segfault on Arch Linux with 1080TI
#1
Hi all,

For a few months, I've had consistent segfaults with hashcat that I'm having trouble sorting out.
I'm on arch using the LTS kernel (6.6.68-1). I'm using a GTX 1080TI with nvidia-dkms which seems to be working.
I've tried both the Arch-provided hashcat binary as well as compiled my own from source, I get the same segfault message either way.

I've tried reading through a number of segfault threads on this forum as well as the GitHub issue tracker, but I've not been able to figure out the next step for sorting out this crash.

What can I do to sort out this segfault? Many thanks for suggestions and help.

Code:
$ hashcat --version
v6.2.6
$ ~/git/hashcat/hashcat --version
v6.2.6-851-g6716447df
$
$ hashcat -m 17220 -a 0 my_log.zip /path/to/wordlist
hashcat (v6.2.6-851-g6716447df) starting
The device #3 specifically listed was skipped because it is an alias of device #1
CUDA API (CUDA 12.7)
====================
* Device #1: NVIDIA GeForce GTX 1080 Ti, 11009/11157 MB, 28MCU
OpenCL API (OpenCL 3.0 LINUX) - Platform #1 [Intel(R) Corporation]
==================================================================
* Device #2: AMD Ryzen Threadripper 1920X 12-Core Processor, skipped
OpenCL API (OpenCL 3.0 CUDA 12.7.33) - Platform #2 [NVIDIA Corporation]
=======================================================================
* Device #3: NVIDIA GeForce GTX 1080 Ti, skipped
Minimum password length supported by kernel: 0
Maximum password length supported by kernel: 256
Counting lines in my_log.zip. Please be patient...Segmentation fault (core dumped)
Code:
$ nvidia-smi
Tue Dec 31 17:10:08 2024
+-----------------------------------------------------------------------------------------+
| NVIDIA-SMI 565.77                Driver Version: 565.77        CUDA Version: 12.7    |
|-----------------------------------------+------------------------+----------------------+
| GPU  Name                Persistence-M | Bus-Id          Disp.A | Volatile Uncorr. ECC |
| Fan  Temp  Perf          Pwr:Usage/Cap |          Memory-Usage | GPU-Util  Compute M. |
|                                        |                        |              MIG M. |
|=========================================+========================+======================|
|  0  NVIDIA GeForce GTX 1080 Ti    Off |  00000000:43:00.0  On |                  N/A |
|  0%  29C    P8              8W /  250W |      13MiB /  11264MiB |      0%      Default |
|                                        |                        |                  N/A |
+-----------------------------------------+------------------------+----------------------+
+-----------------------------------------------------------------------------------------+
| Processes:                                                                              |
|  GPU  GI  CI        PID  Type  Process name                              GPU Memory |
|        ID  ID                                                              Usage      |
|=========================================================================================|
|  No running processes found                                                            |
+-----------------------------------------------------------------------------------------+
Reply
#2
Seg faults are typically due to hardware issues not software. If its parsing a wordlist by the looks of things does the issue arise when just doing a benchmark or another method of attack?
Reply
#3
Thanks for your reply.

john seems to work, and a benchmark seems to use the GPU without issue:

Code:
$ hashcat -b
hashcat (v6.2.6) starting in benchmark mode

Benchmarking uses hand-optimized kernel code by default.
You can use it in your cracking session by setting the -O option.
Note: Using optimized kernel code limits the maximum supported password length.
To disable the optimized kernel code in benchmark mode, use the -w option.

CUDA API (CUDA 12.7)
====================
* Device #1: NVIDIA GeForce GTX 1080 Ti, 11009/11157 MB, 28MCU

OpenCL API (OpenCL 3.0 LINUX) - Platform #1 [Intel(R) Corporation]
==================================================================
* Device #2: AMD Ryzen Threadripper 1920X 12-Core Processor, skipped

OpenCL API (OpenCL 3.0 CUDA 12.7.33) - Platform #2 [NVIDIA Corporation]
=======================================================================
* Device #3: NVIDIA GeForce GTX 1080 Ti, skipped

Benchmark relevant options:
===========================
* --optimized-kernel-enable

-------------------
* Hash-Mode 0 (MD5)
-------------------

Speed.#1.........: 35755.6 MH/s (51.97ms) @ Accel:128 Loops:1024 Thr:512 Vec:8

----------------------
* Hash-Mode 100 (SHA1)
----------------------

Speed.#1.........: 12176.8 MH/s (76.66ms) @ Accel:64 Loops:1024 Thr:512 Vec:1

---------------------------
* Hash-Mode 1400 (SHA2-256)
---------------------------

Speed.#1.........:  4650.6 MH/s (50.11ms) @ Accel:8 Loops:1024 Thr:1024 Vec:1

---------------------------
* Hash-Mode 1700 (SHA2-512)
---------------------------

Speed.#1.........:  1503.4 MH/s (77.72ms) @ Accel:16 Loops:1024 Thr:256 Vec:1

-------------------------------------------------------------
* Hash-Mode 22000 (WPA-PBKDF2-PMKID+EAPOL) [Iterations: 4095]
-------------------------------------------------------------

Speed.#1.........:  625.2 kH/s (88.80ms) @ Accel:16 Loops:1024 Thr:512 Vec:1

-----------------------
* Hash-Mode 1000 (NTLM)
-----------------------

Speed.#1.........: 61347.1 MH/s (29.85ms) @ Accel:128 Loops:1024 Thr:512 Vec:8

---------------------
* Hash-Mode 3000 (LM)
---------------------

Speed.#1.........: 30643.8 MH/s (30.17ms) @ Accel:1024 Loops:1024 Thr:32 Vec:1

--------------------------------------------
* Hash-Mode 5500 (NetNTLMv1 / NetNTLMv1+ESS)
--------------------------------------------

Speed.#1.........: 35876.5 MH/s (51.63ms) @ Accel:64 Loops:1024 Thr:1024 Vec:2

----------------------------
* Hash-Mode 5600 (NetNTLMv2)
----------------------------

Speed.#1.........:  2653.9 MH/s (87.96ms) @ Accel:16 Loops:512 Thr:1024 Vec:1

--------------------------------------------------------
* Hash-Mode 1500 (descrypt, DES (Unix), Traditional DES)
--------------------------------------------------------

Speed.#1.........:  1279.8 MH/s (91.33ms) @ Accel:32 Loops:1024 Thr:128 Vec:1

------------------------------------------------------------------------------
* Hash-Mode 500 (md5crypt, MD5 (Unix), Cisco-IOS $1$ (MD5)) [Iterations: 1000]
------------------------------------------------------------------------------

Speed.#1.........: 11743.6 kH/s (58.73ms) @ Accel:32 Loops:1000 Thr:1024 Vec:1

----------------------------------------------------------------
* Hash-Mode 3200 (bcrypt $2*$, Blowfish (Unix)) [Iterations: 32]
----------------------------------------------------------------

Speed.#1.........:    29842 H/s (83.60ms) @ Accel:8 Loops:32 Thr:12 Vec:1

--------------------------------------------------------------------
* Hash-Mode 1800 (sha512crypt $6$, SHA512 (Unix)) [Iterations: 5000]
--------------------------------------------------------------------

Speed.#1.........:  207.4 kH/s (61.86ms) @ Accel:1024 Loops:128 Thr:512 Vec:1

--------------------------------------------------------
* Hash-Mode 7500 (Kerberos 5, etype 23, AS-REQ Pre-Auth)
--------------------------------------------------------

Speed.#1.........:  528.4 MH/s (55.34ms) @ Accel:256 Loops:128 Thr:32 Vec:1

-------------------------------------------------
* Hash-Mode 13100 (Kerberos 5, etype 23, TGS-REP)
-------------------------------------------------

Speed.#1.........:  523.4 MH/s (55.70ms) @ Accel:256 Loops:128 Thr:32 Vec:1

---------------------------------------------------------------------------------
* Hash-Mode 15300 (DPAPI masterkey file v1 (context 1 and 2)) [Iterations: 23999]
---------------------------------------------------------------------------------

Speed.#1.........:  112.2 kH/s (84.29ms) @ Accel:16 Loops:1024 Thr:512 Vec:1

---------------------------------------------------------------------------------
* Hash-Mode 15900 (DPAPI masterkey file v2 (context 1 and 2)) [Iterations: 12899]
---------------------------------------------------------------------------------

Speed.#1.........:    52787 H/s (82.43ms) @ Accel:4 Loops:1024 Thr:512 Vec:1

------------------------------------------------------------------
* Hash-Mode 7100 (macOS v10.8+ (PBKDF2-SHA512)) [Iterations: 1023]
------------------------------------------------------------------

Speed.#1.........:  591.2 kH/s (85.75ms) @ Accel:4 Loops:1023 Thr:512 Vec:1

---------------------------------------------
* Hash-Mode 11600 (7-Zip) [Iterations: 16384]
---------------------------------------------

Speed.#1.........:  449.1 kH/s (59.32ms) @ Accel:32 Loops:4096 Thr:128 Vec:1

------------------------------------------------
* Hash-Mode 12500 (RAR3-hp) [Iterations: 262144]
------------------------------------------------

Speed.#1.........:    64999 H/s (109.12ms) @ Accel:8 Loops:16384 Thr:512 Vec:1

--------------------------------------------
* Hash-Mode 13000 (RAR5) [Iterations: 32799]
--------------------------------------------

Speed.#1.........:    55775 H/s (63.64ms) @ Accel:16 Loops:256 Thr:1024 Vec:1

--------------------------------------------------------------------------------
* Hash-Mode 6211 (TrueCrypt RIPEMD160 + XTS 512 bit (legacy)) [Iterations: 1999]
--------------------------------------------------------------------------------

Speed.#1.........:  406.3 kH/s (65.39ms) @ Accel:32 Loops:64 Thr:1024 Vec:1

-----------------------------------------------------------------------------------
* Hash-Mode 13400 (KeePass 1 (AES/Twofish) and KeePass 2 (AES)) [Iterations: 24569]
-----------------------------------------------------------------------------------

Speed.#1.........:    48380 H/s (48.93ms) @ Accel:4 Loops:1024 Thr:512 Vec:1

----------------------------------------------------------------
* Hash-Mode 6800 (LastPass + LastPass sniffed) [Iterations: 499]
----------------------------------------------------------------

Speed.#1.........:  3265.4 kH/s (49.84ms) @ Accel:32 Loops:124 Thr:1024 Vec:1

--------------------------------------------------------------------
* Hash-Mode 11300 (Bitcoin/Litecoin wallet.dat) [Iterations: 200459]
--------------------------------------------------------------------

Speed.#1.........:    6951 H/s (83.93ms) @ Accel:8 Loops:512 Thr:1024 Vec:1

Started: Fri Jan  3 09:27:47 2025
Stopped: Fri Jan  3 09:30:13 2025
Reply
#4
This also works:

Code:
$ echo 8743b52063cd84097a65d1633f5c74f5 > md5.hash
$ hashcat -D2 -m 0 -a 3 md5.hash hashcat --potfile-disable
hashcat (v6.2.6) starting

CUDA API (CUDA 12.7)
====================
* Device #1: NVIDIA GeForce GTX 1080 Ti, 11009/11157 MB, 28MCU

OpenCL API (OpenCL 3.0 LINUX) - Platform #1 [Intel(R) Corporation]
==================================================================
* Device #2: AMD Ryzen Threadripper 1920X 12-Core Processor, skipped

OpenCL API (OpenCL 3.0 CUDA 12.7.33) - Platform #2 [NVIDIA Corporation]
=======================================================================
* Device #3: NVIDIA GeForce GTX 1080 Ti, skipped

Minimum password length supported by kernel: 0
Maximum password length supported by kernel: 256

Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates

Optimizers applied:
* Zero-Byte
* Early-Skip
* Not-Salted
* Not-Iterated
* Single-Hash
* Single-Salt
* Brute-Force
* Raw-Hash

ATTENTION! Pure (unoptimized) backend kernels selected.
Pure kernels can crack longer passwords, but drastically reduce performance.
If you want to switch to optimized kernels, append -O to your commandline.
See the above message to find out about the exact limits.

Watchdog: Temperature abort trigger set to 90c

Host memory required for this attack: 1475 MB

The wordlist or mask that you are using is too small.
This means that hashcat cannot use the full parallel power of your device(s).
Unless you supply more work, your cracking speed will drop.
For tips on supplying more work, see: https://hashcat.net/faq/morework

Approaching final keyspace - workload adjusted.

8743b52063cd84097a65d1633f5c74f5:hashcat

Session..........: hashcat
Status...........: Cracked
Hash.Mode........: 0 (MD5)
Hash.Target......: 8743b52063cd84097a65d1633f5c74f5
Time.Started.....: Fri Jan  3 10:16:56 2025 (0 secs)
Time.Estimated...: Fri Jan  3 10:16:56 2025 (0 secs)
Kernel.Feature...: Pure Kernel
Guess.Mask.......: hashcat [7]
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:      333 H/s (0.01ms) @ Accel:128 Loops:1 Thr:1024 Vec:1
Recovered........: 1/1 (100.00%) Digests (total), 1/1 (100.00%) Digests (new)
Progress.........: 1/1 (100.00%)
Rejected.........: 0/1 (0.00%)
Restore.Point....: 0/1 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-1
Candidate.Engine.: Device Generator
Candidates.#1....: hashcat -> hashcat
Hardware.Mon.#1..: Temp: 44c Fan:  0% Util: 98% Core:1936MHz Mem:5005MHz Bus:16

Started: Fri Jan  3 10:16:55 2025
Stopped: Fri Jan  3 10:16:57 2025
Reply
#5
Well I can only suggest trying an alternative drive to use your wordlist on or either your wordlist is possibly corrupt and causing a hang. That would be my guess as to where a possible issue would be.
Reply
#6
Totally reasonable suggestion, but no luck.

Previously the wordlist was gzipped and stored on a zfs hdd, but I get the same segfault when it is decompressed to .txt (and seems fine when I open it) and placed on the nvme next to the zip file.

Also segfault when I use `john.txt` as the  wordlist.

Could it have anything to do with using the wrong mode? I am using 17220 based on the below gist, matching on the first  part of my `zip2john` output:

https://gist.github.com/dwallraff/6a50b5...560c176401

my zip2john output starts with:

Code:
my_log.zip:$pkzip2$3*1*1*0*8*24

I wasn't  aware of `hashcat --identify`, trying it now.
Reply
#7
`hashcat --identify` has been running for over 24 hours now with the only output being:

Code:
Autodetecting hash-modes. Please be patient...
Reply