Using Prince Attack with pdf hashes
#1
This is my first post but have been following along and trying to learn from others' posts before posting my question.
 I have not seen anything in any of the other posts with reference to this.

I'm new to hashcat and oclhashcat and password hash cracking but have been learning slowly.  I have several .pdf files I've extracted the hashes and have tried brute force, dictionary, combinator, numerous dictionaries  etc against them.  I have no idea what the password length is.  I've had success with some files, however not all.  I've been reading in various places about the prince attack.  Can this be used in conjuction with oclhashcat and with a pdf hash?  If so, how would I go about setting it up?    It appears no one cracks pdf passwords out there on a routine basis. . . . .  I have a 3.5gb processor with and 6 cores and an nvidia geforce GTX 960 with 16gb ram in an asrock 970 extreme4 mb.  Oh, I am using oclhashcat 1.37 and also have and use the hashcatgui v0.45b1 by BlandyUK.  I know this is probably a modest and probably inadequate setup, but it is what I am currently using.

Any help would be appreciated.
#2
Well, you have not searched at the right place, it seems. The answer is right there in the FAQ section of the wiki:

Code:
How does one use the new prince attack mode with hashcat?

Luckily, with latest version of hashcat CPU the attack-mode is built-in. You can simply use it using the -a 8 selection. Do not forget to name a wordlist, like rockyou.txt or so.

For oclHashcat you need to use a pipe and the princeprocessor (standalone binary) from here:

https://github.com/jsteube/princeprocessor/releases

Then your simply pipe like this for slow hashes:

$ ./pp64.bin rockyou.txt | ./oclHashcat64.bin -m 2500 -w 3 test.hccap

In case you want to crack fast hashes you need to add an amplifier to archieve full speed:

$ ./pp64.bin rockyou.txt | ./oclHashcat64.bin -m 0 -w 3 test.md5 -r rules/rockyou-30000.rule
#3
(11-05-2015, 12:32 PM)mastercracker Wrote: Well, you have not searched at the right place, it seems.  The answer is right there in the FAQ section of the wiki:

Code:
How does one use the new prince attack mode with hashcat?

Luckily, with latest version of hashcat CPU the attack-mode is built-in. You can simply use it using the -a 8 selection. Do not forget to name a wordlist, like rockyou.txt or so.

For oclHashcat you need to use a pipe and the princeprocessor (standalone binary) from here:

https://github.com/jsteube/princeprocessor/releases

Then your simply pipe like this for slow hashes:

$ ./pp64.bin rockyou.txt | ./oclHashcat64.bin -m 2500 -w 3 test.hccap

In case you want to crack fast hashes you need to add an amplifier to archieve full speed:

$ ./pp64.bin rockyou.txt | ./oclHashcat64.bin -m 0 -w 3 test.md5 -r rules/rockyou-30000.rule

Thanks MasterCracker.  

I did see that after I posted, however thought there might me other settings/switches/options that need to be specified in the command chain.  I'll try it again and see what happens.  Thank you for responding.
/r
J