hashcat Forum - hashcat

Hashcat cant find password, veracrypt encryption not supported?

Sun, 28 Jun 2026 15:09:20 +0000

Hello,

could it be real that sha-256 aes-twofish + boot is not supported?
I tested on purpose.
i encrypted a hdd with veracrypt aes-twofish with sha-256 full disk encryption with pre boot and pim

Then i connect the hdd with usb to my linux computer, when i mount with veracrypt it works.

when i make a file with dd and try with hashcat mode 13761 its loading, running but cant find the password.
the password is 100% in the .txt file.
pim start and stop also 100% with right pim.

i tested 13761, 62, 63 , 51 ,52

when i use mode 29461,62,63 it says no hashes loaded.
i guess 13761 should be the right one.
chatgpt told me the encryption is not supported, is it right? what can i do?

also when i look here https://hashcat.net/wiki/doku.php?id=example_hashes
i cant find aes twofish sha 256 + boot.

maybe someone can help me?

Linux + hashcat + OpenCL on Intel CPU

Wed, 17 Jun 2026 23:58:02 +0000

There was thread about it but closed, couln't post.

To use Intel CPU with OpenCL on Linux the Intel pages won't help you.

Instead of that install these packages:

Code:
#!/usr/bin/env bash

sudo apt update

sudo apt install clinfo

sudo apt install intel-opencl-icd

sudo apt install libpocl-dev

sudo apt install nvidia-opencl-icd

sudo apt install ocl-icd-libopencl1

sudo apt install ocl-icd-opencl-dev

sudo apt install opencl-headers

sudo apt install pocl-opencl-icd

For hardware like Intel NUC with 11th Gen Intel(R) Core(TM) i9-11900KB @ 3.30GHz and Intel TigerLake-H GT1 [UHD Graphics] i915 the CPU gives 5356 h/s and GPU 2112 h/s.

I forgot my phones lock screen password. Willing to do or learn what it takes to open

Wed, 10 Jun 2026 12:15:25 +0000

For context I have a Oneplus 9R running on Android 14 that has its lock screen locked its a 6 digit numeric pin, I know the first two digits but have mistyped the rest. I cant access the files because of android usb debugging needing permissions to access the files (requiring the phone to be unlocked). So even if my goal was to recover my files it wouldnt be possible unless someone can also recommend me a way to bypass usb debugging so I can at least just backup my files and reset the phone to factory settings.

I've scoured the forums for any guide or previous instances but its so few and the last working guide was only running android 5 and is on a samsung device. I know I need a "hash" or something which was very confusing for me because the previous guide required the phone to be unlocked and access its files to find the "hash" which to me defeats the purpose of recovering your password if your phone is already unlocked am I missing something here?

I have a windows 11 pc with a ryzen 5 5600g processor and using its integrated gpu which is equivalent to NVIDIA GT 1030. But can also rent a high end pc if needed. This phone is everything to me I am willing to wait and learn I dont care how long it takes I just need to know how do I do it. Please help me.

Understanding the format for yescrypt

Fri, 29 May 2026 15:24:12 +0000

Hi,

I am attempting to recover a Linux user password, and in the decade since the last time I used jtr and hashcat things have changed on me. The system is using yescrypt, and I'm having difficulty reformatting the shadow line to match hashcat's format.

From the example hashes wiki page it needs to follow this format:
SCRYPT:16384:8:1:OTEyNzU0ODg=:Cc8SPjRH1hFQhuIPCdF51uNGtJ2aOY/isuoMlMUsJ8c=

The shadow hash has this this format: `$y$j9T$salt$hash`.

Following along with this SO answer the j9T should correspond to SCRYPT:182:4096:32alt:hash. Using this line with mode -m 70200 results in a token length or encoding exception.

I also came across the format hash guidance wiki page, which mentions the difference between Linux hashes and the expected format for hashcat, but has TBD for a conversion tool.

I'd appreciate any troubleshooting advice.

Hashcat 7.1.2 - LUKS V2 Issue

Sat, 16 May 2026 23:17:46 +0000

Hi,

I'm trying to use Hashcat to do a dictionary attack on a volume that I apparently lost the password to.

Here's what I'm doing and what I'm getting:

cryptsetup luksDump for the volume:
UKS header information
Version:        2
Epoch:          3
Metadata area: 16384 [bytes]
Keyslots area: 16744448 [bytes]
UUID:           120c05ee-88ae-4ac1-babb-e9aac56c6c19
Label:          (no label)
Subsystem:      (no subsystem)
Flags:          (no flags)

Data segments:
0: crypt
       offset: 16777216 [bytes]
       length: (whole device)
       cipher: aes-xts-plain64
       sector: 4096 [bytes]

Keyslots:
0: luks2
       Key:        512 bits
       Priority:   normal
       Cipher:     aes-xts-plain64
       Cipher key: 512 bits
       PBKDF:      argon2id
       Time cost: 9
       Memory:     1048576
       Threads:    4
       Salt:       05 06 90 e4 a1 25 85 e1 d1 5e 39 51 de f0 48 4c
                   79 de f8 b9 37 2d 3f 93 a2 1c d1 ef 3f e7 58 fd
       AF stripes: 4000
       AF hash:    sha512
       Area offset:32768 [bytes]
       Area length:258048 [bytes]
       Digest ID: 0
Tokens:
Digests:
0: pbkdf2
       Hash:       sha512
       Iterations: 360583
       Salt:       8a ec b3 78 87 58 97 98 3d 7b cc 7b 76 d1 53 ba
                   30 b4 ce 7f 0d b2 56 c3 2e 87 6f ab 0e f6 d6 df
       Digest:     3f ff f9 22 2c e1 13 b2 3f 19 6d 0c 96 dd c7 ee
                   f7 c5 2b 9e c4 f6 44 80 52 7d 0a d6 60 92 7f b9
                   67 78 5f 19 80 4a 3f ee e6 48 6a 4a 66 f8 c5 dc
                   71 93 ff 21 1d d9 5b 87 2e 71 fc 84 bf fe 4d 97

I then ran luks2hashcat.py on the volume and piped it with > to luks.hash.

Then, I ran
sudo ./hashcat.bin -a 0 -m 34100 luks.hash p.txt

p.txt is my password manager export of passwords.

I receive this error:

Hashfile 'md.hash' on line 1 ($luks$...21dd732703d6aabce6dc5d8a3108a336): Signature unmatched

Hash file starts with:
$luks$2$argon2id$sha512$aes$xts-plain64$512$m=1048576,t=9,p=(then 262,143 characters)

Am I doing something wrong?

Veracrypt + PIM hashcat command

Sat, 16 May 2026 23:11:59 +0000

Greetings,

may I ask for help? I have locked couple years ago my usb disk with veracrypt ( not sure what version was in that time) but also used PIM. I think 00 or 01 or 11 or 1. I have extracted the has for the flash disk volume. But also dont remember if I used SHA 256 or 512.

I have created some list of possible combination of words and numbers. Nothing else it cant be. How should look the hashcat command to use my list of passwords eg. pw.txt and PIM=11 ?

thank you

Assistance needed: 7-Zip hash recovery (Static part known)

Sat, 09 May 2026 05:36:54 +0000

Hi everyone,I need some help recovering the password for a personal family archive (7-Zip).

I’ve already done some work on my RTX 4060, but I’ve hit a wall and could use some more power.

I have attached the file with the hash to this message.

I have attached the hash file to this post.Password details:Static part (Known base): FBJKY33EBalabanov

Estimated length: 18-22 characters.

Estimated length: 18–22 characters.Potential variations: There is likely a typo in the middle or at the end. It might end with digits or special characters like !, $, or letters (e.g., v1!, v1$).Keyboard layout: There's a possibility it was typed using a Russian layout but with English characters (e.g., АИЛЛН33У instead of FBJKY33E).

Important Note During my local brute-force, I found a collision: FBJKY33EBalabanovv1!

But the archive does not open

I will be glad for any help

hash.txt (Size: 180.3 KB / Downloads: 5)

Could use help opening my old RAR

Fri, 01 May 2026 11:19:55 +0000

While retrieving my old photo albums, I stumbled on a 1.56 GB RAR where me older photos are in.
I am trying to crack the following Hash.

$RAR3$*0*403707ca55b32e2c*9c5a6830c592342a454c9156382e4b75

I did a run with a Rockyou list and a rockyou 30.000. Im a bit lost what is next.

Im from the netherlands and i must have been 16-17 while i made this rar many years ago.
Is there a good Dutch Rockyou list available or somebody with power that can help me?

I'd like to open my password-protected zip file

Thu, 30 Apr 2026 02:37:11 +0000

Hello everyone.
I locked my zip password one year ago. And I am in need to open it now.
But I can't remeber password of zip file. I should open that zip file for sure.
Regarding my friend's words, hashcat would be helpful for me to crack my zip file.

I just wanna get help even from admin, experts, but from legit, verified memebers

Looking forward to your guys's help

Best

1 Year Trying to Crack My 2013 Bitcoin Wallet — Need Expert Advice

Wed, 29 Apr 2026 05:06:30 +0000

Hey everyone,

I’m looking for some guidance from those with experience in password recovery/cracking.
For nearly a year, I’ve been trying to recover access to an old Bitcoin wallet (wallet.dat from 2013). I extracted the hash and have been attempting to crack it using an RTX 3060, but haven’t had any success so far.
Recently, I discovered Vast.ai and was able to run jobs on more powerful GPUs (including an RTX 5090). I was hopeful this would make a difference, but unfortunately, I still haven’t had any luck.

So far, I’ve tried:

Variations of old passwords I may have used
Brute force with numeric ranges (0–10 digits)
Short brute-force masks (1–5 characters, all character sets)
Large wordlists (including weakpass and similar sources)

At this point, I’m considering expanding brute-force attempts to longer character lengths, but I’m concerned about cost vs. benefit.
I’d really appreciate advice on:

The most efficient GPU(s) for this type of workload
Cost-effective strategies (especially when using rented compute like Vast.ai)
Smarter approaches beyond pure brute force (mask strategies, rule-based attacks, etc.)

Any tips or insights would be greatly appreciated.

Thanks in advance!

Password Length Limitation?

Mon, 20 Apr 2026 11:49:04 +0000

Hello All,

Hashcat noob here, been trying for a couple of days to find a password for a .7z file I created and forgot the password for, so far with no success so it's time to ask for some help.

The password I believe is 25 characters in length, the first 20 of which are lower case letters, and the last 5 are numbers.
I'm sure I have the letters and their order correct but can't remember what order and exactly what the last 5 numbers are supposed to be.

I've used The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) and John the Ripper to get the hash, and I'm trying to figure out how to find the password from that hash by entering the letters I already know and I'm hoping hashcat can find the 5 numbers I can't remember.

Tried lots of things that I don't really understand and so far the only way I've been able to get hashcat to run on the hashfile is by either:

Code:
hashcat -a 3 -m 11600 hashcat.txt

Code:
hashcat -a 0 -m 11600 hashcat.txt

With hashcat.txt being the file the hash is in.
I did remove the filename (1.7z) from the start of the hash John the Ripper gave before trying anything with hashcat, which I think I was supposed to, so now the hash starts with $7z... instead of 1.7z:$7z...
The hash is 1074 characters.

If I try to use the Hybrid Wordlist + Mask option it always fails, if I try anything but the above commands it seems to fail.
While those above do seem to be working, I figure the process might be still running when the universe ends and the last star burns out, which is why I'm wanting to know if it's possible to somehow tell hashcat the characters I already know and just have it try to find the remaining 5 numbers I can't remember?

I tried setting the -O option so it wasn't maxing out the CPU on my old clunker and got a message about too many characters for the password, maximum of 20 I think it said.
Without the -O option I think it said there was a maximum password characters of 256.

I've been reading stuff and watching tutorials etc. but not getting anywhere.
One result I remember from searching claimed hashcat could only find passwords of a certain length or under, so instead of wasting more time and getting nowhere I thought I'd ask people who know these things.

Thanks

P.S. I see when previewing this post the forum software edits my post to include words I did not type when I mentioned that Distro?
What's the deal with that?

multi GPUs configuration/overclocking

Fri, 17 Apr 2026 17:48:02 +0000

Hi there,
I am wandering if anybody can share tips on configuration/overclocking of a multi GPU rig running nvidia GPUs in an Ubuntu Linux environment to improve performance or enhance hash-rate with hashcat?
I have it running smoothly, but I think I could speed things up a little by overclocking.
Any tips or link to tutorials will be appreciated.
Many thanks.

\m/~ (>_<) ~\m/

trying to learn hashcat

Tue, 14 Apr 2026 21:15:58 +0000

first of all.....this is learning project for me

situation is next:

- i have multivolume RAR-files (part01, part02.....part11)
- it has hash format 12500 rar3-hp
- i know the password (lower alpha and numeric). i can unrar the archive. so i am not after the password, but trying to learn the use of hashcat.
- i made wordlist of 430 different entries with lower-alpha and numbers.

hashcat can't recover my password.

command is

Code:
 >hashcat.exe -a 0 -m 12500 -w 3 -S --session=tmp62B7 --potfile-disable -p : --hwmon-temp-abort=75 -o "C:\Users\xxxx\Downloads\hashcat-7.1.2\output.txt" --outfile-format=1,2 "C:\Users\xxxx\AppData\Local\Temp\tmp62B7.tmp" "C:\Users\xxxx\Downloads\random-wordlist-generator-portable\nieuw.2.txt"

hashcat (v7.1.2) starting - session [tmp62B7]

and this the result of the running session

Code:
OpenCL API (OpenCL 3.0 ) - Platform #1 [Intel(R) Corporation]

=============================================================

* Device #01: Intel(R) UHD Graphics 730, 15122/30244 MB (2047 MB allocatable), 8MCU

Minimum password length supported by kernel: 0

Maximum password length supported by kernel: 128

Minimum salt length supported by kernel: 0

Maximum salt length supported by kernel: 256

Hashes: 1 digests; 1 unique digests, 1 unique salts

Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates

Rules: 1

Optimizers applied:

* Zero-Byte

* Single-Hash

* Single-Salt

ATTENTION! Pure (unoptimized) backend kernels selected.

Pure kernels can crack longer passwords, but drastically reduce performance.

If you want to switch to optimized kernels, append -O to your commandline.

See the above message to find out about the exact limits.

Watchdog: Hardware monitoring interface not found on your system.

Watchdog: Temperature abort trigger disabled.

Host memory allocated for this attack: 2775 MB (53141 MB free)

Dictionary cache built:

* Filename..: C:\Users\xxxx\Downloads\random-wordlist-generator-portable\nieuw.2.txt

* Passwords.: 430

* Bytes.....: 5986

* Keyspace..: 430

* Runtime...: 0 secs

Approaching final keyspace - workload adjusted.

Session..........: tmp62B7

Status...........: Exhausted

Hash.Mode........: 12500 (RAR3-hp)

Hash.Target......: $RAR3$*0*9f54??????*4ba4e??????????

Time.Started.....: Tue Apr 14 22:49:43 2026 (5 secs)

Time.Estimated...: Tue Apr 14 22:49:48 2026 (0 secs)

Kernel.Feature...: Pure Kernel (password length 0-128 bytes)

Guess.Base.......: File (C:\Users\xxxx\Downloads\random-wordlist-generator-portable\nieuw.2.txt)

Guess.Queue......: 1/1 (100.00%)

Speed.#01........:      110 H/s (116.88ms) @ Accel:1 Loops:16384 Thr:36 Vec:1

Recovered........: 0/1 (0.00%) Digests (total), 0/1 (0.00%) Digests (new)

Progress.........: 430/430 (100.00%)

Rejected.........: 0/430 (0.00%)

Restore.Point....: 430/430 (100.00%)

Restore.Sub.#01..: Salt:0 Amplifier:0-1 Iteration:245760-262144

Candidate.Engine.: Host Generator + PCIe

Candidates.#01...: test8227768 -> test9993139

Started: Tue Apr 14 22:49:37 2026

Stopped: Tue Apr 14 22:49:49 2026

WinRAR info says "RAR 4.x Volume, data and names encrypted".

what am i doing wrong?
why can't hashcat find the password which is in the wordlist?

Need help recovering DiskCryptor password - first time user

Tue, 14 Apr 2026 15:19:58 +0000

Hi everyone,

I am a first-time user and I need some help recovering access to an encrypted partition on my Windows 11 computer.

Here is my situation:
- I encrypted a partition using DiskCryptor 1.3 Beta
- The partition is [internal/external, size if known]
- I have forgotten the password and cannot access the partition
- I do NOT have a backup of the header (if true)
- I am not experienced with hashcat or password recovery tools
- This is my own computer and my own data

I have already downloaded:
- Hashcat 7.1.2
- John the Ripper 1.9.0 Jumbo (Windows 64-bit)

Any help would be greatly appreciated. I just want to recover access to my own files.

Thank you in advance

I hit what looks like a Hashcat/ ssh2john format mismatch in the SSH key passphrase l

Thu, 09 Apr 2026 18:15:54 +0000

I hit what looks like a Hashcat/
ssh2john
format mismatch in the SSH key passphrase lab.
id_rsa
is valid now —
ssh-keygen -y -f id_rsa
prompts for the passphrase.
I extracted with:

ssh2john id_rsa > ssh.hash

ssh.hash
is one clean line starting with:

id_rsa:$sshng$6$16$...

But Hashcat
v7.1.2
rejects it:

hashcat -m 22921 ssh.hash ssh.passwords -r ssh.rule

Error:

Token length exception
No hashes loaded

And:

hashcat --identify ssh.hash

returns:

No hash-mode matches the structure of the input hash.

Has anyone seen this with newer OpenSSH
$sshng$6$16$...
hashes? Is mode
22921
currently incompatible with
ssh2john
output here, or is there a different extractor/workflow I should be using?