First of all, this project is awesome. It's inspiring me to get into password cracking again. Just a few questions that hopefully someone can help out with.
1. Maybe I'm a n00b...but what is "multi-hash"? When multi-hash is listed as a feature, does that simply mean it supports multiple hash types? Or maybe multiple hashes simultaneously?
2. I've gathered that oclhashcat is not designed to be a brute-forcer, but rather rules guided/based. What is the most successful approach to cracking passwords then? Does oclhashcat use a dictionary and modify the words based on rules? (similar to JtR?) I guess my fear is that I won't find some of the passwords I need simply because I'm not trying every possible password? How effective can the rules be if I'm given an NTLM hash that I know absolutely nothing about (meaning the password policy)?
3. Is there a limit to how many ATI GPUs/video cards you can use?
4. Any other tips to get the best results for cracking passwords.
Thanks a bunch!
well I'm pretty new with this prog as well and i use HC gui cause i'm lazy but here's what I know, (I hope)!
in this post i think it's Rolf that explains what oclHC is good for:
http://hashcat.net/forum/thread-190.html
as far as the multi hash goes I see in the gui u can have more than one hash file in the list separated by a : never done it tho. and help in the giu, and prob in ocl as well tells u about using the rules, (either ur own, ones u have DL here or generating as many as u want). Also bout input file(s), output threads segments and so on. Good place to start. don't know enough to comment on the cards and how many cause i'm not using them, (I'm on an old laptop, No CUDA damn it!) and as for the best results I figure would be a mix of the 2. GUI for using ur word lists and ocl for the mask and BF'ing. as for the ntlm hashes HC only does the NT wont do the LM and if i'm not mistaken u gotta separate the two to even load the hashes. least that's what i had to do to get the gui to work on them. Hope this helps a little.
1. multihash means that you have the ability to crack multiple (unsalted) hashes at once without loosing speed (just a bit). so it doesnt matter if you crack 100 md5 hash or 1000, the speed remains the same. this is done using some special bitmap table that are dynamically generated on startup. however this works only on unsalted hashes.
2. yeah its not optimized on brute-force but of course you can do it. oclHashcat is optimized to crack with combinator or in hybrid attack. however rule-based cracking as in jtr is not targeted by oclHashcat. for example check out the fingerprint attack:
http://www.question-defense.com/2010/08/...int-attack
3. yes. the absolute max is 16 gpus. but there are more, mostly caused by unfixed bugs in the opencl implementation of the vendors or by driver limits. for example, gpgpu using opencl on ati is limited to 4 gpus by the driver. you should also have at least that number of cpu cores equal to the number of gpus.
4. get good wordlists like the rockyou.txt and check out batchcrack.sh
Yeah...I saw that article before. It's what initially got me interested in hashcat. Another n00b question about the article though...what exactly is a fingerprinting attack? I mean...I understand the overall goal is to crack passwords (obviously), but what about that methodology makes it a "fingerprinting attack"? Is it similar to a hybrid attack on a password hash?
Thanks for the help. It's all great info! I love reading about this stuff...so much to learn.
(11-30-2010, 06:37 AM)squaredroot Wrote: [ -> ]Yeah...I saw that article before. It's what initially got me interested in hashcat. Another n00b question about the article though...what exactly is a fingerprinting attack? I mean...I understand the overall goal is to crack passwords (obviously), but what about that methodology makes it a "fingerprinting attack"? Is it similar to a hybrid attack on a password hash?
Thanks for the help. It's all great info! I love reading about this stuff...so much to learn.
Well, start by clicking on the link Atom provided and read the article. THEN, if you have more specific questions, you can ask them here.