05-27-2014, 09:07 PM
05-28-2014, 10:25 AM
Uhm, is hashtopus still optainable? The demo is 404
05-28-2014, 11:13 AM
I am going to upload a new one. I have a feeling that someone intentionaly broke it while trying to hax my server
05-28-2014, 11:51 AM
hehe, OK would be cool if I could get a copy somehow to test it
05-28-2014, 02:25 PM
Demo is online again.
05-28-2014, 06:57 PM
(05-27-2014, 09:07 PM)curlyboi Wrote: [ -> ]This is not possible... You cannot subtract keyspaces for hashcat. And believe me, I gave this thought plenty of time
I see, how about this then? set a custom charset with everything except lowercase, then try all possible combinations, with custom charset "1" occuping at least one position. That would avoid all passwords consisting of only lowercase. I have no idea if this is practical, or even speeds up the cracking, but it would reduce the keyspace considerably if simpler attacks have already been done, wouldn't it?
Something like this, with all possible combinations of ?1 and ?a
-1 ?u?d?s
?1?a?a?a?a?a?a?a
06-01-2014, 02:37 PM
Well you can do this manually, if you craft the command line for hashcat accordingly.
06-01-2014, 02:37 PM
GOOD NEWS EVERYONE! VERSION 0.8.5 - FIRST PUBLIC VERSION JUST RELEASED. CHECK THE FIRST POST IN THIS THREAD FOR DOWNLOAD LINK AND GUIDE VIDEO.
06-01-2014, 04:07 PM
Hashtopus is awesome and it deserves to be highlighted here.
Don't get shocked by the use of a .net client on your linux box. The entire project is open source, you can check out all what it does by yourself or compile yourself. To get it running all you need to do is to run "apt-get install libmono2.0-cil" and you're good to go.
Don't get shocked by it's design. It told curlyboi, the developer, to add a more modern css to it but he sticked to develop features and fixing bugs. In a way I can understand it.
In fact, many of my own ideas moved into the project, like the superhashlist and the predefined tasks. I find myself using hashtopus day by day and I can guarantee it will make your cracking jobs more structured, especially when you work with the predefined tasks.
Using this tool has many other positive side-effects that I did not think about in the first place. What I noticed when working with it was:
- It helps you to not forget "that one job". You know that whenever you heavily tried to crack one hash but you don't get it cracked and then some day later some guy comes and tells you he just cracked it and you wonder wth, how, and it turns out you just forgot to run the combinator attack using -j "$-" or so.
- You "save" your ideas. For example while playing with huge hashlists you find out it's more effecient to use stacked rules then -a 7 with small mask (it is). Just add it to your predefined tasks and it will never be forgotten :)
- You get a very special flexibility. Lets say you have a long running brute-force on a huge list but for some reason you need to crack a different hashlist now and it can not wait. You just put it up to hashtopus, select your predefined tasks and you dont need to think about again. It will get automatically higher prioritized and when its cracked or exhausted the previous long running tasks will continue without any loss. By playing around with the priorities you have a great way to manage whats going on but on a meta level,
- The visualised chunks give you a better idea of how all this works together, it gives you a big picture. It is not magic stuff nobody can understand. By understanding how it works you gain trust in it.
- Hashtopus is very robust. I tested it on tons of different systems Linux, Windows, NVidia, AMD, you name it in all combinations. It simply works.
- The per-agent commandline configuration comes in very handy if you have "problematic" nodes. For example on my workstation I don't want to run oclHashcat will full power, so I would never set -w 3 on it. But on my linux dedicated cracking box I want that, so I set it.
Hashtopus is straight-forward and full featured. It handles both, dictionary based and brute-force, same good. It synchronizes your global files with the agents automatically. If you're familar with oclHashcat and you have a bit of cracking experience, you will get in pretty soon, there's no real need to study it.
Check it out, it's absolutly worth it.
--
atom
Don't get shocked by the use of a .net client on your linux box. The entire project is open source, you can check out all what it does by yourself or compile yourself. To get it running all you need to do is to run "apt-get install libmono2.0-cil" and you're good to go.
Don't get shocked by it's design. It told curlyboi, the developer, to add a more modern css to it but he sticked to develop features and fixing bugs. In a way I can understand it.
In fact, many of my own ideas moved into the project, like the superhashlist and the predefined tasks. I find myself using hashtopus day by day and I can guarantee it will make your cracking jobs more structured, especially when you work with the predefined tasks.
Using this tool has many other positive side-effects that I did not think about in the first place. What I noticed when working with it was:
- It helps you to not forget "that one job". You know that whenever you heavily tried to crack one hash but you don't get it cracked and then some day later some guy comes and tells you he just cracked it and you wonder wth, how, and it turns out you just forgot to run the combinator attack using -j "$-" or so.
- You "save" your ideas. For example while playing with huge hashlists you find out it's more effecient to use stacked rules then -a 7 with small mask (it is). Just add it to your predefined tasks and it will never be forgotten :)
- You get a very special flexibility. Lets say you have a long running brute-force on a huge list but for some reason you need to crack a different hashlist now and it can not wait. You just put it up to hashtopus, select your predefined tasks and you dont need to think about again. It will get automatically higher prioritized and when its cracked or exhausted the previous long running tasks will continue without any loss. By playing around with the priorities you have a great way to manage whats going on but on a meta level,
- The visualised chunks give you a better idea of how all this works together, it gives you a big picture. It is not magic stuff nobody can understand. By understanding how it works you gain trust in it.
- Hashtopus is very robust. I tested it on tons of different systems Linux, Windows, NVidia, AMD, you name it in all combinations. It simply works.
- The per-agent commandline configuration comes in very handy if you have "problematic" nodes. For example on my workstation I don't want to run oclHashcat will full power, so I would never set -w 3 on it. But on my linux dedicated cracking box I want that, so I set it.
Hashtopus is straight-forward and full featured. It handles both, dictionary based and brute-force, same good. It synchronizes your global files with the agents automatically. If you're familar with oclHashcat and you have a bit of cracking experience, you will get in pretty soon, there's no real need to study it.
Check it out, it's absolutly worth it.
--
atom
06-01-2014, 08:10 PM
Wow, I wasn't expecting a release so soon. Thank you curlyboi! (and of course thank you atom!)