sql login
#1
Hi!
Inspired by http://www.sqlservercentral.com/articles...ing/96540/
which has this example using an older version:
./oclHashcat-lite64.bin -m 132 -p : -o "/root/HashCat/oclHashcat-lite-0.13/SQL2008_passwords.txt" --gpu-temp-abort=100 --pw-min=4 --pw-max=12 -1 ?l?u?d?s <hash> ?1?1?1?1?1?1?1?1?1?1?1?1

I have downloaded oclHashcat-1.37
running on windows10 with AMD A10-7800 Radeon R7

I try to figure out the syntax for calling oclHashcat:
So i tried:
oclHashcat64 -m 1731 -a 3 -o "C:\Data\pw.txt" -1 ?l?u?d?s <hash> ?1?1?1?1?1?1?1?1?1?1?1?1



oclHashcat64 -m 1731 -a 3 -o "C:\Data\pw.txt" <hash>

But only get:
Session.Name...: oclHashcat
Status.........: Running
Input.Mode.....: Mask (?1?2?2?2?2) [5]
Hash.Target....: 0x0200df<deleted>...
Hash.Type......: MSSQL(2012)
Time.Started...: Fri Nov 27 16:59:33 2015 (1 sec)
Time.Estimated.: 0 secs
Speed.GPU.#1...: 34727.9 kH/s
Speed.GPU.#2...: 43060.3 kH/s
Speed.GPU.#*...: 77788.2 kH/s
Recovered......: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.......: 104136192/104136192 (100.00%)
Rejected.......: 0/104136192 (0.00%)
HWMon.GPU.#1...:  0% Util, -1c Temp, N/A Fan
HWMon.GPU.#2...: 41% Util, -1c Temp, N/A Fan

e.g. no pw recovered.

Should I change parameters?
Other things that could be wrong?
BR
Bjorn
#2
1. Don't post hashes here unless asked to. It's a bannable offence so edit your post and remove them if you want help.

2. That's not the output of the command you posted.

If you want help then don't leave us guessing what you're actually doing.
#3
Read about how mask attacks work here: https://hashcat.net/wiki/doku.php?id=mask_attack

And then run a correct attack.
#4
1.) done. sorry. but why??
2.) there are 2 commands in post, output is from last. I try to figure out syntax. I'm confused about that the example I found not works. Usage exmples could be helpfull (using --help was not much helpfull). I try to recover the pw, but had no success - why?

(11-27-2015, 06:43 PM)rico Wrote: 1. Don't post hashes here unless asked to. It's a bannable offence so edit your post and remove them if you want help.

2. That's not the output of the command you posted.

If you want help then don't leave us guessing what you're actually doing.
#5
1) Please read the forum rules: https://hashcat.net/forum/announcement-2.html
2) Please provide the actual input and output for the commands that you tried. If you just put snippets here and there we can't help you very much.

Also, it's not effective to just ask 'why can't I get the password?' You should first make sure that your syntax and usage is correct, and then once you've narrowed down the issue (which isn't related to the usage of the command line) then you can ask a more directed question about it, instead of just 'what's wrong?'
#6
1.) thanks. I will also follow them. But just to understand: why is it a problem to post hashes?
2.) well, the problem is that I'm not sure I undertand command line parameters, e.g. what can be combined:
I did run:

oclHashcat64 -m 1731 -a 3 -o "C:\Data\pw.txt" <the hash>

output was:
oclHashcat v1.37 starting...

WARN: ADL_Overdrive6_FanSpeed_Get(): -1

Device #1: Oland, 2048MB, 780Mhz, 6MCU
Device #2: Spectre, 2559MB, 780Mhz, 8MCU

Hashes: 1 hashes; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates
Applicable Optimizers:
* Zero-Byte
* Precompute-Init
* Precompute-Merkle-Demgard
* Early-Skip
* Not-Iterated
* Appended-Salt
* Single-Hash
* Single-Salt
* Brute-Force
* Scalar-Mode
* Raw-Hash
Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 80c
Device #1: Kernel ./kernels/4098/m01730_a3.Oland_1800.11_1800.11 (VM)_1439892092.kernel (393704 bytes)
Device #1: Kernel ./kernels/4098/markov_be_v1.Oland_1800.11_1800.11 (VM)_1439892092.kernel (35580 bytes)
Device #2: Kernel ./kernels/4098/m01730_a3.Spectre_1800.11_1800.11 (VM)_1439892092.kernel (396456 bytes)
Device #2: Kernel ./kernels/4098/markov_be_v1.Spectre_1800.11_1800.11 (VM)_1439892092.kernel (36224 bytes)


ATTENTION!
The wordlist or mask you are using is too small.
Therefore, oclHashcat is unable to utilize the full parallelization power of your GPU(s).
The cracking speed will drop.
Workaround: https://hashcat.net/wiki/doku.php?id=fre...full_speed


INFO: approaching final keyspace, workload adjusted


Session.Name...: oclHashcat
Status.........: Running
Input.Mode.....: Mask (?1) [1]
Hash.Target....: 0xREMOVED8...
Hash.Type......: MSSQL(2012)
Time.Started...: 0 secs
Time.Estimated.: 0 secs
Speed.GPU.#1...: 0 H/s
Speed.GPU.#2...: 0 H/s
Speed.GPU.#*...: 0 H/s
Recovered......: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.......: 62/62 (100.00%)
Rejected.......: 0/62 (0.00%)
HWMon.GPU.#1...: 0% Util, -1c Temp, N/A Fan
HWMon.GPU.#2...: 30% Util, -1c Temp, N/A Fan


ATTENTION!
The wordlist or mask you are using is too small.
Therefore, oclHashcat is unable to utilize the full parallelization power of your GPU(s).
The cracking speed will drop.
Workaround: https://hashcat.net/wiki/doku.php?id=fre...full_speed


INFO: approaching final keyspace, workload adjusted

...

Session.Name...: oclHashcat
Status.........: Running
Input.Mode.....: Mask (?1?2?2?2?2?2) [6]
Hash.Target....: 0xREMOVED...
Hash.Type......: MSSQL(2012)
Time.Started...: Mon Nov 30 11:03:29 2015 (35 secs)
Time.Estimated.: 0 secs
Speed.GPU.#1...: 50057.1 kH/s
Speed.GPU.#2...: 51988.1 kH/s
Speed.GPU.#*...: 102.0 MH/s
Recovered......: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.......: 3748902912/3748902912 (100.00%)
Rejected.......: 0/3748902912 (0.00%)
HWMon.GPU.#1...: 0% Util, -1c Temp, N/A Fan
HWMon.GPU.#2...: 90% Util, -1c Temp, N/A Fan

[s]tatus [p]ause [r]esume [b]ypass [q]uit =>


-------------
and now nothing happens, event when pressing resume...
/Bjorn
#7
The usage of the command line is like so (as given in the wiki https://hashcat.net/wiki/doku.php?id=oclhashcat):

oclHashcat [options]... hash|hashfile|hccapfile [dictionary|mask|directory]...

So it seems to me in your command that you're calling for a MSSQL2012/14 crack, using a brute force (mask) attack method, outputting the cracked hash into "C:\Data\pw.txt", and then giving it your hash to crack.

As you can see, comparing it to the usage template above, you have specified options as well as the hash itself, but haven't provided a dictionary/mask. Since you want to use the mask method, you need to specify a mask. More details are given in the wiki, as with all other information. https://hashcat.net/wiki/doku.php?id=mask_attack

As you can see, most of the information you're looking for is readily available around here, so please take some time to look through it yourself and get familiar with the proper usage of the commands. This forum isn't a tutorial for the basics of hashcat, those exist elsewhere already.
#8
(11-30-2015, 12:18 PM)BJENSEN Wrote: But just to understand: why is it a problem to post hashes?

Because we said not to. It's just that simple. The only time it is appropriate to post a hash on the forums is if 1. it's an example hash, not a real hash, and you post BOTH the hash and the corresponding plaintext value, or 2. a mod/admin tells you to post your hash.