Posts: 723
Threads: 85
Joined: Apr 2011
Ahh that makes more sense !!! I was starting to question my sanity !!
Thank you very much for pointing that out to me.
I thought about using hashcat CPU but then realised that it does not do WPA so I assumed that the rule filter would be different. I suppose it would only be the word length rule filter that would be the difference between them ?
Posts: 5,185
Threads: 230
Joined: Apr 2010
yes, but this is not part of the rule engine
Posts: 79
Threads: 4
Joined: Nov 2011
Just a little help for a newbie pls. I read on one thread about using hashcat to pipe into ohc+, so you can restore the process, but can not find example or command. Here again you using hashcat to test a rule before using it in och+, so it displays what a rule affects to wordlist.
Why you have to use CPU hashcat, and not oclhashcat? what m option in both of them do you have to use m=2500, or you don't have to?
could you show also the commands, so newbies can follow better? Thanks
Posts: 5,185
Threads: 230
Joined: Apr 2010
with CPU hashcat he can debug his rules to see if they really do what he wants them to do.
then, when he is finished, he moves over to oclHashcat-plus.
Posts: 79
Threads: 4
Joined: Nov 2011
11-23-2011, 12:10 PM
(This post was last modified: 11-23-2011, 12:30 PM by ntk.)
found similar page but with pyrit
http://ob-security.info/?p=18,
with debug mode =3, it reports debug mode >2, but still have problem to get it find my password.
./hashcat-cli64.bin -m 200 -r rules/best10.rule --debug-mode=3 nofind.hash dictionary.dic | pyrit -r tiny*.cap -i - -b 00:xx:44:B9:xx:xx --all-handshakes attack_passthrough
seem not to do anything.
best10.rule is :
:
l
c
u
t
$0
$1
$2
$3
$4
I add password in dictionary.dic. But it says no password found!!!!
./hashcat-cli64.bin -m 200 -r rules/best10.rule --debug-mode=3 nofind.hash dictionary.dic > out.txt
out.txt is empty all the time! I don't understand why
with
Sorry to use pyrit and ask my question here.
I have to used pyrit because if this does work than I will replace the second part with ohc+, as I already used
./mp64.bin -1 ?l?d pypk?1?1?1?1 | ./ohcplus64.bin ....
Posts: 5,185
Threads: 230
Joined: Apr 2010
as its says, there debug mode > 2
replace this:
Code:
./hashcat-cli64.bin -m 200 -r rules/best10.rule --debug-mode=3 nofind.hash dictionary.dic | pyrit -r tiny*.cap -i - -b 00:xx:44:B9:xx:xx --all-handshakes attack_passthrough
with this:
Code:
./hashcat-cli64.bin -r rules/best10.rule --stdout dictionary.dic | pyrit -r tiny*.cap -i - -b 00:xx:44:B9:xx:xx --all-handshakes attack_passthrough
Posts: 79
Threads: 4
Joined: Nov 2011