md5 with 500-character long passwords
#1
there is a wordlist containing 500-character long passwords.

it seems that

    ./hashcat.bin -m 0 hashes.txt wordlist

produces no result, even with a long password whose md5 hash is really in hashes.txt

how to work with long passwords and md5 (-m 0)?
Reply
#2
With hashcat? You don't. Hashcat kernels are largely constrained by what you can efficiently compute on a GPU, and the plaintext limit on the "pure" MD5 kernel is 256 bytes (the optimized kernel is 31 bytes).

Google "mdxfind" for a possible solution to your problem.

(05-14-2022, 04:37 PM)phaphip Wrote: i have a wordlist containing possible 500-character long passwords.

yes it is really needed for this challenge.

it seems that

    generatelongpwds | ./hashcat.bin -m 0 hashes.txt

produces no result, even if i test with a long password whose md5 hash is really in hashes.txt

how to work with long passwords and md5 (-m 0)?
Reply
#3
(05-14-2022, 05:23 PM)pdo Wrote: With hashcat? You don't. Hashcat kernels are largely constrained by what you can efficiently compute on a GPU, and the plaintext limit on the "pure" MD5 kernel is 256 bytes (the optimized kernel is 31 bytes).

is there a way to recompile hashcat with this constant 256 replaced by 1024?
it is ok if it is slower.
or is 256 a real gpu hardware limitation?



would hashcat work with:

    md5(known_fixedpart_len300 + pwd_len_max_256)

the fixed part of length 300 is always the same, and the generated passwords are of length less than 256.

at the end it is always md5(more than 256 char), i dont know if the fixed part changes something.
Reply