Posts: 4
Threads: 1
Joined: Dec 2014
So... In The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) Linux managed to capture WPA2 hash (.cap) via wifite. Cleaned and converted to .hccap. Now back in Win7x64 and trying to use Cudahashcat to crack via bruteforce. Ran CudaHashcat64 via: cudaHashcat64.exe -m 2500 -a3 out.hccap ?a?a?a?a?a?a?a?a?a
Speed.GPU.#1.....: 51891 H/s
Time.Estimated....: > 10 Years
I've been reading how fast hashcat is, so I must be doing something wrong. I've also seen tutorials that say they get millions of H/s using their CPU cores, but this seems to be using my GPU.
Please advise...and forgive my newbie'ness. I'm here to learn.
Posts: 2,301
Threads: 11
Joined: Jul 2010
Only because it's fast doesn't mean it's out of this world.
Posts: 4
Threads: 1
Joined: Dec 2014
12-22-2014, 09:02 PM
(This post was last modified: 12-22-2014, 09:07 PM by Drivium.)
(12-22-2014, 08:58 PM)undeath Wrote: Only because it's fast doesn't mean it's out of this world.
Are you saying that this is to be expected or are there things I can do to improve this? Tough to read between the lines of that rather vague response.
Also, because I only have a single GPU, would I be better off using my CPU (i7 3770k 3.5ghz OC'd to 4.5ghz)? If so, how would I invoke that? I Googled oclHashcat which led me to this site. I downloaded oclHashcat for NVidia 1.31, but cudaHashcat is what actually downloaded.
Posts: 2,936
Threads: 12
Joined: May 2012
Hashcat is very fast, but the algorithms you are reading about are for fast hashes like MD5 and NTLM. WPA on the other hand is very very slow, and you have a shitty GPU. At the speeds you are getting with your GPU, the command you pasted would take:
95^9 / 51891 / 31556926 =~ 384,881 years
But even with a fast GPU, you're still not going to be able to brute force that keyspace. With e.g. R9 290X,
95^9 / 205000 / 31556926 =~ 97,424 years
In other words, you'd need 97,424 290X's to brute force that keyspace in one year.
Hopefully now you see how slow WPA is, and why the attack you are running is impossible. In short, you need to be much smarter about your attacks, especially with the GPU that you have.
Posts: 2,936
Threads: 12
Joined: May 2012
(12-22-2014, 09:02 PM)Drivium Wrote: would I be better off using my CPU
No, your CPU is likely much slower. I reckon you'd probably only get around 8 KH/s with your CPU.
(12-22-2014, 09:02 PM)Drivium Wrote: I Googled oclHashcat which led me to this site. I downloaded oclHashcat for NVidia 1.31, but cudaHashcat is what actually downloaded.
oclHashat is for AMD cards, cudaHashcat is for Nvidia cards.
Posts: 4
Threads: 1
Joined: Dec 2014
12-22-2014, 09:18 PM
(This post was last modified: 12-22-2014, 09:19 PM by Drivium.)
Ok. Things are getting clearer. My GPU is an Nvidia GTX660Ti PE. Ok, with the info I've given, what might be the optimal "smarter" method for my purpose?
Posts: 2,936
Threads: 12
Joined: May 2012
Wordlist attacks for sure, possibly rule-based if you are very smart about which rules you select, and maybe targeted mask attacks.
Basically you're probably not going to be able to "cold crack" WPA unless they're using a common password, already-compromised password, or a default password. WPA is very slow, so you are very limited in the types and variety of attacks you can run. You pretty much have have to know something about your victim in order to crack their wifi password.
And if you are new to password cracking, WPA is a terrible place to start learning.
Posts: 4
Threads: 1
Joined: Dec 2014
(12-22-2014, 09:25 PM)epixoip Wrote: Wordlist attacks for sure, possibly rule-based if you are very smart about which rules you select, and maybe targeted mask attacks.
Basically you're probably not going to be able to "cold crack" WPA unless they're using a common password, already-compromised password, or a default password. WPA is very slow, so you are very limited in the types and variety of attacks you can run. You pretty much have have to know something about your victim in order to crack their wifi password.
And if you are new to password cracking, WPA is a terrible place to start learning.
I appreciate the response. Ok, I'll research further. Thanks for pointing me in the right direction.
-D