Huge wordlist

[jimipage]

Hello,
I'm trying to crack automatically generated password encrypted by md5.
I know all possible combinations. It's about 4B (2^32).
Each password is 8 symbols long(62 characters), so making mask is not an option here(218340B passwords).
So I'll jump to my problem. With my GPU oclExample0.sh makes about 1B/sec md5.
But, when I'm trying to use wordlist - It shows speed about 11-25M/sec.
I understand that copying data from SSD is not fast enough. So I tried to speed up it by creating tmpfs in RAM (DDR3 PC3-14900) and storing part of my wordlist there. The result was even worse - 11M/sec.

Ok. Here is the question: How do I speed up cracking by wordlist?

PS. Ubuntu/oclHashCat_plus/ATI 6770/Intel SSD

[radix]

how is using a mask not an option? seems like the perfect option since you know all the passwords are 8 len.

[jimipage]

maybe i understand masks wrong. What is your suggestion? Please provide command options.

[Sc00bz]

Without knowing what you are doing, I'd suggest removing the last character from all the words in the word list. Sort and remove duplicates. Then do a hybrid attack to add the last character back in. This should get speeds closer to 1B/sec. Now if removing the last character doesn't actually remove like 90% of the passwords in your list, then it's not going to be much of a help.

How did you generate the 2^32 passwords? Are they all like Aaaa000! or something? If they are then you can do a mask attack.

[jimipage]

Without knowing what you are doing, I'd suggest removing the last character from all the words in the word list. Sort and remove duplicates. Then do a hybrid attack to add the last character back in. This should get speeds closer to 1B/sec. Now if removing the last character doesn't actually remove like 90% of the passwords in your list, then it's not going to be much of a help.

How did you generate the 2^32 passwords? Are they all like Aaaa000! or something? If they are then you can do a mask attack.

That's an interesting suggest. But not really helps in my situation. Cutting password and running `sort -u` resulted in shortening testing wordlist from 94,967,295 to 94,966,065

Password list was generated using rand php function. Due to technical restrictions there are only 2^32 possible passwords. Here is an example:

Code:

BHwERtKm
6PSfGlqR
KHFWcxfg
Fno3gSLJ
1Ej4EUqw
QEp8L2Ry
RhOiuDqL
hceJvycQ
X9Tyrve7
l7QXg8nM

[forumhero]

if the hashed passwords are randomly generated then your only option would be to bruteforce

[Mangix]

try splitting your wordlist into smaller chunks and running them separately.

advanced tip: you can also try a normal mask attack like -1 ?u?l?d ?1?1?1?1?1?1?1?1 but you can run hcstatgen to generate an hcstat file based on your wordlist. this should speed up cracking in brute-force mode by quite a bit.

[jimipage]

I don't think hcstatgen will generate good hcstat file for my wordlist. Random generation in PHP works really reliable. I'll try it anyway. thanks.

After a few tests I was able to reach 32M/sec speed using Straight attack mode. It doesn't matter if I was using SSD or RAMfs for storing my wordlist.
It's looks like oclhashcat_plus is reading file really slow.

[jimipage]

I just realized that I posted my thread in the wrong Forum. Should be oclHashCat_plus forum. (moderators)Please move it if possible.

I got a new question here): Is there way to run few instances of oclHashCat_plus on same OS?

Code:

ERROR: already an instance ./oclHashcat-plus64.bin running on pid 3088

[The Mechanic]

Yes, use --session

I got a new question here): Is there way to run few instances of oclHashCat_plus on same OS?

Code:

ERROR: already an instance ./oclHashcat-plus64.bin running on pid 3088