Search Results
|
Post |
Author
[desc]
|
Forum |
Replies |
Views |
Posted |
|
|
Thread: Problem get password that is in dictionary
Post: RE: Problem get password that is in dictionary
Yes. Try it to see if it works. You are empowered to to definitively answer your own question. :) |
|
royce |
hashcat
|
12 |
12,533 |
03-02-2017, 05:00 PM |
|
|
Thread: Avoid character occurrance in brute force attack
Post: RE: Avoid character occurrance in brute force atta...
I don't think that there is a way to express this using hashcat's rules (unless you generated a very large list of masks and custom character sets).
And even if there were, I don't think that it wo... |
|
royce |
hashcat
|
12 |
12,015 |
03-06-2017, 01:49 AM |
|
|
Thread: combining sustems
Post: RE: combining sustems
You can manually divide up work using -s/--skip and -l/--limit.
There are also some frameworks that help to automate this.
https://hashcat.net/wiki/doku.php?id=frequently_asked_questions#how_can_i_d... |
|
royce |
General Talk
|
1 |
2,901 |
03-10-2017, 04:02 AM |
|
|
Thread: Getting new GPU
Post: RE: Getting new GPU
On an extreme budget, a GTX 970 performs similarly to a GTX 1060. Used 970s can be acquired on eBay for $150 or less.
Be aware that only 1/4 of the GPU's memory is made available by the NVIDIA Open... |
|
royce |
Hardware
|
2 |
3,416 |
03-14-2017, 05:28 PM |
|
|
Thread: Potfile format - to hex or not to hex
Post: RE: Potfile format - to hex or not to hex
FWIW, I've been using that same Perl one-liner from undeath, expanded for readability and converted to a standalone script:
Code:
--
#!/usr/bin/env perl
# Credit: undeath, https://hashcat.net... |
|
royce |
hashcat
|
10 |
9,893 |
03-15-2017, 03:02 PM |
|
|
Thread: Potfile format - to hex or not to hex
Post: RE: Potfile format - to hex or not to hex
Interesting use cases, thanks.
Two things, though:
1. Since the subject of this post starts with "Potfile format", I assumed that the end goal is to convert a potfile, but retain the potfile for... |
|
royce |
hashcat
|
10 |
9,893 |
03-16-2017, 04:14 AM |
|
|
Thread: Potfile format - to hex or not to hex
Post: RE: Potfile format - to hex or not to hex
And here's a rough pass at the reverse:
Code:
--
#!/usr/bin/env perl
# Credit: undeath, https://hashcat.net/forum/thread-3522.html
# ... and devilsadvocate ;)
use utf8;
while () {
... |
|
royce |
hashcat
|
10 |
9,893 |
03-16-2017, 04:45 AM |
|
|
Thread: Potfile format - to hex or not to hex
Post: RE: Potfile format - to hex or not to hex
I know this is going to sound silly, but just to triple-confirm ... you're saying that you convert your plaintext dictionaries to hex strings, producing output like this (from the first ten lines of r... |
|
royce |
hashcat
|
10 |
9,893 |
03-16-2017, 06:11 AM |
|
|
Thread: +55 minutes in Generating Dictionary for 194GB
Post: RE: +55 minutes in Generating Dictionary for 194GB
Have you looked into hashcat's rules and masks? You may be able to significantly reduced the size of your wordlist, in exchange for faster coverage of your likely password space.
For example, if your... |
|
royce |
hashcat
|
26 |
24,602 |
03-19-2017, 06:54 AM |
|
|
Thread: Show how the password was cracked
Post: RE: Show how the password was cracked
See the --debug-mode option. Mode 4 may be what you're looking for.
# | Format
===+========
1 | Finding-Rule
2 | Original-Word
3 | Original-Word:Finding-Rule
4 | Original-Word:Finding-Rule:... |
|
royce |
hashcat
|
2 |
2,863 |
03-20-2017, 05:20 PM |
|
|
Thread: how can i use 0x00-0x08 of "?b" to crack a hash value
Post: RE: how can i use 0x00-0x08 of "?b" to crack a has...
You can use the --hex-charset option to specify this set of binary.
Edit: specifically, something like:
--hex-charset -1 000102030405060708 ?1?1?1?1?1?1?1?1
... or however long your expected string... |
|
royce |
hashcat
|
1 |
2,726 |
03-21-2017, 03:09 AM |
|
|
Thread: Tailor hashcat for cracking “german” passwords?
Post: RE: Tailor hashcat for cracking “german” passw...
Yes, UTF8 is probably fine for WPA2 entered via a web interface.
It sounds like you have the rest of the basics covered. Good luck! |
|
royce |
hashcat
|
2 |
3,338 |
03-25-2017, 09:26 PM |
|
|
Thread: Generated wordlist size is not right?
Post: RE: Generated wordlist size is not right?
You're right - I'm running it against a single hash, and I get the number you're expecting:
Code:
--
$ cat myowncharset
!@#$%^&*?
$ ./hashcat -m 5500 -a 3 -1 myowncharset -2 ?1?l?u?d test.h... |
|
royce |
hashcat
|
2 |
3,058 |
03-26-2017, 02:22 AM |
|
|
Thread: How Calculate GPU Cracking Time
Post: RE: How Calculate GPU Cracking Time
The best way to do this is to perform an actual run.
Raw wordlist mode (with no rules) is very, very fast. hashcat's guessing speed is so fast that it can often spend more time caching a large dict... |
|
royce |
hashcat
|
10 |
25,369 |
03-26-2017, 05:36 PM |
|
|
Thread: Tailor hashcat for cracking “german” passwords?
Post: RE: Tailor hashcat for cracking “german” passw...
And for bruteforce beyond the basics, see this StackExchange answer (https://security.stackexchange.com/a/154958/6203). |
|
royce |
hashcat
|
2 |
3,338 |
03-26-2017, 06:52 PM |
|
|
Thread: Invalid argument
Post: RE: Invalid argument
Works for me, using 3.40 release on Ubuntu:
Code:
--
$ wget 'https://hashcat.net/misc/example_hashes/hashcat.hccapx'
--2017-03-26 16:06:58-- https://hashcat.net/misc/example_hashes/hashcat.hc... |
|
royce |
hashcat
|
8 |
10,910 |
03-27-2017, 02:08 AM |
|
|
Thread: Is it better to use princeprocessor rather than using Hashcat alone?
Post: RE: Is it better to use princeprocessor rather tha...
I think that maykelbembibre is asking whether using PRINCE recovers more hashes per unit of time?
maykelbembibre, "efficiency" may the word that's more commonly used to talk about this. This thread... |
|
royce |
General Talk
|
7 |
7,900 |
03-27-2017, 04:19 PM |
|
|
Thread: Invalid argument
Post: RE: Invalid argument
Hmm - interesting. Can you post the full command line (but hiding any sensitive or non-public hashes?) |
|
royce |
hashcat
|
8 |
10,910 |
03-27-2017, 04:24 PM |
|
|
Thread: What GPU and CPU is ideal for Penetration testing role job?
Post: RE: What GPU and CPU is ideal for Penetration test...
I can't speak to CPU (other than "generally faster is better" and "at least one core per GPU") or RAM (other than "more than 32GB for analyzing big wordlists").
For density (packing a good amount of ... |
|
royce |
Hardware
|
11 |
13,250 |
03-27-2017, 09:33 PM |
|
|
Thread: Pause/ resume with different dictionary
Post: RE: Pause/ resume with different dictionary
I don't know that there's a lot of value in changing the dictionary midstream. If you are 10M lines into your current dictionary when the restore file is updated, and then you quit, change the diction... |
|
royce |
hashcat
|
2 |
3,245 |
03-29-2017, 02:15 PM |