oclHashCat-plus64 MD5(unix) cracking help
#1
Hi

i have a md5(unix) hash that i have the plain text (pre-hashed) too..
its a 5 digit lowercase password

now i wanna test cracking with oclHashCat-pluse ..
see this ./cudaExample500.sh first
Code:
root@bt:~/oclHashcat-plus-0.14# ./cudaExample500.sh
cudaHashcat-plus v0.14 by atom starting...

Hashes: 1 total, 1 unique salts, 1 unique digests
Bitmaps: 8 bits, 256 entries, 0x000000ff mask, 1024 bytes
Rules: 1
Workload: 16 loops, 80 accel
Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 80c
Device #1: GeForce GT 520M, 1023MB, 1030Mhz, 2MCU
Device #1: Kernel ./kernels/4318/m0500.sm_21.64.ptx

Cache-hit dictionary stats example.dict: 1210228 bytes, 129988 words, 129988 keyspace

NOTE: autotuned --gpu-accel from 80 to 8

$1$uOM6WNc4$r3ZGeSB11q6UUSILqek3J1:hash234  
                                            
Session.Name...: cudaHashcat-plus
Status.........: Cracked
Input.Mode.....: File (example.dict)
Hash.Target....: $1$uOM6WNc4$r3ZGeSB11q6UUSILqek3J1
Hash.Type......: md5crypt, MD5(Unix), FreeBSD MD5, Cisco-IOS MD5
Time.Started...: Wed May  1 16:07:24 2013 (1 sec)
Speed.GPU.#1...:   101.1k/s
Recovered......: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts
Progress.......: 57344/129988 (44.11%)
Rejected.......: 0/57344 (0.00%)
HWMon.GPU.#1...: -1% Util, 47c Temp, -1% Fan

Started: Wed May  1 16:07:24 2013
Stopped: Wed May  1 16:07:25 2013
first of all see speed --> "101.1k/s"
is it ok ???? :-s

then , i wanna learn how can i check all possible passwords from a-z & A-Z & 0-9 on my hash or hashs that saved in a file




i used this command :
Code:
root@bt:~/oclHashcat-plus-0.14# ./cudaHashcat-plus64.bin -m 500 -a 0 --increment --increment-min=5 --increment-max=6 -1 [b]abcdhizre[/b] -o cr.txt /root/cuda/1.txt
and it retrieved :
Code:
cudaHashcat-plus v0.14 by atom starting...

Hashes: 1 total, 1 unique salts, 1 unique digests
Bitmaps: 8 bits, 256 entries, 0x000000ff mask, 1024 bytes
Rules: 1
Workload: 16 loops, 80 accel
Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 80c
Device #1: GeForce GT 520M, 1023MB, 1030Mhz, 2MCU
Device #1: Kernel ./kernels/4318/m0500.sm_21.64.ptx

Starting attack in stdin mode...

                                            
Session.Name...: cudaHashcat-plus
Status.........: [b]Aborted[/b]
Input.Mode.....: Pipe
Hash.Target....: $1$pXrXXhXq$BXIX2wFXXaXXXlFXXXLXf.
Hash.Type......: md5crypt, MD5(Unix), FreeBSD MD5, Cisco-IOS MD5
Time.Started...: Wed May  1 16:06:51 2013 (24 secs)
Speed.GPU.#1...:        [b]0/s[/b]
Recovered......: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
[b]Progress.......: 0
Rejected.......: 0[/b]
HWMon.GPU.#1...: -1% Util, 46c Temp, -1% Fan

Started: Wed May  1 16:06:51 2013
Stopped: Wed May  1 16:07:15 2013
please write correct command..

tnQ in advance..
#2
Well, I see you've booted up Backtrack such as hacker, LoL!

Escape charset defined with -1 and don't use '--increment[-min,-max]' with straight mode.
#3
no im not a hacker ...

i dont know about straight mode , is it mean all chars (a-z&A-Z&0-9&symbols) ?
what does it do ?
i used -1 option in prev post ...

now i used this :
Code:
root@bt:~/oclHashcat-plus-0.14# ./cudaHashcat-plus64.bin -m 500 -a 0 -1 zareh --increment -o /cr.txt /root/cuda/1.txt
>>
Code:
cudaHashcat-plus v0.14 by atom starting...

Hashes: 1 total, 1 unique salts, 1 unique digests
Bitmaps: 8 bits, 256 entries, 0x000000ff mask, 1024 bytes
Rules: 1
Workload: 16 loops, 80 accel
Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 80c
Device #1: GeForce GT 520M, 1023MB, 1030Mhz, 2MCU
Device #1: Kernel ./kernels/4318/m0500.sm_21.64.ptx

Starting attack in stdin mode...

it says Starting attack in stdin mode (like later sayed and i ctrl+C it and aborted!)
i think its waiting for wordlist or something like that!

because when i use wordlist after that it says :
Code:
root@bt:~/oclHashcat-plus-0.14# ./cudaHashcat-plus64.bin -m 500 -a 0 -1 zareh --increment -o /cr.txt /root/cuda/1.txt /pentest/passwords/wordlists/darkc0de.lst
>>
Code:
cudaHashcat-plus v0.14 by atom starting...

Hashes: 1 total, 1 unique salts, 1 unique digests
Bitmaps: 8 bits, 256 entries, 0x000000ff mask, 1024 bytes
Rules: 1
Workload: 16 loops, 80 accel
Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 80c
Device #1: GeForce GT 520M, 1023MB, 1030Mhz, 2MCU
Device #1: Kernel ./kernels/4318/m0500.sm_21.64.ptx

Cache-hit dictionary stats /pentest/passwords/wordlists/darkc0de.lst: 17355341 bytes, 1650705 words, 1650705 keyspace

                                            
Session.Name...: cudaHashcat-plus
Status.........: Cracked
Input.Mode.....: File (/pentest/passwords/wordlists/darkc0de.lst)
Hash.Target....: $1$p3rXXXhJq$BEIa2wFHPXXXXXXXJf.
Hash.Type......: md5crypt, MD5(Unix), FreeBSD MD5, Cisco-IOS MD5
Time.Started...: Wed May  1 17:31:37 2013 (6 secs)
Speed.GPU.#1...:   115.2k/s
Recovered......: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts
Progress.......: 573442/1650705 (34.74%)
Rejected.......: 2/573442 (0.00%)
HWMon.GPU.#1...: -1% Util, 48c Temp, -1% Fan

Started: Wed May  1 17:31:37 2013
Stopped: Wed May  1 17:31:44 2013
and in /cr.txt , i have cracked hash !
see
Code:
Input.Mode.....: File (/pentest/passwords/wordlists/darkc0de.lst)

i dont know what is "Starting attack in stdin mode..." and how can i work with it ...
and i dont know how to say to hashcat to check all combinations of alphabets (upper & lower) & digits without WORDLIST USING yet..



*ps: the password was in the wordlist !


tnq for read my post <3
#4
if brute-force attack in hashcat is mean to mask-attack ...
can i generate passes with another application and send it to hashcat with e pipe or something else ?

can anyone write an example code ???
#5
Why don't you look at help and wiki ? There's everything what you need.
#6
tanq for your replay.

because i cant understand mask chars ...!
i know ?l is lowercase , ?u is uppercase , .....
but i dont know , how can write correct mask ...

but it isn't the real problem !
my speed is 60180/s for mask attack..
i used ?l for example ...

on md5 (-m 0) i have M/s speed
but on md5(unix) i have this speed , that is not a good speed for bruteforce i think Sad
with this speed i just can check 5digit low-letter in 30 min !
this time will be len(?l)*30min for 6digits only Sad

can i have more speed with my gpu and no clustering?
i can support temperature ...
#7
You can adjust utilization with -n and -u parameters, but 60 kh/s is a good speed for this highly iterated algorithm...
#8
To crack all possible combinations just use:
cudaHashcat-plus64.exe -m 500 -a 3 -i --increment-max 6
that bruteforces all possible combination with ?u?l?s?d with a max. lenght of 6 chars.
#9
(05-01-2013, 05:38 PM)Kuci Wrote: You can adjust utilization with -n and -u parameters, but 60 kh/s is a good speed for this highly iterated algorithm...

hmm , tanX
but i need a M/s speed Big Grin

can i possible to make a cracking machine ??
with number of 10 GPU? Big Grin

is there a complete tutorial? :-?
#10
(05-01-2013, 06:52 PM)TrAnn3l Wrote: To crack all possible combinations just use:
cudaHashcat-plus64.exe -m 500 -a 3 -i --increment-max 6
that bruteforces all possible combination with ?u?l?s?d with a max. lenght of 6 chars.

tnQ veryyyyy much dude <3