Search Results
|
Post
[desc]
|
Author |
Forum |
Replies |
Views |
Posted |
|
|
Thread: Brain working slow!!!
Post: RE: Brain working slow!!!
Yes, especially with fast hashes like MD5, a slow Internet connection definitely makes a difference. I speak from Alaskan experience. :)
You might switch to only using --brain-client-features=2, so... |
|
royce |
General Talk
|
4 |
3,279 |
11-10-2018, 11:48 PM |
|
|
Thread: Brute Force- Mask,ntml hash?
Post: RE: Brute Force- Mask,ntml hash?
There is no way to determine the length of a plaintext from the hash. This is true for all hashes, and is by design. You cannot know the length until you have cracked it.
You can use other informat... |
|
royce |
hashcat
|
1 |
2,732 |
10-05-2016, 05:40 PM |
|
|
Thread: brute forcing sha256 - need help locating salt in open source code
Post: RE: brute forcing sha256 - need help locating salt...
And if you need it before it's added to hashcat, you'll have to fall back to other tools. John the Ripper supports it with a dynamic mode (CPU only):
Code:
--
Format label ... |
|
royce |
hashcat
|
8 |
6,867 |
02-17-2018, 07:21 PM |
|
|
Thread: Brute-Force custom character
Post: RE: Brute-Force custom character
Following up from your other deleted post, in which you said there are exactly 8 upper and 5 digits.
There are probably too many combinations to reasonably exhaust, but to model how many masks woul... |
|
royce |
hashcat
|
2 |
790 |
05-20-2020, 04:07 AM |
|
|
Thread: Brute-Force mask
Post: RE: Brute-Force mask
There are probably too many combinations to reasonably exhaust, but to model how many masks would be needed, you can use the `policygen` tool from the PACK toolkit:
https://github.com/iphelix/pack/... |
|
royce |
hashcat
|
4 |
1,105 |
05-20-2020, 04:04 AM |
|
|
Thread: Brute-Force mask
Post: RE: Brute-Force mask
Yep. That's what will take 49 years. :) |
|
royce |
hashcat
|
4 |
1,105 |
05-20-2020, 10:35 AM |
|
|
Thread: Bruteforce + Custom characters
Post: RE: Bruteforce + Custom characters
If the first 8 characters are truly unknown, then the first 8 positions of the mask would be ?a, and the rest would be literal / hard-coded:
?a?a?a?a?a?a?a?aAlis-ZA |
|
royce |
hashcat
|
1 |
1,855 |
02-17-2018, 06:27 PM |
|
|
Thread: Bruteforce + rules
Post: RE: Bruteforce + rules
To fully take advantage of GPU for a fast hash like MD5, you have to have more than a few rules.
You might try emulating a hybrid attack with generated rules.
https://hashcat.net/wiki/doku.php?i... |
|
royce |
hashcat
|
14 |
14,530 |
11-22-2017, 04:50 AM |
|
|
Thread: Bruteforce + rules
Post: RE: Bruteforce + rules
Yeah, like I said in my edit - it doesn't work like I was hoping it would. I don't have a better answer yet.
But notice that what I was trying to do - generate some of the word on GPU with a large ... |
|
royce |
hashcat
|
14 |
14,530 |
11-22-2017, 05:32 AM |
|
|
Thread: Bruteforce + rules
Post: RE: Bruteforce + rules
OK, this is ugly as heck, and buggy (it doesn't fully emulate bruteforce for the last two characters), but it's getting close:
Code:
--
$ for item in `mp64 '?aTEMP?a'`; do echo "di6${item}iE${it... |
|
royce |
hashcat
|
14 |
14,530 |
11-22-2017, 06:20 AM |
|
|
Thread: Bruteforce + rules
Post: RE: Bruteforce + rules
I'm guessing ... but if I had to say, it's probably that in practice, most attacks are possible without it (by chaining stuff together, Unix-style) - so adding it internally could (arguably) add unnec... |
|
royce |
hashcat
|
14 |
14,530 |
11-22-2017, 05:43 PM |
|
|
Thread: Bruteforce + rules
Post: RE: Bruteforce + rules
Man, I thought I tried that and it didn't work. But I checked and it was failing for other syntax reasons.
So:
Code:
--
$ cat double.rule
d
$ mp64 '$?a$?a' >append-aa.rule
$ head appen... |
|
royce |
hashcat
|
14 |
14,530 |
11-22-2017, 08:33 PM |
|
|
Thread: Bruteforce + rules
Post: RE: Bruteforce + rules
You might try increasing the number of masks, to see if that improves performance.
But generally speaking, I suspect that full bruteforce has some attack-specific optimizations that make it pretty ... |
|
royce |
hashcat
|
14 |
14,530 |
11-23-2017, 06:18 AM |
|
|
Thread: Bruteforce with descending characters - zzz,zzy,zzx
Post: RE: Bruteforce with descending characters - zzz,zz...
One use case I can think of is when you intend to bruteforce an entire keyspace, and want to "meet in the middle" by having one system work forwards, and the other system work backwards. This would wo... |
|
royce |
hashcat
|
9 |
1,572 |
04-26-2020, 03:33 PM |
|
|
Thread: Bruteforce with descending characters - zzz,zzy,zzx
Post: RE: Bruteforce with descending characters - zzz,zz...
By default, hashcat doesn't start from 'aaaaa' - instead, it starts with sets of characters that appear most frequently in common passwords, called Markov mode. For example, if you try '?d?d?d?d?d', i... |
|
royce |
hashcat
|
9 |
1,572 |
04-26-2020, 02:42 AM |
|
|
Thread: Bruteforce with descending characters - zzz,zzy,zzx
Post: RE: Bruteforce with descending characters - zzz,zz...
Well, my point was that if you could just start a run from the other end, you wouldn't have to calculate keyspace at all (for the case of two attack systems) |
|
royce |
hashcat
|
9 |
1,572 |
04-26-2020, 04:02 PM |
|
|
Thread: Bruteforce with descending characters - zzz,zzy,zzx
Post: RE: Bruteforce with descending characters - zzz,zz...
From the PM, it looks like you'd benefit from doing what philsmd described - using the 'skip' and 'limit' options to split the job across two nodes.
philsmd, I'm actually not aware of a simple tutori... |
|
royce |
hashcat
|
9 |
1,572 |
04-26-2020, 04:48 PM |
|
|
Thread: bruteforce wpa2 from 9999999999 to 6000000000 in decreasing order
Post: RE: bruteforce wpa2 from 9999999999 to 6000000000 ...
The question of how to create a specific Markov of digits in inverse order is a tricky one that is not easy to do with hashcat itself. Naively, I tried this, but it obviously didn't work:
Code:
--... |
|
royce |
hashcat
|
7 |
4,632 |
11-22-2018, 06:45 PM |
|
|
Thread: bruteforce wpa2 from 9999999999 to 6000000000 in decreasing order
Post: RE: bruteforce wpa2 from 9999999999 to 6000000000 ...
Hmm ...
Code:
--
$ hashcat --stdout --markov-disable -a 3 -1 987654321 ?d
0
1
2
3
4
5
6
7
8
9
--
|
|
royce |
hashcat
|
7 |
4,632 |
11-23-2018, 10:56 AM |
|
|
Thread: Budget Machine for oclHashcat (noob)
Post: RE: Budget Machine for oclHashcat (noob)
1. CPU doesn't matter if you're doing pure *hashcat. If you want to do JtR as well, you might want some CPU.
2. Ignore Radeon. Go NVIDIA. Best bang for buck right now is the GTX 970. For best res... |
|
royce |
Hardware
|
2 |
4,701 |
10-15-2015, 05:49 AM |