help cracking a 7 character password
#1
hey all, im pretty new and seeking help
im trying to crack two 7 character md5 passwords
the hashes are:
95db8696e41507ea06eb40a027701e47

b9770650b3707dba6dd84be561dfdadf


how would i go about doing this i am on windows.

I've tried doing this with the hashing his hasded.txt file and the cracked.txt as output also using a mask file, yet no luck, this is what comes up

D:\hashcat-5.1.0\hashcat-5.1.0>hashcat64 -a3 -m0 hashed.txt Custom.hcmask -o cracked.txt
hashcat (v5.1.0) starting...

* Device #1: WARNING! Kernel exec timeout is not disabled.
            This may cause "CL_OUT_OF_RESOURCES" or related errors.
            To disable the timeout, see: https://hashcat.net/q/timeoutpatch
OpenCL Platform #1: NVIDIA Corporation
======================================
* Device #1: GeForce GTX 1060 6GB, 1536/6144 MB allocatable, 10MCU

Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates

Applicable optimizers:
* Zero-Byte
* Early-Skip
* Not-Salted
* Not-Iterated
* Single-Hash
* Single-Salt
* Brute-Force
* Raw-Hash

Minimum password length supported by kernel: 0
Maximum password length supported by kernel: 256

ATTENTION! Pure (unoptimized) OpenCL kernels selected.
This enables cracking passwords and salts > length 32 but for the price of drastically reduced performance.
If you want to switch to optimized OpenCL kernels, append -O to your commandline.

Watchdog: Temperature abort trigger set to 90c

The wordlist or mask that you are using is too small.
This means that hashcat cannot use the full parallel power of your device(s).
Unless you supply more work, your cracking speed will drop.
For tips on supplying more work, see: https://hashcat.net/faq/morework

Approaching final keyspace - workload adjusted.

Session..........: hashcat
Status...........: Exhausted
Hash.Type........: MD5
Hash.Target......: b9770650b3707dba6dd84be561dfdadf
Time.Started.....: Wed Aug 21 18:39:54 2019 (1 sec)
Time.Estimated...: Wed Aug 21 18:39:55 2019 (0 secs)
Guess.Mask.......: Custom.hcmask [13]
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:    2379 H/s (0.01ms) @ Accel:256 Loops:1 Thr:1024 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 1/1 (100.00%)
Rejected.........: 0/1 (0.00%)
Restore.Point....: 1/1 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-1
Candidates.#1....: Custom.hcmask -> Custom.hcmask
Hardware.Mon.#1..: Temp: 38c Fan:  0% Util: 13% Core:1556MHz Mem:3802MHz Bus:16

Started: Wed Aug 21 18:39:52 2019
Stopped: Wed Aug 21 18:39:56 2019


and this is the inline text one:

D:\hashcat-5.1.0\hashcat-5.1.0>hashcat64 -m0 -a3 hashed.txt ?l?l?l?l?l?l0 -o cracked.txt
hashcat (v5.1.0) starting...

* Device #1: WARNING! Kernel exec timeout is not disabled.
            This may cause "CL_OUT_OF_RESOURCES" or related errors.
            To disable the timeout, see: https://hashcat.net/q/timeoutpatch
OpenCL Platform #1: NVIDIA Corporation
======================================
* Device #1: GeForce GTX 1060 6GB, 1536/6144 MB allocatable, 10MCU

Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates

Applicable optimizers:
* Zero-Byte
* Early-Skip
* Not-Salted
* Not-Iterated
* Single-Hash
* Single-Salt
* Brute-Force
* Raw-Hash

Minimum password length supported by kernel: 0
Maximum password length supported by kernel: 256

ATTENTION! Pure (unoptimized) OpenCL kernels selected.
This enables cracking passwords and salts > length 32 but for the price of drastically reduced performance.
If you want to switch to optimized OpenCL kernels, append -O to your commandline.

Watchdog: Temperature abort trigger set to 90c

The wordlist or mask that you are using is too small.
This means that hashcat cannot use the full parallel power of your device(s).
Unless you supply more work, your cracking speed will drop.
For tips on supplying more work, see: https://hashcat.net/faq/morework

Approaching final keyspace - workload adjusted.

Session..........: hashcat
Status...........: Exhausted
Hash.Type........: MD5
Hash.Target......: b9770650b3707dba6dd84be561dfdadf
Time.Started.....: Wed Aug 21 18:41:32 2019 (1 sec)
Time.Estimated...: Wed Aug 21 18:41:33 2019 (0 secs)
Guess.Mask.......: ?l?l?l?l?l?l0 [7]
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:  1282.7 MH/s (0.17ms) @ Accel:128 Loops:32 Thr:1024 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 308915776/308915776 (100.00%)
Rejected.........: 0/308915776 (0.00%)
Restore.Point....: 17576/17576 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:17568-17576 Iteration:0-32
Candidates.#1....: wzvera0 -> xqxqxq0
Hardware.Mon.#1..: Temp: 38c Fan:  0% Util: 62% Core:1721MHz Mem:3802MHz Bus:16

Started: Wed Aug 21 18:41:30 2019
Stopped: Wed Aug 21 18:41:33 2019


any help would be greatly appreciated
thanks
Reply
#2
so many problems here:

1. it's NOT allowed to post hashes, see https://hashcat.net/forum/announcement-2.html It's even worse if you claim that you have some problem and NOT even provide the correct password. This implies (unfortunately) that you are trying to trick others to waste time to crack your hashes ! also agains the rules

2. it's very obvious that the file Custom.hcmask does not exist, because hashcat is using it as a literal mask (see the status prompt). e.g. Progress.........: 1/1 (100.00%) should be very obvious that you didn't provide a correct mask file (.hcmask) and therefore hashcat is loading it as a mask itself, because the file "Custom.hcmask" doesn't exist (maybe it's located somewhere else or has another file name, e.g. with .txt appended)

3. at least one of the password (yeah, I was foolish enough to try to crack it. god damnit !) contains newline characters (see https://hashcat.net/faq#i_created_a_hash...o_crack_it ). the hash is this one: 95db8696e41507ea06eb40a027701e47:$HEX[66696f70696d330a]
i.e. the password is "fiopim3" + new line character 0x0a i.e.
Code:
fiopim3\n
(where \n is the actual new line character (ENTER))

That's a lot of problems in just a single cracking attempt/post. You should really try to test better what you generate and what you do. Maybe just spending some time reading the wiki/faq could help you to get rid of the most common mistakes etc.
Reply
#3
(08-21-2019, 11:45 AM)philsmd Wrote: so many problems here:

1. it's NOT allowed to post hashes, see https://hashcat.net/forum/announcement-2.html It's even worse if you claim that you have some problem and NOT even provide the correct password. This implies (unfortunately) that you are trying to trick others to waste time to crack your hashes ! also agains the rules

2. it's very obvious that the file Custom.hcmask does not exist, because hashcat is using it as a literal mask (see the status prompt). e.g. Progress.........: 1/1 (100.00%) should be very obvious that you didn't provide a correct mask file (.hcmask) and therefore hashcat is loading it as a mask itself, because the file "Custom.hcmask" doesn't exist (maybe it's located somewhere else or has another file name, e.g. with .txt appended)

3. at least one of the password (yeah, I was foolish enough to try to crack it. god damnit !) contains newline characters (see https://hashcat.net/faq#i_created_a_hash...o_crack_it ). the hash is this one: 95db8696e41507ea06eb40a027701e47:$HEX[66696f70696d330a]
i.e. the password is "fiopim3" + new line character 0x0a i.e.
Code:
fiopim3\n
(where \n is the actual new line character (ENTER))

That's a lot of problems in just a single cracking attempt/post. You should really try to test better what you generate and what you do. Maybe just spending some time reading the wiki/faq could help you to get rid of the most common mistakes etc.

sorry i didn't realise, i didn't intend to pass off the work to someone else i was just keen to learn and thought i could get help, but this forum is pretty nasty, so im just avoid it from now on.
Reply
#4
yeah, it's easy to blame a moderator for being nasty and I have no problem being called like that. The main question is if it is more nasty to treat rules like they do not exist ... or if it's more nasty to just point out that somebody didn't respect a forum rule (note that I didn't even ban you and according to the rules I should have banned you).

The problem is that there are forum rules and you need to respect them. In general, there are no excuses for violating the few forum rules that exist. I know that some users do not even bother reading the rules and that is why I was so kind enough to link it to you and not ban you Smile

I wouldn't call the forum "nasty". If you play with the rules and try to explain exactly what problems you have and give all the details, the users (including mods) can be very helpful and actually I think that my post above is extremely helpful.

For instance it explains that the hash was generated incorrectly, that the password has 8 bytes and not 7 (as you claim) , that the password contains new lines, that the hashcat mask file (.hcmask) was not found within your current path etc... This is some very helpful and crucial information.
Reply