05-05-2024, 07:33 PM
Could someone tell me how exactly does the association attack mode works?
I know how salts work.
My question is directed towards the approach or the technique -a 9 uses.
For example: I generate a single, totally random password with ```mkpasswd -m md5crypt``` without looking at the keyboard.
If I try to crack this hash with -a 0, using the rockyou wordlist (which contains 14,344,385 candidates), then the total number of candidates Hashcat will have to try is going to be (without any rules) exactly 14,344,385 candidates.
Now, if I generate another md5crypt hash like this, and put it into -a 0 again, the candidates will double: 28,688,770
I understand why. What I don't understand is how does the association attack deal with this? I know that this mode should be used with slow hashes, like bcrypt, scrypt or other password hashing algorithms, but how can it decrease the time it takes to crack hashes like those?
I read some explanations, and they said: "This subtle difference can cause a dramatic impact on the overall speed of the process because the -a 9 implementation removes the loop, which iterates through the different salts"
What loop is the above text talking about?
I just don't get it. It would be really awesome if someone helped me understand this whole attack's concept by explaining it, like step by step or extremely simplified.🤞
I know how salts work.
My question is directed towards the approach or the technique -a 9 uses.
For example: I generate a single, totally random password with ```mkpasswd -m md5crypt``` without looking at the keyboard.
If I try to crack this hash with -a 0, using the rockyou wordlist (which contains 14,344,385 candidates), then the total number of candidates Hashcat will have to try is going to be (without any rules) exactly 14,344,385 candidates.
Now, if I generate another md5crypt hash like this, and put it into -a 0 again, the candidates will double: 28,688,770
I understand why. What I don't understand is how does the association attack deal with this? I know that this mode should be used with slow hashes, like bcrypt, scrypt or other password hashing algorithms, but how can it decrease the time it takes to crack hashes like those?
I read some explanations, and they said: "This subtle difference can cause a dramatic impact on the overall speed of the process because the -a 9 implementation removes the loop, which iterates through the different salts"
What loop is the above text talking about?
I just don't get it. It would be really awesome if someone helped me understand this whole attack's concept by explaining it, like step by step or extremely simplified.🤞