Quantcast
Channel: hashcat Forum - All Forums
Viewing all 7673 articles
Browse latest View live

Not sure how to crack this

April 25, 2015, 1:57 pm
$
0
0
Hi all.

We have a CNC at work that gets itself into a pickle at times.
We need to access service menus which require a OTP. The MFG has no problem generating/giving us the OTP, but we run 24/7 and the MFG doesn't So in theory we can lose 7 shifts worth of production (if it happens after hours Friday.)

The way it works is, the CNC (Windows XP based application) will generate a key, we give the MFG that key, they return us the password/key.
They keys look like a Windows activation. 5 groups of 4 AlphaNumeric characters for both the key and password. Not case sensitive.

I've saved some of the old combos. Sometimes they would work for the entire day. And on a couple of occasions been able to turn the system clock back and use older combos. But not always. So I think its date related. Maybe hashed against it or salted with.

I know I'm probably not giving enough info, but ideas? Thoughts? What other data might be needed?


(Having worked for that MFG, I doubt they did anything super fancy, but they do have a complex)

TIA.
Search

mask files

April 26, 2015, 12:12 pm
$
0
0
Hi,

I just encoutered a strange behavior with the mask files (.hcmask)

With this in the mask file :
Quote:?l,?d,?1?1?1?1?1?2?2?2?2
?u,?d,?1?1?1?1?1?2?2?2?2

The calculated keyspace is normally the same for both line : 118 813 760 000.
But, when you execute it, the second line get processed with a keyspace of 3 802 040 320 000. And of course, the time/cost is much higher.

Win7-64 / cudaHashcat64 1.35.7
command : cudaHashcat64.exe -m 5100 -a 3 --remove -o hashs.txt.out hashs.txt test.hcmask

If I execute it with only one line in the file at a time, everything is fine.

So, I was testing another syntax to try isolating the problem :
Quote:?l?l?l?l?l?d?d?d?d
?u?u?u?u?u?d?d?d?d
1st line OK
2nd line OK

Quote:abcdefghijklmnopqrstuvwxyz,?d,?1?1?1?1?1?2?2?2?2
ABCDEFGHIJKLMNOPQRSTUVWXYZ,?d,?1?1?1?1?1?2?2?2?2
1st line OK
2nd line NOK

At this point, it seems related to the [1],[2],[3],[4],[mask] syntax.

Furthermore, if I use :
Quote:?l,?d,?1?1?1?1?1?2?2?2?2
?u,?d,?1?1?1?1?1?2?2?2?2
?l,?d,?1?1?1?1?1?2?2?2?2
1st line OK
2nd line NOK
3rd line NOK

And if I invert the line :
Quote:?u,?d,?1?1?1?1?1?2?2?2?2
?l,?d,?1?1?1?1?1?2?2?2?2
1st line OK
2nd line NOK

I was looking in docs, forums, trac, etc. to find a possible explanation, but nothing. So I turn this to you for a look with new eyes.

thank you for your time.



edit :
It seems there is some kind of interaction between the line when the charsets are not from the same "defaults" charsets.

Quote:abc,?1
123,?1
1st line keyspace = 3
2nd line keyspace = 6 ???

From my first exemple :
Quote:?l,?d,?1?1?1?1?1?2?2?2?2
?u,?d,?1?1?1?1?1?2?2?2?2
1st line keyspace = 118 813 760 000
2nd line keyspace = 3 802 040 320 000 (118 813 760 000 * 32) NOK

With the example on the wiki :
Quote:?d?l,test?1?1?1
abcdef,0123,ABC,789,?3?3?3?1?1?1?1?2?2?4?4?4?4
company?d?d?d?d?d
?l?l?l?l?d?d?d?d?d?d
1st line keyspace = 46 656
2nd line keyspace = 58 773 123 072 (45 349 632 * 1 296) NOK
3rd line keyspace = 100 000
4th line keyspace = 45 697 600 000

Favorite Rules?

April 26, 2015, 7:09 pm
$
0
0
So my cracking has been a little off recently and I think it is because of my rules, so hashcat I would like to ask you which rules do you use / prefer?

Twofish + whirlpool hash

April 26, 2015, 10:18 pm
$
0
0
Hi to all. I know, Hashcat support Whirlpool and Twofish, but I can not use it for my task. I have the source code, written in C ++, but its speed is very slow, because it uses only CPU. I need to find a working solution for AMD Radeon (HD 7970) to decrypt the hash that was created using these cryptographic functions. Can anybody advise me where I can find programmer who could port this source code to AMD Radeon for a good reward?
P.S. If my topic violates the rules, I am ready to remove it. Thanks beforehand.

.NET Webapplication

April 27, 2015, 12:34 pm
$
0
0
Hello..
A programmer which wrote a program for us isn't with the company any longer. There's a main administrator account which no one knows the password for and we're hoping to be able to retrieve the password.

We have the machineKey settings from within the web.config file; decryption is set to 3DES and validation is set to SHA1.

We have the hashed password and it's salt from the database as well. I hope we're able to hash this password.

But after reading the forums looks like with 3DES, it's impossible. Any suggestions?

Thank you..

7z2hashcat

April 27, 2015, 2:49 pm
$
0
0
Since some users already keep asking me for the release of 7z2hashcat which I did announce here ( https://hashcat.net/forum/thread-4320-po...l#pid24661 ), I decided now to publish it on github:
https://github.com/philsmd/7z2hashcat

It is a tool which is able to extract the "hash" information from a .7z file such that it can be loaded with -m 11600 = 7-Zip mode of oclHashcat.

This is still in testing phase but I was able to use it successfully on very many encrypted .7z files (also with files where the file header is non-encrypted and other special cases, e.g. if the header is compressed to reduce file size).

Please do not hesitate to report issues (or push fixes / new features) on github or just let me know if you find it useful.

Note: there are some very rare files which can't be cracked by oclHashcat (and hence also 7z2hashcat.pl can't convert them): if the header is non-encrypted *and* some properties on pack size vs unpack size aren't satisfied. But you will see an explanation messages if this is the case

Dictionary attack not working black screen

April 27, 2015, 8:40 pm
$
0
0
I recorded the video to make it easier to explain.
https://youtu.be/2hIO7d7fGWA 1:24 sec
p.s.
Previously worked at Win7x64 SP1 and installed all the updates via the Windows update.
A new system of current Win7x64 SP1, without updates.

Sorry for the translation (Google Translate)

oclHashcat v1.36 - How to install(Kali)?

April 29, 2015, 5:27 pm
$
0
0
Hi guys, I'm new to linux - so I havn't memorized most of the terminal commands yet. I am quite able to follow instructions though. My point is as the title describes, I need help installing oclHashcat v1.36. I've tried Google and youtube, but nothing of this new update is anywhere.

This is what I have so far -

root@kali:~# uname -a
Linux kali 3.18.0-kali3-amd64 #1 SMP Debian 3.18.6-1~kali2 (2015-03-02) x86_64 GNU/Linux
root@kali:~#
root@kali:~#
root@kali:~# lsb_release -a
No LSB modules are available.
Distributor ID: Kali
Description: Kali GNU/Linux 1.1.0
Release: 1.1.0
Codename: moto
root@kali:~#
root@kali:~#
root@kali:~# lspci | grep VGA
01:00.0 VGA compatible controller: NVIDIA Corporation GF114 [GeForce GTX 560 Ti] (rev a1)
root@kali:~#
root@kali:~#
root@kali:~# lsmod |grep nvidia
nvidia 10512020 28
drm 259436 2 nvidia
i2c_core 50145 3 drm,i2c_piix4,nvidia
root@kali:~#
root@kali:~#
root@kali:~#


I haven't tried to download and install Cuda and Pyrit/Cpyrit yet because I am unsure of the versions and how to do. I had been following the guide here - http://www.blackmoreops.com/2014/06/30/k...uda-pyrit/ The last time I tried this guid, I got stuck on step 8 - said the file didn't exist. So before I try again, I'm asking for any help or fix before I break my OS again.. Thanks in advance!
Search

12 character WPA2 password

April 30, 2015, 12:17 am
$
0
0
What's the best way to attack a 12 character WPA2 password. Everything I tried about takes too long. Estimated time from 14 days to 10 years. I tried hybrid, rules. Also when I create a wordlist from
the Maskprocessor its huge. If you don't know the password you have to try all kinds of passwords for hybrid and I made my own wordlist with 9 characters and with 6 characters with a rule to append. Can someone tell me what's the best way hashcat or oclhashcat. IM only getting approx. 2500 H/s on GPU. Thanks.

Hash Cracking Project

April 30, 2015, 11:03 am
$
0
0
I was wondering if people here would be interested in starting a collaborative hash cracking project / group?

The project will consist of 2 main parts.
- Website
- Crackers

The idea is to utilize the features of hashcat through hashtopus.
By using the distributed hash cracking feature, multiple users will be able to contribute without loss of anything.

Collaborators will all get access to the admin panel of hashtopus as well as participate in the skype chat. Assuming we'll be using skype.

The other part, the website will be an automatic way for people to submit hashes to us, either in return of payment or something along these lines.

We could also skip this and use our combined hash cracking power to help out the community as we make a little name for ourselves.


Tell me your thoughts and suggestions. This will allow every user that joins to contribute their rules & word lists to get the best results.


If you have a pretty GPU that can't reach 500+MH/s on MD5(), you can still contribute, but you won't get access to the admin panel.

cudaHashcat64.exe and many dictionaries win7x64

April 30, 2015, 11:51 pm
$
0
0
hello
I know that we can give the following command:
Code:
cudaHashcat64 -m2500 -a0 capture.hccap dictionary1.txt dictionary2.txt dictionary3.txt dictionary4.txt ....
But a lot of dictionaries, how to be?
[Image: thumb.png]
Sorry for the translation (Google translator)

New build

May 2, 2015, 3:05 pm
$
0
0
Hi,

What do you think of this build: http://uk.pcpartpicker.com/p/pQLvkL
For light pentest and hash cracking. Is the r9 290x and CPU best value for it's buck? What mobo do you recommend, as I may want to add more more GPU's in future. More ram? Got a large case to futureproof all later upgrades in.

Budget of ~£1.5k, can go higher.

Thanks.

Making it work on Ubuntu 15.04 + GeForce 8600 GT

May 4, 2015, 1:27 pm
$
0
0
Hello there!

I'm trying to use oclHashcat v.136 on an Ubuntu 15.04 machine running Intel Core 2 Quad Q6600 2.4GHz, 8GB RAM and GeForce 8600 GT 512MB.

I'm using the latest NVIDIA driver version (340.76) installed from Additional Drivers screen on System Settings.

However, every time I try to run cudaHashcat64.bin, I got an "No NVidia compatible platform found" error message.

Am I missing something? Shouldn't it work?

Thank you!

"Display driver stopped responding and has recovered"

May 4, 2015, 2:20 pm
$
0
0
I had to do a re-install of Windows today due to my SSD failing on me and my Truecrypt volume becoming corrupt.

I have two Sapphire R9 290X Tri-X's running in crossfire. Before the reinstall, everything was fine. I could run attacks for hours on end without any lag issues or overheating etc.

However, now, on this fresh install of Windows 7 64-bit, it hardly works. After anywhere between 10 seconds and a minute into an attack, my entire PC will just lock up. Sometimes it'll never recover and sometimes I'll get the "Display driver stopped responding and has recovered" info bubble - but if it gets this far then the oclHashcat process has already crashed.

I've tried installing the 14.9 drivers from different sources [1] [2], but the problem persists.

I have also tried swapping my GPU's around in their PCIe slots just in case the card running my displays was faulty, but the problem still persists.

Any help would be appreciated,

Thanks.

[Solved]cudaHashcat64 and hashlist

May 5, 2015, 7:02 am
$
0
0
Hello,
I got a trouble with oclHashcat64.exe and md5 list. I created list of 10 md5 hash (aaa1 aaa2 ... aaa0) and put in a file : test-md5.lst

When I use Hashcat-cli64 he recovered all hash:
hashcat-cli64.exe -a 3 -m 0 --pw-min=4 --pw-max=4 -p : -o test-md5_found.txt --outfile-format=3 -n 4 -c 64 test-md5.lst ?l?l?l?d

Quote:All hashes have been recovered

Input.Mode: Mask (?l?l?l?d) [4]
Index.....: 0/1 (segment), 175760 (words), 0 (bytes)
Recovered.: 10/10 hashes, 1/1 salts
Speed/sec.: - plains, 659.95k words
Progress..: 166976/175760 (95.00%)
Running...: --:--:--:--
Estimated.: --:--:--:--

Started: Tue May 05 15:55:25 2015
Stopped: Tue May 05 15:55:25 2015

cudaHashcat64 recovered one by one hash. But with list it don't find anything:

cudaHashcat64.exe -a 3 -m 0 --session=all --status --status-timer=60 -o test-md5_found.txt --outfile-format=3 -t 90 --potfile-disable -w 1 --gpu-temp-abort=90 --gpu-temp-retain=85 -i --increment-min=4 --increment-max=4 test-md5.lst ?l?l?l?d
Quote:Session.Name...: all
Status.........: Exhausted
Input.Mode.....: Mask (?l?l?l?d) [4]
Hash.Target....: File (test-md5.lst)
Hash.Type......: MD5
Time.Started...: 0 secs
Time.Estimated.: 0 secs
Speed.GPU.#1...: 3207.3 MH/s
Recovered......: 0/10 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.......: 175760/175760 (100.00%)
Skipped........: 0/175760 (0.00%)
Rejected.......: 0/175760 (0.00%)
HWMon.GPU.#1...: 0% Util, 33c Temp, N/A Fan

Started: Tue May 05 15:56:51 2015
Stopped: Tue May 05 15:56:53 2015

Any idea ?!
Search

BF generator error

May 5, 2015, 8:26 am
$
0
0
Hello,

I try BF (incremental method) ?a 1-7 for MD5 file. After end I try wordlist and find 6 characters long password. Some is wrong.
I try ?a and length 1 password
Result 48/48 combination - this is not correct

?l?d?u work correct, ?s too, but ?l?d?u?s or ?b not

I try it different PC and ATI or Nvidia

Some hints ?

Organizing

May 6, 2015, 9:47 am
$
0
0
So I have a list of 400k hashes that I managed to crack and forgot to add the parameters --show --username and now I just have a huge list with Hash:plaintext.

I have another list with USER:HASH, is there anyway to organize them by having my HASH:PLAIN match with the other hashes in the USER:HASH?

TrueCrypt Boot 7.1a Hash Extraction

May 6, 2015, 1:53 pm
$
0
0
I am testing cracking the password of a known boot drive with oclhc but have been unable to get it working correctly.

Command used

Code:
oclHashcat64.exe -m 6241 c:\inputfile-512b c:\test-words

I created a dd of the whole drive and have tried every combination of the 512 hash from the drive. I have taken the 512 bytes from the beginning of the drive, the end of the drive. The beginning and end of the first partition. The beginning and end of the 2nd partition.

I have been carving out the data to test using FTK Imager.

.jpg  tree.JPG (Size: 12.52 KB / Downloads: 3)

.jpg  truecrypt-info.JPG (Size: 8.99 KB / Downloads: 3)

As a side note, I have been able to test extracting the password correctly with other tools which required the first 64KB at the MBR.

Can anyone tell me what I might be doing wrong?

PHDays Hashrunner challenge 2015

May 7, 2015, 8:04 am
$
0
0
Hello, everyone!

We are glad to announce, that online hash cracking challenge "Hash Runner" will come back this year. It is going to take place week before international security conference "Positive Hack Days V" (http://www.phdays.com/program/contests/#16299).

Challenge will start on May, 15, 19:00 UTC+4 (Start date link) and will last for 3 days until: May, 18, 19:00 UTC+4 (End date link).

Any Internet user can participate: teams/individuals can register on web site https://hashrunner.phdays.com (site will be up some days before contest, exact date will be announced later).

Several thousand hashes of different types will be available. There will be both some well-known hash types, like MD4, MD5, SHA-1, combined with not so common GOST-34.11-2012, Lotus 8, PHC finalists and other. Passwords and rules used to generate hashes are categorized into number of groups to reflect their complexity. Each group has its own modifier formula and ratio which will significantly influence final hash cost. Following previous year ideas we also prepared some new challenging tasks, that we hope will spice things up.

Rules/Terms

- The cost of hashes can be changed before the challenge;
- File containing the hashes and the file format required to submit recovered passwords will be available in the registered user area at http://hashrunner.phdays.com;
- You can upload the results of your work multiple times during the challenge;
- Size of participating teams is not limited;
- You can use any hardware you want as long as it's legit;
- Teams attacking/DoS'ing the challenge site or other teams will be disqualified;
- Short technical write-up describing the software, hardware and wetware resources used during the challenge is required to get the prizes in case you win;
- Up to date scoreboard listing will be available online during the timeframe of the challenge;
- You can't participate in multiple teams simultaneously;

Prizes will be provided by the PHDays organizers, the Positive Technologies company, and the forum sponsors. Prizes for first three places:
1. AMD R9 295x2, FPGA-board Quad-Spartan 6 LX150 (x4), invites for the PHDays conference for all participants
2. FPGA-board Quad-Spartan 6 LX150 (x2), invites for the PHDays conference for all participants
3. FPGA-board Quad-Spartan 6 LX150, invites for the PHDays conference for all participants


Contact e-mail: hashrunner at ptsecurity dot com

Have fun and good luck!

BTW, checkout other online challenges at PHDays http://www.phdays.com/program/contests/.
Conference news: http://twitter.com/#!/phdays

ERROR: clGetDeviceIDs() -1

May 7, 2015, 6:31 pm
$
0
0
Hi,

I have 1 AMD RADEON 7990 HD
Code:
03:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Malta [Radeon HD 7990]

I keep getting this error

Code:
$ ./oclHashcat64.bin -m 2500 <output>.hccap <dict>.txt
oclHashcat v1.36 starting...

Generating bitmap tables with 16 bits...

ERROR: clGetDeviceIDs() -1  
            
$ echo $DISPLAY
0

I followed this guide exactly: http://hashcat.net/wiki/doku.php?id=linux_server_howto and have set up my Ubuntu 14.04.2 LTS server accordingly.

I've also tried troubleshooting what's mentioned here http://hashcat.net/wiki/doku.php?id=trou...viceids_-1 including reconfiguring lightdm.conf with the example config.

Here's my clinfo:
Code:
clinfo
Number of platforms:                 1
  Platform Profile:                 FULL_PROFILE
  Platform Version:                 OpenCL 1.2 AMD-APP (1573.4)
  Platform Name:                 AMD Accelerated Parallel Processing
  Platform Vendor:                 Advanced Micro Devices, Inc.
  Platform Extensions:                 cl_khr_icd cl_amd_event_callback cl_amd_offline_devices


  Platform Name:                 AMD Accelerated Parallel Processing
Number of devices:                 1
  Device Type:                     CL_DEVICE_TYPE_CPU
  Vendor ID:                     1002h
  Board name:                    
  Max compute units:                 8
  Max work items dimensions:             3
    Max work items[0]:                 1024
    Max work items[1]:                 1024
    Max work items[2]:                 1024
  Max work group size:                 1024
  Preferred vector width char:             16
  Preferred vector width short:             8
  Preferred vector width int:             4
  Preferred vector width long:             2
  Preferred vector width float:             8
  Preferred vector width double:         4
  Native vector width char:             16
  Native vector width short:             8
  Native vector width int:             4
  Native vector width long:             2
  Native vector width float:             8
  Native vector width double:             4
  Max clock frequency:                 4013Mhz
  Address bits:                     64
  Max memory allocation:             2147483648
  Image support:                 Yes
  Max number of images read arguments:         128
  Max number of images write arguments:         8
  Max image 2D width:                 8192
  Max image 2D height:                 8192
  Max image 3D width:                 2048
  Max image 3D height:                 2048
  Max image 3D depth:                 2048
  Max samplers within kernel:             16
  Max size of kernel argument:             4096
  Alignment (bits) of base address:         1024
  Minimum alignment (bytes) for any datatype:     128
  Single precision floating point capability
    Denorms:                     Yes
    Quiet NaNs:                     Yes
    Round to nearest even:             Yes
    Round to zero:                 Yes
    Round to +ve and infinity:             Yes
    IEEE754-2008 fused multiply-add:         Yes
  Cache type:                     Read/Write
  Cache line size:                 64
  Cache size:                     16384
  Global memory size:                 8265084928
  Constant buffer size:                 65536
  Max number of constant args:             8
  Local memory type:                 Global
  Local memory size:                 32768
  Kernel Preferred work group size multiple:     1
  Error correction support:             0
  Unified memory for Host and Device:         1
  Profiling timer resolution:             1
  Device endianess:                 Little
  Available:                     Yes
  Compiler available:                 Yes
  Execution capabilities:                
    Execute OpenCL kernels:             Yes
    Execute native function:             Yes
  Queue on Host properties:                
    Out-of-Order:                 No
    Profiling :                     Yes
  Platform ID:                     0x7fd62d99a830
  Name:                         AMD FX(tm)-8350 Eight-Core Processor
  Vendor:                     AuthenticAMD
  Device OpenCL C version:             OpenCL C 1.2
  Driver version:                 1573.4 (sse2,avx,fma4)
  Profile:                     FULL_PROFILE
  Version:                     OpenCL 1.2 AMD-APP (1573.4)
  Extensions:                     cl_khr_fp64 cl_amd_fp64 cl_khr_global_int32_base_atomics cl_khr_global_int32_extended_atomics cl_khr_local_int32_base_atomics cl_khr_local_int32_extended_atomics cl_khr_int64_base_atomics cl_khr_int64_extended_atomics cl_khr_3d_image_writes cl_khr_byte_addressable_store cl_khr_gl_sharing cl_ext_device_fission cl_amd_device_attribute_query cl_amd_vec3 cl_amd_printf cl_amd_media_ops cl_amd_media_ops2 cl_amd_popcnt cl_khr_spir cl_khr_gl_event

Any idea what I can do to fix this? I can't even seem to run oclHashcat locally.

Thanks!
Viewing all 7673 articles
Browse latest View live
Search