Can't load GPG Hash??
#1
Question 
Hi guys,

I would really appreciate some guidance here. I spent hours in googling, trying to understand, having conversations with ChatGPT etc pp, but now I am at a dead-end and asking some smart people here for help  :-)

My setup:

Code:
hashcat (v6.2.6-813-g686bc227c) starting in backend information mode


CUDA Info:
==========

CUDA.Version.: 12.7

Backend Device ID #1 (Alias: #2)
  Name...........: NVIDIA GeForce RTX 4090
  Processor(s)...: 128
  Clock..........: 2625
  Memory.Total...: 24563 MB
  Memory.Free....: 22994 MB
  Local.Memory...: 99 KB
  PCI.Addr.BDFe..: 0000:01:00.0

OpenCL Info:
============

OpenCL Platform ID #1
  Vendor..: NVIDIA Corporation
  Name....: NVIDIA CUDA
  Version.: OpenCL 3.0 CUDA 12.7.33

  Backend Device ID #2 (Alias: #1)
    Type...........: GPU
    Vendor.ID......: 32
    Vendor.........: NVIDIA Corporation
    Name...........: NVIDIA GeForce RTX 4090
    Version........: OpenCL 3.0 CUDA
    Processor(s)...: 128
    Clock..........: 2625
    Memory.Total...: 24563 MB (limited to 6140 MB allocatable in one block)
    Memory.Free....: 24448 MB
    Local.Memory...: 48 KB
    OpenCL.Version.: OpenCL C 1.2
    Driver.Version.: 566.36
    PCI.Addr.BDF...: 01:00.0

OpenCL Platform ID #2
  Vendor..: Advanced Micro Devices, Inc.
  Name....: AMD Accelerated Parallel Processing
  Version.: OpenCL 2.1 AMD-APP (3608.0)

  Backend Device ID #3
    Type...........: GPU
    Vendor.ID......: 1
    Vendor.........: Advanced Micro Devices, Inc.
    Name...........: AMD Radeon(TM) Graphics
    Version........: OpenCL 2.0 AMD-APP (3608.0)
    Processor(s)...: 1
    Clock..........: 2200
    Memory.Total...: 24561 MB (limited to 10221 MB allocatable in one block)
    Memory.Free....: 12224 MB
    Local.Memory...: 64 KB
    OpenCL.Version.: OpenCL C 2.0
    Driver.Version.: 3608.0 (PAL,LC)
    PCI.Addr.BDF...: 69:00.0

I used the encryption tool from here:  Gpg4win - Secure email and file encryption with GnuPG for Windows
and created a symmetric encrypted file (see attached "file.txt.gpg.txt" remove the ".txt" part).

Then I used "gpg2john" to create the hash file (see attached "hash.txt") and then I tried to load it into hashcat and that's where I am stuck now:

Code:
hashcat.exe -m 17030 -a 3 hash.txt -1 1234faolMP3#$ ?1?1?1?1
hashcat (v6.2.6-813-g686bc227c) starting

hiprtcCompileProgram is missing from HIPRTC shared library.

Support for HIPRTC was dropped by AMD Adrenalin Edition 22.7.1 and later.
This is not a hashcat problem.

Please install the AMD HIP SDK

* Device #1: WARNING! Kernel exec timeout is not disabled.
            This may cause "CL_OUT_OF_RESOURCES" or related errors.
            To disable the timeout, see: https://hashcat.net/q/timeoutpatch
* Device #2: WARNING! Kernel exec timeout is not disabled.
            This may cause "CL_OUT_OF_RESOURCES" or related errors.
            To disable the timeout, see: https://hashcat.net/q/timeoutpatch
ADL2_Overdrive_Caps(): -8

ADL2_Overdrive_Caps(): -8

ADL2_Overdrive_Caps(): -8

ADL2_Overdrive_Caps(): -8

ADL2_Overdrive_Caps(): -8

CUDA API (CUDA 12.7)
====================
* Device #1: NVIDIA GeForce RTX 4090, 22994/24563 MB, 128MCU

OpenCL API (OpenCL 3.0 CUDA 12.7.33) - Platform #1 [NVIDIA Corporation]
=======================================================================
* Device #2: NVIDIA GeForce RTX 4090, skipped

OpenCL API (OpenCL 2.1 AMD-APP (3608.0)) - Platform #2 [Advanced Micro Devices, Inc.]
=====================================================================================
* Device #3: AMD Radeon(TM) Graphics, 12224/24561 MB (10221 MB allocatable), 1MCU

Minimum password length supported by kernel: 0
Maximum password length supported by kernel: 256

Hashfile 'hash.txt' on line 1 ($gpg$*...18*8*9*62914560*1a5c6a8e16d90b5b): Token length exception

* Token length exception: 1/1 hashes
  This error happens if the wrong hash type is specified, if the hashes are
  malformed, or if input is otherwise not as expected (for example, if the
  --username option is used but no username is present)

No hashes loaded.

Started: Fri Dec 27 12:05:24 2024
Stopped: Fri Dec 27 12:05:30 2024

As a side-question: I wonder why it says it skipped my 4090...


Attached Files
.txt   hash.txt (Size: 205 bytes / Downloads: 5)
.txt   file.txt.gpg.txt (Size: 97 bytes / Downloads: 5)
Reply
#2
Pardon for posting the hash, I only realized now that this as per the forum rules is not allowed. The hash is innocent, though, it's a file I created myself and the password is "1234", so no harm to anyone done here.

Again, apologies.
Reply
#3
It looks like hashcat doesn't support this exact hash format.
But you can use John the Ripper to crack that (--format=gpg-opencl).
Reply
#4
Hashcat supports 3 types of GPG:

17010 GPG (AES-128/AES-256 (SHA-1($pass)))
17020 GPG (AES-128/AES-256 (SHA-512($pass)))
17030 GPG (AES-128/AES-256 (SHA-256($pass)))

Yours does not seem to be one of them because your hash starts with $gpg$*0* which does not match any of these 3.

with gpg2john you can add a debug flag (-d) and it wil print out information about the file such as the algorithm used. That way you can check which mode your Gpg4win used to create your file.
Reply
#5
(12-27-2024, 03:45 PM)buka Wrote: It looks like hashcat doesn't support this exact hash format.
But you can use John the Ripper to crack that (--format=gpg-opencl).

I never got the GPU working with JtR...Hashcat is so much better in this regard...
Reply
#6
(12-27-2024, 04:05 PM)DanielG Wrote: Hashcat supports 3 types of GPG:

17010 GPG (AES-128/AES-256 (SHA-1($pass)))
17020 GPG (AES-128/AES-256 (SHA-512($pass)))
17030 GPG (AES-128/AES-256 (SHA-256($pass)))

Yours does not seem to be one of them because your hash starts with $gpg$*0* which does not match any of these 3.

with gpg2john you can add a debug flag (-d) and it wil print out information about the file such as the algorithm used. That way you can check which mode your Gpg4win used to create your file.

Thank you, I will check this over the weekend and report back.
Reply
#7
(12-27-2024, 04:05 PM)DanielG Wrote: Hashcat supports 3 types of GPG:

17010 GPG (AES-128/AES-256 (SHA-1($pass)))
17020 GPG (AES-128/AES-256 (SHA-512($pass)))
17030 GPG (AES-128/AES-256 (SHA-256($pass)))

Yours does not seem to be one of them because your hash starts with $gpg$*0* which does not match any of these 3.

with gpg2john you can add a debug flag (-d) and it wil print out information about the file such as the algorithm used. That way you can check which mode your Gpg4win used to create your file.

This is what I have got:

Code:
gpg2john.exe -d C
:\Users\xxx\Desktop\file.txt.gpg.txt

File C:\Users\xxx\Desktop\file.txt.gpg.txt
Old: Symmetric-Key Encrypted Session Key Packet(tag 3)(13 bytes) partial start
Packet type 3, len 13 at offset 2  (Processing) (pkt-type Symmetric_Key_Encrypted_Session_Key_Packet) (Partial no)
        Sym alg - AES with 256-bit key(sym 9)
        Iterated and salted string-to-key(s2k 3):
                        Salt - 1a5c6a8e16d90b5b
                Count - 62914560(coded count 254)
New: Symmetrically Encrypted and MDC Packet(tag 18)(80 bytes) partial start
Packet type 18, len 80 at offset 17  (Processing) (pkt-type Symmetrically_Encrypted_and_MDC_Packet) (Partial no)
        Ver 1
        Encrypted data [sym alg is specified in sym-key encrypted session key]
unexpected end of file.

Any idea what I can do with that?
Reply
#8
Anyone an idea?
Reply