hashcat Forum
Why kernel restrict min and max pass length - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: Why kernel restrict min and max pass length (/thread-10530.html)

Why kernel restrict min and max pass length - MarKerR - 12-17-2021

Hello there!

Currently i am trying to find pass to 2003 office .xls file.

As predicted first thing first i extracting hash from it. In order to do that i am using JTR with specific command:
Code:
./office2john.py '/data/Dima/Programs/Password_Crack/john/run/test.xls' > test.hash

Next i am looking which hash mode must be used. Since hash file says:
Code:
$oldoffice$0
i am assuming that proper mode is 9700.

Last thing is to create right command which looks like this:
Code:
hashcat -a 3 -m 9700 -D 1,2 -i --increment-min=1 --increment-max=5 --status -o pass.txt test.txt -1 \?a \?1\?1\?1\?1\?1

And it works as i intend.

Code:
Minimum password length supported by kernel: 0

Maximum password length supported by kernel: 15

Here comes the first question: Can someone explain it to me in simple manner or give link to page where i can read about it myself?

Next question appeared when i looked at benchmarks from other. In those benchmarks i saw that mode 9710 have more performance than 9700.
Code:
Hashmode: 9700 - MS Office <= 2003 $0/$1, MD5 + RC4

Speed.#1.........:  1142.7 MH/s (72.61ms) @ Accel:64 Loops:512 Thr:32 Vec:1

Hashmode: 9710 - MS Office <= 2003 $0/$1, MD5 + RC4, collider #1

Speed.#1.........:  1637.7 MH/s (50.08ms) @ Accel:256 Loops:128 Thr:32 Vec:1


And after i tried to run with mode 9710 output showed this:
Code:
Minimum password length supported by kernel: 5

Maximum password length supported by kernel: 5

And even there is was performance increase i cant understand why min and max is 5. Why not 7, 12 or from 4 to 9? Does it means that i am using wrong mode and can not get extra speed boost?

The full output of commands in the attached files
.txt   output.txt (Size: 9.11 KB / Downloads: 2) .

RE: Why kernel restrict min and max pass length - MarKerR - 12-19-2021

Sorry guys, my bad. According to

https://hashcat.net/wiki/doku.php?id=example_hashes

I should use mode 9710 since last group of symbols has 32 of them and my hash has 0 after $oldoffice$, instead of 31 and 0 in mode 9700.

But still, question from first post is here.

RE: Why kernel restrict min and max pass length - MarKerR - 12-24-2021

I found the answer.

https://hashcat.net/wiki/doku.php?id=frequently_asked_questions#what_is_the_maximum_supported_password_length_for_optimized_kernels


    Limitation from the hash itself:
        1500: 8
        3000: 7
        9710: 5
        9810: 5
        10410: 5