Posts: 5
Threads: 2
Joined: Apr 2013
Hello Forum,
i just tested the hashcat with the following command:
C:\temp\oclHashcat-plus-0.14>cudaHashcat-plus64.exe -m 1800 "$6$wYzevcOJ$VL9PX2u
restofthekeyhere"
cudaHashcat-plus v0.14 by atom starting...
Hashes: 1 total, 1 unique salts, 1 unique digests
Bitmaps: 8 bits, 256 entries, 0x000000ff mask, 1024 bytes
Rules: 1
Workload: 16 loops, 2 accel
Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 80c
Device #1: GeForce GTX 570, 1279MB, 1464Mhz, 15MCU
Device #1: Kernel ./kernels/4318/m1800.sm_20.64.ptx
Starting attack in stdin mode...
now, since 1 day, there is no change on the screen, means no status or something. i assume its still working.
is there a way to: see a status during work?
stop the cracking and resume it later?
i am not sure for now if it is working and how long it will take...
any hints?
regards
muelli
Posts: 344
Threads: 2
Joined: Aug 2011
Posts: 2,936
Threads: 12
Joined: May 2012
(04-04-2013, 04:17 PM)muellgmbh Wrote: i just tested the hashcat with the following command:
C:\temp\oclHashcat-plus-0.14>cudaHashcat-plus64.exe -m 1800 "$6$wYzevcOJ$VL9PX2u
restofthekeyhere"
Starting attack in stdin mode...
you didn't give it any work to do. it's just sitting there idle waiting to read from stdin.
read the wiki to learn how to use the program.
Posts: 67
Threads: 12
Joined: Sep 2011
04-05-2013, 01:10 AM
(This post was last modified: 04-05-2013, 01:10 AM by Incisive.)
First, you may be confusing the "lite" version with the "plus" version.
lite is designed to operate on a single hash, fed in on the command line.
plus is designed to operate on a file of hashes.
Here's a basic of starting points for a few simple kinds of attacks.
Code:
rem First: Extremely Low sizes, brute force with full hex set!
rem No need to go through a rules-based dictionary attack at these sizes unless it includes characters not in this set.
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove --hex-charset -1 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 SQL2005to2008R2Many.hash ?1
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove --hex-charset -1 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 SQL2005to2008R2Many.hash ?1?1
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove --hex-charset -1 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 SQL2005to2008R2Many.hash ?1?1?1
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove --hex-charset -1 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 SQL2005to2008R2Many.hash ?1?1?1?1
rem Next: Very Low sizes, brute force with multilingual printables and upper hex set!
rem No need to go through a rules-based dictionary attack at these sizes unless it includes characters not in this set.
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove -1 ?d?l?u?s?D?F?R?h --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 SQL2005to2008R2Many.hash ?1?1?1?1?1
rem Next: Fairly Low sizes, brute force with Digit, Lower, Upper, and Symbol
rem No need to go through a rules-based dictionary attack at these sizes unless it includes characters not in this set.
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove -1 ?d?l?u?s --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 SQL2005to2008R2Many.hash ?1?1?1?1?1?1
rem Next Low sizes, we'll get clever. Brute with a pattern - larger sets at the ends, smaller in the middle.
rem NOTE: see that the larger sets are strict supersets of the smaller, so the smaller sets are a comprehensive check?
rem These REALLY MUST go through rules-based dictionary attacks - we have massive gaps!
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove -1 ?d?l?u?s -2 ?l?d --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 SQL2005to2008R2Many.hash ?1?2?2?2?2?1?1
rem U.S. (xxx)xxx-xxxx phone number format - this runs very quickly indeed for a "13 character" password with digits and symbols, compared to a non-patterned pure brute force search.
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove -1 ?d --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 SQL2005to2008R2Many.hash "(?1?1?1)?1?1?1-?1?1?1?1"
rem Next Medium-Low sizes, we'll get clever. Brute with a pattern - larger sets at the ends, smaller in the middle.
rem NOTE: see that the larger sets are strict supersets of the smaller, so the smaller sets are a comprehensive check?
rem These REALLY MUST go through rules-based dictionary attacks - we have massive gaps!
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove -1 ?d?l?u?s -2 ?l?d 0x0100SaltHash --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 ?2?2?2?2?2?2?2?2
rem Next Medium sizes, we're grasping at whatever we can squeeze through our machine.
rem We'll try a little Digit Lower first character plus Lower only, and then Digit parens dash Lower first character plug Digit parens dash only
rem These REALLY MUST go through rules-based dictionary attacks - we have massive gaps!
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove -1 ?l?d-() -2 ?l 0x0100SaltHash --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 ?1?2?2?2?2?2?2?2?2
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove -1 ?l?d-() -2 ?d-() 0x0100SaltHash --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 ?1?2?2?2?2?2?2?2?2
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove -1 ?l?d-() -2 ?d-() 0x0100SaltHash --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 ?1?2?2?2?2?2?2?2?2?2
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove -1 ?l?d-() -2 ?d-() 0x0100SaltHash --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 ?1?2?2?2?2?2?2?2?2?2?2
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove -1 ?l?d-() -2 ?d-() 0x0100SaltHash --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 ?1?2?2?2?2?2?2?2?2?2?2?2
rem Now we're going to do rules based dictionary attacks!
rem Let's start with the quickest, because any passwords we can remove now give later iterations less work.
rem Mode Straight rules: Best64 Wordlist: Phpbb
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\best64.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt
rem Mode Straight rules: specific Wordlist: Phpbb
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\specific.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt
rem Mode Combinator rules: Best64 Wordlist: Phpbb * 500worst
YourPath\oclHashcat-plus64.exe --attack-mode=1 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\best64.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt YourWordlistPath\500worst.txt
rem Mode Straight rules: Best64 Wordlist: American English Very Large
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\best64.rule SQL2005to2008R2Many.hash YourWordlistPath\EnglishVeryLarge.txt
rem Mode Straight rules: leetspeak * Best64 Wordlist: Phpbb
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\leetspeak.rule --rules-file YourPath\rules\best64.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt
rem Mode Straight rules: T0XlC Wordlist: Phpbb
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\T0XlC.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt
rem Mode Straight rules: combinator * Best64 Wordlist: Phpbb
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\combinator.rule --rules-file YourPath\rules\best64.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt
rem Mode Straight rules: Best64 Wordlist: Rockyou
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\best64.rule SQL2005to2008R2Many.hash YourWordlistPath\rockyou.txt
rem Mode Straight rules: leetspeak * Best64 Wordlist: American English Very Large
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\leetspeak.rule --rules-file YourPath\rules\best64.rule SQL2005to2008R2Many.hash YourWordlistPath\EnglishVeryLarge.txt
rem Mode Straight rules: Best64 Wordlist: American English Small * American English Small
YourPath\oclHashcat-plus64.exe --attack-mode=1 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\best64.rule SQL2005to2008R2Many.hash YourWordlistPath\EnglishSmall.txt YourWordlistPath\EnglishSmall.txt
rem Mode Straight rules: generated Wordlist: Phpbb
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\generated.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt
rem Mode Straight rules: d3ad0ne Wordlist: Phpbb
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\d3ad0ne.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt
rem Mode Straight rules: d3ad0ne Wordlist: American English Very Large
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\d3ad0ne.rule SQL2005to2008R2Many.hash YourWordlistPath\EnglishVeryLarge.txt
rem Mode Straight rules: T0XlC Wordlist: Rockyou
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\T0XlC.rule SQL2005to2008R2Many.hash YourWordlistPath\rockyou.txt
rem Mode Straight rules: leetspeak + d3ad0ne Wordlist: Phpbb
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\leetspeak.rule --rules-file YourPath\rules\d3ad0ne.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt
rem Mode Straight rules: combinator + d3ad0ne Wordlist: Phpbb
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\combinator.rule --rules-file YourPath\rules\d3ad0ne.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt
rem Mode Straight rules: d3ad0ne Wordlist: Rockyou
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\d3ad0ne.rule SQL2005to2008R2Many.hash YourWordlistPath\rockyou.txt
rem Mode Straight rules: leetspeak + d3ad0ne Wordlist: American English Very Large
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\leetspeak.rule --rules-file YourPath\rules\d3ad0ne.rule SQL2005to2008R2Many.hash YourWordlistPath\EnglishVeryLarge.txt
rem Mode Straight rules: combinator + d3ad0ne Wordlist: American English Very Large
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\combinator.rule --rules-file YourPath\rules\d3ad0ne.rule SQL2005to2008R2Many.hash YourWordlistPath\EnglishVeryLarge.txt
rem Mode Straight rules: leetspeak + d3ad0ne Wordlist: Rockyou
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\leetspeak.rule --rules-file YourPath\rules\d3ad0ne.rule SQL2005to2008R2Many.hash YourWordlistPath\rockyou.txt
rem Mode Straight rules: combinator + d3ad0ne Wordlist: Rockyou
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\combinator.rule --rules-file YourPath\rules\d3ad0ne.rule SQL2005to2008R2Many.hash YourWordlistPath\rockyou.txt
Posts: 5
Threads: 2
Joined: Apr 2013
Hello epixoip,
thanks for the info, i'm just confused about the file-format.
@Incisive
my file looks like this:
paul:1110:19144CFC6613E929390FFBB5142509F0:0B2222E86F6FAC4E1498ADC7375169B1:::
so i am wondering how the command should look like assuming trying lm or ntlm cracking on it (bruteforce).
regards
Posts: 803
Threads: 135
Joined: Feb 2011
look at the examples given with the program + read the wiki.
Posts: 5
Threads: 2
Joined: Apr 2013
Hello again,
just tried this:
i'm trying with a single hash (lm) now and hashcat-lite on a 64bit system with nvidia (latest driver):
hashtype for lm is 3000
my hashfile looks like this:
paulus:1110:1910FFBB5193942509F044CFC6613E92:FAC4E14922E86F6DC8A0B227375169B1:::
format is: 3rd field lm, 4th field ntlm
so my command looks like this:
cudaHashcat-lite64.exe --hash-type 3000 --pw-max 12 1910FFBB5193942509F044CFC6613E92
so this command should work, but it did not:
Password lengths: 1 - 12
Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 80c
Device #1: GeForce GTX 570, 1279MB, 1464Mhz, 15MCU
ERROR: Hash '1910FFBB5193942509F044CFC6613E92': Line-length exception
cudaHashcat-lite64.exe --hash-type 3000 1910FFBB5193942509F044CFC6613E92
i know lm is splitted in 2 parts in the middle, am i right? because it works when i split it.
so, my question is:
is there a way that hashcat can use this type of file format? Means take out the hashes from the file?
i know i need to use hashcat-cuda-plus for generell using files.
but it would be fine not to reformat the file
regards
Posts: 601
Threads: 18
Joined: Apr 2010
No, only hash per line is supported at the moment, so pwdump or other formats won't work.
Posts: 2,936
Threads: 12
Joined: May 2012
(04-05-2013, 09:19 AM)muellgmbh Wrote: so my command looks like this:
cudaHashcat-lite64.exe --hash-type 3000 --pw-max 12 1910FFBB5193942509F044CFC6613E92
you're still not supplying an attack mode, mask or dictionary, etc... you're just going to run into your original issue again unless you correct this.