+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: Weird issue with hashcat v5.1.0 (/thread-8723.html)
Weird issue with hashcat v5.1.0 - john_alan - 10-17-2019
Hello,
I am seeing some strange behaviour with hashcat.
I'm trying to crack a test hash for "XMR123" - using SHA3-256:
Code:
EA5F1F228B67C17A43FBBEECAAE52A8E44A8376868BE2F8FB20E4049779F85A8My command is:
Code:
hashcat -m 17400 -a 3 EA5F1F228B67C17A43FBBEECAAE52A8E44A8376868BE2F8FB20E4049779F85A8However hashcat runs past the 6 char brute section...
Code:
Session..........: hashcat
Status...........: Exhausted
Hash.Type........: SHA3-256
Hash.Target......: ea5f1f228b67c17a43fbbeecaae52a8e44a8376868be2f8fb20...9f85a8
Time.Started.....: Thu Oct 17 14:09:40 2019 (56 secs)
Time.Estimated...: Thu Oct 17 14:10:36 2019 (0 secs)
Guess.Mask.......: ?1?2?2?2?2?2 [6]
Guess.Charset....: -1 ?l?d?u, -2 ?l?d, -3 ?l?d*!$@_, -4 Undefined
Guess.Queue......: 6/15 (40.00%)
Speed.#2.........: 9845.0 kH/s (8.31ms) @ Accel:8 Loops:2 Thr:256 Vec:1
Speed.#3.........: 59249.2 kH/s (1.39ms) @ Accel:16 Loops:8 Thr:256 Vec:1
Speed.#*.........: 69094.2 kH/s
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 3748902912/3748902912 (100.00%)
Rejected.........: 0/3748902912 (0.00%)
Restore.Point....: 1490944/1679616 (88.77%)
Restore.Sub.#2...: Salt:0 Amplifier:2230-2232 Iteration:0-2
Restore.Sub.#3...: Salt:0 Amplifier:2224-2232 Iteration:0-8
Candidates.#2....: Uq6r5o -> Xqlfxj
Candidates.#3....: Wqna8q -> XqqfqxWithout finding it, why is this?
EDIT: Same issue with SHA-256... so weird. It used to work, I have items in my potfile.
EDIT2: After further testing, and to add to the weirdness, hashcat finds:
a665a45920422f9d417e4867efdc4fb8a04a1f3fff1fa07e998e86f7f7a27ae3:123
448a5d6dc7b84c1a0de5e7dae7d55fe46bfbc857ce577235b2bcc7ab1328a77b:X123
but starts to fail at "XM123" (2f5d45aa660e38518d07258c0396eb6f19d4534aae7d6c36b049225c2a1687e6)...
Bizarre.
Thanks for the help.
RE: Weird issue with hashcat v5.1.0 - undeath - 10-17-2019
you have not specified a mask, hence hashcat uses its default mask which does not include your password.
RE: Weird issue with hashcat v5.1.0 - john_alan - 10-17-2019
(10-17-2019, 03:24 PM)undeath Wrote: you have not specified a mask, hence hashcat uses its default mask which does not include your password.
Thanks for the reply.
Check my update, it happily cracks:
"123"
"X123"
but fails when I move to "XM123" or anything larger.
Doesn't a raw brute force just iterate over all possible values?
What mask would I use?
RE: Weird issue with hashcat v5.1.0 - undeath - 10-17-2019
There is no such thing as a "raw bruteforce" in hashcat. You can see the default mask it is using in your status output.
RE: Weird issue with hashcat v5.1.0 - philsmd - 10-17-2019
the default mask and custom charsets (--custom-charset1 ... --custom-charset4) are documented here:
https://hashcat.net/wiki/doku.php?id=hashcat#default_values
you would want something like --increment ?a?a?a?a?a?a?a?a?a
if you want to use specials, numbers, lowercase letters, uppercase letters (it would be same as --custom-charset1 ?s?d?u?l ?1?1?1?1?1?1?1?1?1 --increment)
RE: Weird issue with hashcat v5.1.0 - john_alan - 10-17-2019
(10-17-2019, 03:28 PM)undeath Wrote: There is no such thing as a "raw bruteforce" in hashcat. You can see the default mask it is using in your status output.
OK thanks for the reply.
Is there a calculator available for the masks?
What is the default mask in English? (sorry hard to understand the syntax)
RE: Weird issue with hashcat v5.1.0 - john_alan - 10-17-2019
(10-17-2019, 03:29 PM)philsmd Wrote: the default mask and custom charsets (--custom-charset1 ... --custom-charset4) are documented here:
https://hashcat.net/wiki/doku.php?id=hashcat#default_values
you would want something like --increment ?a?a?a?a?a?a?a?a?a
if you want to use specials, numbers, lowercase letters, uppercase letters (it would be same as --custom-charset1 ?s?d?u?l ?1?1?1?1?1?1?1?1?1 --increment)
Thank you, trying to understand the syntax!
RE: Weird issue with hashcat v5.1.0 - undeath - 10-17-2019
the syntax is documented here: https://hashcat.net/wiki/doku.php?id=mask_attack
RE: Weird issue with hashcat v5.1.0 - john_alan - 10-17-2019
(10-17-2019, 03:33 PM)undeath Wrote: the syntax is documented here: https://hashcat.net/wiki/doku.php?id=mask_attack
Got it now thanks...
RE: Weird issue with hashcat v5.1.0 - Mem5 - 10-18-2019
To find XMR123 apply this mask: ?u?u?u?d?d?d aka upper+upper+upper+digit+digit+digit