Quickie on how OclHashcat+ works
#1
Hi. I would like to know if cl: 8 in oclhashcat+ means that 1 password of length 8 is being processed or a group of passwords of length 8 is processed? If it is the latter, how many? Thanks.
#2
the reason behind that is that some kernels require all plaintexts to be of the same length to process them efficiently. brute-force crackers usually do not have this problem because the length of the generated plaintext is always the same. but not so in wordlists. usually the words in wordlists are not sorted by their length. so my idea was oclHashcat+ caches all the loaded words and stores them into multiple buffers while it loads them. each length has one unqiue buffer. so if a word has the length 8 i put it into buffer 8. now for example if buffer 8's threshold is reached it processes them and clears it afterwards. so cl:8 means oclHashcat+ processes now all cached words with length 8. this is why it looks a bit random but it is not. hint: you can optimize your wordlists for oclhashcat+ usage. you just need to sort them by their length. i recommend you to generate seperate wordlists sorted by their length. latest hashcat-utils package ships with a tool "splitlen" which was written exactly for this task.
#3
i should add two things

a) if a wordlist ends, all the buffers that still have data to process are executed one after another. thats why oclhc+ usually processes cl:1-15 at the end.

b) the size of the buffer depends on your gpu and the -n multiplier value. it is: $num_sp * 256 * $-n_val