help cracking PBKDF2-SHA512
#1
Howdy all,

I'm still trying to crack a single PBKDF2-SHA512 password from a MacAirBook running El Capitan, using hashcat on my new PC, which means I've had to extract the hash from the Mac and move it to my PC to work on cracking.

I just built a new PC last week with the following specs (mainly because my old rig was...well, old. But a tiny bit with this cracking task in mind):

OS: Windows 10
Mainboard: X470 Aorus Gaming 5 Wifi (this board has another available PCIe 3 slots if I wanted to add a second GPU, which I may do at some point, lemme know if this is recommended for this task below)
CPU: AMD Ryzen 7 1700
GPU: single XFX Radeon RX590 Fatboy 8GB GDDR5
RAM: 32 GB Corsair Vengeance DDR4
PSU: EVGA Supernova 850 G2 850W 80plus Gold

Regarding the password I'm trying to crack, I don't have any idea what it could be, but I suspect it is almost certainly longer than 6 characters and more likely 8-12 characters long, and could contain upper/lower/digits/symbols. I also don't know if there are any particular amends/prepends (digital years, etc.) to whatever the password is. I've read through a lot of the Wiki articles and forums on the different attack types as well as how to maximize parallelization so I feel like I more or less understand the basic premise of what I should be trying, but I'm only a noob trying to crack one password with absolutely no coding experience or knowledge beyond starting to learn how to use hashcat just a few weeks ago in order to crack this one password. I'm basically looking for more specific guidance on attack commands that I should try. If I see specific command written out, I'm pretty good at learning each component of the command to understand how it fits into the overall approach, but sometimes the commands written out in the Wiki pages aren't very thorough or don't have good explanations included with them for me to understand how they work. (But I'm also noob, so it could just be that.)

I've already installed Hashcat on the new PC and it runs fine although I've been unsuccessful at getting anything other than an exhausted session with only "candidates" that don't ever work.

So far I've tried the following attacks with the included results:

Hybrid dictionary attack using the "rockyou" wordlist and the "oneruletorulethemall" rule:

hashcat64 -a0 -m7100 D:\HashcatCL\hashes\hash1.txt D:\HashcatCL\wordlists\rockyou.txt D:\HashcatCL\rules\oneruletorulethemall.rule

result: (this took 49 minutes, which I thought was way too long for such a simple attack and a newer/stronger GPU, maybe this is a parallelization/utilization issue? But I thought using rules with the dictionary was part of increasing work/parallelization.)
Session..........: hashcat
Status...........: Exhausted
Hash.Type........: macOS v10.8+ (PBKDF2-SHA512)
Hash.Target......: $ml$32894$xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...696144 (masked)
Time.Started.....: Wed Feb 13 00:00:50 2019 (49 mins, 56 secs)
Time.Estimated...: Wed Feb 13 00:50:46 2019 (0 secs)
Guess.Base.......: File (D:\HashcatCL\wordlists\rockyou.txt)
Guess.Queue......: 1/2 (50.00%)
Speed.#1.........:     4788 H/s (4.46ms) @ Accel:32 Loops:16 Thr:64 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 14344384/14344384 (100.00%)
Rejected.........: 0/14344384 (0.00%)
Restore.Point....: 14344384/14344384 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:32880-32893
Candidates.#1....: $HEX[2a627269616e6e653031322a] -> $HEX[042a0337c2a156616d6f732103]
Hardware.Mon.#1..: Util:  0% Core:1541MHz Mem:2000MHz Bus:16

also tried a hybrid dictionary attack using two dictionaries "rockyou" and "english" as well as the "oneruletorulethemall" rule and the result didn't take that long but didn't recover anything (I've also used the best64 rule on the same attacks):
hashcat64 -a 0 -m 7100 D:\HashcatCL\hashes\hash1.txt D:\HashcatCL\wordlists\rockyou.txt D:\HashcatCL\wordlists\english.txt D:\HashcatCL\rules\oneruletorulethemall.rule

result:
Session..........: hashcat
Status...........: Exhausted
Hash.Type........: macOS v10.8+ (PBKDF2-SHA512)
Hash.Target......: $ml$32894$f75ad5635a1bad19b0ae22efd80f1765a5d132254...696144
Time.Started.....: Wed Feb 13 11:00:15 2019 (12 secs)
Time.Estimated...: Wed Feb 13 11:00:27 2019 (0 secs)
Guess.Base.......: File (D:\HashcatCL\rules\oneruletorulethemall.rule)
Guess.Queue......: 3/3 (100.00%)
Speed.#1.........:     4510 H/s (5.35ms) @ Accel:32 Loops:16 Thr:64 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 52014/52014 (100.00%)
Rejected.........: 0/52014 (0.00%)
Restore.Point....: 52014/52014 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:32880-32893
Candidates.#1....: ######################################################### -> -8,9
Hardware.Mon.#1..: Util:  4% Core:1541MHz Mem:2000MHz Bus:16

(someobody on a forum mentioned that if the password doesn't exactly match one of the words in the dictionaries I'm using, then I'll never recover the password. Suggestions? Is there a better dictionary than "rockyou", which is the one I hear about the most. Also, by using the rules in my dictionary attack I'm emulating a hybrid attack correct?)

also tried a mask attack with 8 character spaces (lowercase charset only) and an increased workload:
hashcat64 -a 3 -m 7100 -w 3 -i D:\HashcatCL\hashes\hash1.txt ?l?l?l?l?l?l?l?l

but by the time the "guess queue" gets to 6th character space out of 8, the estimated time becomes 16 hours, so I quit the session because obviously the wait time only increases exponentially with each character space. Not only that, I realized if the password is more than 8 characters spaces hashcat wouldn't recover it anyway. Not only that if the character spaces included not just lowercase but upper/digital/symbol then I'd really be screwed. And when I try a brute-force or long character space (8 or more) mask attack, it says "years" for estimated time, lol.

Considering my rig, and considering that I thought I was already increasing the workload/utilization/parallelization, is there anything else I should be trying? Or am I not properly utilizing parallelization? On several of the sessions I've run, I keep getting this msg about supplying more work:

The wordlist or mask that you are using is too small.
This means that hashcat cannot use the full parallel power of your device(s).
Unless you supply more work, your cracking speed will drop.
For tips on supplying more work, see: https://hashcat.net/faq/morework (which I've read through and tried to implement as best I understand)

Isn't the "rockyou" wordlist one of the larger/most used wordlists out there? If not, should I be using multiple wordlists in the same session (like I did in the second example attack above)?
If the mask is too small and its already showing

I've read the Wiki article on supplying more work, but I don't know how else to increase it for the particular type of sessions I'm running. More dictionaries? More rules? If so, which ones? I only have one hash to crack so I can't supply more of those?


Anybody have better ideas or a direction to push me in?
Markov? (which I know nothing about)
Some other hybrid?

Thx for your ears.
Reply
#2
1. why are you trying to crack the hash? can't you just replace the hash with a known hash and login ? Is it important that you know the password ?
2. your rule command/syntax is completely wrong. you need to use -r my.rule for rules where my.rule is the rule file (see https://hashcat.net/wiki/?id=rule_based_attack)
Reply
#3
Appreciate your reply philsmd,

1. Am I not understanding the process correctly? Don't I have to crack the specific hash that I pulled from the target device to get the password for that device?
I don't understand what you mean by known hash and login? How is it known? Did I miss something?

2. ah, missed the "-r"
but then, I just tried this with the following hybrid dictionary attack using best64 rule with current estimated session time (10 days 13 hrs):

hashcat64 -a 0 -m 7100 -w 3 D:\HashcatCL\hashes\hash1.txt "D:\HashcatCL\wordlists\crackstation human only\realhuman_phill.txt" -r D:\HashcatCL\rules\best64.rule

Session..........: hashcat
Status...........: Running
Hash.Type........: macOS v10.8+ (PBKDF2-SHA512)
Hash.Target......: $ml$32894$f75ad5635a1bad19b0ae22efd80f1765a5d132254...696144
Time.Started.....: Wed Feb 20 12:34:26 2019 (13 secs)
Time.Estimated...: Sun Mar 03 02:29:43 2019 (10 days, 13 hours)
Guess.Base.......: File (D:\HashcatCL\wordlists\crackstation human only\realhuman_phill.txt)
Guess.Mod........: Rules (D:\HashcatCL\rules\best64.rule)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 5386 H/s (52.18ms) @ Accel:128 Loops:32 Thr:64 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 0/4923462313 (0.00%)
Rejected.........: 0/0 (0.00%)
Restore.Point....: 0/63941069 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:7584-7616
Candidates.#1....: $HEX[042a0337c2a156414d4f532103] -> $HEX[303137313937323037]
Hardware.Mon.#1..: Util:100% Core:1580MHz Mem:2000MHz Bus:16

What am I missing here?
Reply
#4
1. what is your goal here? do you need to do forensic analysis or just need to get your data back and login ? I think if you are not using full-disk-encryption you could trick the system by giving it a different "hash" and login with the password corresponding to the fake/replaced hash (see https://apple.stackexchange.com/question...n-a-script or https://www.reddit.com/r/hacking/comment..._password/). That said, I'm not a macOS user/expert and I therefore do not know if this is still possible or possible at all.

2. this seems perfectly fine. You are using a hash with 32894 iteration, what else do you expect ? you could/should try to use better and more GPUs, that's all you can do if it comes to better speed. On the other hand, you can try to make your attacks more clever by only using rules and words that make sense for your specific case (very specialized/decicated rules and words, hand-crafted).
Reply
#5
1. I just want login/data back

2. If I don't know any thing about the password, any suggestions on rules/words? Is there a better rule than best64? Is there a better wordlist than rockyou?

Thanks for the help philsmd.
Reply