hashcat v4.1.0
#1


Welcome to hashcat v4.1.0! 

Download binaries or sources: https://hashcat.net/hashcat/ 



This release is mostly about expanding support for new algorithms:
  • Added hash-mode 16000 = Tripcode
  • Added hash-mode 16100 = TACACS+
  • Added hash-mode 16200 = Apple Secure Notes
  • Added hash-mode 16300 = Ethereum Pre-Sale Wallet, PBKDF2-SHA256
  • Added hash-mode 16400 = CRAM-MD5 Dovecot
  • Added hash-mode 16500 = JWT (JSON Web Token)
  • Added hash-mode 16600 = Electrum Wallet (Salt-Type 1-3)
Some special note on cracking TACACS+: https://hashcat.net/forum/thread-7062.html



But there are also some deep changes related to performance:
  • A new technique to reduce PCIe transfer time by using so-called "compression" kernels
  • The OpenCL kernel thread management was refactored, giving a strong boost on PBKDF2 based kernels (WPA, etc)
  • Improved autotune support
  • Improved OpenCL JiT compiler settings
  • Workaround for some bad OpenCL runtime settings on macOS
Technical details on the new compression kernels: https://hashcat.net/forum/thread-7267.html



Full benchmark comparison from v4.0.1 to v4.1.0 for selected (most common) algorithms: 

https://docs.google.com/spreadsheets/d/1...sp=sharing

Both NVIDIA and AMD users will see performance improvements in almost all hash modes and in all attack modes.

We've also spend some time into CPU performance improvements. See the tabs for Intel I7 and AMD Ryzen for details.



New Features:
  • Added option --benchmark-all to benchmark all hash-modes (not just the default selection)
  • Removed option --gpu-temp-retain that tried to retain GPU temperature at X degrees celsius - please use driver-specific tools
  • Removed option --powertune-enable to enable power tuning - please use driver specific tools


Improvements:
  • OpenCL Kernels: Add a decompressing kernel and a compressing host code in order to reduce PCIe transfer time
  • OpenCL Kernels: Improve performance preview accuracy in --benchmark, --speed-only and --progress-only mode
  • OpenCL Kernels: Remove password length restriction of 16 for Cisco-PIX and Cisco-ASA hashes
  • Terminal: Display set cost/rounds during benchmarking
  • Terminal: Show [r]esume in prompt only in pause mode, and show [p]ause in prompt only in resume mode


Fixed Bugs:
  • Fixed a configuration setting for -m 400 in pure kernel mode which said it was capable of doing SIMD when it is not
  • Fixed a hash parsing problem for 7-Zip hashes: allow a longer CRC32 data length field within the hash format
  • Fixed a hash parsing problem when using --show/--left with hashes with long salts that required pure kernels
  • Fixed a logic error in storing temporary progress for slow hashes, leading to invalid speeds in status view
  • Fixed a mask-length check issue: return -1 in case the mask length is not within the password-length range
  • Fixed a missing check for return code in case hashcat.hcstat2 was not found
  • Fixed a race condition in combinator- and hybrid-mode where the same scratch buffer was used by multiple threads
  • Fixed a restore issue leading to "Restore value is greater than keyspace" when mask files or wordlist folders were used
  • Fixed a uninitialized value in OpenCL kernels 9720, 9820 and 10420 leading to absurd benchmark performance
  • Fixed the maximum password length check in password-reassembling function
  • Fixed the output of --show when $HEX[] passwords were present within the potfile


Technical:
  • Autotune: Improve autotune engine logic and synchronize results on same OpenCL devices
  • Documents: Added docs/limits.txt
  • Files: Copy include/ folder and its content when SHARED is set to 1 in Makefile
  • Files: Switched back to relative current working directory on windows to work around problems with Unicode characters
  • Hashcat Context: Fixed a memory leak in shutdown phase
  • Hash Parser: Changed the way large strings are handled/truncated within the event buffer if they are too large to fit
  • Hash Parser: Fixed a memory leak in shutdown phase
  • Hash Parser: Fixed the use of strtok_r () calls
  • OpenCL Devices: Fixed several memory leaks in shutdown phase
  • OpenCL Kernels: Add general function declaration keyword (inline) and some OpenCL runtime specific exceptions for NV and CPU devices
  • OpenCL Kernels: Replace variables from uXX to uXXa if used in __constant space
  • OpenCL Kernels: Use a special kernel to initialize the password buffer used during autotune measurements, to reduce startup time
  • OpenCL Kernels: Refactored kernel thread management from native to maximum per kernel
  • OpenCL Kernels: Use three separate comparison kernels (depending on keyver) for WPA instead of one
  • OpenCL Runtime: Add current timestamp to OpenCL kernel source in order to force OpenCL JiT compiler to not use the cache
  • OpenCL Runtime: Enforce use of OpenCL version 1.2 to restrain OpenCL runtimes to make use of the __generic address space qualifier
  • OpenCL Runtime: Updated rocm detection
  • Returncode: Enforce return code 0 when the user selects --speed-only or --progress-only and no other error occurs
  • Rules: Fixed some default rule-files after changing rule meaning of 'x' to 'O'
  • Self Test: Skip self-test for mode 8900 - user-configurable scrypt settings are incompatible with fixed settings in the self-test hash
  • Self Test: Skip self-test for mode 15700 because the settings are too high and cause startup times that are too long
  • Terminal: Add workitem settings to status display (can be handy for debugging)
  • Terminal: Send clear-line code to the same output stream as the message immediately following
  • Timer: Switch from gettimeofday() to clock_gettime() to work around problems on cygwin
  • User Options: According to getopts manpage, the last element of the option array has to be filled with zeros


- atom
#2
Awesome as usual, thanks!
#3
Nice! 20% improvement in WPA is a pretty HUGE accomplishment. Thank you hashcat team for your dedicated work!
#4
Awesome. Great job. Thanks for your big efforts.
Now let us look optimistically into the future: FreeRADIUS, VPN and TLS (and some EAP variants) are on top of the list.
Cheers
#5
I can only second that - awesome Job! Thank you very much!
#6
Thanks for the great work again, the world would look different if every company would improve their software in that way - seriously.

Btw. there is an error in the comparison files. Negative improvements are calculated wrong. You can easily spot that on the Ryzen page, where the NetNTLMv1 performance drops from 666.272.323 to 373.110.571 and the drop is calculated with -78.57%.
Seems the formula is rather complicated with "=IF(C11<D11,(D11-C11)/C11,((C11-D11)/D11)*-1)".
A simple "=D11/C11-1" results in correct calculations.
#7
Thanks for the hard work and dedication atom! Amazing that you put all this together without charging a penny! Big Grin
#8
Thanks for the awesome tool !!!
#9
Cool, will test on the rig early next week. As for removing the --gpu-temp-retain option and refer to driver-specific tools; any examples on tools for e.g. GTX 1080 Ti and newest NVIDIA drivers?
#10
Impressive performance gains, great work!

(02-23-2018, 02:28 PM)voideater Wrote: [...] As for removing the --gpu-temp-retain option and refer to driver-specific tools; any examples on tools for e.g. GTX 1080 Ti and newest NVIDIA drivers?
I'm interested on any outcome or best practices on this as well as in the past I've used the --gpu-temp-retain switch to avoid aborting due to overheating as I found the cards/drivers default temp-curve somewhat too defensive leading to quick heat-up without the fans spinning up quick enough.

Seems the case on both, windows and linux so I'd be interested in examples for both OSes regarding driver-specific tools.
Guess MSI-Afterburner is still one of the recommendable win-tools?

No general cooling prob in my case as my system runs stable for days at loads >90% once all card's fans have settled to their speed (~60-70%).

Cheers, red