Mask not finding password Straight hit or miss.
#11
Ran one more almost at the end of the list included placement again. I don't know if it matters I'm figuring it is just because it is finding it to fast to matter, but I only get that more work message when it runs the whole list, and I've never seen that -w 3 message until this last run.

65731141
657311
65731098
65731009
657310
2W4335101732
6573074
65730609
657306
65730593
6573015
65730126
6573001 
almost at the end of the list.

PS D:\Downloads\hashcat-5.1.0> .\hashcat64.exe -a 0 -m 2500 C:\Users\rober\OneDrive\Desktop\ARRIS-9.hccapx C:\Users\rober\OneDrive\Desktop\rockyou.txt
hashcat (v5.1.0) starting...

OpenCL Platform #1: Advanced Micro Devices, Inc.
================================================
* Device #1: Baffin, 3264/4096 MB allocatable, 16MCU

OpenCL Platform #2: Intel(R) Corporation
========================================
* Device #2: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz, 6112/24449 MB allocatable, 8MCU
* Device #3: Intel(R) HD Graphics 4000, 350/1400 MB allocatable, 16MCU

Hashes: 5 digests; 3 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates
Rules: 1

Applicable optimizers:
* Zero-Byte
* Single-Salt
* Slow-Hash-SIMD-LOOP

Minimum password length supported by kernel: 8
Maximum password length supported by kernel: 63

Watchdog: Temperature abort trigger set to 90c

Dictionary cache built:
* Filename..: C:\Users\robert\OneDrive\Desktop\rockyou.txt/rockyou.txt.txt
* Passwords.: 14344392
* Bytes.....: 139921508
* Keyspace..: 14344385
* Runtime...: 2 secs

Cracking performance lower than expected?

* Append -w 3 to the commandline.
  This can cause your screen to lag.

* Create more work items to make use of your parallelization power:
  https://hashcat.net/faq/morework

Approaching final keyspace - workload adjusted.

Session..........: hashcat
Status...........: Exhausted
Hash.Type........: WPA-EAPOL-PBKDF2
Hash.Target......: C:\Users\robert\OneDrive\Desktop\ARRIS-9.hccapx
Time.Started.....: Sat Nov 16 20:59:04 2019 (2 mins, 40 secs)
Time.Estimated...: Sat Nov 16 21:01:44 2019 (0 secs)
Guess.Base.......: File (C:\Users\robert\OneDrive\Desktop\rockyou.txt/rockyou.txt.txt)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:    52433 H/s (4.72ms) @ Accel:128 Loops:32 Thr:64 Vec:1
Speed.#2.........:    6486 H/s (1.93ms) @ Accel:256 Loops:128 Thr:1 Vec:4
Speed.#3.........:    1740 H/s (9.80ms) @ Accel:16 Loops:8 Thr:64 Vec:1
Speed.#*.........:    60660 H/s
Recovered........: 0/3 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 14344385/14344385 (100.00%)
Rejected.........: 4734913/14344385 (33.01%)
Restore.Point....: 14093439/14344385 (98.25%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:2-5
Restore.Sub.#2...: Salt:0 Amplifier:0-1 Iteration:2-5
Restore.Sub.#3...: Salt:0 Amplifier:0-1 Iteration:2-5
Candidates.#1....: $HEX[2f39353334363534] -> $HEX[042a0337c2a156616d6f732103]
Candidates.#2....: /soyunamierda20 -> /957927*
Candidates.#3....: 040053028 -> 03265474
Hardware.Mon.#1..: Util: 25% Core: 214MHz Mem:1750MHz Bus:8
Hardware.Mon.#2..: N/A
Hardware.Mon.#3..: N/A

Started: Sat Nov 16 20:58:58 2019
Stopped: Sat Nov 16 21:01:45 2019
Reply
#12
already the fact that it contains the same amount of passwords, but is 2 bytes shorter is suspicous to say the least, maybe it doesn't contain the correct passwords:

Passwords.: 14344392
Bytes.....: 139921510

vs

Passwords.: 14344392
Bytes.....: 139921508

if you would just shuffle the dict, it wouldn't be shorter (the size would be the same! )

It's also suspicious that you load 5 hashes and only 3 unique digests and only 1 unique salt. Try a .hccapx file with only 1 network.

For testing purposes it would also make sense to test the single GPUs with -d (lowercase d) and the device number, e.g. -d 1
after that works correctly, try -d 2 etc
Reply
#13
Yep one is shorter than the other when I took the password out 2W4335101732 I accidentally erased the word above it "princess" since it was only one word out of thousands I didn't bother putting it back. if you look at the first page all lists are the same length. I'm not sure about this but ,wouldn't the list being shorter make it easier for Hashcat to find the password ? That's why I keep using rock you I have a few lists I download that are 14 GB if you want I could use them I just figured that would take longer and yield the same result. Your pretty good at minute detail would you mind going through the Hashcat code and seeing if you can find an answer that would be very helpful. The -d I have honestly never heard of so thank you for teaching me that if it does what I'm understanding I already did that either here or on Git I mentioned about shutting off devices I will try the -d. I don't pretend to understand the mechanics of Hashcat so I do have a question on that. I thought the reason why Hashcat was spitting out three copies of the password using three candidates , and showing three different speeds is because of the three separate devices in the POTFILE there is also three copies of each password so my question, actually questions are this, Aren't the three sets of answers the three devices all finding the password? Next question, When they do find the password why are the hashes that are printed out different on each device? Now the big one, Why in the name of God would it change anything when I move the password? When I noticed this placement issue it was because mask didn't find a password that it should have, so I ran the one I knew it didn't find it. I thought maybe the new cpu caused a problem so I took the one posted and ran it straight against another word list I think it was 256thousnad probable I honestly don't remember, it didn't get it. So I thought maybe I typed it in wrong I knew the password was in rockyou because I put it in there when I was trying to get K linux to work. I wanted to see if since it wasn't using the GPU if that made a difference as to weather or not it would find the password, it ran so slow I didn't even bother to let it finish, I switched to Windows since I read in an article I think it was on Hashcat Forum might have been Stack Exchange but the point of the article was Hashcat was created on Windows and is better on Windows, please don't loose it if that isn't correct I'm quoiting the statement I didn't make the statement I have no idea if it is correct or not, but being frustrated with K Linux I figured I would try Windows put in the hash against rockyou and in a few second boom there was the password, I figured all was well been running it since never noticed a thing wasn't recovering passwords but I figured that's the way it goes sometimes. Jump to now I never used mask before but the password I'm running I know is 12 char all numbers except for the second position that is also a W just like the first one. I saw the password just glanced it. It is also a router same make and model as the one I have the password from I was surprised the psk was close to the first one, so I decided to try cracking it. Needless to say it didn't work tried the cracked one no dice that's when I began to suspect the cpu. Tested against the 256 I dropped the pasword in or typed it if you prefer since rockyou wasn't on Windows at the time and I was to lazy to get up and grab my thumb drive. It didn't get it, so I went and got the thumb drive ran rock you it got it made sure it was typed correctly into 256 it was ran it again same thing tried other lists same thing. I started comparing the lists finding ones rockyou size or as close as I could same problem. Here's the important part I remembered that when I put it in rockyou it was towards the beginning because K was so slow. I wasn't prepositioning it inthe new lists I was just grabbing the slider going down stopping anywhere and putting it in. After a few hours I narrowed it down to where it is in the list I had actually thought of that as one of the first things but decided that was stupid the word is in there why would it matter where. Well it mattered every test after same result beginning good anywhere else no go. Actually as I'm explaining this to you it just hit me, Your right the test isn't fair it made the list shorter increasing the chances of a crack. Point being to all of this I want you to understand I wasn't looking for a problem I accidentally and thank God came across it because I have been running lists for months for no reason. I hope this gives you a better understanding especially about the two bytes. if you could can you please answer those questions I posed, I am trying to understand Hashcat please don't mention the Wiki the way it is written I get bored and keep reading in autopilot then realize I have no idea what I just read. Not blaming the writer for anything it just doesn't hold my attention that's me. Plus there are a few outdated thing on there that I'm not sure if they pertain anymore. Like the instructions for the opencl I put that crimson driver which I found in an archive site on the internet and my computer looked like hell and the cat still wouldn't use it. Tried several other Crimson drivers I found same deal. Then unfortunately K linux and Unbuntu It might be me but I can't get them to recognize my GPU no matter what the OS both recognize it but not Cat. Anyway hope this satisfies your 2 Byte issue and please if you could be so kind as to answer my questions. The three device thing has really got me Why it would show three as cracking if one isn't working, and why the found hashes are different lengths and different hashes all together. Thank you for your interest i want you to know I'm not trying to bust balls just explaining please excuse me sometimes the way I put thing sounds vastly different from my intention. Thanks again and have a great day.
Reply
#14
just do the same test by putting the word "hashcat!" (without quotes) into rockyou txt and using the example hash from https://hashcat.net/wiki/example_hashes

furthermore, you should clean up (split) your hccapx file into several files containing only 393 bytes as explained here: https://hashcat.net/wiki/doku.php?id=hccapx and try to run hashcat on the single captures instead of the one you use.

I also honestly didn't understand if it cracks with -d 1 or not
Reply
#15
Hi Phil I'm not going to pretend to understand copy /b single_hccapxs\*.hccapx all_in_one\multi.hccapxc I copied and pasted that it's the windows command I want to make sure I'm correct would I write the command as this copy/b single_hccapxs/b single_hccapxs\*CaptureFile.hccapx\Output single file would be multi.hccapxc ? ?The other question and I know I'm going to regret asking, but I'm learning I know I'm opening myself up for someone to take a shot over this. Ok, Where do I enter this command ? I have never used it before, do I open the Hashcat folder hold shift and right click to open Hashcat and do it from there ? Do I use powershell  or a text editor ? To tell the truth I had no idea there where multiples in the hccapx if I'm understanding you correctly. I just use the online converter or the one in Hashcat in K Linux. Thank you for teaching me that, now if you could be so kind as to explain to stupid here what that process is. As for the other I will do that now I have never downloaded a hash before, but I think I might know how. So everyone understands a lot of this stuff I am doing now I haven't done and a lot I didn't know I could. I learn out of necessity I didn't need to know anything other than running a straight word list so that's all I learned with Hashcat. The necessity arose so I learned the different attack types I just hope I don't have to learn programming next to figure out this issue I will eventually learn programming but right now I'm just having fun playing with things but I do want to advance it just gets tedious constantly learning every once in a while you have to play. I will also make sure all bytes match and yeah I tried looking up -d I just kept getting mask attack. Hopefully I'll have this figured out and done within the hour. Thank you again.
Reply
#16
Sorry it took so long I couldn't get the Hashcat hash no matter what I did beginning middle end seven times throughout the list capitalized or not wont get it, so I run the original it starts getting it no matter where I put it. Which would be good if I could trust it. I redownloaded the Hashcat hash several times moved it to different places still wont get it. I downloaded the one from the link provided that said 2500 I don't see how I could have screwed that up so I went through the hell of trying to get it to run on K linux I finally got it to run slightly but no matter which of my computers or usb's or the third drive of my desktop I couldn't edit rockyou in K it wouldn't open completely so on the last try I said the hell with it and just copied and pasted what would open of the list. I have 24 gb of ram it's no problem in Windows. I know I should have just copied it from Windows but I wanted to get done and get it to you guys. If you want me to I can put the Windows rockyou on K and rerun the program again, but I warn you it is going to take forever and a day as you'll see it only runs 3 H/S yes 3. So the print outs are Windows 10. For the conspiracy addicts out there i didn't notice I cut the first command out, I copied it to a file and went to Linux with it I didn't notice until it was to late.
OpenCL Platform #1: Advanced Micro Devices, Inc.
================================================
* Device #1: Baffin, 3264/4096 MB allocatable, 16MCU

OpenCL Platform #2: Intel(R) Corporation
========================================
* Device #2: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz, 6112/24449 MB allocatable, 8MCU
* Device #3: Intel(R) HD Graphics 4000, 350/1400 MB allocatable, 16MCU

Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates
Rules: 1

Applicable optimizers:
* Zero-Byte
* Single-Hash
* Single-Salt
* Slow-Hash-SIMD-LOOP

Minimum password length supported by kernel: 8
Maximum password length supported by kernel: 63

Watchdog: Temperature abort trigger set to 90c

Dictionary cache hit:
* Filename..: C:\Users\robert\OneDrive\Desktop\rockyou.txt/rockyou.txt.txt
* Passwords.: 14344395
* Bytes.....: 139921599
* Keyspace..: 14344395

Cracking performance lower than expected?

* Append -w 3 to the commandline.
This can cause your screen to lag.

* Create more work items to make use of your parallelization power:
https://hashcat.net/faq/morework

Approaching final keyspace - workload adjusted.

Session..........: hashcat
Status...........: Exhausted
Hash.Type........: WPA-EAPOL-PBKDF2
Hash.Target......: 8381533406003807685881523 (AP:ae:f5:0f:22:80:1c STA:98:7b:dc:f9:f9:50)
Time.Started.....: Sun Nov 17 12:11:00 2019 (2 mins, 40 secs)
Time.Estimated...: Sun Nov 17 12:13:40 2019 (0 secs)
Guess.Base.......: File (C:\Users\robert\OneDrive\Desktop\rockyou.txt/rockyou.txt.txt)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 52073 H/s (3.51ms) @ Accel:128 Loops:32 Thr:64 Vec:1
Speed.#2.........: 6525 H/s (1.71ms) @ Accel:256 Loops:128 Thr:1 Vec:4
Speed.#3.........: 1736 H/s (9.80ms) @ Accel:16 Loops:8 Thr:64 Vec:1
Speed.#*.........: 60333 H/s
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 14344395/14344395 (100.00%)
Rejected.........: 4734922/14344395 (33.01%)
Restore.Point....: 13948062/14344395 (97.24%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-1
Restore.Sub.#2...: Salt:0 Amplifier:0-1 Iteration:0-1
Restore.Sub.#3...: Salt:0 Amplifier:0-1 Iteration:0-1
Candidates.#1....: $HEX[2a706879736963732a] -> $HEX[042a0337c2a156616d6f732103]
Candidates.#2....: *rakai1trey2j-d3# -> *piD.c4^/!F
Candidates.#3....: 071091iesu -> 067257255
Hardware.Mon.#1..: Util: 22% Core: 214MHz Mem:1750MHz Bus:8
Hardware.Mon.#2..: N/A
Hardware.Mon.#3..: N/A

Started: Sun Nov 17 12:10:55 2019
Stopped: Sun Nov 17 12:13:42 2019
PS C:\Users\robert\OneDrive\Desktop\HashcatGUI_1.1beta0> .\hashcat64.exe -a 0 -m 2500 C:\Users\robert\OneDrive\Desktop\hashcat.hccapx C:\Users\robert\OneDrive\Desktop\rockyou.txt
hashcat (v5.1.0) starting...

OpenCL Platform #1: Advanced Micro Devices, Inc.
================================================
* Device #1: Baffin, 3264/4096 MB allocatable, 16MCU

OpenCL Platform #2: Intel(R) Corporation
========================================
* Device #2: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz, 6112/24449 MB allocatable, 8MCU
* Device #3: Intel(R) HD Graphics 4000, 350/1400 MB allocatable, 16MCU

Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates
Rules: 1

Applicable optimizers:
* Zero-Byte
* Single-Hash
* Single-Salt
* Slow-Hash-SIMD-LOOP

Minimum password length supported by kernel: 8
Maximum password length supported by kernel: 63

Watchdog: Temperature abort trigger set to 90c

Dictionary cache hit:
* Filename..: C:\Users\robert\OneDrive\Desktop\rockyou.txt/rockyou.txt.txt
* Passwords.: 14344395
* Bytes.....: 139921599
* Keyspace..: 14344395

Approaching final keyspace - workload adjusted.

Session..........: hashcat
Status...........: Exhausted
Hash.Type........: WPA-EAPOL-PBKDF2
Hash.Target......: 8381533406003807685881523 (AP:ae:f5:0f:22:80:1c STA:98:7b:dc:f9:f9:50)
Time.Started.....: Sun Nov 17 12:14:02 2019 (2 mins, 31 secs)
Time.Estimated...: Sun Nov 17 12:16:33 2019 (0 secs)
Guess.Base.......: File (C:\Users\robert\OneDrive\Desktop\rockyou.txt/rockyou.txt.txt)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 54105 H/s (84.77ms) @ Accel:256 Loops:128 Thr:64 Vec:1
Speed.#2.........: 6669 H/s (6.55ms) @ Accel:1024 Loops:256 Thr:1 Vec:4
Speed.#3.........: 2594 H/s (77.75ms) @ Accel:64 Loops:16 Thr:64 Vec:1
Speed.#*.........: 63368 H/s
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 14344395/14344395 (100.00%)
Rejected.........: 4734922/14344395 (33.01%)
Restore.Point....: 12746377/14344395 (88.86%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-1
Restore.Sub.#2...: Salt:0 Amplifier:0-1 Iteration:0-1
Restore.Sub.#3...: Salt:0 Amplifier:0-1 Iteration:0-1
Candidates.#1....: $HEX[30313132343830393035] -> $HEX[042a0337c2a156616d6f732103]
Candidates.#2....: 0113tingtong2530 -> 0112483097
Candidates.#3....: 311280rp -> 2610cynteia
Hardware.Mon.#1..: Util: 5% Core:1065MHz Mem:1750MHz Bus:8
Hardware.Mon.#2..: N/A
Hardware.Mon.#3..: N/A

Started: Sun Nov 17 12:13:56 2019
Stopped: Sun Nov 17 12:16:35 2019
PS C:\Users\robert\OneDrive\Desktop\HashcatGUI_1.1beta0> .\hashcat64.exe -a 0 -m 2500 C:\Users\robert\OneDrive\Desktop\ARRIS-9.hccapx C:\Users\robert\OneDrive\Desktop\rockyou.txt
hashcat (v5.1.0) starting...

OpenCL Platform #1: Advanced Micro Devices, Inc.
================================================
* Device #1: Baffin, 3264/4096 MB allocatable, 16MCU

OpenCL Platform #2: Intel(R) Corporation
========================================
* Device #2: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz, 6112/24449 MB allocatable, 8MCU
* Device #3: Intel(R) HD Graphics 4000, 350/1400 MB allocatable, 16MCU

Hashes: 5 digests; 3 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates
Rules: 1

Applicable optimizers:
* Zero-Byte
* Single-Salt
* Slow-Hash-SIMD-LOOP

Minimum password length supported by kernel: 8
Maximum password length supported by kernel: 63

Watchdog: Temperature abort trigger set to 90c

Dictionary cache hit:
* Filename..: C:\Users\robert\OneDrive\Desktop\rockyou.txt/rockyou.txt.txt
* Passwords.: 14344395
* Bytes.....: 139921599
* Keyspace..: 14344395

7c784988aa54255f8387c37116e7d8c0:78d294ec4021:34de1a902b5d:ARRIS-9DAB:2W4335101732
609747974004468e1217971431e703fb:78d294ec4021:200db0181726:ARRIS-9DAB:2W4335101732
6474e67906246efd3d971737f245a58a:78d294ec4021:34de1a902b5d:ARRIS-9DAB:2W4335101732

Session..........: hashcat
Status...........: Cracked
Hash.Type........: WPA-EAPOL-PBKDF2
Hash.Target......: C:\Users\robert\OneDrive\Desktop\ARRIS-9.hccapx
Time.Started.....: Sun Nov 17 12:18:14 2019 (1 sec)
Time.Estimated...: Sun Nov 17 12:18:15 2019 (0 secs)
Guess.Base.......: File (C:\Users\robert\OneDrive\Desktop\rockyou.txt/rockyou.txt.txt)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 37771 H/s (98.97ms) @ Accel:256 Loops:128 Thr:64 Vec:1
Speed.#2.........: 6495 H/s (76.94ms) @ Accel:1024 Loops:256 Thr:1 Vec:4
Speed.#3.........: 2632 H/s (77.80ms) @ Accel:64 Loops:16 Thr:64 Vec:1
Speed.#*.........: 46898 H/s
Recovered........: 3/3 (100.00%) Digests, 1/1 (100.00%) Salts
Progress.........: 421494/14344395 (2.94%)
Rejected.........: 413302/421494 (98.06%)
Restore.Point....: 0/14344395 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-3
Restore.Sub.#2...: Salt:0 Amplifier:0-1 Iteration:2-5
Restore.Sub.#3...: Salt:0 Amplifier:0-1 Iteration:0-3
Candidates.#1....: america14 -> youngtoon
Candidates.#2....: 123456789 -> ladygirl
Candidates.#3....: killkill -> LALOKITA
Hardware.Mon.#1..: Util: 3% Core:1141MHz Mem:1750MHz Bus:8
Hardware.Mon.#2..: N/A
Hardware.Mon.#3..: N/A

Started: Sun Nov 17 12:18:08 2019
Stopped: Sun Nov 17 12:18:17 2019
PS C:\Users\robert\OneDrive\Desktop\HashcatGUI_1.1beta0> .\hashcat64.exe -a 0 -m 2500 C:\Users\robert\OneDrive\Desktop\ARRIS-9.hccapx C:\Users\robert\OneDrive\Desktop\rockyou.txt
hashcat (v5.1.0) starting...

OpenCL Platform #1: Advanced Micro Devices, Inc.
================================================
* Device #1: Baffin, 3264/4096 MB allocatable, 16MCU

OpenCL Platform #2: Intel(R) Corporation
========================================
* Device #2: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz, 6112/24449 MB allocatable, 8MCU
* Device #3: Intel(R) HD Graphics 4000, 350/1400 MB allocatable, 16MCU

Hashes: 5 digests; 3 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates
Rules: 1

Applicable optimizers:
* Zero-Byte
* Single-Salt
* Slow-Hash-SIMD-LOOP

Minimum password length supported by kernel: 8
Maximum password length supported by kernel: 63

Watchdog: Temperature abort trigger set to 90c

Dictionary cache built:
* Filename..: C:\Users\robert\OneDrive\Desktop\rockyou.txt/rockyou.txt.txt
* Passwords.: 14344402
* Bytes.....: 139921599
* Keyspace..: 14344395
* Runtime...: 1 sec

7c784988aa54255f8387c37116e7d8c0:78d294ec4021:34de1a902b5d:ARRIS-9DAB:2W4335101732
609747974004468e1217971431e703fb:78d294ec4021:200db0181726:ARRIS-9DAB:2W4335101732
6474e67906246efd3d971737f245a58a:78d294ec4021:34de1a902b5d:ARRIS-9DAB:2W4335101732

Session..........: hashcat
Status...........: Cracked
Hash.Type........: WPA-EAPOL-PBKDF2
Hash.Target......: C:\Users\robert\OneDrive\Desktop\ARRIS-9.hccapx
Time.Started.....: Sun Nov 17 12:23:39 2019 (2 mins, 6 secs)
Time.Estimated...: Sun Nov 17 12:25:45 2019 (0 secs)
Guess.Base.......: File (C:\Users\robert\OneDrive\Desktop\rockyou.txt/rockyou.txt.txt)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 53981 H/s (103.20ms) @ Accel:256 Loops:128 Thr:64 Vec:1
Speed.#2.........: 6576 H/s (76.36ms) @ Accel:1024 Loops:256 Thr:1 Vec:4
Speed.#3.........: 2634 H/s (77.75ms) @ Accel:64 Loops:16 Thr:64 Vec:1
Speed.#*.........: 63191 H/s
Recovered........: 3/3 (100.00%) Digests, 1/1 (100.00%) Salts
Progress.........: 11840222/14344395 (82.54%)
Rejected.........: 4131550/11840222 (34.89%)
Restore.Point....: 9732981/14344395 (67.85%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-3
Restore.Sub.#2...: Salt:0 Amplifier:0-1 Iteration:2-5
Restore.Sub.#3...: Salt:0 Amplifier:0-1 Iteration:0-3
Candidates.#1....: ALEXEiR24 -> 6977368019
Candidates.#2....: 667947688 -> 65438390
Candidates.#3....: 65437999 -> 55556522
Hardware.Mon.#1..: Util: 1% Core:1123MHz Mem:1750MHz Bus:8
Hardware.Mon.#2..: N/A
Hardware.Mon.#3..: N/A

Started: Sun Nov 17 12:23:32 2019
Stopped: Sun Nov 17 12:25:47 2019
.\hashcat64.exe -a 0 -m 2500 C:\Users\robert\OneDrive\Desktop\ARRIS-9.hccapx C:\Users\robert\OneDrive\Desktop\rockyou.txt
hashcat (v5.1.0) starting...

OpenCL Platform #1: Advanced Micro Devices, Inc.
================================================
* Device #1: Baffin, 3264/4096 MB allocatable, 16MCU

OpenCL Platform #2: Intel(R) Corporation
========================================
* Device #2: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz, 6112/24449 MB allocatable, 8MCU
* Device #3: Intel(R) HD Graphics 4000, 350/1400 MB allocatable, 16MCU

Hashes: 5 digests; 3 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates
Rules: 1

Applicable optimizers:
* Zero-Byte
* Single-Salt
* Slow-Hash-SIMD-LOOP

Minimum password length supported by kernel: 8
Maximum password length supported by kernel: 63

Watchdog: Temperature abort trigger set to 90c

Dictionary cache built:
* Filename..: C:\Users\robert\OneDrive\Desktop\rockyou.txt/rockyou.txt.txt
* Passwords.: 14344410
* Bytes.....: 139921664
* Keyspace..: 14344403
* Runtime...: 1 sec

7c784988aa54255f8387c37116e7d8c0:78d294ec4021:34de1a902b5d:ARRIS-9DAB:2W4335101732
609747974004468e1217971431e703fb:78d294ec4021:200db0181726:ARRIS-9DAB:2W4335101732
6474e67906246efd3d971737f245a58a:78d294ec4021:34de1a902b5d:ARRIS-9DAB:2W4335101732

Session..........: hashcat
Status...........: Cracked
Hash.Type........: WPA-EAPOL-PBKDF2
Hash.Target......: C:\Users\robert\OneDrive\Desktop\ARRIS-9.hccapx
Time.Started.....: Sun Nov 17 12:30:43 2019 (1 min, 6 secs)
Time.Estimated...: Sun Nov 17 12:31:49 2019 (0 secs)
Guess.Base.......: File (C:\Users\robert\OneDrive\Desktop\rockyou.txt/rockyou.txt.txt)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 55378 H/s (101.79ms) @ Accel:512 Loops:64 Thr:64 Vec:1
Speed.#2.........: 6630 H/s (75.64ms) @ Accel:1024 Loops:256 Thr:1 Vec:4
Speed.#3.........: 2575 H/s (77.78ms) @ Accel:64 Loops:16 Thr:64 Vec:1
Speed.#*.........: 64582 H/s
Recovered........: 3/3 (100.00%) Digests, 1/1 (100.00%) Salts
Progress.........: 6091906/14344403 (42.47%)
Rejected.........: 2380930/6091906 (39.08%)
Restore.Point....: 3309364/14344403 (23.07%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-3
Restore.Sub.#2...: Salt:0 Amplifier:0-1 Iteration:2-5
Restore.Sub.#3...: Salt:0 Amplifier:0-1 Iteration:0-3
Candidates.#1....: makayla93 -> kham23fred
Candidates.#2....: keamohuli03 -> kaylistar1
Candidates.#3....: massiel2 -> mapsforever
Hardware.Mon.#1..: Util: 0% Core:1131MHz Mem:1750MHz Bus:8
Hardware.Mon.#2..: N/A
Hardware.Mon.#3..: N/A

Started: Sun Nov 17 12:30:36 2019
Stopped: Sun Nov 17 12:31:50 2019
PS C:\Users\robert\OneDrive\Desktop\HashcatGUI_1.1beta0> .\hashcat64.exe -a 0 -m 2500 C:\Users\robert\OneDrive\Desktop\hashcat,hccapx C:\Users\robert\OneDrive\Desktop\rockyou.txt
hashcat (v5.1.0) starting...

OpenCL Platform #1: Advanced Micro Devices, Inc.
================================================
* Device #1: Baffin, 3264/4096 MB allocatable, 16MCU

OpenCL Platform #2: Intel(R) Corporation
========================================
* Device #2: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz, 6112/24449 MB allocatable, 8MCU
* Device #3: Intel(R) HD Graphics 4000, 350/1400 MB allocatable, 16MCU

C:\Users\robert\OneDrive\Desktop\hashcat,hccapx: No such file or directory

Started: Sun Nov 17 12:34:33 2019
Stopped: Sun Nov 17 12:34:33 2019
PS C:\Users\robert\OneDrive\Desktop\HashcatGUI_1.1beta0> .\hashcat64.exe -a 0 -m 2500 C:\Users\robert\OneDrive\Desktop\hashcat.hccapx C:\Users\robert\OneDrive\Desktop\rockyou.txt
hashcat (v5.1.0) starting...

OpenCL Platform #1: Advanced Micro Devices, Inc.
================================================
* Device #1: Baffin, 3264/4096 MB allocatable, 16MCU

OpenCL Platform #2: Intel(R) Corporation
========================================
* Device #2: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz, 6112/24449 MB allocatable, 8MCU
* Device #3: Intel(R) HD Graphics 4000, 350/1400 MB allocatable, 16MCU

Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates
Rules: 1

Applicable optimizers:
* Zero-Byte
* Single-Hash
* Single-Salt
* Slow-Hash-SIMD-LOOP

Minimum password length supported by kernel: 8
Maximum password length supported by kernel: 63

Watchdog: Temperature abort trigger set to 90c

Dictionary cache hit:
* Filename..: C:\Users\robert\OneDrive\Desktop\rockyou.txt/rockyou.txt.txt
* Passwords.: 14344403
* Bytes.....: 139921664
* Keyspace..: 14344403

Approaching final keyspace - workload adjusted.

Session..........: hashcat
Status...........: Exhausted
Hash.Type........: WPA-EAPOL-PBKDF2
Hash.Target......: 8381533406003807685881523 (AP:ae:f5:0f:22:80:1c STA:98:7b:dc:f9:f9:50)
Time.Started.....: Sun Nov 17 12:35:11 2019 (2 mins, 30 secs)
Time.Estimated...: Sun Nov 17 12:37:41 2019 (0 secs)
Guess.Base.......: File (C:\Users\robert\OneDrive\Desktop\rockyou.txt/rockyou.txt.txt)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 55173 H/s (86.16ms) @ Accel:256 Loops:128 Thr:64 Vec:1
Speed.#2.........: 6694 H/s (6.40ms) @ Accel:1024 Loops:256 Thr:1 Vec:4
Speed.#3.........: 2619 H/s (77.75ms) @ Accel:64 Loops:16 Thr:64 Vec:1
Speed.#*.........: 64486 H/s
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 14344403/14344403 (100.00%)
Rejected.........: 4734926/14344403 (33.01%)
Restore.Point....: 12729217/14344403 (88.74%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-1
Restore.Sub.#2...: Salt:0 Amplifier:0-1 Iteration:0-1
Restore.Sub.#3...: Salt:0 Amplifier:0-1 Iteration:0-1
Candidates.#1....: 0126456268 -> !amethyst
Candidates.#2....: $HEX[2062796520627965] -> $HEX[042a0337c2a156616d6f732103]
Candidates.#3....: 3112813312 -> 269451889
Hardware.Mon.#1..: Util: 22% Core: 214MHz Mem:1750MHz Bus:8
Hardware.Mon.#2..: N/A
Hardware.Mon.#3..: N/A

Started: Sun Nov 17 12:35:05 2019
Stopped: Sun Nov 17 12:37:42 2019

As I'm writing this I don't know if it will still work on Windows I don't know why it did I am going to check like I said I wanted to get this to you guys. So here's Linux it didn't get either no matter what I tried I just copied the important part of the terminals I figured we all know how K Linux loves Hashcat. The order is off too, I switched back to the Hashcat hash for one more go.

Session..........: hashcat
Status...........: Exhausted
Hash.Type........: WPA-EAPOL-PBKDF2
Hash.Target......: 8381533406003807685881523 (AP:ae:f5:0f:22:80:1c STA:98:7b:dc:f9:f9:50)
Time.Started.....: Sun Nov 17 13:29:55 2019 (1 sec)
Time.Estimated...: Sun Nov 17 13:29:56 2019 (0 secs)
Guess.Mask.......: rockyouEdited1.text [19]
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 3 H/s (0.27ms) @ Accel:256 Loops:128 Thr:1 Vec:8
Speed.#2.........: 0 H/s (0.00ms) @ Accel:256 Loops:128 Thr:1 Vec:4
Speed.#*.........: 3 H/s
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 1/1 (100.00%)
Rejected.........: 0/1 (0.00%)
Restore.Point....: 0/1 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-1
Restore.Sub.#2...: Salt:0 Amplifier:0-0 Iteration:0-128
Candidates.#1....: rockyouEdited1.text -> rockyouEdited1.text
Candidates.#2....: [Generating]

Started: Sun Nov 17 13:29:48 2019
Stopped: Sun Nov 17 13:29:57 2019
root@The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali):~#

Session..........: hashcat
Status...........: Exhausted
Hash.Type........: WPA-EAPOL-PBKDF2
Hash.Target......: ARRIS-9.hccapx
Time.Started.....: Sun Nov 17 13:33:35 2019 (1 sec)
Time.Estimated...: Sun Nov 17 13:33:36 2019 (0 secs)
Guess.Mask.......: rockyouEdited1.text [19]
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 1 H/s (0.38ms) @ Accel:256 Loops:128 Thr:1 Vec:8
Speed.#2.........: 0 H/s (0.00ms) @ Accel:256 Loops:128 Thr:1 Vec:4
Speed.#*.........: 1 H/s
Recovered........: 0/3 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 1/1 (100.00%)
Rejected.........: 0/1 (0.00%)
Restore.Point....: 0/1 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:2-5
Restore.Sub.#2...: Salt:0 Amplifier:0-0 Iteration:0-128
Candidates.#1....: rockyouEdited1.text -> rockyouEdited1.text
Candidates.#2....: [Generating]

Started: Sun Nov 17 13:33:28 2019
Stopped: Sun Nov 17 13:33:38 2019



Session..........: hashcat
Status...........: Exhausted
Hash.Type........: WPA-EAPOL-PBKDF2
Hash.Target......: ARRIS-9.hccapx
Time.Started.....: Sun Nov 17 13:35:37 2019 (2 secs)
Time.Estimated...: Sun Nov 17 13:35:39 2019 (0 secs)
Guess.Mask.......: rockyouEdited1.text [19]
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 1 H/s (0.15ms) @ Accel:512 Loops:64 Thr:1 Vec:8
Speed.#2.........: 0 H/s (0.00ms) @ Accel:256 Loops:128 Thr:1 Vec:4
Speed.#*.........: 1 H/s
Recovered........: 0/3 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 1/1 (100.00%)
Rejected.........: 0/1 (0.00%)
Restore.Point....: 0/1 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:2-5
Restore.Sub.#2...: Salt:0 Amplifier:0-0 Iteration:0-128
Candidates.#1....: rockyouEdited1.text -> rockyouEdited1.text
Candidates.#2....: [Generating]

Started: Sun Nov 17 13:35:31 2019
Stopped: Sun Nov 17 13:35:40 2019


Session..........: hashcat
Status...........: Exhausted
Hash.Type........: WPA-EAPOL-PBKDF2
Hash.Target......: 8381533406003807685881523 (AP:ae:f5:0f:22:80:1c STA:98:7b:dc:f9:f9:50)
Time.Started.....: Sun Nov 17 13:36:56 2019 (0 secs)
Time.Estimated...: Sun Nov 17 13:36:56 2019 (0 secs)
Guess.Mask.......: rockyouEdited1.text [19]
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 3 H/s (0.16ms) @ Accel:512 Loops:64 Thr:1 Vec:8
Speed.#2.........: 0 H/s (0.00ms) @ Accel:512 Loops:64 Thr:1 Vec:4
Speed.#*.........: 3 H/s
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 1/1 (100.00%)
Rejected.........: 0/1 (0.00%)
Restore.Point....: 0/1 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-1
Restore.Sub.#2...: Salt:0 Amplifier:0-0 Iteration:0-64
Candidates.#1....: rockyouEdited1.text -> rockyouEdited1.text
Candidates.#2....: [Generating]

Started: Sun Nov 17 13:36:49 2019
Stopped: Sun Nov 17 13:36:57 2019



There are only two devices because it doesn't see my GPU I din't understand that but I guess that's just the way it is. Is there another place I can download test hashes ? Can you guys send me one or something ? I have three more here cracked I'm going to try them as soon as I get a chance I'll post the out put of those too. Would really love to know how to do that thing with the files mentioned earlier so if anyone could spare a few minutes to explain it to me I would greatly appreciate it. There are one or two in there in the Windows part I typed in the hccapx wrong and it didn't run. One other odd thing, it didn't gripe at me about more work like it usually does. If any one has a chance I would love to know how to fix that I've read pipe don't pipe I've used 14 GB lists still list to small supply more work. Have a good day and thank you for all your help.
Reply
#17
Sorry I made a mistake I didn't take the password of rockyou, just thought to check it, it was in there twice. Towars the beginning and the end. Sorry again.
Reply
#18
(11-17-2019, 09:36 PM)robertde Wrote:
Sorry I made a mistake I didn't take the password of rockyou, just thought to check it, it was in there twice. Towars the beginning and the end. Sorry again.


Man you're making this way to complicated and confusing to understand, swapping OS's and using different wordlist and all sorts of jazz. 

All you have to do is not use the GUI that you have been using and learn hashcat thru the Wiki. The command Prompt works as it would in K-linux or I'm assuming you mean The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali)'s terminal.

So start up your PRIMARY OS and do a simple bruteforce attack on the example hash for WPA2 using ONLY your videocard. 


Download Hashcat  - Extract it to your desktop to make this easy 
Download this example hash - Move the file into the hashcat directory (password is hashcat!)

Open cmd/terminal in the hashcat directory
run hashcat  ONLY using your video card:
Code:
hashcat64.exe -d 1 -m 2500 -w 3 -a 3 hashcat.hccapx h?l?l?l?l?l?s

????
Profit
Reply
#19
Im not using the gui they said not to I get the same result if I do though. I have only sent the command line from Windows. I switched to K as a test because I'm not getting the Hashcat hash file but I do get the wpa hash it doesnt make sense. Now please explain this I'm hoping you have the answer I truly am I'm not trying to be a jerk, Why in Gods name will Hashcat give me the password if it's at the beginning of the list ? Why does combinator work but bruteforce doesnt ? But just for the record I'm using the command line look at what I've sent and K doesnt have a gui so why isnt it getting it there if the gui is at fault ? I'm only sending so much info and trying different things so the people that are asking what I'm doing have a record. I didnt really want to be sitting at Hashcat from 7:30 am till 3 or whenever it was I sent the last batch of stuff, but I was asked for something and i wanted to be punctual since someone was nice enough to take an interest in the problem. Thank you for your suggestions but if it was that simple it would be working. You have a good night look over what i have sent maybe you'll be able to figure it out, so far it's been real productive someone figured out one run was two bytes smaller than another and gave me some -d option that I still cant find anything on unless your using bully with pixiedust yes I'm using the command line for that too bully wlan1mon or wlan0mon whichever I want then -b bssid -c channel -d for pixie if you like then I like using -v 4 it's a matter of taste I think as to or not to use -v 4. When I said I didnt know thing because I was learning I didn't say I was retarded. Work smarter not harder I'm learning so I use the command line but I learned the command line so if theres a gui that saves me some work yes I'm going to use it, but they said not to so I'm not. Seriously not mad or anything just pointing out a few things maybe you didnt think of or notice I bet you missed the two bytes didnt you, me too. Any way have a good night and if you have a few free moments take a look through see what you can find, download it and run it in windows see if you have the same problem I would greatly appreciate some form of reason as to why this is happening. Check out my original posts on Github so you have the entire picture. Seriously you have a good night unfortunately I'm learning John the Ripper right now I dont like it it is nowhere near as fast as Hashcat and it's a pain no gui. Kidding just kidding.
Reply
#20
I really think this is a user error. what is all this strange commands:

Guess.Mask.......: rockyouEdited1.text [19]

Candidates.#1....: rockyouEdited1.text -> rockyouEdited1.text


This means you are trying a mask of 19 characters and the password you are trying is "rockyouEdited1.text" (without quotes). Why do you run this ? this makes no sense !
(btw this is not a file, but a mask/password... most likely because the file does NOT exist. Why do you make all these mistakes ? testing like this is just impossible if you test without the dictionary files present)

All you had to do is to test hashcat.hccapx with password "hashcat!" as mentioned over https://hashcat.net/wiki/example_hashes
Reply