Hash craked with John the ripper but failed with Hashcat
#1
As a newbie that registered in a network security class, I was asked to hash (MD5) a password and to crack it with hashcat.
My password is "trumpette". John the ripper craked it within a few minutes but hashcat never managed to crack it.

The command I used is

Code:
hashcat -a 0 -m 0 -O hash_string /usr/lib/rockyou.txt

Is there anything in this command line that would explain why hashcat fails?

Thank you
#2
Since this is a demo hash with a known plaintext, OK to post it here.

Works for me:

Code:
$ echo -n 'trumpette' | md5sum
6d980c97874860347312769e9854dab6  -

$ echo 'trumpette' | hashcat --quiet -a 0 -m 0 -O 6d980c97874860347312769e9854dab6
6d980c97874860347312769e9854dab6:trumpette

Also, 'trumpette' doesn't appear in rockyou:

Code:
$ fgrep trumpette /home/royce/crack/rockyou.txt
trumpettennis

Perhaps your John the Ripper attack mode is doing something other than just a straight wordlist?

Also make sure that you're not trying to crack this hash, which includes the newline (and is therefore a different hash):

Code:
$ echo 'trumpette' | md5sum
b3956910c1b26bc98b19ef80944a08cf  -
~
#3
[
There is definitely something I am doing wrong. While John cracked this hash in around 8 minutes on a slow virtualbox The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) machine, the same hash couldn't be cracked by hashcat on a physical machine after more than 11 hours.

the command:

Code:
hashcat --quiet -a 0 -m 0 -O 6d980c97874860347312769e9854dab6

The last update status:

Code:
Session..........: hashcat
Status...........: Running
Hash.Type........: MD5
Hash.Target......: 6d980c97874860347312769e9854dab6
Time.Started.....: Thu Feb  1 22:47:36 2018 (11 hours, 17 mins)
Time.Estimated...: Fri Feb  2 10:05:04 2018 (0 secs)
Guess.Base.......: Pipe
Speed.Dev.#1.....:        0 H/s (0.00ms)
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 0
Rejected.........: 0
Restore.Point....: 0
Candidates.#1....: [Copying]
HWMon.Dev.#1.....: Temp: 28c Fan: 33% Util:  0% Core: 135MHz Mem: 405MHz Bus:16
#4
if you use -a 0 you should specify at least one word list (dictionary file).

Otherwise, hashcat will assume that you sent the password candidates via standard input (stdin) and therefore use a pipe.

It's actually also mentioned within your output
Code:
Guess.Base.......: Pipe

futhermore, you will see this within your output
Code:
Starting attack in stdin mode...

I guess you better do not use --quiet and try to learn how to use the different attack types supported by hashcat by reading the wiki/faq/hashcat forum posts etc.
#5
(02-02-2018, 05:22 PM)philsmd Wrote: if you use -a 0 you should specify at least one word list (dictionary file).

Otherwise, hashcat will assume that you sent the password candidates via standard input (stdin) and therefore use a pipe.

It's actually also mentioned within your output
Code:
Guess.Base.......: Pipe

futhermore, you will see this within your output
Code:
Starting attack in stdin mode...

I guess you better do not use --quiet and try to learn how to use the different attack types supported by hashcat by reading the wiki/faq/hashcat forum posts etc.

I am a total newbie so the doc I found in the wiki is almost incomprehensible.