+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Deprecated; Previous versions (https://hashcat.net/forum/forum-29.html)
+--- Forum: Old hashcat Support (https://hashcat.net/forum/forum-20.html)
+--- Thread: Interpreting some unlikely results. (/thread-1387.html)
Interpreting some unlikely results. - 550tiguy - 07-17-2012
G'day.
So, I got a bunch of hashes. I ran them few a few hundred million words with no success. After brute-forcing with a mask of ?1?1?1?1?1?1 and a charset of ?l?d?u
Then I get:
Code:
Status.......: Cracked
Input.Mode...: Mask (?1?1?1?1?1?1)
Hash.Type....: MD5
Time.Running.: 2 mins, 56 secs
Time.Util....: 176879.6ms/4584.3ms Real/CPU, 2.7% idle
Speed........: 320.9M c/s Real, 340.8M c/s GPU
Recovered....: 451/451 Digests, 1/1 Salts
Progress.....: 56759746560/56800235584 (99.93%)
Rejected.....: 0/56759746560 (0.00%)
HW.Monitor.#1: 0% GPU, 79c TempThe passwords look pseudo-random, and not like something a human would choose. I could understand an organization using forced passwords.
If I MD5 the passwords, it gives the hash, so it appears as though I guessed the exact password scheme for this group of passwords. I find this all unlikely.
Is it possible the hashes use a different algorithm which would give useless, but accurate results when decrypted with the incorrect algorithm. I think this is probably obtuse, but I'm trying to disprove the results.
Thanks.
RE: Interpreting some unlikely results. - Bitweasil - 07-17-2012
So...
You used the MD5 algorithm cracking, it found plains that, when hashed, lead to the original hash you were testing?
I think the tool is working fine.
It's HIGHLY unlikely that another hash algorithm would generate valid MD5s for a password-ish sequence of bytes.
Alternately, the leaked list was generated seeded with fake passwords. *shrug*