Search Results
|
Post |
Author |
Forum
[desc]
|
Replies |
Views |
Posted |
|
|
Thread: Minimum password length
Post: Minimum password length
I know with hashcat I can specify a minimum password length, but I can't seem to find a similar option with oclhashcat. I'm working on a hybrid attack, and I've already brute forced everything with 7 ... |
|
rsberzerker |
Old oclHashcat Support
|
5 |
24,934 |
12-21-2014, 03:26 AM |
|
|
Thread: Minimum password length
Post: RE: Minimum password length
Yes, a mask will work for a brute force attack to select only certain length passwords, but it doesn't work for a hybrid attack. For example, my [fake, example only] dictionary contains two words: pas... |
|
rsberzerker |
Old oclHashcat Support
|
5 |
24,934 |
12-21-2014, 05:19 AM |
|
|
Thread: save md5 generated hashes to the file ?
Post: RE: save md5 generated hashes to the file ?
undeath Wrote: (12-26-2014, 12:29 PM)
--
No. If you want to waste your space with rainbow tables go to freerainbowtables.com.
--
To add an example, ophcrack has a paid NTLM rainbow table of all pos... |
|
rsberzerker |
Old oclHashcat Support
|
2 |
5,355 |
12-27-2014, 07:38 AM |
|
|
Thread: Need some direction with combining dictionaries
Post: RE: Need some direction with combining dictionarie...
It can be done with oclhashcat, but it will take some work. You have two options (AFAIK):
1) Use the hashcat utility program combinator to create a new dictionary, then you can use rules with that.... |
|
rsberzerker |
Old oclHashcat Support
|
3 |
12,102 |
12-28-2014, 05:52 PM |
|
|
Thread: Incrementing Brute Force Attack?
Post: RE: Incrementing Brute Force Attack?
epixoip Wrote: (01-01-2015, 07:30 AM)
--
You're not going to be able to brute force past 9 characters, let alone 32.
--
Epixoip is right. True brute forcing past about 8 characters is not practical... |
|
rsberzerker |
Old oclHashcat Support
|
4 |
12,081 |
01-01-2015, 07:59 AM |
|
|
Thread: oclHashcat bruteforce
Post: RE: oclHashcat bruteforce
I'm a little late, but instead of -i you could use a file with masks instead. For the example above of 1-7, create a file with the following lines:
?a
?a?a
?a?a?a
?a?a?a?a
?a?a?a?a?a
?a?a?a?a?... |
|
rsberzerker |
Old oclHashcat Support
|
12 |
19,260 |
02-05-2015, 03:12 PM |
|
|
Thread: No Output of Cracked Hashes
Post: RE: No Output of Cracked Hashes
Generally, the plain wordlists don't crack many, if any, passwords. But combine them with rules and you are more likely to get something. The best64 ruleset, included with oclhashcat, is a good one. J... |
|
rsberzerker |
Old oclHashcat Support
|
10 |
12,485 |
02-09-2015, 03:26 AM |
|
|
Thread: No Output of Cracked Hashes
Post: RE: No Output of Cracked Hashes
There are several online hash generators. Try giving them a "password" and get the hash. Then be sure the password is the dictionary you are using to attack said hash. This way, you will get to see a ... |
|
rsberzerker |
Old oclHashcat Support
|
10 |
12,485 |
02-09-2015, 05:33 AM |
|
|
Thread: bug in 1.35?
Post: RE: bug in 1.35?
So bug. Thanks. I guess I stick with 1.33 for now. |
|
rsberzerker |
Old oclHashcat Support
|
3 |
5,293 |
04-13-2015, 01:22 AM |
|
|
Thread: -w and sessions
Post: -w and sessions
oclhashcat has 3 Workload Profiles:
1 = Reduced performance profile (low latency desktop)
2 = Default performance profile
3 = Tuned performance profile (high latency desktop)
It appear... |
|
rsberzerker |
Old oclHashcat Support
|
1 |
4,315 |
05-24-2015, 08:24 PM |
|
|
Thread: bug in 1.35?
Post: bug in 1.35?
I hadn't noticed 1.35 was out, so I just downloaded it. I have been using 1.33. But when I ran 1.35, it didn't recover anything, while the same run with 1.33 did. Here are the command lines.
First I ... |
|
rsberzerker |
Old oclHashcat Support
|
3 |
5,293 |
04-13-2015, 01:03 AM |
|
|
Thread: best64.rule contest
Post: RE: best64.rule contest
I vote yes to this too. And as to Kgx's question, probably, but so what? Passwords used change over time, and the rules need to be updated against them. |
|
rsberzerker |
Organisation and Events
|
34 |
64,134 |
04-11-2015, 03:15 AM |
|
|
Thread: HashCat t-shirt !
Post: RE: HashCat t-shirt !
At the very least, you can loose the = sign.
Loosing the "+ 4 GTX970" would make it less busy. Most people might understand the Hash with "password killer/analyzer", but the GTX970 would be lost on... |
|
rsberzerker |
User Contributions
|
7 |
13,400 |
04-13-2015, 06:42 AM |
|
|
Thread: Email passwords ruleset v0.1
Post: Email passwords ruleset v0.1
I've been trying my hand some of the hashes.org hashes, and notice some are email addresses. That actually makes sense. An email address will (usually) meet the length requirement, and the "@" and "."... |
|
rsberzerker |
User Contributions
|
1 |
5,234 |
04-13-2015, 06:32 AM |