+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Deprecated; Previous versions (https://hashcat.net/forum/forum-29.html)
+--- Forum: General Help (https://hashcat.net/forum/forum-8.html)
+--- Thread: What I'm doing wrong? (/thread-4807.html)
What I'm doing wrong? - siteregistrator - 11-12-2015
I'm learning this program and starting to follow article from Wiki https://www.question-defense.com/2010/08/15/automated-password-cracking-use-oclhashcat-to-launch-a-fingerprint-attack
In first step author run a five character long brute force using a full charset (lowercase, uppercase, digits, special characters) against the list of 650,000 unique hashes. And on GeForce GTX 285 it took a few seconds. How is it possible? I've tried the same attack and Hashcat told me it will took 3 years to complete. Have I missed something?
RE: What I'm doing wrong? - undeath - 11-12-2015
You're probably using a different hash mode.
RE: What I'm doing wrong? - siteregistrator - 11-12-2015
(11-12-2015, 03:45 AM)undeath Wrote: You're probably using a different hash mode.Well, he states he run again MD5, so do I
RE: What I'm doing wrong? - royce - 11-12-2015
Please post your command syntax for a sanity check.
RE: What I'm doing wrong? - siteregistrator - 11-12-2015
(11-12-2015, 03:51 AM)royce Wrote: Please post your command syntax for a sanity check.
Here is my command:
cudaHashcat64.exe -a 3 -m 400 --remove --outfile=out.txt --outfile-format=3 in_md5.txt ?a?a?a?a?a
RE: What I'm doing wrong? - epixoip - 11-12-2015
-m 400 isn't MD5, it's phpass.
RE: What I'm doing wrong? - siteregistrator - 11-12-2015
(11-12-2015, 05:32 AM)epixoip Wrote: -m 400 isn't MD5, it's phpass.
Oh, sorry. I was thinking it is the same. What are the differences?
RE: What I'm doing wrong? - epixoip - 11-12-2015
phpass is salted and iterated MD5. Wordpress uses a cost of 2^11 (2048 iterations) by default, so a single hash is 2048x slower than raw MD5. If you have two hashes with two unique salts, this would slow it down even further, making it 4096x slower than raw MD5. If you have 10 hashes with 10 unique salts, it would be 20,480x slower than raw MD5.
RE: What I'm doing wrong? - siteregistrator - 11-12-2015
(11-12-2015, 05:58 AM)epixoip Wrote: phpass is salted and iterated MD5. Wordpress uses a cost of 2^11 (2048 iterations) by default, so a single hash is 2048x slower than raw MD5. If you have two hashes with two unique salts, this would slow it down even further, making it 4096x slower than raw MD5. If you have 10 hashes with 10 unique salts, it would be 20,480x slower than raw MD5.
Oh, I see now. Thank you