Posts: 19
Threads: 4
Joined: Jul 2012
07-12-2012, 04:46 PM
(This post was last modified: 07-12-2012, 04:59 PM by HelloShitty.)
(07-11-2012, 11:02 PM)undeath Wrote: (07-09-2012, 09:44 PM)undeath Wrote: oclhashcat-* won't crack anything with more than 15 chars.
(07-09-2012, 04:44 AM)epixoip Wrote: oclhashcat cannot crack passwords > 16 chars.
are you that ignorant?
Hey man, you don't need to be that harsh...
You said that Hashcat can't process hashes over 16 chars but atom also said that oclHashcat-lite can... Then, epixoip talked about the first 4 chars...
I didn't understood that part maybe because i don't have the enough knowledge to understand it.
So i was gently asking to someone explain that part to a beginner, maybe with an example and show us how to configure oclHashcat-lite to process these hashes.
Another point is that the known part of the passwd has 26 chars (with spaces included) and the unknown part, we are assuming that can be up to 10 chars...
So, the 16 chars limit is including the known part and the unknown part of the passwd? Or just the password itself?
The hash that i want to crack includes 3 variables: "var1:var2:var3"
The "var1" and "var2" are the known parts of the hash. The "var3" is what we rally want to crack.
so i'm using a mask like var1:var2:?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1 and the charset1 is ?l?u?d?s..
So, with this settings i'm not going to be able to crack the missing part of the hash?
Many thanks to any contribution...
Posts: 723
Threads: 85
Joined: Apr 2011
07-12-2012, 07:56 PM
(This post was last modified: 07-12-2012, 08:00 PM by Hash-IT.)
(07-12-2012, 10:32 AM)ntk Wrote: My is not an answer, but I do not intend to steal this thread.
I am following this thread with interest and like to understand too.
You three Atom, epixoip and undeath are experts and but with short, compact explanation you made us very confused. Could you please please please give us a command line as example
- how one machine can tackle this problem either GPU or CPU, even with GPU performance loss, -hence the need of 4 CPUs-
- What this member needs to do so 4 machines can tackle together this problem.
thank you very much for your help.
I'm not sure I understand the question properly but here is an example how to split a brute force up between 4 computers.
This is how to do it for WPA.
To make it easier to explain this is supposing you want to brute force numbers only against WPA at length 8. Also this is for windows 32bit. So you need to check what you are running.
It's unfortunate that 10 isn't easily divided by 4 !
oclHashcat-plus32.exe -a 3 --hash-type 2500 -1 ?d -2 01 test.hccap -o Found.txt ?2?1?1?1?1?1?1?1
oclHashcat-plus32.exe -a 3 --hash-type 2500 -1 ?d -2 234 test.hccap -o Found.txt ?2?1?1?1?1?1?1?1
oclHashcat-plus32.exe -a 3 --hash-type 2500 -1 ?d -2 567 test.hccap -o Found.txt ?2?1?1?1?1?1?1?1
oclHashcat-plus32.exe -a 3 --hash-type 2500 -1 ?d -2 89 test.hccap -o Found.txt ?2?1?1?1?1?1?1?1
I think that's right, someone will probably point out if it isn't !
Posts: 19
Threads: 4
Joined: Jul 2012
07-13-2012, 09:09 AM
(This post was last modified: 07-13-2012, 09:13 AM by HelloShitty.)
(07-12-2012, 07:56 PM)Hash-IT Wrote: (07-12-2012, 10:32 AM)ntk Wrote: My is not an answer, but I do not intend to steal this thread.
I am following this thread with interest and like to understand too.
You three Atom, epixoip and undeath are experts and but with short, compact explanation you made us very confused. Could you please please please give us a command line as example
- how one machine can tackle this problem either GPU or CPU, even with GPU performance loss, -hence the need of 4 CPUs-
- What this member needs to do so 4 machines can tackle together this problem.
thank you very much for your help.
I'm not sure I understand the question properly but here is an example how to split a brute force up between 4 computers.
This is how to do it for WPA.
To make it easier to explain this is supposing you want to brute force numbers only against WPA at length 8. Also this is for windows 32bit. So you need to check what you are running.
It's unfortunate that 10 isn't easily divided by 4 !
oclHashcat-plus32.exe -a 3 --hash-type 2500 -1 ?d -2 01 test.hccap -o Found.txt ?2?1?1?1?1?1?1?1
oclHashcat-plus32.exe -a 3 --hash-type 2500 -1 ?d -2 234 test.hccap -o Found.txt ?2?1?1?1?1?1?1?1
oclHashcat-plus32.exe -a 3 --hash-type 2500 -1 ?d -2 567 test.hccap -o Found.txt ?2?1?1?1?1?1?1?1
oclHashcat-plus32.exe -a 3 --hash-type 2500 -1 ?d -2 89 test.hccap -o Found.txt ?2?1?1?1?1?1?1?1
I think that's right, someone will probably point out if it isn't !
Ok, that's a start!
Please, if you know, answer me the following questions:
1 - Each line is to be used in each computer, right?
2 - The "-a 3" is the type of attack, right? Brute-force in this case?
3 - The "--hash-type 2500" is self-explanatory.
4 - What mans this "-1"
5 - What means the "-d" at this position?
6 - What means the "-2" at this position?
7 - I gently ask you to explain how do you divide the task as it is in the "01", "234", "567" and "89"
8 - The "-o file.txt" is also self-explanatory.
9 - The "test.hccap" would be the file with the hash, right?
10 - The "?2?1?1?1?1?1?1?1" would be the mask, right? But i see that you have a ?2 and a ?1, meaning that you have 2 charset, right? In the command where are those 2 charsets? Are they the -1 ?d and -2 01 (2- 234, and so on)? I'm confused because this is setted in the GUI command line as --custom-charset1 and --custom-charset2...
Many thanks
Posts: 347
Threads: 3
Joined: May 2010
Posts: 723
Threads: 85
Joined: Apr 2011
07-13-2012, 03:09 PM
(This post was last modified: 07-13-2012, 03:15 PM by Hash-IT.)
I hope it is more than just a start !
OK before I go any further, I am not the best person to ask about this but I am the most likely to give it a go at answering !
(07-13-2012, 09:09 AM)HelloShitty Wrote: Ok, that's a start!
Please, if you know, answer me the following questions:
[quote='HelloShitty' pid='7654' dateline='1342163356']
1 - Each line is to be used in each computer, right? YES
(07-13-2012, 09:09 AM)HelloShitty Wrote: 2 - The "-a 3" is the type of attack, right? Brute-force in this case? YES
(07-13-2012, 09:09 AM)HelloShitty Wrote: 3 - The "--hash-type 2500" is self-explanatory. YES = WPA
(07-13-2012, 09:09 AM)HelloShitty Wrote: 4 - What mans this "-1" You are defining the character 1 as digits.
(07-13-2012, 09:09 AM)HelloShitty Wrote: 5 - What means the "-d" at this position? It is not d it is ?d and it means all digits. 0123456789
(07-13-2012, 09:09 AM)HelloShitty Wrote: 6 - What means the "-2" at this position? 2 Is the smaller group, this allows you to split the workload. If it wasn't for this you would be doing the full pass on one computer.
(07-13-2012, 09:09 AM)HelloShitty Wrote: 7 - I gently ask you to explain how do you divide the task as it is in the "01", "234", "567" and "89"
Just split the work evenly between 4. Or as best I could because 10 isn't dived by 4 !! It measn in this example that computer A does all lines starting with 0 and all lines starting with 1.
(07-13-2012, 09:09 AM)HelloShitty Wrote: 8 - The "-o file.txt" is also self-explanatory. Yes outfile.
(07-13-2012, 09:09 AM)HelloShitty Wrote: 9 - The "test.hccap" would be the file with the hash, right? The hash list yes, as intext file. This example was to a hccap file (WPA)
(07-13-2012, 09:09 AM)HelloShitty Wrote: 10 - The "?2?1?1?1?1?1?1?1" would be the mask, right? But i see that you have a ?2 and a ?1, meaning that you have 2 charset, right? In the command where are those 2 charsets? Are they the -1 ?d and -2 01 (2- 234, and so on)? I'm confused because this is setted in the GUI command line as --custom-charset1 and --custom-charset2... Yes this is the mask. The 2 is there because you want to split the workload. so the 2 on computer A represents 0 and 1. On computer B it would be 234. So computer B does all lines starting with 2,3 or a 4.
Posts: 2,301
Threads: 11
Joined: Jul 2010
pretty useless to define -1 ?d though.
Posts: 723
Threads: 85
Joined: Apr 2011
(07-13-2012, 03:42 PM)undeath Wrote: pretty useless to define -1 ?d though.
Hello undeath
Yes I think I know what you mean, but I did it to make it as simple as possible to demonstrate the idea.
Unless you mean I have done something wrong ? Which is always possible for me !
Posts: 79
Threads: 4
Joined: Nov 2011
I understand this distributed way very well now, Thank Hash-IT. You too HelloShitty for posting your question.
Posts: 19
Threads: 4
Joined: Jul 2012
07-23-2012, 04:31 PM
(This post was last modified: 07-23-2012, 04:31 PM by HelloShitty.)
Ok, after reading once more the wiki page of oclHashcat-lite, i need some help to calculate the amount of total combinations to a specific string.
Lets say that i have a 15 chars passwd that might contain all ?l ?u ?d and ?s in each position.
The total number of combinations will be 94^15=3.9521 wich is (32 (symbols) x 26 (lower letters) x 26 (upper letters) x 10 (numbers))^15 (chars).
This will consider a passwd range from 1 to 15.
What about to calculate for a passwd wich range is between 8 and 15?
Posts: 5,185
Threads: 230
Joined: Apr 2010
(07-23-2012, 04:31 PM)HelloShitty Wrote: This will consider a passwd range from 1 to 15.
No, only length 15.
(07-23-2012, 04:31 PM)HelloShitty Wrote: What about to calculate for a passwd wich range is between 8 and 15?
(94^8) + (94^9) + (94^10) + (94^11) + (94^12) + (94^13) + (94^14) + (94^15)
|