Posts: 7
Threads: 1
Joined: Jul 2015
07-10-2015, 04:16 AM
(This post was last modified: 07-10-2015, 04:17 AM by tehSn0wman.)
First off I'd like to say thanks to all the people that are responsible for this great program. Keep up the awesome work.
Now to get down to my issue, I am wondering why I can not seem to crack a known 10 digit numerical WPA/WPA2 hash. I'm using OCLHashcat v1.36 Nvidia, with SLI GTX 770's on a Windows 7 machine. I grab the hash cap file in The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) Linux and convert it into an hccap file using hashcat's converter. Hashcat starts up and runs fine. After about 22 hours, it was 100% exhausted and the hash was not found.
My hashcat command looks like this:
oclhashchat64.exe -m 2500 -a 3 hccapfile ?d?d?d?d?d?d?d?d?d?d --remove --outfile=cracked.txt
While hashcat was running, it even displayed a [10] behind the ?d?d?d?d?d?d?d?d?d?d line so I know I didn't miscount.
Am I doing something incorrect? I checked over the wiki and I'm pretty sure I'm using the mask char set ?d correct but I'm not sure. If anyone could point me in the right direction, it'd be much appreciated. Thanks
Posts: 5,185
Threads: 230
Joined: Apr 2010
Yeah it's fine it will go through all passwords 0000000000 - 9999999999 but not in that order unless you use --markov-disable. Note it will not crack "012345" because it's not of length 10.
Posts: 13
Threads: 0
Joined: Jul 2015
10 digits and 22 hrs is a lot. Before you intend to do it again I suggest we run some tests first, take a trace where where we assume to know part of the password already eg if password is 0011223344 we know the first 3 and the last 2
so either run run with mask
oclhashchat64.exe -m 2500 -a 3 hccapfile '001'?d?d?d?d?d'44' --remove --outfile=cracked.txt with d=0,..,4
or
oclhashchat64.exe -m 2500 -a 3 hccapfile '001'?d?d?d?d?d?d?d --remove --outfile=cracked.tx with d=0,..,4
or
oclhashchat64.exe -m 2500 -a 3 hccapfile ?d?d?d?d?d?d?d?d'44' --remove --outfile=cracked.txt with d=0,..,5
then, secondly you have nowadays very effective distribution technique in oclhashcat, get in to a group of friends and use distribution cracking. Use the technique the creativity, there is no fun to let OCLhashcat seize the PC for 22hrs, with nothing cracked.
In a group it takes less less than that, and everyone can have more creativity more cracking fun.
Posts: 7
Threads: 1
Joined: Jul 2015
Thanks for the help and suggestions guys, really appreciate it.
Posts: 7
Threads: 1
Joined: Jul 2015
07-11-2015, 11:13 PM
(This post was last modified: 07-11-2015, 11:18 PM by tehSn0wman.)
Hey guys. I did a quick test, as you can see in the image below. I typed all numbers of the 10 digit password except for one digit, and hashcat still failed to crack it. It shows it's 100% complete, 10 out of 10 I'm guessing that means it tried numbers 0-9. I'm started to think something may be wrong with the hash file itself. I grab it with The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) Linux and use hashcat's converter. Maybe there is some issue with the conversion? Or maybe the fault lies with The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) linux in the original capture procedure? Any suggestions on where to start?
Posts: 13
Threads: 0
Joined: Jul 2015
07-11-2015, 11:27 PM
(This post was last modified: 07-11-2015, 11:28 PM by newntk.)
Interesting, shame, I don't have my system to trace this problem... mine was down over 3 yrs ago.
Posts: 19
Threads: 4
Joined: Jun 2015
If it's not sensitive - you could post the hccap file somewhere for others to try (to at least rule out corrupted file). I can run this and let you know results.
Posts: 7
Threads: 1
Joined: Jul 2015
07-13-2015, 02:18 AM
(This post was last modified: 07-13-2015, 02:21 AM by tehSn0wman.)
Not sensitive at all. Network is setup for testing purposes only, with no devices currently connected. I'm not going to post the hash here, as it would be a violation of forum rules. Check your PMs. Thanks
Posts: 2,936
Threads: 12
Joined: May 2012
In this instance I am granting you permission to upload your hccap as an attachment to this thread, provided that you also provide the known password.
Posts: 7
Threads: 1
Joined: Jul 2015
07-13-2015, 02:36 AM
(This post was last modified: 07-13-2015, 02:39 AM by tehSn0wman.)
Thanks a lot epixoip. Being unable to crack this hash is baffling me. I'm attempting to attach the hccap, but every time I do, I get an error message saying the file type is not allowed. I can provide a link to the hccap file on a google drive account if that would suffice?
hcccap :
https://drive.google.com/file/d/0B_ZO3nM...sp=sharing
known password: 0411604416