|
Search Results
|
| Post
[asc]
|
Author |
Forum |
Replies |
Views |
Posted |
| |
|
Thread: MS Office Instant decryption
Post: RE: MS Office Instant decryption
| because you probably should use the collider mode 9710 (with mask ?b?b?b?b?b) for instant access to the data |
|
philsmd |
General Talk
|
9 |
15,352 |
08-21-2017, 08:58 AM |
| |
|
Thread: MS Office Instant decryption
Post: RE: MS Office Instant decryption
| If you read this carefully https://hashcat.net/forum/thread-3665.html, you will see that you only need -m 9710 to access the data.
Have a look at the list of steps under the "KDF" section https://has... |
|
philsmd |
General Talk
|
9 |
15,352 |
09-12-2017, 05:00 PM |
| |
|
Thread: MS office 2013 Hash algo in python
Post: RE: MS office 2013 Hash algo in python
| Well, the most suitable answer would be just read the kernel's source code (of e.g. -m 9600) and convert it to python (that may also - be the only thing that - help to get an idea about the optimizati... |
|
philsmd |
General Talk
|
2 |
4,186 |
07-01-2016, 08:41 AM |
| |
|
Thread: mozilla
Post: RE: mozilla
| -1 0x01
^ this is wrong syntax. where did you read about this 0x notation ? did you just guess this?
hashcat has an option called --hex-charset and you can use it like this
--hex-charset ?a?a?a... |
|
philsmd |
hashcat
|
2 |
1,306 |
07-16-2019, 02:24 PM |
| |
|
Thread: Most efficient way to crack wpa2 hash if you know first char?
Post: RE: Most efficient way to crack wpa2 hash if you k...
| first of all, these concepts of "rainbow tables" and "oclhashcat" (from your other post) etc are superseded since several years. not sure how you even come up with these concepts and think this is som... |
|
philsmd |
hashcat
|
3 |
1,941 |
08-02-2019, 01:15 PM |
| |
|
Thread: Most efficient way to crack wpa2 hash if you know first char?
Post: RE: Most efficient way to crack wpa2 hash if you k...
| in that case your password is probably written on a sticker on your router itself. Just have a look at your router (hardware). |
|
philsmd |
hashcat
|
3 |
1,941 |
08-02-2019, 04:02 PM |
| |
|
Thread: More then 4 user defined charsets
Post: RE: More then 4 user defined charsets
| it is not supported to have more than 4 custom charset... there are several reasons for that (performance, GPU-related reasons etc)...
There may be some rare cases where you *really* need that featur... |
|
philsmd |
Very old oclHashcat-plus Support
|
3 |
6,837 |
11-07-2013, 01:19 PM |
| |
|
Thread: modx modPBKDF2 hashes
Post: RE: modx modPBKDF2 hashes
| The salt must also be specified as base64 encoded string, like this:
Code:
--
./oclHashcat -m 10900 -a 3 --quiet 'sha256:1000:YTlhM2NkMmE1MmY0ZWFkOGJmZjQ3Nzk0MWNlYjYyZjU=:+7WYTHGVutZhmE9KYjb93Rvtd... |
|
philsmd |
Old oclHashcat Support
|
4 |
8,476 |
02-26-2016, 11:03 PM |
| |
|
Thread: Module 5500 - different results for same hash (with or without client challenge part)
Post: RE: Module 5500 - different results for same hash ...
| see:
https://hashcat.net/forum/thread-6638.html
https://hashcat.net/forum/thread-2563-post-15255.html#pid15255 |
|
philsmd |
hashcat
|
8 |
3,607 |
04-18-2019, 02:43 PM |
| |
|
Thread: Module 5500 - different results for same hash (with or without client challenge part)
Post: RE: Module 5500 - different results for same hash ...
| maybe you just didn't understand the posts.
depending on the output you get from your capture tool/dump (i.e. if it is NetNTLMv1 / NetNTLMv1+ESS or NetNTLMv2), you need to use -m 5500 or -m 5600.
... |
|
philsmd |
hashcat
|
8 |
3,607 |
04-18-2019, 07:27 PM |
| |
|
Thread: Module 5500 - different results for same hash (with or without client challenge part)
Post: RE: Module 5500 - different results for same hash ...
| the domain is actually not used in computing the response and therefore can be skipped/ignored/anything, but the client challenge must be specified (e.g. 338d08f8e26de933000000000000000000000000000000... |
|
philsmd |
hashcat
|
8 |
3,607 |
04-18-2019, 08:26 PM |
| |
|
Thread: Module 5500 - different results for same hash (with or without client challenge part)
Post: RE: Module 5500 - different results for same hash ...
| I guess this is just because you didn't test with the correct password candidate.
hashcat only tries the passwords that you tell it to run.
Maybe this specific hash is harder to crack and you need... |
|
philsmd |
hashcat
|
8 |
3,607 |
04-19-2019, 11:44 AM |
| |
|
Thread: Modify Session files to resume at choosen point
Post: RE: Modify Session files to resume at choosen poin...
| That is easy and if you didn't find the answer in the forum already, you shoud find it easily by looking at the --help output:
Code:
--
-s, --skip=NUM Skip number of ... |
|
philsmd |
User Contributions
|
4 |
12,211 |
12-25-2015, 04:53 PM |
| |
|
Thread: Modifiations to hash type 18100 to support binary seeds
Post: RE: Modifiations to hash type 18100 to support bin...
| yeah, that's a too large keyspace.
it's 32 ^ 16 = 1,208,925,819,614,629,174,706,176 |
|
philsmd |
hashcat
|
3 |
1,652 |
08-30-2019, 08:26 AM |
| |
|
Thread: Mode 11300
Post: RE: Mode 11300
| the padding is known, we exploit this (padding attack, last few bytes 16 or 8 depending on the wallet type):
https://github.com/hashcat/hashcat/blob/3dd89bc63c2614b57db58bd7b05d2d61dcc5ab75/OpenCL/... |
|
philsmd |
hashcat
|
1 |
251 |
09-24-2020, 10:17 PM |
| |
|
Thread: Mix of digits, uppercase and a specific letter rule - help
Post: RE: Mix of digits, uppercase and a specific letter...
| What you normally use in such a case is a mask attack: https://hashcat.net/wiki/doku.php?id=mask_attack
Therefore, in hashcat's terminology this is not called a rule, but a mask attack (using attac... |
|
philsmd |
hashcat-utils, maskprocessor, statsprocessor, md5stress, wikistrip
|
1 |
2,952 |
11-14-2017, 09:06 AM |
| |
|
Thread: Mix of --hex-charset and non hex ?
Post: RE: Mix of --hex-charset and non hex ?
| Just to make sure that other users interested in something like this do not choose a wrong approach to do these types of attacks: if you are cracking a "salted" hash, you should use the corresponding ... |
|
philsmd |
hashcat
|
7 |
5,475 |
03-18-2018, 07:46 PM |
| |
|
Thread: Missing hashcat-cli64.app for OSX 10.11.5
Post: RE: Missing hashcat-cli64.app for OSX 10.11.5
| No, there is not really a file missing. Mac OSX users currently need to build the binary themself for reasons explained in https://github.com/hashcat/hashcat/issues/403 , https://github.com/hashcat/ha... |
|
philsmd |
hashcat
|
3 |
6,105 |
07-29-2016, 10:29 AM |
| |
|
Thread: minimum password length with mask
Post: RE: minimum password length with mask
| This problem was fixed very quickly with these changes: https://github.com/hashcat/hashcat/pull/1485
You can already download a fixed (beta) version of hashcat from: https://hashcat.net/beta/
Th... |
|
philsmd |
hashcat
|
6 |
8,088 |
01-03-2018, 05:57 PM |
| |
|
Thread: minimum password length with mask
Post: RE: minimum password length with mask
| Yes this seems to be a bug:
see
Code:
--
Skipping mask '?u?l?l' because it is smaller than the minimum password length.
[s]tatus [p]ause [r]esume [b]ypass [c]heckpoint [q]uit =>
Session......... |
|
philsmd |
hashcat
|
6 |
8,088 |
01-03-2018, 03:04 PM |
