Hashcat and linux process substitution
#1
Hello,

Running on bash version 4.4.20, when i run:
hashcat -m 16500 hashes.txt <(cat wordlist)

I get:
Session..........: hashcat                     
Status...........: Exhausted
Hash.Type........: JWT (JSON Web Token)
Hash.Target......: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhY2MiOiI2MT...ygih0E
Time.Started.....: Tue Apr  7 23:36:42 2020 (0 secs)
Time.Estimated...: Tue Apr  7 23:36:42 2020 (0 secs)
Guess.Base.......: File (/dev/fd/63)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:        0 H/s (0.00ms) @ Accel:512 Loops:1 Thr:64 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 0
Rejected.........: 0
Restore.Point....: 0
Restore.Sub.#1...: Salt:0 Amplifier:0-0 Iteration:0-1
Candidates.#1....: [Copying]
Hardware.Mon.#1..: Temp: 47c Util:  0% Core:1493MHz Mem:3504MHz Bus:16


And even though the actual password is included in the list, hashcat cannot find it.
The same stands true for using process substitution for the hashes (e.g. <(cat hashes.txt))

More on process substitution: https://tldp.org/LDP/abs/html/process-sub.html 
Summary: Bash creates a pipe with two file descriptors--fIn and fOut--. The stdin of the enclosed command connects to fOut (dup2(fOut, 0)), then Bash passes a /dev/fd/fIn argument to echo. On systems lacking /dev/fd/<n> files, Bash may use temporary files. (Thanks, S.C.)
Reply
#2
use
Code:
cat wordlist | hashcat -m 16500 -a 0 hashes.txt

instead... if and only if you really need to use a separate command (not using the dictionary directly, which of course should be preferred).

The problem with named pipes is that you can't really rewind/seek them and whenever hashcat loads a dictionary file it wants to count the line numbers for progress etc (i.e. search for newlines, test for valid lines, for statistics/progress and start all over to actually run the password candidates).
Reply