hashcat Forum
status from gpu cracking? - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Deprecated; Ancient Versions (https://hashcat.net/forum/forum-46.html)
+--- Forum: Very old oclHashcat-plus Support (https://hashcat.net/forum/forum-23.html)
+--- Thread: status from gpu cracking? (/thread-2204.html)



status from gpu cracking? - muellgmbh - 04-04-2013

Hello Forum,

i just tested the hashcat with the following command:
C:\temp\oclHashcat-plus-0.14>cudaHashcat-plus64.exe -m 1800 "$6$wYzevcOJ$VL9PX2u
restofthekeyhere"

cudaHashcat-plus v0.14 by atom starting...

Hashes: 1 total, 1 unique salts, 1 unique digests
Bitmaps: 8 bits, 256 entries, 0x000000ff mask, 1024 bytes
Rules: 1
Workload: 16 loops, 2 accel
Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 80c
Device #1: GeForce GTX 570, 1279MB, 1464Mhz, 15MCU
Device #1: Kernel ./kernels/4318/m1800.sm_20.64.ptx

Starting attack in stdin mode...

now, since 1 day, there is no change on the screen, means no status or something. i assume its still working.

is there a way to: see a status during work?
stop the cracking and resume it later?

i am not sure for now if it is working and how long it will take...

any hints?

regards
muelli


RE: status from gpu cracking? - KT819GM - 04-04-2013

Press S key


RE: status from gpu cracking? - epixoip - 04-04-2013

(04-04-2013, 04:17 PM)muellgmbh Wrote: i just tested the hashcat with the following command:
C:\temp\oclHashcat-plus-0.14>cudaHashcat-plus64.exe -m 1800 "$6$wYzevcOJ$VL9PX2u
restofthekeyhere"

Starting attack in stdin mode...

you didn't give it any work to do. it's just sitting there idle waiting to read from stdin.

read the wiki to learn how to use the program.


RE: status from gpu cracking? - Incisive - 04-05-2013

First, you may be confusing the "lite" version with the "plus" version.
lite is designed to operate on a single hash, fed in on the command line.
plus is designed to operate on a file of hashes.
Here's a basic of starting points for a few simple kinds of attacks.
Code:
rem First: Extremely Low sizes, brute force with full hex set!
rem   No need to go through a rules-based dictionary attack at these sizes unless it includes characters not in this set.
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove --hex-charset -1 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 SQL2005to2008R2Many.hash ?1
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove --hex-charset -1 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 SQL2005to2008R2Many.hash ?1?1
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove --hex-charset -1 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 SQL2005to2008R2Many.hash ?1?1?1
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove --hex-charset -1 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 SQL2005to2008R2Many.hash ?1?1?1?1


rem Next: Very Low sizes, brute force with multilingual printables and upper hex set!
rem   No need to go through a rules-based dictionary attack at these sizes unless it includes characters not in this set.
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove -1 ?d?l?u?s?D?F?R?h --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 SQL2005to2008R2Many.hash ?1?1?1?1?1

rem Next: Fairly Low sizes, brute force with Digit, Lower, Upper, and Symbol
rem   No need to go through a rules-based dictionary attack at these sizes unless it includes characters not in this set.
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove -1 ?d?l?u?s --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 SQL2005to2008R2Many.hash ?1?1?1?1?1?1

rem Next Low sizes, we'll get clever.  Brute with a pattern - larger sets at the ends, smaller in the middle.
rem NOTE: see that the larger sets are strict supersets of the smaller, so the smaller sets are a comprehensive check?
rem These REALLY MUST go through rules-based dictionary attacks - we have massive gaps!
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove -1 ?d?l?u?s -2 ?l?d --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 SQL2005to2008R2Many.hash ?1?2?2?2?2?1?1

rem U.S. (xxx)xxx-xxxx phone number format - this runs very quickly indeed for a "13 character" password with digits and symbols, compared to a non-patterned pure brute force search.
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove -1 ?d --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 SQL2005to2008R2Many.hash "(?1?1?1)?1?1?1-?1?1?1?1"


rem Next Medium-Low sizes, we'll get clever.  Brute with a pattern - larger sets at the ends, smaller in the middle.
rem  NOTE: see that the larger sets are strict supersets of the smaller, so the smaller sets are a comprehensive check?
rem These REALLY MUST go through rules-based dictionary attacks - we have massive gaps!
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove -1 ?d?l?u?s -2 ?l?d 0x0100SaltHash --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 ?2?2?2?2?2?2?2?2

rem Next Medium sizes, we're grasping at whatever we can squeeze through our machine.  
rem  We'll try a little Digit Lower first character plus Lower only, and then Digit parens dash Lower first character plug Digit parens dash only
rem These REALLY MUST go through rules-based dictionary attacks - we have massive gaps!
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove -1 ?l?d-() -2 ?l 0x0100SaltHash --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 ?1?2?2?2?2?2?2?2?2
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove  -1 ?l?d-() -2 ?d-() 0x0100SaltHash --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 ?1?2?2?2?2?2?2?2?2
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove  -1 ?l?d-() -2 ?d-() 0x0100SaltHash --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 ?1?2?2?2?2?2?2?2?2?2
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove  -1 ?l?d-() -2 ?d-() 0x0100SaltHash --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 ?1?2?2?2?2?2?2?2?2?2?2
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove  -1 ?l?d-() -2 ?d-() 0x0100SaltHash --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 ?1?2?2?2?2?2?2?2?2?2?2?2


rem Now we're going to do rules based dictionary attacks!


rem Let's start with the quickest, because any passwords we can remove now give later iterations less work.
rem Mode Straight  rules: Best64     Wordlist: Phpbb
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\best64.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt

rem Mode Straight  rules: specific     Wordlist: Phpbb
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\specific.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt

rem Mode Combinator  rules: Best64     Wordlist: Phpbb * 500worst
YourPath\oclHashcat-plus64.exe --attack-mode=1 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\best64.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt YourWordlistPath\500worst.txt

rem Mode Straight  rules: Best64     Wordlist: American English Very Large
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\best64.rule SQL2005to2008R2Many.hash YourWordlistPath\EnglishVeryLarge.txt

rem Mode Straight  rules: leetspeak * Best64     Wordlist: Phpbb
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\leetspeak.rule --rules-file YourPath\rules\best64.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt

rem Mode Straight  rules: T0XlC     Wordlist: Phpbb
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\T0XlC.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt

rem Mode Straight  rules: combinator * Best64     Wordlist: Phpbb
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\combinator.rule --rules-file YourPath\rules\best64.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt

rem Mode Straight  rules: Best64     Wordlist: Rockyou
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\best64.rule SQL2005to2008R2Many.hash YourWordlistPath\rockyou.txt

rem Mode Straight  rules: leetspeak * Best64     Wordlist: American English Very Large
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\leetspeak.rule --rules-file YourPath\rules\best64.rule SQL2005to2008R2Many.hash YourWordlistPath\EnglishVeryLarge.txt

rem Mode Straight  rules: Best64     Wordlist: American English Small * American English Small
YourPath\oclHashcat-plus64.exe --attack-mode=1 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\best64.rule SQL2005to2008R2Many.hash YourWordlistPath\EnglishSmall.txt YourWordlistPath\EnglishSmall.txt


rem Mode Straight  rules: generated     Wordlist: Phpbb
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\generated.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt

rem Mode Straight  rules: d3ad0ne     Wordlist: Phpbb
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\d3ad0ne.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt


rem Mode Straight  rules: d3ad0ne     Wordlist: American English Very Large
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\d3ad0ne.rule SQL2005to2008R2Many.hash YourWordlistPath\EnglishVeryLarge.txt

rem Mode Straight  rules: T0XlC     Wordlist: Rockyou
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\T0XlC.rule SQL2005to2008R2Many.hash YourWordlistPath\rockyou.txt

rem Mode Straight  rules: leetspeak + d3ad0ne     Wordlist: Phpbb
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\leetspeak.rule --rules-file YourPath\rules\d3ad0ne.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt

rem Mode Straight  rules: combinator + d3ad0ne     Wordlist: Phpbb
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\combinator.rule --rules-file YourPath\rules\d3ad0ne.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt

rem Mode Straight  rules: d3ad0ne     Wordlist: Rockyou
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\d3ad0ne.rule SQL2005to2008R2Many.hash YourWordlistPath\rockyou.txt

rem Mode Straight  rules: leetspeak + d3ad0ne     Wordlist: American English Very Large
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\leetspeak.rule --rules-file YourPath\rules\d3ad0ne.rule SQL2005to2008R2Many.hash YourWordlistPath\EnglishVeryLarge.txt

rem Mode Straight  rules: combinator + d3ad0ne     Wordlist: American English Very Large
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\combinator.rule --rules-file YourPath\rules\d3ad0ne.rule SQL2005to2008R2Many.hash YourWordlistPath\EnglishVeryLarge.txt

rem Mode Straight  rules: leetspeak + d3ad0ne     Wordlist: Rockyou
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\leetspeak.rule --rules-file YourPath\rules\d3ad0ne.rule SQL2005to2008R2Many.hash YourWordlistPath\rockyou.txt

rem Mode Straight  rules: combinator + d3ad0ne     Wordlist: Rockyou
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\combinator.rule --rules-file YourPath\rules\d3ad0ne.rule SQL2005to2008R2Many.hash YourWordlistPath\rockyou.txt



RE: status from gpu cracking? - muellgmbh - 04-05-2013

Hello epixoip,

thanks for the info, i'm just confused about the file-format.
@Incisive
my file looks like this:
paul:1110:19144CFC6613E929390FFBB5142509F0:0B2222E86F6FAC4E1498ADC7375169B1:::

so i am wondering how the command should look like assuming trying lm or ntlm cracking on it (bruteforce).

regards


RE: status from gpu cracking? - Mem5 - 04-05-2013

look at the examples given with the program + read the wiki.


RE: status from gpu cracking? - muellgmbh - 04-05-2013

Hello again,

just tried this:

i'm trying with a single hash (lm) now and hashcat-lite on a 64bit system with nvidia (latest driver):
hashtype for lm is 3000

my hashfile looks like this:
paulus:1110:1910FFBB5193942509F044CFC6613E92:FAC4E14922E86F6DC8A0B227375169B1:::
format is: 3rd field lm, 4th field ntlm

so my command looks like this:
cudaHashcat-lite64.exe --hash-type 3000 --pw-max 12 1910FFBB5193942509F044CFC6613E92

so this command should work, but it did not:
Password lengths: 1 - 12
Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 80c
Device #1: GeForce GTX 570, 1279MB, 1464Mhz, 15MCU

ERROR: Hash '1910FFBB5193942509F044CFC6613E92': Line-length exception

cudaHashcat-lite64.exe --hash-type 3000 1910FFBB5193942509F044CFC6613E92

i know lm is splitted in 2 parts in the middle, am i right? because it works when i split it.

so, my question is:
is there a way that hashcat can use this type of file format? Means take out the hashes from the file?
i know i need to use hashcat-cuda-plus for generell using files.
but it would be fine not to reformat the file

regards


RE: status from gpu cracking? - Rolf - 04-05-2013

No, only hash per line is supported at the moment, so pwdump or other formats won't work.


RE: status from gpu cracking? - epixoip - 04-05-2013

(04-05-2013, 09:19 AM)muellgmbh Wrote: so my command looks like this:
cudaHashcat-lite64.exe --hash-type 3000 --pw-max 12 1910FFBB5193942509F044CFC6613E92

you're still not supplying an attack mode, mask or dictionary, etc... you're just going to run into your original issue again unless you correct this.