Cant make it work
#1
I have a problem, currently i have the following in my oclexample.cmd:

oclHashcat64.exe -m 1900 -n 160 -1 example.hash ?l?l?l?l example.dict
pause

I replaced everything in example.hash with 1 sha1 hash i need to crack.
When I start it says: "Usage: ...."
My english is not good enough for the manual, could you please help me?
i have an amd hd 6950 2gb if you need to know
#2
i guess you want to read this first: http://hashcat.net/wiki/doku.php?id=cracking_sl3
#3
copied 1:1
oclHashcat64.exe -m 1900 -n 160 -1 00010203040506070809 --output-file=out.txt 21B1E417AF2DE6496772BCC2FE33D2593A9BB7A0:003515230478373400 ?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1
now it says:
oclHashcat64.exe: unknown option -- output-file=out.txt
#4
i have fixed that. reload the page and try again.
#5
thanks working!
what do i have to change to crack this:its my mysql password
***************************
and the letters i dont understand the ?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1

-1 00010203040506070809: This binds the charset to our custom charset 1. SL3 uses only a small charset of ten chars (0-9, binary encoded). We have to encode it in HEX, thats why they all have a leading zero.
So this means its trying 0-9 but it has to be in hex?
?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1: its our “mask”. 15 times ?1 (which ist custom charset 1 we bound before)
o.O
#6
-1 00010203...09 means that you can substitute ?1 into the mask and it will try the characters 00 through 09 in that space.

If you did something like
-1 abc
-2 xyz
-3 123

Then set the mask to ?1?2?3 it would generate every combination of those, such as:
ax1
ax2
ax3
ay1
...
cz2
cz3

As I understand it, SL3 uses a special character set (not ASCII characters for 0-9, rather in binary), which is what the example above prefixes each with a 0. It's not ASCII 0, 1, 2, etc, but binary values, so the 0 prefix tells ocl to use the literal value rather than the ASCII character.

Hopefully I explained that clearly.
#7
So
oclHashcat-lite64 -m 1900 -n 80 -1 00010203040506070809 -2 abcdefghijklmnopqrstuvwxyz -3 ABCDEFGHIJKLMNOPQRSTUVWXYZ ?1?2?3 --outfile=out.txt **************************

Would make it trying every combination?
And ineed it for sha1(mysql password) or is it sl3?
#8
Well that's mixing character sets. 00 is binary 0, but abcd... are ASCII. I don't think that will work. The 00, 01, 02, 03... are for SL3. If you wanted to do MySQL you'd do ASCII (unless it was from a non-English site, then you'd probably need whatever characterset that site used).

If you want MySQL you'd use the ASCII characters for numbers, which would be 0, 1, 2, 3... (no leading 0).

But hashcat has a shortcut for 0-9, which is ?d. The same with a-z is ?l, and A-Z is ?u. The special characters (!, @, #, etc) are ?s.

Keep in mind doing as you wrote (but using ASCII numbers instead of binary) would only try these combinations:
'0' + 'a' + 'A'
...
'9' + 'z' + 'Z'

If you wanted _every_ combination of those characters you would do -1 012...abc...XYZ
?1?1?1

That would be:
000
001
...
00a
00b
...
aaa
aab
...
YZZ
ZZZ

Of course you could write that shorter by just doing -1 ?d?l?u with mask of ?1?1?1, which would be the same combinations.
#9
oclHashcat-lite64 -m 1900 -n 80 -1 ?d?l?u --outfile=out.txt ********************* ?1?1?1
pause

-> invalid hash

trying -m 100

-> ERROR: mask length smaller than --pw-min value

trying oclHashcat-lite64 -m 1900 -n 80 -1 0123456789abcdefghijklmnopqrstuvwyz --outfile=out.txt ****************** ?1?1
pause

-> invalid hash


sry that i didnt get it -.-'
#10
Yeah, so the mask (the ?1?1...) has to be at least as long as the minimum length of the plaintext you're trying to compute. Each ?<something> stands for one character in the plaintext. For a plaintext of 8 characters you would want:
?1?1?1?1?1?1?1?1

If you knew the first 3 characters were the string "abc" and you only needed to brute-force guess the last 5 characters, you would do the mask like this:
abc?1?1?1?1?1

If you knew the last two characters were @$, but needed to brute-force the first 6, the mask would be like this:
?1?1?1?1?1?1@$

Make sense?
BTW if you're trying to do SL3 unlock then you need to use the binary character set as atom described (00010203...).