Multiple hash type mode
#1
Hello all,

Is there a way to run hashcat in a multiple hash type mode?

For example, if I want to check hash modes 6211, 6212 and 6213 in a one run.
Reply
#2
you can just run 6213 to also crack all hashes that can be cracked with 6211 or 6212


i..e 6213 can crack all 6212 hashes too which can crack all 6211 hashes too
(the inverse e.g. 6211 cracking all 6213 hashes is of course not true)

you can test it yourself, example hashes are here: https://hashcat.net/wiki/example_hashes
Reply
#3
Oh, thank you, philsmd!
Is it also true for mode 6223? (6223 include also 6222 and 6221)
My goal is to check all types of truecrypt hashes excluding bootable.
Reply
#4
yeah, that's true that 6233 is able to crack all 6232 hashes which is able to crack all 6231 hashes
Furthermore, 6223 is able to crack all 6222 hashes which is able to crack all 6221 hashes

but attention: it's not true that 6223 is able to crack 6232 hashes (the hashing algorithm like RIPEMD160, SHA512 or Whirlpool must be the correct one, it doesn't work across those hashing algos, only across encryption algos)
Reply
#5
All right, got it.
Think it will be nice to see in the future possibility to combine modes, something like -m 6233,6223,6213.
Anyway, thank you very much for your help!
Reply
#6
Huh, I didn't know this. Not sure what is the best way to express this in the --help output, but it feels important enough to try.
~
Reply
#7
(08-26-2019, 03:38 PM)royce Wrote: Huh, I didn't know this. Not sure what is the best way to express this in the --help output, but it feels important enough to try.



That will be great!

Also, please take a look, when we use hashcat --help there is a table with options. It that table there is an option "--truecrypt-keyfiles" and example of its use "--truecrypt-keyf=x.png".

So its slightly different and since hashcat accept both variants and even something knowingly wrong like "--truecrypt-key" is accepted, its hard to understand correct way of using this option.

Same thing with veracrypt keyfiles.

In addition, there is no indications of keyfile usage while running hashcat.
Reply
#8
(08-27-2019, 09:31 AM)sergio Wrote: So its slightly different and since hashcat accept both variants and even something knowingly wrong like "--truecrypt-key" is accepted, its hard to understand correct way of using this option.

It doesn't matter. You can shorten all options arbitrarily unless they clash with another option.
Reply
#9
(08-27-2019, 10:16 AM)undeath Wrote: It doesn't matter. You can shorten all options arbitrarily unless they clash with another option.




Very nice, good to know.
Reply