How to use gpu on bruteforcing SHA256(MD5('password'))
#1
Hi guys,
I want to bruteforce hash on my gpu SHA256(MD5('password')) but cant find right number for it. 4700 is closest but does not match  what I wont. I tried this command

Code:
$ ./hashcat64.bin -a 3 -m 4700 -o cracked.txt -n 1 --increment-min=2 --increment-max=15 --bf-cs-buf=0123456789 hash.txt -D 1,2

but it giving me an error

Code:
./hashcat64.bin: unrecognized option '--bf-cs-buf=0123456789'

Invalid argument specified.


Can anyone put me on right direction
Reply
#2
see the output of --help

sha256(md5(pass)) is not currently supported

-a 3 needs a mask and you specify a mask directly after the hash file

e.g.
Code:
./hashcat64.bin -a 3 -m 4700 -D 1,2 -o cracked.txt --increment --increment-min 2 hash.txt ?d?d?d?d?d?d?d?d?d?d

I don't know why you use this "bf-cs-buf", it was never an option available for the modern hashcat binary (again see --help).


Where is the hashing algorithm sha256(md5(pass)) used ? is this a common software/cms etc ?
Reply
#3
(07-13-2019, 08:18 AM)philsmd Wrote: see the output of --help

sha256(md5(pass)) is not currently supported

-a 3 needs a mask and you specify a mask directly after the hash file

e.g.
Code:
./hashcat64.bin -a 3 -m 4700 -D 1,2 -o cracked.txt --increment --increment-min 2 hash.txt ?d?d?d?d?d?d?d?d?d?d

I don't know why you use this "bf-cs-buf", it was never an option available for the modern hashcat binary (again see --help).


Where is the hashing algorithm sha256(md5(pass)) used ? is this a common software/cms etc ?

Ok great tnx for explanation.Sha256(md5(pass)) Its used on huawei router backup confing file,

Edit:
How can I pipe md5 output from one hashcut to another which will do sha256 ?
Reply
#4
Code:
perl tools/test.pl passthrough 0 < example.dict | hashcat -m 1400 -w 3 hash.txt
Reply
#5
(07-13-2019, 12:22 PM)philsmd Wrote:
Code:
perl tools/test.pl passthrough 0 < example.dict | hashcat -m 1400 -w 3 hash.txt

But I dont have test.pl what is insede of it ? Tnx

Edit: I would like to use crunch as dict. ?
Reply
#6
https://github.com/hashcat/hashcat/blob/...ls/test.pl

you can also do
Code:
crunch [options] | perl tools/test.pl passthrough 0 | hashcat -m 1400 -w 3 hash.txt
Reply
#7
(07-13-2019, 12:34 PM)undeath Wrote: https://github.com/hashcat/hashcat/blob/...ls/test.pl

you can also do
Code:
crunch [options] | perl tools/test.pl passthrough 0 | hashcat -m 1400 -w 3 hash.txt

Can't open perl script "tools/test.pl": No such file or directory
Reply
#8
My bad its in git version tnx
Reply
#9
When I run attack hashcat just exit

Code:
$ crunch 2 10 abcdefghijklamnoprts  | perl tools/test.pl passthrough 0 | hashcat -m 1400 -w 3 hash.txt
Crunch will now generate the following amount of data: 70828953712767 bytes
67547754 MB
65964 GB
64 TB
0 PB
Crunch will now generate the following number of lines: 6471681049881
hashcat (v5.1.0-1237-gf7898da) starting...

Can't locate Data/Types.pm in @INC (you may need to install the Data::Types module) (@INC contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.22.1 /usr/local/share/perl/5.22.1 /usr/lib/x86_64-linux-gnu/perl5/5.22 /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl/5.22 /usr/share/perl/5.22 /usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base .) at tools/test.pl line 11.
BEGIN failed--compilation aborted at tools/test.pl line 11.
nvrtcAddNameExpression is missing from NVRTC shared library.

* Device #1: CUDA SDK Toolkit installation NOT detected.
            CUDA SDK Toolkit installation required for proper device support and utilization
            Falling back to OpenCL Runtime

* Device #1: WARNING! Kernel exec timeout is not disabled.
            This may cause "CL_OUT_OF_RESOURCES" or related errors.
            To disable the timeout, see: https://hashcat.net/q/timeoutpatch
OpenCL API (OpenCL 1.2 CUDA 9.0.368) - Platform #1 [NVIDIA Corporation]
=======================================================================
* Device #1: GeForce GTX 750 Ti, 499/1999 MB allocatable, 5MCU

Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates
Rules: 1

Applicable optimizers:
* Zero-Byte
* Early-Skip
* Not-Salted
* Not-Iterated
* Single-Hash
* Single-Salt
* Raw-Hash

Minimum password length supported by kernel: 0
Maximum password length supported by kernel: 256

ATTENTION! Pure (unoptimized) backend kernels selected.
Using pure kernels enables cracking longer passwords but for the price of drastically reduced performance.
If you want to switch to optimized backend kernels, append -O to your commandline.
See the above message to find out about the exact limits.

Watchdog: Temperature abort trigger set to 90c

Host memory required for this attack: 151 MB

Starting attack in stdin mode...

Session..........: hashcat
Status...........: Exhausted
Hash.Name........: SHA2-256
Hash.Target......: ee12f5c6e504464a20942e89b39d055532699009a90fd419f3c...e9c815
Time.Started.....: Sat Jul 13 13:57:05 2019 (0 secs)
Time.Estimated...: Sat Jul 13 13:57:05 2019 (0 secs)
Guess.Base.......: Pipe
Speed.#1.........:        0 H/s (0.00ms) @ Accel:1024 Loops:1 Thr:64 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 0
Rejected.........: 0
Restore.Point....: 0
Restore.Sub.#1...: Salt:0 Amplifier:0-0 Iteration:0-1
Candidates.#1....: [Copying]
Hardware.Mon.#1..: Temp: 38c Fan: 34% Util:  4% Core:1124MHz Mem:2700MHz Bus:16
Started: Sat Jul 13 13:57:02 2019
Stopped: Sat Jul 13 13:57:06 2019
Reply
#10
c'mon this should be really obvious.

The error message says that you do not have the required perl modules installed

This thread is getting a little bit weird (the strange command line options, the usage of crunch if you could do the same thing with hashcat --stdout or much faster with just maskprocessor and blaming hashcat for the failure of installing the required perl modules etc)
Reply