hashcat Forum
Integer overflow detected while brute forcing - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: Integer overflow detected while brute forcing (/thread-6588.html)

Pages: 1 2


Integer overflow detected while brute forcing - matt99 - 05-22-2017

I get the error message:
Integer overflow detected in keyspace of mask: ?a?a?a?a?a?a?a?a?a?a?a

when i try tu bruteforce the md5 hash of a password, which is 11 chars (alphanumeric with special character)
Code:
hashcat -m 0 -a 3 the_md5-hash_of_a_11_provide_long_password ?a?a?a?a?a?a?a?a?a?a?a



Where is the mistake in my syntax? Is the keyspace too long for a bruteforce? That would be weird but the only possibility which I can imagine with those error messages. Thanks in advice.


RE: Integer overflow detected while brute forcing - atom - 05-22-2017

Indeed ?a x 11 BF is not feasible therefore it doesn't matter if it overflows or not which is why hashcat works as it works. You need to try more clever attacks based on wordlists.


RE: Integer overflow detected while brute forcing - matt99 - 05-22-2017

True. 7 character bruteforcing with ?a?a?a?a?a?a?a works fine. Some social-engineering would be clever now. You never stop learning.
Thanks!


RE: Integer overflow detected while brute forcing - kjs - 05-23-2017

(05-22-2017, 08:41 AM)atom Wrote: Indeed ?a x 11 BF is not feasible therefore it doesn't matter if it overflows or not which is why hashcat works as it works. You need to try more clever attacks based on wordlists.

Shouldn't the software evaluate any potential issues that could lead to overflows and return an error message in the first place?


RE: Integer overflow detected while brute forcing - atom - 05-23-2017

(05-23-2017, 03:32 PM)kjs Wrote:
(05-22-2017, 08:41 AM)atom Wrote: Indeed ?a x 11 BF is not feasible therefore it doesn't matter if it overflows or not which is why hashcat works as it works. You need to try more clever attacks based on wordlists.

Shouldn't the software evaluate any potential issues that could lead to overflows and return an error message in the first place?

This error message is from hashcat. It detected the overflow and reported it to the user. Not sure how the software can do it better than that.

Quote:Integer overflow detected in keyspace of mask: ?a?a?a?a?a?a?a?a?a?a?a



RE: Integer overflow detected while brute forcing - kjs - 05-23-2017

(05-23-2017, 03:38 PM)atom Wrote:
(05-23-2017, 03:32 PM)kjs Wrote:
(05-22-2017, 08:41 AM)atom Wrote: Indeed ?a x 11 BF is not feasible therefore it doesn't matter if it overflows or not which is why hashcat works as it works. You need to try more clever attacks based on wordlists.

Shouldn't the software evaluate any potential issues that could lead to overflows and return an error message in the first place?

This error message is from hashcat. It detected the overflow and reported it to the user. Not sure how the software can do it better than that.

Quote:Integer overflow detected in keyspace of mask: ?a?a?a?a?a?a?a?a?a?a?a

Yes, but can't you detect that an overflow would occur based on the input mask and the CPU architecture?


RE: Integer overflow detected while brute forcing - atom - 05-23-2017

No, because it's not the related to a CPU architecture. It's the variables datatype that counts.


RE: Integer overflow detected while brute forcing - kjs - 05-23-2017

Ok, 64-bit or 128-bit uint?


RE: Integer overflow detected while brute forcing - epixoip - 05-24-2017

@kjs: Wait, you're over on Hashkiller advertising Hashcat rigs for sale, but you don't even know what datatypes Hashcat uses internally? Good luck with that, I'm sure your customers have much faith in your ability to provide competent support.


RE: Integer overflow detected while brute forcing - kjs - 05-24-2017

(05-24-2017, 04:33 AM)epixoip Wrote: @kjs: Wait, you're over on Hashkiller advertising Hashcat rigs for sale, but you don't even know what datatypes Hashcat uses internally? Good luck with that, I'm sure your customers have much faith in your ability to provide competent support.

What is your problem exactly?