Posts: 56
Threads: 5
Joined: Mar 2011
04-14-2015, 12:38 AM
(This post was last modified: 04-14-2015, 12:44 AM by wgmmmx.)
Hi I use this line in oclhashcat v1.01 SHA1($pass.$salt) and work correct on r9 290x(gpu card drivers 13.xx) and I try run this on new oclhashcat that are on page from v1.31 to v1.35(gpu card drivers 14.9) and all workspace calc and nothing finded, I get know code algo to know where is password , but again all workspace gone and nothing fineded , on all this new version this is bug or something changed that I not find on wiki ??
here are command line that I use:
oclHashcat64 -1 ?d -m 110 -a 3 ?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1 -n 400 -i --hex-charset --hex-salt --status --status-timer=60 --outfile-format=3 --outfile=password1.txt
next I mod it but should work too but still nothing:
oclHashcat64 -a 3 -m 110 ?d?d?d?d?d?d?d?d?d?d?d?d?d?d?d -w3 --hex-charset --hex-salt --status --status-timer=60 -i --outfile-format=5 --outfile=password1.txt
pause
Hash and salt are 100% ok like I write I use too know pass hash and salt and too not calc nothing.
Password is from 8 to 15 digits max.
Posts: 621
Threads: 57
Joined: May 2010
Maybe there is something that I don't understand but why do you use --hex-charset?
Posts: 56
Threads: 5
Joined: Mar 2011
Becouse salt and hash are in hex
--hex-charset Assume charset is given in hex
--hex-salt Assume salt is given in hex
Posts: 621
Threads: 57
Joined: May 2010
(04-14-2015, 09:13 AM)wgmmmx Wrote: Becouse salt and hash are in hex
--hex-charset Assume charset is given in hex
--hex-salt Assume salt is given in hex
--hex-charset is not for the hash, it's for the charset you use in the bruteforce. So it will convert each pair of digits to it's hex character and you won't find your password.
Posts: 56
Threads: 5
Joined: Mar 2011
04-22-2015, 10:29 AM
(This post was last modified: 04-22-2015, 10:33 AM by wgmmmx.)
And that is ok becosue hash got in hex but salt got in dex(0-9 digits) and this need convert to hex to find pass. Pass is in plain_hex mean 0digit0digit.
First command line that I give work in oclhashcat v1.01 without problem becosue this I ask that something not work or something change in new oclhashcat ?? ??
I use this from time to time 1-3 month 1 brutforce but like to know what wrong ?
If not possible will use oclhashcat v1.01 just someone give me link and will back clock in computer but not think for this is this forum.
Posts: 621
Threads: 57
Joined: May 2010
I am not sure that I understand everything but I have a couple of suggestions:
1)
Quote:Pass is in plain_hex mean 0digit0digit
Why don't you set up a mask like that instead (without using --hex-charset) like 0?d0?d0?d...
2)
Quote:hash got in hex but salt got in dex(0-9 digits) and this need convert to hex to find pass
Why don't you simply convert the salt first, it would be much easier. Again if your salts are in dec and you use the --hex-salt, it won't work as expected.
3) I might be wrong but if you use --hex-char, you might need to use -1 01020304... or put it in an .hccr file so that it's used properly.
There are many things that changed since v1.01 and it's definitely not a good idea to go back to this version.
Posts: 56
Threads: 5
Joined: Mar 2011
(04-22-2015, 11:49 AM)mastercracker Wrote: 1)Quote:Pass is in plain_hex mean 0digit0digit
Why don't you set up a mask like that instead (without using --hex-charset) like 0?d0?d0?d...
Not know exacly how use mask but will read and will try do this like you write.
2)
Quote:hash got in hex but salt got in dex(0-9 digits) and this need convert to hex to find pass
Why don't you simply convert the salt first, it would be much easier. Again if your salts are in dec and you use the --hex-salt, it won't work as expected.[/quote]
I will try this and give know results soon.
Quote:3) I might be wrong but if you use --hex-char, you might need to use -1 01020304... or put it in an .hccr file so that it's used properly.
I use -1 ?d where ?d are digits 0123456789 I see this on wiki this is not correct ?
Posts: 621
Threads: 57
Joined: May 2010
Quote:I use -1 ?d where ?d are digits 0123456789 I see this on wiki this is not correct ?
Let's say that you want to crack the password "pass1234" and you only know that the password starts by "pa", you can use the following mask: pa?l?l?d?d?d?d which is "pa" followed by 2 lowercase letters and 4 digits. Using -1 ?d allows you to use ?1 instead of ?d in your mask but since you can use ?d directly, it's useless. The goal of using custom charset is to use something that does not exist yet like ?l?d (lowercase or digit), aeiou (a vowel), etc.