hashcat v3.5.0
#1


Welcome to hashcat v3.5.0 release! This is just a smaller update, mostly bugfixes. 

I recommend upgrading even if you did not face any errors with older versions.

Thanks to everyone who contributed to this release!!!



Download here: https://hashcat.net/hashcat/



Features:
  • WPA cracking: Added support for WPA/WPA2 handshake AP nonce automatic error correction
  • WPA cracking: Added optional parameter --nonce-error-corrections to configure range of error correction


Algorithms:
  • Added hash-mode 15100 = Juniper/NetBSD sha1crypt


Improvements:
  • Abbreviate long hashes to display the Hash.Target status line within 80 characters
  • Refactored internal use of esalt to sync with the number of digests instead of the number of salts
  • Refactored other output to display within 80 characters without wrapping


Fixed Bugs:
  • Fixed a hash validation error when trying to load Android FDE < 4.3 hashes
  • Fixed a problem where --keyspace combined with custom charsets incorrectly displayed an error message
  • Fixed a problem where --stdout combined with custom charsets incorrectly displayed an error message
  • Fixed a problem with parsing and displaying -m 7000 = Fortigate (FortiOS) hashes
  • Fixed a race condition after sessions finish, where the input-base was freed but accessed afterwards
  • Fixed a typo that resulted in the minimum password length not being correctly initialized
  • Fixed --outfile-format formats 11 through 15 to show the correct crack position
  • Fixed --remove to apply even when all hashes are either found in the potfile or detected in weak-hash checks


Technical:
  • Building: Added missing prototypes for atlassian_parse_hash function
  • Dictionary Cache: Split long status line into multiple lines to stay < 80 chars
  • Files: Detect and error when users try to use -r with a parameter which is not a file
  • HCCAPX Parser: Added support for a special bit (bit 8) of the message_pair that indicates if replay counters match
  • Parameter: Detect and error when users try to use an empty string (length 0) for parameters like --session=
  • Parameter: Detect and error when users try to use non-digit input when only digits are expected
  • Sessions: Improved string comparison in case user sets --session to "hashcat"
  • Status View: Add rejected counter to machine-readable output
  • Status View: Rename labels Input.Mode, Input.Base, ... to Guess.Mode, Guess.Base, ...
  • Status View: Added a visual indicator to the status screen when checkpoint quit has been requested
  • Versions: Changed version naming convention from x.yz to x.y.z


- atom
Reply
#2
Thanks especially for sha1crypt!

My 3x 1080 FE + 3x EVGA 970 SC benchmarks are here:

Raw: https://gist.github.com/roycewilliams/0d...7953384017
Table: (one line per total speed): https://gist.github.com/roycewilliams/84...d88e8bb739

... and some back story about sha1crypt:

https://github.com/hashcat/hashcat/issues/1204
Reply
#3
Thanks to everyone for your hard-work!
Reply
#4
Thanks for the awesome tool Smile
Reply
#5
3.50 download file not found
Reply
#6
It's 3.5.0 not 3.50, maybe you need to update your url generator logic.
Reply
#7
(04-06-2017, 07:14 AM)kamsulla Wrote: 3.50 download file not found

After entering :
https://hashcat.net/hashcat/

please press the following button combination:
Ctrl+F5
Reply
#8
solved.
Reply
#9
awesome stuff thx
Reply
#10
thanks
Reply