Some general Hashcat questions.
#1
I'm new to using anything other than the age old Cain and Abel. Trying out Hashcat to crack 2 Domain Cached Credential hashes. I know the passwords are between 5 and 10 characters, any combo, so I'm brute forcing with a full charset. This is a proof of concept that current password requirements are pretty weak in our organization.

Code:
Charset...: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789! #$%&'()*+,-./:;<=>?@[]^_`{|}~
Length....: 6
Index.....: 0/1 (segment), 646990183449 (words), 0 (bytes)
Recovered.: 0/2 hashes, 0/2 salts
Speed/sec.: - plains, 6.09M words
Progress..: 358326825860/646990183449 (55.38%)
Running...: 00:16:21:16
Estimated.: 00:13:10:29

That's my current output.

Questions:
I assume that it's testing 6.09 million words per second, correct?

Looking over at this thread: http://hashcat.net/forum/thread-21.html I see the benchmark speeds and am amazed.

Code:
Speed.GPU1: 820.99M/s
Speed.GPU*: 820.99M/s

Is that million per second, or thousand per second?


I understand that MD5 is probably a lot faster than DCC (domain cached creds) I'm just trying to get an understanding on this process.
#2
Bruteforcing DCC using CPU is really old school, ancient school I may say.
OpenCLHashcat supports DCC.
You'll have better speeds on GPU.

That's millions p/s.
#3
Well, I quit gaming about 5 years ago and quit paying attention to video cards over 40 or so dollars. Smile Now it seems like I should go get one in the 150 dollar price range and I'd probably be slobbering all over the results.

Kind of hard to believe... 6 to 820 million per second? Phew.
#4
You're comparing MD5 on GPU to DCC on 2 core CPU.
Kind of wrong.
Check my bench to see more light.