Table-Lookup Attack Possible Typo
#1
I have been struggling for some time to get the table Table-Lookup Attack working and I believe the code on the following page is wrong.

http://hashcat.net/wiki/table_lookup_attack

There it says use “--table-name=FILE” presumably “FILE” meaning the actual file name you intend to use. After many hours I think the actual code required is “--table-file ” then the actual location and name of the table file.

I am quite prepared to accept that I am wrong but could you please confirm I have this right and if so please change the wiki page ?

Would it be possible on each wiki page to display an entire line of code so new users can see things in context ? Perhaps for this page you could print the following example for other new users like myself to easier understand.

To create a list of modified passwords using hashcat and the table rules of your choice.

hashcat-cli32.exe --attack-mode 5 --table-file exampletable.table --stdout wordlist >> result.txt

--attack-mode 5 = MD5
exampletable.table = your table file.
--stdout = output to screen or file.
wordlist = your list of passwords.
>> result.txt = output to file called result.txt

It seemed necessary to enter an attack mode even though I just wanted to make a new password list, I wonder if that is right ?

Also could I ask if I intend to use hashcats ability to use tables and pipe the output to hashcatplus to test WPA which attack mode would be best to select for hashcat ? My reason for asking is that I am trying to reduce the workload as mush as possible in hashcat as it is being used in conjunction with hashcatplus.

Thank you.
#2
i've sent you an login to the wiki pages. check your email. you can login and correct the page or write new articles if you want. thanks for reporting Smile
#3
(11-13-2011, 07:11 PM)atom Wrote: i've sent you an login to the wiki pages. check your email. you can login and correct the page or write new articles if you want. thanks for reporting Smile

Oh good grief !! As you know I am of a nervous disposition as it is, think of the responsibility !!!

I have received your e-mail so I will give it a go ! ... I can't believe I spotted something you didn't !! I'll bet my house I won't be able to do it again ! Ha ha !

I may be slow but I do get there in the end, ...mostly. Smile

Can I ask again about which attack mode is best when not actually cracking with hashcat but using it to pipe ?

Thanks.
#4
Hi atom

Well I summoned up the courage to edit the wiki a little, I just changed the code bit.

I was thinking about trying to explain things in a simple way, one which I would have appreciated when I first arrived here, but I thought I should show you it first. I am also concerned I may not be right about the --attack-mode 5 bit in relation to piping.

So, I wrote the following for humble users like myself, please would you check it and perhaps use anything you think is ok.

Thanks.

Quote:The Table-Lookup Attack (--table-file ) can be seen in context within the following example.

hashcat-cli32.exe --attack-mode 5 --table-file A.table --stdout B.txt >> C.txt

In this case the user intends to generate a new, more diverse and complex word list from a selection of simple or plain base words. Thanks to the “--stdout” feature in hashcat we are able to write the output to a text file for future use.

Here is a breakdown of each section of the command.

hashcat-cli32.exe This of course is the main executable. In this case the 32bit version, if you are using a 64bit OS then hashcat-cli64.exe is the one for you.

--attack-mode 5 The MD5 hash mode, as hashcat needs a command in this position it has been chosen at random. The choice of mode at this point does not affect the output if you are simply creating a modified word list.

--table-file instructs hashcat to employ the “Table-Lookup Attack” and indicates the table files location.

“A.table” is a randomly chosen name for this example, “A” could be any name you choose for your table file. Here it is assumed that the file resides in the same directory as hashcat. If not, be sure to enter the full address, you may also need to enclose the address in quotes. A good trick is to drag and drop the file into the command window at the point where you need to type the location.

--stdout tells hashcat to either print the results to the command prompt or to a file. We haven’t told hashcat exactly where to print yet.

B.txt Again this is a randomly chosen name purely for this example. This text file is your source of plain or base words for hashcat to elaborate on, using the instructions within your table file.

>> C.txt Finally we tell hashcat to write or pipe the results out to a text file called C.txt. As before this is just a random name for the output file, you may call yours something different. However it is good practice to name the output file in such a way you can easily identify it. Trying to open very large text file to see what it contains at a later date can sometimes be very difficult to do !
#5
there is a little mistake:

Quote:--attack-mode 5 The MD5 hash mode, as hashcat needs a command in this position it has been chosen at random. The choice of mode at this point does not affect the output if you are simply creating a modified word list.

corrected:

Quote:--attack-mode 5 tell hashcat to employ the “Table-Lookup Attack”

thus,

Quote:--table-file indicates the table files location.

there is no relation to MD5.

please add this as a new article and link it on the start page Smile