hashcat Forum
Newbie - > 10 years to complete? - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Deprecated; Previous versions (https://hashcat.net/forum/forum-29.html)
+--- Forum: Old oclHashcat Support (https://hashcat.net/forum/forum-38.html)
+--- Thread: Newbie - > 10 years to complete? (/thread-3916.html)



Newbie - > 10 years to complete? - Drivium - 12-22-2014

So... In The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) Linux managed to capture WPA2 hash (.cap) via wifite. Cleaned and converted to .hccap. Now back in Win7x64 and trying to use Cudahashcat to crack via bruteforce. Ran CudaHashcat64 via: cudaHashcat64.exe -m 2500 -a3 out.hccap ?a?a?a?a?a?a?a?a?a

Speed.GPU.#1.....: 51891 H/s
Time.Estimated....: > 10 Years

I've been reading how fast hashcat is, so I must be doing something wrong. I've also seen tutorials that say they get millions of H/s using their CPU cores, but this seems to be using my GPU.

Please advise...and forgive my newbie'ness. I'm here to learn. Smile


RE: Newbie - > 10 years to complete? - undeath - 12-22-2014

Only because it's fast doesn't mean it's out of this world.


RE: Newbie - > 10 years to complete? - Drivium - 12-22-2014

(12-22-2014, 08:58 PM)undeath Wrote: Only because it's fast doesn't mean it's out of this world.

Are you saying that this is to be expected or are there things I can do to improve this? Tough to read between the lines of that rather vague response.

Also, because I only have a single GPU, would I be better off using my CPU (i7 3770k 3.5ghz OC'd to 4.5ghz)? If so, how would I invoke that? I Googled oclHashcat which led me to this site. I downloaded oclHashcat for NVidia 1.31, but cudaHashcat is what actually downloaded.


RE: Newbie - > 10 years to complete? - epixoip - 12-22-2014

Hashcat is very fast, but the algorithms you are reading about are for fast hashes like MD5 and NTLM. WPA on the other hand is very very slow, and you have a shitty GPU. At the speeds you are getting with your GPU, the command you pasted would take:

95^9 / 51891 / 31556926 =~ 384,881 years

But even with a fast GPU, you're still not going to be able to brute force that keyspace. With e.g. R9 290X,

95^9 / 205000 / 31556926 =~ 97,424 years

In other words, you'd need 97,424 290X's to brute force that keyspace in one year.

Hopefully now you see how slow WPA is, and why the attack you are running is impossible. In short, you need to be much smarter about your attacks, especially with the GPU that you have.


RE: Newbie - > 10 years to complete? - epixoip - 12-22-2014

(12-22-2014, 09:02 PM)Drivium Wrote: would I be better off using my CPU

No, your CPU is likely much slower. I reckon you'd probably only get around 8 KH/s with your CPU.

(12-22-2014, 09:02 PM)Drivium Wrote: I Googled oclHashcat which led me to this site. I downloaded oclHashcat for NVidia 1.31, but cudaHashcat is what actually downloaded.

oclHashat is for AMD cards, cudaHashcat is for Nvidia cards.


RE: Newbie - > 10 years to complete? - Drivium - 12-22-2014

Ok. Things are getting clearer. My GPU is an Nvidia GTX660Ti PE. Ok, with the info I've given, what might be the optimal "smarter" method for my purpose?


RE: Newbie - > 10 years to complete? - epixoip - 12-22-2014

Wordlist attacks for sure, possibly rule-based if you are very smart about which rules you select, and maybe targeted mask attacks.

Basically you're probably not going to be able to "cold crack" WPA unless they're using a common password, already-compromised password, or a default password. WPA is very slow, so you are very limited in the types and variety of attacks you can run. You pretty much have have to know something about your victim in order to crack their wifi password.

And if you are new to password cracking, WPA is a terrible place to start learning.


RE: Newbie - > 10 years to complete? - Drivium - 12-22-2014

(12-22-2014, 09:25 PM)epixoip Wrote: Wordlist attacks for sure, possibly rule-based if you are very smart about which rules you select, and maybe targeted mask attacks.

Basically you're probably not going to be able to "cold crack" WPA unless they're using a common password, already-compromised password, or a default password. WPA is very slow, so you are very limited in the types and variety of attacks you can run. You pretty much have have to know something about your victim in order to crack their wifi password.

And if you are new to password cracking, WPA is a terrible place to start learning.

I appreciate the response. Ok, I'll research further. Thanks for pointing me in the right direction.

-D