Quantcast
Channel: hashcat Forum - All Forums
Viewing all 7673 articles
Browse latest View live

identify hash with duckgoduck

June 5, 2015, 11:40 am
Search

is this the end for AMD?

June 6, 2015, 11:16 am
$
0
0
I was really looking forward to the release of the r9 390x, I thought it was gonna kick the titan x up the ass.(I was dead wrong)

As the release date comes closer, I have learned the following.

Cant even compare 390x to Titan x

R9 390x does not have full support for dx12

R9 390x is the ugliest card I have ever seen.

R9 390x will cost $200 more than a gtx 980 ti

Just when I thought things couldn't get worse for AMD, I read a article titled:
NVIDIA's next-gen GPU being tested, 16nm GPU with up to 32GB of HBM2

Its a really good article, and if its true we will have 16nm gpu's with upto 6000 cores within 1 year.

I don't think AMD can come back from this ass whooping, but I am just a noob, tell me what you think.

cracking sha256 with a 2 digit salt

June 6, 2015, 4:35 pm
$
0
0
Hey everyone, I'm very new hashcat and cracking in general. I'm currently trying to learn, but am very very very clueless! Having said that, I have ~400k hashes and I would like to crack as many of them as possible. All I know is that it's sha256 with prepended with a 2 digit salt. I'm very confused syntactically as to how to proceed.

when I try

Code:
./hashcat-cli64.app ../test.txt -m 1410 ../../../dict.txt

I get line length exceptions. I'm not really sure how I'm supposed to specify what the salt is, or how to try all 100 salt possibilities. Any and all advice is appreciated!


Thanks!

hashtopus

June 7, 2015, 7:03 am
$
0
0
Hi

i try to download the hashtopus 1.36 iand i get same problem
1. i download the hashtopus 1.36 but in the web page i get 0.97 ver.
2. i crate a new agent and download the agent but the exe not run. this tell me that the version of this file not compatible with version of windows ...
3. in the web server the exe run but tell me that it npt found the URL.

what can i do?

Sapphire r9 290x 4gb

June 8, 2015, 5:26 am
$
0
0
After finally getting the funds in order i built my self a little machine nothing to special but does they job for me.
I have been doing a few test's over last few day's and it seems ok so far, but i noticed something on the bench mark test i did.
WHere it says
Code:
Device #1: Hawaii, 3072MB

Shouldn't it be
Code:
Device #1: Hawaii, 4032MB,

Spec's and benchmark results

http://i.imgur.com/e9q9rGv.png

Benchmark result's
Code:
Display Driver version    14.301.1001.0
BIOS Version    113-C6710100-102

PS F:\oclHashcat-1.36> ./oclHashcat64.exe -b
oclHashcat v1.36 starting in benchmark-mode...

Device #1: Hawaii, 3072MB, 1000Mhz, 44MCU

Hashtype: MD4
Workload: 1024 loops, 256 accel

Speed.GPU.#1.: 22113.8 MH/s

Hashtype: MD5
Workload: 1024 loops, 256 accel

Speed.GPU.#1.: 11055.6 MH/s

Hashtype: SHA1
Workload: 1024 loops, 256 accel

Speed.GPU.#1.:  3968.8 MH/s

Hashtype: SHA256
Workload: 512 loops, 256 accel

Speed.GPU.#1.:  1433.4 MH/s

Hashtype: SHA384
Workload: 256 loops, 256 accel

Speed.GPU.#1.:   530.4 MH/s

Hashtype: SHA512
Workload: 256 loops, 256 accel

Speed.GPU.#1.:   532.6 MH/s

Hashtype: SHA-3(Keccak)
Workload: 512 loops, 256 accel

Speed.GPU.#1.:   247.8 MH/s

Hashtype: RipeMD160
Workload: 512 loops, 256 accel

Speed.GPU.#1.:  2327.4 MH/s

Hashtype: Whirlpool
Workload: 512 loops, 32 accel

Speed.GPU.#1.:   129.9 MH/s

Hashtype: GOST R 34.11-94
Workload: 512 loops, 64 accel

Speed.GPU.#1.:   157.6 MH/s

Hashtype: SAP CODVN B (BCODE)
Workload: 1024 loops, 64 accel

Speed.GPU.#1.:   948.3 MH/s

Hashtype: SAP CODVN F/G (PASSCODE)
Workload: 512 loops, 32 accel

Speed.GPU.#1.:   225.7 MH/s

Hashtype: SAP CODVN H (PWDSALTEDHASH) iSSHA-1
Workload: 1024 loops, 16 accel

Speed.GPU.#1.:  2363.8 kH/s

Hashtype: Lotus Notes/Domino 5
Workload: 128 loops, 32 accel

Speed.GPU.#1.:   192.9 MH/s

Hashtype: Lotus Notes/Domino 6
Workload: 128 loops, 32 accel

Speed.GPU.#1.: 34035.1 kH/s

Hashtype: Lotus Notes/Domino 8
Workload: 1024 loops, 64 accel

Speed.GPU.#1.:   294.0 kH/s

Hashtype: SHA-1(Base64), nsldap, Netscape LDAP SHA
Workload: 1024 loops, 256 accel

Speed.GPU.#1.:  3921.8 MH/s

Hashtype: SSHA-1(Base64), nsldaps, Netscape LDAP SSHA
Workload: 1024 loops, 256 accel

Speed.GPU.#1.:  3913.4 MH/s

Hashtype: descrypt, DES(Unix), Traditional DES
Workload: 128 loops, 64 accel

Speed.GPU.#1.:   157.4 MH/s

Hashtype: md5crypt, MD5(Unix), FreeBSD MD5, Cisco-IOS MD5
Workload: 1000 loops, 32 accel

Speed.GPU.#1.:  4778.3 kH/s

Hashtype: sha256crypt, SHA256(Unix)
Workload: 1024 loops, 4 accel

Speed.GPU.#1.:   157.2 kH/s

Hashtype: sha512crypt, SHA512(Unix)
Workload: 1024 loops, 8 accel

Speed.GPU.#1.:    70337 H/s

Hashtype: bcrypt, Blowfish(OpenBSD)
Workload: 32 loops, 2 accel

Speed.GPU.#1.:     7193 H/s

Hashtype: LM
Workload: 128 loops, 256 accel

Speed.GPU.#1.:  1999.3 MH/s

Hashtype: NTLM
Workload: 1024 loops, 256 accel

Speed.GPU.#1.: 21342.3 MH/s

Hashtype: DCC, mscash
Workload: 1024 loops, 256 accel

Speed.GPU.#1.:  5641.1 MH/s

Hashtype: NetNTLMv1-VANILLA / NetNTLMv1+ESS
Workload: 1024 loops, 256 accel

Speed.GPU.#1.: 11603.7 MH/s

Hashtype: NetNTLMv2
Workload: 512 loops, 256 accel

Speed.GPU.#1.:   752.9 MH/s

Hashtype: Kerberos 5 AS-REQ Pre-Auth etype 23
Workload: 128 loops, 32 accel

Speed.GPU.#1.: 54525.3 kH/s

Hashtype: EPiServer 6.x < v4
Workload: 1024 loops, 256 accel

Speed.GPU.#1.:  2834.2 MH/s

Hashtype: EPiServer 6.x > v4
Workload: 512 loops, 256 accel

Speed.GPU.#1.:  1239.1 MH/s

Hashtype: MSSQL(2000)
Workload: 1024 loops, 256 accel

Speed.GPU.#1.:  3894.3 MH/s

Hashtype: MSSQL(2005)
Workload: 1024 loops, 256 accel

Speed.GPU.#1.:  3900.5 MH/s

Hashtype: MSSQL(2012)
Workload: 256 loops, 256 accel

Speed.GPU.#1.:   530.5 MH/s

Hashtype: MySQL323
Workload: 1024 loops, 256 accel

Speed.GPU.#1.: 25764.8 MH/s

Hashtype: MySQL4.1/MySQL5
Workload: 512 loops, 256 accel

Speed.GPU.#1.:  1643.7 MH/s

Hashtype: Oracle 7-10g
Workload: 128 loops, 64 accel

Speed.GPU.#1.:   849.8 MH/s

Hashtype: Sybase ASE
Workload: 512 loops, 32 accel

Speed.GPU.#1.:   165.9 MH/s

Hashtype: Oracle 11g/12c
Workload: 1024 loops, 256 accel

Speed.GPU.#1.:  3916.1 MH/s

Hashtype: PostgreSQL Challenge-Response Authentication (MD5)
Workload: 1024 loops, 256 accel

Speed.GPU.#1.:  2884.5 MH/s

Hashtype: MySQL Challenge-Response Authentication (SHA1)
Workload: 1024 loops, 256 accel

Speed.GPU.#1.:  1039.7 MH/s

Hashtype: OSX v10.4, v10.5, v10.6
Workload: 1024 loops, 256 accel

Speed.GPU.#1.:  2839.6 MH/s

Hashtype: OSX v10.7
Workload: 256 loops, 256 accel

Speed.GPU.#1.:   504.4 MH/s

Hashtype: OSX v10.8+
Workload: 1024 loops, 2 accel

Speed.GPU.#1.:     1064 H/s

Hashtype: Android PIN
Workload: 1024 loops, 16 accel

Speed.GPU.#1.:  1634.2 kH/s

Hashtype: Android FDE <= 4.3
Workload: 1024 loops, 32 accel

Speed.GPU.#1.:   362.9 kH/s

Hashtype: scrypt
Workload: 1 loops, 64 accel

Speed.GPU.#1.:   684.3 kH/s

Hashtype: Cisco-PIX MD5
Workload: 1024 loops, 256 accel

Speed.GPU.#1.:  7253.1 MH/s

Hashtype: Cisco-ASA MD5
Workload: 1024 loops, 256 accel

Speed.GPU.#1.:  6773.6 MH/s

Hashtype: Cisco-IOS SHA256
Workload: 512 loops, 256 accel

Speed.GPU.#1.:  1421.6 MH/s

Hashtype: Cisco $8$
Workload: 1024 loops, 8 accel

Speed.GPU.#1.:    31986 H/s

Hashtype: Cisco $9$
Workload: 1 loops, 4 accel

Speed.GPU.#1.:     4745 H/s

Hashtype: Juniper IVE
Workload: 1000 loops, 32 accel

Speed.GPU.#1.:  4764.2 kH/s

Hashtype: Citrix NetScaler
Workload: 1024 loops, 256 accel

Speed.GPU.#1.:  3061.7 MH/s

Hashtype: DNSSEC (NSEC3)
Workload: 512 loops, 256 accel

Speed.GPU.#1.:  1341.3 MH/s

Hashtype: WPA/WPA2
Workload: 1024 loops, 32 accel

Speed.GPU.#1.:   179.5 kH/s

Hashtype: IKE-PSK MD5
Workload: 256 loops, 128 accel

Speed.GPU.#1.:   802.8 MH/s

Hashtype: IKE-PSK SHA1
Workload: 256 loops, 128 accel

Speed.GPU.#1.:   374.3 MH/s

Hashtype: Password Safe v2
Workload: 1000 loops, 16 accel

Speed.GPU.#1.:   149.8 kH/s

Hashtype: Password Safe v3
Workload: 1024 loops, 16 accel

Speed.GPU.#1.:   648.5 kH/s

Hashtype: 1Password, agilekeychain
Workload: 1000 loops, 64 accel

Speed.GPU.#1.:  1467.6 kH/s

Hashtype: 1Password, cloudkeychain
Workload: 1024 loops, 2 accel

Speed.GPU.#1.:      930 H/s

Hashtype: AIX {ssha1}
Workload: 64 loops, 128 accel

Speed.GPU.#1.: 20098.1 kH/s

Hashtype: TrueCrypt 5.0+ PBKDF2-HMAC-RipeMD160 + AES
Workload: 1024 loops, 64 accel

Speed.GPU.#1.:   541.4 kH/s

Hashtype: TrueCrypt 5.0+ PBKDF2-HMAC-SHA512 + AES
Workload: 1000 loops, 16 accel

Speed.GPU.#1.:    75270 H/s

Hashtype: TrueCrypt 5.0+ PBKDF2-HMAC-Whirlpool + AES
Workload: 1000 loops, 8 accel

Speed.GPU.#1.:    21512 H/s

Hashtype: TrueCrypt 5.0+ PBKDF2-HMAC-RipeMD160 + AES + boot-mode
Workload: 1000 loops, 64 accel

Speed.GPU.#1.:  1071.6 kH/s

Hashtype: Office 2007
Workload: 1024 loops, 32 accel

Speed.GPU.#1.:    58664 H/s

Hashtype: Office 2010
Workload: 1024 loops, 32 accel

Speed.GPU.#1.:    29298 H/s

Hashtype: Office 2013
Workload: 1024 loops, 4 accel

Speed.GPU.#1.:     4124 H/s

Hashtype: MS Office <= 2003 MD5 + RC4, oldoffice$0, oldoffice$1
Workload: 1024 loops, 32 accel

Speed.GPU.#1.: 54552.6 kH/s

Hashtype: MS Office <= 2003 SHA1 + RC4, oldoffice$3, oldoffice$4
Workload: 1024 loops, 32 accel

Speed.GPU.#1.: 59972.4 kH/s

Hashtype: PDF 1.1 - 1.3 (Acrobat 2 - 4)
Workload: 1024 loops, 32 accel

Speed.GPU.#1.:   136.2 MH/s

Hashtype: PDF 1.1 - 1.3 (Acrobat 2 - 4) + collider-mode #1
Workload: 1024 loops, 32 accel

Speed.GPU.#1.:   149.8 MH/s

Hashtype: PDF 1.1 - 1.3 (Acrobat 2 - 4) + collider-mode #2
Workload: 1024 loops, 32 accel

Speed.GPU.#1.:  2944.4 MH/s

Hashtype: PDF 1.4 - 1.6 (Acrobat 5 - 8)
Workload: 70 loops, 256 accel

Speed.GPU.#1.:  6697.0 kH/s

Hashtype: PDF 1.7 Level 3 (Acrobat 9)
Workload: 512 loops, 256 accel

Speed.GPU.#1.:  1420.0 MH/s

Hashtype: PDF 1.7 Level 8 (Acrobat 10 - 11)
Workload: 64 loops, 8 accel

Speed.GPU.#1.:     6550 H/s

Hashtype: Drupal7
Workload: 1024 loops, 8 accel

Speed.GPU.#1.:    26121 H/s

Hashtype: HMAC-MD5 (key = $pass)
Workload: 512 loops, 256 accel

Speed.GPU.#1.:  1580.1 MH/s

Hashtype: HMAC-MD5 (key = $salt)
Workload: 512 loops, 256 accel

Speed.GPU.#1.:  3106.5 MH/s

Hashtype: HMAC-SHA1 (key = $pass)
Workload: 512 loops, 256 accel

Speed.GPU.#1.:   770.9 MH/s

Hashtype: HMAC-SHA1 (key = $salt)
Workload: 512 loops, 256 accel

Speed.GPU.#1.:  1518.2 MH/s

Hashtype: HMAC-SHA256 (key = $pass)
Workload: 256 loops, 128 accel

Speed.GPU.#1.:   338.2 MH/s

Hashtype: HMAC-SHA256 (key = $salt)
Workload: 256 loops, 128 accel

Speed.GPU.#1.:   566.9 MH/s

Hashtype: HMAC-SHA512 (key = $pass)
Workload: 128 loops, 128 accel

Speed.GPU.#1.: 39235.4 kH/s

Hashtype: HMAC-SHA512 (key = $salt)
Workload: 128 loops, 128 accel

Speed.GPU.#1.: 78715.9 kH/s

Hashtype: IPMI2 RAKP HMAC-SHA1
Workload: 512 loops, 256 accel

Speed.GPU.#1.:   763.1 MH/s

Hashtype: Half MD5
Workload: 1024 loops, 256 accel

Speed.GPU.#1.:  6334.4 MH/s

Hashtype: Double MD5
Workload: 1024 loops, 256 accel

Speed.GPU.#1.:  2685.4 MH/s

Hashtype: GRUB 2
Workload: 1024 loops, 2 accel

Speed.GPU.#1.:     3723 H/s

Hashtype: phpass, MD5(Wordpress), MD5(phpBB3), MD5(Joomla)
Workload: 1024 loops, 32 accel

Speed.GPU.#1.:  2770.7 kH/s

Hashtype: SIP digest authentication (MD5)
Workload: 1024 loops, 32 accel

Speed.GPU.#1.:  1386.9 MH/s

Hashtype: SipHash
Workload: 1024 loops, 256 accel

Speed.GPU.#1.: 16999.7 MH/s

Hashtype: Joomla < 2.5.18
Workload: 1024 loops, 256 accel

Speed.GPU.#1.: 10918.0 MH/s

Hashtype: osCommerce, xt:Commerce
Workload: 1024 loops, 256 accel

Speed.GPU.#1.:  6103.9 MH/s

Hashtype: PrestaShop
Workload: 1024 loops, 256 accel

Speed.GPU.#1.:  3532.4 MH/s

Hashtype: IPB2+, MyBB1.2+
Workload: 512 loops, 256 accel

Speed.GPU.#1.:  1994.1 MH/s

Hashtype: vBulletin < v3.8.5
Workload: 1024 loops, 256 accel

Speed.GPU.#1.:  2680.7 MH/s

Hashtype: PHPS
Workload: 1024 loops, 256 accel

Speed.GPU.#1.:  2694.8 MH/s

Hashtype: vBulletin > v3.8.5
Workload: 512 loops, 256 accel

Speed.GPU.#1.:  1926.9 MH/s

Hashtype: SMF > v1.1
Workload: 1024 loops, 256 accel

Speed.GPU.#1.:  2867.6 MH/s

Started: Sat Jun 06 17:27:50 2015
Stopped: Sat Jun 06 17:58:55 2015



I'm not sure if the speeds are fast for the card, but it does me.
I am new to all this so it could all be working as it should, got to check these these out last thing i need is it blowing up.
PS why no spoiler tags.

Thanks very much.
My full build @instagram

Question on Bitcoin/Litcoin

June 8, 2015, 6:16 am
$
0
0
I have a question on -m 11300

Is the input file the actual wallet.dat?

When I point it to my wallet.dat, hashcat goes crazy and makes my computer beep like a madman. if I point it to "encrypted_privkey" pulled using pywallet, it says line length which tells me its an improper hash.

keyspace for combinator

June 8, 2015, 7:25 am
$
0
0
Hello!



Keyspace option for combinator attack ( a 1 mode) always
return number of words in biggest dictionary...is it feature or a bug?
Can somebody explain why keyspace return number of words in biggest dictionary and not just in left?
(in FAQ - https://hashcat.net/wiki/doku.php?id=fre...a_keyspace)

Thanks in advance, Aleksey

"This copy of cudaHashcat is outdated." Workaround possible?

June 8, 2015, 7:55 am
$
0
0
Hi,

I am pretty new to this but I want to run oclHashcat on my very old computer that have a GeForce GT 9600 and I am only able to get the NV ForceWare 340.76 installed. So an older version of oclHashcat is needed, according to the readme of v1.30 it should work, "NV users require ForceWare 331.67 or later". But when I try to run v1.30 it gives me this message:

"ERROR: This copy of cudaHashcat is outdated. Get a more recent version."

Is there a way to get this working anyway since I wont be able to get a newer driver for my Nvidia card?
Search

Can you use oclHashcat to generate rainbow tables?

June 9, 2015, 12:58 am
$
0
0
Is it possible to use oclHashcat to generate hashes, without testing them against passwords? Basically just a bruteforce attack with whatever kind of hashing algorithm you want, but instead of testing them against another hash, just save them all to a file?

Thanks.

hash type check plz..

June 9, 2015, 1:38 am

restore file format in 1.36

June 9, 2015, 11:15 am

oclHashcat on debian 8 : Unsupported driver detected

June 11, 2015, 4:01 am
$
0
0
Hi,

I'm trying to install oclHashcat v1.36 on my Debian 8, with an AMD card (radeon HD 6950). I saw that the supported driver for oclHashcat v1.36 is 14.9. Fortunetly, the available non-free amd driver on debian 8 is catalyst 14.9. So let's go, I followed these instructions:
https://wiki.debian.org/fr/ATIProprietar...2Jessie.22

I'm now trying the examples provided with oclHashcat, but everytime I'm told:
"ATTENTION! Unsupported or incorrect installed GPU driver detected!"

With the --force option, the programm seems to work correctly, but I'd like to know why oclHashcat don't like my driver.

Do you have an idea why I'm getting this error message? Is there something I can do to check if my installed and used driver si really catalyst 14.9?

Thank you.

HashCat failes to bruteforce crack a known hash.

June 11, 2015, 8:26 am
$
0
0
Q: Why is has hashcat failing to crack a known WPA2 hash?

Background: WPA2 access point (mine), known 8 character random alpha numeric password with mixed case i.e. e4rrT4er, has survived (= FAILED Hashcat!) a brute force HashCat attack.

** WHY?? ** or How, more accurately....

Given that I've specified HashCat to try every possible combination of 8 characters passwords in its bruteforce attack, the hash should have been cracked...

v1.36

Command line used:
./cudaHashcat64.bin -m 2500 -a3 ./mytestap.hccap ?d?d?d?d?d?d?d?d -o password.txt

Output after 1.5H:
INFO: approaching final keyspace, workload adjusted


Session.Name...: cudaHashcat
Status.........: Exhausted
Input.Mode.....: Mask (?d?d?d?d?d?d?d?d) [8]
Hash.Target....: mytestap.hccap
Hash.Type......: WPA/WPA2
Time.Started...: Thu Jun 11 13:45:14 2015 (1 hour, 30 mins)
Time.Estimated.: 0 secs
Speed.GPU.#1...: 17247 H/s
Recovered......: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.......: 100000000/100000000 (100.00%)
Rejected.......: 0/100000000 (0.00%)
HWMon.GPU.#1...: -1% Util, 74c Temp, 47% Fan

Started: Thu Jun 11 13:45:14 2015
Stopped: Thu Jun 11 15:15:38 2015

System Info:
Device #1: GeForce GTX 550 Ti, 1023MB, 1800Mhz, 4MCU

Hashes: 1 hashes; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates
Applicable Optimizers:
* Zero-Byte
* Single-Hash
* Single-Salt
* Brute-Force
Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 80c
Device #1: Kernel ./kernels/4318/m02500.sm_21.64.ptx
Device #1: Kernel ./kernels/4318/markov_le_v1.64.ptx
Device #1: Kernel ./kernels/4318/amp_a3_v1.64.ptx


What going on?

I don't know what software to use

June 11, 2015, 10:45 pm
$
0
0
I am trying to crack Truecrypt containers not whole drives.
Preferably windows but I'll take what I can get.
For example the passwords are cascaded by Twofish/Serpent and a Whirlpool hash.
Example: don'tCumKnocking10105050HaGotYa%
where the unknown is two character injected between the 1010 and 5050
so if the unknown was L* would be: don'tCumKnocking1010L*5050HaGotYa%
Can someone please help me to do this?
Thank you.

md5(md5($pass))

June 12, 2015, 12:02 am
$
0
0
Hey!
Is there any option in oclHashcat to crack md5(md5($pass)) hashes?
Search

How not to salt a hash

June 12, 2015, 2:03 am
$
0
0
Yesterday I've send two tweets about an exploiteable issue in the ColdFusion 11 password hashes.
It turns out those hash scheme is used already in ColdFusion 10 Smile However, I've been asked about the details of this issue and I thought it's better to explain it in a forum post. This is a problem that many application developers could run into and maybe they can learn from it. It's some deep, implementation specific issue that (AFAIK) no crypto library, which typically handles also hashes, protects you from.

The result is that we end up in an ABig Grin (Attacker:Defender) ratio which is worse than 1:1. Worse, for the defender. It means an attacker can compute a hash with less computation steps/instructions needed than the defender needs to. A good password hash (or KDF) should be designed to be not optimizeable (or at least not only for the attacker) and ideally stay as close as possible to 1:1.

Now, to the details. CF10+ uses the following hashing scheme:

Code:
sha256($salt.sha1($pass))

Typically we see such schemes when developers want to harden the security of an already in-use password scheme. To avoid forcing the users to re-enter their passwords they simply use the hash result of the weaker scheme as input for the newer, more secure scheme. In this example, I'd assume the password was hashed in a raw, unsalted sha1 hash before. When CF developers realized it's better to salt a password hash they changed the scheme and while they did it, they also switched to sha2 which is known to be more secure than sha1.

Such hash-in-hash constructs are ok, but only if you do it carefull. In this case it's not, as the attacker now can optimize the sha256 transformation to remove a few ADD's inside the sha256 transform function because the bytes 41-60 are now always set to 0 because of the reasons following. If you want to learn more about those zero based optimizations see:

https://hashcat.net/events/p13/js-ocohaaaa.pdf

However, this is not the real problem here. To understand this problem we first need to understand how hashes works on a very low level. Beside the fact that they were optimized to execute very fast, they were also designed to handle large files or data in general of an unknown length. For example to compute a checksum of that data. But then, the most hashes work block-wise. They have a fixed sized buffer on which they copy chunks of the data which is typically of size 64 bytes for 32 bit algorithm (md5, sha1, sha256) and 128 byte for a 64 bit based algorithm (sha512). So how can they produce a checksum for a file > 64 byte? The answer is that they use the so called "Merkle–Damgård construction":

https://en.wikipedia.org/wiki/Merkle%E2%...nstruction

To make this more easy to understand, every hash that is compute uses a context they operate on. This context is initialized with a fixed value and will be used on the first transformation, means the first 64 byte of data for sha256. When it finishes, the result is added to the value on the context and therefore becomes the new initial context value for the next transformation call. This is a) why you end up in the same hash value if you hash the same data twice which enables you to compare it and b) if we would hash the same buffer again in a second transformation the result would be different because the initial value changed based on the previous run.

And this is where the problem which the CF10 scheme is. Because of the following facts:
  • The salt is known to the attacker (always the case, that's ok)
  • The salt is of fixed size 64 byte
  • The salt (or any other known to the attacker data) is on start of the data
  • The length of the salt equals or is greater than the blocksize of the hash (this is it!)
It's clear that the first call of the hash will always produce the same context value! In our case, the salt is always of length 64 which perfectly matches the blocksize of sha256. So an attacker does not need to do that calculation again and again while he's guessing the password. He just does it once on startup and then uses this value as the initialization value for the sha256 context. Now he needs only one call to sha256 but the defender needs two calls and this is what lowers the ABig Grin in favour of the attacker.

There's also the fact that sha1($pass) is not salted. An attacker could use a precomputed set of sha1 results of his password guesses to even more speed up the guessing process. Now all he needs to do is to call 1 single sha256 transformation while the defender has 2 calls of sha256 plus 1 call to sha1.

So what's the lesson learned from this?

A) A shorter salt (but not too short) would be a better selection. To avoid a scenario where an attacker can precompute the initialization value for the second transformation you just need to make sure the attacker can not know (or easily guess) the full data block of the first hash transformation call.

B) Using a raw hash as password "storage" is a bad idea. Hashes are designed to run fast and you don't want the attacker to be able to do that. Therefore you better stick to a hash that is designed to be used for passwords. At this time i'd not like to recommend you one specific. But for the future, when the final hash from https://password-hashing.net/ is selected, this will be a good choice.

--
atom

Bruteforcing a salt possible?

June 12, 2015, 9:00 am

WPA Specific Strategies, Stats and Lists

June 13, 2015, 2:03 am
$
0
0
Long time lurker here and I feel like I've searched and read enough the forum that this is (hopefully) not redundant, or at the very least there hasn't been comprehensive current discussion.

I've been researching WPA/WPA2 hashes lately much more than any other. As most know, WPA is a different beast than say MD5, both from the minimum character length and the H/s. I find most all of the stats and rules come from cracking leaked pw hash dumps, and those are a great insight in some respects, but are also misleading when applied to WPA. Obviously getting stats on a huge sample of 100,000 hashes on WPA is quite tough compared to a database dump of pw hashes, so I understand why the data mostly evolves around it.

But when trying to apply the strategies for testing a MD5 hash dump on WPA I feel like there are two main differences between what you'd find in a WPA password vs a personal account password, and hence why I get such poor results from the typical wordlists that work great on dumps.

1) The minimum key length is 8, and often times people can create pws of less than 8 characters on many web accounts.

2) The WPA key is designed to be shared. It seems rarer that a password would be the same on WPA that one used for their personal accounts. Even someone who lives alone must have someone come over at some point and want to connect to wifi. Not impossible, but much rarer. But also since it designed to be shared, and sometimes often, it seems to be simpler while still trying to make it seem secure. People who share their WPA also probably want it to not be weird, where people are like "what does 'soggynutz4U' mean?"

Along the lines of that, instead of something "Awesome1954" like you'd more in a DB dump, it would surprise me less to see something like "johnshouse" or "johnswifi" or "johnjohnjohn" or "myinternet123"

The problem is, I have a very limited sample to work with, so these are just initial findings and they might be off base, and before I spend too much time with such a theory and building new wordlists and rules I was hoping to get some insight from others who have likely way more experience. I figure there is no point in reinventing the wheel if others have data they are willing to share.

I'm just looking for input anyone is willing to give, from general observations to specific rules or wordlists they like... exclusively from a WPA perspective, unless of course your experience shows there is a greater overlap in personal passwords than WPA than mine does.

Speaking towards wordlists, which is backing up the "quality over quantity" the wise ones on here speak often of...
So far my best performing list is a smallish list of about 50M words. These were filtered from the most common leaked pw's of 8 characters or longer, with some permutations and such. It also includes names (first or last names) in various combos, and regular dictionary words in various combos.

I've tried a handful of wordlists supposedly geared towards WPA, which I think is mainly just 8 chars or more, not because they are tuned based on WPA patterns. This includes the 13GB one on torrent. That one is useless so far and is by far the largest I run tests through.

So far I haven't created any successful rules or special attacks unfortunately. Mostly I am working with building wordlists using combinator and testing those.

bug in oclhashcat 1.36???

June 13, 2015, 8:49 am
$
0
0
When using a combination attack with with left($x) or right(^x) rules in version 1.36 it applies the rule at the start or end of the combination, not in between the two lists.
The same setup works ok in version 1.31 (don't know about other versions)

ex:
oclHashcat64.exe -a 1 -m 0 --session=all --force -o "G:\Outfiles\list1_found.txt" --outfile-format=2 --remove -w 2 --gpu-temp-abort=80 -j "$X" "G:\Hashes\md5\list1" "G:\PW\abc.txt" "G:\PW\def.txt"

v.1.36 results in format "abcdefX"
v.1.31 results in format "abcXdef" --> this is what I want

any idea??
Thank you

PCIE question/Issue

June 13, 2015, 12:08 pm
$
0
0
Hi

I have a Z97X-Gamning 5 board and have 4 GPU (HD7970) running nicely in x16 slot and the 3 x1 slots in Utbutu 14.04

Problem is when I add a 5th GPU to PCIE x4 it turns off the x1 slots I know that but cant seem to over ride it in the BIOS, but when I add another GPU to the remaining x8 slot the machine wont boot.

Any pointers...

Cheers

Rob
Viewing all 7673 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>