hashcat Forum Support hashcat v
hybrid attack Netntlm too slow

Thread Closed 
Threaded Mode
hybrid attack Netntlm too slow
philsmd Offline
I'm phil
******
Posts: 2,267
Threads: 16
Joined: Feb 2013
#11
10-27-2018, 10:44 PM (This post was last modified: 10-27-2018, 10:56 PM by philsmd.)
just for testing:
Code:
hashcat --keyspace -m 5500 -a 6 -1 ?l?u?s possibilities.txt ?1?1?1?1?1?1?1

Code:
hashcat --stdout -a 6 -o temporary_file.txt -s 2 -l 2 -1 ?l?u?s possibilities.txt ?1?1?1?1?1?1?1

Code:
type temporary_file.txt | hashcat -m 5500 hash.txt

note: you should probably reduce the length of the mask to e.g. ?1?1?1 for testing to save disk space (shouldn't really matter too much). or use something like the "head" command on linux.
Code:
hashcat --stdout -a 6 -s 2 -l 2 -1 ?l?u?s possibilities.txt ?1?1?1?1?1?1?1 | head -n 999999 > temporary_file.txt
Find
Marsupilami Offline
Junior Member
**
Posts: 9
Threads: 2
Joined: Oct 2018
#12
10-27-2018, 11:44 PM (This post was last modified: 10-28-2018, 02:43 PM by Marsupilami. Edit Reason: corrections )
(10-27-2018, 10:44 PM)philsmd Wrote: just for testing:
Code:
hashcat --keyspace -m 5500 -a 6 -1 ?l?u?s possibilities.txt ?1?1?1?1?1?1?1

Code:
hashcat --stdout -a 6 -o temporary_file.txt -s 2 -l 2 -1 ?l?u?s possibilities.txt ?1?1?1?1?1?1?1

Code:
type temporary_file.txt | hashcat -m 5500 hash.txt

note: you should probably reduce the length of the mask to e.g. ?1?1?1 for testing to save disk space (shouldn't really matter too much). or use something like the "head" command on linux.
Code:
hashcat --stdout -a 6 -s 2 -l 2 -1 ?l?u?s possibilities.txt ?1?1?1?1?1?1?1 | head -n 999999 > temporary_file.txt

Hi again I tried those commands the first command says 128 as output (number of words in possibilities.txt)
the second create a file with all combinations as i would expect i cancelled by 450 MB but the right combination was not in the file

I make further tests in the meantime with more easier passwords.
Sicher1337! only 337! should brute forced then.
hashcat64.exe -m 5500 -a 6 admin.lc admin.txt ?d?d?d?s

i have observed weird behaviour too:
First in admin.txt were all combinations of Sicher1 =>Search Exhaust after seconds
Then I put the right first part Sicher1 in the first row => Search Cracked
But then..
I delete the pot file and start the same command again without altering admin.txt and =>Exhaust
After 3 additional tries (I simply repeat the command dont edit admin.txt) it says cracked..
Do you think that could be a problem of the windows version?

edit:
I repeated the attempt with deleting the correct first part from the first row.
first try: Exhaust
second try:Exhaust
third try: Cracked

how is that possible?
Find
Marsupilami Offline
Junior Member
**
Posts: 9
Threads: 2
Joined: Oct 2018
#13
11-14-2018, 10:06 PM
(10-27-2018, 11:44 PM)Marsupilami Wrote:
(10-27-2018, 10:44 PM)philsmd Wrote: just for testing:
Code:
hashcat --keyspace -m 5500 -a 6 -1 ?l?u?s possibilities.txt ?1?1?1?1?1?1?1

Code:
hashcat --stdout -a 6 -o temporary_file.txt -s 2 -l 2 -1 ?l?u?s possibilities.txt ?1?1?1?1?1?1?1

Code:
type temporary_file.txt | hashcat -m 5500 hash.txt

note: you should probably reduce the length of the mask to e.g. ?1?1?1 for testing to save disk space (shouldn't really matter too much). or use something like the "head" command on linux.
Code:
hashcat --stdout -a 6 -s 2 -l 2 -1 ?l?u?s possibilities.txt ?1?1?1?1?1?1?1 | head -n 999999 > temporary_file.txt

Hi again I tried those commands the first command says 128 as output (number of words in possibilities.txt)
the second create a file with all combinations as i would expect i cancelled by 450 MB but the right combination was not in the file

I make further tests in the meantime with more easier passwords.
Sicher1337! only 337! should brute forced then.
hashcat64.exe -m 5500 -a 6 admin.lc admin.txt ?d?d?d?s

i have observed weird behaviour too:
First in admin.txt were all combinations of Sicher1 =>Search Exhaust after seconds
Then I put the right first part Sicher1 in the first row => Search Cracked
But then..
I delete the pot file and start the same command again without altering admin.txt and =>Exhaust
After 3 additional tries (I simply repeat the command dont edit admin.txt) it says cracked..
Do you think that could be a problem of the windows version?

edit:
I repeated the attempt with deleting the correct first part from the first row.
first try: Exhaust
second try:Exhaust
third try: Cracked

how is that possible?

In the meantime i tested this behaviour on different systems and its always the same result. So it has to be a bug in the sequential processing of hashcat.

When I write all combinations to a textfile and search for the correct password with an editor the textfile always contains the correct password but when I start a dictionary attack hashcat says Exhausted.. When i copy the correct password on line 300 for example it is cracked. That shows me that the sequential processing of hashcat is broken.

I checked if the problem is caused by windows version. For this I installed an native Ubuntu machine => same behaviour
I asked a friend to test it on his machine cause I wanted to know if the problem is caused by my card=> same behaviour

Perhaps its a problem of AMD cards cause my friend also owns an AMD-card 

If somebody want to test this behaviour on a NVIDEA-Card pls PM me then I send you the hashes for testing.

Greetings
Marsupilami
Find
Thread Closed