Quantcast
Channel: hashcat Forum - All Forums
Viewing all 7673 articles
Browse latest View live

X99 Motherboards , is it worth it ?

June 25, 2015, 9:18 am
$
0
0
I am really confused of what to choose, the X99 new motherboards with a Core i7-5820K or just stick with the z97 and core i7 4790k .. i have 2 gtx 980 , with a good chance of adding 2 more .. any suggestions ?

Thanks In Advance ..
Search

290x Stops Cracking and Hangs OclHashcat

June 25, 2015, 12:28 pm
$
0
0
I recently switched from Windows to Ubuntu Server and have ran in to a bit of an issue, after a number of hours it seems one of my r9 290x's just stops responding. I'm trying to figure out if this is a card issue or something I'm doing, I don't recall ever having this issue in Windows.

System details: regular tower case, Intel 4770k, MSI z87 motherboard, 3x r9 290x reference, 1x FirePro v4900 (needed vga so I added this I had laying around).

Basic NTLM brute force using -w 3 and --powertune-enable. I had paused it on this particular scan for a while which is why the time started is so long.

Code:
[s]tatus [p]ause [r]esume [b]ypass [q]uit => s

Session.Name...: x
Status.........: Running
Input.Mode.....: Mask (?a?a?a?a?a?a?a?a) [8]
Hash.Target....: File (ntlm)
Hash.Type......: NTLM
Time.Started...: Mon Jun 22 13:16:39 2015 (2 days, 22 hours)
Time.Estimated.: Fri Jun 26 03:00:09 2015 (14 hours, 46 mins)
Speed.GPU.#1...:        0 H/s
Speed.GPU.#2...: 12191.8 MH/s
Speed.GPU.#3...: 12180.8 MH/s
Speed.GPU.#4...:   777.7 MH/s
Speed.GPU.#*...: 25150.4 MH/s
Recovered......: 356/491 (72.51%) Digests, 0/1 (0.00%) Salts
Progress.......: 4911588188422144/6634204312890625 (74.03%)
Rejected.......: 0/4911588188422144 (0.00%)
Restore.Point..: 374246998016/735091890625 (50.91%)
HWMon.GPU.#1...: 100% Util, 79c Temp, 50% Fan
HWMon.GPU.#2...: 100% Util, 84c Temp, 100% Fan
HWMon.GPU.#3...: 100% Util, 81c Temp, 100% Fan
HWMon.GPU.#4...: 99% Util, 80c Temp, 28% Fan

Once it does this and the card hash/s goes to 0, I cannot quit, pressing q just hangs. kill -9 pid doesn't seem to do anything except the process goes defunct, have to reboot to do anything.

Stock clocks, nothing else changed, any suggestions? I may stress test that card individually to see if anything happens with it.

passwords via DPAPI cracking?

June 26, 2015, 10:26 am
$
0
0
In the "DPAPI Secrets. Security analysis and data recovery in DPAPI" page over on http://www.passcape.com/index.php?sectio...ails&id=28

there is a section near the end titled:
"Recovering user password without loading hashes from SAM/NTDS.DIT"

whose last paragraph reads:

[. . .] the recovery of user's password from the Master Key is not of any practical benefit. For example, in Windows 7, the password validation goes at the speed of about 10 p/s. Theoretically, the speed can be increased by a few orders of magnitude by optimizing the encryption algorithms and engaging GPU in the validation. [. . .]

Has this ever been on the goals list for oclHashcat?

Issue with URLs

June 26, 2015, 10:27 am

rules issue with rules cudahashcatx64 1,36

June 26, 2015, 10:32 am
$
0
0
Hi there,

I have the following issue with rules:

This does not find the hash:

cudaHashcat64.exe -a 6 -m 500 --session=all --status --status-timer=6 -o "z:\50037710" --outfile-format=3 -w 1 --gpu-temp-abort=85 --gpu-temp-retain=80 -j "cfr:dp3^1q" "hash_path" "dict_path" ?d?d?d?d

while this does:

cudaHashcat64.exe -a 6 -m 500 --session=all --status --status-timer=6 -o "z:\50037710" --outfile-format=3 -w 1 --gpu-temp-abort=85 --gpu-temp-retain=80 "hash_path" "dict_path" ?d?d?d?d

the password is blossom2012, the hash is $1$TC5h.SFc$0PdUWFRb/zotUpNFDdJZq

Any idea?

PCI SERR with AMD but not NVIDIA

June 26, 2015, 11:09 am
$
0
0
Hi,

Just wandering if anybody else has encountered this crap:

I have a Supermicro system configuration with X8DTG-DF motherboard, say about 40 servers. They all use AMD HD 6990 and run heavy loads of oclHashcat - some are doing almost 24/7. On two of them a strange problem has appeared: They throw a PCI SERR after a few hours of intensive work (the actual time until error varies, but it shows up sooner or later) and the system hangs until hard reset. The error is "Assertion:PCI SERR, Bus 0 /Device 3 /Function 0". Only the two show the problem, others do not.

I have replaced all components except the MB. I have switched the GPU to R290X, the problem is still there. I decided to accept the inevitable and to look into replacing the boards (Supermicro accepted this as a hardware fault).

Before sending them back, I decided to try also a Titan X with cudaHashcat, so I have replaced the R290 with Titan X. Surprise - it has been running with almost 100% load for 3 days and no error. Still running.

All test cases are done with the same settings - brute force (a3) for an uncrackable HTLM dummy hash.

Can anybody shed some light into this issue? Have you seen this before? Any significant diffs between the hardware interface of these cards?

Cheers,
ecos

ERROR: Use of rules-file or rules-generate only allowed in attack-mode 0

June 26, 2015, 11:09 pm
$
0
0
Hey Guys PLZ Help, When I Try To Crack MD5 Hash With Hashcat GUI [Latest Version] In "Brute-Force" Mode With GPU [oclHashcat] There Show "ERROR: Use of rules-file or rules-generate only allowed in attack-mode 0"

Image 1: http://prntscr.com/7lv8e0[/img]


Image 2: http://prntscr.com/7lv8yp[/img]

Recommended AMD Driver

June 28, 2015, 6:16 am
$
0
0
What driver is recommended for the lastest hashcat?
I'm still on 14.9. Has 15.6 tested yet? I know that 14.12 is not recommended.
Search

Best approach

June 28, 2015, 9:30 am
$
0
0
Hello,

What is the best approach to crack some hashes where the hashes are salted with username and salt?
Like this: md5(username+password+salt)

I guess I could make a rule that prepends the username and appends the salt. But it will only make sense with some specific usernames.

Regards Martin G

Issue with custom rules

June 28, 2015, 7:21 pm
$
0
0
I'm new to oclhashcat and I'm currently having an issue with the rules. since a combinator attack is limited to two dictionaries, I've had to implement rules to help me test a password.

The password I am looking to crack is testbanana123, no capitals. The dictionaries only contain 3 words, for testing. They are identical but they both contain "test" and "banana"

I used maskprocessor to create a rules file containing on separate lines from $0 $0 $0 to $9 $9 $9. I then verified my understanding that I was creating the rules properly by using hashcat-cli stdout (since oclhashcat doesn't have an equivalent). hashcat-cli command is as follows:

hashcat-cli64.exe -m xxxx -r rules/xxx.rule hash.txt dictionary1.txt dictionary2.txt -stdout

It output a lot of passwords, including my test password.

My final oclhashcat command:
oclhashcat64.exe -m xxxx -r rules/xxx.rule hash.txt dictionary1.txt dictionary2.txt

My final oclhashcat command, however, did not find the correct password, exhausting the list.


So what am I doing wrong or not understanding?

Build recommendation

June 29, 2015, 6:13 am
$
0
0
Sorry if this is the lazy approach, looking for some feedback though.

Always been an AMD guy for cracking boxes but from looking on here, it looks like the current preferences go towards Nvidia.

Looking for most bang for $5k. We tend to do a lot of ntlm/netntlm stuff, with a smattering of other hash types. Just looking for a GPU recommendation to get started that should fit a full build in for 5k but use as much of it as possible and get most performance out of it.

Is three Titan X a silly idea?
Thanks

Low GPU load for dictionary attack

June 29, 2015, 9:32 am
$
0
0
Hello,
I have two hashing rigs, running on Ubuntu 14.04 LTS. Rig #1 has 4x Gigabyte R9 280x GPUs, Rig #2 has 4x MSI Twinfrozr III 7950 GPUs.

I use latest version of oclHashcat + hashtopus.

When I use mask brute force attack mode amdconfig shows continuous 99% load on every card, but for dictionary mode it drops to 70-95% and fluctuates.

Dictionary is quite big, 36 GB plain text, so I thought it's because hard drive. However I've been monitoring my hard drive (3 TB Seagate Barracuda 7200rpm) and I couldn't find any bottlenecks. During normal operation reading from drive takes maybe 5% of full speed, IOPS is on 30-50% level.

CPU is also good, 30-50% load.

It happens for both of my rigs.

So how comes it doesn't use full speed of my cards if there are no bottlenecks?

Well, at least I don't see them.

Any ideas?

Can't launch cudaHashcat on Linux.

June 29, 2015, 9:44 am
$
0
0
When launching cudaHashcat v1.36 it says that "ERROR: No NVidia compatible platform found" even though I have everything required.


I'm running x86_64 Linux Mint 17.1 with GTX 460 and 3.19.0-21-generic kernel.
The Nvidia modules are loaded
Code:
alberts00@Alberts-PC-LM ~/Downloads/cudaHashcat-1.36 $ lsmod | grep nvidia
nvidia               8568832  75
drm                   344064  3 nvidia

I have 352.21 drivers installed from the ppa-edgers repository.
Code:
alberts00@Alberts-PC-LM /media/alberts00/MISC/Cracking/Tools/cudaHashcat-1.36 $ cat /proc/driver/nvidia/version
NVRM version: NVIDIA UNIX x86_64 Kernel Module  352.21  Tue Jun  9 21:53:31 PDT 2015
GCC version:  gcc version 4.8.4 (Ubuntu 4.8.4-2ubuntu1~14.04

What am I missing?

Can't run cudaHashcat64 v1.36 with WPA2 hccap

June 30, 2015, 12:18 am
$
0
0
After update to v1.36, I can't run cudaHashcat64 with following command:
cudaHashcat64.exe -m 2500 PhuLam\RUBY.hccap Dict\090.txt
It always give me following result (picture)
[Image: image.png]

It showed Status of Cracked but there was nothing (even with wrong Dictionary). I'm using Forceware v353.
I still can use that command on v1.20 but because it is outdated so I had to change system clock to be cable to use it.

Pls help me to adjust the command of new 1.36.

Under Kali: Error - X needs to be running...

June 30, 2015, 3:12 am
$
0
0
This isn't directly a HC issue, but I'm hoping someone can make sense of it that is more familiar with the ATI drivers than myself.

I picked up some cheap GPUs and was going to benchmark them with some other cheap hardware I picked up. Not having a spare HDD I decided I would just do a full distro install on a flash drive and since I already had Live Kali 1.1.0a flash drive laying around I figured I would use it to install Kali as a full install on an empty flash drive.

There is a guide on how to install Catalyst on Kali, but it uses packages and it doesn't reference the driver version, so I didn't want to waste my time cluttering up the drive with packages with it likely being the 14.9 drivers.

Instead I just ran the commands referenced in the wiki here to fetch and install Catalyst. It all went mostly good, and even though it said the driver was installed successfully it also said check the log for errors.

The error was it failed to build fglrx against DKMS. I could be mistaken, but I thought DKMS is not explicitly required for it run.

So I go ahead and do:
aticonfig --adapter=all --initial -f
reboot

Instead of bringing up the Kali (gnome based) login it goes straight to console now. So I deleted the xorg.conf it created and rebooted.

The gnome desktop starts up as it should now, but when I:
aticonfig --adapter=all --odgt
It tells me that it is not configured, run aticonfig --initial.

I do that (knowing when I reboot it won't start the gnome desktop), and checkout the file and it all looks right and detected all 3 GPUs.

I then try to get the temp again and it tells me the X server is not running. Clearly this isn't the case since I'm using a gnome desktop X has to be running. Just for grins when I /usr/sbin/Xorg it tells me the Server is already active on display 0.

When I run fgl_glxgears I'm only getting 95 frames per second on the animation, so something is wrong there also.
fglrxinfo tells me my display is :0.0 and screen is 0.
I tried exporting the DISPLAY variable with ":0", ":0.0" "0", etc as well to prevent the error.

Oh... I almost forgot... when installing Catalyst it seems to overwrite libGL.so.1 with the 32 bit version even though it detects my arch as 64. I believe this might be why the installs fails with DKMS based on the logs.

After installing Catalyst if I run fglrxinfo I get an error about that lib having ELFCLASS32. I have to fix it by reinstalling libgl1-mesa-glx
and run ldconfig

After doing those two things fglrxinfo works.

While I'm at it, does anyone know of a setup guide working Kali 1.1.0 for installing Catalyst 14.9 (oclHC compatible)? Installing working packages would probably be quicker to deploy than trying to troubleshoot this. But seeing as there probably isn't since I couldn't find one if anyone has some tips on how to Xorg.conf to run the desktop and aticonfig doesn't think X is running that would great.

I could probably save some heartache by installing a different distro but there are reasons why I need it running under Kali long term than just it being something I already had on hand.
Search

SuperMicro SYS-1028GQ-TRT

June 30, 2015, 9:57 am
$
0
0
Hello Forum

the following new SuperMicro server looks quite interesting...
http://www.supermicro.com/manuals/brochu...server.pdf
(see page 17)

- What could be the reason that the SuperMicro SYS-1028GQ-TRT doesen't seem to support as well AMD GPU (4 Teslas are supported in a 1U chassis!!)?

- Is there a way to install IB-network-adapters in this server (otherwise it cannot be used in cluster, at least to my knowledge)?

Thank's

Bill

Thermaltake Chaser mk-1 with 2 Zotac GTX 980, enough cooling ?

July 1, 2015, 4:57 am

Getting Stats on Rules and Masks for Analysis

July 2, 2015, 12:22 am
$
0
0
I went through the wiki again just now to make sure it wasn't covered... and I couldn't find this specifically answered, not to say it wasn't. But I'm sure this is done regularly by many of you, and to date I've been doing analysis on known passwords to generate rules and masks but I haven't been doing analysis on the efficiency of rules and masks.

So what I'm wondering is if HC (or other tools with compatible rule/mask) can generate a stats file on the performance of the rule, ideally CSV, compared to known passwords?

Instead of using the rules and masks to generate hashes for comparison to other hashes I would like to have it compare the plaintexts of each rule and/or mask it generates against to a wordlist (known pws) and spit out:
combinations tried,words matched,% efficiency (matched/tried)

For example, the "8 character u-l-d-s compliant" is one I'd like to analyze, but geared to WPA. Since the speed on WPA is so slow it isn't practical to run the whole set of masks. But by getting a report on what masks had the highest efficiency against a word list (known PWs) I could whittle the keyspace down a lot. Off the top of my head I would not be surprised if a group of masks in there representing less than 10% of the total keyspace accounting for at least 20 or 30% of the matches.

I'm pretty sure this could be done by writing shell script to feed OHC one mask at a time from that rule file, but I was hoping maybe there was something like this already before I try to reinvent the wheel.

Linux Catalyst Tutorial Still Valid?

July 2, 2015, 6:51 pm
$
0
0
My last server install was a while ago when it was 14.04 (not 14.04.2) and I'm not sure if the tutorial steps will still produce a functional install as listed.

I'm in the process of a new headless install after a fiasco of trying to get Catalyst 14.9 working on a desktop distro. One of the things I am fairly sure of from said fiasco is that 14.9 does not work with X server > 1.5 (possibly it is > 1.6, but AMD specifies 1.5 is the highest version). There is a different method of returning the X version string in later versions that causes the driver compilation to fail.

On the linux server tutorial it says to use 14.04.2. It doesn't really matter if it is subversion 2 or 0 because server doesn't come with X and you have to get it from the Trusty repo anyways.

The version on the Trusty repo is X 1.7. From my experience the drivers will not compile against that version of X, short of perhaps patching the AMD installer.

This is probably my 5th or 6th fresh install so I'm hoping to not botch this one too by getting a bunch of incompatible packages and have to start over again because debian package manager is brutal when things get sideways... makes me yearn for the days when everything was compiled from local source.

I guess the question is... anyone here done a Ubuntu server install with AMD 14.9 drivers recently, as described in the tutorial, without issue... or did you have to patch the amd installer or use legacy repos?

Viewing current plain text guess

July 3, 2015, 1:54 am
$
0
0
I feel like I'm flooding this forum as of late, sorry about that...

I tailed the logs and various files generated by oclHashcat hoping to be able to look at this info in the restore file or somewhere. I couldn't find anyway to do this. Is there a current way to show the current guess being compared to the hash, or ideally even the last 5 or 10?

If not, would it be possible to add this in a future release? Having the last plaintext (or several) displayed on the status screen would be amazing. I realize when you're doing 1B+ h/s its not very "real-time", but it would be really helpful to confirm the plains are generated as intended when using rules and masks. It can be easy, at least for me, to overlook something and waste several hours of hashing on the wrong algorithm/pattern.

I know in hashcat and mp you can get stdout, but there are enough variations between those and oclhashcat on the syntax/options and the way they process that you can't always have 1 to 1 results.

On the slower hashes like WPA having a slight mistake can waste a lot of time and it just happened to me recently.
Viewing all 7673 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>