Posts: 24
Threads: 5
Joined: Feb 2014
09-18-2018, 12:44 PM
(This post was last modified: 09-18-2018, 03:09 PM by john2014.)
hashcat version: 4.2.1
==============
1st I try this:
hashcat64.exe -m 2500 -a 0 crackme.hccapx "C:\WORDLISTS\simple.txt"
(where "simple.txt" contains only the word "password123")
Result: hash is cracked
Now I:
1) edit the "simple.txt" file and change "password123" to "password"
2) put a simple rule "$1$2$3" in a file named "TEST.rule" and execute:
hashcat64.exe -m 2500 -a 0 crackme.hccapx "C:\WORDLISTS\simple.txt" -r rules\TEST.rule
Result: not cracked
If I force hashcat to display what candidate(s) it creates/uses with:
hashcat64.exe "C:\WORDLISTS\simple.txt" -r rules\TEST.rule --stdout
The console displays:
password123
123
yet the hash somehow fails to crack!
Any ideas?
Posts: 43
Threads: 9
Joined: Jul 2018
Hi,
Just to be sure : In you second attempt, you file simple.txt does well contain the plain "password", and not "password123" ? Otherwise applying the rule will create the candidate "password123123".
Besides, when you use --stdout you usually should leave apart the hash type (-m 2500)
Posts: 24
Threads: 5
Joined: Feb 2014
I edited my post to reflect your points (yes, you are right regarding the "--stdout" switch)
Posts: 2,301
Threads: 11
Joined: Jul 2010
09-18-2018, 05:06 PM
(This post was last modified: 09-18-2018, 05:07 PM by undeath.)
what happens when you run
Code:
hashcat64.exe -m 2500 -a3 crackme.hccapx password123
?
Try the example hccapx file:
https://hashcat.net/wiki/doku.php?id=example_hashes
Posts: 24
Threads: 5
Joined: Feb 2014
09-18-2018, 06:12 PM
(This post was last modified: 09-18-2018, 06:13 PM by john2014.)
(09-18-2018, 05:06 PM)undeath Wrote: what happens when you run
Code:
hashcat64.exe -m 2500 -a3 crackme.hccapx password123
Try the example hccapx file: https://hashcat.net/wiki/doku.php?id=example_hashes
Just did.
These are the steps (I assumed the password is "hashcat") I performed:
1) edited the wordlist file as: hashc
2) edited the rules file as: $a$t
Run and result: FAILURE
But then I populated the wordlist only with "hashcat" and removed the rule
Result: failure!!
So, what gives? Isnt the password for "hashcat.hccapx" the passpharse "hashcat" as noted at the top of the page? ("
Unless otherwise noted, the password for all example hashes is hashcat.")
Posts: 2,301
Threads: 11
Joined: Jul 2010
as noted otherwise, the password for the example hccapx is "hashcat!" (with trailing exclamation mark)
Posts: 24
Threads: 5
Joined: Feb 2014
09-18-2018, 09:06 PM
(This post was last modified: 09-18-2018, 09:08 PM by john2014.)
Ok, I just checked and indeed the password is "hashcat!"
(with wordlist "000.txt" containing "hashcat!" and no rule applied)
hashcat64.exe -m 2500 -a 0 hashcat.hccapx "C:\_WORDLISTS\000.txt"
And then I:
1) edited the wordlist file as: hashc
2) edited the rules file as: $a$t$!
hashcat64.exe -m 2500 -a 0 hashcat.hccapx "C:\_WORDLISTS\000.txt" -r rules\__xTEST.rule
Run and result: FAILURE again!
Running "hashcat64.exe "C:\_WORDLISTS\000.txt" -r rules\__xTEST.rule --stdout" outputs "hashcat!" so the work is correctly constructed BUT fails to work!
So? Can you please check and verify? Am I doing something wrong?
Posts: 2,301
Threads: 11
Joined: Jul 2010
09-18-2018, 09:07 PM
(This post was last modified: 09-18-2018, 09:08 PM by undeath.)
your input word must be at least eight characters (before rule manipulation), otherwise it'll be skipped
Posts: 24
Threads: 5
Joined: Feb 2014
09-19-2018, 12:18 AM
(This post was last modified: 09-19-2018, 12:25 AM by john2014.)
Really????
Are you sure? Is this somewhere documented?
If this is the case, why? Maybe because the minimum length for WPA is 8 chars and so the code first rejects BEFORE the rule is applied?
If yes, shouldnt the rule FIRST be applied and then presented to the code to be tested?
In my opinion this is a serious problem as possibilities to retrieve passwords are lost.
If for example I know the first 6 characters and would like to apply a rule which would append at the end a range of 0-99999 how should I do it?
Furthermore, does this limitation also apply to wordlist combinations?
What if for example the password is "happyday" and wordlst #1 contains "happy" and wordlist #2 the word "day"? Does the combination of both wordlists crack or no the hash? (since each word is LESS than 8 chars?)
Posts: 2,301
Threads: 11
Joined: Jul 2010
(09-19-2018, 12:18 AM)john2014 Wrote: If this is the case, why? Maybe because the minimum length for WPA is 8 chars and so the code first rejects BEFORE the rule is applied?
exactly
(09-19-2018, 12:18 AM)john2014 Wrote: Furthermore, does this limitation also apply to wordlist combinations?
yes
(09-19-2018, 12:18 AM)john2014 Wrote: In my opinion this is a serious problem as possibilities to retrieve passwords are lost.
If for example I know the first 6 characters and would like to apply a rule which would append at the end a range of 0-99999 how should I do it?
The problem was recently discussed in this thread:
https://hashcat.net/forum/thread-7774.html
philsmd also posted a workaround (first post on page2)
