hashcat Forum - All Forums

Could use help opening my old RAR

Fri, 01 May 2026 11:19:55 +0000

While retrieving my old photo albums, I stumbled on a 1.56 GB RAR where me older photos are in.
I am trying to crack the following Hash.

$RAR3$*0*403707ca55b32e2c*9c5a6830c592342a454c9156382e4b75

I did a run with a Rockyou list and a rockyou 30.000. Im a bit lost what is next.

Im from the netherlands and i must have been 16-17 while i made this rar many years ago.
Is there a good Dutch Rockyou list available or somebody with power that can help me?

Need help to open locked pdf

Fri, 01 May 2026 06:22:52 +0000

Need help to open locked pdf
Forgot Password

I'd like to open my password-protected zip file

Thu, 30 Apr 2026 02:37:11 +0000

Hello everyone.
I locked my zip password one year ago. And I am in need to open it now.
But I can't remeber password of zip file. I should open that zip file for sure.
Regarding my friend's words, hashcat would be helpful for me to crack my zip file.

I just wanna get help even from admin, experts, but from legit, verified memebers

Looking forward to your guys's help

Best

1 Year Trying to Crack My 2013 Bitcoin Wallet — Need Expert Advice

Wed, 29 Apr 2026 05:06:30 +0000

Hey everyone,

I’m looking for some guidance from those with experience in password recovery/cracking.
For nearly a year, I’ve been trying to recover access to an old Bitcoin wallet (wallet.dat from 2013). I extracted the hash and have been attempting to crack it using an RTX 3060, but haven’t had any success so far.
Recently, I discovered Vast.ai and was able to run jobs on more powerful GPUs (including an RTX 5090). I was hopeful this would make a difference, but unfortunately, I still haven’t had any luck.

So far, I’ve tried:

Variations of old passwords I may have used
Brute force with numeric ranges (0–10 digits)
Short brute-force masks (1–5 characters, all character sets)
Large wordlists (including weakpass and similar sources)

At this point, I’m considering expanding brute-force attempts to longer character lengths, but I’m concerned about cost vs. benefit.
I’d really appreciate advice on:

The most efficient GPU(s) for this type of workload
Cost-effective strategies (especially when using rented compute like Vast.ai)
Smarter approaches beyond pure brute force (mask strategies, rule-based attacks, etc.)

Any tips or insights would be greatly appreciated.

Thanks in advance!

Password Length Limitation?

Mon, 20 Apr 2026 11:49:04 +0000

Hello All,

Hashcat noob here, been trying for a couple of days to find a password for a .7z file I created and forgot the password for, so far with no success so it's time to ask for some help.

The password I believe is 25 characters in length, the first 20 of which are lower case letters, and the last 5 are numbers.
I'm sure I have the letters and their order correct but can't remember what order and exactly what the last 5 numbers are supposed to be.

I've used The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) and John the Ripper to get the hash, and I'm trying to figure out how to find the password from that hash by entering the letters I already know and I'm hoping hashcat can find the 5 numbers I can't remember.

Tried lots of things that I don't really understand and so far the only way I've been able to get hashcat to run on the hashfile is by either:

Code:
hashcat -a 3 -m 11600 hashcat.txt

Code:
hashcat -a 0 -m 11600 hashcat.txt

With hashcat.txt being the file the hash is in.
I did remove the filename (1.7z) from the start of the hash John the Ripper gave before trying anything with hashcat, which I think I was supposed to, so now the hash starts with $7z... instead of 1.7z:$7z...
The hash is 1074 characters.

If I try to use the Hybrid Wordlist + Mask option it always fails, if I try anything but the above commands it seems to fail.
While those above do seem to be working, I figure the process might be still running when the universe ends and the last star burns out, which is why I'm wanting to know if it's possible to somehow tell hashcat the characters I already know and just have it try to find the remaining 5 numbers I can't remember?

I tried setting the -O option so it wasn't maxing out the CPU on my old clunker and got a message about too many characters for the password, maximum of 20 I think it said.
Without the -O option I think it said there was a maximum password characters of 256.

I've been reading stuff and watching tutorials etc. but not getting anywhere.
One result I remember from searching claimed hashcat could only find passwords of a certain length or under, so instead of wasting more time and getting nowhere I thought I'd ask people who know these things.

Thanks

P.S. I see when previewing this post the forum software edits my post to include words I did not type when I mentioned that Distro?
What's the deal with that?

multi GPUs configuration/overclocking

Fri, 17 Apr 2026 17:48:02 +0000

Hi there,
I am wandering if anybody can share tips on configuration/overclocking of a multi GPU rig running nvidia GPUs in an Ubuntu Linux environment to improve performance or enhance hash-rate with hashcat?
I have it running smoothly, but I think I could speed things up a little by overclocking.
Any tips or link to tutorials will be appreciated.
Many thanks.

\m/~ (>_<) ~\m/

trying to learn hashcat

Tue, 14 Apr 2026 21:15:58 +0000

first of all.....this is learning project for me

situation is next:

- i have multivolume RAR-files (part01, part02.....part11)
- it has hash format 12500 rar3-hp
- i know the password (lower alpha and numeric). i can unrar the archive. so i am not after the password, but trying to learn the use of hashcat.
- i made wordlist of 430 different entries with lower-alpha and numbers.

hashcat can't recover my password.

command is

Code:
 >hashcat.exe -a 0 -m 12500 -w 3 -S --session=tmp62B7 --potfile-disable -p : --hwmon-temp-abort=75 -o "C:\Users\xxxx\Downloads\hashcat-7.1.2\output.txt" --outfile-format=1,2 "C:\Users\xxxx\AppData\Local\Temp\tmp62B7.tmp" "C:\Users\xxxx\Downloads\random-wordlist-generator-portable\nieuw.2.txt"

hashcat (v7.1.2) starting - session [tmp62B7]

and this the result of the running session

Code:
OpenCL API (OpenCL 3.0 ) - Platform #1 [Intel(R) Corporation]

=============================================================

* Device #01: Intel(R) UHD Graphics 730, 15122/30244 MB (2047 MB allocatable), 8MCU

Minimum password length supported by kernel: 0

Maximum password length supported by kernel: 128

Minimum salt length supported by kernel: 0

Maximum salt length supported by kernel: 256

Hashes: 1 digests; 1 unique digests, 1 unique salts

Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates

Rules: 1

Optimizers applied:

* Zero-Byte

* Single-Hash

* Single-Salt

ATTENTION! Pure (unoptimized) backend kernels selected.

Pure kernels can crack longer passwords, but drastically reduce performance.

If you want to switch to optimized kernels, append -O to your commandline.

See the above message to find out about the exact limits.

Watchdog: Hardware monitoring interface not found on your system.

Watchdog: Temperature abort trigger disabled.

Host memory allocated for this attack: 2775 MB (53141 MB free)

Dictionary cache built:

* Filename..: C:\Users\xxxx\Downloads\random-wordlist-generator-portable\nieuw.2.txt

* Passwords.: 430

* Bytes.....: 5986

* Keyspace..: 430

* Runtime...: 0 secs

Approaching final keyspace - workload adjusted.

Session..........: tmp62B7

Status...........: Exhausted

Hash.Mode........: 12500 (RAR3-hp)

Hash.Target......: $RAR3$*0*9f54??????*4ba4e??????????

Time.Started.....: Tue Apr 14 22:49:43 2026 (5 secs)

Time.Estimated...: Tue Apr 14 22:49:48 2026 (0 secs)

Kernel.Feature...: Pure Kernel (password length 0-128 bytes)

Guess.Base.......: File (C:\Users\xxxx\Downloads\random-wordlist-generator-portable\nieuw.2.txt)

Guess.Queue......: 1/1 (100.00%)

Speed.#01........:      110 H/s (116.88ms) @ Accel:1 Loops:16384 Thr:36 Vec:1

Recovered........: 0/1 (0.00%) Digests (total), 0/1 (0.00%) Digests (new)

Progress.........: 430/430 (100.00%)

Rejected.........: 0/430 (0.00%)

Restore.Point....: 430/430 (100.00%)

Restore.Sub.#01..: Salt:0 Amplifier:0-1 Iteration:245760-262144

Candidate.Engine.: Host Generator + PCIe

Candidates.#01...: test8227768 -> test9993139

Started: Tue Apr 14 22:49:37 2026

Stopped: Tue Apr 14 22:49:49 2026

WinRAR info says "RAR 4.x Volume, data and names encrypted".

what am i doing wrong?
why can't hashcat find the password which is in the wordlist?

Need help recovering DiskCryptor password - first time user

Tue, 14 Apr 2026 15:19:58 +0000

Hi everyone,

I am a first-time user and I need some help recovering access to an encrypted partition on my Windows 11 computer.

Here is my situation:
- I encrypted a partition using DiskCryptor 1.3 Beta
- The partition is [internal/external, size if known]
- I have forgotten the password and cannot access the partition
- I do NOT have a backup of the header (if true)
- I am not experienced with hashcat or password recovery tools
- This is my own computer and my own data

I have already downloaded:
- Hashcat 7.1.2
- John the Ripper 1.9.0 Jumbo (Windows 64-bit)

Any help would be greatly appreciated. I just want to recover access to my own files.

Thank you in advance

Legacy Server Benchmarking: Optimizing Hashcat on Hexa Core Xeons (ProLiant BL460C)

Mon, 13 Apr 2026 13:28:05 +0000

Hey everyone, I’ve been a long-time reader of the hardware benchmarks here, but I finally have a specific project that prompted me to start a thread. I recently came into possession of some retired enterprise gear: a couple of HP ProLiant BL460C blades. These are older units, each running dual Hexa Core 2.4GHz Xeon processors. Now, I know the general consensus in the community is that GPUs are the undisputed kings for Hashcat, but I’m interested in seeing what these can do for specific algorithms where CPU-based cracking isn't completely irrelevant—perhaps for some of the more memory-hard or CPU-intensive KDFs.
The specific point I’m stuck on is the OpenCL implementation for these older Xeons. I’ve seen some conflicting info on whether the Intel CPU Runtime provides meaningful scaling when you're dealing with older architectures like this. In my limited testing, I’ve found that even though I have 12 physical cores (24 threads) available across the blade, the relatively low 2.4GHz clock speed seems to be a real bottleneck for anything beyond very basic wordlist attacks.
Personally, I just love the industrial feel of these blade servers. There’s something incredibly nostalgic about repurposing 10-year-old "top-tier" hardware, even if the fans sound like they’re trying to achieve liftoff when the workload kicks in. My little homelab setup is great for learning, but I’m wondering if I’m just fighting a losing battle against modern hardware efficiency.
Does anyone here have experience running Hashcat on older blade infrastructure, or perhaps tips on optimizing the Intel OpenCL runtime for these specific Xeon families to get the most out of the available threads? Or is the performance-to-power ratio so skewed that I’m better off just using them as a space heater for the winter?

I hit what looks like a Hashcat/ ssh2john format mismatch in the SSH key passphrase l

Thu, 09 Apr 2026 18:15:54 +0000

I hit what looks like a Hashcat/
ssh2john
format mismatch in the SSH key passphrase lab.
id_rsa
is valid now —
ssh-keygen -y -f id_rsa
prompts for the passphrase.
I extracted with:

ssh2john id_rsa > ssh.hash

ssh.hash
is one clean line starting with:

id_rsa:$sshng$6$16$...

But Hashcat
v7.1.2
rejects it:

hashcat -m 22921 ssh.hash ssh.passwords -r ssh.rule

Error:

Token length exception
No hashes loaded

And:

hashcat --identify ssh.hash

returns:

No hash-mode matches the structure of the input hash.

Has anyone seen this with newer OpenSSH
$sshng$6$16$...
hashes? Is mode
22921
currently incompatible with
ssh2john
output here, or is there a different extractor/workflow I should be using?

noob needs help

Thu, 09 Apr 2026 07:07:49 +0000

help this keeps showing

Please Help !

Mon, 06 Apr 2026 14:41:36 +0000

Hi,

I actually have a Crucial X10 Pro SSD, which I locked with a password using the "Crucial Portable SSD Utility" software. I believe this software from Crucial use a 256-bit encryption to lock the SSD.

I know a couple of password options, is there any way you can help my use Hashcat for this software ?

I have lot all my collection of pictures and vidoes of my dead grandfather who I was extremely close too, I was his only grandson.

Grateful if anyone can help me !

Thanking you,
Best regards,
Ajay Shriram

I can't get it to work

Thu, 02 Apr 2026 06:25:50 +0000

I've been trying many methods to get it working since it all started when I first installed it on my Windows 10 machine with a 5050. When I try to use Hashcat, it tells me I need compatible drivers and that I need to change them. I followed the entire process to change the drivers on the website, and when I finally manage to install them, it starts giving this error and I can't get past it.

noob can anyone help

Mon, 23 Mar 2026 16:00:45 +0000

this is what message i get when i try to run an attack

C:\hashcat-7.1.2>hashcat.exe -m 22000 output_hash.hc22000 -a 3 ?a?a?a?a?a?a?a?a?a?a
hashcat (v7.1.2) starting

OpenCL API (OpenCL 3.0 ) - Platform #1 [Intel(R) Corporation]
=============================================================
* Device #01: Intel(R) Graphics, 3543/7086 MB (1771 MB allocatable), 8MCU

Minimum password length supported by kernel: 8
Maximum password length supported by kernel: 63
Minimum salt length supported by kernel: 0
Maximum salt length supported by kernel: 256

Hash 'output_hash.hc22000': Separator unmatched
No hashes loaded.

A question on logic and approaches to cracking

Sat, 21 Mar 2026 22:52:51 +0000

Hi all,
I am pretty new to hashcat, so please forgive me if I am missing the obvious.

I am working on a 64 bit hash. I have a well tuned 8 GPU rig. First of all since cracking sessions may extend for days or weeks (or until the next big-bang) devising the right approach seems key before starting.

I have tried:

./hashcat -a 3 -m 1400 password.hash ./wordlists/* ?a?a?a?a?a?a?a?a <- this seems to be wrong as it is masking every-word in the list and switching it for every character available. Long run and no results.

With no luck. I tried just finding out the first two characters alone:

./hashcat -a 3 -m 1400 password.hash ./wordlists/* ?a?a also no results.

But got some warning about now giving hashcat enough work, however it found nothing...
Maybe I am missing something obvious?

Now, I am starting from the point of view of the worse case scenario, where the hashed password is a fully random mixture of letters,digits and symbols (including blank spaces) in no order, which would suggest that using dictionaries is useless and that that for this scenario only a full brute-force attack is the only way forward.

Is that logic correct in your experience?

Thank you.