LM hash support for OCLHC
#21
Sweet. So I downloaded the latest version of lite and tried to run it in LM mode, but I keep getting "ERROR: clBuildProgram() -11".

Even with NTLM mode I get an error, but v0.8 worked fine on my system.
#22
Did you update your drivers?
#23
atom do you plan an update for LM for hashcat (cpu) ?
#24
(02-05-2012, 05:15 PM)K9_ Wrote: Did you update your drivers?

It still says "AMD users require Catalyst 11.12" on the main page for lite.
I have 11.12 right now. Do I need a new version?
#25
What card do you have? As I understand it, you must have 11.12 w/hotfix if you're using a 7970, but that doesn't install the AMD SDK that ships with 12.1 (which oclHashcat-lite-0.09 requires).

I've heard it might be possible to install 11.12 and the 7970 hotfix, then install just the SDK from 12.1. I have not confirmed that myself.
#26
(02-05-2012, 09:11 PM)Mem5 Wrote: atom do you plan an update for LM for hashcat (cpu) ?

no, use RT on CPU
#27
Alright driver problems solved, and it's running now, but I'm having some command line/speed problems I think.

I want to tell it to crack an LM hash but I know character 8 is Y from Cain trying to crack it. (B79AE2610DD89D4C=Y?)

It might also contain French characters, so just in case.

So I've got...
oclHashcat-lite64.exe -m 3000 --pw-min=8 --pw-max=8 --custom-charset1=?u?d?s?F 1D735ED099DEC228B79AE2610DD89D4C ?1?1?1?1?1?1?1Y

But it just instantly comes back as "Exhausted".

If I try...
oclHashcat-lite64.exe -m 3000 --pw-min=7 --pw-max=8 --custom-charset1=?u?d?s?F 1D735ED099DEC228B79AE2610DD89D4C ?1?1?1?1?1?1?1Y

It says it's only doing 88000k/s but NTLM does 2200M/s on my 5670.

What am I missing?

#28
(02-07-2012, 01:52 AM)fatalx Wrote: So I've got...
oclHashcat-lite64.exe -m 3000 --pw-min=8 --pw-max=8 --custom-charset1=?u?d?s?F 1D735ED099DEC228B79AE2610DD89D4C ?1?1?1?1?1?1?1Y

But it just instantly comes back as "Exhausted".

This is because it cracks each half of the hash independently, and because each half is at most 7 characters and you specified a minimum of 8, there are no possible valid combinations.

I've been thinking about the same issue of how to attack the first half if you already know the second half. The only thing I can think of is to add the 8th character (1st in the second half) to your mask for the 1st character overall, the 9th added to the 2nd character mask, etc.

So if the plain is 'PASSWORD' and you already got 'D' using another tool, you could do a mask like this:

Code:
-1 PD -2 ASWOR ?1?2?2?2?2?2?2

So basically knowing the second half of the hash only helps you if those characters aren't already included in the mask you're using for the first half of the hash.

On the other hand, it only takes about 200 minutes to brute-force the entire 7-character ?u?d?s space for LM, which will give you both sides (I did it this afternoon on a 14-character LM password).
#29
(02-07-2012, 10:02 AM)chort Wrote: This is because it cracks each half of the hash independently, and because each half is at most 7 characters and you specified a minimum of 8, there are no possible valid combinations.

I was wondering how this new feature would be implemented. It'd be nice to see it able to take half of the LM hash at a time and be able process it separately.

(02-07-2012, 10:02 AM)chort Wrote: On the other hand, it only takes about 200 minutes to brute-force the entire 7-character ?u?d?s space for LM, which will give you both sides (I did it this afternoon on a 14-character LM password).

What card are you using that it will only take 200 minutes?
I'm running a 5670 and it says 23 hours, and the speed is 88400k/s.
NTLM runs at 2200M/s. Is this normal?
#30
I'm using an OC'd 5870.