|
Search Results
|
| Post |
Author |
Forum
[asc]
|
Replies |
Views |
Posted |
| |
|
Thread: HashCat t-shirt !
Post: RE: HashCat t-shirt !
| At the very least, you can loose the = sign.
Loosing the "+ 4 GTX970" would make it less busy. Most people might understand the Hash with "password killer/analyzer", but the GTX970 would be lost on... |
|
rsberzerker |
User Contributions
|
7 |
13,402 |
04-13-2015, 06:42 AM |
| |
|
Thread: Email passwords ruleset v0.1
Post: Email passwords ruleset v0.1
| I've been trying my hand some of the hashes.org hashes, and notice some are email addresses. That actually makes sense. An email address will (usually) meet the length requirement, and the "@" and "."... |
|
rsberzerker |
User Contributions
|
1 |
5,236 |
04-13-2015, 06:32 AM |
| |
|
Thread: best64.rule contest
Post: RE: best64.rule contest
| I vote yes to this too. And as to Kgx's question, probably, but so what? Passwords used change over time, and the rules need to be updated against them. |
|
rsberzerker |
Organisation and Events
|
34 |
64,152 |
04-11-2015, 03:15 AM |
| |
|
Thread: Minimum password length
Post: Minimum password length
| I know with hashcat I can specify a minimum password length, but I can't seem to find a similar option with oclhashcat. I'm working on a hybrid attack, and I've already brute forced everything with 7 ... |
|
rsberzerker |
Old oclHashcat Support
|
5 |
24,937 |
12-21-2014, 03:26 AM |
| |
|
Thread: Minimum password length
Post: RE: Minimum password length
| Yes, a mask will work for a brute force attack to select only certain length passwords, but it doesn't work for a hybrid attack. For example, my [fake, example only] dictionary contains two words: pas... |
|
rsberzerker |
Old oclHashcat Support
|
5 |
24,937 |
12-21-2014, 05:19 AM |
| |
|
Thread: save md5 generated hashes to the file ?
Post: RE: save md5 generated hashes to the file ?
|
undeath Wrote: (12-26-2014, 12:29 PM)
--
No. If you want to waste your space with rainbow tables go to freerainbowtables.com.
--
To add an example, ophcrack has a paid NTLM rainbow table of all pos... |
|
rsberzerker |
Old oclHashcat Support
|
2 |
5,356 |
12-27-2014, 07:38 AM |
| |
|
Thread: Need some direction with combining dictionaries
Post: RE: Need some direction with combining dictionarie...
| It can be done with oclhashcat, but it will take some work. You have two options (AFAIK):
1) Use the hashcat utility program combinator to create a new dictionary, then you can use rules with that.... |
|
rsberzerker |
Old oclHashcat Support
|
3 |
12,104 |
12-28-2014, 05:52 PM |
| |
|
Thread: Incrementing Brute Force Attack?
Post: RE: Incrementing Brute Force Attack?
|
epixoip Wrote: (01-01-2015, 07:30 AM)
--
You're not going to be able to brute force past 9 characters, let alone 32.
--
Epixoip is right. True brute forcing past about 8 characters is not practical... |
|
rsberzerker |
Old oclHashcat Support
|
4 |
12,083 |
01-01-2015, 07:59 AM |
| |
|
Thread: oclHashcat bruteforce
Post: RE: oclHashcat bruteforce
| I'm a little late, but instead of -i you could use a file with masks instead. For the example above of 1-7, create a file with the following lines:
?a
?a?a
?a?a?a
?a?a?a?a
?a?a?a?a?a
?a?a?a?a?... |
|
rsberzerker |
Old oclHashcat Support
|
12 |
19,272 |
02-05-2015, 03:12 PM |
| |
|
Thread: No Output of Cracked Hashes
Post: RE: No Output of Cracked Hashes
| Generally, the plain wordlists don't crack many, if any, passwords. But combine them with rules and you are more likely to get something. The best64 ruleset, included with oclhashcat, is a good one. J... |
|
rsberzerker |
Old oclHashcat Support
|
10 |
12,488 |
02-09-2015, 03:26 AM |
| |
|
Thread: No Output of Cracked Hashes
Post: RE: No Output of Cracked Hashes
| There are several online hash generators. Try giving them a "password" and get the hash. Then be sure the password is the dictionary you are using to attack said hash. This way, you will get to see a ... |
|
rsberzerker |
Old oclHashcat Support
|
10 |
12,488 |
02-09-2015, 05:33 AM |
| |
|
Thread: bug in 1.35?
Post: RE: bug in 1.35?
| So bug. Thanks. I guess I stick with 1.33 for now. |
|
rsberzerker |
Old oclHashcat Support
|
3 |
5,295 |
04-13-2015, 01:22 AM |
| |
|
Thread: -w and sessions
Post: -w and sessions
| oclhashcat has 3 Workload Profiles:
1 = Reduced performance profile (low latency desktop)
2 = Default performance profile
3 = Tuned performance profile (high latency desktop)
It appear... |
|
rsberzerker |
Old oclHashcat Support
|
1 |
4,317 |
05-24-2015, 08:24 PM |
| |
|
Thread: bug in 1.35?
Post: bug in 1.35?
| I hadn't noticed 1.35 was out, so I just downloaded it. I have been using 1.33. But when I ran 1.35, it didn't recover anything, while the same run with 1.33 did. Here are the command lines.
First I ... |
|
rsberzerker |
Old oclHashcat Support
|
3 |
5,295 |
04-13-2015, 01:03 AM |
| |
|
Thread: MD5 salted hashs
Post: MD5 salted hashs
| I've got [mostly] down how to use hashcat (and oclhashcat) on unsalted hashes, so I decided to try something harder, a salted hash. I found a cracked md5:salt hash elsewhere and put that, along with t... |
|
rsberzerker |
Old hashcat Support
|
4 |
8,165 |
12-22-2014, 03:46 AM |
| |
|
Thread: MD5 salted hashs
Post: RE: MD5 salted hashs
|
epixoip Wrote: (12-22-2014, 04:06 AM)
--
Not sure what you're doing wrong. Maybe you have trailing whitespace or something.
--
OK, partially solved. I did have some whitespace at the end of the has... |
|
rsberzerker |
Old hashcat Support
|
4 |
8,165 |
12-22-2014, 04:48 AM |
| |
|
Thread: MD5 salted hashs
Post: RE: MD5 salted hashs
| That's what I thought. Thanks. If nothing else, I think I finally truly understand salting (as opposed to just being able to define it). |
|
rsberzerker |
Old hashcat Support
|
4 |
8,165 |
12-22-2014, 07:18 AM |
| |
|
Thread: Is it even possible?
Post: RE: Is it even possible?
| Well, the character set is 26+26 = 52. Ten characters is 52^10 = 144,555,105,949,057,024 possible passwords. At 10m/sec (which is very low depending on the hash), ~458 years.
BUT...10m/sec is low f... |
|
rsberzerker |
Old hashcat Support
|
11 |
16,231 |
02-08-2015, 09:19 PM |
| |
|
Thread: Is it even possible?
Post: RE: Is it even possible?
| If you have the hash, you should have the salt too. Hashcat (and oclhashcat), given the right -m parameter, will automatically use the salt. You don't need to crack that. |
|
rsberzerker |
Old hashcat Support
|
11 |
16,231 |
02-08-2015, 11:49 PM |
| |
|
Thread: Is it even possible?
Post: RE: Is it even possible?
| Yes. The salt is normally stored with the hash. So if you have access to the hash, you have access to the salt. |
|
rsberzerker |
Old hashcat Support
|
11 |
16,231 |
02-10-2015, 03:10 PM |
