Search Results
|
Post |
Author |
Forum |
Replies
[asc]
|
Views |
Posted |
|
|
Thread: best64.rule contest
Post: RE: best64.rule contest
I vote yes to this too. And as to Kgx's question, probably, but so what? Passwords used change over time, and the rules need to be updated against them. |
|
rsberzerker |
Organisation and Events
|
34 |
64,125 |
04-11-2015, 03:15 AM |
|
|
Thread: Is my plan a good idea?
Post: RE: Is my plan a good idea?
Rainbow tables are virtually useless against salted hashes. And even if they weren't, you have to factor in disk access times: How fast can you search those tables vs. how fast is hashcat (and oclhash... |
|
rsberzerker |
General Talk
|
23 |
40,630 |
12-28-2014, 11:28 PM |
|
|
Thread: Practical PRINCE: 1 CPU + 24 hours = 63% Linkedin hashes cracked, 100% automated
Post: RE: Practical PRINCE: 1 CPU + 24 hours = 63% Linke...
Great tutorial. It would be better IMHO if you included two things:
1) A general explanation of what the princeprocessor is actually doing.
2) The equivalent named pipe for Windows.
Quote:
--
..... |
|
rsberzerker |
hashcat-utils, maskprocessor, statsprocessor, md5stress, wikistrip
|
22 |
74,857 |
12-26-2014, 05:54 AM |
|
|
Thread: Practical PRINCE: 1 CPU + 24 hours = 63% Linkedin hashes cracked, 100% automated
Post: RE: Practical PRINCE: 1 CPU + 24 hours = 63% Linke...
atom Wrote: (12-26-2014, 01:14 PM)
--
It's described here https://hashcat.net/tools/princeprocessor/prince-attack.pdf
--
No quite as much detail as I hoped for, but more than I can [currently] under... |
|
rsberzerker |
hashcat-utils, maskprocessor, statsprocessor, md5stress, wikistrip
|
22 |
74,857 |
12-27-2014, 06:03 AM |
|
|
Thread: Practical PRINCE: 1 CPU + 24 hours = 63% Linkedin hashes cracked, 100% automated
Post: RE: Practical PRINCE: 1 CPU + 24 hours = 63% Linke...
Been playing with Prince (0.19) and I noticed something strange. When using one list, it exhausts within seconds. Using a second list, it keeps going and going. Same command line, just the dictionary ... |
|
rsberzerker |
hashcat-utils, maskprocessor, statsprocessor, md5stress, wikistrip
|
22 |
74,857 |
01-19-2015, 06:23 PM |
|
|
Thread: 980GTX MSI vs Reference
Post: RE: 980GTX MSI vs Reference
epixoip Wrote: (05-24-2015, 10:50 PM)
--
It is possible that resellers in your area do not sell reference design cards. You could contact them and ask them if they are able to get reference design ca... |
|
rsberzerker |
Hardware
|
20 |
41,534 |
05-25-2015, 01:36 AM |
|
|
Thread: 980GTX MSI vs Reference
Post: RE: 980GTX MSI vs Reference
Quote:
--
Uhm, OEM = another company mades product based on chipset of the original company. So basicaly, If I get it right, the only one, who is not OEM but a reference, are the cards made by NVID... |
|
rsberzerker |
Hardware
|
20 |
41,534 |
05-25-2015, 03:21 AM |
|
|
Thread: Dilemma…!
Post: RE: Dilemma…!
undeath Wrote: (09-13-2017, 05:37 PM)
--
PACK is just a collection of python scripts. You can run python on almost any OS, including Windows.
--
In theory yes. In practice, there is a dependency wi... |
|
rsberzerker |
hashcat
|
13 |
9,636 |
09-18-2017, 02:12 PM |
|
|
Thread: Dilemma…!
Post: RE: Dilemma…!
You need the pyenchant library/module. I never was able to get this working on Windows, but it was easy on [Debian] Linux.
Any you need to understand the attack method. Based on your first post, yo... |
|
rsberzerker |
hashcat
|
13 |
9,636 |
09-19-2017, 01:59 PM |
|
|
Thread: oclHashcat bruteforce
Post: RE: oclHashcat bruteforce
I'm a little late, but instead of -i you could use a file with masks instead. For the example above of 1-7, create a file with the following lines:
?a
?a?a
?a?a?a
?a?a?a?a
?a?a?a?a?a
?a?a?a?a?... |
|
rsberzerker |
Old oclHashcat Support
|
12 |
19,255 |
02-05-2015, 03:12 PM |
|
|
Thread: Is it even possible?
Post: RE: Is it even possible?
Well, the character set is 26+26 = 52. Ten characters is 52^10 = 144,555,105,949,057,024 possible passwords. At 10m/sec (which is very low depending on the hash), ~458 years.
BUT...10m/sec is low f... |
|
rsberzerker |
Old hashcat Support
|
11 |
16,216 |
02-08-2015, 09:19 PM |
|
|
Thread: Is it even possible?
Post: RE: Is it even possible?
If you have the hash, you should have the salt too. Hashcat (and oclhashcat), given the right -m parameter, will automatically use the salt. You don't need to crack that. |
|
rsberzerker |
Old hashcat Support
|
11 |
16,216 |
02-08-2015, 11:49 PM |
|
|
Thread: Is it even possible?
Post: RE: Is it even possible?
Yes. The salt is normally stored with the hash. So if you have access to the hash, you have access to the salt. |
|
rsberzerker |
Old hashcat Support
|
11 |
16,216 |
02-10-2015, 03:10 PM |
|
|
Thread: No Output of Cracked Hashes
Post: RE: No Output of Cracked Hashes
Generally, the plain wordlists don't crack many, if any, passwords. But combine them with rules and you are more likely to get something. The best64 ruleset, included with oclhashcat, is a good one. J... |
|
rsberzerker |
Old oclHashcat Support
|
10 |
12,477 |
02-09-2015, 03:26 AM |
|
|
Thread: No Output of Cracked Hashes
Post: RE: No Output of Cracked Hashes
There are several online hash generators. Try giving them a "password" and get the hash. Then be sure the password is the dictionary you are using to attack said hash. This way, you will get to see a ... |
|
rsberzerker |
Old oclHashcat Support
|
10 |
12,477 |
02-09-2015, 05:33 AM |
|
|
Thread: Rule shortcut
Post: Rule shortcut
I've noticed in several lists I've been working on lately, I see several email addresses used as passwords. I suspect there are more than what I've found.
I'd like to write a rule to append some co... |
|
rsberzerker |
General Help
|
9 |
13,590 |
04-10-2015, 04:38 AM |
|
|
Thread: Rule shortcut
Post: RE: Rule shortcut
epixoip Wrote: (04-10-2015, 05:29 AM)
--
the shortcut is to use a stream editor to generate the rule file for you.
for example if you have a list of domains called "domains.txt", you would use som... |
|
rsberzerker |
General Help
|
9 |
13,590 |
04-10-2015, 05:33 AM |
|
|
Thread: Rule shortcut
Post: RE: Rule shortcut
epixoip Wrote: (04-13-2015, 05:17 AM)
--
Spaces are optional.
The rule isn't failing, it just isn't loading because it's too long to be used on GPU. It will work in hashcat-cli though.
--
What is t... |
|
rsberzerker |
General Help
|
9 |
13,590 |
04-13-2015, 05:26 AM |
|
|
Thread: Rule shortcut
Post: RE: Rule shortcut
I've been working with this and had the [maybe] bright idea to combine this with the best64 rules. It somewhat works, and has found some hashes even in it's current somewhat broken state. Some of the ... |
|
rsberzerker |
General Help
|
9 |
13,590 |
04-13-2015, 05:11 AM |
|
|
Thread: Rule shortcut
Post: RE: Rule shortcut
coolbry95 Wrote: (04-13-2015, 05:51 AM)
--
The limit is 15 functions per line. If you were to use a combinator attack you would do username domains -j '$@'.
--
Thanks. That explains why I get the ... |
|
rsberzerker |
General Help
|
9 |
13,590 |
04-13-2015, 06:11 AM |