Search Results
|
Post |
Author |
Forum
[desc]
|
Replies |
Views |
Posted |
|
|
Thread: 10 years to crack a 13 character password?
Post: RE: 10 years to crack a 13 character password?
That's not quite how specifying a mask works. IF you don't know which characters are in which positions, you want something more like this -- first definiting a custom character set, and then using it... |
|
royce |
hashcat
|
7 |
14,884 |
11-15-2016, 09:07 PM |
|
|
Thread: hash160(x) a.k.a. ripemd160(sha256(x))
Post: RE: hash160(x) a.k.a. ripemd160(sha256(x))
I'm not sure what you mean by this. Could you rephrase? |
|
royce |
hashcat
|
7 |
8,264 |
11-24-2016, 10:32 PM |
|
|
Thread: hash160(x) a.k.a. ripemd160(sha256(x))
Post: RE: hash160(x) a.k.a. ripemd160(sha256(x))
There is no way to combine hashes that I know of. It would be a very interesting and useful feature, but it might be difficult to implement. |
|
royce |
hashcat
|
7 |
8,264 |
11-24-2016, 11:39 PM |
|
|
Thread: Passphrase help
Post: RE: Passphrase help
@atom, this is where being able to specify a separator for princeprocessor (https://github.com/hashcat/princeprocessor/issues/49) would be awesome. |
|
royce |
hashcat
|
2 |
3,364 |
12-10-2016, 08:05 PM |
|
|
Thread: Interesting situation, zipfile password protected, and extracted.
Post: RE: Interesting situation, zipfile password protec...
If it's WinZip-compatible ZIP, then it would be covered by mode 13600. You'll have to extract the hash using zip2john (from John the Ripper). This thread may be useful:
https://hashcat.net/forum/th... |
|
royce |
hashcat
|
3 |
4,977 |
12-31-2016, 09:29 PM |
|
|
Thread: Unknown hash and original: not identifieably, is hashcat able to find out?
Post: RE: Unknown hash and original: not identifieably, ...
https://hashcat.net/wiki/doku.php?id=frequently_asked_questions#how_can_i_identify_the_hash_type |
|
royce |
hashcat
|
2 |
5,508 |
01-11-2017, 05:04 AM |
|
|
Thread: how to extract hash from veracrypt container
Post: RE: how to extract hash from veracrypt container
Same procedure as for TrueCrypt:
https://hashcat.net/wiki/frequently_asked_questions#how_do_i_extract_the_hashes_from_truecrypt_volumes |
|
royce |
hashcat
|
6 |
16,511 |
01-16-2017, 09:18 PM |
|
|
Thread: NTLM: hashcat vs RainbowCrack
Post: RE: NTLM: hashcat vs RainbowCrack
It depends. This boils down to the time/memory tradeoff. I'll lay out some of the concepts.
Most real-world passwords are of sufficiently low quality that if they are stored poorly (unsalted/fast h... |
|
royce |
hashcat
|
3 |
12,488 |
01-20-2017, 04:35 AM |
|
|
Thread: NTLM: hashcat vs RainbowCrack
Post: RE: NTLM: hashcat vs RainbowCrack
OK, that makes sense. So as soon as you have more than two or three hashes, hashcat will be faster even for limited bruteforce criteria that I listed. |
|
royce |
hashcat
|
3 |
12,488 |
01-20-2017, 05:17 AM |
|
|
Thread: NTLM Benchmark vs Mask Attack
Post: RE: NTLM Benchmark vs Mask Attack
https://hashcat.net/wiki/doku.php?id=frequently_asked_questions#why_is_my_attack_so_slow
The most likely issue: is the target hash a single hash, or multiple hashes? Multiple hashes means slower cr... |
|
royce |
hashcat
|
4 |
7,501 |
01-20-2017, 09:07 AM |
|
|
Thread: Unicode == FUN
Post: RE: Unicode == FUN
See the ./charsets/ subdirectory for character sets that you can use. If you don't know what the target languages might be, apply some wordlists first to determine language frequency, and then target ... |
|
royce |
hashcat
|
9 |
8,851 |
02-01-2017, 09:21 PM |
|
|
Thread: Unicode == FUN
Post: RE: Unicode == FUN
Ah, I was reading too quickly - if you're especially interested in multibyte, the stock charsets won't help, but Rurapenthe's post about bruteforcing should still be helpful. The essential insight is ... |
|
royce |
hashcat
|
9 |
8,851 |
02-01-2017, 09:59 PM |
|
|
Thread: Unicode == FUN
Post: RE: Unicode == FUN
Huh - yeah, I went back through my notes/scripts and all the iconv items were just -f [source-format] -t [dest-format]. I thought it was harder than that, but I guess not! |
|
royce |
hashcat
|
9 |
8,851 |
02-02-2017, 01:50 AM |
|
|
Thread: NTLM Benchmark vs Mask Attack
Post: RE: NTLM Benchmark vs Mask Attack
That looks about right, then. I get the same 50%-ish drop when I do 40 NTLM:
$ hashcat -b -m 1000
hashcat (v3.30) starting in benchmark mode...
OpenCL Platform #1: NVIDIA Corporation
=========... |
|
royce |
hashcat
|
4 |
7,501 |
01-20-2017, 10:01 AM |
|
|
Thread: Long Passwords (MD5)
Post: RE: Long Passwords (MD5)
https://hashcat.net/wiki/doku.php?id=frequently_asked_questions#what_is_the_maximum_supported_password_length |
|
royce |
hashcat
|
1 |
2,506 |
02-04-2017, 08:04 AM |
|
|
Thread: long mask issue
Post: RE: long mask issue
If you really think that your target plaintext is 32 digits long, you will need more information about digit placement and likelihood to have any hope of cracking it.
To answer the literal part of yo... |
|
royce |
hashcat
|
11 |
12,841 |
02-11-2017, 11:54 PM |
|
|
Thread: long mask issue
Post: RE: long mask issue
devilsadvocate Wrote: (02-12-2017, 02:33 AM)
--
royce Wrote: (02-11-2017, 11:54 PM)
--
If you really think that your target plaintext is 32 digits long, you will need more information about digit pl... |
|
royce |
hashcat
|
11 |
12,841 |
02-12-2017, 05:04 AM |
|
|
Thread: long mask issue
Post: RE: long mask issue
Ah, and to be precise even further ... it would never exhaust, because it's not controlled. |
|
royce |
hashcat
|
11 |
12,841 |
02-12-2017, 05:14 AM |
|
|
Thread: long mask issue
Post: RE: long mask issue
devilsadvocate Wrote: (02-12-2017, 05:44 AM)
--
Generating random input to hashcat has its uses despite what you may think.
--
Only in the same sense that a starving man might find it "useful" to wa... |
|
royce |
hashcat
|
11 |
12,841 |
02-12-2017, 06:28 AM |
|
|
Thread: long mask issue
Post: RE: long mask issue
Your target ... is randomly generated ... and changes every 30 seconds?
o_O
The chances of you getting "lucky" are:
(45Gh/s * 30) / 10^32 ≈ 1 in 7.407×10^19
... or roughly 1 chance in 7,407,407... |
|
royce |
hashcat
|
11 |
12,841 |
02-12-2017, 09:44 PM |