What I'm doing wrong?
#1
Question 
I'm learning this program and starting to follow article from Wiki https://www.question-defense.com/2010/08...int-attack
In first step author run a five character long brute force using a full charset (lowercase, uppercase, digits, special characters) against the list of 650,000 unique hashes. And on GeForce GTX 285 it took a few seconds. How is it possible? I've tried the same attack and Hashcat told me it will took 3 years to complete. Have I missed something?
#2
You're probably using a different hash mode.
#3
(11-12-2015, 03:45 AM)undeath Wrote: You're probably using a different hash mode.
Well, he states he run again MD5, so do I
#4
Please post your command syntax for a sanity check.
~
#5
(11-12-2015, 03:51 AM)royce Wrote: Please post your command syntax for a sanity check.

Here is my command: 
cudaHashcat64.exe -a 3 -m 400 --remove --outfile=out.txt --outfile-format=3 in_md5.txt ?a?a?a?a?a
#6
-m 400 isn't MD5, it's phpass.
#7
(11-12-2015, 05:32 AM)epixoip Wrote: -m 400 isn't MD5, it's phpass.

Oh, sorry. I was thinking it is the same. What are the differences?
#8
phpass is salted and iterated MD5. Wordpress uses a cost of 2^11 (2048 iterations) by default, so a single hash is 2048x slower than raw MD5. If you have two hashes with two unique salts, this would slow it down even further, making it 4096x slower than raw MD5. If you have 10 hashes with 10 unique salts, it would be 20,480x slower than raw MD5.
#9
(11-12-2015, 05:58 AM)epixoip Wrote: phpass is salted and iterated MD5. Wordpress uses a cost of 2^11 (2048 iterations) by default, so a single hash is 2048x slower than raw MD5. If you have two hashes with two unique salts, this would slow it down even further, making it 4096x slower than raw MD5. If you have 10 hashes with 10 unique salts, it would be 20,480x slower than raw MD5.

Oh, I see now. Thank you