|
Search Results
|
| Post
[asc]
|
Author |
Forum |
Replies |
Views |
Posted |
| |
|
Thread: Recovered a 7z password with hashcat, but it's not the right one
Post: RE: Recovered a 7z password with hashcat, but it's...
| Is the content also compressed ? How does the hash start ? With $7z$1$19$... (see https://github.com/philsmd/7z2hashcat#explanation-of-the-hash-format) ?
Which version of hashcat do you use ? do yo... |
|
philsmd |
General Talk
|
6 |
855 |
08-29-2020, 07:55 AM |
| |
|
Thread: Recovered a 7z password with hashcat, but it's not the right one
Post: RE: Recovered a 7z password with hashcat, but it's...
| you could try with --keep-guessing and see how many false positives you get.
Since it's a crc32 checksum it's not impossible (the decompression errors in case of compression of course would prevent... |
|
philsmd |
General Talk
|
6 |
855 |
08-29-2020, 02:07 PM |
| |
|
Thread: Recovered a 7z password with hashcat, but it's not the right one
Post: RE: Recovered a 7z password with hashcat, but it's...
| it's not really safe to do it this way, but you could for instance use something like this:
Code:
--
hashcat --stdout -a 3 [THE_MASK] | grep -n -m 1 '^[THE_FALSE_POSITVE_PASSWORD]$'
--
then ... |
|
philsmd |
General Talk
|
6 |
855 |
08-30-2020, 09:20 PM |
| |
|
Thread: Recover xDsl Router TG788vn v2 Password
Post: RE: Recover xDsl Router TG788vn v2 Password
| this hashing algorithm looks very similar to -m 11400 = SIP digest authentication (MD5) |
|
philsmd |
General Help
|
4 |
9,893 |
03-02-2016, 08:52 PM |
| |
|
Thread: Recover passwords in output user:plain
Post: RE: Recover passwords in output user:plain
| What you need are following steps (example with mode 0 (md5) of example0.hash):
Code:
--
$ cat hashtest.hash # some random *X MASKED* hashes from example0.hash
philsmd:42cceb8a0dXXX82b8fb6831f3... |
|
philsmd |
Old hashcat Support
|
9 |
32,229 |
04-11-2013, 04:17 PM |
| |
|
Thread: Recover password file .7z partially known
Post: RE: Recover password file .7z partially known
| That's a 3 MB file compressed (uncompressed maybe even much larger if not totally random data).
Are there several files within the .7z file ?
You could also try to increase the limit that hashcat ac... |
|
philsmd |
hashcat
|
4 |
4,899 |
01-05-2018, 10:35 AM |
| |
|
Thread: Recover NTLM with charset: !@$etaoinshrdlu134579
Post: RE: Recover NTLM with charset: !@$etaoinshrdlu1345...
| Hey, since you neglected to follow the rules (https://hashcat.net/forum/announcement-2.html ), I've locked your account for 1 week.
Now you've plenty of time to:
1. read again the forum rules
2. r... |
|
philsmd |
Old oclHashcat Support
|
9 |
17,221 |
02-23-2014, 01:12 PM |
| |
|
Thread: Recover blockchain.info password from .joson file ?
Post: RE: Recover blockchain.info password from .joson f...
| 1. The hashes must be formatted according to these guide/examples: https://hashcat.net/wiki/example_hashes (search for 12700). Therefore there should not be any file names within the "hash" etc (yes, ... |
|
philsmd |
hashcat
|
11 |
21,159 |
01-14-2018, 09:29 AM |
| |
|
Thread: Recover blockchain.info password from .joson file ?
Post: RE: Recover blockchain.info password from .joson f...
| You are trying to crack with your CPU ? does it support OpenCL ?
I remember reading somewhere that Intel Core 2 are not even supported by the OpenCL drivers of intel.
Even if they were supported, it... |
|
philsmd |
hashcat
|
11 |
21,159 |
01-14-2018, 09:55 AM |
| |
|
Thread: Recover blockchain.info password from .joson file ?
Post: RE: Recover blockchain.info password from .joson f...
| It doesn't make sense to get hashcat-legacy working. hashcat-legacy doesn't even support blockchain hashes. Only new versions of hashcat (OpenCL version, not the legacy version) support blockchain has... |
|
philsmd |
hashcat
|
11 |
21,159 |
01-14-2018, 10:11 AM |
| |
|
Thread: real noob looking for help!
Post: RE: real noob looking for help!
| The best thing you could do here is to code a new hashcat module and kernel (OpenCL .cl file with update/final function calls, see https://github.com/hashcat/hashcat/blob/23917455efad1deba8c12516e1922... |
|
philsmd |
hashcat
|
1 |
1,407 |
03-01-2019, 02:27 PM |
| |
|
Thread: RC4 attack for 40bit Word 97-2003
Post: RE: RC4 attack for 40bit Word 97-2003
| ?b means that hashcat should try all possible values a byte can have, i.e.
from 0x00 to 0xff, this means that each byte has 256 possibilities
256^5 = 256*256*256*256*256 = 1099511627776 combinations
... |
|
philsmd |
hashcat
|
6 |
6,545 |
11-16-2017, 12:05 PM |
| |
|
Thread: RC4 attack for 40bit Word 97-2003
Post: RE: RC4 attack for 40bit Word 97-2003
| My guess is that there might be a lot of tools around or you just slightly modify a popular tool like libreoffice. We only need to replace the actual key that was generated from a "fake" password with... |
|
philsmd |
hashcat
|
6 |
6,545 |
11-16-2017, 12:23 PM |
| |
|
Thread: RAR hash file error "Line-length exception"
Post: RE: RAR hash file error "Line-length exception"
| 1. the example RAR "hash" should work
2. only RAR3-hp ($RAR3$*0*) is supported so far
3. for RAR3-hp ($RAR3$*0*) no file names should be used within the "hash", e.g. no xxx.rar, xxx.jpg etc (these par... |
|
philsmd |
Old oclHashcat Support
|
1 |
5,552 |
12-24-2015, 12:55 PM |
| |
|
Thread: RAR crack
Post: RE: RAR crack
| There could be many reasons why your experiencing these crashes.
I would suggest that you try the -m 12500 = RAR3-hp example hash from https://hashcat.net/wiki/example_hashes.
It would be also i... |
|
philsmd |
hashcat
|
2 |
6,493 |
07-18-2017, 05:35 PM |
| |
|
Thread: rar archive test
Post: RE: rar archive test
| example hashes are here: https://hashcat.net/wiki/example_hashes
(hint: you do not need to include the filenames etc, just the info needed as seen on the example hashes page)
... and for the time bei... |
|
philsmd |
hashcat
|
1 |
2,957 |
08-14-2016, 06:33 PM |
| |
|
Thread: Ransomware
Post: RE: Ransomware
| First of all, this is of course not the usual use case for hashcat.
Furthermore, Diskcryptor is probably a legit software just misused by the malware, it's not malware but can be used to encrypt file... |
|
philsmd |
hashcat
|
13 |
7,573 |
12-13-2018, 08:06 PM |
| |
|
Thread: Ransomware
Post: RE: Ransomware
| I had a glance at this page: https://diskcryptor.net/wiki/Volume
and the source here https://github.com/smartinm/diskcryptor
it seems that the algo for key derivation from the password is PBKDF2-H... |
|
philsmd |
hashcat
|
13 |
7,573 |
12-13-2018, 09:12 PM |
| |
|
Thread: Ransomware
Post: RE: Ransomware
| Well, if it wasn't really clear yet, this specific algorithm is not supported yet by hashcat since you can't really extract a hash, but need to generate the AES-XTS keys on-the-fly and verify the decr... |
|
philsmd |
hashcat
|
13 |
7,573 |
12-14-2018, 11:06 AM |
| |
|
Thread: Range for the mask
Post: RE: Range for the mask
| First of all, I do not understand what this notation means:
Quote:
--
password|21|6|8|3|19|17|5|15|3|8|5|6|30|19|0|29|29|18|30|30|1|1|28|15|27|22|24|1|2|17|30|2017
--
does this mean your passw... |
|
philsmd |
hashcat
|
7 |
6,109 |
10-24-2017, 11:35 AM |
