: Kernel
Desc: Added new hash mode -m 11100 = PostgreSQL Challenge-Response Authentication (MD5)
Trac: #490

Type: Feature
File: Kernel
Desc: Added new hash mode -m 11200 = MySQL Challenge-Response Authentication (SHA1)
Trac: #490

Type: Feature
File: Kernel
Desc: Added support for 32 bytes ID objects for hash type -m 10500 = PDF 1.4 - 1.6
Trac: #594

Type: Feature
File: Host
Desc: Inform user with small wordlists how to avoid slow speed with slow hashes
Trac: #597

Type: Change
File: Host
Desc: Renamed -m 7100 = OS X v10.8 / v10.9 to OS X v10.8+

Type: Workaround
File: Host
Desc: New workaround for -m 2500 = WPA/WPA2 key versions which are not valid (should always be < 256)

Type: Bug
File: Kernels
Desc: Fixed a race condition in multihash kernels

Type: Bug
File: Kernels
Desc: Fixed a buffer overflow that could lead to all kinds of segmentation fault or system freezing
Trac: #591

Type: Bug
File: Host
Desc: The key size (AES 128 vs AES 256) for office 2007 hashes was not shown correctly in output/status
Trac: #590

Type: Bug
File: Host
Desc: Fixed a bug if a rule in -j changes the length of the words in the wordlist, ex. ]
Trac: #593

Type: Bug
File: Host
Desc: Fixed a crash when using the outfile remove feature together with some hash types
Trac: #593

Type: Bug
File: Host
Desc: Fixed a problem where wrong restore point percentage was shown
Trac: #606

Type: Bug
File: Host
Desc: Fixed a buffer overflow in stdin mode

Type: Bug
File: Host
Desc: Fixed a bug which caused clCreateBuffer() -61 Error even on single hashes

Type: Bug
File: Host
Desc: Fixed a bug which caused clEnqueueCopyBuffer() -30 Error by limiting --gpu-loops to a maximum of 1024

Type: Bug
File: Host
Desc: Fixed a bug related to the maximum password length supported per hash-type

--
atom

e-mail notifications

March 22, 2015, 9:59 am
$
0
0
Hello!

Can anyone help me make oclhashcat send notification on e-mail when it`s finished cracking? I have found a similar thread about this problem, but i cannot get it to work.
Also for whatever reason oclhashcat does not create .restore file. Any ideas why?

Thank you in advance! (Excuse me if my English isn`t perfect, i`m not a native english speaker)

Help sought for a research project

March 23, 2015, 12:00 pm
$
0
0
Dear all,

I'm a PhD candidate at the HighWire Centre (Lancaster University, UK). Some time ago I created this water-cooled GPU rig as part of my research into 'design fiction' (there is a photo from a talk I did at Edinburgh College of Art last year here). It ran cryptocurrency (Bitcoin and alike) mining software. With the excess heat the water is pumped through a household radiator. It is the fact that I'm using a standard white radiator that makes this thing actually quite affecting, people tend to react to it, and 'get' the point of the design fiction / speculative design.

The reason for posting here is that I want to explore other stuff that I can run on the GPUs. Cracking passwords was an obvious one. So, I've got a couple of questions.

First, I've installed oclHashcat, and, it works with the example data as far as I can tell. However, I'm kind of out of talent at this point, hence why I am asking for help here! To generate any good amount of heat in the radiator I need the GPUs (there are two, AMD 7950s) to be running flat-out for an hour or more. Is there any easy way of feeding the software a massive dataset? Or asking it to bruteforce something? Apologies if my question is rather inane... I'm playing catch up.

Second, other than running hashes/cracking passwords, does anyone have any suggestions of interesting processing that I can do with these GPUs? I realise there are various folding/SETI type applications... but, beyond those does anything come to mind?

Any help greatly appreciated!

Thanks

Benchmark data request

March 23, 2015, 1:31 pm
$
0
0
Given there's a possiblity of confusing, could the tester provide like a SKU or other unique product identifier besides the chipset ?

I have not seen such thus far.

Getting password of a SSIS Package (*.dtsx file format) password recovery

March 23, 2015, 10:43 pm
$
0
0
Hello,


I am new to Hashcat , but have been reading about it quiet a while but yet i am facing a concern regarding *.dtsx file format password recovery, do you think we can use Hash code for the same if so then where we will select the file?

Hope to get your answer soon on this one.


Regards

Chavya Khanna
Viewing all 7673 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>