Please note, this is a STATIC archive of website hashcat.net from 08 Oct 2020, cach3.com does not collect or store any user information, there is no "phishing" involved.
hashcat Forum
6.1.1 potfile - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: 6.1.1 potfile (/thread-9490.html)

Pages: 1 2


6.1.1 potfile - pbies - 09-08-2020

Hashcat for Windows, version 6.1.1 is not writing potfile. The file created is empty. No potfile switches used.

Password is found, but not written to potfile.


RE: 6.1.1 potfile - royce - 09-08-2020

Please post your command line, with any sensitive info replaced with generic info


RE: 6.1.1 potfile - pbies - 09-08-2020

Code:
hashcat -m 6211 -a 3 -w 3 -i --session=ses ..\test\container.tc ?b?b?b



RE: 6.1.1 potfile - philsmd - 09-08-2020

the name of the potfile depends on the session name:
if you use --session ses , then your file name of the potfile is: ses.potfile


RE: 6.1.1 potfile - pbies - 09-08-2020

(09-08-2020, 12:50 PM)philsmd Wrote: the name of the potfile depends on the session name:
if you use --session ses , then your file name of the potfile is: ses.potfile

There is no such file created.

The only created file is hashcat.potfile with length of 0 bytes.


RE: 6.1.1 potfile - pbies - 09-09-2020

Filename of the container is 256.tc so maybe filename with digits only is not accepted?


RE: 6.1.1 potfile - royce - 09-09-2020

If you delete the empty potfile, is it recreated on the next run?


RE: 6.1.1 potfile - pbies - 09-09-2020

(09-09-2020, 03:09 AM)royce Wrote: If you delete the empty potfile, is it recreated on the next run?

Yes.


RE: 6.1.1 potfile - pbies - 09-21-2020

Guys! This is really a problem!!

6.1.1 is not writing password to potfile after finding one!!


RE: 6.1.1 potfile - royce - 09-21-2020

@philsmd, I can recreate this - for both TrueCrypt and Veracrypt, it seems, if a session is specified, but a potfile is not, then ses.potfile is not created on the fly that I can find (on Linux, anyway). Running the same command twice causes another crack (rather than skipping it as already having been cracked). And if I explicitly add "--potfile-path=ses.potfile",  it creates a potfile with zero length and nothing is written to it on crack.

Perhaps this is because TrueCrypt and VeraCrypt hashes are read directly from the container/volume? IIRC it used to store the filename in the potfile instead?