+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Developer (https://hashcat.net/forum/forum-39.html)
+--- Forum: Beta Tester (https://hashcat.net/forum/forum-31.html)
+--- Thread: DES(Unix): Terrible Bug (/thread-1678.html)
DES(Unix): Terrible Bug - M@LIK - 10-22-2012
This is a bug report related to descrypt (-m1500) on CPU's hashcat only.
Whenever the flag\s --remove OR\AND -o is\are set while attacking descrypt list, hashcat messes the original hashfile OR\AND the outfile up... very badly.
It increases the last character value in the hash by two:
Code:
hashfile: // eight valid descrypt hashes, four only have an actual password
mf2O1EWzvQqiw
p0qRHLIZPdm7I
yXN6rr862a5MU
LkxEVth80uebc
.............
2222222222222
6666666666666
AAAAAAAAAAAAA
hc64 -m1500 -a3 --pw-min=2 --remove -o outfile hashfile ?d?d
...
Recovered.: 4/8 hashes, 4/8 salts
...
Now hashfile: // notice the last chars
.............
2222222222224
6666666666668
AAAAAAAAAAAAC
outfile: // notice the last char in the last hash
yXN6rr862a5MU:72
mf2O1EWzvQqiw:30
p0qRHLIZPdm7I:75
LkxEVth80uebe:10Note that some hashes remain intact, don't ask me why.
But all the other hashes undergo an awful alteration causing them to be invalid and un-crackable.
This bug seems to have complicated results, but I'm not discussing it any further cause I'm pretty sure it's all about one flaw.
RE: DES(Unix): Terrible Bug - atom - 10-22-2012
CPU hashcat does not support DEScrypt
RE: DES(Unix): Terrible Bug - atom - 10-22-2012
Moved the thread to beta section
RE: DES(Unix): Terrible Bug - M@LIK - 10-22-2012
Haha, this just got worse.
hashcat-cli64.exe from https://hashcat.net/files/hashcat-0.41.7z is happy to crack any des hash using -m1500.
Folks, please welcome the new hidden algos...
NOTE: All my tests were done on hashcat-0.41. hashcat-0.42b1 has the bug too, but with different results.
RE: DES(Unix): Terrible Bug - blandyuk - 10-22-2012
I tested it with these 2, obviously minus the passwords:
neCYnaUa.vV4c:dragon
neS7QCdrq4MGM:cookie
Found them both, (obviously), and did not mess the hashes up. Does this only happen with lots of DES hashes?
RE: DES(Unix): Terrible Bug - M@LIK - 10-22-2012
As I mentioned:
M@LIK Wrote: Note that some hashes remain intact, don't ask me why.
Mostly the outfile is the victim. And, yes, I also noticed nothing happens with two hashes. Try with, say, 20 hashes, make sure that 10 at least remain uncracked and use --remove and -o.
RE: DES(Unix): Terrible Bug - atom - 10-23-2012
Its correct I did not disable the module so that it stays hidden. Thats why I moved this thread into beta so that the public does not see it since its not working as it should. That why I take no bug reports on it, sorry.
RE: DES(Unix): Terrible Bug - M@LIK - 10-23-2012
That sounds a bit awkward. It explains a lot though.
Anyways, sorry, I did not mean to spoil this.
Waiting for this getting officially supported.