+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: Association Attack & potfiles (/thread-11007.html)
Association Attack & potfiles - pragmatic - 09-07-2022
The more I use the association attack the more I like it. It's incredibly powerful in many real-world circumstances and I'm finding myself relying on it more and more.
Given that value, are there any plans to add support for it to work with potfiles?
If not, at the least, I would suggest documenting clearly that it doesn't work with them now as that was a very surprising divergence in behavior.
From user_options.c:
Code:
// association limitations
if (user_options->attack_mode == ATTACK_MODE_ASSOCIATION)
{
user_options->potfile_disable = true;
}RE: Association Attack & potfiles - royce - 09-07-2022
Seems like a good idea to explicitly warn the user. Could you create a GitHub feature request for this?
RE: Association Attack & potfiles - Chick3nman - 09-07-2022
https://github.com/hashcat/hashcat/pull/3446
Added
RE: Association Attack & potfiles - pragmatic - 09-08-2022
Added another as well to request supporting pot files as that would obviously be the ideal solution.
Call me an optimist. 😀
RE: Association Attack & potfiles - Snoopy - 09-08-2022
just for understanding why association attack dont work with potfiles? as far as i understand, assoc just removes the loop for testing all given salts with all passwordcandidates instead there is a 1:1 hash : salt to password/hint combination
so hashcat still test hashmode(pass/hint : salt) for one given hash : salt
so there should be no difference in hash : salt : pass behavior in the potfile
RE: Association Attack & potfiles - Chick3nman - 09-08-2022
The reason it doesn't allow use of the potfile now is that the potfile is NOT an outfile. It's a file that hashcat uses to remove previously cracked hashes from it's current run. We currently can't support the removal of hashes, salts, or candidates in assoc attack mode due to how hashes/salts/candidates are aligned. Because of that, we can't run the potfile check during startup and we can't easily avoid duplication into the potfile when a hash is cracked in more than one run. Assoc Attack mode does support outfiles currently, so you can save cracks to a file just fine. It just doesn't support the potfile.