hashcat-gui v0.5.1 - not work perfectly
#1
Hello!

My basic system:
- asrock e350M1 usb 3.0
- msi R5850 Twin Frozr II (radeon HD5850)
- 4GB ddr3 - no pagefile
- windows 7 x64 SP1 - without updates
- amd catalyst 12.3 x64
- chieftech 500W psu

(Sorry my bad english!)

I capture backtrack 5 R2 - .cap file. I checkd, handshake is good. I use the online converter for hashcat:

http://hashcat.net/cap2hccap/

make for me the .hccap file.
I run the GUI x64 -> oclHashcat-plus
open the .hccap file
mode: bruteforce
hash type: WPA/WPA2
mask: ?l?u?d
output: uncheckd the "Write recovered..." box

Right the "start" button is:

oclHashcat-plus64.exe --hash-type 2500 --attack-mode 3 c:\Users\maygyver\Desktop\test.hccap ?l?u?d

I push the start, the cmd window is coming up:

oclHashcat-plus ...... by atom starting...
Hashes: 1
Unique salts: 1
Unique digestes: 1
...
Platform: AMD compatible platform found
Device #1: cípress, 1.024MB, 0MHz, 18MCU
....

Status: exhausted
Input mode: mask (?l?d?u)
hash target: macgyver
hash type: wpa/wpa2
time runing: 1 sec
time left: 0 sec
...
speed: 0 c/s
recovered: 0/1 digitests, 0/1 salts
...
started: ...... 17:52
stopper: ...... 17:52

...and the run stopped.
Trivial problem, or stronger?
What mess up?

I don't understand what is the problem.

Can you help me?
Sorry the new topic, but I don't know who can I give up this question!

Thanks in advance!
#2
This is not a gui thread, so i move it to oclHashcat-plus.

You are setting an invalid mask. Read this page to understand mask attack:

http://hashcat.net/wiki/mask_attack
#3
(04-14-2012, 06:05 PM)atom Wrote: This is not a gui thread, so i move it to oclHashcat-plus.

You are setting an invalid mask. Read this page to understand mask attack:

http://hashcat.net/wiki/mask_attack

Thank You!

I ask you a favor because my english!
How can i run bruteforce:
- lower characters
- upper characters
- decimals

Please just give me, what write in "mask box". Thank you!
#4
specify custom charset 1: ?l?d?u and mask ?1?1?1?1?1?1?1?1

this will run a brutefoce with all passes of length 8. For longer passes you need to specify more ?1.

But this will take very much time on WPA.
#5
(04-14-2012, 06:26 PM)undeath Wrote: specify custom charset 1: ?l?d?u and mask ?1?1?1?1?1?1?1?1

this will run a brutefoce with all passes of length 8. For longer passes you need to specify more ?1.

But this will take very much time on WPA.

Sorry for waiting! It works - thank you!
GPU load is 95% - password is 10 character long (upper, lower characters & digits).
Unfortunately i probe see the [s]tatus - program running is crashed.

This is a know bug?
#6
its not crashed, it just takes 100% of your gpu, so the OS is not ablt to screen refresh. lower your workload.
#7
(04-15-2012, 10:19 AM)atom Wrote: its not crashed, it just takes 100% of your gpu, so the OS is not ablt to screen refresh. lower your workload.

Thank you - I understand!

I calculate the running time. Is it correct?
(without masing)

my password lenght: 10 character
charset: lower - upper - digitals - total 62 character

The combinations is = 62^10 = 839.299.265.868.340.224

Where can I find the "combinations/second" speed of my actual system?
(HD5850)

Postscript: I found other program speed results for HD5970. Its: 2.400k/s
Thats mean 2.400 x 100.000 = 240.000.000 combination / s?
#8
There are too many zeros Wink

2.400k = 2.400 * 1000 = 2.400 (the dot is not a thousand-separator)

As is said before, WPA takes very much time. You _cannot_ brute-force this in your lifetime.
#9
(04-15-2012, 01:43 PM)undeath Wrote: There are too many zeros Wink

2.400k = 2.400 * 1000 = 2.400 (the dot is not a thousand-separator)

As is said before, WPA takes very much time. You _cannot_ brute-force this in your lifetime.

Just 2400 combination / s? Whooohooh!
Bruteforca without masking can't work - I see finnally.

Then what can I do? How to determine the mask?
Suppose, I don't know the victim.
Example: my password is - Gf45x3Rfe1
Make mask - I think this is impossible. (:


Other methodes too long?
MD5 hash, etc...
#10
Brute forcing an upper/lower/digit pass of 10 chars will take too much time, no matter what type of hash.

If you however cannot limit the password to a mask, you need to run a wordlist attack and hope for the best.