hashcat Forum
RAR hash cracking problems - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Deprecated; Previous versions (https://hashcat.net/forum/forum-29.html)
+--- Forum: Old oclHashcat Support (https://hashcat.net/forum/forum-38.html)
+--- Thread: RAR hash cracking problems (/thread-4740.html)



RAR hash cracking problems - crypted.wolf - 10-17-2015

Hey
I tried to use Cudahashcat to crack rar file in stdin input mode.
but all the candidate passwords are rejected.
i don't know why?
any one can help me?
this is my command:
Code:
maskprocessor\mp64.exe -i 18:26 -1 ?l?s password?1?1?1?1?1?1?1?1|C:\cuda37\cudaHashcat-1.37\cudaHashcat64.exe -a 0 -m 12500 -d 1,2,3,4,5,6,8 --gpu-temp-abort=75 -p : --outfile-format=3 -o c:\cracked\rarhash.txt c:\hashes\11122.txt

this is cudahashcat status:
all

Code:
Session.Name...: cudaHashcat
Status.........: Aborted
Input.Mode.....: Pipe
Hash.Target....: [hash-filtered]
Hash.Type......: RAR3-hp
Time.Started...: Thu Oct 15 03:10:14 2015 (1 day, 20 hours)
Speed.GPU.#1...:        0 H/s
Speed.GPU.#2...:        0 H/s
Speed.GPU.#3...:        0 H/s
Speed.GPU.#4...:        0 H/s
Speed.GPU.#5...:        0 H/s
Speed.GPU.#6...:        0 H/s
Speed.GPU.#7...:        0 H/s
Speed.GPU.#*...:        0 H/s
Recovered......: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.......: 577314814262
Rejected.......: 577314814262

Started: Thu Oct 15 03:10:14 2015
Stopped: Fri Oct 16 23:52:42 2015



RE: RAR hash cracking problems - epixoip - 10-17-2015

-m 12500 supports a max of 20 chars in -a 0, so your candidates shouldn't be rejected. And indeed I cannot reproduce this with 1.37 using the command you provided:

Code:
sagitta@inceptus:~/cudaHashcat-1.37$ maskprocessor/src/mp64.bin -i 18:26 -1 ?l?s password?1?1?1?1?1?1?1?1 | ./cudaHashcat64.bin --quiet --status -m 12500 rar.test
^C
Session.Name...: cudaHashcat
Status.........: Aborted
Input.Mode.....: Pipe
Hash.Target....: ...
Hash.Type......: RAR3-hp
Time.Started...: Sat Oct 17 00:34:23 2015 (12 secs)
Speed.GPU.#1...:     9429 H/s
Recovered......: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.......: 79872
Rejected.......: 0
HWMon.GPU.#1...: 91% Util, 59c Temp, 26% Fan

But let's talk about that command, because it doesn't make any sense.

First, you're telling maskprocessor to increment from length 18-26, but your mask is only 16 chars long. And that's on top of the fact that there's absolutely no reason to use maskprocessor here at all. You also don't need to specify -p or --outfile-format, and your --gpu-temp-abort value is insanely low. And what happened to device 7?

Fixing your command for you:

Code:
cudaHashcat64 -a 3 -m 12500 -o C:\cracked\rarhash.txt -w 3 -1 ?l?s C:\hashes\11122.txt password?1?1?1?1?1?1?1?1

And this leads us to your final and biggest problem: that keyspace is way too big. You're trying to brute force 59^8 on a very slow algorithm. Even if you had 8x Titan X this would take 35 years (or, you would need 280x Titan X to exhaust this keyspace in one year.)


RE: RAR hash cracking problems - crypted.wolf - 10-17-2015

at first i have to say thank you epixoip
device #7 is destroyed
the word "password" is just an substitute for the real password.
the word before mask has about 18 char length
i have 8 Tesla M2090
i used a command like you but after 20 character length hashcat finished the progress and did not continue to 21..26 char length


RE: RAR hash cracking problems - epixoip - 10-17-2015

Ah ok, that makes more sense then. But yeah, there's a 20-char limit for this algorithm.


RE: RAR hash cracking problems - crypted.wolf - 10-17-2015

any solution or alternative like pipe input?


RE: RAR hash cracking problems - epixoip - 10-17-2015

No, there's no way to get around it.