oclHashcat-lite v0.10
#1
Welcome to oclHashcat-lite v0.10.

Download it here: http://hashcat.net/oclhashcat-lite/

This release is a big step forward. We have added both, many major and many minor features.

Per-position markov-chains, aka markov-attack/incremental-attack/charset-files

The markov-attack is a statistically based brute-force like attack, but instead of specifying a charset or a mask, we specify a file. This file is once generated by ourself in a previous step. It contains statistical informations which are made out an automated analysis of a given dictionary.

It can fully replace Brute-Force since it covers the full keyspace.

In Brute-Force Attack (or in Mask Attack) we can limit the keyspace by setting a smaller charset in order to reduce the attack-time. In Markov Attack we have something similar, the "threshold". All you do is to specify a number. The higher the number, the higher the threshold to add a new link between two characters on the two-level table on which the markov-attack bases on.

This background is not so important, just remember that the lower the value, the smaller the keyspace and thus the faster the attack is.

Check these threads for more details

Use .ptx ad .llvmir intermediate kernels

The kernels are distributed in an "intermediate" format (aka IL). It cant be reversed to original C code but still its not a binary format that can be used for execution.

The JIT (just-in-time) compilers from both OpenCL and CUDA, which ship with the driver, compile the final byte-code out of the IL. This takes a few seconds per kernel but once its done the byte-code is cached (CUDA does it automatically, OpenCL not but we add a function to do the same as CUDA does).

This has some nice advantages:
  • Not 32/64 bit specific
  • Less HDD space
  • Smaller .7z
  • Less problems with driver specific problems as we often see with Catalyst
  • There is no more need to release a new oclHashcat-* in case a new driver optimization has been added. oclHashcat-* caches driver specific. If it recognizes a driver change it will rebuild thge byte-code from the IL, but using the new JIT from the new driver resulting in driver specific optimized byte-code.

Retaining GPU temperature

When I started with oclHashcat-* Hardware mangement support, some people asked me for add support for fan-speed. For a long time I was not interessted in adding fan-speed code to oclHashcat-* since this is the job for the driver or some specialized controling software.

I did not change my mind completly on this, but still we have added some fan-speed controlling code. The new parameters are:

Code:
--gpu-temp-disable            Disable temperature and fanspeed readings and triggers
--gpu-temp-abort=NUM          Abort session if GPU temperature reaches NUM degrees celsius
--gpu-temp-retain=NUM         Try to retain GPU temperature at NUM degrees celsius (AMD only)

So what this thing is doing is: If the temperature configured with the new --gpu-temp-retain parameter is reached, it starts to increase the fan-speed by 1 percent each second. Thats all.

If you imagine a scenario what this means you will come to the conclusion that this feature also enables you to enfore your GPU running always to a very specific temperature.

Some notes:
  • --gpu-temp-disable you can completly disable all the temperature stuff.
  • --gpu-temp-retain currently only works for AMD.
  • --gpu-temp-abort parameter is just the renamed version of the old --gpu-watchdog.
  • Both parameters accept the 0 value which disables only this specific feature. This means you can step back to the old behavior by specifying --gpu-temp-retain 0.
  • The default for --gpu-temp-abort is still 90c.
  • The default for --gpu-temp-retain is 80c.

Built-in benchmarking mode

Code:
* Benchmark:

  -b,  --benchmark                   Run benchmark
       --benchmark-mode              Benchmark-mode, see references below

Nothing much to explain here I think, but some notes to the benchmark mode:
  • As long as you do not set the --benchmark-mode you can modify all the configuration parameters you always use. Something like -d, -n, --gpu-accel or --runtime.
  • With --runtime you can specify the duration how long each test lasts.
  • If you add -m you can limit to a specific hash-type. If you do not set it, it will iterate through all hash-types.
  • All unneccessary parallel threads like hardware monitor, restore-support and outfile-watch are disabled. Also the quiet mode is enabled.
  • On NVidia, the hashes based on SHA256, SHA512 and DES are limited to -n 32, otherwise the driver throws the error cuStreamSynchronize() 702.

New Algorithms supported
  • SHA512
  • Oracle 7-10g, DES(Oracle)
  • md4($pass.$salt)
  • sha256($pass.$salt)
  • sha512($pass.$salt)

Full changelog

Code:
type: feature
file: kernels
desc: added -m 0910 = md4($pass.$salt)

type: feature
file: kernels
desc: added -m 1410 = sha256($pass.$salt)

type: feature
file: kernels
desc: added -m 1700 = SHA512

type: feature
file: kernels
desc: added -m 1710 = sha512($pass.$salt)

type: feature
file: kernels
desc: added -m 3100 = Oracle 7-10g, DES(Oracle)

type: feature
file: kernels
desc: on AMD, switched from .kernel to .llvmir to reduce diskspace

type: feature
file: kernels
desc: on NV, switched from .cubin to .ptx to reduce diskspace

type: feature
file: kernels
desc: added kernel cache to avoid unnecessary recompilation
cred: m4tr1x

type: driver
file: kernels
desc: added support for NVidia CUDA 4.2

type: driver
file: kernels
desc: added support for NVidia sm_30 gpu-architecture [ Kepler ]

type: driver
file: host programs
desc: added support for NVAPI R300

type: driver
file: host programs
desc: added support for NVidia NVML library and got rid of nvidia-smi command

type: driver
file: host programs
desc: added support for AMD ADL v4.0 library

type: feature
file: host programs
desc: splitted --gpu-watchdog to --gpu-temp-disable and --gpu-temp-abort

type: feature
file: kernels
desc: added benchmarking mode
cred: m4tr1x

type: feature
file: host programs
desc: added --gpu-temp-retain to try retain temperature at NUM degrees celsius
cred: m4tr1x

type: feature
file: host programs
desc: workarounded AMD bug in clGetDeviceInfo() CL_DEVICE_MAX_CLOCK_FREQUENCY
cred: m4tr1x

type: feature
file: kernels
desc: added early check for zero-length password hashes
cred: m4tr1x

type: feature
file: host programs
desc: show LM-half as soon as it is cracked

type: feature
file: host programs
desc: added support for charset files and some example charset files

type: feature
file: host programs
desc: added support to read hashes from file

type: feature
file: host programs
desc: implemented base64 parser that would allow for dynamic salt lengths in nsldaps

type: feature
file: host programs
desc: added fan-speeds to status display

type: feature
file: host programs
desc: removed --pw-skip-plain and --pw-limit-plain as they are incompatible to markov

type: bug
file: host programs
desc: fixed bug in status display if ETA calculated > 60 years
cred: arex

type: bug
file: host programs
desc: fixed bug in Oracle 11g hash parsing function, salt length increased to 10 byte
cred: flipit

type: bug
file: host programs
desc: fixed bug in salt-length parser for MyBB1.2 hashes
cred: code841

type: change
file: host programs
desc: changed default charset to the one which passpal outputs running on rockyou.txt
cred: arex
#2
Great job atom! As always.
Thank you!
#3
Cool.
#4
Hello:
Nice Work Boss;we will give report tomorow after Test.
regrads,
multimediabox
#5
hello; i can use dictianary attack for decrypter hash sl3
thx.
#6
yes, use rockyou dictionary, it should help much for SL3 bruteforce, maybe 15 min/phone.
#7
how to make rokyou dictionary and use it ?
#8
It is not that hard to replicate KT819GM's prescription here.

First, we need to put together in our cup a "Search" button (which is on the very top) and keywords what we're interested. Then look through the results with a cat's curiosity. And finally swallow it with an atomic speed. That's it.

PS: whole process should be proceeded with a lite sense of humor, otherwise frustration is inevitable.
#9
hi ho can explain to me step by step how to use dictinary in oclhashcat lite for sl3
it s to difficulte for me to do it by my self
thank s
#10
(08-17-2012, 03:20 AM)korsa741 Wrote: hello; i can use dictianary attack for decrypter hash sl3
thx.

Oh man, there is no dictionary for lite, and will never be, it's totally random 15 digit code!

Again for SL3 people:
tag for search: sl3 dict, sl3, sl3 dictionary, dictianary, SL3 bruteforce

answer:
THERE IS NO DICTIONARY FOR SL3