Posts: 930
Threads: 4
Joined: Jan 2015
06-18-2018, 10:33 PM
(This post was last modified: 06-18-2018, 10:36 PM by royce.)
Is there a way to log *all* of the rules that would have cracked a given hash?
Would/should --keep-guessing and --debug-mode be combine-able? It could be quite chatty - being able to ignore ':' would probably be useful.
~
Posts: 40
Threads: 4
Joined: May 2018
I kinda feel like that if you don't know the answer to something that it is likely unknowable.
Posts: 930
Threads: 4
Joined: Jan 2015
06-18-2018, 11:00 PM
(This post was last modified: 06-18-2018, 11:10 PM by royce.)
Ha! I'm only about one chapter ahead of you in the book.
And guess what? I should have tried it first!
--keep-guessing works fine with --debug-mode (for at least some attacks):
Code:
$ cat test.hash
8743b52063cd84097a65d1633f5c74f5
$ cat test.dict
hashca
hashcas
hashcau
hashcate
hashcatz
tachsah
HASHCAT
$ hashcat --quiet -O -w 4 --keep-guessing -D1 --session=test --potfile-path=./test.potfile \
--debug-mode=4 --debug-file=./test.log --outfile=test.out --outfile-format=15 \
-r multi.rule \
test.hash test.dict
$
$ wc -l test.potfile
1635 test.potfile
$ cat test.potfile
8743b52063cd84097a65d1633f5c74f5:hashcat
[...]
8743b52063cd84097a65d1633f5c74f5:hashcat
$ wc -l test.out
1635 test.out
$ cat test.out
8743b52063cd84097a65d1633f5c74f5:hashcat:68617368636174:1805914
[...]
8743b52063cd84097a65d1633f5c74f5:hashcat:68617368636174:3007570
$ wc -l test.log
1635 test.log
$ cat test.log
hashcate:$$ O72:hashcat
hashcate:$$ O72:hashcat
hashcate:$) *0B O72:hashcat
hashcate:$) K '7:hashcat
hashcate:$* O72:hashcat
[...]
hashcatz:} } D1 {:hashcat
The applications should be obvious (and are well-known to password researchers) - that for a given target list of hashes, a given input dictionary, and a given set of rules, the rules that are most universally applicable, and the base words that were the most useful, can be analyzed. It's highly dependent on its inputs.
~