|
Search Results
|
| Post |
Author |
Forum
[desc]
|
Replies |
Views |
Posted |
| |
|
Thread: how to use only some letters
Post: RE: how to use only some letters
| Unfortunately, I can't do more than link you to the wiki page that explains it very well https://hashcat.net/wiki/mask_attack (what I mean is, I can't read or understand it for you, just spend some mi... |
|
philsmd |
hashcat
|
2 |
2,906 |
05-15-2017, 02:15 PM |
| |
|
Thread: 7-Zip Hash Length
Post: RE: 7-Zip Hash Length
| I'm guessing that you used 7z2hashcat to extract the "hash"... well generally I would assume that whenever 7z2hashcat extracts a valid hash and hashcat can load it, you shouldn't worry about the corre... |
|
philsmd |
hashcat
|
2 |
4,615 |
05-07-2017, 11:02 AM |
| |
|
Thread: MD5: Need Advice
Post: RE: MD5: Need Advice
| well, you could just use -m 3710 = md5($salt.md5($pass)) together with --hex-salt (because you said that the first MD5 is in binary not hex), an example (hashes mask with xxxx):
Code:
--
$ echo -n ... |
|
philsmd |
hashcat
|
21 |
20,788 |
05-12-2017, 08:55 AM |
| |
|
Thread: Rule-based Attack: Substitution of single chars with strings
Post: RE: Rule-based Attack: Substitution of single char...
| As far as I know, if you want to stick with rules, you would probably need at least 2 different types of rules.
One idea is to purge all "!" characters with the purge rule and insert the multi-byte s... |
|
philsmd |
hashcat
|
4 |
4,508 |
05-12-2017, 09:29 AM |
| |
|
Thread: Rule-based Attack: Substitution of single chars with strings
Post: RE: Rule-based Attack: Substitution of single char...
| If you want to use some static string like "#&33;" within a mask, you just need to put it there for instance like this (file mask_file.hcmask):
Code:
--
?l?u?d,?1?1?1?1?1#&33;
?l?u?d,?1?1?1?1#&33... |
|
philsmd |
hashcat
|
4 |
4,508 |
05-13-2017, 09:58 AM |
| |
|
Thread: MD5: Need Advice
Post: RE: MD5: Need Advice
| a, b, c, d, 0x80 and the remaining buffers are all 0 (that should be very obvious if you think about it, it must get shorter if we do not use hex but binary instead, it will be halved i.e. 32/2 = 16).... |
|
philsmd |
hashcat
|
21 |
20,788 |
05-15-2017, 07:23 PM |
| |
|
Thread: MD5: Need Advice
Post: RE: MD5: Need Advice
| Nope, not at all!
I just wrote:
Quote:
--
the remaining buffers are all 0
--
0 means zero and not something else (like insert the salt buffer etc, I didn't write that).
I can't help you ... |
|
philsmd |
hashcat
|
21 |
20,788 |
05-15-2017, 07:56 PM |
| |
|
Thread: MD5: Need Advice
Post: RE: MD5: Need Advice
| Well, I guess if we agree that the algorithm is MD5(MD5_raw ($salt) . MD5_raw ($pass)) you could convert those hashes to just MD5 ($salt_new . MD5_raw ($pass)) where $salt_new is the precomputed MD5 d... |
|
philsmd |
hashcat
|
21 |
20,788 |
05-14-2017, 07:03 AM |
| |
|
Thread: MD5: Need Advice
Post: RE: MD5: Need Advice
| Yeah, I figured that it might be very new to you to read C (or OpenCL code), but I really do not get why you use code like "w0_t[0] |= a;" when it should be just "w0_t[0] = a;" etc... (i.e. replace th... |
|
philsmd |
hashcat
|
21 |
20,788 |
05-15-2017, 08:27 PM |
| |
|
Thread: HTTP Digest Auth
Post: RE: HTTP Digest Auth
| It's hash type -m 11400 = SIP digest authentication (MD5)
The format is:
Quote:
--
$sip$*[URI_SERVER]*[URI_CLIENT]*[USERNAME]*[REALM]*[METHOD]*[URI_PREFIX]*[URI_RESOURCE]*[URI_SUFFIX]*[NONCE_SERVER]... |
|
philsmd |
hashcat
|
7 |
10,204 |
05-15-2017, 08:31 PM |
| |
|
Thread: MD5: Need Advice
Post: RE: MD5: Need Advice
| Yeah, it's completely wrong. Redownload a fresh copy of hashcat and do the changes correctly as I told you (I even highlighted a full set of lines you need to change so in theory you couldn't miss the... |
|
philsmd |
hashcat
|
21 |
20,788 |
05-15-2017, 08:37 PM |
| |
|
Thread: HTTP Digest Auth
Post: RE: HTTP Digest Auth
| In my opinion it should be very obvious if you know what the HTTP Digest Authentication fields mean and for what they are used for. Anyway here is how you would format it in your *very* specific examp... |
|
philsmd |
hashcat
|
7 |
10,204 |
05-16-2017, 08:08 AM |
| |
|
Thread: Rule help
Post: RE: Rule help
| something like:
Code:
--
$1 $2 $3 d ] ] ]
--
should work as an equivalent rule for M $1 $2 $3 4
(yeah, it's not always perfectly the same, depending on how close you are to the maximum password le... |
|
philsmd |
hashcat
|
5 |
4,934 |
05-16-2017, 06:42 PM |
| |
|
Thread: FIFO help
Post: RE: FIFO help
| If you are using just a few rules (or possibly even just 1), you can use -j/-k together with -a1 for each and every rule:
Code:
--
hashcat -m 1000 -a 1 -w 4 -j "$1 $2 $3" hash.txt dict1.txt dict2.tx... |
|
philsmd |
hashcat
|
3 |
4,472 |
05-25-2017, 11:01 AM |
| |
|
Thread: FIFO help
Post: RE: FIFO help
| As said, the first approach (with -j/-k) should be used if you plan to use only very few rules: i.e. you can start hashcat a couple of times (one after the other in a sequence, or loop if you prefer) ... |
|
philsmd |
hashcat
|
3 |
4,472 |
05-26-2017, 07:44 AM |
| |
|
Thread: Windows 10 Online Account
Post: RE: Windows 10 Online Account
| I think that the hashes can still be cached and this process can somehow be compared to cached credentials within a local domain (LSA etc). I'm not an expert in this regard, but there must be some way... |
|
philsmd |
hashcat
|
7 |
10,257 |
05-19-2017, 08:31 AM |
| |
|
Thread: need help with markov chain, or possibly another solution for decrypt of AES-256
Post: RE: need help with markov chain, or possibly anoth...
| There are still some open questions here:
1. how do you know if the decryption worked correctly ? You at least need to know the key, the plain text and the cipher text (you didn't state that you have ... |
|
philsmd |
hashcat
|
13 |
11,856 |
05-27-2017, 06:57 PM |
| |
|
Thread: VeraCrypt dictionary attack
Post: RE: VeraCrypt dictionary attack
| Most important question: how did you generate the binary data file needed for hashcat, did you follow this guide: https://hashcat.net/faq#how_do_i_extract_the_hashes_from_truecrypt_volumes ? |
|
philsmd |
hashcat
|
6 |
7,719 |
05-27-2017, 07:52 PM |
| |
|
Thread: VeraCrypt dictionary attack
Post: RE: VeraCrypt dictionary attack
| Well, if you are 100% sure that the extracted data is what hashcat expects, we might need to find the culprit somewhere else. For instance, you didn't tell us how long these password candidates are...... |
|
philsmd |
hashcat
|
6 |
7,719 |
05-27-2017, 09:16 PM |
| |
|
Thread: need help with markov chain, or possibly another solution for decrypt of AES-256
Post: RE: need help with markov chain, or possibly anoth...
| I was just trying to say that you should test your script/code/tool (that you use to decrypt+verify) with a sample data consisting of a key
with that specific pattern, the plaintext that you are sear... |
|
philsmd |
hashcat
|
13 |
11,856 |
05-27-2017, 09:58 PM |
