nOOb help
#11
So,
I did check the .potfile and it only has one cracked hash that was from a test I did right after I started working on hashcat. Also I didn't realize that a dictionary attack would require an exact word match, so it makes sense now that it didn't/probably won't ever work.

I then tried this mask attack:
hashcat64 -a 3 -m 7100 -o D:\HashcatCL\cracked.txt D:\HashcatCL\hashes\<hashfile>.txt ?1?1?1?1?1?1 -1 ?u?l?d

and when it ran and I checked the status it said estimated time (1 year, 321 days) for only 6 keyspaces. Yikes! So I quit the hashcat session.

I'm running a Radeon RX 460 4GB (I assume this is probably an embarrassing GPU)

The last line of the status check says:
Hardware.Mon.#1: Util: 69% Core: 1212MHz Mem:1750MHz Bus:8

Any ideas on what else I should do or try? I believe the target device password is probably more than 6 keyspaces anyway, which would probably make an exponentially longer hashcat estimated runtime. Am I not using my computer resources properly? Should I try a different attack?

Thx for the thoughts.
Reply
#12
Your best bet is using a wordlist attack + rules if you don't know anything and hope the password is found. Hashcat ships with a couple of rules files.
Reply
#13
First, can somebody tell me if trying to crack anything on my machine is a joke? I don't do this as a hobby or professionallly, I literally just need one password cracked.

My specs:
Windows 7 64bit
CPU: AMD FX 8350 8-core ~4.0 GHz
RAM: 24 GB
GPU: AMD Radeon RX 460, 4GB onboard RAM

Otherwise, it seems like all of the suggestions I've been trying have estimated times of days to years, so I can't even get to a point of exhausting the hashcat session to see if I'm using the right attack mode/arguments/wordlists/charsets/masks/amplifiers/etc.

When I tried the following dictionary attack with dive.rule:
Hashcat64 -a 0 -m 7100 -w 3 (btw, what is the -w 3 argument) hash.txt rockyou.txt (wordlist) -r rules/dive.rule
I got estimated time of (28 years 127 days)

When I tried the following dictionary attack with best64.rule:
Hashcat64 -a 0 -m 7100 -w 3 hash.txt rockyou.txt (wordlist) -r rules/best64.rule
I got estimated time (8 days 2 hours)

When I tried the following brute-force/mask attack:
Hashcat64 -a 3 -m 7100 hash.txt ?a?a?a?a?a?a
I got estimated time of (21 years 206 days), and with only 6 placeholders.

I've tried setting the increment using -i minimum 4 -i maximum 8 and it runs through the 4 set in about 3 hours, then goes to the next increment (5) and estimated time changes to 7 days, so it doesn't seem like increment helps.

I've seen messages during the hashcat sessions:
"Cracking performance lower than expected?
*append -w 3 to the command line (which I did. what does this do?)
*Update your OpenCL runtime / driver the right way: https://hashcat.net/faq/wrongdriver (which I thought I did when I first downloaded hashcat a month ago)
*Create more work items to make use of your parallelization power: https://hashcat.net/faq/morework (which I'm trying to figure out now)

Also as the hashcat session is starting it reads:

Applicable optimizers:
*zero-byte
*single-hash
*single-salt
*brute-force
*slow-hash-simd-loop
*uses-64-bit

are these just descriptions of the session processes?

After reading what I've put here, can someone give me some different sample attack commands to try and explain each argument/section of the command.

Or am I just gonna need a different rig?

Thx for all the help and suggestions thus far.
Reply