hashcat Forum Deprecated; Ancient Versions Very old oclHashcat-lite Support v
oclhashcat-lite Bruteforce Question

Threaded Mode
oclhashcat-lite Bruteforce Question
NeonFlash Offline
Member
***
Posts: 82
Threads: 26
Joined: Oct 2011
#1
09-07-2012, 02:31 AM
Hi,

I would like to understand the bruteforce mask attack options in oclhashcat-lite. It is not clear, at least not as much as in oclhashcat-plus, probably because the attacks are more complicated here.

If I want to cover the entire key space for length 8 for lowercase +digits, I use the following syntax:

oclhashcat-lite32.exe -m <mode> -n 400 -1 ?l?d <hash> ?1?1?1?1?1?1?1?1

However, when the attack starts, it says, trying plaintexts from length 1 to 55 (maybe this is displayed by default).

Now, I press the s key to display the status and I can see it showing the plaintext being tried currently and the length as:

Plaintext.length=7
Plaintext=***z4ny

So, what makes it start the attack with length 7?

Also, what do those asterisks in the plaintext indicate? Are they like wild card characters? So, oclhashcat-lite would try all the possible values for lowercase + digits for the first 3 places (which are masked) and the remaining 4 are fixed to: z4ny??

How, do I make it cover the entire key space for length 8?

Possibly, disable markov and set both, --pw-min and --pw-max to length 8?

Code:
oclhashcat-lite32.exe -m <mode> --markov-disable --pw-min=8 --pw-max=8 <hash> ?1?1?1?1?1?1?1?1

Is this Ok?
Find
M@LIK Offline
Senior Member
****
Posts: 414
Threads: 14
Joined: Mar 2012
#2
09-07-2012, 02:42 AM
For fixed length you need to set --pw-min|max, so yes, you last command is correct.
And no, you do not need to disable markov, it will not skip any combination in the given range. It will only change the order.
Tip: You needn't specify --pw-max as it will exhaust itself when the whole mask is done.

@atom, AnyoneKnowsWhatImTalkingAbout:: We need to make it all (cpus, -lite) follow the new -plus:
Code:
* Increment:

  -i,  --increment                   Enable increment mode
       --increment-min=NUM           Start incrementing at NUM
       --increment-max=NUM           Stop incrementing at NUM
Find
NeonFlash Offline
Member
***
Posts: 82
Threads: 26
Joined: Oct 2011
#3
09-07-2012, 02:52 AM
@M@LIK: Thanks for the response. However, I get an error while running the above command.

In the documentation it says, use --markov-disable for a bruteforce attack. Ok, but it is good to know that it covers the entire keyspace.

Now, I tried the modified version as:

oclhashcat-lite32.exe -m <mode> --pw-min=8 <hash> ?1?1?1?1?1?1?1?1

no combinations possible on left side.

If I set, --pw-max=8, the error says, no combinations possible on right side.
Find
NeonFlash Offline
Member
***
Posts: 82
Threads: 26
Joined: Oct 2011
#4
09-07-2012, 02:55 AM
Ok, I got it working now Smile
Find
M@LIK Offline
Senior Member
****
Posts: 414
Threads: 14
Joined: Mar 2012
#5
09-07-2012, 02:59 AM
NeonFlash Wrote: In the documentation it says, use --markov-disable for a bruteforce attack.
That need to be changed.

You only disable it when you need a real NEAT brute-force (aa, ab, ac).
Brute-force++ (markov+per position masks) is a smart enough to replace that.
Find