How to translate the results of Hashcat ?
#1
Wink 
Hello
I am french> Google translation> sorryundefined

I extracted the hash of a password from an encrypted image with the Axcrypt software with this line (I was very helped ...)

Python axcrypt2john.py 20170725_134822-jpg.axx

The hash is of the following:
$ AxCrypt $ 15,000 * 1 * * * 88db77d0593d904c99847409ce0a2849 6865800d5ec4e38d497c6de14d331349622eb8a0abd8a397

(See here https://hashcat.net/wiki/doku.php?id=example_hashes at line 13200)

I saved it in the hash.txt file


I then try to do as I can with Hashcat, trying to find out the password of 7 letters and 1 digit. I used the following line:

Hashcat -m 13200 -a 3 -2? L? D --increment -w 3 hash.txt? 2? 2? 2? 2? 2? 2? 2

This password is laurent1, I want to see if hashcat is able to find it, but after launching the command, I do NOT understand the results, I do not know how to read them, I do not think I read laurent1 somewhere ?????

Here is what I have on the screen:

C:\Python27\hashcat-3.6.0>hashcat64 -m 13200 -a 3 -2 ?l?d --increment -w 3 hash.txt ?2?2?2?2?2?2?2?2
hashcat (v3.6.0) starting...

OpenCL Platform #1: Advanced Micro Devices, Inc.
================================================
* Device #1: Pitcairn, 768/1024 MB allocatable, 16MCU
* Device #2: AMD Phenom(tm) II X4 965 Processor, skipped.
* Device #3: Pitcairn, 768/1024 MB allocatable, 16MCU
* Device #4: AMD Phenom(tm) II X4 965 Processor, skipped.

OpenCL Platform #2: Advanced Micro Devices, Inc.
================================================
* Device #1: Pitcairn, 768/1024 MB allocatable, 16MCU
* Device #2: AMD Phenom(tm) II X4 965 Processor, skipped.
* Device #3: Pitcairn, 768/1024 MB allocatable, 16MCU
* Device #4: AMD Phenom(tm) II X4 965 Processor, skipped.

Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates

Applicable optimizers:
* Zero-Byte
* Single-Hash
* Single-Salt
* Brute-Force

Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 75c

The wordlist or mask that you are using is too small.
This means that hashcat cannot use the full parallel power of your device(s).
Unless you supply more work, your cracking speed will drop.
For tips on supplying more work, see: https://hashcat.net/faq/morework

Approaching final keyspace - workload adjusted.

Cracking performance lower than expected?

* Update your OpenCL runtime / driver the right way:
  https://hashcat.net/faq/wrongdriver

* Create more work items to make use of your parallelization power:
  https://hashcat.net/faq/morework

Session..........: hashcat
Status...........: Exhausted
Hash.Type........: AxCrypt
Hash.Target......: $axcrypt$*1*15000*88db77d0593d904c99847409ce0a2849*...d8a397
Time.Started.....: Fri Aug 11 21:10:52 2017 (8 secs)
Time.Estimated...: Fri Aug 11 21:11:00 2017 (0 secs)
Guess.Mask.......: ?2 [1]
Guess.Charset....: -1 Undefined, -2 ?l?d, -3 Undefined, -4 Undefined
Guess.Queue......: 1/8 (12.50%)
Speed.Dev.#1.....:        0 H/s (0.84ms)
Speed.Dev.#3.....:        0 H/s (0.00ms)
Speed.Dev.#*.....:        0 H/s
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 36/36 (100.00%)
Rejected.........: 0/36 (0.00%)
Restore.Point....: 0/1 (0.00%)
Candidates.#1....: x -> x
Candidates.#3....: [Generating]
HWMon.Dev.#1.....: Temp: 36c Fan: 33% Util: 85% Core: 860MHz Mem:1200MHz Bus:16
HWMon.Dev.#3.....: Temp: 36c Fan: 33% Util: 85% Core: 860MHz Mem:1200MHz Bus:16

The wordlist or mask that you are using is too small.
This means that hashcat cannot use the full parallel power of your device(s).
Unless you supply more work, your cracking speed will drop.
For tips on supplying more work, see: https://hashcat.net/faq/morework

Approaching final keyspace - workload adjusted.

Session..........: hashcat
Status...........: Exhausted
Hash.Type........: AxCrypt
Hash.Target......: $axcrypt$*1*15000*88db77d0593d904c99847409ce0a2849*...d8a397
Time.Started.....: Fri Aug 11 21:11:04 2017 (8 secs)
Time.Estimated...: Fri Aug 11 21:11:12 2017 (0 secs)
Guess.Mask.......: ?2?2 [2]
Guess.Charset....: -1 Undefined, -2 ?l?d, -3 Undefined, -4 Undefined
Guess.Queue......: 2/8 (25.00%)
Speed.Dev.#1.....:      156 H/s (0.84ms)
Speed.Dev.#3.....:        0 H/s (0.00ms)
Speed.Dev.#*.....:      156 H/s
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 1296/1296 (100.00%)
Rejected.........: 0/1296 (0.00%)
Restore.Point....: 0/36 (0.00%)
Candidates.#1....: xa -> xq
Candidates.#3....: [Generating]
HWMon.Dev.#1.....: Temp: 38c Fan: 33% Util: 87% Core: 860MHz Mem:1200MHz Bus:16
HWMon.Dev.#3.....: Temp: 38c Fan: 33% Util: 87% Core: 860MHz Mem:1200MHz Bus:16

The wordlist or mask that you are using is too small.
This means that hashcat cannot use the full parallel power of your device(s).
Unless you supply more work, your cracking speed will drop.
For tips on supplying more work, see: https://hashcat.net/faq/morework

Approaching final keyspace - workload adjusted.

Session..........: hashcat
Status...........: Exhausted
Hash.Type........: AxCrypt
Hash.Target......: $axcrypt$*1*15000*88db77d0593d904c99847409ce0a2849*...d8a397
Time.Started.....: Fri Aug 11 21:11:16 2017 (9 secs)
Time.Estimated...: Fri Aug 11 21:11:25 2017 (0 secs)
Guess.Mask.......: ?2?2?2 [3]
Guess.Charset....: -1 Undefined, -2 ?l?d, -3 Undefined, -4 Undefined
Guess.Queue......: 3/8 (37.50%)
Speed.Dev.#1.....:     5207 H/s (0.90ms)
Speed.Dev.#3.....:        0 H/s (0.00ms)
Speed.Dev.#*.....:     5207 H/s
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 46656/46656 (100.00%)
Rejected.........: 0/46656 (0.00%)
Restore.Point....: 0/1296 (0.00%)
Candidates.#1....: xar -> xqg
Candidates.#3....: [Generating]
HWMon.Dev.#1.....: Temp: 41c Fan: 33% Util: 87% Core: 860MHz Mem:1200MHz Bus:16
HWMon.Dev.#3.....: Temp: 41c Fan: 33% Util: 87% Core: 860MHz Mem:1200MHz Bus:16

The wordlist or mask that you are using is too small.
This means that hashcat cannot use the full parallel power of your device(s).
Unless you supply more work, your cracking speed will drop.
For tips on supplying more work, see: https://hashcat.net/faq/morework

Approaching final keyspace - workload adjusted.

Session..........: hashcat
Status...........: Exhausted
Hash.Type........: AxCrypt
Hash.Target......: $axcrypt$*1*15000*88db77d0593d904c99847409ce0a2849*...d8a397
Time.Started.....: Fri Aug 11 21:11:29 2017 (1 min, 3 secs)
Time.Estimated...: Fri Aug 11 21:12:32 2017 (0 secs)
Guess.Mask.......: ?2?2?2?2 [4]
Guess.Charset....: -1 Undefined, -2 ?l?d, -3 Undefined, -4 Undefined
Guess.Queue......: 4/8 (50.00%)
Speed.Dev.#1.....:    13175 H/s (6.10ms)
Speed.Dev.#3.....:    13197 H/s (6.85ms)
Speed.Dev.#*.....:    26372 H/s
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 1679616/1679616 (100.00%)
Rejected.........: 0/1679616 (0.00%)
Restore.Point....: 23328/46656 (50.00%)
Candidates.#1....: xari -> xqgt
Candidates.#3....: xarv -> xqgq
HWMon.Dev.#1.....: Temp: 57c Fan: 33% Util: 98% Core: 860MHz Mem:1200MHz Bus:16
HWMon.Dev.#3.....: Temp: 57c Fan: 33% Util: 98% Core: 860MHz Mem:1200MHz Bus:16

[s]tatus [p]ause [r]esume [b]ypass [c]heckpoint [q]uit =>



Can someone help me ? undefined

Thank you
#2
Nobody knows how to do ??? undefined

Not even a small direction ?
#3
laulaf,
Try cracking the axcrypt example hash first.
hashcat -m 13200 -a 3 [put example hash or example hash in a .txt file here] ?l?l?l?l?l?l?l -w 3 --status --status-timer=3

to shorten the session use the mask hash?l?l?l

Once you get the example hash cracked, then try your hash. From the looks of it, you did not crack the hash.
You also have to make sure your hash that you extracted is a valid one by comparing with the example for similar characteristics.

I tried to reconstruct your hash from your printouts but it would not accept it.

You should try to follow the examples posted in the wiki as far as order of operations for your command line.
Sometimes typing them in in the wrong order can lead hashcat to get confused and complain.

Type out the help file from hashcat [hashcat --help >help.txt]. That will give you a text file to refer to.

Other then the exceptions noted, most of the example hashes have a password of [hashcat] (without the brackets, of course)

I just entered the above with the shortened mask and cracked the example hash in less than 50 seconds with two gtx 960s and a 6 core cpu. Nothing note worthy but it's what I have. Otherwise with my modest rig it would have taken almost 2 days to crack the example hash file.

You have to learn to READ ALL the wiki and other's posts to learn how to properly use hashcat. They are VERY helpful. It's saved me alot of time and energy trying to get someone to respond to topics already posted on the forum and defined in the FAQ section. READ READ READ then PRACTICE PRACTICE PRACTICE. Good luck!