vBulletin: md5(md5($pass).$salt) - command line ?!
#1
Question 
I try these:

oclHashcat.exe -m 5 vb3_hashes.txt example.dict ?d

oclHashcat.exe -d 1 -n 8 -m 5 vb3_hashes.txt example.dict ?d

the hashes in vb3_hashes.txt are in format hashConfusedalt

the programme responds this:

Code:
Digests: 2 entries, 2 unique, 0Mb
Salts: 2 entries, 2 unique, 0Mb
Loaded: example.dict (129988)
Maskprocessor: ?d (10)
Summary: 1299880 combination
Platforms: 1
Vendor: NVIDIA Corporation (1 matched)
Kernel: oclHashcat_4_4318.kernel (227254 bytes)
Device #1: GeForce 9800 GTX/9800 GTX+, 511MB, 1836Mhz, 16MCU
WARNING: words in wordlist_right < 128. Can't gain full performance
[s]tatus [p]ause [r]esume [q]uit =>
Threads...: 1, running
Speed.GPU1: 49.30M/s
Speed.GPU*: 49.30M/s
Recovered.: 0/2 Digests, 0/2 Salts
Progress..: 1299880/1299880 (100.00%)
Running...: --:--:--:--
Estimated.: --:--:--:--

Started: Fri May 14 12:31:24 2010
Stopped: Fri May 14 12:31:25 2010

The result is no found passwords !? The same passwords but in MD5 are found ! What I do wrong ?

And one more question - is there option for SIMPLE wordlist (dictionary) attack , NOT combined with any mask attack ?

Thanks in advance !
#2
(05-14-2010, 11:40 AM)vector Wrote: The result is no found passwords !? The same passwords but in MD5 are found ! What I do wrong ?

i dont see the problem. you are going to test only 129988 combinations, which requires less than a second. so you're just finished.

(05-14-2010, 11:40 AM)vector Wrote: And one more question - is there option for SIMPLE wordlist (dictionary) attack , NOT combined with any mask attack ?

for plain dictionary attack, use the cpu-based version: hashcat
#3
(05-16-2010, 12:00 PM)atom Wrote:
(05-14-2010, 11:40 AM)vector Wrote: The result is no found passwords !? The same passwords but in MD5 are found ! What I do wrong ?

i dont see the problem. you are going to test only 129988 combinations, which requires less than a second. so you're just finished.

(05-14-2010, 11:40 AM)vector Wrote: And one more question - is there option for SIMPLE wordlist (dictionary) attack , NOT combined with any mask attack ?

for plain dictionary attack, use the cpu-based version: hashcat

Thank you for the answer !
OK finaly I found where I`m wrong Wink

Can I request plain dictionary attack for oclHashcat I think this is extremely useful feature especially for the salted hashes ?
#4
vector Wrote:Can I request plain dictionary attack for oclHashcat I think this is very useful future especially for the salted hashes ?

it depends. if we are talking about plain MD5/SHA1 (salted or not), it will be comparatively slow. better use cpu-based version hashcat.

on hashes which require a lot of cycles (phpass, md5(Unix)) it is maybe usefull to have plain dictionary attack. but there are only a few and they are currently not supported by oclHashcat. so i have currently no plans to add them.
#5
(05-17-2010, 11:04 AM)atom Wrote: so i have currently no plans to add them.

lol, actually this is a very pity!
#6
I have one more question - what is the maximum number of salted hashes that oclHashcat PRACTICAL supports in multihash work ?

I load ~96 000 hashes list and start brutе-force attack but receive this:

Code:
Threads...: 1, running
Speed.GPU1: 0.00M/s
Speed.GPU*: 0.00M/s
Recovered.: 0/96686 Digests, 0/89927 Salts
Progress..: 0/1000000 (0.00%)
Running...: 00:00:07:24
Estimated.: --:--:--:--

The programme jam or the speed is incredibly slow I`m not sure ...
#7
I guess it's still working but the speed is to low to display it.
#8
k9 is correct. but i admit, 0.00M/s can confuse a bit. so i planned to change speed-display in the next release v0.20 a bit. speed display will be more user-friendly so that it dynamically recalculates the value to x.xx/s, x.xxk/s or x.xxM/s depending on its speed.
#9
this has been implemented in oclHashcat v0.20