08-28-2015, 09:26 PM
Hello everyone! I've come here seeking some clarity on the use of oclhashcat. I've spent my free time for the last few days reading a great deal on how to use this program and it seems like it could be a fun tool to use. I realize that there are likely many forum posts with questions similar to my own but I feel it necessary for my learning process to be involved in some kind of discussion with someone who understands the subject matter.
That being said I've created a 7z archive with a password so that I could learn effective ways to break into 7z archives. I have a fairly elementary understanding of hashcat, but am new to this so forgive me if my questions seem a bit obvious.
So what I have done so far is read and watched many tutorials on this subject, and discovered that I need to find a way to get the 'non-hash' (as I've seen it called) of my archive. After a bit of research I found that it isn't particularly difficult to do this, and managed to get a text output using 7z2hashcat.exe! Ok so that was simple enough, and every tutorial on the planet covers the next part. I went out and found 527MB of wordlists and decided I'd gather them all up with the mindset that maybe they'd be useful. I then ran the oclhashcat exe by entering the line "cudahashcat64.exe -m 11600 -output-file=cracked.txt --remove hash.txt wordlists"
Everything seems to work fine. I waited approximately 45 minutes for a general English wordlist to finish, but alas I was not given any clue to what the password is. "Of course it shouldn't be so easy!" I told myself. This leads me to my questions. The password to the archive I have made is happy123, which in my mind would mimic a fairly common password structure. Now this is where I've run into a bit of an impasse due to the specifics of my question. I'd like to know how, given my current resources, I could refine my guesses to be a bit more effective. As far as I'm aware the program would default to a mask attack unless I specified otherwise. What would be the best attack mode for such a situation? How are some ways I could configure my attacks to be more effective in recovering the password?
I also have a slightly less pressing question. When I ran the aforementioned line, I was getting somewhere around 250 H/s. I have a NVidia 770 gtx. Does this seem normal? I see videos of people using the same wordlists for similar activities but they get results in only 3 or so minutes where it takes me roughly an hour to run through just one wordlist comprised of about 350000 words. If I were to go through the entirety of my wordlists it would take days to finish this way. I'd imagine that this is due to some user error or oversight but I just thought I'd ask.
Thanks in advance to anyone who decides to help me out here, I really do appreciate it!
-Travis, one hungry dude.
That being said I've created a 7z archive with a password so that I could learn effective ways to break into 7z archives. I have a fairly elementary understanding of hashcat, but am new to this so forgive me if my questions seem a bit obvious.
So what I have done so far is read and watched many tutorials on this subject, and discovered that I need to find a way to get the 'non-hash' (as I've seen it called) of my archive. After a bit of research I found that it isn't particularly difficult to do this, and managed to get a text output using 7z2hashcat.exe! Ok so that was simple enough, and every tutorial on the planet covers the next part. I went out and found 527MB of wordlists and decided I'd gather them all up with the mindset that maybe they'd be useful. I then ran the oclhashcat exe by entering the line "cudahashcat64.exe -m 11600 -output-file=cracked.txt --remove hash.txt wordlists"
Everything seems to work fine. I waited approximately 45 minutes for a general English wordlist to finish, but alas I was not given any clue to what the password is. "Of course it shouldn't be so easy!" I told myself. This leads me to my questions. The password to the archive I have made is happy123, which in my mind would mimic a fairly common password structure. Now this is where I've run into a bit of an impasse due to the specifics of my question. I'd like to know how, given my current resources, I could refine my guesses to be a bit more effective. As far as I'm aware the program would default to a mask attack unless I specified otherwise. What would be the best attack mode for such a situation? How are some ways I could configure my attacks to be more effective in recovering the password?
I also have a slightly less pressing question. When I ran the aforementioned line, I was getting somewhere around 250 H/s. I have a NVidia 770 gtx. Does this seem normal? I see videos of people using the same wordlists for similar activities but they get results in only 3 or so minutes where it takes me roughly an hour to run through just one wordlist comprised of about 350000 words. If I were to go through the entirety of my wordlists it would take days to finish this way. I'd imagine that this is due to some user error or oversight but I just thought I'd ask.
Thanks in advance to anyone who decides to help me out here, I really do appreciate it!
-Travis, one hungry dude.