restarting dictionary with rules
#1
I am planning on slowly cracking through a series of captured WPA handshakes. Running through rockyou.txt with best64 rules takes approximately 4 days on my GPU(9800m GS@ 3800c/s), but my laptop has some issues with stability. I am wondering if it is possible to restart a crashed or otherwise stopped dictionary with rules attack using cudaHashcat64Plus.
#2
No, only oclHashcat-lite can do this. oclHashcat-plus is designed for short runs.
#3
(06-11-2012, 09:31 AM)atom Wrote: No, only oclHashcat-lite can do this. oclHashcat-plus is designed for short runs.

Unless im missing something, lite doesnt appear to have -m 2500 or option to run dictionary with rules.

When you mention that it can do this, are you referring to 'possible to restart a crashed or otherwise stopped dictionary with rules attack' or just restart a bruteforce attack on a different hash type?
#4
(06-11-2012, 09:31 AM)atom Wrote: No, only oclHashcat-lite can do this. oclHashcat-plus is designed for short runs.

I don't know if it's possible, and I understand there are some technical issues, but would it be practical to have a sort of half-way option for those of us that do end up with longer runs for whatever reason?

Specifically:
1) Assume a user has a known starting command line, and a fixed dictionary, rules, OS, and hardware.

2) I am assuming, perhaps falsely, that if the user does this five times, I am assuming that internally, the same order will be followed; perhaps it's difficult to predict, but the same order nonetheless.

3) I am assuming, perhaps falsely, that it would be possible to track approximate progress somehow (percentage, number of tries so far, any other number that's meaningful here and isn't based on time)

4) I am assuming that the bulk of the time is spent actually doing the hashing.

5) Therefore, if these assumptions are all true, I suggest that maybe it would be possible to add a parameter for the approximate progress to date. Then oclhashcat-plus could use a "null" hash for that amount of progress, and the actual hash for the remainder. Either a branch could be put inline, or the "null" hash could perhaps be used to get to the state for the real hash, and then the "real" code could be substituted with that state?
#5
There is some neat trick: https://hashcat.net/wiki/oclhashcat_plus#resume_support