hashcat Forum

Full Version: Do I understand .pot file correctly?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
When I run an attack on a large block of hashes, does each successful crack embed the hash and the password in the pot file so that the next time I run an attack on a different data set, the pot file is queried for each hash to determine if it's already been cracked (assuming same hash algorithm of course)? So the longer I use hashcat, the more the pot file learns? Seems like there could be a fairly large pot file assembled for download to skip a bunch of cracking - much like the sharing of dictionary files. Thanks.
Depending on the goals of the cracking operation a potfile has different uses, someone might want to disable the potfile or keep separate files. If I was going to work on a list of NTLM hashes for a client I would handle that output differently than if I was testing a new custom rule set. There are rainbow tables that contain lists of precomputed hashes that were fairly common before some of the new more beastly GPU solutions were popular.

Search here for "potfile" to see some of the ways hashcat handles it.