hashcat Forum

Full Version: Loads Of Requests !
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Just thought I would bunch my feature requests into one post, without Trac this could get messy. Smile

Some of the following have already been accepted but I would be very grateful if you would please consider some more of my requests.

Mask Processor

Increment.
Allow users to increment while generating password lists or rules
Minimum start number. (Already accepted request)

Allows the user to start from a chosen number of characters.
Only the increment start number needs to be added as the user has already indicated the maximum length by using the mask. This is useful when using against WPA for example so a user could select 8 as minimum. (Already accepted request)

Estimate time to complete on this computer.
Allows user to use new option to estimate how long a task will likely take. This is useful for users who are brute forcing and are trying to work out how long a given set of characters will take to brute force enabling them to be split based on time. I assume this will be quite an accurate estimate as mask-processor is able to test the actual system it will be running on rather than relying on a users calculations.

Mask-Processor Info
This is a continuation of the “Estimate time to complete on this computer” request. If mask-processor has the ability to estimate time to run then this could be sent to hashcatplus in the status screen. Should allow for a % complete display.

Prevent multiple sequential instances of characters.
This would allow the user to set mask-processor to not pass on words that have a multiple of sequential characters matching the users setting. If this setting was 2 then aabcdefgh would be allowed but not aaacdefgh as “a” is allowed twice but not 3 times. I think this would be good for brute force and could be seen as a pseudo optimised brute force, although possible it does seem rare to have multiple sequential characters. Should cut down brute force times.

Mask-processor start at position.
Mask-processor can start from a word but being able to start from “position” (progress number displayed in status) would be useful for brute force. A user could pause a brute force job, make a note of the position and use this info when resuming the job at a later date.


Hashcatplus

When S status is pressed it would be nice to see an example of the last or nearest to last password tested. This is not an attempt to make a “resume” feature, it is to allow the user to see immediately if they have set their rules, mask processor or anything else up correctly by being able to see an almost live example.

Allow 2 rule files
Rule file 1 placed in front of rule file 2. This will allow for considerably smaller rule lists and much easier management for the user. Rule 1 could have :,l,c,u,d while rule 2 could have prefix / suffix numbers.

Allow multiple .hcap selection to run consecutively.
This will allow users to run short lists against multiple keys without have to type each one in every time. Will also be useful if the user creates a new word list and wants to quickly run it against all their old .hcaps. Computer can then be left unattended.

More algorithms.
Zip, rar, truecrypt and pgp disk.

Toggle Rule
Allow toggle rule to toggle lines that contain numbers and special. Obviously numbers cannot be toggled but all alpha within that line should be toggled.

Title rule
Allow new rule to title a line in a word list. This would upper case the first letter and every letter after a space in the same line. This Is An Example. This rule is quite good for names that are passwords or band / football /sports teams etc.


Utilities

Rule list pre sorter
Utility to allow user to input word list and a rule file. This tool will the write 2 new word files, one with words that will get tested by hashcatplus and words that would be missed / rejected by the rule filter. This allows the user to fine tune their rules to utilise as many password candidates as possible. Also save time on every re-use of hashcatplus and that particular rule as it will save scanning unsuitable lines.

Word list clean up tool.
Take a look at ULM and see if you can reproduce anything that it can do. Please pay special attention to allowing the user to sort and remove duplicates from text files larger than the users RAM. A quick cleanup would cut all lines down to 63 characters in length (I understand hashcat only goes to 15 but this is a general word list cleaner). Format as CrLF, remove all lines that contain any character not within the printable ascii range. ( I suggest you remove the entire line as they tend not to be much use if they have ever contained non printable ascii). Sort, remove duplicates and any functionality you can copy from Blazers excellent ULM.

Thanks ! Big Grin

I do hope I have interested you in some of these, I love hashcatplus and I sincerely thank you for all that you have done for it already. I just want to see it continue to improve......forever ! Smile
wow man, this post rocks. much thanks for putting this all together. it makes it much more easy for me to keep track of all the requests. i will quote each request next:

Quote:Increment.

ACCEPTED

Quote:Allows the user to start from a chosen number of characters.

ACCEPTED

Quote:Estimate time to complete on this computer.

for two reasons, i will not do this:

1. piped requests are cached by both the system-os and oclHashcat-plus. the estimation would be completly inaccurate.
2. oclHashcat-lite will get an embedded maskprocessor in a later version. this way, its also possible to calculate an ETA.

Quote:Mask-Processor Info

since the previous request is not accepted, this one can not be accepted, too.

Quote:Prevent multiple sequential instances of characters.

this is not maskprocessor. you are talking about something that should be called markovprocessor. but such an generator already exists. its in jtr which also has an --stdout mode. so you have an alternative for this Smile

Quote:Mask-processor start at position.

ACCEPTED

Quote:When S status is pressed it would be nice to see an example of the last or nearest to last password tested.

unfortionally, i cant do this. the reason is that oclHashcat-plus does not know it by itself.

1. see this section for an explanation: http://hashcat.net/wiki/oclhashcat_plus#...ry_loading
2. if the word was processed by a rule only the result is stored in cache. that could lead to completly confusing results.

Quote:Allow 2 rule files

finally i understood this idea. and i have to say its great. really. i will do it. i am just not sure if i will do it exactly the way you suggested, have to think about it. but call it ACCEPTED.

Quote:Allow multiple .hcap selection to run consecutively.

the bad thing is how to do this. oclHashcat-plus uses the first unparametered commandline argument as its hashlist (or hccap file) while all further parameters are defined to be wordlists. so its more a technical question how to do it. on the other hand, there is an easy alternative solution to build a simple for () loop inside a batchscript and place oclHashcat-plus inside and iterated through all your hashshake files. in other words, no real benefit but easy workaround.

Quote:More algorithms.

more algorithms yes, but currently i am not interessted in the ones you named, especially not file or filesystem decryptions. this is hashcat Smile

Quote:Toggle Rule

i already tried to explain this. i will try again shortly. hashcat's rule engine must have some sort of error-checking. if rule is incompatible to an input word from an dictionary it must be able to skip it. this policy affects all functions. i dont see an good explanation why to create a special case for the toggle rule.

Quote:Title rule

OK, cool thing somehow. ACCEPTED.

Quote:Rule list pre sorter

you already can do this with hashcat. just run something like "./hashcat-cli64.bin -r your.rule -o prestorted.dict --stdout your.dict"

Quote:Word list clean up tool.

partially you can do with hashcat-utils. ulm is ulm and hashcat-utils is not made to replace ulm. i am to busy with hashcat to do this.


Again, thanks for the merge!
(11-28-2011, 04:43 PM)atom Wrote: [ -> ]wow man, this post rocks. much thanks for putting this all together. it makes it much more easy for me to keep track of all the requests. i will quote each request next:

Phew, I am glad you have read it in the way you have. I must admit to being a little nervous in posting this as I wondered if it might overwhelm you and put you off !!

I can imagine just how difficult it must be keeping track of my requests as I myself forgot a few !!! Big Grin

You have given me an idea to help you with this. I'll post back later when its done.

Quote:Increment.


ACCEPTED

Thank you.

Quote:Allows the user to start from a chosen number of characters.


ACCEPTED

Thank you.

Quote:Estimate time to complete on this computer.


for two reasons, i will not do this:

1. piped requests are cached by both the system-os and oclHashcat-plus. the estimation would be completly inaccurate.
2. oclHashcat-lite will get an embedded maskprocessor in a later version. this way, its also possible to calculate an ETA.

OK I understand Sad

Quote:Mask-Processor Info

since the previous request is not accepted, this one can not be accepted, too.

OK

Quote:Prevent multiple sequential instances of characters.


this is not maskprocessor. you are talking about something that should be called markovprocessor. but such an generator already exists. its in jtr which also has an --stdout mode. so you have an alternative for this

To put this simply .... There is no "alternative" to hashcat !!! Big Grin

It just isn't the same unless its from the authentic mask-processor. Wink

Quote:Mask-processor start at position.


ACCEPTED

Awesome ! This will be very useful for many people.

Quote:When S status is pressed it would be nice to see an example of the last or nearest to last password tested.


unfortionally, i cant do this. the reason is that oclHashcat-plus does not know it by itself.

1. see this section for an explanation: http://hashcat.net/wiki/oclhashcat_plus#...ry_loading
2. if the word was processed by a rule only the result is stored in cache. that could lead to completly confusing results.

Ahh, thats a shame but I understand.

Quote:Allow 2 rule files


finally i understood this idea. and i have to say its great. really. i will do it. i am just not sure if i will do it exactly the way you suggested, have to think about it. but call it ACCEPTED.

Hurray !! Big Grin ha ha !! I am sorry I don't explain things very well but I have to tread a fine line. If I think I am not being understood it can appear like I am nagging when you have already given an answer, which would be a bad thing to do. However I can tell by your answers sometimes that I have not explained myself properly so I try again in a different way. I did tell you I was a bit thick !! I'm very grateful you tolerate me long enough to give me the chance to explain.

Really looking forward to this feature request being implemented as I am about to share some rule files I have been making and I need to see the new format before doing it as it would massively help to reduce their size.

Quote:Allow multiple .hcap selection to run consecutively.


the bad thing is how to do this. oclHashcat-plus uses the first unparametered commandline argument as its hashlist (or hccap file) while all further parameters are defined to be wordlists. so its more a technical question how to do it. on the other hand, there is an easy alternative solution to build a simple for () loop inside a batchscript and place oclHashcat-plus inside and iterated through all your hashshake files. in other words, no real benefit but easy workaround.

There you go again clever cloggs !! Big Grin Remember some of us are not as clever as you with stuff like this !! ()Loop ?? Huh ?

It would be nice for users to be able to select a folder instead of a single file in command line then. Is that easier to impliment ?

Quote:More algorithms.


more algorithms yes, but currently i am not interessted in the ones you named, especially not file or filesystem decryptions. this is hashcat

OK, I am a little disappointed about this but you're the boss !

Quote:Toggle Rule


i already tried to explain this. i will try again shortly. hashcat's rule engine must have some sort of error-checking. if rule is incompatible to an input word from an dictionary it must be able to skip it. this policy affects all functions. i dont see an good explanation why to create a special case for the toggle rule.

Before I start this is not an argument, I am just trying to explain myself better. I think the toggle rule is a good idea as a quick (optimised) version of a full case toggle. Once I understood your reasoning for using it I really got into the idea that it was a smart thing to do but I was disappointed that it was not applied to, well, basically most passwords.

An awful lot of passwords end in a number, if the toggle rule doesn't work on these passwords then we gain little from this otherwise excellent feature. If the hashcatplus user has lowercase names followed by numbers in their list it is very likely that a target would capitlise their name. so...

bobsmith123 (in hashcatplus users dictionary).

Using T2 rule ... would eventually get ....

BobSmith123

As we have no idea where the capitiolisation is in a given word then we cannot simply set a Toggle at a definite position. However we do have the full toggle option which would go through all possibilities of bOBsMITh123 etc which is a phenomenal task when using a huge word list.

Your smart idea that people use "token gesture" capitolisation in their passwords is great. Using the T2 option we don't do all possibilities but the most likely token few capitols. Much quicker. Smile

However the filter at the moment skips all lines or words in a password list that have numbers or special characters in them, this is a massive waste of this brilliant feature.

The rule filter is a good idea but I believe it should only be applied when it adversely affects the password candidate. Such as the (must be greater than 8 characters long) for WPA. Testing words of any less is pointless and the filter is justified in dismissing <8 candidates.

Hashcatplus should be smart enough to only toggle the alpha characters and leave the numbers and / or special characters in place.

I apologise if I am becoming a bore with this but I don't see the logic in dismissing so many good password chances with this option. The likely-hood of someone making a password that is simply alpha with token capitolisation is miniscule compared to that same person who makes the effort to capitolise, making one that also contains numbers / special also.
Smile

Quote:Title rule


OK, cool thing somehow. ACCEPTED.

Thank you, this will be especially useful for passwords that are names.

Quote:Rule list pre sorter


you already can do this with hashcat. just run something like "./hashcat-cli64.bin -r your.rule -o prestorted.dict --stdout your.dict"

Yes ,thank you for the explanation. How do I see what hasn't been tested ?

Quote:Word list clean up tool.


partially you can do with hashcat-utils. ulm is ulm and hashcat-utils is not made to replace ulm. i am to busy with hashcat to do this.

Understood, thanks. if you ever get bored and feel like a change in subject please come back to me on this one. Smile


Quote:Again, thanks for the merge!

Big Grin You are very welcome. Thanks for reading it !

Here you go.....

WIKI

There doesn't seem to be that many when they are set out in a table !

I hope you enjoy programming all this !

Have fun !! Big Grin

perfect! no more to say Smile
Great ! Big Grin

Just added the "Insist on confirmation when user press “q” to quit" request as you kindly agreed to it some time ago. Even I had forgotten about this one !
- mark the "q" thing as Pending pls, i did not yet accepted it.
- correct the application wording pls, "maskprocessor" (all lower), "oclHashcat-plus"
- i am thinking about adding the accepted suggestions for plus to port to cpu hashcat, too, mark them as pending pls (using new special entries)

(11-29-2011, 05:55 PM)atom Wrote: [ -> ]- mark the "q" thing as Pending pls, i did not yet accepted it.
- correct the application wording pls, "maskprocessor" (all lower), "oclHashcat-plus"
- i am thinking about adding the accepted suggestions for plus to port to cpu hashcat, too, mark them as pending pls (using new special entries)

All done !! Big Grin

I am sorry about that "q" thing, I was certain that had been accepted but I have just checked the thread again and see you are of course correct. I have it on my list as accepted which I have now changed, don't know why that happened !

It is turning out to be quite useful already this wiki table isn't it ! Smile


yes, thanks. will close that thread to avoid confusion.
Just one update. I will reject "Insist on confirmation when user press “q” to quit" after thinking about it again. I think its good as it is.