Some Questions About HashCat
#1
1) How Can i Brute Force many Simple MD5 using GPU?

- Hashcat is using cpu so i dont need it
- oclhashcat-plus does not support Brute Force
- oclhashcat-lite Does Not Support Multiple hashes only single

Maybe with oclhashcat using mask attack like ?d?d?d?d?d?d?d ? But why do i have to specify left and right side for attacking? I think this is a perfomance dropping for brute forcing. Isnt it?

2) Why oclhashcat support vbulletin < 3.8.5 and not vbulletin > 3.8.5 ? I mean whats the big difference between these too. Different salt length i think. So if i have to brute force vbulletin > 3.8.5 i guess CPU version is the only way? (Multi Hashes) Is there any way to brute force them using GPU?

3) Same but for IPB. How can i brute force IPB Hashes using GPU?

4) md5(md5(pass)) is a common hash type. But only simple hashcat and lite version support it. If i want to test multiple md5(md5(pass)) how can i test them using GPU?

5) md5(pass.salt) is a common hash type too. oclhashcat support it as well as oclhash-lite. But how can i test them using wordlists only? If i use oclhashcat for that i have to specify rules for right side too. So simple wordlist attack is impossible?

P.S I know that brute force is not the best way to crack hash, but i want to do just the basic brute force.

Thanks atom! Keep up the good work!
Ace
#2
Quote:1) How Can i Brute Force many Simple MD5 using GPU?

- Hashcat is using cpu so i dont need it
- oclhashcat-plus does not support Brute Force
- oclhashcat-lite Does Not Support Multiple hashes only single

Currently you can use either regular oclHashcat or oclHashcat-plus using brute-force emulation: http://hashcat.net/wiki/brute_force_in_oclhashcat_plus

The next oclHashcat-plus will have all features of regular oclHashcat. That means it will also contain a built-in brute-force mode.

Quote:Maybe with oclhashcat using mask attack like ?d?d?d?d?d?d?d ? But why do i have to specify left and right side for attacking? I think this is a perfomance dropping for brute forcing. Isnt it?

No, its not, if you use it correctly.

Quote:2) Why oclhashcat support vbulletin < 3.8.5 and not vbulletin > 3.8.5 ?

oclHashcat just havent been updated for a while. It will deprecate soon. All Feature are getting migrated into oclHashcat-plus, which supports -m 15.

Quote:I mean whats the big difference between these too. Different salt length i think.

The salt length, yes. new one requires 4 md5 transformations while the old one just requires 2. Thats why the new one is slower.

Quote:So if i have to brute force vbulletin > 3.8.5 i guess CPU version is the only way? (Multi Hashes) Is there any way to brute force them using GPU?

No, use oclHashcat-plus as described above. But keep in mind that salting a hash is an efficient technique to prevent multihashing. So all it does it to queue each salt internally and then run the transformation again with the new salt. In other words, the real speed is the single SALT speed divided by the number of salts.

Quote:3) Same but for IPB. How can i brute force IPB Hashes using GPU?

With oclHashcat-lite. Yes it does not support multihashes but read the answer above then you understand it does not matter.

Quote:4) md5(md5(pass)) is a common hash type. But only simple hashcat and lite version support it. If i want to test multiple md5(md5(pass)) how can i test them using GPU?

Its not that common, but you can use regular oclHashcat.

Quote:5) md5(pass.salt) is a common hash type too. oclhashcat support it as well as oclhash-lite. But how can i test them using wordlists only? If i use oclhashcat for that i have to specify rules for right side too. So simple wordlist attack is impossible?

In this case you can use hashcat CPU. Fast hashes like md5(pass.salt) can not run efficient on GPU without a modifier. Thats why hashcat CPU is faster.
#3
Thanks Atom i understand everything.

One more question.

Lets say that i want to brute force one hash for all digits,lowercase,uppercase up to 8 length(and not exactly 8)... How Is this Possible?

Lets say that i will use oclhash-lite...

I hope u understand me
#4
just do:

Code:
-1 ?l?d?s?u ?1?1?1?1?1?1?1

it will scan from 4-7 automatically. cracking < 4 is not supported on -lite but its an easy thing. you can use any cracker you want, it will go fast.