| 
		
	
	
	
		
	Posts: 7Threads: 1
 Joined: Jul 2021
 
	
		
		
		07-18-2021, 06:55 PM 
(This post was last modified: 07-20-2021, 07:40 PM by Hollerith98T.)
		
	 
		Hello everybody,I'm Giuseppe,
 
 I've been trying for several days to write a function to find the password of a zip file (model 17210).
 
 The goal would be to use this character set:
 abcdefghijklmnopqrstuvwxyz
 ABCDEFGHIJKLMNOPQRSTUVWXYZ
 0123456789
 !#$%&()*-<=>?@_
 Which is none other than the ASCII table deprived of some special character.
 
 Also I would like to define some rules to speed up the workload on my nvidia 1070ti gpu.
 
 In fact, I know for sure that:
 1. At least one capital letter was used
 2. at least one lowercase letter was used
 3. At least one special character was used
 4. the password is exactly 8 characters
 
 Ideally, if feasible, I would like to define an .hcmask file to call but I'm not sure how to write the rules.
 
 In general I am trying to call the following function:
 
 C:\cygwin64\home\Giuseppe\hashcat\hashcat.exe -d 3 -w 3 -m 17210 -a 3 "C:\Users\Giuseppe\Music\demo-hash.txt" -i --increment-min 8 --increment-max 8 -1 abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 ?1?1?1?1?1?1?1?1
 
 Needless to say, I'm not getting any results.
 
 
 It is also not clear to me which device is more convenient to recall.
 This is the result of the call:
 
 PS C:\cygwin64\home\Giuseppe\hashcat> C:\cygwin64\home\Giuseppe\hashcat\hashcat.exe -d 3 -w 3 -m 17210 -a 3 "C:\Users\Giuseppe\Music\demo-hash.txt" -i --increment-min 7 --increment-max 8 -1 abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 ?1?1?1?1?1?1?1?1
 hashcat (v6.2.2-149-g141b59b80) starting
 
 CUDA API (CUDA 11.4)
 ====================
 * Device #1: NVIDIA GeForce GTX 1070 Ti, skipped
 
 OpenCL API (OpenCL 3.0 CUDA 11.4.56) - Platform #1 [NVIDIA Corporation]
 =======================================================================
 * Device #2: NVIDIA GeForce GTX 1070 Ti, skipped
 
 OpenCL API (OpenCL 1.2 ) - Platform #2 [Intel(R) Corporation]
 =============================================================
 * Device #3: Intel(R) HD Graphics 4600, 1565/1629 MB (407 MB allocatable), 20MCU
 * Device #4: Intel(R) Core(TM) i5-4460  CPU @ 3.20GHz, skipped
 
 Minimum password length supported by kernel: 0
 Maximum password length supported by kernel: 256
 
 Counted lines in C:\Users\Giuseppe\Music\demo-hash.txt
 
 I hope for your help,
 Thanks a lot in advance,
 Giuseppe
 
	
	
	
		
	Posts: 2,266Threads: 16
 Joined: Feb 2013
 
	
		
		
		07-19-2021, 10:29 AM 
(This post was last modified: 07-19-2021, 10:30 AM by philsmd.)
		
	 
		can you explain the actual problem in more detail ?
 do you think hashcat (or your devices) are not working at all or is the problem "just" that you think you are testing the wrong password candidates (or wrong character set + mask etc).
 
 From your output it's not clear if hashcat finished or what is going on.
 
 how did you generate demo-hash.txt ?
 
 
 Did you try to see if everything is working with your specific setup (hardware, hashcat version, operating system etc) when trying to crack an example hash with known/easy password ?
 
 Please explain in more detail, because it's not clear to me if you are just confused about how charsets are defined (e.g. see .hcchr file, this has nothing to do with "rules" and also not directly to do with hcmask files, it's a charset file or defined directly in the command line as your example above) or if you have some more serious problems with your setup/hardware/installation.
 
	
	
	
		
	Posts: 7Threads: 1
 Joined: Jul 2021
 
	
	
		 (07-19-2021, 10:29 AM)philsmd Wrote:  can you explain the actual problem in more detail ?
 do you think hashcat (or your devices) are not working at all or is the problem "just" that you think you are testing the wrong password candidates (or wrong character set + mask etc).
 
 From your output it's not clear if hashcat finished or what is going on.
 
 how did you generate demo-hash.txt ?
 
 
 Did you try to see if everything is working with your specific setup (hardware, hashcat version, operating system etc) when trying to crack an example hash with known/easy password ?
 
 Please explain in more detail, because it's not clear to me if you are just confused about how charsets are defined (e.g. see .hcchr file, this has nothing to do with "rules" and also not directly to do with hcmask files, it's a charset file or defined directly in the command line as your example above) or if you have some more serious problems with your setup/hardware/installation.
 
The problem is that with this hash, hashcat stops for no reason even before it starts looking for the password. 
I am quite convinced that the mistake is mine and not in the machine.
 
Hashcat should work fine because trying other hashes I generated everything worked fine.
 
To get the demo-hash.txt file I used zip2john as I did with other test files which were successful.
 
The version of hashcat I use should be the latest having cloned directly with git as per the guide on the site.
 
My goal is to look for the password with the rules above, charged to my 1070ti, can you tell me if that command is correct or how it should be written?
	 
	
	
	
		
	Posts: 927Threads: 16
 Joined: Sep 2017
 
	
	
		first remove the -d 3, hashcat will use GPU by default, -d 3 tells hashcat to just use your 
Device #3: Intel(R) HD Graphics 4600, 1565/1629 MB (407 MB allocatable), 20MCU, skipping your "real gpus"
 
second, hashcat has build-in charsets, so please just use -1 ?l?u?d ?1?1?1?1?1?1?1?1
 
third, is your demo-hash formatted like in examples hashes?
https://hashcat.net/wiki/doku.php?id=example_hashes 
you can try adding the demo hash provided there into your file
	 
	
	
	
		
	Posts: 7Threads: 1
 Joined: Jul 2021
 
	
	
		 (07-19-2021, 01:08 PM)Snoopy Wrote:  first remove the -d 3, hashcat will use GPU by default, -d 3 tells hashcat to just use yourDevice #3: Intel(R) HD Graphics 4600, 1565/1629 MB (407 MB allocatable), 20MCU, skipping your "real gpus"
 
Okay, I removed it
  (07-19-2021, 01:08 PM)Snoopy Wrote:  second, hashcat has build-in charsets, so please just use -1 ?l?u?d ?1?1?1?1?1?1?1?1 
Yes, definitely better. But if you read the first post above, I also need to insert some special characters. How can i add only some special characters without having errors like "Invalid argument"? (e.g. about "{" ).
  (07-19-2021, 01:08 PM)Snoopy Wrote:  third, is your demo-hash formatted like in examples hashes?https://hashcat.net/wiki/doku.php?id=example_hashes
 
 
 you can try adding the demo hash provided there into your file
 
I'm sure the demo-hash.txt file is correct. 
Find the file and details here:
https://github.com/openwall/john/issues/4768 
	
	
	
		
	Posts: 927Threads: 16
 Joined: Sep 2017
 
	
	
		instead of giving the mask inside a command line you can use a mask-file
 inside a mask-file you can specify up to 4 charsets like on command line, charsets are divided by a comma so
 
 mask.txt
 ?l?u?d},?1?1?1?1?1?1?1?1
 would generate lower upper digits and }
 be aware of the comma and ?2
 ?l?u?d,},?1?1?1?1?1?1?1?2
 would generate passwords with lower upper digits and a } appended
 
 your given file is 2 megabytes for just one hash, exactly 2.2990.797 chars, im pretty sure this cant be right, and a quick look the output line for the hash starts with
 $pkzip$1
 but all example hashes starts with
 $pkzip2$1
 
 so i think the output is somehow malformed
 
	
	
	
		
	Posts: 7Threads: 1
 Joined: Jul 2021
 
	
	
		 (07-19-2021, 02:48 PM)Snoopy Wrote:  instead of giving the mask inside a command line you can use a mask-file
 inside a mask-file you can specify up to 4 charsets like on command line, charsets are divided by a comma so
 
 mask.txt
 ?l?u?d},?1?1?1?1?1?1?1?1
 would generate lower upper digits and }
 be aware of the comma and ?2
 ?l?u?d,},?1?1?1?1?1?1?1?2
 would generate passwords with lower upper digits and a } appended
 
As I said I need to use the following characters:
 
abcdefghijklmnopqrstuvwxyz (lower) 
ABCDEFGHIJKLMNOPQRSTUVWXYZ (upper) 
0123456789 (number) 
!#$%&()*-<=>?@_ (some special characters)
 
Looking at how you wrote yours, it should be correct to write it like this, do you confirm?
 
mask.txt 
?l?u?d?!#$%&()*-<=>?@_,?1?1?1?1?1?1?1?1
  (07-19-2021, 02:48 PM)Snoopy Wrote:  your given file is 2 megabytes for just one hash, exactly 2.2990.797 chars, im pretty sure this cant be right, and a quick look the output line for the hash starts with$pkzip$1
 but all example hashes starts with
 $pkzip2$1
 
 so i think the output is somehow malformed
 
It is strange that one of the main developers of the john the ripper project was wrong to hash a zip file. 
However I understand what you mean, could you tell me why this happens?
 
You always find the file at that link, can you be kind enough to try to generate your hash?
 
Thanks for your time
	 
	
	
	
		
	Posts: 927Threads: 16
 Joined: Sep 2017
 
	
		
		
		07-19-2021, 03:51 PM 
(This post was last modified: 07-19-2021, 03:51 PM by Snoopy.)
		
	 
		 (07-19-2021, 03:27 PM)Hollerith98T Wrote:  As I said I need to use the following characters:
 abcdefghijklmnopqrstuvwxyz (lower)
 ABCDEFGHIJKLMNOPQRSTUVWXYZ (upper)
 0123456789 (number)
 !#$%&()*-<=>?@_ (some special characters)
 
 Looking at how you wrote yours, it should be correct to write it like this, do you confirm?
 
 mask.txt
 ?l?u?d?!#$%&()*-<=>?@_,?1?1?1?1?1?1?1?1
 
yeah with just one small "mistake", it has to be a double ? if you want to use ? literally, so 
?l?u?d??!#$%&()*-<=>?@_,?1?1?1?1?1?1?1?1
 
for the provided demo.zip i got the same hashline like the developer, so i just think zip2john with given file is just incompatible with hashcat
	 
	
	
	
		
	Posts: 7Threads: 1
 Joined: Jul 2021
 
	
	
		 (07-19-2021, 03:51 PM)Snoopy Wrote:  for the provided demo.zip i got the same hashline like the developer, so i just think zip2john with given file is just incompatible with hashcat 
So how do I do it?
	 
	
	
	
		
	Posts: 927Threads: 16
 Joined: Sep 2017
 
	
	
		i think you have to use JtR for this particular file/hash
	 |