Bottleneck, and my 31 character limit. Ideas?
|
Bottleneck, and my 31 character limit. Ideas?
|
 Quote:insert character 'K' at postition 1? Nope, the opposite, insert character '1' at position 'K'  Quote:For positions over 9, use A-Z, for a total of 36 possible positions Quote:... and when that happens the password will be longer than 31 characters ... Right. The maximum support length is 32 anyway and you will be unable to crack this anymore. See here for details: https://hashcat.net/wiki/doku.php?id=fre...ord_length 
04-08-2015, 05:13 PM
(04-07-2015, 05:19 PM)atom Wrote:Quote:insert character 'K' at postition 1? Well shit! I thought by using attack mode 3 (like you did with this) it bypasses the 31 character limit? I'm almost done my slightly modified version of the script and will test it and see.
04-08-2015, 05:16 PM
DAAAAAMMIT! I saw the 3 and thought it was ATTACK mode 3 not workload 3. UUGGGHHHH!
This WILL grow past the 31 character limit. I'm apparently back to square one for a third time... *fall on sword* (04-08-2015, 05:16 PM)InfDoleo Wrote: DAAAAAMMIT! I saw the 3 and thought it was ATTACK mode 3 not workload 3. UUGGGHHHH! Thought I finally found the solution. And it apparently does not work. I think this software hates me. I figured out a way to do a combinator attack. I created a list of left/right pairs, chopped apart into files that do not overlap (so I'm not redundantly hashing the same thing over and over). Problem is, to get one side large enough that: A) It is more efficient (loading the wordlists less) and B) By having it unbalanced, I can stay under the 31 character per side limit, and only make a reasonable number of datafiles. A more even split is ineffeicient in this. My problem is the larger side of the wordlist file is absurdly large. And feeding it in from disk is absurdly slow. (Case in point: I started oclHashcat 5 mins before I started to write this. I wrote this post, read it, and edited it twice, and it still hasn't started hashing) So I tried to pipe it. And I cant. Because a combo attack needs to have 2 files specified. UuggghhH! Any chance in the next version, one side of the combo attack can be piped? I have a very specific situation and it seems like there is NO valid option. Masks don't work, it's ranges, and I'm limited to only 4 custom ones, and I'll be hashing redundant data having to do it that way. (In a non-repeating number sequence, running through a range repeatedly is a massive waste) Straight doesnt work, some of my data is > 31 characters. Rules don't work because it has to be <31 after the rule is applied. Combo's don't work because I can't pipe in data. Any thoughts? 
04-09-2015, 06:39 AM
Let it generate the dictionary stats, go to bed, and when you wake up it will be running or finished running.
But thats for one of the 560 dictionary files it would have to run. I put it together that way so that it would run faster - not have a 6 hour lag between each 4 minute scan.
The machine it's running on is an old scrypt mining rig with upgraded GPUs (and a mid grade hard drive, moderate ram, and a celeron processor). Going to try switching out the board and adding a SSD and see what happens.
04-09-2015, 03:41 PM
So for anyone who hasnt seen me ranting in the two other threads, I have a project I'm working on where I need to hash a very long 'password'. Thing is, it's not really that long - it's a random sequence of non repeating numbers separated by hyphens, and enclosed in brackets. So since half the characters are known, and the others have limited combinations (21 trillion vs 1.0E26 possibilities), its not that hard to hash. It just has worthless extra data in it. Right now, I'm working on 0-12, which happens to be exactly 31 characters. So I can sorta make that work (more on that in a moment).
That will grow to 14 then possibly up to 20 digits at some point. oclHashcat has a limit of 31* which the instant I go up to 14 possibilities, its impossible. Lets talk about 31 characters. Thats about 6 trillion lines of text, at well over a terabyte of data. Feeding that into oclHashcat, even in chunks, is slow as heck. First question: Which of the following will help speed that up? I'm sure a SSD vs. a western digital green series drive will help tons. Thats on the shopping list. Will memory help? The machine has 8 gb of ram. I don't feel like ram would help. Am I wrong? What about CPU? Right now the thing has a celeron in it, it used to be a mining rig. Will CPU help hashcat process the dictionary file faster? I tried to feed in a 50gb file last night and it was just... well, lets say I hit ctrl-C after a few hours. So I tried pipes. Pipes were faster. And I could make it even faster by piping the data directly from the generation script to hashcat, once I convert it to something faster (it was a quick n dirty in PHP, not the fastest thing to be using). But still a 31 character limit, so ok for the next 2 weeks. Not ok after that. Which of those will help? In another thread someone told me about the Amplification process, where you dump data into the GPU via rules (or other ways?) and it's a ton faster. Problem is, with rules, 31 character limit after the rules are processed. So I tried masks. Which ignore the 31 character limit. Problem is, there are only 4 custom fields, and since my data is NOT random in the traditional sense, the only way to do it is to have -1 012 -2 45 -3 67 -4 98 (012 in -1 so I can mask 1?1 so it ends up 10, 11, or 12). But now, it's checking redundant data. The list will NEVER have a 2-2 or a 10-10 in it. So I can either make a TON of rules to narrow down the dupes (wasting tons of hashing speed constantly reloading the rules) or make less rules, and hash 800trillion hashes instead of 21. Ugh. Then there are combinations - which also ignore the 31 character limit. Problem is I am then faced with: Make 40,000 different left/right lists (to avoid duplicating hashes) and lose speed loading a list thats hashed in half a second, or unbalance it - make one side huge, and the other only 1-3 numbers. It will be much more GPU efficient that way. But then by unbalancing - say when I'm up to 14, 15 or god forbid 20 numbers, the list becomes impossible and MUST be piped. Oh, shit. You can't pipe combination attacks. It's like everything I try is roadblocked somehow. Karma doesn't like me or something. Oh, had a great idea last night. Named pipes! Make a FIFO file, dump the data into it, and let hashcat read it like a disk file! Speed of pipes, no need for static files, can combo attack it! Nope. Hashcat reads it as a 0 byte file and errors out. UGH. So, given my two problems, anyone her have any ideas? I'm sure a SSD will help. Will ram? CPU? Any ingenious ideas on how to make a combo attack use pipes? Or how to mask more than 4 custom fields? Or, well, ANYTHING? I invested in hardware to take on this job, not realizing how many limitations designed specifically to irritate me (in jest, but damn it feels like it!) I'd face. I'll beg?
seriously?
3 forum threads for exactly the same problem within just a couple of hours/days this is against following forum rules ( https://hashcat.net/forum/announcement-2.html ): Do not double post. Do not advertise / spam. The threads: https://hashcat.net/forum/thread-4256.html - Formatted/mask permutations? https://hashcat.net/forum/thread-4259.html - Maximum length of 31? Why? https://hashcat.net/forum/thread-4268.html - Bottleneck, and my 31 character limit. Ideas? In theory we should ban you for such an aggressive posting behavior. But I will "just" close this forum thread for now (which is almost a copy-paste of the other ones), kindly ask you to use the other threads for the discussion and invite you to read the forum rules (again). This is a warning, next time you will get banned for sure. Forum rules are to be respected and that also includes not spamming with the same post content + double posting the same stuff across different threads within just some hours. These rules are also there for some very good reasons: for instance what if a user have a clever solution, which thread should he use to answer if they all deal with almost exactly the same question/problem. This is also to keep the forum clean and easier for admin/moderator/users to find stuff (the answer shouldn't be spread across several threads). 
04-09-2015, 05:03 PM
|
|
« Next Oldest | Next Newest »
|
