11-29-2010, 07:00 AM
(This post was last modified: 11-29-2010, 07:01 AM by squaredroot.)
First of all, this project is awesome. It's inspiring me to get into password cracking again. Just a few questions that hopefully someone can help out with.
1. Maybe I'm a n00b...but what is "multi-hash"? When multi-hash is listed as a feature, does that simply mean it supports multiple hash types? Or maybe multiple hashes simultaneously?
2. I've gathered that oclhashcat is not designed to be a brute-forcer, but rather rules guided/based. What is the most successful approach to cracking passwords then? Does oclhashcat use a dictionary and modify the words based on rules? (similar to JtR?) I guess my fear is that I won't find some of the passwords I need simply because I'm not trying every possible password? How effective can the rules be if I'm given an NTLM hash that I know absolutely nothing about (meaning the password policy)?
3. Is there a limit to how many ATI GPUs/video cards you can use?
4. Any other tips to get the best results for cracking passwords.
Thanks a bunch!
1. Maybe I'm a n00b...but what is "multi-hash"? When multi-hash is listed as a feature, does that simply mean it supports multiple hash types? Or maybe multiple hashes simultaneously?
2. I've gathered that oclhashcat is not designed to be a brute-forcer, but rather rules guided/based. What is the most successful approach to cracking passwords then? Does oclhashcat use a dictionary and modify the words based on rules? (similar to JtR?) I guess my fear is that I won't find some of the passwords I need simply because I'm not trying every possible password? How effective can the rules be if I'm given an NTLM hash that I know absolutely nothing about (meaning the password policy)?
3. Is there a limit to how many ATI GPUs/video cards you can use?
4. Any other tips to get the best results for cracking passwords.
Thanks a bunch!