Distributed Computing for cracking a long passwd
#1
Hi again...

I'm trying to crack a passwd from it's hash where i know part of it.

Even though, the part that is not known takes too much time to only one computer to crack.

So, i've been reading this but as i'm a begginer, i am kind of struggling to understand the usage of these options to enable and take advantage of distributing the worload by several computers so that we can crack it faster...

This is the deal:

Hash type: MD5
Password lenth: up to 30 chars
Known part of password: first 26 chars
Unkown part of the passwd: we are trying with 10 more chars
Charset of unkonwn part of the passwd: ?l?u?d?s
Mask for the passwd: AAAAAAAAAAAAAAAAAAAAAAAAAA?1?1?1?1?!?1?1?1?1?1, where the A's are the known part of the passwd that is not revealed by security reasons...

So, let's imagine that we are 4 guys all with different computer powers.

What should be the commando to do to split the job between us???
#2
I'm a bit confused. If you know the password is len30, and you know the first 26 characters, why would you need distributed computing? That's only 4 unknown positions.

I'm not sure where the "up to 10 more chars" comes in...
#3
oclhashcat cannot crack passwords > 16 chars.
#4
(07-09-2012, 01:58 AM)Bitweasil Wrote: I'm a bit confused. If you know the password is len30, and you know the first 26 characters, why would you need distributed computing? That's only 4 unknown positions.

I'm not sure where the "up to 10 more chars" comes in...

We are not sure how big it's the unknown part of the password. We only know that it has over 30 chars and we know the first 26 chars. We are assuming that 10 more chars after the 26 known, maybe enough to do the job...

Probably i haven't explained myself very well earlier...

(07-09-2012, 04:44 AM)epixoip Wrote: oclhashcat cannot crack passwords > 16 chars.

Following the above explanation, we are assuming the unknown part of the passwd can be up to 10 more chars beyond the 26 chars that we already know.

The hole passwd is AAAAAAAAAAAAAAAAAAAAAAAAAAxxxxxxxxxx, where the A's are the known 26 chars and the x's are the unknown chars of the hole passwd. So we are only interested in the last 10 chars of the passwd.



And just for clearing things maybe i said wrong when i wrote "up to 30 chars". I meant over 30 chars, or that the minimum lenth of the unknown part of the passwd ir 4 chars.

Hope i made my self clear this time...

Cheers
#5
(07-09-2012, 04:44 AM)epixoip Wrote: oclhashcat cannot crack passwords > 16 chars.

True, but oclHashcat-lite and hashcat CPU can. The problem is that the first 4 chars can not be static or you will loose all the performance.

In hashcat CPU you can also use this format:

hashConfusedalt

where salt is the fixed string you know and then use an appropriate salted algorithm type (if it exists).
#6
(07-09-2012, 09:48 AM)atom Wrote:
(07-09-2012, 04:44 AM)epixoip Wrote: oclhashcat cannot crack passwords > 16 chars.

True, but oclHashcat-lite and hashcat CPU can. The problem is that the first 4 chars can not be static or you will loose all the performance.

In hashcat CPU you can also use this format:

hashConfusedalt

where salt is the fixed string you know and then use an appropriate salted algorithm type (if it exists).

I'm using my video card to do the job. It's speed is at 114.1M/s. I don't know if it's fast or slow but the ETA is 6 days and 8 hours...

Can you explain better the part of the 4 fixed digits and the part of the format hashConfusedalt?
#7
oclhashcat-* won't crack anything with more than 15 chars. You probably did not specify --pw-min.

The part with the first four chars being fixed is a limitation of the cracking engine implementation.

md5(AAAAAA(...).$pass) <=> md5 ($salt.$pass) where $salt = AAAAA(...)
#8
Maybe I've not yet the enough knowledge to understand your explanation...

So how do i must configure oclHashcat-lite64.bin to try to crack this passwd?
#9
(07-09-2012, 09:44 PM)undeath Wrote: oclhashcat-* won't crack anything with more than 15 chars.

(07-09-2012, 04:44 AM)epixoip Wrote: oclhashcat cannot crack passwords > 16 chars.

are you that ignorant?
#10
(07-09-2012, 09:48 AM)atom Wrote:
(07-09-2012, 04:44 AM)epixoip Wrote: oclhashcat cannot crack passwords > 16 chars.

True, but oclHashcat-lite and hashcat CPU can. The problem is that the first 4 chars can not be static or you will loose all the performance.

In hashcat CPU you can also use this format:

hash:salt

where salt is the fixed string you know and then use an appropriate salted algorithm type (if it exists).

[/quote]
undeath Wrote:
oclhashcat-* won't crack anything with more than 15 chars.

(07-09-2012 03:44 AM)epixoip Wrote:
oclhashcat cannot crack passwords > 16 chars.

are you that ignorant?
[/quote]

My is not an answer, but I do not intend to steal this thread.

I am following this thread with interest and like to understand too.

You three Atom, epixoip and undeath are experts and but with short, compact explanation you made us very confused. Could you please please please give us a command line as example
- how one machine can tackle this problem either GPU or CPU, even with GPU performance loss, -hence the need of 4 CPUs-
- What this member needs to do so 4 machines can tackle together this problem.

thank you very much for your help.