Digg Del.icio.us Reddit Facebook Stumble Upon Twitter
 

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

oclhashcat_plus [2012/06/25 20:30]
malik [Resources] 		oclhashcat_plus [2013/03/22 17:04] (current)
atom [Options]
Line 3: Line 3:
 ===== Description ===== ===== Description =====
  
-oclHashcat-plus is a GPGPU-based multi-hash cracker using a brute-force attack (implemented as [[mask_attack|mask attack]]), [[combinator_attack|combinator attack]], [[dictionary_attack|dictionary attack]], [[hybrid_attack|hybrid attack]], [[mask_attack|mask ​attack]], [[permutation_attack|permutation ​attack]], and [[rule_based_attack|rule-based attack]].+oclHashcat-plus is a GPGPU-based multi-hash cracker using a brute-force attack (implemented as [[mask_attack|mask attack]]), [[combinator_attack|combinator attack]], [[dictionary_attack|dictionary attack]], [[hybrid_attack|hybrid attack]], [[mask_attack|mask attack]], and [[rule_based_attack|rule-based attack]].
  
 ===== Current version ====== ===== Current version ======
  
-Current version is **0.081**.+Current version is **0.14**.
  
 ===== Resources ====== ===== Resources ======
Line 64: Line 64:
 * Misc: * Misc:
  
-       ​--runtime=NUM ​                Abort session after NUM seconds of runtime 
        ​--hex-salt ​                   Assume salt is given in hex        ​--hex-salt ​                   Assume salt is given in hex
        ​--hex-charset ​                ​Assume charset is given in hex        ​--hex-charset ​                ​Assume charset is given in hex
        ​--force ​                      ​Ignore warnings        ​--force ​                      ​Ignore warnings
 +       ​--status ​                     Enable automatic update of the status-screen
 +       ​--status-timer=NUM ​           Seconds between status-screen update
 +
 +* Markov:
 +
 +       ​--markov-hcstat ​              ​Specify hcstat file to use, default is hashcat.hcstat
 +       ​--markov-disable ​             Disables markov-chains,​ emulates classic brute-force
 +       ​--markov-classic ​             Enables classic markov-chains,​ no per-position enhancement
 +  -t,  --markov-threshold=NUM ​       Threshold when to stop accepting new markov-chains
 +
 +* Session:
 +
 +       ​--runtime=NUM ​                Abort session after NUM seconds of runtime
 +       ​--session=STR ​                ​Define specific session name
 +       ​--restore ​                    ​Restore session from --session
 +       ​--restore-timer=NUM ​          Save restore file each NUM seconds
  
 * Files: * Files:
  
   -o,  --outfile=FILE ​               Define outfile for recovered hash   -o,  --outfile=FILE ​               Define outfile for recovered hash
-       ​--outfile-format=NUM ​         Define outfile-format for recovered hash+       ​--outfile-format=NUM ​         Define outfile-format for recovered hash, see references below
   -p,  --seperator=CHAR ​             Define seperator char for hashlists and outfile   -p,  --seperator=CHAR ​             Define seperator char for hashlists and outfile
        ​--show ​                       Show cracked passwords only        ​--show ​                       Show cracked passwords only
Line 78: Line 93:
        ​--username ​                   Enable ignoring of usernames in hashfile        ​--username ​                   Enable ignoring of usernames in hashfile
        ​--remove ​                     Enable remove of hash once it is cracked        ​--remove ​                     Enable remove of hash once it is cracked
 +       ​--disable-potfile ​            Do not write potfile
  
 * Resources: * Resources:
  
   -c,  --segment-size=NUM ​           Size in MB to cache from the wordfile   -c,  --segment-size=NUM ​           Size in MB to cache from the wordfile
-       ​--cpu-affinity=STR ​           ​locks to CPU devices, seperate with comma+       ​--cpu-affinity=STR ​           ​Locks to CPU devices, seperate with comma
        ​--gpu-async ​                  Use non-blocking async calls (NV only)        ​--gpu-async ​                  Use non-blocking async calls (NV only)
   -d,  --gpu-devices=STR ​            ​Devices to use, separate with comma   -d,  --gpu-devices=STR ​            ​Devices to use, separate with comma
   -n,  --gpu-accel=NUM ​              ​Workload tuning: 1, 8, 40, 80, 160   -n,  --gpu-accel=NUM ​              ​Workload tuning: 1, 8, 40, 80, 160
-       --gpu-loops=NUM ​              ​Workload fine-tuning:​ 8 - 1024 +  -u,  ​--gpu-loops=NUM ​              ​Workload fine-tuning:​ 8 - 1024 
-       ​--gpu-watchdog=NUM            Abort session at NUM degrees celsius+       ​--gpu-temp-disable ​           Disable temperature and fanspeed readings and triggers 
 +       ​--gpu-temp-abort=NUM          Abort session ​if GPU temperature reaches NUM degrees celsius 
 +       ​--gpu-temp-retain=NUM ​        Try to retain GPU temperature ​at NUM degrees celsius ​(AMD only)
  
 * Rules: * Rules:
  
 +  -j,  --rule-left=RULE ​             Single rule applied to each word from left dict
 +  -k,  --rule-right=RULE ​            ​Single rule applied to each word from right dict
   -r,  --rules-file=FILE ​            ​Rules-file,​ multi use: -r 1.rule -r 2.rule   -r,  --rules-file=FILE ​            ​Rules-file,​ multi use: -r 1.rule -r 2.rule
   -g,  --generate-rules=NUM ​         Generate NUM random rules   -g,  --generate-rules=NUM ​         Generate NUM random rules
Line 103: Line 123:
   -4,  --custom-charset4=CS ​         Sets charset ?1 to 0123456789abcdef   -4,  --custom-charset4=CS ​         Sets charset ?1 to 0123456789abcdef
  
-Permutation attack-mode specific:+Increment:
  
-       --perm-min=NUM ​               ​Filter words shorter than NUM +  ​-i,  ​--increment ​                  ​Enable increment mode 
-       --perm-max=NUM ​               ​Filter words larger than NUM+       ​--increment-min=NUM ​          Start incrementing at NUM 
 +       --increment-max=NUM ​          Stop incrementing at NUM
  
 ========== ==========
Line 127: Line 148:
    ?u = ABCDEFGHIJKLMNOPQRSTUVWXYZ    ?u = ABCDEFGHIJKLMNOPQRSTUVWXYZ
    ?d = 0123456789    ?d = 0123456789
 +   ?a = ?l?u?d?s
    ?s =  !"#​$%&'​()*+,​-./:;<​=>?​@[\]^_`{|}~    ?s =  !"#​$%&'​()*+,​-./:;<​=>?​@[\]^_`{|}~
    ?h = 8 bit characters from 0xc0 - 0xff    ?h = 8 bit characters from 0xc0 - 0xff
Line 138: Line 160:
     1 = Combination     1 = Combination
     3 = Brute-force     3 = Brute-force
-    4 = Permutation 
     6 = Hybrid dict + mask     6 = Hybrid dict + mask
     7 = Hybrid mask + dict     7 = Hybrid mask + dict
  
-Hash types:+Generic hash types:
  
     0 = MD5     0 = MD5
-   11 Joomla +   10 md5($pass.$salt) 
-   21 osCommerce, xt:Commerce+   20 md5($salt.$pass) 
 +   30 = md5(unicode($pass).$salt) 
 +   40 = md5($salt.unicode($pass))
   100 = SHA1   100 = SHA1
-  ​101 nsldap, SHA-1(Base64), Netscape LDAP SHA +  ​110 sha1($pass.$salt
-  ​111 nsldaps, SSHA-1(Base64), Netscape LDAP SSHA +  ​120 sha1($salt.$pass
-  ​112 Oracle 11g +  ​130 sha1(unicode($pass).$salt) 
-  121 = SMF > v1.1 +  ​140 sha1($salt.unicode($pass))
-  ​122 OSX v10.4, v10.5, v10.6 +
-  131 = MSSQL(2000) +
-  132 = MSSQL(2005)+
   300 = MySQL   300 = MySQL
   400 = phpass, MD5(Wordpress),​ MD5(phpBB3)   400 = phpass, MD5(Wordpress),​ MD5(phpBB3)
Line 162: Line 182:
  1100 = Domain Cached Credentials,​ mscash  1100 = Domain Cached Credentials,​ mscash
  1400 = SHA256  1400 = SHA256
 + 1410 = sha256($pass.$salt)
 + 1420 = sha256($salt.$pass)
  1500 = descrypt, DES(Unix), Traditional DES  1500 = descrypt, DES(Unix), Traditional DES
  1600 = md5apr1, MD5(APR), Apache MD5  1600 = md5apr1, MD5(APR), Apache MD5
  1700 = SHA512  1700 = SHA512
- 1722 OSX v10.7+ 1710 sha512($pass.$salt) 
 + 1720 = sha512($salt.$pass) 
 + 1800 = sha512crypt,​ SHA512(Unix)
  2100 = Domain Cached Credentials2,​ mscash2  2100 = Domain Cached Credentials2,​ mscash2
  2400 = Cisco-PIX MD5  2400 = Cisco-PIX MD5
  2500 = WPA/WPA2  2500 = WPA/WPA2
  2600 = Double MD5  2600 = Double MD5
 + 3000 = LM
 + 3100 = Oracle 7-10g, DES(Oracle)
 + 3200 = bcrypt, Blowfish(OpenBSD)
 + 5000 = SHA-3(Keccak)
 + 5100 = Half MD5
 + 5200 = Password Safe SHA-256
 + 5300 = IKE-PSK MD5
 + 5400 = IKE-PSK SHA1
 + 5500 = NetNTLMv1-VANILLA / NetNTLMv1+ESS
 + 5600 = NetNTLMv2
 + 5700 = Cisco-IOS SHA256
 +
 +* Specific hash types:
 +
 +   11 = Joomla
 +   21 = osCommerce, xt:Commerce
 +  101 = nsldap, SHA-1(Base64),​ Netscape LDAP SHA
 +  111 = nsldaps, SSHA-1(Base64),​ Netscape LDAP SSHA
 +  112 = Oracle 11g
 +  121 = SMF > v1.1
 +  122 = OSX v10.4, v10.5, v10.6
 +  131 = MSSQL(2000)
 +  132 = MSSQL(2005)
 +  141 = EPiServer 6.x
 + 1722 = OSX v10.7
  2611 = vBulletin < v3.8.5  2611 = vBulletin < v3.8.5
  2711 = vBulletin > v3.8.5  2711 = vBulletin > v3.8.5
  2811 = IPB2+, MyBB1.2+  2811 = IPB2+, MyBB1.2+
- 3000 = LM 
- 3100 = Oracle 7-10g, DES(Oracle) 
 </​code>​ </​code>​
 ===== Default Values =====  ===== Default Values ===== 
 +
 +– section needs update –
  
 ^ Attribute ^ Value ^ Note ^ ^ Attribute ^ Value ^ Note ^
Line 204: Line 253:
 | <​nowiki>​--generate-rules-func-max</​nowiki>​ | 4 | | | <​nowiki>​--generate-rules-func-max</​nowiki>​ | 4 | |
 | <​nowiki>​--hash-type</​nowiki>​ | 0 | | | <​nowiki>​--hash-type</​nowiki>​ | 0 | |
-| <​nowiki>​--perm-min</​nowiki>​ | | | +| <​nowiki>​--increment</​nowiki>​ | 0 | | 
-| <​nowiki>​--perm-max</​nowiki>​ | 11 | |+| <​nowiki>​--increment-min</​nowiki>​ | | | 
 +| <​nowiki>​--increment-max</​nowiki>​ | 15 | |
  
 * Indicates that the value is dependent on the algorithm and GPU platform vendor (see below) * Indicates that the value is dependent on the algorithm and GPU platform vendor (see below)
- 
 ===== Supported algorithms and GPU defaults ===== ===== Supported algorithms and GPU defaults =====
 +
 +-- section needs update --
  
 ^ Hash-Type ^ <​nowiki>​--gpu-accel</​nowiki>​ (NVidia)^ <​nowiki>​--gpu-loops</​nowiki>​ (NVidia)^ <​nowiki>​--gpu-accel</​nowiki>​ (AMD)^ <​nowiki>​--gpu-loops</​nowiki>​ (AMD)^ ^ Hash-Type ^ <​nowiki>​--gpu-accel</​nowiki>​ (NVidia)^ <​nowiki>​--gpu-loops</​nowiki>​ (NVidia)^ <​nowiki>​--gpu-accel</​nowiki>​ (AMD)^ <​nowiki>​--gpu-loops</​nowiki>​ (AMD)^
Line 244: Line 295:
 | Oracle 7-10g, DES(Oracle) | 1| 8| 8| 8| | Oracle 7-10g, DES(Oracle) | 1| 8| 8| 8|
  
-===== Supported attack modes, direct ​=====+===== Supported attack modes =====
  
   * [[brute_force_attack|Brute-Force attack]] ​   ​   * [[brute_force_attack|Brute-Force attack]] ​   ​
Line 255: Line 306:
   * [[rule_based_attack|Rule-based attack]]   * [[rule_based_attack|Rule-based attack]]
  
- 
- 
-===== Supported attack modes, emulation ===== 
- 
-  * [[toggle_case_attack|Toggle-Case attack]], see [[toggle_attack_with_rules|Using rules to emulate toggle attack]] 
  
 ===== Dictionary loading ===== ===== Dictionary loading =====
Line 270: Line 316:
  
 ===== Resume support ===== ===== Resume support =====
 +
 +The following Informations are outdated. With version 0.12 oclHashcat-plus got real resume support added.
  
 While it is not officially supported, one of our users, //undeath// , had a neat idea:  While it is not officially supported, one of our users, //undeath// , had a neat idea: 
Line 303: Line 351:
 ===== Future Plans ===== ===== Future Plans =====
  
-  * Add support for <​nowiki>​--pw-skip</​nowiki>​ and <​nowiki>​--pw-limit</​nowiki>​ 
   * Add more algorithms   * Add more algorithms
   * See the feature request page [[http://​hashcat.net/​wiki/​feature_requests|here]]   * See the feature request page [[http://​hashcat.net/​wiki/​feature_requests|here]]