hashcat Forum Deprecated; Ancient Versions Very old oclHashcat-plus Support v
Helpscreen redesign

Threaded Mode
Helpscreen redesign
atom Offline
Administrator
*******
Posts: 5,185
Threads: 230
Joined: Apr 2010
#1
12-05-2011, 05:10 PM (This post was last modified: 12-05-2011, 05:27 PM by atom.)
Hey Guys,

I need help at the redesign of the help-screen of oclHashcat-plus v0.07.

The goal is it to make it easier to understand and to look better. If someone is bored, feel free to try it Smile

- You can not change parameter name
- Try not to exceed 78 chars per line

Code:
oclHashcat-plus, advanced password recovery

Usage: oclHashcat-plus [options]... hash|hashfile|hccapfile [dictionary|mask|directory]...

=======
Options
=======

* General:

  -m,  --hash-type=NUM               Hash-type, see references below
  -a,  --attack-mode=NUM             Attack-mode, see references below
  -V,  --version                     Print version
  -h,  --help                        Print help
       --eula                        Print EULA
       --quiet                       Suppress output

* Misc:

       --runtime=NUM                 Abort session after NUM seconds of runtime
       --hex-salt                    Assume salt is given in hex
       --hex-charset                 Assume charset is given in hex

* Outfile:

  -o,  --outfile=FILE                Define outfile for recovered hash
       --outfile-format=NUM          Define outfile-format for recovered hash
       --show                        Show cracked passwords only
       --left                        Show un-cracked passwords only
       --username                    Enable ignoring of usernames in hashfile
       --remove                      Enable remove of hash once it is cracked

* Resources:

  -c,  --segment-size=NUM            Size in MB to cache from the wordfile
       --gpu-async                   Use non-blocking async calls (NV only)
  -d,  --gpu-devices=STR             Devices to use, separate with comma
  -n,  --gpu-accel=NUM               Workload tuning: 1, 8, 40, 80, 160
       --gpu-loops=NUM               Workload fine-tuning: 8 - 1024
       --gpu-watchdog=NUM            Abort session at NUM degrees celsius

* Rules:

  -r,  --rules-file=FILE             Rules-file, multiple use is supported
  -g,  --generate-rules=NUM          Generate NUM random rules
       --generate-rules-func-min=NUM Force NUM functions per random rule min
       --generate-rules-func-max=NUM Force NUM functions per random rule max

* Custom charsets:

  -1,  --custom-charset1=CS          User-defined charsets
  -2,  --custom-charset2=CS          Example:
  -3,  --custom-charset3=CS          --custom-charset1=?dabcdef
  -4,  --custom-charset4=CS          Sets charset ?1 to 0123456789abcdef

* Permutation attack-mode specific:

       --perm-min=NUM                Filter words shorter than NUM
       --perm-max=NUM                Filter words larger than NUM

==========
References
==========

* Outfile Formats:

    1 = hash[:salt]
    2 = plain
    3 = hash[:salt]:plain
    4 = hex_plain
    5 = hash[:salt]:hex_plain
    6 = plain:hex_plain
    7 = hash[:salt]:plain:hex_plain

* Built-in charsets:

   ?l = abcdefghijklmnopqrstuvwxyz
   ?u = ABCDEFGHIJKLMNOPQRSTUVWXYZ
   ?d = 0123456789
   ?s =  !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~
   ?h = 8 bit characters from 0xc0 - 0xff
   ?D = 8 bit characters from german alphabet
   ?F = 8 bit characters from french alphabet
   ?R = 8 bit characters from russian alphabet

* Attack modes:

    0 = Straight
    1 = Combination
    3 = Brute-force
    4 = Permutation
    6 = Hybrid dict + mask
    7 = Hybrid mask + dict

* Hash types:

    0 = MD5
    1 = Joomla
    2 = osCommerce, xt:Commerce
    5 = vBulletin < v3.8.5
    9 = IPB 2.0, MyBB1.2
   15 = vBulletin > v3.8.5
  100 = SHA1
  101 = SMF > v1.1
  105 = OSX v10.4, v10.5, v10.6
  300 = MySQL > v4.1
  400 = phpass, MD5(Wordpress), MD5(phpBB3)
  500 = md5crypt, MD5(Unix), FreeBSD MD5, Cisco-IOS MD5
  600 = nsldap, SHA-1(Base64), Netscape LDAP SHA
  700 = nsldaps, SSHA-1(Base64), Netscape LDAP SSHA
  900 = MD4
1000 = NTLM
1100 = Domain Cached Credentials, mscash
1300 = MSSQL(2000)
1400 = SHA256
1500 = descrypt, DES(Unix), Traditional DES
1600 = md5apr1, MD5(APR), Apache MD5
2000 = Oracle 11g
2100 = Domain Cached Credentials2, mscash2
2300 = MSSQL(2005)
2400 = Cisco-PIX MD5
2500 = WPA/WPA2

--
atom
Website Find
undeath Offline
Sneaky Bastard
******
Posts: 2,301
Threads: 11
Joined: Jul 2010
#2
12-05-2011, 05:44 PM (This post was last modified: 12-05-2011, 05:50 PM by undeath.)
I personally don't like the idea of having software names there instead of the used storage algorithm. Let's say I have a wbb hash. It's not in the list. So let's look up what storage algorithm is used. Got it... Damn what software uses this storage algorithm too and is also listed? So leads me to another lookup (which may or may not be successful). Also if i know i have a md5(salt.pass). Was this like Joomla or like osc? Always confuse these two. I think you get it. Such a list can never be near to complete and therefore can be a bit frustrating.

I prefer a list like
Code:
.
    1 = md5(pass.salt) (e.g. Joomla)
    2 = md5(salt.pass) (e.g. osCommerce, xt:Commerce)
...

btw, how about a "hash:plain" output format? With salts like in vb it can be kinda hard to tell where the salt ends and where the password starts.

can rules now be used in all available attack modes or is there a line missing in the output?
Find
atom Offline
Administrator
*******
Posts: 5,185
Threads: 230
Joined: Apr 2010
#3
12-05-2011, 06:33 PM
that is actually not what this thread is about. i am seeking for some help in redesign. its more an optical thing than a technical.

however, here are your answers:

Quote:I personally don't like the idea of having software names there instead of the used storage algorithm. Let's say I have a wbb hash. It's not in the list. So let's look up what storage algorithm is used. Got it... Damn what software uses this storage algorithm too and is also listed? So leads me to another lookup (which may or may not be successful). Also if i know i have a md5(salt.pass). Was this like Joomla or like osc? Always confuse these two. I think you get it. Such a list can never be near to complete and therefore can be a bit frustrating.

I prefer a list like
Code:
.
    1 = md5(pass.salt) (e.g. Joomla)
    2 = md5(salt.pass) (e.g. osCommerce, xt:Commerce)
...

well this is just not "true". oclHashcat-plus will have special optimizations for this. joomla which uses a 32 byte salt for example. the parser will acccept only hashes with 32 byte salts. same applies to osc und xtc which have a 2 byte salt only. this way its also possible to optimize kernelcode and make it faster. thats the reason why not to stick to generic types.

Quote:btw, how about a "hash:plain" output format? With salts like in vb it can be kinda hard to tell where the salt ends and where the password starts.

yeah, true, but this would cause some deep changes that are currently not in sight.

Quote:can rules now be used in all available attack modes or is there a line missing in the output?

right, missed that
Website Find
sono Offline
Junior Member
**
Posts: 12
Threads: 3
Joined: Jan 2011
#4
02-03-2012, 03:01 PM
Code:
6 = Hybrid dict + mask
7 = Hybrid mask + dict

↓

Code:
6 = Hybrid (dict + mask)
7 = Hybrid (mask + dict)
Find
SixQa Offline
Junior Member
**
Posts: 1
Threads: 0
Joined: Jan 2012
#5
02-03-2012, 09:18 PM
and it would be nice have some:

======
Examples
======
Find