current v44 status
#1
System: Windows 7 64 bit, catalyst 12.6 HD5750, oclhashcat-plus beta 44

Initial setup:

I am testing 5 different length of passwords (2,4,8,12,15) on attack mode 0,1,3,6 and 7. All that for each algo supported except WPA. There are 2 special cases: 1) -m 1500 DES(unix) where I do only length 2,4 and 8. 2) -m 3000 LM where I do only length 2 and 4.

The good

Here's the algos where everything is perfect: 10, 20, 21, 40, 100, 101, 110, 111, 112, 120, 121, 122, 140, 300, 1100, 1500, 1700, 1720, 1722, 2400, 3000, 3100, 3200.


The bad

- For -m 1710 sha512($pass.$salt), Bruteforce on length 4 fails. Everything else works.
- For -m 2100 Domain Cached Credentials2, mscash2, in case it was not read in a previous thread, when you have an hash with the username of 14 characters, the Hash:username is skipped in the loading without any error message.


The crashes (command line used when a driver crash happens)

oclhashcat-plus64.exe -a 3 -d 1 -m 400 -o found.txt --bf-min 4 --bf-max 4 -1 ?s?d?u?l hash.txt ?u?d?s?d
oclhashcat-plus64.exe -a 3 -d 1 -m 500 -o found.txt --bf-min 4 --bf-max 4 -1 ?s?d?u?l hash.txt ?u?d?s?d
oclhashcat-plus64.exe -a 3 -d 1 -m 1600 -o found.txt --bf-min 4 --bf-max 4 -1 ?s?d?u?l hash.txt ?u?d?s?d
oclhashcat-plus64.exe -a 3 -d 1 -m 1800 -o found.txt --bf-min 2 --bf-max 2 hash.txt ?s?s
oclhashcat-plus64.exe -a 3 -d 1 -m 1800 -o found.txt --bf-min 4 --bf-max 4 -1 ?s?d?u?l hash.txt ?u?d?s?d
oclhashcat-plus64.exe -a 6 -d 1 -m 1800 -o found.txt hash.txt dic1.txt ?l?l
oclhashcat-plus64.exe -a 6 -d 1 -m 1800 -o found.txt hash.txt dic1.txt A?l?l
oclhashcat-plus64.exe -a 7 -d 1 -m 1800 -o found.txt hash.txt ?s?s dic1.txt
oclhashcat-plus64.exe -a 7 -d 1 -m 1800 -o found.txt hash.txt B?l?l dic1.txt
oclhashcat-plus64.exe -a 7 -d 1 -m 1800 -o found.txt -1 1234 hash.txt ?1?1?1?1 dic1.txt
oclhashcat-plus64.exe -a 3 -d 1 -m 2100 -o found.txt --bf-min 4 --bf-max 4 -1 ?s?d?u?l hash.txt ?u?d?s?d
oclhashcat-plus64.exe -a 3 -d 1 -m 2600 -o found.txt --bf-min 15 --bf-max 15 -1 a -2 b -3 c -4 d hash.txt ?1?1?1?1?2?2?2?2?3?3?3?3?4?4?4
oclhashcat-plus64.exe -a 3 -d 1 -m 2611 -o found.txt --bf-min 8 --bf-max 8 -1 a -2 b hash.txt ?1?1?1?1?2?2?2?2
oclhashcat-plus64.exe -a 3 -d 1 -m 2611 -o found.txt --bf-min 15 --bf-max 15 -1 a -2 b -3 c -4 d hash.txt ?1?1?1?1?2?2?2?2?3?3?3?3?4?4?4
#2
System: Windows 7 64 bit, Driver 285.62 GTX470, oclhashcat-plus beta 44

Initial setup:

I am testing 5 different length of passwords (2,4,8,12,15) on attack mode 0,1,3,6 and 7. All that for each algo supported except WPA. There are 2 special cases: 1) -m 1500 DES(unix) where I do only length 2,4 and 8. 2) -m 3000 LM where I do only length 2 and 4.

The good

Here's the algos where everything is perfect: 0, 10, 20, 21, 40, 100, 101, 110, 111, 112, 120, 121, 122, 140, 300, 400, 500, 1000, 1100, 1400, 1410, 1420, 1500, 1600, 1700, 1720, 1722, 2400, 2600, 2611, 3000, 3100, 3200


The bad

- For -m 1710 sha512($pass.$salt), -a 1, -a 6 and -a 7 are not working. -a 0 and -a 3 works perfecty.
- For -m 1800 sha512crypt, SHA512(Unix), length 15 failed for -a 1 and -a 6. Length 4 failed for -a 3 and -a 7. Length 8 failed for -a 7. The remainder worked.

Edit: bruteforce from Length 4 resulted in the cuStreamSynchronize() 999 error after 5.68% progress.

- For -m 2100, Domain Cached Credentials2, mscash2, the username length 14 bug reported for AMD is also there for Nvidia. For bruteforcing of length 4, I get the cuStreamSynchronize() 999 error after 15.04% progress.
- For -m 2711 vBulletin > v3.8.5, only dictionary mode works. The rest fails.
- For -m 2811 IPB2+, MyBB1.2+, only dictionary mode works. The rest fails.


Notes
- I would still like the accepted salt length of -m 2811 to be extended to 8 characters.
- The cuStreamSynchronize() 999 error seems to match some attacks where I get driver crash with AMD. My GTX 470 has 1280 Mb of DDR5 memory.

(08-10-2012, 10:41 PM)atom Wrote: overall:

-m 141 broken
-m 1800 broken (amd tested, nv not yet) on pw length 1 and 3

multihash (singlehash worked!), tested in -a 0

-m 2600 broken (amd tested, nv not yet)
-m 2611 broken (amd tested, nv not yet)
-m 2711 broken (amd tested, nv not yet)
-m 2811 broken (amd tested, nv not yet)
I am not sure what the definition of "broken" is but for sure, 1400, 1410, 1420, 2600, 2611 are not broken in my setup. My only concern is my forceware that is not recent. I will do the tests on my 3rd computer and report if the problems are different.
#3
Quote:I am not sure what the definition of "broken" is but for sure, 1400, 1410, 1420, 2600, 2611 are not broken in my setup. My only concern is my forceware that is not recent. I will do the tests on my 3rd computer and report if the problems are different.

yep thats ok, its an AMD driver bug. of nvidia i am using the same code and it works fine. i spend nearly whole weekend to find a workaround but failed. maybe catalyst 12.8 will fix it
#4
mastercracker, are you testing on single hash or multihash? its two different kernels
#5
fixed (on amd)

Quote:- For -m 0 MD5, bruteforce of length 2, 4 and 8 fails. Everything else works.
- For -m 900 MD4, Bruteforce on length 2,4,8 and 12 fails. Everything else works.
- For -m 1000 NTLM, Bruteforce on length 2,4 and 8 fails. Everything else works.

fixed (on nv)

Quote:- For -m 900 Bruteforce on length 12 failed. Everything else worked.
#6
i will remove the fixed issues from the original post, so its easier for me to track them
#7
(08-12-2012, 06:42 PM)atom Wrote: mastercracker, are you testing on single hash or multihash? its two different kernels
All the testings are on multihash only. To be more precise, all the hashes of every algortithm are together in one file. I don't put the --remove switch so they always stay there. It's much easier than having a different file for every algorithm.
#8
Fixed @ AMD:

Quote:- For -m 30 md5(unicode($pass).$salt), bruteforce on length 2 and 4 fails. Everything else works.
- For -m 130 sha1(unicode($pass).$salt), bruteforce on length 2 and 4 fails. Everything else works.
- For -m 131 MSSQL(2000), bruteforce on length 2 and 4 fails. Everything else works.
- For -m 132 MSSQL(2005), bruteforce on length 2 and 4 fails. Everything else works.

Fixed @ NV:

Quote:- For -m 30 md5(unicode($pass).$salt), Bruteforce of length 2 and 4 fails. Everything else worked.
- For -m 130 sha1(unicode($pass).$salt), Bruteforce of length 4 , -a 1 for all length and -a 7 for all length failed. The remainder worked.
- For -m 131 After correction of the hashes. Bruteforce on length 2 and 4, -a 1 and -a 7 for all length failed. The remainder worked.
- For -m 132 Bruteforce on length 4, -a 1 and -a 7 for all length failed. The remainder worked.

New version b45 is up
#9
Here's my third system results (only differences with my GTX470):

System: Windows Vista 32 bit, Driver 301.42 GTS250, oclhashcat-plus beta 44

- For -m 1800 sha512crypt, SHA512(Unix), I get driver crashes for all modes and length.

- For -m 3200 bcrypt, Blowfish(OpenBSD), I get the following error on every modes and length:

ERROR: cuModuleLoad() 209


I will now start the testing on b45...
#10
READ BOTTOM FIRST
System: Windows 7 64 bit, Driver 285.62 GTX460, oclhashcat-plus beta 45


Corrected bugs:

-m 30 is now perfect.
-m 130 bruteforce of length 4 is fixed.
-m 131 Bruteforce on length 2 and 4

Not corrected or corrected improperly:

-m 130 sha1(unicode($pass).$salt), -a 1 for all length and -a 7 for all length failed.
-m 131 -a 1 and -a 7 for all length failed.
-m 132 -a 1 and -a 7 for all length failed.
-m 900 Bruteforce on length 12 failed.

New bug:

-m 3000 got screwed up somehow. Here's what was expected:

144c77b47ef6caf5:mc
43154416d62f6c2a:hash
85fa793a454d9840:qz
1a6b659a23a5b345:ToDo
e85d0c49cfb378e0:%*
2a5d8ece29452fb1:P0$7
a9c3248d86ab3ded:q!
310726e22190782c:T0Be
fff79def78d18000:$D
87203beb6f07d882:($$)

Here's the output:

144c77b47ef6caf5:MC <-- Ok
43154416d62f6c2a:HASH <-- ok
1a6b659a23a5b345:MCDO <-- There is a little bit of McDonalds in everyone...
e85d0c49cfb378e0:% <-- Not good
2a5d8ece29452fb1:P5 6 <-- Not good
1a6b659a23a5b345:MCDO <-- Not good
fff79def78d18000:*D <-- Not good
87203beb6f07d882:#%$) <-- Not good

The duplicate comes from the fact that everything is uppercased and my attacks are case sensitive but the wrong passwords created are bad. Also if it helps tracking, the expected results are in this order: length2 and length4 for -a 0 then -a 1 then -a 3, -a 6, -a 7.


UH OH. I DON'T KNOW IF YOU HAVE CORRECTED EVERY KERNEL OR ONLY THE ONES SPECIFIC FOR GTX470. I DID NOT THINK MUCH AND DID THE TEST ON MY GTX460 THIS TIME. I WILL CHECK ON GTX470 NOW.