Unexpected output when using rules to stdout
#1
Hello

I am reluctant to call this a bug, as it may be my fault, but I am having a problem with hashcat and generating a plain password list by using rules combined with an input password list.

I have used the simplest test.rule just to demonstrate the issue.  Other rules also produce unexpected results.

System = Win7 64 SP1 and all updates.
Hashcat = Version 6.2.6

Content of “test.rule”

Code:
E
c
d
l
r
u


Content of “testpass.txt”

Code:
aaaaaaaaaa
bbbbbbbbbb
cccccccccc
dddddddddd
eeeeeeeeee
ffffffffff



My command-line.

hashcat.exe -r “test.rule” “testpass.txt” –stdout >>testoutput.txt


Unexpected result within “testoutput.txt”

Code:
Aaaaaaaaaa
Aaaaaaaaaa
aaaaaaaaaaaacccccccc
aaaaaaaaaa
aaaaaaaaaa
AAAAAAAAAA
Bbbbbbbbbb
Bbbbbbbbbb
bbbbbbbbbbbbcccccccc
bbbbbbbbbb
bbbbbbbbbb
BBBBBBBBBB
Cccccccccc
Cccccccccc
ccccccccccccgggggggg
cccccccccc
cccccccccc
CCCCCCCCCC
Dddddddddd
Dddddddddd
ddddddddddddeeeeeeee
dddddddddd
dddddddddd
DDDDDDDDDD
Eeeeeeeeee
Eeeeeeeeee
eeeeeeeeeeeegggggggg
eeeeeeeeee
eeeeeeeeee
EEEEEEEEEE
Ffffffffff
Ffffffffff
ffffffffffffffffffff
ffffffffff
ffffffffff
FFFFFFFFFF
Reply
#2
https://github.com/hashcat/hashcat/issues/3596
Reply
#3
Thank you buka for the link I only searched this forum and should have looked elsewhere.

I have now found more posts on github.com which might also explain the issues with my other tests where I am getting non keyboard characters from password lists and rules which should not produce them.
Reply
#4
Hmm...

Using the latest beta

There still seems to be something strange about hashcat outputting plain passwords, through rules, to a text file.

I ran a single (solitary) password through a rule file and saved the output to "new_passwords.txt"

I hashed all the new words in "new_passwords.txt".

I then used the same plain text password and ran it through the same rule file to crack all the hashes I had just created.

What I do not understand is that on some occasions I am cracking less than 20%

Why am I not cracking 100% of the passwords created with the very same password and rule file I used to make the hashes?
Reply
#5
(02-08-2023, 12:55 AM)WPA_Catcher Wrote: Hmm...

Using the latest beta

There still seems to be something strange about hashcat outputting plain passwords, through rules, to a text file.

I ran a single (solitary) password through a rule file and saved the output to "new_passwords.txt"

I hashed all the new words in "new_passwords.txt".

I then used the same plain text password and ran it through the same rule file to crack all the hashes I had just created.

What I do not understand is that on some occasions I am cracking less than 20%

Why am I not cracking 100% of the passwords created with the very same password and rule file I used to make the hashes?

because --stdout seems to be still broken

your "new_passwords.txt" contains passwords which are not really generated by your ruleset, but outputted to file because of broken --stdout, then you hashed these "right and wrong candidates", but when attacking these hashes with your single password + ruleset, the gerated passwordcandidates  are "right" so the wrong candidates are missing, as result, you dont crack 100% but only the "correct" generated passes
Reply
#6
(02-08-2023, 03:10 PM)Snoopy Wrote: because --stdout seems to be still broken

Thank you Snoopy that explains it. I will wait for the next beta release before testing further.
Reply
#7
Using the latest beta 6.2.6+266 my problems with rules and stdout remain Sad
Reply