MD5 and the Diminishing Passwords Rule
#1
I have made this odd rule I like to use now and then…

Code:
]
]]
]]]
]]]]
]]]]]
]]]]]]
]]]]]]]
]]]]]]]]
[
[[
[[[
[[[[
[[[[[
[[[[[[
[[[[[[[
[[[[[[[[
[]
[][]
[][][]
[][][][]
[][][][][]
[][][][][][]
[][][][][][][]
[][][][][][][][]

I call it the diminishing password rule. I am sure it doesn’t need any explanation.

The odd thing with it is that it works ok when testing .hccaps but not when testing MD5. When I use this rule against MD5 I get the following error.


Code:
ERROR: ERROR: clGetPlatformIDs() -1001

I could imagine it not working against .hccap as they have to be over 8 characters but it does work and obviously I get a lot of rejections but it runs successfully. But I am surprised that this should get stuck against MD5 whose password length could be down to 1.

Is this a bug or is it something I have done wrong ?

Thanks.
Reply
#2
Are you sure about that?

The clGetPlatformIDs() -1001 error is something that if you get it you will get it for both md5 or wpa. there is no difference.
Reply
#3
Hi atom

Yes I am absolutely certain of it. Smile

I have tried this on Win 7 with ocl-hashcat-plus v0.09b and my trusty old XP computer running ocl-hashcat-plus v0.07.

Exactly the same result, every time.

Using the rule file above, a word list and a .hccap file it works. Well, it appears to be testing I don’t know if it is actually working, but it looks like it. Then using everything exactly the same apart from swapping the .hccap for a single MD5 and swapping the mode to MD5 it displays the error above.
Reply
#4
Just in case, can you post both the command line that you use.
Reply
#5
Please send me the dictionary you are using. I have a suspect Smile
Reply
#6
(06-23-2012, 11:19 AM)atom Wrote: Please send me the dictionary you are using. I have a suspect Smile

Well done atom !! ... and hey I'm not mental after all !!! Ha ha !! I was starting to get paranoid with this find and the hybid mask thing only affecting me !!! ...phew !

The file I used was pretty big so a little difficult to send. Do you mind if I try to find a smaller one that gives the same error or would you mind telling me what to test, as in what to put in or take out of the file ?

If it is absolutely imperative for you to have the exact file then I will of course make the extra effort and get it to you.

All my files, including the big one, are cleaned up considerably. I remove all junk and they are formatted CrLF if that helps.

(06-22-2012, 09:30 PM)mastercracker Wrote: Just in case, can you post both the command line that you use.

Sorry, I missed your post because I saw that atom had possibly found the problem.

Code:
oclHashcat-plus32.exe --rules-file Diminishing_Password.rule 098f6bcd4621d373cade4e832627b4f6 passlist.txt

oclHashcat-plus32.exe --hash-type 2500 --rules-file Diminishing_Password.rule test.hccap passlist.txt

Atom,

I have found this problem with a really small list, same thing happens with this below.

I can still send you the large one if you really need it but this gives the same error.

Code:
0000
000000
00000000
007007
101010
102030
1029384756
1100101
111
1111
11111
111111
1111111
11111111
112233
1123581321
1212
121212
123
123123
123123123
123321
1234
12341234
12345
123456
1234567
12345678
123456789
1234567890
123456a
1234qwer
123654
123abc
123qaz
123qwe
123qweasd
12qwaszx
1313
131313
1314520
142857
147258
147258369
159357
159753
1q2w3e
1q2w3e4r
1q2w3e4r5t
1qaz2wsx
1qaz@wsx
1qazxsw2
2000
2112
2222
222222
232323
31337
314159
31415926
3333
333333
4128
4321
4444
5150
5201314
5555
55555
555555
654321
666
6666
666666
6969
696969
741852963
7758258
7758521
7777
777777
7777777
778899
789456
789456123
8675309
87654321
888888
88888888
951753
987654
987654321
999999
a12345
a123456
a1s2d3f4
aaaa
aaaaaa
aaaaaaaa
abc123
abcd1234
abcdef
abcdefgh
abgrtyu
access
access14
acidburn
action
adidas
admin
airsnow
albert
alex
alexander
alexis
aliali
alpha
amanda
amateur
andrea
andrew
angel
angela
angels
animal
anthony
apollo
apple
apples
arsenal
arthur
asd123
asdasd
asdasdasd
asddsa
asdf
asdf123
asdf1234
asdfasdf
asdfg
asdfgh
asdfghjkl
asdzxc
asfsadfasdg
ashley
asshole
atlantis
august
austin
avatar
azerty
baby
badboy
bailey
banana
bananas
barney
baseball
batman
beach
bear
beaver
beavis
beer
benjamin
bigcock
bigdaddy
bigdick
bigdog
bigtits
bill
billy
birdie
bitch
bitches
biteme
blabla
blablabla
black
blackhat
blah
blahblah
blanah
blaster
blazer
blonde
blondes
blowjob
blowme
blue
bond007
bonnie
booboo
boobs
booger
boomer
booty
boston
brandon
brandy
braves
brazil
brian
bronco
broncos
bubba
buddy
buffalo
bulldog
bullshit
buster
butter
butterfly
butthead
byteme
calvin
camaro
cameron
canada
captain
carlos
carter
casper
catdog
changeme
charles
charlie
cheese
chelsea
chester
chevy
chicago
chicken
chris
cocacola
cock
coffee
college
common
compaq
computer
consumer
cookie
cool
cooper
corvette
courtney
cowboy
cowboys
cream
creative
crystal
cumming
cumshot
cunt
dakota
dallas
dammit
daniel
danielle
darkness
dave
david
death
debbie
dennis
destiny
dexter
dfsvcgbv
diablo
diamond
dick
dirty
doctor
doggie
dolphin
dolphins
donald
download
dragon
dreams
driver
drowssap
drpepper
dummy
dvcfghyt
eagle
eagle1
eagles
eclipse
edward
einstein
elephant
eminem
enigma
enjoy
enter
enterprise
eric
erotic
extreme
falcon
family
fantasy
fender
ferrari
ferret
ffffff
ficken
fire
firebird
fish
fishing
fjwopska
flash
florida
flower
fluffy
flyers
foobar
football
ford
forever
forgot
frank
freaky
fred
freddy
freedom
fuck
fucked
fucker
fuckfuck
fucking
fuckit
fuckme
fuckoff
fucku2
fuckyou
future
gandalf
garfield
gateway
gators
geheim
gemini
genius
george
gfhjkm
giants
ginger
girl
girls
gizmodo
godzilla
gogogo
golden
golf
golfer
google
gordon
great
green
gregory
guitar
gunner
hack
hacker
hackers
hackme
hacktheplanet
haha
hahaha
halflife
hallo
hammer
hannah
happy
hardcore
harley
haselko
heather
hello
hello1
hello123
helloworld
helpme
henrbn
hentai
hockey
hooters
horney
horny
hotdog
hotmail
house
hunter
hunting
iceman
iddqd
ilovecomet
iloveyou
immortal
inferno
internet
iwantu
jack
jackie
jackson
jaguar
jake
james
jamesbond
japan
jasmine
jason
jasper
jennifer
jeremy
jessica
jessie
jesus
john
johnny
johnson
jonathan
jordan
joseph
joshua
juice
junior
justdoit
justin
katana
kelly
kevin
keyboard
kickass
killer
king
kissmyass
kitty
kkkkkk
knight
l3tm31n
ladies
lakers
lalala
lauren
lawrence
leather
legend
letmein
letmein1
lifehack
little
login
lol
lol123
lollol
london
lonewolf
love
loveme
lover
lovers
lucifer
lucky
maddog
madison
madman
maggie
magic
magnum
mandrake
marine
mark
marlboro
martin
marvin
master
masters
matrix
matt
matthew
maverick
maxmax
maxwell
mayday
melissa
member
mercedes
merlin
metallica
mexico
michael
michelle
mickey
microsoft
midnight
mike
miller
mine
mistress
mmmmmm
mnbvcxz
money
monica
monkey
monster
morgan
mother
mountain
movie
muffin
murphy
music
mustang
mypassword
myrootkit
naked
nascar
nathan
naughty
ncc1701
nelson
nemesis
neverwinter
newyork
nicholas
nicole
nigger
nintendo
nipple
nipples
nirvana
noname
nopass
nopassword
nothing
novell
oicu812
oliver
openup
orange
ou812
p455w0rd
p4ssw0rd
p@$$w0rd
p@ssw0rd
pa55w0rd
packard
packers
panther
panties
paris
parker
parola
pass
pass123
passme
passpass
passw0rd
passwd
password
password1
password123
passwordpassword
passwordtest
patrick
paul
pavilion
peaches
peanut
penis
pepper
pepsi
peter
phantom
phoenix
pikachu
pineapple
player
please
pokemon
pookie
poop
poopoo
porn
porno
porsche
pouet
power
pppppp
prince
princess
private
pumpkin
purple
pussies
pussy
q1w2e3
q1w2e3r4
q1w2e3r4t5
q2w3e4r5
qawsed
qaz123
qazwsx
qazwsxedc
qazxsw
qazxswedc
qqqqqq
qqqqqqqq
qscez12
qwaszx
qwe123
qweasd
qweasdzxc
qweqwe
qwer
qwer1234
qwert
qwerty
qwerty1
qwerty123
qwertyui
qwertyuiop
qwertz
r00t
r00tk1t
r00tkit
r4nd1x
rabbit
rachel
racing
raiders
rainbow
ranger
rangers
raptor
rebecca
red123
redhat
redskins
redsox
redwings
remember
richard
robert
rock
rocket
root
rootkit
rootkit1
rootkit123
rootkit4me
rootkitcom
rootkitpass
rootkitpassword
rootkits
rootpass
rosebud
runner
rush2112
russia
sakura
samantha
sammy
samson
samsung
samurai
sandra
saturn
scooby
scooter
scorpio
scorpion
scott
secret
security
semperfi
server
sexsex
sexy
shadow
shannon
shaved
shit
shithead
sierra
silver
simone
simple
skippy
slayer
slipknot
slut
smith
smokey
snoopy
soccer
something
sommer
sophie
spanky
sparky
spider
squirt
srinivas
ssssss
star
starcraft
stargate
stars
startrek
starwars
steelers
stefan
steve
steven
sticky
stupid
success
suckit
summer
sunshine
super
superman
surfer
swimming
swordfish
sydney
system
taylor
teens
temp123
tennis
teresa
terror
test
test123
test1234
tester
testing
testing123
testpass
testpasword
testtest
theman
thomas
thunder
thx1138
tiffany
tiger
tigers
tigger
tiktoor
time
tits
tkfkdgo
tomcat
tomtom
topgun
tornado
toyota
tralala
travis
trinity
trouble
trustno1
tucker
turtle
united
unknown
utopia
vagina
vampire
verbatim
vfcdsdar
victor
victoria
video
viking
viper
voodoo
voyager
walter
warcraft
warrior
water
welcome
whatever
white
whoami
wibble
wicked
william
willie
wilson
windows
winner
winston
winter
wizard
woaini
wolf
women
wordpass
xavier
xxxx
xxxxx
xxxxxx
xxxxxxxx
yahoo
yamaha
yankee
yankees
yellow
yomama
young
yyyyyy
zaq12wsx
zaqwsx
zerocool
zxcvbn
zxcvbnm
zzzzzz
Reply
#7
It's probably not the problem but you could remove uncertainties by being precise in your command line. For your MD5 example, include the --hash-type 0 and put your hash in a text file instead of putting it directly in the command line. Try to see if you get the same mistake. If it still does, at least you will have compared the same thing together.
Reply
#8
Thanks mastercracker I think we are a little further forward !

If I try to put the hash "in line" I get the error above.

If I try a larger text file with different hashes in (still MD5) it fails !

I have however found a list of MD5 where it doesn't fail, not sure why.

Could it possibly be something to do with how HC filters the list when checking to see if the rule will work ?

I may have this wrong so let me do this properly and report back.

Thanks for your help.

EDIT

This seems more to do with the size of the hash list, however I am getting really tired now and I may be making mistakes as I am beta testing other software tonight I also have another bug report here Smile

I will experiment further in the morning and get back to you with something reproducible. ... I hope.
Reply
#9
I can not reproduce it Sad I even used a 32 bit version:

Quote:root@sf:~/oclHashcat-plus-0.09# ./oclHashcat-plus32.bin --hash-type 2500 --rules-file Diminishing_Password.rule test.hccap passlist.txt --gpu-temp-disable
** Valid keyfile for beta usage: atom (expires 07.06.2013)

oclHashcat-plus v0.09 by atom starting...

Hashes: 1
Unique salts: 1
Unique digests: 1
Bitmaps: 8 bits, 256 entries, 0x000000ff mask, 1024 bytes
Rules: 24
GPU-Loops: 128
GPU-Accel: 16
Password lengths range: 8 - 15
Platform: AMD compatible platform found
WARN: ADL_Main_Control_Create(): -1

Watchdog: Temperature abort trigger disabled
Watchdog: Temperature retain trigger disabled
Device #1: Cayman, 1024MB, 0Mhz, 24MCU
Device #2: Cayman, 1024MB, 0Mhz, 24MCU
Device #1: Allocating 28MB host-memory
Device #1: Kernel ./kernels/4098/m2500.Cayman_938.1_1.4.1741.kernel (2084228 bytes)
Device #2: Allocating 28MB host-memory
Device #2: Kernel ./kernels/4098/m2500.Cayman_938.1_1.4.1741.kernel (2084228 bytes)

Scanned dictionary passlist.txt: 6156 bytes, 827 words, 19848 keyspace, starting attack...


Status.......: Exhausted
Rules.Type...: File (Diminishing_Password.rule)
Input.Mode...: File (passlist.txt)
Hash.Target..: hashcat (00:aa:aa:aa:aa:aa <-> aa:aa:aa:aa:aa:aa)
Hash.Type....: WPA/WPA2
Time.Running.: 0 secs
Time.Left....: 0 secs
Time.Util....: 686.3ms/0.0ms Real/CPU, 0.0% idle
Speed........: 322 c/s Real, 0 c/s GPU
Recovered....: 0/1 Digests, 0/1 Salts
Progress.....: 19848/19848 (100.00%)
Rejected.....: 19627/19848 (98.89%)

Started: Tue Jun 26 11:54:44 2012
Stopped: Tue Jun 26 11:54:45 2012
Reply
#10
(06-26-2012, 11:56 AM)atom Wrote: I can not reproduce it Sad I even used a 32 bit version:

Well, thanks for trying atom.

I guess as this is another instance where it is just me experiencing the problem then it must be something I am doing.

Please don't waste your time on this atom, it must be me for some reason.

I will keep playing with it as it does keep happening and I will try to find a reason myself. I don't want you to waste valuable coding time on it ! Smile
Reply