qeustion about my hardware and H/s
#1
My GPU is running at about 80-90% utilization.  My status is showing anywhere from 0 to 800 H/s.  The has is a 7zip archive password.

The hardware is a GeForce GTX 880M.  I know it is not the fastest card out there, but it is decent.  Should I be only getting 800 H/s?  Is a 7zip hash just a slow hash?

I am concerned that I will never recover my password at this rate.  Is there any settings I can apply to help with this?  If I try a higher -w it shuts down due to heat.

Here is my command line:

C:\cuda>cudahashcat64 -m 11600 -a 3 output.txt mine.hcmask --custom-charset1=lL --custom-charset2=fF --custom-charset3=aA -w 1 -o itisfinished.txt --outfile-format=15 --status --status-timer=15 --weak-hash-threshold=1000 --session=cold
#2
See my post on your other thread. Yes, 800 H/s sounds about right. 7zip is incredibly slow. You're correct, you'll never crack the password with the masks you've specified in your other thread. In fact, the masks you've specified are so outrageous that you'd never crack the password even if it were a super fast hash and you had a massive cluster of hundreds of top-end GPUs. 95^13 is impossible.
#3
(07-23-2015, 08:07 PM)epixoip Wrote: See my post on your other thread. Yes, 800 H/s sounds about right. 7zip is incredibly slow. You're correct, you'll never crack the password with the masks you've specified in your other thread. In fact, the masks you've specified are so outrageous that you'd never crack the password even if it were a super fast hash and you had a massive cluster of hundreds of top-end GPUs. 95^13 is impossible.

What would be the best way to go about cracking this then?  I password protected this a couple of years ago and have no idea what the password is.  I have since added a Markov attack to the mask attack with a threshold of 20 in the hopes that it would narrow it down a bit and make it more manageable.

Basically I have three words I usually use, with a few characters before and after, including special characters, or not.  The first letter of the three words may be capitalized.  I couldn't figure out the intricacies of the mask syntax so I cobbled together a .hcmask file that contains all permutations I need to test.  It is quite long and I fear at the H/s  I am getting, it will never resolve.

What approach would you recommend?

Thank you.
#4
At 800 H/s you can only make 69 million guesses per day, so you need to do everything you can do reduce the search space. You'll probably want to write a program that generates an .hcmask file for all of the different variations you can think of, ensuring to keep the keyspace as small as possible for each mask.
#5
Ok, thanks.  I have a follow up questions.  I have looked for an answer online, and usually turns out to be that the program is not being fed enough work, which I don't think is the case.

I have tried this on both my home machine and on a Amazon EC2 instance, and it does it on both.  I understand that 7zip is a slow hash.  But when I run a benchmark I get anywhere from 500-800 H/s locally, and about 1000 for each of four cards on Amazon.

However when I run hashcat, The H/s consistently stays at 0 H/s.  Once every 5-10 minutes it will pop up to 500-800 for a few seconds, but most of the time it sits at zero.  I see the progress number going up slowly, but I am concerned I have something off somehow and am not getting anywhere near what I should be.

./cudaHashcat64.bin -m 11600 -a 3 output.hash mine.hcmask -w 2 -o itisdone.txt --outfile-format=15 --status --status-timer=15 --session=markov --markov-hcstat=mynew.hcstat --markov-threshold=25 -n 160 -u 1024


Status.........: Running
Input.Mode.....: Mask (?a?a?a?a?alockoff) [12] (1.24%)
Hash.Target....:
Hash.Type......: 7-Zip
Time.Started...: Sat Jul 25 01:02:28 2015 (14 secs)
Time.Estimated.: 0 secs
Speed.GPU.#1...:        0 H/s
Speed.GPU.#2...:        0 H/s
Speed.GPU.#3...:        0 H/s
Speed.GPU.#4...:        0 H/s
Speed.GPU.#*...:        0 H/s
Recovered......: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.......: 0/9765625 (0.00%)
Rejected.......: 0/0 (0.00%)
Restore.Point..: 0/390625 (0.00%)
HWMon.GPU.#1...: 99% Util, 64c Temp, N/A Fan
HWMon.GPU.#2...: 99% Util, 53c Temp, N/A Fan
HWMon.GPU.#3...: 99% Util, 64c Temp, N/A Fan
HWMon.GPU.#4...: 99% Util, 56c Temp, N/A Fan
#6
This is yet another example of you copy/pasting things you've seen on the forums without understanding what they do.

You're using a -n value of 160, which is like 40-80x larger than it should be, which is dramatically increasing the kernel execution time, preventing the main loop from being able to calculate the speed since the kernel hasn't returned yet.

As I told you on your other thread, -n 160 makes no sense for this algorithm. You would use this -n value for a fast hash like MD5, not a slow non-hash like 7zip. Further, as I also explained on your other thread, -w is an alias for automatically setting the appropriate -n/-u values, so you specify either -w or you specify -n/-u -- you never specify both.

Just get rid of -n & -u and it should be a lot better. If not, try -w 1. If that's too slow, then get rid of -w and try -n 2 or -n 1 with -u 1024.
#7
Thank you.  I have changed those settings.  I am trying to learn the best I can.  I am sill showing 0 H/s.  Is there any way you can explain why?  I have switched over to a dictionary attack and a dictionary and rule attack and I get the same thing.

Thank you.
#8
The explanation is simple, the kernel is taking too long to run so the main loop is unable to calculate the speed. If you're still seeing 0 H/s with -w 1 or -n 1 -u 1024 then the GPU is simply too slow. If you're using EC2 this makes perfect sense as the GPUs that Amazon uses are terrible for password cracking.

Anyway, I thought this was rather obvious, but reporting 0 H/s is purely a cosmetic issue. It's simply a matter of UI responsiveness and doesn't impact your actual cracking speed.
#9
Quote:Basically I have three words I usually use, with a few characters before and after, including special characters, or not. The first letter of the three words may be capitalized.
If you suspect only a couple of characters, I think that your masks are too long and not well targeted. It makes sense to use -i for words with the mask after it like lockoff?a?a?a?a since it's going to eventually try:
lockoff?a
lockoff?a?a
lockoff?a?a?a
...
but if you use it with masks before the word like ?a?a?a?alockoff, it will do:
?a
?a?a
?a?a?a
?a?a?a?a
?a?a?a?a?l
...
So your word will only be fully present with 4 characters before. If your password has 3 characters before, it won't be covered. What you have to do is write them individually in your .hcmask file:
?alockoff
?a?alockoff
?a?a?alockoff
If you suspect that you added characters both before and after, you can use these in your .hcmask for example:
?alockoff?a?a?a?a
?a?alockoff?a?a?a?a
...
then it would make sense using -i because you will eventually cover everything.