+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Deprecated; Ancient Versions (https://hashcat.net/forum/forum-46.html)
+--- Forum: Very old oclHashcat-lite Support (https://hashcat.net/forum/forum-22.html)
+--- Thread: Huge wordlist (/thread-2611.html)
Huge wordlist - jimipage - 09-10-2013
Hello,
I'm trying to crack automatically generated password encrypted by md5.
I know all possible combinations. It's about 4B (2^32).
Each password is 8 symbols long(62 characters), so making mask is not an option here(218340B passwords).
So I'll jump to my problem. With my GPU oclExample0.sh makes about 1B/sec md5.
But, when I'm trying to use wordlist - It shows speed about 11-25M/sec.
I understand that copying data from SSD is not fast enough. So I tried to speed up it by creating tmpfs in RAM (DDR3 PC3-14900) and storing part of my wordlist there. The result was even worse - 11M/sec.
Ok. Here is the question: How do I speed up cracking by wordlist?
PS. Ubuntu/oclHashCat_plus/ATI 6770/Intel SSD
RE: Huge wordlist - radix - 09-10-2013
how is using a mask not an option? seems like the perfect option since you know all the passwords are 8 len.
RE: Huge wordlist - jimipage - 09-10-2013
maybe i understand masks wrong. What is your suggestion? Please provide command options.
RE: Huge wordlist - Sc00bz - 09-10-2013
Without knowing what you are doing, I'd suggest removing the last character from all the words in the word list. Sort and remove duplicates. Then do a hybrid attack to add the last character back in. This should get speeds closer to 1B/sec. Now if removing the last character doesn't actually remove like 90% of the passwords in your list, then it's not going to be much of a help.
How did you generate the 2^32 passwords? Are they all like Aaaa000! or something? If they are then you can do a mask attack.
RE: Huge wordlist - jimipage - 09-10-2013
(09-10-2013, 01:17 AM)Sc00bz Wrote: Without knowing what you are doing, I'd suggest removing the last character from all the words in the word list. Sort and remove duplicates. Then do a hybrid attack to add the last character back in. This should get speeds closer to 1B/sec. Now if removing the last character doesn't actually remove like 90% of the passwords in your list, then it's not going to be much of a help.
How did you generate the 2^32 passwords? Are they all like Aaaa000! or something? If they are then you can do a mask attack.
That's an interesting suggest. But not really helps in my situation. Cutting password and running `sort -u` resulted in shortening testing wordlist from 94,967,295 to 94,966,065
Password list was generated using rand php function. Due to technical restrictions there are only 2^32 possible passwords. Here is an example:
Code:
BHwERtKm
6PSfGlqR
KHFWcxfg
Fno3gSLJ
1Ej4EUqw
QEp8L2Ry
RhOiuDqL
hceJvycQ
X9Tyrve7
l7QXg8nMRE: Huge wordlist - forumhero - 09-10-2013
if the hashed passwords are randomly generated then your only option would be to bruteforce
RE: Huge wordlist - Mangix - 09-10-2013
try splitting your wordlist into smaller chunks and running them separately.
advanced tip: you can also try a normal mask attack like -1 ?u?l?d ?1?1?1?1?1?1?1?1 but you can run hcstatgen to generate an hcstat file based on your wordlist. this should speed up cracking in brute-force mode by quite a bit.
RE: Huge wordlist - jimipage - 09-10-2013
I don't think hcstatgen will generate good hcstat file for my wordlist. Random generation in PHP works really reliable. I'll try it anyway. thanks.
After a few tests I was able to reach 32M/sec speed using Straight attack mode. It doesn't matter if I was using SSD or RAMfs for storing my wordlist.
It's looks like oclhashcat_plus is reading file really slow.
RE: Huge wordlist - jimipage - 09-10-2013
I just realized that I posted my thread in the wrong Forum. Should be oclHashCat_plus forum. (moderators)Please move it if possible.
I got a new question here): Is there way to run few instances of oclHashCat_plus on same OS?
Code:
ERROR: already an instance ./oclHashcat-plus64.bin running on pid 3088RE: Huge wordlist - The Mechanic - 09-10-2013
Yes, use --session
(09-10-2013, 01:12 PM)jimipage Wrote: I got a new question here): Is there way to run few instances of oclHashCat_plus on same OS?
Code:ERROR: already an instance ./oclHashcat-plus64.bin running on pid 3088