Posts: 6
Threads: 1
Joined: Sep 2012
Hey i am mike, and i just started using this program a few days ago.and i have a question regarding the Hybrid Attack. As the wiki says "One side is simply a dictionary, the other is the result of a Brute-Force attack" Since i think thats what i need if what i am thinking is possible?
So say i have a NTLM hash and its mikev619 for instance and in a wordlist i had mike, v in it, is there a way to set it so that it would find the mike and the v and just go straight to brute forcing the numbers? cause if i have mikev619 in the list it automatically cracks it, but if i have mike or mikev it takes a while. Also i am using the navida (CUDA) option for this i have GTX 560 graphics card or should i be using just cpu?
Thanks, Mike
Posts: 313
Threads: 44
Joined: Aug 2011
your wordlist should already contain "mikev" in it, or on the bruteforce side you'll have to include a-z as well as numbers
Posts: 6
Threads: 1
Joined: Sep 2012
09-29-2012, 02:24 AM
(This post was last modified: 09-29-2012, 02:52 AM by epixoip.)
(09-29-2012, 01:23 AM)forumhero Wrote: your wordlist should already contain "mikev" in it, or on the bruteforce side you'll have to include a-z as well as numbers
I added mike, michael, mikev to the wordlist its a 7.55GB wordlist i combined all those you see (ex john,cain,rockyou) there into one(Wordlist). But it didn't crack it.
http://i46.tinypic.com/vso1o0.png
Posts: 2,936
Threads: 12
Joined: May 2012
if you are targeting the plain "mikev619" then your mask shouldn't be 123456789, it should be 619 or ?d?d?d.
Posts: 6
Threads: 1
Joined: Sep 2012
(09-29-2012, 02:49 AM)epixoip Wrote: if you are targeting the plain "mikev619" then your mask shouldn't be 123456789, it should be 619 or ?d?d?d.
i changed the mask to what you said 619 or ?d?d?d and i get the same results as in the picture...But i am kinda of going for as if i didn't even know the hash was mikev619 and how i would bruteforce it.
Posts: 2,936
Threads: 12
Joined: May 2012
if mikev is in your wordlist and you use the mask ?d?d?d, it should find mikev619. but it probably didn't find it because the hash in your screenshot is not the ntlm hash of "mikev619."
pretending you didn't know what the plaintext was, that actually is how you would go about it. at some point you will start appending numbers to dictionary words, so you'll do dict + ?d, dict + ?d?d, dict + ?d?d?d, so on and so forth.
Posts: 6
Threads: 1
Joined: Sep 2012
haha whoops..i changed it to "mikev619" "f8c6188fd0442c6bbd3c8632e6ff6c7d" and its still gave me the same thing?
and ohh..now i understand what the wiki was trying to say.
Posts: 6
Threads: 1
Joined: Sep 2012
Alright so i don't know why this is happening but i got it working!. I downloaded the no GUI version and took the code from the GUI version
Code:
oclHashcat-plus-0.09>cudaHashcat-plus64.exe --hash-type 1000 --attack-mode 6 --gpu-devices 1 --segment-size 64 f8c6188fd0442c6bbd3c8632e6ff6c7d C:\Users\Michael\Desktop\Wordlist\hotmail.txt ?d?d?d
and put it in the cmd version based one and it crack it in a minute! Why does the GUI one fail yet the non GUI one works?
Posts: 2,936
Threads: 12
Joined: May 2012
hard telling. hashcat-gui is really out of date and not very many people use it.
Posts: 6
Threads: 1
Joined: Sep 2012
Oh well that makes makes sense..Thanks for the help man