01-11-2013, 02:39 PM
Thanks for your thoughts!
Thats not a good idea. For example on Linux the temp folder is not part of the disc. So If you computer crashes that is the case when you want to restore session but if the data is in a RAM disc its lost. Simple isnt it?
They include the pid. Its required for multiple instances check. Using --restore with some sort of parameter sounds to complex. The program would have to deal with different informations of different session from within one single session about stats it does not know. That would require inter-process communications and and and.
Yeah, thats becaise its handled from a different thread. But you have a point here, it should. What I can do is to disable writing of restore file while the tool is in pause mode, but this also means that the last unsaved restore point is not stored as well. But I guess thats a good compromis.
That is related to a very complex problem inside oclHashcat. I can tell you this happens because oclHashcat is already in the last phase of the workload you configured (Either dictionary or mask) - even if it does not look like. So oclHashcat can be in the last phase even if you just started the program. That is related to the -n paramter. See the v0.12 release notes about the technicals details of -n parameter. I dont want to explain this in detail here but maybe you can imagine. I will see if I can do a workaround in a later version for this.
Sounds like a bug. You know how to reproduce it?
You mean for hybrid attack? And the masks can be queued? Yeah I though about the same a while ago. Maybe I will find a simple way to do it but no promisses.
You can already do that, more or less with multi rules! There is also and hybrid folder in rules/ to do exactly what you want. Do: -r rules/hybrid/prepend_d.rule -r rules/hybrid/append_d.rule
If there is no console output might be because you wanted to check a to big hashlist. This part is done before it prints anything. Typically I wont go over 15 mil hashes for MD5 or 10 mil for SHA256 or bigger. This is related to so memory structures that allow oclHashcat to do check with high performance but they require more memory.
Yeah I've added this because peopl misuse -n value very often. Please read the release notes for more details. Its explained in there very well.
That sounds interessting. But why have two things that make it unique? There would be session name and hash/filename name.
(01-11-2013, 01:23 PM)falcon111 Wrote: 1. Default session restore file better be placed in temp folder, i don't think writing it onto system volume is such a good idea. I have my system volume on ssd, and writing 22M every couple minutes on it is not good.
Thats not a good idea. For example on Linux the temp folder is not part of the disc. So If you computer crashes that is the case when you want to restore session but if the data is in a RAM disc its lost. Simple isnt it?
(01-11-2013, 01:23 PM)falcon111 Wrote: 2. Default session restore file should include something unique, like pid or something. Thas way i can pause one copy and run another without bothering with session names.
On --restore you can search for the stored sessions, if there is one only session - restore it, if their number!=1 - give error.
They include the pid. Its required for multiple instances check. Using --restore with some sort of parameter sounds to complex. The program would have to deal with different informations of different session from within one single session about stats it does not know. That would require inter-process communications and and and.
(01-11-2013, 01:23 PM)falcon111 Wrote: 3. Being paused, hashcat updates restore file
Yeah, thats becaise its handled from a different thread. But you have a point here, it should. What I can do is to disable writing of restore file while the tool is in pause mode, but this also means that the last unsaved restore point is not stored as well. But I guess thats a good compromis.
(01-11-2013, 01:23 PM)falcon111 Wrote: 4. Sometimes console hangs. I can press 's' key and there's no reaction from the program, but calculations seems to go on though.
That is related to a very complex problem inside oclHashcat. I can tell you this happens because oclHashcat is already in the last phase of the workload you configured (Either dictionary or mask) - even if it does not look like. So oclHashcat can be in the last phase even if you just started the program. That is related to the -n paramter. See the v0.12 release notes about the technicals details of -n parameter. I dont want to explain this in detail here but maybe you can imagine. I will see if I can do a workaround in a later version for this.
(01-11-2013, 01:23 PM)falcon111 Wrote: 5. Runs ended with "Exhausted" sometimes showing time estimated > 10 years.
Sounds like a bug. You know how to reproduce it?
(01-11-2013, 01:23 PM)falcon111 Wrote: 6. Feature request: attack by dictionary, containing bruteforce masks, so i can specify probable masks in one file and check them all in one run. At this moment i have to write bat-files of several hashcat runs.
You mean for hybrid attack? And the masks can be queued? Yeah I though about the same a while ago. Maybe I will find a simple way to do it but no promisses.
(01-11-2013, 01:23 PM)falcon111 Wrote: 7. As i understand, hashcat can't process dictionaries with masks on both ends of the words. Hybrid attacks can add bruteforce masks to one side of the password only, making impossible to find something like 12word34 combinations.
The way i see hybrid attack - add new macros (?w for example) for a dictionary word, then specify dictionary and mask something like ?d?d?w?d?d.
You can already do that, more or less with multi rules! There is also and hybrid folder in rules/ to do exactly what you want. Do: -r rules/hybrid/prepend_d.rule -r rules/hybrid/append_d.rule
(01-11-2013, 01:23 PM)falcon111 Wrote: 8. Sometimes hashcat crashes on start with no console output.
If there is no console output might be because you wanted to check a to big hashlist. This part is done before it prints anything. Typically I wont go over 15 mil hashes for MD5 or 10 mil for SHA256 or bigger. This is related to so memory structures that allow oclHashcat to do check with high performance but they require more memory.
(01-11-2013, 01:23 PM)falcon111 Wrote: 9. Don't really understand why every run hashcat shows something like NOTE: autotuned --gpu-accel from 32 to 24. Numbers mostly different every run. Not sure why it autotunes parameters, i've specified manually, what --gpu-accel switch for then?
Yeah I've added this because peopl misuse -n value very often. Please read the release notes for more details. Its explained in there very well.
(01-11-2013, 01:23 PM)falcon111 Wrote: PS: 1, 2: Second thought on restore session filename. It can be generated on the base of hash-filename. When cracking hash.md5, session name will be hash.md5.restore. It's even better than placing files in temp folder.
That sounds interessting. But why have two things that make it unique? There would be session name and hash/filename name.