Cli + Rule odd behave
#1
Hi guys,

I'm trying to crack a md5 hash, but for some reason the CLI is causing me some issues, the problem is this when a rule a -r for a rule the rule is taking the hash as part of the wordlist

I'm going to past a picture to explain it better and the files involved



hashcat-cli64.exe -m 0 -r E:\BruteForce\hashcat\hashcat-2.00\rules\best64.rule E:\BruteForce\hashcat\hashcat-2.00\crack.txt E:\BruteForce\hashcat\hashcat-2.00\password.txt --stdout

Result for command



This is my first post and I'm trying to upload some files but the forum throws:
  • The file upload failed. Please choose a valid file and try again. Error details: There was a problem moving the uploaded file to its destination.

Thanks for your comments.
#2
I think the problem here is you do not realize what --stdout means. --stdout means print every single candidate that is generated to --stdout, e.g. for piping into another cracking application. You would never use --stdout when actually cracking hashes, because, well, this is precisely what would happen. It's trying to write each and every candidate to stdout while also simultaneously writing cracked hashes to stdout, so everything becomes a jumbled mess.

Read the documentation and understand what switches do before making them part of your command line.
#3
(04-01-2016, 11:29 AM)epixoip Wrote: I think the problem here is you do not realize what --stdout means. --stdout means print every single candidate that is generated to --stdout, e.g. for piping into another cracking application. You would never use --stdout when actually cracking hashes, because, well, this is precisely what would happen. It's trying to write each and every candidate to stdout while also simultaneously writing cracked hashes to stdout, so everything becomes a jumbled mess.

Read the documentation and understand what switches do before making them part of your command line.


Thanks for your answer, i was reading the wiki page just before asking, here but it is not clear --stdout "stdout mode". As you mentioned before every candidate is printed out, this mean that internally hashcat is using my rule + password list or the hashlist (the hash to crack) as a password candidate.

This is a laboratory that I'm using to learn more about hashcat, I'm going to do what you told me to check the result and feedback

thanks for your kindly support
#4
Oh shit, right, I'm sorry. I was drunk when I wrote that. So yes, you're right, when using --stdout no cracking is possible at all, because it will indeed treat all arguments as a wordlist. Sorry. But the resolution is still the same nonetheless, get rid of --stdout flag.
#5
Ok, I get your point in a clear way, then using --stdout it just for check some output but not for cracking, great answer it is really clear, maybe it will have to be clarify in the Wiki.

Anyway thank you so much.
#6
Yes --stdout is mostly for generating candidates to pipe to other crackers or preprocessors, but also a little for "is this rule doing what I think it's doing."