Hashcat efficiency degradation through time - Django (PBKDF2-SHA256)
#1
Recently I have arrived into a strange scenario where I have acquired "Django (PBKDF2-SHA256)" hashes. Whenever I start the process of breaking these hashes, efficiency degradation happens throughout time.

For example, when I start the process, Hashcat's status shows 540.5 kH/s.
However, after roughly 33 minutes into the hash breaking process, efficiency degrades to 43761 H/s.

Is this expected?
Why isn't this behavior apparent when breaking MD5, NTLM or NTLMv2 hashes?
Reply
#2
What version of hashcat are you using? There was an issue like this recently fixed and an update may solve it for you. Alternatively, it's possible that you have hashes of varying round count/cost. If so, as hashcat gets to the higher and higher round count hashes, the speed degrades further and further, and the longer the attack goes on, the lower the average overall speed becomes, causing it to appear to degrade over the course of the attack.
Reply
#3
(01-07-2022, 10:10 PM)Chick3nman Wrote: What version of hashcat are you using? There was an issue like this recently fixed and an update may solve it for you.

Ok! Good to keep that in mind.
The version I'm using is 'v6.2.3', which in turn is obsolete. I'll update the version and try the hash breaking approach again.

(01-07-2022, 10:10 PM)Chick3nman Wrote: Alternatively, it's possible that you have hashes of varying round count/cost. If so, as hashcat gets to the higher and higher round count hashes, the speed degrades further and further, and the longer the attack goes on, the lower the average overall speed becomes, causing it to appear to degrade over the course of the attack.

In case the first approach doesn't work, I'll look into the hash type and see if there is anything that encompasses degradation through time for Django (PBKDF2-SHA256).

One case or the other, I will be back to share the results.
Thank you
Reply