md5(salt.pass) troubles and tricks
#11
Finally found:

http://hashcat.net/wiki/mask_attack
Quote:Optimized due its partially reverse algorithms, password candidates are generated in the following order:

aaaaaaaa
aaaabaaa
aaaacaaa
.
.
.
aaaaxzzz
aaaayzzz
aaaazzzz
baaaaaaa
baaabaaa
baaacaaa
.
.
.
baaaxzzz
baaayzzz
baaazzzz
.
.
.
zzzzzzzz
#12
You can also use attack mode 6 (dict + mask) with oclhashcat-plus and use the salts as a dictionary.
#13
new plus will support generic md5(salt.pass)
#14
Thx... and you can guide the timing of the release of new version?
I would also like to become a beta tester, if possible
#15
Become a beta-tester is OK, all you need to do is to send me a test-plan. This ensures you are not trying to become a beta-tester so you have the new algorithms earlier. Otherwise just wait for the new release.
#16
And what about ordering?
Test case
Code:
md5(str_repeat('a',16))=='23ca472302f49b3ea5592b146a312da0'
Testing
Code:
./oclHashcat-lite64.bin -m 0 23ca472302f49b3ea5592b146a312da0 -1 abcde ?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1 --pw-min 16 -s 120544432500
false (pass not found)

./oclHashcat-lite64.bin -m 0 23ca472302f49b3ea5592b146a312da0 -1 abcde ?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1 --pw-min 16 -s 120544432499
true (pass found)

What about wiki? It is wrong as i see:
Quote:Optimized due its partially reverse algorithms, password candidates are generated in the following order:

aaaaaaaa
aaaabaaa
aaaacaaa
.
.
.
aaaaxzzz
aaaayzzz
aaaazzzz
baaaaaaa
baaabaaa
baaacaaa
.
.
.
baaaxzzz
baaayzzz
baaazzzz
.
.
.
zzzzzzzz

Fuzzing Smile table:

Code:
pass                       pos
aaaaaaaaaaaaaaab   90026854375
aaaaaaaaaaaabaaa   116638182500
aaaaaaaacaaaaaaa   120537791875
aaaaaaaabaaaaaaa   120538182500
aaaaaaaaaaaaaaaa   120544432500
#17
will latest version markov kicked in and changed everything. you can try --markov-disable. the wiki needs to be updated, that is true
#18
(08-10-2012, 09:22 PM)atom Wrote: will latest version markov kicked in and changed everything. you can try --markov-disable. the wiki needs to be updated, that is true
and what is order with the --markov-disable option?

Because aaaaaaaaaaaaaaaa is not first in order, but 625 AND (!!!) 152587890255 . Why?!
Code:
./oclHashcat-lite64.bin -m 0 23ca472302f49b3ea5592b146a312da0 -1 abcde ?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1 --pw-min 16 --markov-disable -s 624
oclHashcat-lite v0.10 by atom starting...

Password lengths range: 16 - 55
Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 80c
Device #1: Cayman, 1024MB, 830Mhz, 24MCU
Device #2: Cayman, 1024MB, 830Mhz, 24MCU

                                    
23ca472302f49b3ea5592b146a312da0:aaaaaaaaaaaaaaaa

Status.......: Cracked
Hash.Target..: 23ca472302f49b3ea5592b146a312da0
Hash.Type....: MD5
Time.Running.: 0 secs
Time.Left....: 17 secs
Plain.Mask...: ?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1
Plain.Text...: ****ccaeaaaaaaaa
Plain.Length.: 16
Progress.....: 125829120/152587890625 (0.08%)

Code:
./oclHashcat-lite64.bin -m 0 23ca472302f49b3ea5592b146a312da0 -1 abcde ?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1 --pw-min 16 --markov-disable -s 152587890255
oclHashcat-lite v0.10 by atom starting...

Password lengths range: 16 - 55
Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 80c
Device #1: Cayman, 1024MB, 830Mhz, 24MCU
Device #2: Cayman, 1024MB, 830Mhz, 24MCU

                                    
23ca472302f49b3ea5592b146a312da0:aaaaaaaaaaaaaaaa

Status.......: Cracked
Hash.Target..: 23ca472302f49b3ea5592b146a312da0
Hash.Type....: MD5
Time.Running.: 0 secs
Time.Left....: 0 secs
Plain.Mask...: ?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1
Plain.Text...: ****abacaaaaaaaa
Plain.Length.: 16
Progress.....: 152587890256/152587890625 (100.00%)
#19
(08-06-2012, 02:02 PM)atom Wrote: new plus will support generic md5(salt.pass)

Great news, thanks atom! Does this include the sha families as well? I've been needing a sha256(salt.pass) for a while so this would be awesome whenever it comes.
#20
yes Smile