hashcat
advanced password recovery

**Hash-IT** · 01-25-2013, 01:14 PM

(01-25-2013, 12:00 PM)atom Wrote: Thats fine, oclHashcat limits the maximum number of functions per rule

I hadn't realised that oclhashcat-plus limits the number of functions per rule, I thought it was that the rule would make the password >15 so that is why it was rejected.

So just to make sure I understand this correctly oclhashcat-plus does not allow rules with >10 commands regardless of the resulting password length ?

If this is so and you intend to keep it that way I will modify this decoration rule and re-upload it.

However if you decide to increase oclhashcat-plus's ability to test longer passwords would it be possible to increase the password rule size limit also ? If so Please let me know and I will make a Trac ticket requesting it.

Thank you.

***atom*** · 01-25-2013, 01:19 PM

No plans for that, actually its not possible because of some hard limitations from GPU

**Hash-IT** · (This post was last modified: 01-25-2013, 01:53 PM by Hash-IT.)

(01-25-2013, 01:19 PM)atom Wrote: No plans for that, actually its not possible because of some hard limitations from GPU

OK thanks for the information. I will modify my rules and upload them again today. I will also update the rules page on the wiki to state that there is a 10 function limit.

Just so I can update the wiki properly...

I am guessing this limit is for oclhashcat-plus only ?

How many rule functions can hashcat accept ?

What would happen if the user pipes hashcat to oclhashcat-plus using larger rules ?

Thanks.

***atom*** · 01-25-2013, 02:25 PM

Yes that fine @ Wiki

There will be no problem @ hashcat pipe. There is also no such limit for slow hashes in oclHashcat-plus, thats only for fast hashes (different rule engine).

**Hash-IT** · 01-25-2013, 03:02 PM

I am sorry about taking up your time with this atom but I want to make sure I update the wiki correctly and your answers have just made me more confused ! Big Grin

From what you have said here it seems to me that oclhashcat-plus can indeed use >10 functions per rule line except for fast algorithms.

I think you also say that hashcat can use >10 functions per rule line, perhaps on all algorithms as it is CPU based ?

Is there a limit at all on hashcat ?

To save you time I have included all the algorithms in the code box. I wonder if you could copy and paste the algorithms that have the 10 function restriction in oclhashcat-plus and identify them as such.

I will assume the algorithms not selected will have no rule function limitation.

I will then tidy it up and write it out in full on the wiki. I just don't want to post incorrect information.

Code:
MD5

md5($pass.$salt)

md5($salt.$pass)

md5(unicode($pass).$salt)

md5($salt.unicode($pass))

SHA1

sha1($pass.$salt)

sha1($salt.$pass)

sha1(unicode($pass).$salt)

sha1($salt.unicode($pass))

MySQL

phpass, MD5(Wordpress), MD5(phpBB3)

md5crypt, MD5(Unix), FreeBSD MD5, Cisco-IOS MD5

MD4

NTLM

Domain Cached Credentials, mscash

SHA256

sha256($pass.$salt)

sha256($salt.$pass)

descrypt, DES(Unix), Traditional DES

md5apr1, MD5(APR), Apache MD5

SHA512

sha512($pass.$salt)

sha512($salt.$pass)

sha512crypt, SHA512(Unix)

Domain Cached Credentials2, mscash2

Cisco-PIX MD5

WPA/WPA2

Double MD5

LM

Oracle 7-10g, DES(Oracle)

bcrypt, Blowfish(OpenBSD)

SHA-3(Keccak)

* Specific hash types:

Joomla

osCommerce, xt:Commerce

nsldap, SHA-1(Base64), Netscape LDAP SHA

nsldaps, SSHA-1(Base64), Netscape LDAP SSHA

Oracle 11g

SMF > v1.1

OSX v10.4, v10.5, v10.6

MSSQL(2000)

MSSQL(2005)

EPiServer 6.x

OSX v10.7

vBulletin < v3.8.5

vBulletin > v3.8.5

IPB2+, MyBB1.2+

Thank you.

Login
Username/Email:
Password:	Lost Password?
	Remember me

hashcat advanced password recovery

hashcat
advanced password recovery