Password Decoration Rule
#21
(01-25-2013, 12:00 PM)atom Wrote: Thats fine, oclHashcat limits the maximum number of functions per rule

I hadn't realised that oclhashcat-plus limits the number of functions per rule, I thought it was that the rule would make the password >15 so that is why it was rejected.

So just to make sure I understand this correctly oclhashcat-plus does not allow rules with >10 commands regardless of the resulting password length ?

If this is so and you intend to keep it that way I will modify this decoration rule and re-upload it.

However if you decide to increase oclhashcat-plus's ability to test longer passwords would it be possible to increase the password rule size limit also ? If so Please let me know and I will make a Trac ticket requesting it.

Thank you.
Reply
#22
No plans for that, actually its not possible because of some hard limitations from GPU
Reply
#23
(01-25-2013, 01:19 PM)atom Wrote: No plans for that, actually its not possible because of some hard limitations from GPU

OK thanks for the information. I will modify my rules and upload them again today. I will also update the rules page on the wiki to state that there is a 10 function limit.

Just so I can update the wiki properly...

I am guessing this limit is for oclhashcat-plus only ?

How many rule functions can hashcat accept ?

What would happen if the user pipes hashcat to oclhashcat-plus using larger rules ?

Thanks.
Reply
#24
Yes that fine @ Wiki

There will be no problem @ hashcat pipe. There is also no such limit for slow hashes in oclHashcat-plus, thats only for fast hashes (different rule engine).
Reply
#25
I am sorry about taking up your time with this atom but I want to make sure I update the wiki correctly and your answers have just made me more confused ! Big Grin

From what you have said here it seems to me that oclhashcat-plus can indeed use >10 functions per rule line except for fast algorithms.

I think you also say that hashcat can use >10 functions per rule line, perhaps on all algorithms as it is CPU based ?

Is there a limit at all on hashcat ?

To save you time I have included all the algorithms in the code box. I wonder if you could copy and paste the algorithms that have the 10 function restriction in oclhashcat-plus and identify them as such.

I will assume the algorithms not selected will have no rule function limitation.

I will then tidy it up and write it out in full on the wiki. I just don't want to post incorrect information.

Code:
MD5
md5($pass.$salt)
md5($salt.$pass)
md5(unicode($pass).$salt)
md5($salt.unicode($pass))
SHA1
sha1($pass.$salt)
sha1($salt.$pass)
sha1(unicode($pass).$salt)
sha1($salt.unicode($pass))
MySQL
phpass, MD5(Wordpress), MD5(phpBB3)
md5crypt, MD5(Unix), FreeBSD MD5, Cisco-IOS MD5
MD4
NTLM
Domain Cached Credentials, mscash
SHA256
sha256($pass.$salt)
sha256($salt.$pass)
descrypt, DES(Unix), Traditional DES
md5apr1, MD5(APR), Apache MD5
SHA512
sha512($pass.$salt)
sha512($salt.$pass)
sha512crypt, SHA512(Unix)
Domain Cached Credentials2, mscash2
Cisco-PIX MD5
WPA/WPA2
Double MD5
LM
Oracle 7-10g, DES(Oracle)
bcrypt, Blowfish(OpenBSD)
SHA-3(Keccak)
* Specific hash types:
Joomla
osCommerce, xt:Commerce
nsldap, SHA-1(Base64), Netscape LDAP SHA
nsldaps, SSHA-1(Base64), Netscape LDAP SSHA
Oracle 11g
SMF > v1.1
OSX v10.4, v10.5, v10.6
MSSQL(2000)
MSSQL(2005)
EPiServer 6.x
OSX v10.7
vBulletin < v3.8.5
vBulletin > v3.8.5
IPB2+, MyBB1.2+

Thank you.
Reply