problems with -m 15700
#1
hello,

after several month of mining i just forget my pass for ethereum wallet. i tried some of my st. phrasses but dont work. now i would try to find the right one with hascat and my keystore file.
i have allready done the steps to find everything i need for running hashcat (https://stealthsploit.com/2017/06/12/eth...-cracking/)

but now i got in trouble with hashcat cause i startet the benchmark with hashcat64 -b -m 15700 and my 6x Vega rig only reach 14H/s (yes..not kH/s)

i did a fresh install for the hashcat try with Win 1709 and 18.6.1 drivers (are they to old?!)





OpenCL Platform #1: Advanced Micro Devices, Inc.
================================================
* Device #1: gfx900, 4048/8176 MB allocatable, 56MCU
* Device #2: gfx900, 4048/8176 MB allocatable, 56MCU
* Device #3: gfx900, 4048/8176 MB allocatable, 56MCU
* Device #4: gfx900, 4048/8176 MB allocatable, 56MCU
* Device #5: gfx900, 4048/8176 MB allocatable, 56MCU
* Device #6: gfx900, 4048/8176 MB allocatable, 56MCU
* Device #7: Intel(R) Pentium(R) CPU G4400 @ 3.30GHz, skipped.

Benchmark relevant options:
===========================
* --optimized-kernel-enable

Hashmode: 15700 - Ethereum Wallet, SCRYPT (Iterations: 1)

Speed.#1.........:        2 H/s (16672.63ms) @ Accel:1 Loops:1 Thr:1 Vec:1
Speed.#2.........:        2 H/s (16848.66ms) @ Accel:1 Loops:1 Thr:1 Vec:1
Speed.#3.........:        2 H/s (16761.85ms) @ Accel:1 Loops:1 Thr:1 Vec:1
Speed.#4.........:        2 H/s (16682.83ms) @ Accel:1 Loops:1 Thr:1 Vec:1
Speed.#5.........:        2 H/s (16682.67ms) @ Accel:1 Loops:1 Thr:1 Vec:1
Speed.#6.........:        2 H/s (16903.64ms) @ Accel:1 Loops:1 Thr:1 Vec:1
Speed.#*.........:       14 H/s

(why is 6x2hs = 14h/s?)

any hints for me
Reply
#2
1. scrypt and bcrypt are some memory hard algorithms and in general are better suited for CPUs (yeah, the majority of other algos is the opposite, i.e. the majority can profit from GPU power a lot more).... the problem most of the time is that the users don't have e.g. 6 CPUs per system, but a lot of GPUs.... therefore 6 GPUs can still be faster than CPU cracking in some cases

2. 14 H/s divided by 6 i.e. 14/6 = 2.333 H/s ... since hashcat doesn't show hashes per milliseconds (fractions of seconds) or halves of hashes per second (lol), 14 H/s is totally fine because it's the total average speed of the entire system.


btw: you should first look at more advanced attack modes like rule-based attacks combined with dictionaries (see https://hashcat.net/wiki/doku.php?id=rule_based_attack). Also have a look at the list of available attack modes supported by hashcat https://hashcat.net/wiki/#core_attack_modes ...
hint: especially for slow algorithms, most attack modes are better suited than brute-force (or mask attack) even if the speed is sometimes even slower ... brute-forcing should most of the time be the last desperate attempt/plan/strategy, except if the password is completely random or has a very specific pattern (which can be exploited by using custom charsets within the masks etc)
Reply
#3
(02-08-2019, 11:37 AM)philsmd Wrote: 1. scrypt and bcrypt are some memory hard algorithms and in general are better suited for CPUs (yeah, the majority of other algos is the opposite, i.e. the majority can profit from GPU power a lot more).... the problem most of the time is that the users don't have e.g. 6 CPUs per system, but a lot of GPUs.... therefore 6 GPUs can still be faster than CPU cracking in some cases

2. 14 H/s divided by 6 i.e. 14/6 = 2.333 H/s ... since hashcat doesn't show hashes per milliseconds (fractions of seconds) or halves of hashes per second (lol), 14 H/s is totally fine because it's the total average speed of the entire system.


btw: you should first look at more advanced attack modes like rule-based attacks combined with dictionaries (see https://hashcat.net/wiki/doku.php?id=rule_based_attack). Also have a look at the list of available attack modes supported by hashcat https://hashcat.net/wiki/#core_attack_modes ...
hint: especially for slow algorithms, most attack modes are better suited than brute-force (or mask attack) even if the speed is sometimes even slower ... brute-forcing should most of the time be the last desperate attempt/plan/strategy, except if the password is completely random or has a very specific pattern (which can be exploited by using custom charsets within the masks etc)

thanks for the explanation that the speed is fine

i only find the howto i postet above and i dont use hacking tools in past. so i have to trust in other opinnions which way is best for my case (i´m not that sure that i use my standard phrasses or use a complete new pass for my only wallet).

i dont know which mode is used when i dont set -a - i only copy and paste with my cipher, salt and mac

hashcat64 -m 15700 $ethereum$s*262144*8*1*5e2fec8ca46f8d85f87eb63c4xxxxxxxxxxxxxxxxxxxxxxxx*e18bf8b77ba314b8b3b2f77ac5436d4c0cd244978ef2cfbafxxxxxxxxxxxxxx*cb41f73c01fa5cfe0e17b72ccca768711a8dfb077244b2aff1dxxxxxxxxxxxx 1.txt --status --status-timer=5 -w3 -r rules\best64.rule

(1.txt is filled with some words i use in my passphrasses)

i´m also wondering that status dont show up every time i set...cause this i thought that i have a problem related to drivers or settings or something (for example: why is benchmark only with accel:1?)
Reply
#4
is this normal? startet 2 hours ago

Session..........: hashcat
Status...........: Running
Hash.Type........: Ethereum Wallet, SCRYPT
Hash.Target......: $ethereum$s*262144*8*1*5e2fec8ca46xxxxxxxxxx...xxxxxx
Time.Started.....: Fri Feb 08 14:20:36 2019 (3 secs)
Time.Estimated...: Fri Feb 08 14:20:39 2019 (0 secs)
Guess.Base.......: File (1.txt)
Guess.Mod........: Rules (rules\leetspeak.rule)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 0 H/s (1485362.41ms) @ Accel:1 Loops:1 Thr:1 Vec:1
Speed.#2.........: 0 H/s (1576418.11ms) @ Accel:1 Loops:1 Thr:1 Vec:1
Speed.#3.........: 0 H/s (1847310.56ms) @ Accel:1 Loops:1 Thr:1 Vec:1
Speed.#4.........: 0 H/s (1290445.29ms) @ Accel:1 Loops:1 Thr:1 Vec:1
Speed.#5.........: 0 H/s (1570029.41ms) @ Accel:1 Loops:1 Thr:1 Vec:1
Speed.#6.........: 0 H/s (1588109.32ms) @ Accel:1 Loops:1 Thr:1 Vec:1
Speed.#*.........: 0 H/s
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 0/221 (0.00%)
Rejected.........: 0/0 (0.00%)
Restore.Point....: 0/13 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-0 Iteration:0-1
Restore.Sub.#2...: Salt:0 Amplifier:0-1 Iteration:0-1
Restore.Sub.#3...: Salt:0 Amplifier:0-0 Iteration:0-1
Restore.Sub.#4...: Salt:0 Amplifier:0-0 Iteration:0-1
Restore.Sub.#5...: Salt:0 Amplifier:0-0 Iteration:0-1
Restore.Sub.#6...: Salt:0 Amplifier:0-0 Iteration:0-1
Candidates.#1....: [Copying]
Candidates.#2....: eth -> ether
Candidates.#3....: [Copying]
Candidates.#4....: [Copying]
Candidates.#5....: [Copying]
Candidates.#6....: [Copying]
Hardware.Mon.#1..: Util: 0% Core:1349MHz Mem: 903MHz Bus:16
Hardware.Mon.#2..: Util: 82% Core:1345MHz Mem: 904MHz Bus:16
Hardware.Mon.#3..: Util: 0% Core:1367MHz Mem: 900MHz Bus:16
Hardware.Mon.#4..: Util: 0% Core:1375MHz Mem: 902MHz Bus:16
Hardware.Mon.#5..: Util: 0% Core:1374MHz Mem: 901MHz Bus:16
Hardware.Mon.#6..: Util: 0% Core:1354MHz Mem: 905MHz Bus:16
Reply
#5
Try using the slow candidates mode (-S)

Hashcat isn't optimised for handling such small wordlists.
Reply
#6
ok...thx

no i got status every 5 seconds and 2 H/s per card but util is still only on one card at 84% - the others still 0% (hwinfo show 100% on all cards - but not at compute - is there a way to use compute mode?)

but is it the right method to try find out my lost PW?

i´m willing to learn but i only find information in link how i could restore the passphrase
Reply