+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Deprecated; Ancient Versions (https://hashcat.net/forum/forum-46.html)
+--- Forum: Very old oclHashcat-plus Support (https://hashcat.net/forum/forum-23.html)
+--- Thread: Cracking Russian Passwords (/thread-1204.html)
Pages:
1
2
Cracking Russian Passwords - NeonFlash - 05-23-2012
I am not sure how the unicode support works but this is weird.
MD5 Hash: 714d5bc5daad4412e118d1bfd0c7477b
plaintext: ьфдщн
I noticed this on one of the hash cracked list on a forum.
So, I put this plain text in a wordlist and run a dictionary attack. The hash was not cracked.
Can someone verify this?
RE: Cracking Russian Passwords - M@LIK - 05-23-2012
The hash and the password are not matching here, anyone else?
RE: Cracking Russian Passwords - phillips321 - 05-23-2012
echo -n 'ьфдщн' | ./hash-generator.pl -0
507620db658a3d55c367cc8273e2ee24
created using this script
http://www.phillips321.co.uk/2012/05/15/hash-generator-perl-script-hash-generator-pl/
RE: Cracking Russian Passwords - undeath - 05-24-2012
yep, your plain is wrong.
echo -n 'ьфдщн' | md5sum
507620db658a3d55c367cc8273e2ee24 -
RE: Cracking Russian Passwords - NeonFlash - 05-24-2012
Thanks for the replies
A few points worth noting. Check the MD5 Hash of ьфдщн on the following 2 sites:
http://md5-hash-online.waraxe.us/
http://www.miraclesalad.com/webtools/md5.php -> This gives the same result as md5sum, probably because it is using UTF-8 encoding, same as md5sum.
In any case, this time, I used the MD5 hash and plaintext as follows:
MD5 Hash: 507620db658a3d55c367cc8273e2ee24
Plaintext: ьфдщн
And it is still not able to crack.
Results:
Code:
C:\GPU Bruteforcers\oclHashcat-plus-0.081>oclHashcat-plus32.exe -m 0 -n 160 -a 0
RussianMD5.txt Russian.txt
oclHashcat-plus v0.08 by atom starting...
Hashes: 1
Unique digests: 1
Bitmaps: 8 bits, 256 entries, 0x000000ff mask, 1024 bytes
Rules: 1
GPU-Loops: 128
GPU-Accel: 160
Password lengths range: 1 - 15
Platform: AMD compatible platform found
Watchdog: Temperature limit set to 90c
Device #1: Cypress, 1024MB, 0Mhz, 20MCU
Device #1: Allocating 481MB host-memory
Device #1: Kernel ./kernels/4098/m0000_a0.Cypress.32.kernel (1001600 bytes)
Scanned dictionary Russian.txt: 201 bytes, 14 words, 14 keyspace, starting attac
k...
Status.......: Exhausted
Input.Mode...: File (Russian.txt)
Hash.Target..: 507620db658a3d55c367cc8273e2ee24
Hash.Type....: MD5
Time.Running.: 0 secs
Time.Left....: 0 secs
Time.Util....: 999.7ms/0.0ms Real/CPU, 0.0% idle
Speed........: 14 c/s Real, 0 c/s GPU
Recovered....: 0/1 Digests, 0/1 Salts
Progress.....: 14/14 (100.00%)
Rejected.....: 0/14 (0.00%)
HW.Monitor.#1: 0% GPU, 50c Temp
Started: Thu May 24 07:58:22 2012
Stopped: Thu May 24 07:58:24 2012Can you please try it as well?
RE: Cracking Russian Passwords - NeonFlash - 05-25-2012
Can somebody try what I suggested above and post their results?
RE: Cracking Russian Passwords - M@LIK - 05-25-2012
Verified.
Both hashcat and oclHashcat-plus cracked the pass as:
Code:
507620db658a3d55c367cc8273e2ee24:ьфдщнNote: The dictionary file has to be UTF-8 Unicode (withOUT BOM).
PS: Google translator: ьфдщн::fdschn 0_o
RE: Cracking Russian Passwords - NeonFlash - 05-26-2012
Thank you, M@LIK.
Can you please post the output of oclhashcat-plus session while cracking this password like I did in my post?
Yes, my dictionary file is UTF-8 Encoded.
I am cracking it on Windows 7 x64 platform running on a command line (MS DOS Prompt).
And are you cracking this on Windows or Linux?
RE: Cracking Russian Passwords - M@LIK - 05-26-2012
Code:
hc64p ..\M\MD5.hash ..\M\Odic.dic -o..\M\OUT.out
cudaHashcat-plus v5.36 by atom starting...
Hashes: 1
Unique digests: 1
Bitmaps: 8 bits, 256 entries, 0x000000ff mask, 1024 bytes
Rules: 1
GPU-Loops: 128
GPU-Accel: 8
Password lengths range: 1 - 15
Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 70c
Scanned dictionary ..\M\Odic.dic: 12 bytes, 1 words, 1 keyspace, starting attack...
Status.......: Cracked
Input.Mode...: File (..\M\Odic.dic)
Hash.Target..: 507620db658a3d55c367cc8273e2ee24
Hash.Type....: MD5
Time.Running.: 0 secs
Time.Util....: 999.5ms/0.0ms Real/CPU, 0.0% idle
Speed........: 1 c/s Real, 0 c/s GPU
Recovered....: 1/1 Digests, 1/1 Salts
Progress.....: 1/1 (100.00%)
Rejected.....: 0/1 (0.00%)
HWMon.GPU.#1.: 0% Util, 39c Temp, -1rpm Fan
Started: Sat May 26 06:33:44 2012
Stopped: Sat May 26 06:33:46 2012I believe your problem is with the encoding. It has to be No BOM.
I use Windows too.
Use this dictionary, it should work: HERE
PS: cudaHashcat-plus v5.36 FTW!
xD
RE: Cracking Russian Passwords - NeonFlash - 05-26-2012
Thank you again.
I am looking into this. So, as I understand, oclhashcat-plus is not BOM aware. I believe it could be made? For instance, if you encounter the bytes (EF BB FF) in the stream then ignore them and read the remaining, which would be your UTF-8 Encoded String.
Though Unicode itself suggests not to use BOM, so I guess it depends on the type of File Editor I have used for the dictionary.
@M@LIK: What file editor did you use for creating this dictionary? I used Notepad and saved it as UTF-8 Encoding, but I guess it prefixes all the strings with BOM due to which oclhashcat-plus does not work with it.
I could make your dictionary not work once again by just copying a BOM UTF-8 String to your dictionary.
For instance:
Without BOM,
Code:
ьфдщнIt works.
Now, open it with notepad, copy 2 more words which have BOM and append them to above dictionary. It does not work then.
Also, is this documented somewhere that oclhashcat-plus expects the unicode strings to be without BOM or was it your own observation?