-m 2500 seems to be somewhat broken
#1
I checked several caps on latest hashcat -m 2500 (WPA2), and it seems it is not able to crack anything, unless I manually append 0x00 to dict words, using -a 6 and custom charset with null byte in it. 
basically:

won't work
Code:
hashcat -O -m 2500 -w 4 hcapx rockyou.txt 
will work
Code:
hashcat -O -m 2500 -w 4 -1 nullchr.hcchr -a 6 hcapx rockyou.txt ?1 


Code:
OpenCL Info:

Platform ID #1
  Vendor  : NVIDIA Corporation
  Name    : NVIDIA CUDA
  Version : OpenCL 1.2 CUDA 9.0.282

  Device ID #1
    Type           : GPU
    Vendor ID      : 32
    Vendor         : NVIDIA Corporation
    Name           : GeForce GTX 1060 6GB
    Version        : OpenCL 1.2 CUDA
    Processor(s)   : 10
    Clock          : 1708
    Memory         : 1517/6069 MB allocatable
    OpenCL Version : OpenCL C 1.2 
    Driver Version : 384.111
Reply
#2
I would guess your dictionary is screwed up then. Have you tried with another dictionary? This should likely affect every mode, not just 2500 if it were a hashcat problem.
Reply
#3
(03-22-2018, 08:58 PM)soxrok2212 Wrote: I would guess your dictionary is screwed up then. Have you tried with another dictionary? This should likely affect every mode, not just 2500 if it were a hashcat problem.

i did. there's nothing wrong with dictionary, i tested this bug with dict made with "echo testplain > testdict", and it didn't worked with my test ap cap until i added null byte. -m 0 works fine.
Reply
#4
cannot reproduce
Code:
hashcat64.bin -I
hashcat (v4.1.0) starting...

OpenCL Info:

Platform ID #1
  Vendor  : Intel(R) Corporation
  Name    : Intel(R) OpenCL
  Version : OpenCL 1.2 LINUX

  Device ID #1
    Type           : CPU
    Vendor ID      : 8
    Vendor         : Intel(R) Corporation
    Name           : Intel(R) Core(TM) i7-7500U CPU @ 2.70GHz
    Version        : OpenCL 1.2 (Build 117)
    Processor(s)   : 4
    Clock          : 2700
    Memory         : 3982/15930 MB allocatable
    OpenCL Version : OpenCL C 1.2
    Driver Version : 1.2.0.117
Reply
#5
(03-22-2018, 10:38 PM)undeath Wrote: cannot reproduce
Code:
./hashcat64.bin -V
v4.1.0

you use cap from examples?
Reply
#6
yes, hccapx from examples, mode a3 and a0, with and without w4
Reply
#7
(03-22-2018, 10:47 PM)undeath Wrote: yes, hccapx from examples, mode a3 and a0, with and without w4

maybe try with real life airodump-ng/wlandump-ng dumps? example works for me as well. I checked my caps (and words) with aircrack-ng - they work fine.
Reply
#8
rather sounds like something with your "real lile" hccapx is off.
Reply
#9
(03-22-2018, 10:54 PM)undeath Wrote: rather sounds like something with your "real lile" hccapx is off.

well, it is rather difficult to mess with something hashed. so I suppose m 2500 just fails to add null terminator, cause it was tested only on generated file, and not on rl capped one Tongue
Reply
#10
(03-22-2018, 10:54 PM)undeath Wrote: rather sounds like something with your "real lile" hccapx is off.

srsly, i won't be able to convince you that my files are fine, just cap something yourself and test it
Reply