starting out with the gui
#1
so I dumped one of my user tables and I put in some test users and on my vbulletin forum.

I have a md5 password, salt, and my username.

I know all three. I want to supply hashcat my md5 pass & salt and let it figure out my actual password.

I made a txt file with my md5 pass word and then put my salt in another text file. I've set hashcat-gui to brute force and my mode and hash type is md5(md5($salt).$pass)

Now when I start hashcat the cmd prompt loads and it says it loads the hash file and the salt file and gives me the start and stop time. It doesn't write to the output file as I thought. So I take it didn't do anything.

I've been at it for 6+ hours. What am I doing wrong?
#2
format is hashConfusedalt in one file, not two, then switch to vbull < 3.8.5 (3 char salt) or vbull > 3.8.5 (30 char salt)
#3
wow, that was a big step i was missing.

Okay, it loads correctly now that I have one file for the hashConfusedalt. I've set it to vbull > 3.8.5 because I'm running version 4 on my site. But when the cmd line pops up it tells me that it skipped one because the salt contained the separator value and it will skip that one. So no big deal. Then it tells me it added the hashes from the file and it contain so many salts.

Then gives me the start and stop times. No output file. My god. If I get this figured out I will write something about it. Am I leaving something out?
#4
This is the command that gui is showing. Is there anything wrong with this?

hashcat-cli32.exe --hash-mode 15 --attack-mode 3 --output-file C:\Users\username\Desktop\hcoutputfile.txt C:\Users\username\Downloads\hashcat-gui-0.5.1\hashcat-gui-0.5.1\hashes.txt
#5
everything looks alright, but you have not specified a bruteforce charset. By default hashcat only uses lowercase letters for bruteforce (a-z).
#6
that changed with the latest version, it requires a mask like oclHashcat-plus and you were right, this is his problem...
#7
what mask do I use?
#8
read this http://hashcat.net/wiki/mask_attack
#9
okay now I'm getting it. Thanks guys.
#10
i'm just going to keep this thread going by asking a simple mask attack question. Let's say I know the password is something like; p4ssw0rd99

My mask is p4ssw0rd?d?d

If it tells me nothing was recovered does that mean my hashConfusedalt file must not be any good?