AMD rx 6600 xt, 22.5.1 driver, on Windows
#1
tl;dr - rx 6600 xt, with adrenaline 22.5.1 (required driver) on windows 10 21H2. Hashcat 6.2.6 starts, but then stops shortly after starting without attempting to crack the hash. What am I missing? All details below. 

background: 
22.5.1 release notes show compatibility with  Radeon™ RX 6900/6800/6700/6600/6500/6400 Series Graphics - so maybe because it is only compatible and not supported, that is the issue?

hash: 
directly from the hashcat wiki example page: MD5   01dfae6e5d4d90d9892622325959afbe:7050461

Is the openCL being 2.1 an issue? Ive seen other posts showing 2.0
also noticed after looking at the output again, under openCL 2.1
* Device #2: AMD Radeon RX 6600 XT, skipped - maybe this is the issue? 

Command (exactly as run):
.\hashcat.exe -a 0 -m 10 C:\tools\hashes\md5test.txt C:\tools\SecLists\SecLists-master\Passwords\rockyou.txt

Results:
hashcat (v6.2.6) starting

HIP API (HIP 4.4)
=================
* Device #1: AMD Radeon RX 6600 XT, 8048/8176 MB, 16MCU

OpenCL API (OpenCL 2.1 AMD-APP (3380.6)) - Platform #1 [Advanced Micro Devices, Inc.]
=====================================================================================
* Device #2: AMD Radeon RX 6600 XT, skipped

Minimum password length supported by kernel: 0
Maximum password length supported by kernel: 256
Minimim salt length supported by kernel: 0
Maximum salt length supported by kernel: 256

Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates
Rules: 1

Optimizers applied:
* Zero-Byte
* Early-Skip
* Not-Iterated
* Single-Hash
* Single-Salt
* Raw-Hash

ATTENTION! Pure (unoptimized) backend kernels selected.
Pure kernels can crack longer passwords, but drastically reduce performance.
If you want to switch to optimized kernels, append -O to your commandline.
See the above message to find out about the exact limits.

Watchdog: Temperature abort trigger set to 90c

Host memory required for this attack: 140 MB

Dictionary cache hit:
* Filename..: C:\tools\SecLists\SecLists-master\Passwords\rockyou.txt
* Passwords.: 14344387
* Bytes.....: 139921525
* Keyspace..: 14344387

Approaching final keyspace - workload adjusted.

Session..........: hashcat
Status...........: Exhausted
Hash.Mode........: 10 (md5($pass.$salt))
Hash.Target......: 01dfae6e5d4d90d9892622325959afbe:7050461
Time.Started.....: Fri Mar 31 17:08:22 2023 (1 sec)
Time.Estimated...: Fri Mar 31 17:08:23 2023 (0 secs)
Kernel.Feature...: Pure Kernel
Guess.Base.......: File (C:\tools\SecLists\SecLists-master\Passwords\rockyou.txt)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 13459.3 kH/s (1.81ms) @ Accel:1024 Loops:1 Thr:32 Vec:1
Recovered........: 0/1 (0.00%) Digests (total), 0/1 (0.00%) Digests (new)
Progress.........: 14344387/14344387 (100.00%)
Rejected.........: 0/14344387 (0.00%)
Restore.Point....: 14344387/14344387 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-1
Candidate.Engine.: Device Generator
Candidates.#1....: 0213Dom -> clarus
Hardware.Mon.#1..: Temp: 32c Fan:  0% Util:  7% Core: 170MHz Mem:1986MHz Bus:8

Started: Fri Mar 31 17:08:21 2023

c:\tools\hashcat-6.2.6>
Reply
#2
** SOLVED **

Turns out the issue was the file size of rockyou.txt.
I split the file in half and retried the same hash with the known password at the bottom of the text file and got the password without issue.

I shall blog about this on the internet.
Reply
#3
(04-01-2023, 06:28 PM)iamnotahashcat Wrote: ** SOLVED **

Turns out the issue was the file size of rockyou.txt.
I split the file in half and retried the same hash with the known password at the bottom of the text file and got the password without issue.

I shall blog about this on the internet.

That seems like the inappropriate resolution to me. The initial attack shows the password wasn't found, hence the status of being Exhausted. 

MD5 Hashes run at very fast hashrates so it will literally take you a few seconds to run thru a few million lines of passwords. If the password isn't found, hashcat will notify you with its status indicating as exhausted. If the password is found it will output the result and show a status of Cracked.
Reply
#4
(04-01-2023, 07:03 PM)slyexe Wrote:
(04-01-2023, 06:28 PM)iamnotahashcat Wrote: ** SOLVED **

Turns out the issue was the file size of rockyou.txt.
I split the file in half and retried the same hash with the known password at the bottom of the text file and got the password without issue.

I shall blog about this on the internet.

That seems like the inappropriate resolution to me. The initial attack shows the password wasn't found, hence the status of being Exhausted. 

MD5 Hashes run at very fast hashrates so it will literally take you a few seconds to run thru a few million lines of passwords. If the password isn't found, hashcat will notify you with its status indicating as exhausted. If the password is found it will output the result and show a status of Cracked.

I agree that this seems an inappropriate solution, it is however a workaround. I also confirmed using powershell that this password and another password I was trying to crack do exist in the rockyou.txt file.
Reply