Hashcat brain RAM-limited version
#1
If I understand correctly, hashcat-brain creates a quick hash for each password candidate from a wordlist. Doing so requires a lot of RAM for hashcat-brain-server.
From my point of view, hashcat-brain could still help in physically constrained environments with small RAM if we store a checksum of entire wordlist with a file path that has been used to crack a particular hash, and passed command line arguments.
For example, file1.hccapx contains 3 hashes and hashcat-brain stores what wordlists have been used for each of these 3 hashes like so:
hash #1: /path/to/wordlist1, wordlist1_md5sum, *hashcat-args (rules, etc.)
hash #1: /path/to/wordlist2, wordlist2_md5sum, *hashcat-args
...
hash #3: /path/to/wordlistN, wordlistN_md5sum, *hashcat-args

The memory footprint of this solution is small, and before running a new attack hashcat-brain could check the md5sum of the wordlist file to detect whether the file was changed and compare hashcat arguments with the previously passed. In this case, I don't need to remember that I've already tried rockyou.list with best.64 rules for some particular hashes from .hccapx file.

I suppose this idea already came up to hashcat developers and maybe I just don't see the whole picture and the drawbacks of such an approach to people who can't use the full hashcat-brain functionality.
Reply
#2
hashcat --help
--brain-client-features

- [ Brain Client Features ] -

# | Features
===+========
1 | Send hashed passwords
2 | Send attack positions
3 | Send hashed passwords and attack positions


so if you don't need to check/reject all the password that were tested, you just use the --brain-client-features 2
Reply
#3
Indeed, thank you. I better go to read hashcat manual more carefully.
Reply
#4
For the most detailed documentation / description of the brain feature, check out the release notes on hashcat 5.0.0 (https://hashcat.net/forum/thread-7903-po...l#pid42583)
Reply