O H/sec with PhpBB
#1
Hi,

Considering thousand of PHPBB hashes.
I launched a dictionnary attack, I got ~400 H/sec.
GPU : 7970.

I then lauch a bruteforce attack on digits :
Code:
oclhashcat64.exe --remove  -n 160 -u 8 -a 3 -m 400  -i --increment-min=1 --increment-max=12 -1 ?d phpbb.txt ?1?1?1?1?1?1?1?1?1?1?1?1


Session.Name...: oclHashcat
Status.........: Running
Input.Mode.....: Mask (?1) [1]
Hash.Target....: File (phpbb.txt)
Hash.Type......: phpass, MD5(Wordpress), MD5(phpBB3)
Time.Started...: Sun Jan 12 22:02:18 2014 (1 min, 1 sec)
Time.Estimated.: 0 secs
Speed.GPU.#1...: 0 H/s
Recovered......: 0/13681 (0.00%) Digests, 0/13681 (0.00%) Salts
Progress.......: 44650/136810 (32.64%)
Rejected.......: 0/44650 (0.00%)

1 digit : 0 H/sec. Why 0 H/sec ?

Few minutes after :

Session.Name...: oclHashcat
Status.........: Running
Input.Mode.....: Mask (?1?1) [2]
Hash.Target....: File (phpbb.txt)
Hash.Type......: phpass, MD5(Wordpress), MD5(phpBB3)
Time.Started...: Sun Jan 12 22:02:18 2014 (30 secs)
Time.Estimated.: Sun Jan 12 22:08:41 2014 (2 mins, 44 secs)
Speed.GPU.#1...: 1 H/s
Recovered......: 0/13681 (0.00%) Digests, 0/13681 (0.00%) Salts
Progress.......: 219300/1368100 (16.03%)
Rejected.......: 0/219300 (0.00%)

2 digits : 1 H/sec.


Etc... 3 digits : 10 H/sec ; 4 digits 21 H/sec..

Am I doing something wrong with the command line ?
Why dictionnary attack gives 400 H/sec but simple digit bruteforce is slower ?
I tried changing -n and -u but this is the same.

Thanks.
#2
take the tuning options off and see what happens.
#3
It's the same without -n and -u
#4
to many salts
#5
Does this imply a hashes limit ?
I should divide the list in 2 or 3 or more ?
#6
for salted algorithms, each plaintext candidate has to be hashed with each unique salt. therefore when cracking salted hashes, your effective speed is the total speed divided by number of unique salts. so if your single salt performance is 400 H/sec and you have 13681 unique salts, then your effective speed is 0.03 H/sec. the only way to speed this up is to eliminate salts as quickly as possible. this is accomplished by stacking your attacks in probabilistic order, so that you remove as many salts as possible in your first few passes.
#7
Ok.

Quote:this is accomplished by stacking your attacks in probabilistic order, so that you remove as many salts as possible in your first few passes
How can I do that ?
#8
thinking.
#9
Hum.
I mean, I am not english, and I did not really understand what epixoip explained, especially last sentence.
If I remove (erase?) salts, I also delete the hash, right ? but that is not what I want..!
#10
not erase but crack. start with small wordlists which have a high hit probability.