Please note, this is a STATIC archive of website hashcat.net from 08 Oct 2020, cach3.com does not collect or store any user information, there is no "phishing" involved.

hashcat Forum

Full Version: Some feature
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
First I want to thank Atom for this wonderful software. Smile I find it to be the best cracker and it helped me more than other tools.

I would like to see implemented if possible in some future versions:

i. Dummy mode

Basically hashcat-plus with no cracking algorithm loaded. It would be really nice to have a dummy mode just to test rules, and dictionaries against lists of already cracked passwords to see what rules are matching passwords the best. You can do this but running against a list of md5 hashes but having a dummy mode would be much faster.

Something like:

cudaHashcat-plus64 -m dummy -r rules/special.rule plainpass.txt testdic.txt

ii. Vocal and consonant masks

It would be nice to have something like ?v ?V and ?c ?C so we can try to bruteforce with soething like:

?v?c?v?c?v?c?c??v wich would be faster than just ?l?l?l?l?l?l?l for some kind of passwords.

iii. Per position bruteforcing

something like mask partial_match mask :

?l ell ?l or: ?l?l sswo ?l?l or: p ?l ss ?l?l?l d

iv. Hashcat-plus supporting all rules from Hashcat

I would love to be able to use nice rules like dd3ad0ne ore T0XlC or korelogic rules in hashcat plus as hashcat plus is dropping many of the rules saying it can not convert the rules to run on GPU.

v. Having tables in Hashcat plus

vi. Fixing speed in hybrid mode:

When I try hybrid mode 6 with mask it's much faster than hybrid mode 7 with mask. IDK why putting mask in front of the word is much slower than putting mask after the word.

vii. Having Hashcat plus support of the feature of Hashcat


Thanks for reading.
twitty Wrote: [ -> ]i. Dummy mode
Maybe on CPUs version.


twitty Wrote: [ -> ]ii. Vocal and consonant masks
Similar requests were already made, and they were rejected saying it will drop performance.
But you can still do -1 [idontknowvocalletters] -2 [idontknowconsonantletters] ?1?2?1?2?1?2?2?1?2


twitty Wrote: [ -> ]iii. Per position bruteforcing
It's already there. Just do: blablabla -a3 blablabla ?u?lss?lor?l
It's called Mask Attack and it should nail "Password".


twitty Wrote: [ -> ]iv. Hashcat-plus supporting all rules from Hashcat
Sounds cool. But I don't think that would be easy on atom or even possible.
I have a "cleaned" version of d3ad0ne.rule if you're interested.


twitty Wrote: [ -> ]v. Having tables in Hashcat plus
Already requested, might get implemented, low possibility. However, you can do --stdout and pipe it -plus.


twitty Wrote: [ -> ]vi. Fixing speed in hybrid mode
https://hashcat.net/forum/thread-1276.html


twitty Wrote: [ -> ]vii. Having Hashcat plus support of the feature of Hashcat
Haha, good joke.
(08-16-2012, 09:28 PM)M@LIK Wrote: [ -> ]
twitty Wrote: [ -> ]i. Dummy mode
Maybe on CPUs version.

You mean --stdout? Its already supported

(08-16-2012, 09:28 PM)M@LIK Wrote: [ -> ]
twitty Wrote: [ -> ]ii. Vocal and consonant masks
Similar requests were already made, and they were rejected saying it will drop performance.
But you can still do -1 [idontknowvocalletters] -2 [idontknowconsonantletters] ?1?2?1?2?1?2?2?1?2

Now that we have markov-chains you dont need to do such things manually any longer. Just reduce the threshold if you want faster runs.

(08-16-2012, 09:28 PM)M@LIK Wrote: [ -> ]
twitty Wrote: [ -> ]iv. Hashcat-plus supporting all rules from Hashcat
Sounds cool. But I don't think that would be easy on atom or even possible.
I have a "cleaned" version of d3ad0ne.rule if you're interested.

That is not possible without dropping support for vector datatypes. I am sure you dont want that.

(08-16-2012, 09:28 PM)M@LIK Wrote: [ -> ]
twitty Wrote: [ -> ]vii. Having Hashcat plus support of the feature of Hashcat
Haha, good joke.

The ones that are not ported like Table-Lookup Attack are hard to port. But I can fully understand your wish for that Smile
@Atom. I think that what the user wants to do with the Dummy mode is basically work with rules only with plain-text without any hashing process. You input a dictionary, use rules and see if you can match a set of target passwords from a text file. Basically you would replace the hash file by the target password file.

I actually think that it would be extremely useful to have and use for optimization of dictionary / rule pairs. Not sure if having a GPU to do that would benefit over CPU but you know better than me where it could be best implemented.
Exactly. what mastercracker said.
But I don't think it needs GPU power, that's why I said "Maybe on CPUs version.".
@Atom:
Thanks for your answers. By dummy mode I meant just what mastercracker says: test rules and dictionaries against a list of passwords without hashing.
Hmm sounds interessting. I think we can do that on CPU. GPU would not make much sense, as malik and mastercracker already said.