Practical PRINCE: 1 CPU + 24 hours = 63% Linkedin hashes cracked, 100% automated
#11
I forgot to say that I am using oclHashcat, I'm starting cudaHashcat.exe with --stdin option, but how do I get the pipe out from pp64?
Reply
#12
cudaHashcat has no --stdin option. just download latest version of pp from here:

https://github.com/jsteube/princeprocessor/releases

then, if you are on windows, do in cmd.exe:

Quote:pp64.exe < rockyou.dict | cudaHashcat64.exe -m 190 linkedin.hash

Note that cracking a fast-hash on GPU results in low GPU utlization if you do not use an amplifier. I'd recommend instead:

Quote:pp64.exe < rockyou.dict | cudaHashcat64.exe -m 190 linkedin.hash -r prince_optimized.rule
Reply
#13
So, after all the changes made to princeprocessor that have been added in the meanwhile I redid the same test to see how it changed.

With the latest version from GIT from https://github.com/jsteube/princeprocessor I was able to archieve 68MH/s instead of 5MH/s. This is still far from GPU speed, but it already has a nice impact on the results.

So with those 68MH/s I was able to crack 72% instead of 62% with the 5MH/s. And to add up something I've let it run for 48 hours. After that I've cracked 78%. Still, that is only with one CPU and with a non-ideal wordlist.
Reply
#14
Been playing with Prince (0.19) and I noticed something strange. When using one list, it exhausts within seconds. Using a second list, it keeps going and going. Same command line, just the dictionary has changed. The quick exhaust dictionary has symbols, whereas the other does not. Is this a bug? I can post command lines and the "bad" dictionary if requested.
Reply
#15
Don't think it's a bug. There are many factors that influence the keyspace. Make sure you understood the basic concept
Reply
#16
I guess the idea was taken from Passcape's fingerprint attack?
Reply
#17
I think you mean Hashcat's fingerprint attack.

And no, PRINCE is not a fingerprint attack.
Reply
#18
What's the difference then?
Reply
#19
(02-02-2015, 10:46 AM)justme Wrote: What's the difference then?

Wait, you confuse something. First, fingerprint attack as used in passcape comes from here: https://hashcat.net/wiki/doku.php?id=fingerprint_attack

Actually, they copied it from us as this was one my of first attack modes.

Prince is very different. They share one thing that both could be seen as advanced combinator attacks, but that's it. In Fingerprint you rotate words but it's always a double combinator attack. In Prince you do not rotate words but it's a multi combinator attack.
Reply
#20
Got it, thanks.
Reply