|
Search Results
|
| Post |
Author |
Forum
[asc]
|
Replies |
Views |
Posted |
| |
|
Thread: What does the values in Speed Dev indicate
Post: RE: What does the values in Speed Dev indicate
| The first device is hashing candidate passwords at a rate of roughly 9452700 hashes per second. |
|
royce |
hashcat
|
1 |
1,827 |
02-17-2018, 06:28 PM |
| |
|
Thread: DES ECB error
Post: RE: DES ECB error
| But why does the cracking approach sometimes find one first, and sometimes find the other one first? I would expect the attack to be deterministic and reproducible. |
|
royce |
hashcat
|
10 |
7,625 |
02-17-2018, 06:36 PM |
| |
|
Thread: Hybrid Attack
Post: RE: Hybrid Attack
| Nevertheless, that's the answer. Because of how hashcat is optimized to run, undersized masks on the left-hand side have more of an impact on speed than undersized masks on the right-hand side. |
|
royce |
hashcat
|
3 |
3,010 |
02-17-2018, 07:22 PM |
| |
|
Thread: combinator + rule
Post: RE: combinator + rule
| Sounds like you're working with a fast hash?
If so, and if your list of rules is just as you show - only four rules long - then that may be part of the reason why. Native hashcat combinator attack ... |
|
royce |
hashcat
|
6 |
6,142 |
02-05-2018, 01:59 AM |
| |
|
Thread: How to change password length (min/max)
Post: RE: How to change password length (min/max)
| Short answer: add the '-O' flag.
The default min and max lengths shown are very broad, and not as specific as any particular attack (though they do have broad impact on attack speed). It's about yo... |
|
royce |
hashcat
|
4 |
9,652 |
02-06-2018, 03:35 AM |
| |
|
Thread: --stdout combinator attack
Post: RE: --stdout combinator attack
| Syntax example? Works for me:
Code:
--
$ cat test.list
password
rockyou
linkedin
hashcat
hunter2
$ hashcat -a 1 test.list test.list --stdout
passwordpassword
passwordrockyou
rockyoupa... |
|
royce |
hashcat
|
2 |
2,402 |
02-11-2018, 08:39 AM |
| |
|
Thread: DES ECB error
Post: RE: DES ECB error
| It's a family reunion!
Code:
--
$ hashcat --quiet --potfile-path=/dev/null --keep-guessing -m 14000 test.hash -a 3 -1 '`012abcdghirstu' ?1?1?1?1?1?1?1?1
24ac458a29cc3241:5337554801018442:harica... |
|
royce |
hashcat
|
10 |
7,625 |
02-16-2018, 06:07 AM |
| |
|
Thread: DES ECB error
Post: RE: DES ECB error
| Normally, yes. But with --keep-guessing, I would expect all possibilities to be exhausted. In different output order, but all represented. |
|
royce |
hashcat
|
10 |
7,625 |
02-17-2018, 10:00 PM |
| |
|
Thread: Linux GPU accelerated cracking
Post: RE: Linux GPU accelerated cracking
| Skip K-a-l-i. I'd go straight to release of Ubuntu 16.04 LTS, and then set up using these instructions:
https://hashcat.net/faq/wrongdriver
... and this version of the drivers directly from AMD:... |
|
royce |
hashcat
|
5 |
10,071 |
02-22-2018, 04:36 PM |
| |
|
Thread: solved -- invalid argument hashcat 4.1.0 --gpu-temp-retain=
Post: RE: invalid argument hashcat 4.1.0 --gpu-temp-reta...
| Specifically:
Removed option --gpu-temp-retain that tried to retain GPU temperature at X degrees celsius - please use driver-specific tools
Removed option --powertune-enable to enable power tuning ... |
|
royce |
hashcat
|
3 |
5,849 |
02-24-2018, 08:58 PM |
| |
|
Thread: brute forcing sha256 - need help locating salt in open source code
Post: RE: brute forcing sha256 - need help locating salt...
| And if you need it before it's added to hashcat, you'll have to fall back to other tools. John the Ripper supports it with a dynamic mode (CPU only):
Code:
--
Format label ... |
|
royce |
hashcat
|
8 |
6,872 |
02-17-2018, 07:21 PM |
| |
|
Thread: My practice attempt to decrypt a SHA-256 hash of an IP address
Post: RE: My practice attempt to decrypt a SHA-256 hash ...
| Your example in crackitBruteForce.sh will only match three-digits-per-octet IPs (111.111.111.111) and miss other possibilities (111.111.111.1, 1.1.1.1, 11.11.11.11, etc.)
This is closer: https://pa... |
|
royce |
hashcat
|
13 |
9,515 |
02-26-2018, 02:10 AM |
| |
|
Thread: My practice attempt to decrypt a SHA-256 hash of an IP address
Post: RE: My practice attempt to decrypt a SHA-256 hash ...
| Couple of niggles:
- That larger file I linked to covers actual possible IP addresses. Many ?d?d?d (above 254) are invalid in an IP-address octet. So your masks will try many IPs that are not valid... |
|
royce |
hashcat
|
13 |
9,515 |
02-26-2018, 08:15 AM |
| |
|
Thread: is hashcat still support VCL?
Post: RE: is hashcat still support VCL?
| VCL is no longer supported. Intel GPUs are supported via OpenCL, though there are some known problems with Intel's GPU OpenCL implementation, so YMMV. |
|
royce |
hashcat
|
3 |
2,728 |
02-27-2018, 08:06 AM |
| |
|
Thread: is hashcat still support VCL?
Post: RE: is hashcat still support VCL?
| What's out there today divides the work up, using one of a few options:
* Natively, using hashcat's --keyspace, --skip, --limit commands, calculated by custom scripts and work distribution
* Fre... |
|
royce |
hashcat
|
3 |
2,728 |
02-27-2018, 09:39 AM |
| |
|
Thread: Problem with Device #1? shuts down process
Post: RE: Problem with Device #1? shuts down process
| https://hashcat.net/wiki/doku.php?id=frequently_asked_questions#why_does_hashcat_not_work_with_my_kali_operating_system |
|
royce |
hashcat
|
3 |
2,932 |
02-27-2018, 05:17 PM |
| |
|
Thread: My practice attempt to decrypt a SHA-256 hash of an IP address
Post: RE: My practice attempt to decrypt a SHA-256 hash ...
| I didn't write that paste, just grabbed it because it did the job. :)
Works for me:
Code:
--
# Get the masks file.
$ wget -O ip.masks https://pastebin.com/raw/4HQ6C8gG
[...]
# For effici... |
|
royce |
hashcat
|
13 |
9,515 |
02-27-2018, 05:25 PM |
| |
|
Thread: Bcrypt Blowfish Unix Hash
Post: RE: Bcrypt Blowfish Unix Hash
| This all looks like you're doing it right (may want to post commandline just in case, with hash masked if you're using it on the command line). |
|
royce |
hashcat
|
5 |
5,603 |
02-27-2018, 05:36 PM |
| |
|
Thread: My practice attempt to decrypt a SHA-256 hash of an IP address
Post: RE: My practice attempt to decrypt a SHA-256 hash ...
|
undeath Wrote: (02-27-2018, 06:29 PM)
--
no, it doesn't. there are no instances of .?1 or .?2
--
That's what I get for not escaping my '?' in my egrep. :) Then I have no idea why the OP got that as... |
|
royce |
hashcat
|
13 |
9,515 |
02-27-2018, 07:03 PM |
| |
|
Thread: Advantage with a big wordlist?
Post: RE: Advantage with a big wordlist?
| Giant deduplicated wordlists are great for fast hashes, but not as helpful for slow ones.
And what's usually missing from most of them is *frequency data*.
A giant wordlist, sorted by how commo... |
|
royce |
hashcat
|
2 |
2,364 |
03-07-2018, 10:45 PM |
