oclHashcat-plus is a GPGPU-based multi-hash cracker using a brute-force attack (implemented as mask attack), combinator attack, dictionary attack, hybrid attack, mask attack, permutation attack, and rule-based attack.

Current version is 0.081.

• Homepage: http://hashcat.net/oclhashcat-plus/
• Manual: http://hashcat.net/files/hashcat_user_manual.pdf Outdated!
• Support Forum: http://hashcat.net/forum/forum-23.html

The main problem with the first GPGPU hashcat version oclHashcat was to do with it's architecture. It was designed for doing Combinator attack. That worked well with fast algorithms but in combination with slow (modern, highly iterated and salted) algorithms,that was an inefficient strategy.

As a consequence, people still used the CPU-based hashcat for serious hash-cracking. This is because it is possible to work with simple dictionary-based attacks. To be able to do dictionary-based attacks on a GPU, it was neccessary to deal with the architecture problem of oclHashcat first. The only solution was a complete new approach. This second oclHashcat version, which is designed for dictionary-based attacks, is called “oclHashcat-plus”.

Notes about simple dictionary attack on GPU:

• Fast algorithms like MD4, MD5 or NTLM do work with simple dictionary attacks on a GPU, but this is not very efficient. It takes longer to transfer the wordlist data to GPU global memory rather than to just attack them on the CPU.
• Slow algorithms like md5crypt (1000 iterations), phpass (up to 8k iterations) or WPA/WPA2 (16k iterations) can efficiently run on a GPU. The reason for this is that they are designed to slow down cracking performance itself. In this case, and unlike the fast algorithms, the time to copy the wordlist to GPU global memory is of no consequence.

An additional major feature of oclHashcat-plus is the GPU-based rule engine. With this it is possible to do Rule-based attack.

• Fast algorithms make use of the GPU-based rule engine to increase GPU utilization. Using this strategy, simple dictionary-based attacks become efficient on the GPU again. The rule-engine on a GPU is very fast. Depending on the rule itself, you can reach nearly the same speed as with a combinator attack in oclHashcat. This is an absolutely unique feature against all other hash crackers.
• Slow algorithms make use of the CPU-based rule engine to increase wordlist size. This way you can use even the very small dictionaries like “common4.txt” or “mil-dict.txt”. They are virtually expanded in memory by the CPU-based rule engine. This fits perfectly in the situation above in that the time to copy the wordlist to GPU global memory is of no consequence.

As a result, oclHashcat-plus is a lot more like the original CPU-based hashcat.

The first official release was v0.02, released on 30.01.2011.

Another important release was v0.06, released on 16.09.2011: It was the first version that supported the WPA/WPA2 algorithm.

With release of v0.07, oclHashcat-plus replaced regular oclHashcat when it ported Brute-Force Attack, Mask Attack, Combination Attack and Hybrid Attack.

oclHashcat-plus, advanced password recovery

Usage: oclHashcat-plus [options]... hash|hashfile|hccapfile [dictionary|mask|directory]...

=======
Options
=======

* General:

  -m,  --hash-type=NUM               Hash-type, see references below
  -a,  --attack-mode=NUM             Attack-mode, see references below
  -V,  --version                     Print version
  -h,  --help                        Print help
       --eula                        Print EULA
       --quiet                       Suppress output

* Misc:

       --runtime=NUM                 Abort session after NUM seconds of runtime
       --hex-salt                    Assume salt is given in hex
       --hex-charset                 Assume charset is given in hex
       --force                       Ignore warnings

* Files:

  -o,  --outfile=FILE                Define outfile for recovered hash
       --outfile-format=NUM          Define outfile-format for recovered hash
  -p,  --seperator=CHAR              Define seperator char for hashlists and outfile
       --show                        Show cracked passwords only
       --left                        Show un-cracked passwords only
       --username                    Enable ignoring of usernames in hashfile
       --remove                      Enable remove of hash once it is cracked

* Resources:

  -c,  --segment-size=NUM            Size in MB to cache from the wordfile
       --cpu-affinity=STR            locks to CPU devices, seperate with comma
       --gpu-async                   Use non-blocking async calls (NV only)
  -d,  --gpu-devices=STR             Devices to use, separate with comma
  -n,  --gpu-accel=NUM               Workload tuning: 1, 8, 40, 80, 160
       --gpu-loops=NUM               Workload fine-tuning: 8 - 1024
       --gpu-watchdog=NUM            Abort session at NUM degrees celsius

* Rules:

  -r,  --rules-file=FILE             Rules-file, multi use: -r 1.rule -r 2.rule
  -g,  --generate-rules=NUM          Generate NUM random rules
       --generate-rules-func-min=NUM Force NUM functions per random rule min
       --generate-rules-func-max=NUM Force NUM functions per random rule max

* Custom charsets:

  -1,  --custom-charset1=CS          User-defined charsets
  -2,  --custom-charset2=CS          Example:
  -3,  --custom-charset3=CS          --custom-charset1=?dabcdef
  -4,  --custom-charset4=CS          Sets charset ?1 to 0123456789abcdef

* Permutation attack-mode specific:

       --perm-min=NUM                Filter words shorter than NUM
       --perm-max=NUM                Filter words larger than NUM

==========
References
==========

* Outfile Formats:

    1 = hash[:salt]
    2 = plain
    3 = hash[:salt]:plain
    4 = hex_plain
    5 = hash[:salt]:hex_plain
    6 = plain:hex_plain
    7 = hash[:salt]:plain:hex_plain

* Built-in charsets:

   ?l = abcdefghijklmnopqrstuvwxyz
   ?u = ABCDEFGHIJKLMNOPQRSTUVWXYZ
   ?d = 0123456789
   ?s =  !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~
   ?h = 8 bit characters from 0xc0 - 0xff
   ?D = 8 bit characters from german alphabet
   ?F = 8 bit characters from french alphabet
   ?R = 8 bit characters from russian alphabet

* Attack modes:

    0 = Straight
    1 = Combination
    3 = Brute-force
    4 = Permutation
    6 = Hybrid dict + mask
    7 = Hybrid mask + dict

* Hash types:

    0 = MD5
   11 = Joomla
   21 = osCommerce, xt:Commerce
  100 = SHA1
  101 = nsldap, SHA-1(Base64), Netscape LDAP SHA
  111 = nsldaps, SSHA-1(Base64), Netscape LDAP SSHA
  112 = Oracle 11g
  121 = SMF > v1.1
  122 = OSX v10.4, v10.5, v10.6
  131 = MSSQL(2000)
  132 = MSSQL(2005)
  300 = MySQL
  400 = phpass, MD5(Wordpress), MD5(phpBB3)
  500 = md5crypt, MD5(Unix), FreeBSD MD5, Cisco-IOS MD5
  900 = MD4
 1000 = NTLM
 1100 = Domain Cached Credentials, mscash
 1400 = SHA256
 1500 = descrypt, DES(Unix), Traditional DES
 1600 = md5apr1, MD5(APR), Apache MD5
 1700 = SHA512
 1722 = OSX v10.7
 2100 = Domain Cached Credentials2, mscash2
 2400 = Cisco-PIX MD5
 2500 = WPA/WPA2
 2600 = Double MD5
 2611 = vBulletin < v3.8.5
 2711 = vBulletin > v3.8.5
 2811 = IPB2+, MyBB1.2+
 3000 = LM
 3100 = Oracle 7-10g, DES(Oracle)

* Indicates that the value is dependent on the algorithm and GPU platform vendor (see below)

• Brute-Force attack
• Combinator attack
• Dictionary attack
• Fingerprint attack
• Hybrid attack
• Mask attack
• Permutation attack
• Rule-based attack

• Toggle-Case attack, see Using rules to emulate toggle attack

The reason behind the special loading of the dictionary is that some kernels require all plaintexts to be of the same length to process them efficiently.

Brute-force crackers usually do not have this problem because the length of the generated plaintext is always the same. But it's not so in wordlists. Usually the words in wordlists are not sorted by their length. So the idea was oclHashcat-plus would cache each of the loaded words once, and store them into specific buffers. Each word-length has one unique buffer. If a word has the length 8; it sorts it into buffer number 8. Then, if buffer 8's threshold is reached, it processes them and clears it afterwards. This is why it is so hard for oclHashcat-plus to have a restore / resume position.

Hint: You can optimize your wordlists for oclhashcat-plus usage. You just need to sort them by their length. It is recommended that you generate seperate wordlists sorted by their length. The hashcat-utils ship with a tool called: “splitlen”, which was written for this task.

While it is not officially supported, one of our users, undeath , had a neat idea:

To gain the possibility of resuming wordlists with oclHashcat-plus, you can pipe the words into stdin using hashcat. It is then recommended that you sort your wordlists by length as described above prior to this.

hashcat --stdout wordlists/list.dict | oclhashcat-plus ... 

On aborting using CTRL+C, you will see the well known message: “To restore Session use Parameter -s xxx” so you can restore the cracking process later as with the cpu version. Also, you are able to use all word altering functions provided by hashcat (like Table Lookup attack or Permutation attack).

If you are interested in writing .hccap files, it's structure is explained here: HCCAP format description

Please refer to the homepage to get the latest benchmarks.

Real c/s is derived from dividing all tested passwords from zero to present from the moment oclHashcat-plus started. This is often a lower figure as it takes into account copying wordlists into GPU memory and also the PCI-Express overhead.

GPU c/s is derived from dividing the time for the last 32 kernel launches by the number of finished passwords from the previous 32 kernel launches. This figure is usually higher than Real c/s as there is no time lost copying the wordlist or PCI-Express overhead.

In general GPU c/s is a more accurate representation of oclHashcat-plus's performance as wordlist loading is dependant on the I/O performance of the users computer.

• Password-length is set to a maximum of 15 on all algorithms

• Add support for --pw-skip and --pw-limit
• Add more algorithms
• See the feature request page here