hashcat
advanced password recovery

randomperson · 01-22-2013, 11:43 AM

I'm new to the forum and I need a little help.

I need to crack a hash which is something like `hash = substr(md5(password), 0, 8)`, but i am not sure what options I should use.

Any help will be appreciated.

**epixoip** · 01-22-2013, 12:19 PM

hashcat does not support anything like that.

however, there are only 2**32 possible combinations, so there's a 50% chance you'll find a collision after 77k attempts, and a 75% chance after 110k attempts. start scripting.

***atom*** · 01-22-2013, 12:46 PM

yeah, that should be easy

randomperson · 01-22-2013, 12:46 PM

(01-22-2013, 12:19 PM)epixoip Wrote: hashcat does not support anything like that.

however, there are only 2**32 possible combinations, so there's a 50% chance you'll find a collision after 77k attempts, and a 75% chance after 110k attempts. start scripting.

Thanks for replying, I will try writing a code for that.

sprot · 01-25-2013, 03:18 PM

Hi. I have the same issue as topicstarter. What do you mean when when reply "start scripting"?
I need to using maskprocessor to generate rules?

**epixoip** · 01-25-2013, 05:57 PM

no, i mean write your own program or script that will generate a collision. it doesn't have to be very fast or efficient because you are likely to find a collision in only 110,000 guesses when comparing only the first four bytes.

sprot · (This post was last modified: 01-25-2013, 08:22 PM by sprot.)

(01-25-2013, 05:57 PM)epixoip Wrote: no, i mean write your own program or script that will generate a collision. it doesn't have to be very fast or efficient because you are likely to find a collision in only 110,000 guesses when comparing only the first four bytes.

Do you know why the official version of hashcat does not support such type of hash? Is it possible to add this option? I wrote about this to author of this program, but doesn't received response. I have some source code to implement such option, but I was not satisfied with the speed. hashcat works very fast.
P.S. sorry for my English Smile

.

***atom*** · (This post was last modified: 01-26-2013, 12:59 AM by atom.)

Here is a little code I wrote for your "problem": http://pastebin.com/Mmv7T9AD

In my tests I was able to crack/collide nearly every possible first-2^32-bit-MD5 hash in less then 15 minutes, no need for hashcat patch.

Quote:root@ht:~# time /root/maskprocessor-0.69/mp64.bin ?d?d?d?d?d?d?d?d?d?d?d?d?d?d | ./subhash aaaaaaaa
Password matches: 00003433277101

real 12m4.230s
user 12m9.510s
sys 1m3.508s

Quote:root@ht:~# time /root/maskprocessor-0.69/mp64.bin ?d?d?d?d?d?d?d?d?d?d?d?d?d?d | ./subhash deadbeef
Password matches: 00003428718063

real 10m6.153s
user 11m30.499s
sys 1m35.158s

**undeath** · (This post was last modified: 01-26-2013, 01:00 AM by undeath.)

here is some python code. works the same as atom's code but instead of a single hash you specify a hash list. However it's way slower. (at least for small amounts of hashes)

http://pastebin.com/ZFv1rcCd

Code:
maskprocessor-0.68/mp64.bin "?d?d?d?d?d?d?d?d?d?d" | python /tmp/cracksub.py /tmp/test

11f3c5f7:0381855993

fedcba98:0425872543

6e7b46f0:1773702951

cbcab91c:1999019018

sprot · 01-27-2013, 12:36 AM

undeath,
atom,
Thank you for your reply, time and code. But if I understand correctly this code for bruteforcing MD5 on CPU. I'm sorry, I did not notice that this is a topic for hashcat, and I'm interested in oclHashcat that uses GPU. What about it? Is it likely that in the near future you will add substr to the oclHashcat?

Login
Username/Email:
Password:	Lost Password?
	Remember me

hashcat advanced password recovery

hashcat
advanced password recovery