[fingerprint] combinator attack v0.13 bad, v0.15 good FYI upgrade!
#1
using hc-plus 013 I get this for a straight wordlist attack:

Code:
Session.Name...: oclHashcat-plus
Status.........: Running
Input.Mode.....: File (words\words_combined_sort.txt)
Hash.Target....: File (dbs\fingerhash.txt)
Hash.Type......: vBulletin < v3.8.5
Time.Started...: Tue Aug 27 19:02:45 2013 (7 secs)
Time.Estimated.: Tue Aug 27 19:04:25 2013 (1 min, 32 secs)
Speed.GPU.#1...:    12450/s
Recovered......: 0/28808 (0.00%) Digests, 0/28331 (0.00%) Salts
Progress.......: 3935866880/51398071869 (7.66%)
Rejected.......: 0/3935866880 (0.00%)
HWMon.GPU.#1...: 61% Util, 55c Temp, 50% Fan

however.. I took 1000 cracked passwords, and ran it though expander, removed dupes etc and ended up with near 10,000 in the new wordlist. Besides that, it seems to be running overly slow Sad.

Code:
Session.Name...: oclHashcat-plus
Status.........: Running
Input.Base.....: File (dbs\fingerword.txt)
Input.Mod......: File (dbs\fingerword.txt)
Hash.Target....: File (dbs\fingerhash.txt)
Hash.Type......: vBulletin < v3.8.5
Time.Started...: Tue Aug 27 19:06:31 2013 (31 secs)
Time.Estimated.: Fri Aug 30 02:02:53 2013 (2 days, 6 hours)
Speed.GPU.#1...:       74/s
Recovered......: 0/28808 (0.00%) Digests, 0/28331 (0.00%) Salts
Progress.......: 62457096/391213033136 (0.02%)
Rejected.......: 0/62457096 (0.00%)
HWMon.GPU.#1...: 72% Util, 56c Temp, 53% Fan

all of this was with version 0.13, so I upgraded to 0.15

Same exact command, wordlists etc except i used v0.15, and results are...

Code:
Session.Name...: oclHashcat-plus
Status.........: Running
Input.Base.....: File (dbs\fingerword.txt)
Input.Mod......: File (dbs\fingerword.txt)
Hash.Target....: File (dbs\fingerhash.txt)
Hash.Type......: vBulletin < v3.8.5
Time.Started...: Tue Aug 27 19:09:22 2013 (11 secs)
Time.Estimated.: Tue Aug 27 19:51:06 2013 (41 mins, 26 secs)
Speed.GPU.#1...:     5494 H/s
Recovered......: 1/28808 (0.00%) Digests, 1/28331 (0.00%) Salts
Progress.......: 1768459264/391213033136 (0.45%)
Rejected.......: 0/1768459264 (0.00%)
HWMon.GPU.#1...: 70% Util, 54c Temp, 50% Fan

All attacks are on oldvbull hashes (2611). Here are my commands for starting hc.

Code:
rem FYI - I rename the exe I want to use to hashcat.exe, I'm using the 64-bit opencl for a single AMD 6950 card
rem wordlist
oclHashcat-plus-0.13\hashcat.exe -m 2611 -a 0 --remove -o dbs\fingerhash_c.txt dbs\fingerhash.txt words\words_combined_sort.txt

rem 0.13 fingerprint
oclHashcat-plus-0.13\hashcat.exe -m 2611 -a 1 --remove -o dbs\fingerhash_c.txt dbs\fingerhash.txt dbs\fingerword.txt dbs\fingerword.txt

rem 0.15 fingerprint
oclHashcat-plus-0.15\hashcat.exe -m 2611 -a 1 --remove -o dbs\fingerhash_c.txt dbs\fingerhash.txt dbs\fingerword.txt dbs\fingerword.txt

Another FYI, with md5 (hashtype 0), there are no problems that I could see.
#2
you might wish to sort your wordlists by length as suggested by atom in the release notes for 0.15. Actually this is a good idea for any version of oclhashcat. You can use the splitlen utility to do so as well as a bash script like so...

awk '{print length, $0}' < wordlist.dict | sort -n | cut -d ' ' -f 2- > wordlist2.dict && rm wordlist.dict && mv wordlist2.dict wordlist.dict

The main difference is that splitlen generates 15 files and my solution resorts your dictionary.
#3
Thanks for the command line, I have been planning to do that actually, just never gotten around to getting it done Smile.

I only found the finger print method around 12 hours ago, and my md5 collection of hashes went from ~90% to 93%, after upgrading to oclhashcat 0.15 (for length limits removed etc), I'm so close to 95%, around 94.8%.

Before today, I thought that was nearly impossible on my hardware, glad to be wrong Big Grin.
#4
Quote:One last note about performance. There was a change to the status-display of the speed value which does not affect the real performance. With new oclHashcat-plus v0.15 the speed that is shown gets divided by the number of uncracked unique salts. Older oclHashcat-plus versions did not take this into account. Don't get shocked when you're cracking a large salted hashlist and the speed dropped by hundret of times (or to be exact by number of hashes/salts), the total time will stay equal.