Distributed Computing for cracking a long passwd

[HelloShitty]

oclhashcat-* won't crack anything with more than 15 chars.

oclhashcat cannot crack passwords > 16 chars.

are you that ignorant?

Hey man, you don't need to be that harsh...

You said that Hashcat can't process hashes over 16 chars but atom also said that oclHashcat-lite can... Then, epixoip talked about the first 4 chars...

I didn't understood that part maybe because i don't have the enough knowledge to understand it.

So i was gently asking to someone explain that part to a beginner, maybe with an example and show us how to configure oclHashcat-lite to process these hashes.

Another point is that the known part of the passwd has 26 chars (with spaces included) and the unknown part, we are assuming that can be up to 10 chars...

So, the 16 chars limit is including the known part and the unknown part of the passwd? Or just the password itself?

The hash that i want to crack includes 3 variables: "var1:var2:var3"

The "var1" and "var2" are the known parts of the hash. The "var3" is what we rally want to crack.

so i'm using a mask like var1:var2:?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1 and the charset1 is ?l?u?d?s..

So, with this settings i'm not going to be able to crack the missing part of the hash?

Many thanks to any contribution...

[Hash-IT]

My is not an answer, but I do not intend to steal this thread.

I am following this thread with interest and like to understand too.

You three Atom, epixoip and undeath are experts and but with short, compact explanation you made us very confused. Could you please please please give us a command line as example
- how one machine can tackle this problem either GPU or CPU, even with GPU performance loss, -hence the need of 4 CPUs-
- What this member needs to do so 4 machines can tackle together this problem.

thank you very much for your help.

I'm not sure I understand the question properly but here is an example how to split a brute force up between 4 computers.

This is how to do it for WPA.

To make it easier to explain this is supposing you want to brute force numbers only against WPA at length 8. Also this is for windows 32bit. So you need to check what you are running.

It's unfortunate that 10 isn't easily divided by 4 !

oclHashcat-plus32.exe -a 3 --hash-type 2500 -1 ?d -2 01 test.hccap -o Found.txt ?2?1?1?1?1?1?1?1
oclHashcat-plus32.exe -a 3 --hash-type 2500 -1 ?d -2 234 test.hccap -o Found.txt ?2?1?1?1?1?1?1?1
oclHashcat-plus32.exe -a 3 --hash-type 2500 -1 ?d -2 567 test.hccap -o Found.txt ?2?1?1?1?1?1?1?1
oclHashcat-plus32.exe -a 3 --hash-type 2500 -1 ?d -2 89 test.hccap -o Found.txt ?2?1?1?1?1?1?1?1

I think that's right, someone will probably point out if it isn't !

[HelloShitty]

My is not an answer, but I do not intend to steal this thread.

I am following this thread with interest and like to understand too.

You three Atom, epixoip and undeath are experts and but with short, compact explanation you made us very confused. Could you please please please give us a command line as example
- how one machine can tackle this problem either GPU or CPU, even with GPU performance loss, -hence the need of 4 CPUs-
- What this member needs to do so 4 machines can tackle together this problem.

thank you very much for your help.

I'm not sure I understand the question properly but here is an example how to split a brute force up between 4 computers.

This is how to do it for WPA.

To make it easier to explain this is supposing you want to brute force numbers only against WPA at length 8. Also this is for windows 32bit. So you need to check what you are running.

It's unfortunate that 10 isn't easily divided by 4 !

oclHashcat-plus32.exe -a 3 --hash-type 2500 -1 ?d -2 01 test.hccap -o Found.txt ?2?1?1?1?1?1?1?1
oclHashcat-plus32.exe -a 3 --hash-type 2500 -1 ?d -2 234 test.hccap -o Found.txt ?2?1?1?1?1?1?1?1
oclHashcat-plus32.exe -a 3 --hash-type 2500 -1 ?d -2 567 test.hccap -o Found.txt ?2?1?1?1?1?1?1?1
oclHashcat-plus32.exe -a 3 --hash-type 2500 -1 ?d -2 89 test.hccap -o Found.txt ?2?1?1?1?1?1?1?1

I think that's right, someone will probably point out if it isn't !

Ok, that's a start!

Please, if you know, answer me the following questions:

1 - Each line is to be used in each computer, right?

2 - The "-a 3" is the type of attack, right? Brute-force in this case?

3 - The "--hash-type 2500" is self-explanatory.

4 - What mans this "-1"

5 - What means the "-d" at this position?

6 - What means the "-2" at this position?

7 - I gently ask you to explain how do you divide the task as it is in the "01", "234", "567" and "89"

8 - The "-o file.txt" is also self-explanatory.

9 - The "test.hccap" would be the file with the hash, right?

10 - The "?2?1?1?1?1?1?1?1" would be the mask, right? But i see that you have a ?2 and a ?1, meaning that you have 2 charset, right? In the command where are those 2 charsets? Are they the -1 ?d and -2 01 (2- 234, and so on)? I'm confused because this is setted in the GUI command line as --custom-charset1 and --custom-charset2...

Many thanks

[Xanadrel]

--help

[Hash-IT]

I hope it is more than just a start !

OK before I go any further, I am not the best person to ask about this but I am the most likely to give it a go at answering !

Ok, that's a start!

Please, if you know, answer me the following questions:
[quote='HelloShitty' pid='7654' dateline='1342163356']
1 - Each line is to be used in each computer, right?

YES

2 - The "-a 3" is the type of attack, right? Brute-force in this case?

YES

3 - The "--hash-type 2500" is self-explanatory.

YES = WPA

4 - What mans this "-1"

You are defining the character 1 as digits.

5 - What means the "-d" at this position?

It is not d it is ?d and it means all digits. 0123456789

6 - What means the "-2" at this position?

2 Is the smaller group, this allows you to split the workload. If it wasn't for this you would be doing the full pass on one computer.

7 - I gently ask you to explain how do you divide the task as it is in the "01", "234", "567" and "89"

Just split the work evenly between 4. Or as best I could because 10 isn't dived by 4 !! It measn in this example that computer A does all lines starting with 0 and all lines starting with 1.

8 - The "-o file.txt" is also self-explanatory.

Yes outfile.

9 - The "test.hccap" would be the file with the hash, right?

The hash list yes, as intext file. This example was to a hccap file (WPA)

10 - The "?2?1?1?1?1?1?1?1" would be the mask, right? But i see that you have a ?2 and a ?1, meaning that you have 2 charset, right? In the command where are those 2 charsets? Are they the -1 ?d and -2 01 (2- 234, and so on)? I'm confused because this is setted in the GUI command line as --custom-charset1 and --custom-charset2...

Yes this is the mask. The 2 is there because you want to split the workload. so the 2 on computer A represents 0 and 1. On computer B it would be 234. So computer B does all lines starting with 2,3 or a 4.

[undeath]

pretty useless to define -1 ?d though.

[Hash-IT]

pretty useless to define -1 ?d though.

Hello undeath

Yes I think I know what you mean, but I did it to make it as simple as possible to demonstrate the idea.

Unless you mean I have done something wrong ? Which is always possible for me !

[ntk]

I understand this distributed way very well now, Thank Hash-IT. You too HelloShitty for posting your question.

[HelloShitty]

Ok, after reading once more the wiki page of oclHashcat-lite, i need some help to calculate the amount of total combinations to a specific string.

Lets say that i have a 15 chars passwd that might contain all ?l ?u ?d and ?s in each position.

The total number of combinations will be 94^15=3.9521 wich is (32 (symbols) x 26 (lower letters) x 26 (upper letters) x 10 (numbers))^15 (chars).

This will consider a passwd range from 1 to 15.

What about to calculate for a passwd wich range is between 8 and 15?

[atom]

This will consider a passwd range from 1 to 15.

No, only length 15.

What about to calculate for a passwd wich range is between 8 and 15?

(94^8) + (94^9) + (94^10) + (94^11) + (94^12) + (94^13) + (94^14) + (94^15)