Complex iTunes password
#1
I just created a complex iTunes backup password and pulled the hash into a text document.  I have successfully cracked less complex passwords with little or no issues.  This time I deliberately created a complex password to see how my computer fared against it. I am looking for the most efficient way to crack this password and I can't seem to find a good command with options.

Here is the password that I am trying to crack (3EXnE]nU$7Q")  The quote mark at the end of the password is part of the password.  Does anyone have any suggestions of the options that I might try for this password?  I am still getting these errors even though I followed the instructions for, "I may have the wrong driver installed, what should I do"? 

Code:
Cracking performance lower than expected?                

* Update your OpenCL runtime / driver the right way:
 https://hashcat.net/faq/wrongdriver

* Create more work items to make use of your parallelization power:
 https://hashcat.net/faq/morework

I have 2 GTX 780 SC's in SLI, I don't believe that hashcat cares about SLI and these are the best cards that I have at the moment.  I have a GTX 1060 on the way which is all that I can afford right now.
#2
The messages you are seeing are just some info, no warnings. Don't know about the ones you did not post.

If you're trying to brute-force that password you're not going to have any success. I don't know what you're trying to achieve. If you just want to know how long it would theoretically take to crack that password just do the math.
#3
(09-05-2017, 04:32 PM)undeath Wrote: The messages you are seeing are just some info, no warnings. Don't know about the ones you did not post.

If you're trying to brute-force that password you're not going to have any success. I don't know what you're trying to achieve. If you just want to know how long it would theoretically take to crack that password just do the math.

Code:
hashcat (v3.6.0) starting...

* Device #1: This hardware has outdated CUDA compute capability (3.5).
            For modern OpenCL performance, upgrade to hardware that supports
            CUDA compute capability version 5.0 (Maxwell) or higher.
* Device #1: WARNING! Kernel exec timeout is not disabled.
            This may cause "CL_OUT_OF_RESOURCES" or related errors.
            To disable the timeout, see: https://hashcat.net/q/timeoutpatch
* Device #2: This hardware has outdated CUDA compute capability (3.5).
            For modern OpenCL performance, upgrade to hardware that supports
            CUDA compute capability version 5.0 (Maxwell) or higher.
* Device #3: Not a native Intel OpenCL runtime. Expect massive speed loss.
            You can use --force to override, but do not report related errors.
nvmlDeviceGetCurrPcieLinkWidth(): Not Supported

nvmlDeviceGetClockInfo(): Not Supported

nvmlDeviceGetClockInfo(): Not Supported

nvmlDeviceGetTemperatureThreshold(): Not Supported

nvmlDeviceGetTemperatureThreshold(): Not Supported

nvmlDeviceGetUtilizationRates(): Not Supported

nvmlDeviceGetCurrPcieLinkWidth(): Not Supported

nvmlDeviceGetClockInfo(): Not Supported

nvmlDeviceGetClockInfo(): Not Supported

nvmlDeviceGetTemperatureThreshold(): Not Supported

nvmlDeviceGetTemperatureThreshold(): Not Supported

nvmlDeviceGetUtilizationRates(): Not Supported

OpenCL Platform #1: NVIDIA Corporation
======================================
* Device #1: GeForce GTX 780, 755/3020 MB allocatable, 12MCU
* Device #2: GeForce GTX 780, 755/3020 MB allocatable, 12MCU

OpenCL Platform #2: The pocl project
====================================
* Device #3: pthread-Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz, skipped.

Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates

Applicable optimizers:
* Zero-Byte
* Single-Hash
* Single-Salt
* Brute-Force
* Slow-Hash-SIMD

Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger disabled.

Cracking performance lower than expected?                

* Update your OpenCL runtime / driver the right way:
 https://hashcat.net/faq/wrongdriver

* Create more work items to make use of your parallelization power:
 https://hashcat.net/faq/morework

I know that a Brute Force attack will not work.  Here is the estimate of time: 329393451 years, 242 days
What I am looking for is an attack that has a chance of recovering the password.  I.E. Wordlist, Wordlist + Rules, Masks, builtin wordlist generators........
I keep playing around with different attacks, most of which won't even start as I have the syntax wrong or I can't use Combinator with mask and so on.  If someone could just point me in the right direction for such a complex password I would really appreciate it.

Thanks for your time Smile
#4
Unless that password is in your wordlist, I can't see you realistically cracking such a password in any reasonable timeframe
#5
Of course you can crack that with a wordlist or mask attack but you'd need to add so much specific info about the password it's almost like cheating. No real use.
#6
You could create a wordlist from the computer you generated the password on. Maybe it will be stored in plaintext in the pagefile or something. Try opening up the itunes backup with the password and with it still open, hibernate the computer, wake it up again, and generate the wordlist from pagefile and hiberfil and see if it comes up with anything.
#7
Ok.  So what I am seeing here is that with a sufficiently complex password, it's not going to be cracked with hashcat.
#8
Please keep in mind:
1. this has nothing to do with hashcat. If the password is completely random, long enough, wasn't leaked before and therefore doesn't appear in any word list, it could be just infeasible for any password cracker (if it is infeasible of course also depends on the hashing algorithm, password length, randomness etc)
2. a complex (yeah even a random) password can be cracked within a reasonable time if it already appears in some word lists (password-reuse etc)
3. sometimes passwords look weird/random, but actually are much more meaningful and related to the person who invented it (street numbers, initials, first letter of each word of a phrase etc)... They might also be crackable if you know the person who invented the password

etc

It's not always easy to say that "this password is crackable" and "this password is not crackable"... If you do not automatically generate them (e.g. by a password manager) they might follow a clear pattern and are crackable (but of course the algorithm behind iTunes backups is quite slow, therefore you must choose your password candidates very wisely)