Association Attack & potfiles

[pragmatic]

The more I use the association attack the more I like it. It's incredibly powerful in many real-world circumstances and I'm finding myself relying on it more and more.

Given that value, are there any plans to add support for it to work with potfiles?

If not, at the least, I would suggest documenting clearly that it doesn't work with them now as that was a very surprising divergence in behavior.

From user_options.c:

Code:

  // association limitations

  if (user_options->attack_mode == ATTACK_MODE_ASSOCIATION)
  {
    user_options->potfile_disable = true;
  }

[royce]

Seems like a good idea to explicitly warn the user. Could you create a GitHub feature request for this?

[Chick3nman]

https://github.com/hashcat/hashcat/pull/3446

Added

[pragmatic]

Added another as well to request supporting pot files as that would obviously be the ideal solution. 

Call me an optimist. 😀

[Snoopy]

just for understanding why association attack dont work with potfiles? as far as i understand, assoc just removes the loop for testing all given salts with all passwordcandidates instead there is a 1:1 hash : salt to password/hint combination

so hashcat still test hashmode(pass/hint : salt) for one given hash : salt

so there should be no difference in hash : salt : pass behavior in the potfile

[Chick3nman]

The reason it doesn't allow use of the potfile now is that the potfile is NOT an outfile. It's a file that hashcat uses to remove previously cracked hashes from it's current run. We currently can't support the removal of hashes, salts, or candidates in assoc attack mode due to how hashes/salts/candidates are aligned. Because of that, we can't run the potfile check during startup and we can't easily avoid duplication into the potfile when a hash is cracked in more than one run. Assoc Attack mode does support outfiles currently, so you can save cracks to a file just fine. It just doesn't support the potfile.