Quantcast
Channel: hashcat Forum - All Forums
Viewing all 7673 articles
Browse latest View live

How often (rli/rli2)?

September 3, 2015, 2:07 pm
$
0
0
Hi

My dictionaries are getting huge and I know I should make sure that I don't run the same guess twice.
I should be using rli2 (or some other way). I know. But I don't.

How about you? Do you make sure that you doesn't repeat yourself?


/ M
Search

ERROR: No NVidia compatible platform found

September 3, 2015, 3:40 pm
$
0
0
Hi i'm coneccting to a windows 7 through RDP, i installed cuda and nvidia driver for GeForce 7950 GX2
but when i start  cudaHashcat64.exe i get ERROR: No NVidia compatible platform found
is it because the RDP? any help

NVIDIA 840M (laptop)

September 5, 2015, 10:30 am
$
0
0
Did some overclocking just for fun and informational testing and here are the benchmark results:

OS: Windows 10 64bit
Driver: 355.60
oclHashcat v1.37

Default settings for WPA = 31,400 hashes per second
Default settings for MD5 = 790,000 hashes per second


+135 Mhz GPU Clock Offset = 35,100 hashes per second for WPA (11.78% performance increase over stock)
+135 Mhz GPU Clock Offset = 881,000 hashes per second for MD5 (11.39% performance increase over stock)

Tool used: EVGA Precision X 16 software utility. Raising the Mem Clock Offset will actually hinder performance so it's left alone. Most of us know already that unless you have adequate cooling, overclocking a laptop GPU is NOT recommended!

To put this into perspective, if it normally takes your word list 1 hour to complete, then:

10% increase = 6 minutes faster (54 minutes)
11% increase = 6.6 minutes faster
12% increase = 7.2 minutes faster

For 10 hours, a 12% increase in performance is about 1.5 hours shaved off of your time.

Example Hcmask Explained

September 5, 2015, 10:46 am
$
0
0
Hi

can someone explain to me the use of comma in

?d?l,test?1?1?1
abcdef,0123,ABC,789,?3?3?3?1?1?1?1?2?2?4?4?4?4
company?d?d?d?d?d
?l?l?l?l?d?d?d?d?d?d

From https://hashcat.net/wiki/doku.php?id=mask_attack

what is the likely output?

I may have worked it out - is it to perform several attacks from the same line of code?

Rab.

Custom Charset

September 6, 2015, 7:16 am
$
0
0
Hi guys, new here, trying to learn oclHashcat and got stuck.

So i'm attacking a WPA hccap file, using: oclhashcat64 -m 2500 -w 3 -a 3 1.hccap ?l?l?l?l?l?l?l?l -o found.txt

This is using all lowercase alpha min 8 max 8 characters, but i want to use all the lower alpha characters except the letter o and i as i'm cracking a Virgin Media router which uses the letters abcdefghjklmnpqrstuvwxyz

Can someone help with a mask for this charset. 
Thanks

low performance with prepend more than 3 characters in mask attack

September 6, 2015, 9:22 am
$
0
0
when i run
Code:
cudaHashcat64.bin -a 3 -m 5100 b068322473d98c88 123?a?a?a?a?a?a1111111111155e82da34
i got a crack speed of 519 MH/s.
Code:
Session.Name...: cudaHashcat
Status.........: Running
Input.Mode.....: Mask (123?a?a?a?a?a?a1111111111155e82da34) [29]
Hash.Target....: b068322473d98c88
Hash.Type......: Half MD5
Time.Started...: Mon Sep  7 00:16:29 2015 (4 secs)
Time.Estimated.: Mon Sep  7 00:40:07 2015 (23 mins, 32 secs)
Speed.GPU.#1...:   519.0 MH/s
Recovered......: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.......: 2527723520/735091890625 (0.34%)
Rejected.......: 0/2527723520 (0.00%)
Restore.Point..: 26607616/7737809375 (0.34%)
HWMon.GPU.#1...: -1% Util, 61c Temp, N/A Fan


but if i run
Code:
cudaHashcat64.bin -a 3 -m 5100 b068322473d98c88 1234?a?a?a?a?a?a1111111111155e82da3
the crack speed reduced to 30770 kH/s
Code:
Session.Name...: cudaHashcat
Status.........: Aborted
Input.Mode.....: Mask (1234?a?a?a?a?a?a1111111111155e82da3) [29]
Hash.Target....: b068322473d98c88
Hash.Type......: Half MD5
Time.Started...: Mon Sep  7 00:16:12 2015 (7 secs)
Time.Estimated.: Mon Sep  7 07:32:14 2015 (7 hours, 15 mins)
Speed.GPU.#1...: 30770.1 kH/s
Recovered......: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.......: 218365952/735091890625 (0.03%)
Rejected.......: 0/218365952 (0.00%)
Restore.Point..: 218365952/735091890625 (0.03%)
HWMon.GPU.#1...: -1% Util, 54c Temp, N/A Fan

is this a bug or something?

R9 380 (Older R9 285) for build?

September 6, 2015, 11:54 pm
$
0
0
I'm building a VM focused Linux rig on a budget that has to do occasional GPU number crunching and have been looking at the R9 380 as a mid range card.  XFX do a 2Gb DD Black Edition (1030Mhz) for £150.

I have some slight concerns that I'm hoping you guys could shed some light on. 

I'm happy with the benchmarks for the 380, but I am thinking that putting it in to practice on a 120 hour+ crack will be quite different given rising temperatures and the potential for AMD's PowerTune to interfere.  I don't want to spring for the card if I'm going to be forced down to 100KH/S WPA.

Does anybody have any practical experience with this card?  What is it actually like over extended periods?

Are there better recommendations for the price bracket?

ERROR: cuMemAllocHost() 2

September 7, 2015, 10:30 pm
$
0
0
Getting error "ERROR: cuMemAllocHost() 2" when running benchmark (-b). Other hashcat tests can complete fine.

Running Windows 10 64-bit and latest Nvidia drivers (355.82). Titan X cards.

Have applied the Timeout registry fix.

Any ideas?
Search

.ZIP files? (again)

September 8, 2015, 4:45 am
$
0
0
Sorry - I know this has been brought up before, but I was hoping to get a confirmation.  Does this ticket being 'accepted' mean that .zip file capability might eventually be added to hashcat?

https://hashcat.net/trac/ticket/161

I see that RAR and 7-zip have recently been added.  Thanks!

Cracking SHA when I know the salt - is this the right way?

September 8, 2015, 10:45 am
$
0
0
I've cracked some hashes and the results looks like this:
pass1234
dog1234
banjo1234
etc,
So I know that the salt is 1234 appended at the end of the password.
Now, I fire up cudaHashCat and enter this:
Code:
cudaHashCat64.exe -m 110 7xxa1a94xxbe3cxx660xx237ecxxf505804xxdac:1234

Is this the correct way? It doesn't seem to progress - Recovered (0%), Digests (0%), Speed 0h/s.

r9 290x help

September 8, 2015, 11:48 pm
$
0
0
hi.i have r9 290x and install catalyst 13.21 beta (orginal cd driver).i download ocl hashcat 1.20 - 1.37 all of them give me not suppurted driver and show (Device#1 : hawaii ....) and with --force give me the (clbuildprogram() -11) error .i have 8 gig ram and windows 7 ultimate 64x.plz help

rockyou replacement imminent?

September 10, 2015, 6:52 am

merge multiple computers with the GPU

September 10, 2015, 10:21 am
$
0
0
Hi!
how to unite the power of multiple computers with the GPU to work with a hash?

Custom Base64 ?

September 12, 2015, 7:59 am
$
0
0
Hey !

I registered cause I saw a similar topic and well you guys cracked it out ...

I've been working on a pentest here, after founding couple SQLI and XSS I'm now working on the some kind of token you pass through cookies, and well you're then considered logged in if you have a correct one

after a quick test with Burp Sequencer it seems quite random but i'm sure it's not

it a two parter that goes like this : someB64lookingchars*somemore*

both sometimes end up with one or two dots(.)

both contains a-zA-Z0-9, but first one sometimes contains _ or -

both have a major repetitive part

I believe it to be custom alphabet Base64, cause when I decode it I get each time same structure(for the second part, and nothing for the first), but with weird chars

I coded in py something trying each alphabet possibility and lookinf for a coherent one, but it's a very time consuming solution, maybe a year I don't know .... so if you have better solution for me I take it !!!

Sample of first part 

Code:
AQIC5wM2LY4SfcwSi-WAEW4nRPOBFUSCATEDsaE9zUTc-LM.
AQIC5wM2LY4SfcxA0BdpH9sdVrQ5WOBFUSCATEDo468Puh0.
AQIC5wM2LY4SfcwONGMDb6_0exML9OBFUSCATEDShVd0OYI.
AQIC5wM2LY4Sfcxw01hmll4OBFUSCATEDBQWr1kbi3_VtDY.


Sample of second part


Code:
AAJTSQACMDIAAlNLABIxMjk1NjAxMjg1NDcOBFUSCATEDlMxAAIwMQ.
AAJTSQACMDIAAlNLABQtMjU4NDYxNzM0MTBOFUSCATEDOQACUzEAAjAx
AAJTSQACMDIAAlNLABQtODU0ODI5MjYwMTOBFUSCATEDNAACUzEAAjAx
AAJTSQACMDIAAlNLABM2MTE1NTQ4NjMxNTOBFUSCATEDAAJTMQACMDE
AAJTSQACMDIAAlNLABQtODU1OTEyOTgwMzOBFUSCATEDOAACUzEAAjAx
AAJTSQACMDIAAlNLABQtMzE3MDY4NjUyNTOBFUSCATEDMQACUzEAAjAx
AAJTSQACMDIAAlNLABQtMzI4Mjc0NjEwODOBFUSCATEDMwACUzEAAjAx


Decoded sample second part

Code:
 ☻SI ☻02 ☻SK ¶-HERE_GOES_PURE_INTS ☻S1 ☻01

and it's urlencoded version in case you can't see thoses beautifull smyleys Smile

Code:
%00%02SI%00%0202%00%02SK%00%14-HERE_GOES_PURE_INTS%00%02S1%00%0201


HERE_GOES_PURE_INTS is if it's unclear, 19 numbers like 65923230900000144855

I Obfuscated part of each sample for the forum rules

thanks




PYTHON CUSTOM B64 BRUTEFORCE

Code:
import string,base64,sys,re,time

alphabet = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'
Base64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"

total = list("0")

lout = list("OOOO")

open('C:\Users\John\Desktop\pouet.txt', 'w').close()
open('C:\Users\John\Desktop\pouet2.txt', 'w').close()

file1 =  open('C:\Users\John\Desktop\pouet.txt', 'a+')
file2 =  open('C:\Users\John\Desktop\pouet2.txt', 'a+')

def dec(txt1,custom):

out = ""

for v in txt1: out += str(custom[string.find(Base64,v)])

out = base64.b64decode(out+"=")

if out != lout[0]:

un = re.search('([\a-zA-Z0-9\&~#"\'\{\(\[\-\]\)\}\$\]\+=\*/_,\.;:!<>\s @%]+){19,}',out)

if un:  
file2.write (out+"  :::::  "+custom+"\r\n")
total[0] = int(total[0])+1

else:  
file1.write (out+"  :::::  "+custom+"\r\n")




lout[0] = out


def dept(a1,t1,c1):

i = 0
for x in a1:
a2 = list(a1)
e1 = a2[i]
del a2[i]
if len(a2) > 0:
dept(a2,str(t1)+str(e1),c1)
else:

w = (t1+e1)[::-1]
c1.append(w)
sys.stdout.write(str(total[0])+" - "+w+"\r")
sys.stdout.flush()    

#if int(total[0]) > 2: sys.exit(str(total[0])+" :::::::::: ok :::::::::::::::   ")
dec("AAJTSQACMDIAAlNLABM3NTM2NzA0NTgzNDc5Nzg2NTg1AAJTMQACMDE",w)

i += 1

c1 = list()
dept(alphabet[::-1],"",c1)

sys.exit("out")

Best video hard choice

September 12, 2015, 1:41 pm
$
0
0
I am working specifically on a 7z hash, and I plan on having to work on it for a very long time.

I currently have a laptop with a 880M, which I will keep using.  The performance is sad.

I am going to finally have access to my desktop, which is currently running a Radeon 5770.

I have this card still sealed in the box, which I have laying around.  I am not sure if I should ebay it, which I will probably get around $100 for it.  I could buy a second one for $240.  The performance looks to be about the same as the 880m I have, which is not stellar.  Two running together would be mediocre at best.

I am leaning more towards selling the sealed card and buying a radeon, as I have read that they are better for hashing.  I'm not sure what to buy.  I would like to spend no more then $350 on the card, including the $100 I get for the sale of the sealed card.

I intend to buy a second identical card down the line when I have more cash.  I might sometimes use the two cards for gaming, but 95% it will be for hashing.  I would like something with good cooling, that expels the air out the back of the case, as my cooling is not the best.

Can someone recommend a good card?  I prefer XFX because of the double lifetime warranty.  If you know of another manufacturer with a lifetime warranty, that is fine.

Thank you or the help.
Search

mask/rules

September 12, 2015, 10:55 pm
$
0
0
I have a hash that has a description of the type of password it is. 
It says "8 lower case alphabetic with the following charsets with the probabilities listed:"

asdfghjkl = .5 probability
ertyuicvbnm = .4 probability
qwzxop = .1 probability.

I understand using a charset, like: -1 asdfghjkl -2 ertyuicvbnm -3 qwzxop 

This leaves me with the question, is there a good way to do this?

Thanks.

Debugged Rules

September 13, 2015, 2:15 am

Writing hashfile.new takes too long time.

September 14, 2015, 1:25 am
$
0
0
Writing large files takes too long time when exit the program, especially through the LAN, please use setvbuf to set the cache before writing files.

My first tests

September 14, 2015, 8:30 am
$
0
0
I was curious so checked hashing algorithms. I ran some test but I'm confused now.

First, I made a program with C#(Okay, not the best one for this),
It search an SHA1 string from a simple word dictionary. To do this, It has to hash all word real time, and compare with the target hash.
It checks average 590k pw/sec.

Then, I wanted to test the same with GPU.
CudaHashCat checks average 5675k pw/sec.

With different method(brute force) it checks 3850M pw/sec.

The question is, are these realistic data, or did I do something wrong? What would be realistic?
CPU-GPU comparison(dictionary attack) might be good with 10x, but the brute force with nearly x1000 is a little bit too much.

All test use SHA1 hashing algorithm.
Spec: i7-4790k(4.40 GHz),  GTX 970, 16GB RAM

Hashcat noob need help!

September 14, 2015, 9:14 am
$
0
0
Hi guys!

I'm trying to understand hashcat because it's the fast password cracking service. I tried to crack a LM code. But I dont
understand how I need to make a tablet that cracks my LM hash.

hashcat -m 3000 -a 0 hashes/hash.txt


It could be a NTLM too but I dont know that.

Help is helpful!
Viewing all 7673 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>