Search Results
|
Post |
Author |
Forum
[asc]
|
Replies |
Views |
Posted |
|
|
Thread: HashCat t-shirt !
Post: RE: HashCat t-shirt !
At the very least, you can loose the = sign.
Loosing the "+ 4 GTX970" would make it less busy. Most people might understand the Hash with "password killer/analyzer", but the GTX970 would be lost on... |
|
rsberzerker |
User Contributions
|
7 |
13,402 |
04-13-2015, 06:42 AM |
|
|
Thread: Email passwords ruleset v0.1
Post: Email passwords ruleset v0.1
I've been trying my hand some of the hashes.org hashes, and notice some are email addresses. That actually makes sense. An email address will (usually) meet the length requirement, and the "@" and "."... |
|
rsberzerker |
User Contributions
|
1 |
5,236 |
04-13-2015, 06:32 AM |
|
|
Thread: best64.rule contest
Post: RE: best64.rule contest
I vote yes to this too. And as to Kgx's question, probably, but so what? Passwords used change over time, and the rules need to be updated against them. |
|
rsberzerker |
Organisation and Events
|
34 |
64,152 |
04-11-2015, 03:15 AM |
|
|
Thread: Minimum password length
Post: Minimum password length
I know with hashcat I can specify a minimum password length, but I can't seem to find a similar option with oclhashcat. I'm working on a hybrid attack, and I've already brute forced everything with 7 ... |
|
rsberzerker |
Old oclHashcat Support
|
5 |
24,937 |
12-21-2014, 03:26 AM |
|
|
Thread: Minimum password length
Post: RE: Minimum password length
Yes, a mask will work for a brute force attack to select only certain length passwords, but it doesn't work for a hybrid attack. For example, my [fake, example only] dictionary contains two words: pas... |
|
rsberzerker |
Old oclHashcat Support
|
5 |
24,937 |
12-21-2014, 05:19 AM |
|
|
Thread: save md5 generated hashes to the file ?
Post: RE: save md5 generated hashes to the file ?
undeath Wrote: (12-26-2014, 12:29 PM)
--
No. If you want to waste your space with rainbow tables go to freerainbowtables.com.
--
To add an example, ophcrack has a paid NTLM rainbow table of all pos... |
|
rsberzerker |
Old oclHashcat Support
|
2 |
5,356 |
12-27-2014, 07:38 AM |
|
|
Thread: Need some direction with combining dictionaries
Post: RE: Need some direction with combining dictionarie...
It can be done with oclhashcat, but it will take some work. You have two options (AFAIK):
1) Use the hashcat utility program combinator to create a new dictionary, then you can use rules with that.... |
|
rsberzerker |
Old oclHashcat Support
|
3 |
12,104 |
12-28-2014, 05:52 PM |
|
|
Thread: Incrementing Brute Force Attack?
Post: RE: Incrementing Brute Force Attack?
epixoip Wrote: (01-01-2015, 07:30 AM)
--
You're not going to be able to brute force past 9 characters, let alone 32.
--
Epixoip is right. True brute forcing past about 8 characters is not practical... |
|
rsberzerker |
Old oclHashcat Support
|
4 |
12,083 |
01-01-2015, 07:59 AM |
|
|
Thread: oclHashcat bruteforce
Post: RE: oclHashcat bruteforce
I'm a little late, but instead of -i you could use a file with masks instead. For the example above of 1-7, create a file with the following lines:
?a
?a?a
?a?a?a
?a?a?a?a
?a?a?a?a?a
?a?a?a?a?... |
|
rsberzerker |
Old oclHashcat Support
|
12 |
19,272 |
02-05-2015, 03:12 PM |
|
|
Thread: No Output of Cracked Hashes
Post: RE: No Output of Cracked Hashes
Generally, the plain wordlists don't crack many, if any, passwords. But combine them with rules and you are more likely to get something. The best64 ruleset, included with oclhashcat, is a good one. J... |
|
rsberzerker |
Old oclHashcat Support
|
10 |
12,488 |
02-09-2015, 03:26 AM |
|
|
Thread: No Output of Cracked Hashes
Post: RE: No Output of Cracked Hashes
There are several online hash generators. Try giving them a "password" and get the hash. Then be sure the password is the dictionary you are using to attack said hash. This way, you will get to see a ... |
|
rsberzerker |
Old oclHashcat Support
|
10 |
12,488 |
02-09-2015, 05:33 AM |
|
|
Thread: bug in 1.35?
Post: RE: bug in 1.35?
So bug. Thanks. I guess I stick with 1.33 for now. |
|
rsberzerker |
Old oclHashcat Support
|
3 |
5,295 |
04-13-2015, 01:22 AM |
|
|
Thread: -w and sessions
Post: -w and sessions
oclhashcat has 3 Workload Profiles:
1 = Reduced performance profile (low latency desktop)
2 = Default performance profile
3 = Tuned performance profile (high latency desktop)
It appear... |
|
rsberzerker |
Old oclHashcat Support
|
1 |
4,317 |
05-24-2015, 08:24 PM |
|
|
Thread: bug in 1.35?
Post: bug in 1.35?
I hadn't noticed 1.35 was out, so I just downloaded it. I have been using 1.33. But when I ran 1.35, it didn't recover anything, while the same run with 1.33 did. Here are the command lines.
First I ... |
|
rsberzerker |
Old oclHashcat Support
|
3 |
5,295 |
04-13-2015, 01:03 AM |
|
|
Thread: MD5 salted hashs
Post: MD5 salted hashs
I've got [mostly] down how to use hashcat (and oclhashcat) on unsalted hashes, so I decided to try something harder, a salted hash. I found a cracked md5:salt hash elsewhere and put that, along with t... |
|
rsberzerker |
Old hashcat Support
|
4 |
8,165 |
12-22-2014, 03:46 AM |
|
|
Thread: MD5 salted hashs
Post: RE: MD5 salted hashs
epixoip Wrote: (12-22-2014, 04:06 AM)
--
Not sure what you're doing wrong. Maybe you have trailing whitespace or something.
--
OK, partially solved. I did have some whitespace at the end of the has... |
|
rsberzerker |
Old hashcat Support
|
4 |
8,165 |
12-22-2014, 04:48 AM |
|
|
Thread: MD5 salted hashs
Post: RE: MD5 salted hashs
That's what I thought. Thanks. If nothing else, I think I finally truly understand salting (as opposed to just being able to define it). |
|
rsberzerker |
Old hashcat Support
|
4 |
8,165 |
12-22-2014, 07:18 AM |
|
|
Thread: Is it even possible?
Post: RE: Is it even possible?
Well, the character set is 26+26 = 52. Ten characters is 52^10 = 144,555,105,949,057,024 possible passwords. At 10m/sec (which is very low depending on the hash), ~458 years.
BUT...10m/sec is low f... |
|
rsberzerker |
Old hashcat Support
|
11 |
16,231 |
02-08-2015, 09:19 PM |
|
|
Thread: Is it even possible?
Post: RE: Is it even possible?
If you have the hash, you should have the salt too. Hashcat (and oclhashcat), given the right -m parameter, will automatically use the salt. You don't need to crack that. |
|
rsberzerker |
Old hashcat Support
|
11 |
16,231 |
02-08-2015, 11:49 PM |
|
|
Thread: Is it even possible?
Post: RE: Is it even possible?
Yes. The salt is normally stored with the hash. So if you have access to the hash, you have access to the salt. |
|
rsberzerker |
Old hashcat Support
|
11 |
16,231 |
02-10-2015, 03:10 PM |