distributed cracking: relation between -s/-l value and Restore.Point value when cracked
#1
(03-30-2017, 11:01 AM)philsmd Wrote: This question is also within the most frequently asked questions (wiki page): https://hashcat.net/faq#what_is_a_keyspace

Can you explain what does base loop mask and mod loop mask mean? I am not able to understand it. I have similar use case of @jason that I need to distribute the masked workload across different computers. Also, I have the same question as pointed in the below link, load is not being properly distributed 
https://hashcat.net/forum/thread-6447-po...l#pid34362

My situation: I need to distribute the load of a hash with "?l?l?l?l?l?l" and I did some testing locally before doing in distributed setup. Below are my observations (I know my password is: liminj and Im just doing some testing)

First,
1. I tried with no -s / -l flags and result as is attache in 1.png. As you can see that the restore point says 159744 (which I am assuming that it checked for 159744 combinations and then found the password).

2. So, what I did next was keeping flags -s 0 -l 150000 and as expected result was as attached in 2.png (keyspace was exhausted as I have given a number less than 159744 which I found in step 1). I also tried giving -s 160000 -l 10000, and it failed for the same explanation

3. Next, I tried with -s 150000 -l 10000 (as in 3.png) and Im now expecting it to crack the hash as initially it was able to find it at 159744 which s between 150000 and 150000+10000= 160000 but it still says keyspace is exhausted.

Why is it happening? and where am I understanding it wrong?

4. With the same system setup etc. I tried with as 4.png , it cracked it well. Again, why? 

5. Next, for the same password hash I gave as attached in 5.png (-s 160000 and no -l, which I am assuming that the tool would start cracking the hashes from 160000 which should not involve 159744 where we earlier found the password). I am expecting to not get the hash cracked as it is searching 160000+ and our 159744 is less than that but it found the password. Why? Is it searching for 0-160000? instead of 160000+?


Attached Files
.png   1.PNG (Size: 51.4 KB / Downloads: 11)
.png   2.PNG (Size: 51.74 KB / Downloads: 5)
.png   3.PNG (Size: 25.26 KB / Downloads: 4)
.png   5.PNG (Size: 25.35 KB / Downloads: 4)
.png   4.PNG (Size: 24.59 KB / Downloads: 6)


Messages In This Thread
distributed cracking: relation between -s/-l value and Restore.Point value when cracked - by ytbe.use3 - 03-31-2017, 01:53 AM