performance issue
#1
Hello,

I try to use hashcat to crack a brypt hash.
If I start the benchmark it's OK, but if I start to crack the hash it's incredible slow. Also the usage of the GPU (about 3%) isn't much higher than without hashcat (about 1%) . Could you help me to find out what I'm doing wrong please?


Benchmark:

>hashcat.exe --benchmark -m 3200

HIP API (HIP 4.4)
=================
* Device #1: Radeon RX 580 Series, skipped

OpenCL API (OpenCL 2.1 AMD-APP (3380.6)) - Platform #1 [Advanced Micro Devices, Inc.]
=====================================================================================
* Device #2: Radeon RX 580 Series, 8064/8192 MB (6745 MB allocatable), 36MCU

Benchmark relevant options:
===========================
* --optimized-kernel-enable

----------------------------------------------------------------
* Hash-Mode 3200 (bcrypt $2*$, Blowfish (Unix)) [Iterations: 32]
----------------------------------------------------------------

Speed.#2.........:    10297 H/s (48.18ms) @ Accel:64 Loops:32 Thr:8 Vec:1

Started: Sun May 01 13:19:47 2022
Stopped: Sun May 01 13:19:54 2022


Dictionary attack:

>hashcat.exe -a0 -m 3200 hashes\Hashes.txt dictionaries\passwords.txt -w3 -O
hashcat (v6.2.5) starting

hipDeviceGetAttribute(): 1

HIP API (HIP 4.4)
=================
* Device #1: Radeon RX 580 Series, skipped

OpenCL API (OpenCL 2.1 AMD-APP (3380.6)) - Platform #1 [Advanced Micro Devices, Inc.]
=====================================================================================
* Device #2: Radeon RX 580 Series, 8064/8192 MB (6745 MB allocatable), 36MCU

Kernel ./OpenCL/m03200-optimized.cl:
Optimized kernel requested, but not available or not required
Falling back to pure kernel

Minimum password length supported by kernel: 0
Maximum password length supported by kernel: 72

Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates
Rules: 1

Optimizers applied:
* Zero-Byte
* Single-Hash
* Single-Salt

Watchdog: Temperature abort trigger set to 90c

Host memory required for this attack: 2 MB

Dictionary cache hit:
* Filename..: dictionaries\passwords.txt
* Passwords.: 14344384
* Bytes.....: 139921497
* Keyspace..: 14344384

[s]tatus [p]ause ypass [c]heckpoint [f]inish [q]uit =>

Session..........: hashcat
Status...........: Running
Hash.Mode........: 3200 (bcrypt $2*$, Blowfish (Unix))
Hash.Target......: $2y$10$0w49q92ItHF3O7.7RC3fTaqjOIbLOIFdylganZ.6IUht...fa2SzO
Time.Started.....: Sun May 01 13:22:04 2022 (7 secs)
Time.Estimated...: Mon May 02 01:25:34 2022 (12 hours, 3 mins)
Kernel.Feature...: Pure Kernel
Guess.Base.......: File (dictionaries\passwords.txt)
Guess.Queue......: 1/1 (100.00%)
Speed.#2.........:      330 H/s (48.17ms) @ Accel:64 Loops:32 Thr:8 Vec:1
Recovered........: 0/1 (0.00%) Digests
Progress.........: 2048/14344384 (0.01%)
Rejected.........: 0/2048 (0.00%)
Restore.Point....: 2048/14344384 (0.01%)
Restore.Sub.#2...: Salt:0 Amplifier:0-1 Iteration:608-640
Candidate.Engine.: Device Generator
Candidates.#2....: slimshady -> hassan
Hardware.Mon.#2..: Temp: 54c Fan: 19% Util:100% Core:1411MHz Mem:2000MHz Bus:16



Brute force:

>hashcat.exe -m 3200 hashes\Hashes.txt -w3 -O -a3 --increment --increment-min 8 --increment-max 12 ?a?a?a?a?a?a?a?a?a?a?a?a
hashcat (v6.2.5) starting

hipDeviceGetAttribute(): 1

HIP API (HIP 4.4)
=================
* Device #1: Radeon RX 580 Series, skipped

OpenCL API (OpenCL 2.1 AMD-APP (3380.6)) - Platform #1 [Advanced Micro Devices, Inc.]
=====================================================================================
* Device #2: Radeon RX 580 Series, 8064/8192 MB (6745 MB allocatable), 36MCU

Kernel ./OpenCL/m03200-optimized.cl:
Optimized kernel requested, but not available or not required
Falling back to pure kernel

Minimum password length supported by kernel: 0
Maximum password length supported by kernel: 72

Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates

Optimizers applied:
* Zero-Byte
* Single-Hash
* Single-Salt
* Brute-Force

Watchdog: Temperature abort trigger set to 90c

Host memory required for this attack: 2 MB

Cracking performance lower than expected?

* Append -S to the commandline.
  This has a drastic speed impact but can be better for specific attacks.
  Typical scenarios are a small wordlist but a large ruleset.

* Update your backend API runtime / driver the right way:
  https://hashcat.net/faq/wrongdriver

* Create more work items to make use of your parallelization power:
  https://hashcat.net/faq/morework

[s]tatus [p]ause ypass [c]heckpoint [f]inish [q]uit =>

Session..........: hashcat
Status...........: Running
Hash.Mode........: 3200 (bcrypt $2*$, Blowfish (Unix))
Hash.Target......: $2y$10$0w49q92ItHF3O7.7RC3fTaqjOIbLOIFdylganZ.6IUht...fa2SzO
Time.Started.....: Sun May 01 13:50:29 2022 (24 secs)
Time.Estimated...: Next Big Bang (> 10 years)
Kernel.Feature...: Pure Kernel
Guess.Mask.......: ?a?a?a?a?a?a?a?a [8]
Guess.Queue......: 1/5 (20.00%)
Speed.#2.........:      330 H/s (48.61ms) @ Accel:64 Loops:32 Thr:8 Vec:1
Recovered........: 0/1 (0.00%) Digests
Progress.........: 7680/6634204312890625 (0.00%)
Rejected.........: 0/7680 (0.00%)
Restore.Point....: 0/69833729609375 (0.00%)
Restore.Sub.#2...: Salt:0 Amplifier:15-16 Iteration:640-672
Candidate.Engine.: Device Generator
Candidates.#2....: harierin -> hfckerin
Hardware.Mon.#2..: Temp: 55c Fan: 20% Util:100% Core:1411MHz Mem:2000MHz Bus:16

best regards,
Christian
Reply
#2
Cracking performance lower than expected?

* Append -S to the commandline.
This has a drastic speed impact but can be better for specific attacks.
Typical scenarios are a small wordlist but a large ruleset.

* Update your backend API runtime / driver the right way:
https://hashcat.net/faq/wrongdriver

* Create more work items to make use of your parallelization power:
https://hashcat.net/faq/morework
Reply
#3
So mainly one thing: 

bcrypt is a hash with a variable cost factor, and the benchmark uses 2^5 (32 iterations) as the cost factor, but your actual hash has a 2^10 (1024 iterations) so your actual hash requires 32x (2^10/2^5) more work than the benchmark hash.

If you're using the Windows Task Manager to gauge GPU usage, don't. It doesn't account for computational usage very well as the general case is to account for graphics usage. Hashcat reports it's using 100%, so you're good.

(05-01-2022, 01:53 PM)killerhorse Wrote: Hello,

I try to use hashcat to crack a brypt hash.
If I start the benchmark it's OK, but if I start to crack the hash it's incredible slow. Also the usage of the GPU (about 3%) isn't much higher than without hashcat (about 1%) . Could you help me to find out what I'm doing wrong please?


Benchmark:

>hashcat.exe --benchmark -m 3200

HIP API (HIP 4.4)
=================
* Device #1: Radeon RX 580 Series, skipped

OpenCL API (OpenCL 2.1 AMD-APP (3380.6)) - Platform #1 [Advanced Micro Devices, Inc.]
=====================================================================================
* Device #2: Radeon RX 580 Series, 8064/8192 MB (6745 MB allocatable), 36MCU

Benchmark relevant options:
===========================
* --optimized-kernel-enable

----------------------------------------------------------------
* Hash-Mode 3200 (bcrypt $2*$, Blowfish (Unix)) [Iterations: 32]
----------------------------------------------------------------

Speed.#2.........:    10297 H/s (48.18ms) @ Accel:64 Loops:32 Thr:8 Vec:1

Started: Sun May 01 13:19:47 2022
Stopped: Sun May 01 13:19:54 2022


Dictionary attack:

>hashcat.exe -a0 -m 3200 hashes\Hashes.txt dictionaries\passwords.txt -w3 -O
hashcat (v6.2.5) starting

hipDeviceGetAttribute(): 1

HIP API (HIP 4.4)
=================
* Device #1: Radeon RX 580 Series, skipped

OpenCL API (OpenCL 2.1 AMD-APP (3380.6)) - Platform #1 [Advanced Micro Devices, Inc.]
=====================================================================================
* Device #2: Radeon RX 580 Series, 8064/8192 MB (6745 MB allocatable), 36MCU

Kernel ./OpenCL/m03200-optimized.cl:
Optimized kernel requested, but not available or not required
Falling back to pure kernel

Minimum password length supported by kernel: 0
Maximum password length supported by kernel: 72

Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates
Rules: 1

Optimizers applied:
* Zero-Byte
* Single-Hash
* Single-Salt

Watchdog: Temperature abort trigger set to 90c

Host memory required for this attack: 2 MB

Dictionary cache hit:
* Filename..: dictionaries\passwords.txt
* Passwords.: 14344384
* Bytes.....: 139921497
* Keyspace..: 14344384

[s]tatus [p]ause ypass [c]heckpoint [f]inish [q]uit =>

Session..........: hashcat
Status...........: Running
Hash.Mode........: 3200 (bcrypt $2*$, Blowfish (Unix))
Hash.Target......: $2y$10$0w49q92ItHF3O7.7RC3fTaqjOIbLOIFdylganZ.6IUht...fa2SzO
Time.Started.....: Sun May 01 13:22:04 2022 (7 secs)
Time.Estimated...: Mon May 02 01:25:34 2022 (12 hours, 3 mins)
Kernel.Feature...: Pure Kernel
Guess.Base.......: File (dictionaries\passwords.txt)
Guess.Queue......: 1/1 (100.00%)
Speed.#2.........:      330 H/s (48.17ms) @ Accel:64 Loops:32 Thr:8 Vec:1
Recovered........: 0/1 (0.00%) Digests
Progress.........: 2048/14344384 (0.01%)
Rejected.........: 0/2048 (0.00%)
Restore.Point....: 2048/14344384 (0.01%)
Restore.Sub.#2...: Salt:0 Amplifier:0-1 Iteration:608-640
Candidate.Engine.: Device Generator
Candidates.#2....: slimshady -> hassan
Hardware.Mon.#2..: Temp: 54c Fan: 19% Util:100% Core:1411MHz Mem:2000MHz Bus:16



Brute force:

>hashcat.exe -m 3200 hashes\Hashes.txt -w3 -O -a3 --increment --increment-min 8 --increment-max 12 ?a?a?a?a?a?a?a?a?a?a?a?a
hashcat (v6.2.5) starting

hipDeviceGetAttribute(): 1

HIP API (HIP 4.4)
=================
* Device #1: Radeon RX 580 Series, skipped

OpenCL API (OpenCL 2.1 AMD-APP (3380.6)) - Platform #1 [Advanced Micro Devices, Inc.]
=====================================================================================
* Device #2: Radeon RX 580 Series, 8064/8192 MB (6745 MB allocatable), 36MCU

Kernel ./OpenCL/m03200-optimized.cl:
Optimized kernel requested, but not available or not required
Falling back to pure kernel

Minimum password length supported by kernel: 0
Maximum password length supported by kernel: 72

Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates

Optimizers applied:
* Zero-Byte
* Single-Hash
* Single-Salt
* Brute-Force

Watchdog: Temperature abort trigger set to 90c

Host memory required for this attack: 2 MB

Cracking performance lower than expected?

* Append -S to the commandline.
  This has a drastic speed impact but can be better for specific attacks.
  Typical scenarios are a small wordlist but a large ruleset.

* Update your backend API runtime / driver the right way:
  https://hashcat.net/faq/wrongdriver

* Create more work items to make use of your parallelization power:
  https://hashcat.net/faq/morework

[s]tatus [p]ause ypass [c]heckpoint [f]inish [q]uit =>

Session..........: hashcat
Status...........: Running
Hash.Mode........: 3200 (bcrypt $2*$, Blowfish (Unix))
Hash.Target......: $2y$10$0w49q92ItHF3O7.7RC3fTaqjOIbLOIFdylganZ.6IUht...fa2SzO
Time.Started.....: Sun May 01 13:50:29 2022 (24 secs)
Time.Estimated...: Next Big Bang (> 10 years)
Kernel.Feature...: Pure Kernel
Guess.Mask.......: ?a?a?a?a?a?a?a?a [8]
Guess.Queue......: 1/5 (20.00%)
Speed.#2.........:      330 H/s (48.61ms) @ Accel:64 Loops:32 Thr:8 Vec:1
Recovered........: 0/1 (0.00%) Digests
Progress.........: 7680/6634204312890625 (0.00%)
Rejected.........: 0/7680 (0.00%)
Restore.Point....: 0/69833729609375 (0.00%)
Restore.Sub.#2...: Salt:0 Amplifier:15-16 Iteration:640-672
Candidate.Engine.: Device Generator
Candidates.#2....: harierin -> hfckerin
Hardware.Mon.#2..: Temp: 55c Fan: 20% Util:100% Core:1411MHz Mem:2000MHz Bus:16

best regards,
Christian
Reply