|
Search Results
|
| Post |
Author |
Forum |
Replies |
Views |
Posted
[desc]
|
| |
|
Thread: 7Zip hash woes
Post: RE: 7Zip hash woes
| are you sure that you are using the latest version of 7z2hashcat from https://github.com/philsmd/7z2hashcat/ ? |
|
philsmd |
hashcat
|
15 |
12,598 |
11-13-2017, 11:36 PM |
| |
|
Thread: 7Zip hash woes
Post: RE: 7Zip hash woes
| I think to understand this problem we might first need to get rid of that long hash within the error message.
A patch like this might help for the time being:
Code:
--
diff --git a/src/hashes.c b... |
|
philsmd |
hashcat
|
15 |
12,598 |
11-14-2017, 12:19 AM |
| |
|
Thread: Mix of digits, uppercase and a specific letter rule - help
Post: RE: Mix of digits, uppercase and a specific letter...
| What you normally use in such a case is a mask attack: https://hashcat.net/wiki/doku.php?id=mask_attack
Therefore, in hashcat's terminology this is not called a rule, but a mask attack (using attac... |
|
philsmd |
hashcat-utils, maskprocessor, statsprocessor, md5stress, wikistrip
|
1 |
2,952 |
11-14-2017, 09:06 AM |
| |
|
Thread: 7Zip hash woes
Post: RE: 7Zip hash woes
| damn. salt-value exception could happen in several situations. It seems there is either something wrong with your hash or the hashcat parser for some strange reason (mistakenly?) rejects it.
If you... |
|
philsmd |
hashcat
|
15 |
12,598 |
11-14-2017, 10:40 AM |
| |
|
Thread: Very Specific Cracking Method
Post: RE: Very Specific Cracking Method
| one approach could be to create multiple rules (see https://hashcat.net/wiki/?id=rule_based_attack) each one of those rules prepends one single/different character (and does the other manipilation to ... |
|
philsmd |
hashcat
|
3 |
4,054 |
11-16-2017, 10:09 AM |
| |
|
Thread: RC4 attack for 40bit Word 97-2003
Post: RE: RC4 attack for 40bit Word 97-2003
| ?b means that hashcat should try all possible values a byte can have, i.e.
from 0x00 to 0xff, this means that each byte has 256 possibilities
256^5 = 256*256*256*256*256 = 1099511627776 combinations
... |
|
philsmd |
hashcat
|
6 |
6,545 |
11-16-2017, 12:05 PM |
| |
|
Thread: RC4 attack for 40bit Word 97-2003
Post: RE: RC4 attack for 40bit Word 97-2003
| My guess is that there might be a lot of tools around or you just slightly modify a popular tool like libreoffice. We only need to replace the actual key that was generated from a "fake" password with... |
|
philsmd |
hashcat
|
6 |
6,545 |
11-16-2017, 12:23 PM |
| |
|
Thread: How to say that the password starts with "abc"
Post: RE: How to say that the password starts with "abc"
| What type of hashes do you use (there are salted hashes, where you can use abc as salt)?
What type of attack mode are you planning to use? for word list/dictionary attack you can just add a rule that... |
|
philsmd |
hashcat
|
3 |
4,527 |
11-16-2017, 12:35 PM |
| |
|
Thread: correct command line
Post: RE: correct command line
| You do not need to repeately hit the r key. it makes absolutely no sense.
You only need to hit r (for resume) when you hit p (for pause) beforehand.
This means that resuming (r) only makes sense if ... |
|
philsmd |
hashcat
|
24 |
22,564 |
11-16-2017, 09:28 PM |
| |
|
Thread: Problems with the encodings of dictionaries ...
Post: RE: Problems with the encodings of dictionaries .....
| russian passwords could also be encoded with CP1251 or KOI8-R etc.
Pro tip: there are some charsets shipped with hashcat (see for instance the charsets/standard/Russian folder under your extracted ha... |
|
philsmd |
hashcat
|
5 |
4,523 |
11-16-2017, 09:34 PM |
| |
|
Thread: Stdin and stdout simultaneously
Post: RE: Stdin and stdout simultaneously
| Yes this already works.
You must be doing something wrong, because this is working perfectly fine here.
You can troubleshoot it with just an echo command, e.g:
echo test | ./hashcat64.bin --st... |
|
philsmd |
hashcat
|
3 |
4,064 |
11-17-2017, 09:01 AM |
| |
|
Thread: Very Specific Cracking Method
Post: RE: Very Specific Cracking Method
| I think that would quickly result in way too many combinations/password candidates.
It of course depends on how small your wordlist is.
If the wordlist is very small you could for instance just genera... |
|
philsmd |
hashcat
|
3 |
4,054 |
11-17-2017, 01:52 PM |
| |
|
Thread: old TrueCrypt volumes
Post: RE: old TrueCrypt volumes
| First of all to answer you question, you normally would use a mask attack like this:
Code:
--
hashcat64.exe -m 6222 -a 3 --increment --increment-min 9 J:\tc\mooi2009.tc -2 "XxZzJjTtUuQq?d;:,.!@#$%... |
|
philsmd |
hashcat
|
1 |
2,457 |
11-18-2017, 05:29 PM |
| |
|
Thread: [SOLVED]What am i doing wrong? no commands work
Post: RE: What am i doing wrong? no commands work
| The format of your hashes should be only like this:
Code:
--
$oldoffice$1*971400076ab82dd68XXXXXXXXXXXXXd1*49987289XXXXXXXXXXXXXa67b6747abc*6824aa13d09f0e8fXXXXXXXXXXXXXX8a
--
e.g. they should not ... |
|
philsmd |
General Talk
|
2 |
6,124 |
11-21-2017, 09:53 AM |
| |
|
Thread: 7z2hashcat
Post: RE: 7z2hashcat
| The original 7-zip file (*.7z) is not needed to recover the password.
But the entire output of 7z2hashcat is needed (the whole hash).
Yes, as mentioned here: https://github.com/philsmd/7z2hashcat#... |
|
philsmd |
User Contributions
|
28 |
70,369 |
11-21-2017, 12:30 PM |
| |
|
Thread: Cracking pdf file with arabic password using hashcat
Post: RE: Cracking pdf file with arabic password using h...
| You do not need --hex-salt. This has nothing to do with salts.
If anything you would need --hex-charset, but that is not necessariy and only needed if you define a custom charset (-1, -2, -3 or -4)... |
|
philsmd |
General Talk
|
5 |
16,216 |
11-21-2017, 05:58 PM |
| |
|
Thread: Cracking pdf file with arabic password using hashcat
Post: RE: Cracking pdf file with arabic password using h...
| this of course depends on what the tool that you use to encrypt the pdf (acrobat reader etc) does with the input. It could use utf-8 by default. it could use utf16-le etc...
The linux echo tool wont ... |
|
philsmd |
General Talk
|
5 |
16,216 |
11-21-2017, 07:27 PM |
| |
|
Thread: what the hash is this?
Post: RE: what the hash is this?
| -m 500 = md5crypt
see also https://hashcat.net/wiki/example_hashes |
|
philsmd |
General Talk
|
1 |
2,034 |
11-23-2017, 04:32 PM |
| |
|
Thread: Do not try to write --keyspace yourself
Post: RE: Do not try to write --keyspace yourself
| The output of --keyspace can be used to distribute cracking, i.e. you can use the value from --keyspace and divide it into x chunks (best would be if the chunk size depends on the performance of your ... |
|
philsmd |
hashcat
|
15 |
20,288 |
11-24-2017, 09:40 AM |
| |
|
Thread: Another newbie question
Post: RE: Another newbie question
| It's always a good idea to create a new and similar volume (same settings/steps) and use this with a password (could also be similar to the one that you think was used) for testing hashcat.
The first... |
|
philsmd |
hashcat
|
3 |
3,665 |
11-24-2017, 03:30 PM |
