08-10-2016, 03:12 AM
Hello all,
I am writing this to helpfully let the smart developers and other supporters of hashcat know of a possible bug I found today. I tried doing some searching through the forums and couldn't find it posted anywhere else, so figured I would.
BLUF: On a Late 2013 MBP 15-Inch Retina with GT 750 using the '-d 3' option, will not crack hashes properly in mask mode.
Long Story: Currently I'm taking a course that needed me to crack some hashes. Since I'm traveling, I have to use my MBP I brought with me to attempt to crack some hashes. Just incase I had a friend willing to help with a 3x 7970 rig. I knew the password was 15 chars as per guidance from my instructor. I attempted to get cracking on it first, after struggling with some syntax issues(RTFM errors on my part), I got it going. However the time needed was way too long.
I gave my friend the hash, and let him attempt it, same result, not as long, but still too long. So this morning I was able to get my instructor to give me a good chunk of the password in order to speed up the processes. His rig cracked it in about 7 mins. Awesome! However I still wanted to crack it on my own hardware. I let my MBP stay on it, it estimated about 9 hours. I let it chug along all day, and then I get a "Status.........: Exhausted"? I was puzzled as to why my MBP didn't crack it. Obviously now that I knew what the password was I shortened up the brute mask to help speed up testing.
I went into testing mode and tried to figure out if there was anything I could do to make it crack successfully. After some quick testing it only seems that the mask/brute mode fails. I tried a simple word list and it works fine. I tried a combination attack, and it works fine. It appears from the little testing that I've done, that it only fails with the '-d 3' option on mask/brute mode. Below is two snippets from the command outputs show the difference in failure/success.
I am writing this to helpfully let the smart developers and other supporters of hashcat know of a possible bug I found today. I tried doing some searching through the forums and couldn't find it posted anywhere else, so figured I would.
BLUF: On a Late 2013 MBP 15-Inch Retina with GT 750 using the '-d 3' option, will not crack hashes properly in mask mode.
Long Story: Currently I'm taking a course that needed me to crack some hashes. Since I'm traveling, I have to use my MBP I brought with me to attempt to crack some hashes. Just incase I had a friend willing to help with a 3x 7970 rig. I knew the password was 15 chars as per guidance from my instructor. I attempted to get cracking on it first, after struggling with some syntax issues(RTFM errors on my part), I got it going. However the time needed was way too long.
I gave my friend the hash, and let him attempt it, same result, not as long, but still too long. So this morning I was able to get my instructor to give me a good chunk of the password in order to speed up the processes. His rig cracked it in about 7 mins. Awesome! However I still wanted to crack it on my own hardware. I let my MBP stay on it, it estimated about 9 hours. I let it chug along all day, and then I get a "Status.........: Exhausted"? I was puzzled as to why my MBP didn't crack it. Obviously now that I knew what the password was I shortened up the brute mask to help speed up testing.
I went into testing mode and tried to figure out if there was anything I could do to make it crack successfully. After some quick testing it only seems that the mask/brute mode fails. I tried a simple word list and it works fine. I tried a combination attack, and it works fine. It appears from the little testing that I've done, that it only fails with the '-d 3' option on mask/brute mode. Below is two snippets from the command outputs show the difference in failure/success.
Code:
$ ./hashcat.app -m 1000 class.hash -a 3 -d 3 '!N$Piringac?a?a?a?a'
OpenCL Platform #1: Apple
=========================
- Device #1: Intel(R) Core(TM) i7-4850HQ CPU @ 2.30GHz, skipped
- Device #2: Iris Pro, skipped
- Device #3: GeForce GT 750M, 512/2048 MB allocatable, 2MCU
Session.Name...: hashcat
Status.........: Exhausted
Input.Mode.....: Mask (!N$Piringac?a?a?a?a) [15]
Hash.Target....: 44a7cb664573c159179478d001012b68
Hash.Type......: NTLM
Time.Started...: Tue Aug 9 20:32:21 2016 (3 secs)
Speed.Dev.#3...: 22709.4 kH/s (0.07ms)
Recovered......: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.......: 81450625/81450625 (100.00%)
Rejected.......: 0/81450625 (0.00%)
Code:
$ ./hashcat.app -m 1000 class.hash -a 3 '!N$Piringact?a?a?a'
OpenCL Platform #1: Apple
=========================
- Device #1: Intel(R) Core(TM) i7-4850HQ CPU @ 2.30GHz, skipped
- Device #2: Iris Pro, 384/1536 MB allocatable, 40MCU
- Device #3: GeForce GT 750M, 512/2048 MB allocatable, 2MCU
44a7cb664573c159179478d001012b68:!N$Piringact10n
Session.Name...: hashcat
Status.........: Cracked
Input.Mode.....: Mask (!N$Piringact?a?a?a) [15]
Hash.Target....: 44a7cb664573c159179478d001012b68
Hash.Type......: NTLM
Time.Started...: 0 secs
Speed.Dev.#2...: 128.3 MH/s (3.00ms)
Speed.Dev.#3...: 56533.3 kH/s (0.01ms)
Speed.Dev.#*...: 184.8 MH/s
Recovered......: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts
Progress.......: 857375/857375 (100.00%)
Rejected.......: 0/857375 (0.00%)