brute force with 11 length password(MD4)
#1
Hello,
I was trying to recover a 11 length password  with brute force, MD4
I don't understant why  this did not work...

hashcat64.exe -m 900 -a 3 -w 3 -O hashmd4.txt ?h?h?h?h?h?h?h?h?h?h?h --increment --increment-min 11 --increment-max 11

hashcat (v5.1.0) starting...

* Device #1: WARNING! Kernel exec timeout is not disabled.
            This may cause "CL_OUT_OF_RESOURCES" or related errors.
            To disable the timeout, see: https://hashcat.net/q/timeoutpatch
OpenCL Platform #1: NVIDIA Corporation
======================================
* Device #1: GeForce GTX 1060 3GB, 768/3072 MB allocatable, 9MCU

OpenCL Platform #2: Intel(R) Corporation
========================================
* Device #2: AMD Ryzen 7 1700 Eight-Core Processor, skipped.

Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates

Applicable optimizers:
* Optimized-Kernel
* Zero-Byte
* Precompute-Init
* Precompute-Merkle-Demgard
* Meet-In-The-Middle
* Early-Skip
* Not-Salted
* Not-Iterated
* Single-Hash
* Single-Salt
* Brute-Force
* Raw-Hash

Minimum password length supported by kernel: 0
Maximum password length supported by kernel: 55

Watchdog: Temperature abort trigger set to 90c

Approaching final keyspace - workload adjusted.

Session..........: hashcat
Status...........: Exhausted
Hash.Type........: MD4
Hash.Target......: 9991a482c1ad810b731bcfbeae00bf5b
Time.Started.....: Fri Nov 22 02:02:19 2019 (18 mins, 12 secs)
Time.Estimated...: Fri Nov 22 02:20:31 2019 (0 secs)
Guess.Mask.......: ?h?h?h?h?h?h?h?h?h?h?h [11]
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 16200.1 MH/s (66.07ms) @ Accel:256 Loops:512 Thr:1024 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 17592186044416/17592186044416 (100.00%)
Rejected.........: 0/17592186044416 (0.00%)
Restore.Point....: 4294967296/4294967296 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:3584-4096 Iteration:0-512
Candidates.#1....: 12fe1999f6e -> 6e6f5f6ef6e
Hardware.Mon.#1..: Temp: 67c Fan: 47% Util: 92% Core:1898MHz Mem:3802MHz Bus:16

Started: Fri Nov 22 02:02:15 2019
Stopped: Fri Nov 22 02:20:33 2019

=============

could someone explain please ?
Reply
#2
You tested lowercase hex characters, at length 11. Are you certain that the hash you have is MD4, the plaintext is exactly 11 characters, and the plaintext consists only of lowercase hex characters?
Reply
#3
Thanks for answer,
lower case +number
MD4
Reply
#4
Code:
hashcat64.exe -m 900 -a 3 -w 3 -O -2 ?l?d hashmd4.txt ?2?2?2?2?2?2?2?2?2?2?2
Reply
#5
(11-22-2019, 08:55 PM)philsmd Wrote:
Code:
hashcat64.exe -m 900 -a 3 -w 3 -O -2 ?l?d hashmd4.txt ?2?2?2?2?2?2?2?2?2?2?2

Running, but GPU showing 1% usage, is it normal ?
Reply
#6
Did not work, I stopped  run after  7 hours...


Session..........: hashcat
Status...........: Bypass
Hash.Type........: MD4
Hash.Target......: 9991a482c1ad810b731bcfbeae00bf5b
Time.Started.....: Fri Nov 22 20:34:29 2019 (7 hours, 2 mins)
Time.Estimated...: Sat Feb 22 06:38:50 2020 (91 days, 3 hours)
Guess.Mask.......: ?2?2?2?2?2?2?2?2?2?2?2 [11]
Guess.Charset....: -1 Undefined, -2 ?l?d, -3 Undefined, -4 Undefined
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 16664.0 MH/s (70.16ms) @ Accel:256 Loops:512 Thr:1024 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 421138337366016/131621703842267136 (0.32%)
Rejected.........: 0/421138337366016 (0.00%)
Restore.Point....: 9024307200/2821109907456 (0.32%)
Restore.Sub.#1...: Salt:0 Amplifier:42496-43008 Iteration:0-512
Candidates.#1....: g8ueryhnite -> 93uqd93r134
Hardware.Mon.#1..: Temp: 71c Fan: 55% Util: 97% Core:1885MHz Mem:3802MHz Bus:16
Reply
#7
It was working! You just needed to let it run 91 days.

Can you be more specific about "lower case +number": does it mean [a-z]{10}[0-9] or is it really that each of the 11 characters can be either a lowercase letter or a digit like 93uqd93r134? Speaking of which, do you mean a single digit or an actual number made of possibly several digits?

Also, the utilization was apparently 97% when you stopped it; where did you get "GPU showing 1% usage" from?
Reply
#8
Thanks for your answer.
to get 1% usage I checked GPU on windows task manager

The password looks like :
Ha6gd52oKem
or
a626KemMruP
Reply
#9
I don't agree that "H", "K", "M" and "P" are lowercase characters.

It's probably also not the best idea to mask attack such passwords (there are some exception, e.g. if you know that those passwords are not user-choosen and/or randomly generated, but that's even worse for the cracker).
There exists more clever/advanced attack modes for human choosen passwords like rule based attacks etc (see https://hashcat.net/wiki/)

Password length 11 is already very long, even for MD4 ! it's not very feasible to just "brute-force" it.
Reply
#10
(11-29-2019, 09:34 AM)philsmd Wrote: I don't agree that "H", "K", "M" and "P" are lowercase characters.

It's probably also not the best idea to mask attack such passwords (there are some exception, e.g. if you know that those passwords are not user-choosen and/or randomly generated, but that's even worse for the cracker).
There exists more clever/advanced attack modes for human choosen passwords like rule based attacks etc (see https://hashcat.net/wiki/)

Password length 11 is already very long, even for MD4 ! it's not very feasible to just "brute-force" it.
Ok, could you please make a suggestion to try ?
Reply