8800 GT & cudaHashcat-plus
#1
Hi,
sorry for this newbie msg , but I'm somehow bloqued by "where do I start reading the doc".

my configuration is :
- dell optiplex 790 (no choice)
- i7-2600 3.40G (no choice)
- The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) linux 64b (its a choice Wink
- Gforce 8800 GT (no choice)

do you think w7-64 bits is a better option ?

I'm quite confused with the 'mask' attacks (on a net ntlmv2.. ;-) :
- some of the options I've tried 'exhausted' the cudaHashcat-plus.bin process (too specific mask : e.g. "-t 8 -a 3 -n 80 -u512 ... -1 ?u?l?l -2 ?d?d?d ?1?2?1?2");
- some of the options I've tried made an Error 700 'cuMemcpyDtoh' (" -t 32 -a 3 n -160 -u 1024 ..");

So my questions are .. :
- any reference to start with ? and perhaps with exhaustive masks explanations Wink
- what would be the limitation of a Geforce 8800 GT ? (it looks like it have 112 cores - but is quite old)

thanks a lot for reading!
#2
Operating system is your choice, it's whatever you're most comfortable with. Use Windows if you are more comfortable with it, although you might look at also installing your favorite GNU utils as well, as they are rather indispensable. I personally prefer to use Linux, and while I cannot say that I agree with your choice of distribution, it is after all your choice.

Your CPU is likely faster than your GPU. Since you have no choice in which GPU you use, it would probably be to your benefit to just not use it.

The mask attack is very simple, it looks like you are making it much harder than it is. Mask attacks are nothing more than a brute force attack using a per-position character set.

The pre-programmed character sets are defined as follows:

?l == lower alpha, equivalent to [:lower:]
?u == upper alpha, equivalent to [:upper:]
?d == digits, equivalent to [:digit:]
?s == special chars, equivalent to [:punct:]
?a == all printable ascii characters, equivalent to [\x20-\x7E] or [:print:]

The length of the mask is the exact length or maximum length of the keyspace you want to search. If you want to brute force up to or exactly six characters, then your mask should be six characters long.

Each character of the mask is comprised of the character set you want to use for that position in the mask. So for example,

classic brute force, all chars length 6: ?a?a?a?a?a?a
brute force loweralpha length 7: ?l?l?l?l?l?l?l
brute force upperalpha length 8: ?u?u?u?u?u?u?u?u

For these three we used the same charset for each position, but the beauty is you don't have to.

digit followed by four loweralpha followed by digit (example, 6balls9): ?d?l?l?l?l?d
upperalpha followed by seven loweralpha followed by two digits (example, Password01): ?u?l?l?l?l?l?l?l?d?d

You can also define custom character sets with -1, -2, -3, and -4. You already attempted to do this, but I don't think you understood what this did since you have .e.g -2 ?d?d?d which makes no sense.

Let's say we want to append BOTH digits and special chars to the end of a mask. How do you define a mask where a position could be two or more possible charsets? That's where the custom charsets come in.

Define a custom charset that contains both digits and special chars: -1 ?d?s
Use it in the mask (example, Password1!): ?u?l?l?l?l?l?l?l?1?1

You can also use single characters in a mask as well, doesn't have to be a predefined charset. So let's say we want to brute force "Password" followed by any two characters; mask would be: Password?a?a

So now that this is hopefully more clear, go back and read the wiki article on mask attacks. Hopefully it will click now.

Lastly, I'm not sure what you think the -t parameter does, but judging by your command line, it does not do whatever it is you think it does Wink It is used to limit the keyspace of markov attacks to the top N characters in each position. So if you were doing a mask attack of loweralpha length 8 with a threshold of 10, it would limit the keyspace to 10^8 instead of 26^8.
#3
Ohh thank you - awesome response & explanations.
I will indeed consider to move to some ubuntu release for this kind of application ;-)
I had some try with the masks - really powerfull Wink

Trying to demonstrate GPU cracking capabiliites , would you recommand a specific hardware ? (= a GPU card) - I don't need the state of the art - but some generic GPU card to insert in a generic tower. ( it looks like my motherboard has one PCI-e 16x and one PCI-e 4x slot ..PSU already changed to a 520w unit.)

do you think:
- ubuntu 12.04
- AMD APP SDK v2.7+AMD Catalyst 12.4 (http://developer.amd.com/tools-and-sdks/...atibility/)
- any AMD Radeonâ„¢ HD Graphics (providing they fit into my box..)
make sense ?

thanks a lot!
#4
ubuntu 12.04 is fine.

do not install the AMD APP SDK.
you must use AMD Catalyst 13.1 for the current release. the next release will require 13.4.

for the GPU, if you do not need state of the art, i would recommend a Radeon HD 7950.