WPA2 - 3/4 Digests recovered - Exhausted
#1
Hi,

I'm a little new to hashcat so my apologies if I have mis-understood anything.

I have ran an attack on a wpa2 capture, (single capture) using the mask of 8 uppercase characters. 
At around 75% of the way through I noticed the "Recovered" had changed to Recovered...: 3/4 Digests which I assumed was a good sign that all was good. (note: this could have been 3/4 from the start)
Eventually it completed at 100% but with a status......: exhausted and no output password.

My Questions..
Is this correct and the password wasn't 8 uppercase characters?
What about the 3/4 Digests? I'm of the understanding that this means it has cracked 3 hashes somewhere.
Have I messed the command up somewhere?
Should I have set an output file?

Command used:
Hashcat64.exe -m 2500 -a 3 capture.hccapx ?u?u?u?u?u?u?u?u

Thankyou so much in advance for any help


Output at the end of session.

Session..........: hashcat
Status...........: Exhausted
Hash.Type........: WPA-EAPOL-PBKDF2
Hash.Target......: capture.hccapx
Time.Started.....: Sat Oct 05 23:58:21 2019 (15 hours, 1 min)
Time.Estimated...: Sun Oct 06 14:59:40 2019 (0 secs)
Guess.Mask.......: ?u?u?u?u?u?u?u?u [8]
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:   501.0 kH/s (6.44ms) @ Accel:32 Loops:16 Thr:1024 Vec:1
Speed.#2.........:   497.3 kH/s (6.50ms) @ Accel:32 Loops:16 Thr:1024 Vec:1
Speed.#3.........:   491.5 kH/s (6.55ms) @ Accel:32 Loops:16 Thr:1024 Vec:1
Speed.#*.........:  1489.8 kH/s
Recovered........: 3/4 (75.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 208827064576/208827064576 (100.00%)
Rejected.........: 0/208827064576 (0.00%)
Restore.Point....: 8029988395/8031810176 (99.98%)
Restore.Sub.#1...: Salt:0 Amplifier:25-26 Iteration:3-7
Restore.Sub.#2...: Salt:0 Amplifier:25-26 Iteration:3-7
Restore.Sub.#3...: Salt:0 Amplifier:25-26 Iteration:3-7
Candidates.#1....: XCHMAFQV -> XKHERXFQ
Candidates.#2....: XGTANXFQ -> XQXQFZVQ
Candidates.#3....: XLTLEHQV -> XTECHVQV
Hardware.Mon.#1..: Temp: 39c Fan:  0% Util:  0% Core:1556MHz Mem:5005MHz Bus:8
Hardware.Mon.#2..: Temp: 45c Fan:  0% Util: 91% Core:1898MHz Mem:5005MHz Bus:8
Hardware.Mon.#3..: Temp: 31c Fan:  0% Util:  0% Core: 139MHz Mem: 405MHz Bus:8
Started: Sat Oct 05 23:57:13 2019
Stopped: Sun Oct 06 14:59:42 2019
Reply
#2
(10-06-2019, 05:32 PM)Dawbs Wrote: Hi,

I'm a little new to hashcat so my apologies if I have mis-understood anything.

I have ran an attack on a wpa2 capture, (single capture) using the mask of 8 uppercase characters. 
At around 75% of the way through I noticed the "Recovered" had changed to Recovered...: 3/4 Digests which I assumed was a good sign that all was good. (note: this could have been 3/4 from the start)
Eventually it completed at 100% but with a status......: exhausted and no output password.

My Questions..
Is this correct and the password wasn't 8 uppercase characters?
What about the 3/4 Digests? I'm of the understanding that this means it has cracked 3 hashes somewhere.
Have I messed the command up somewhere?
Should I have set an output file?

Command used:
Hashcat64.exe -m 2500 -a 3 capture.hccapx ?u?u?u?u?u?u?u?u

Thankyou so much in advance for any help


Output at the end of session.

Session..........: hashcat
Status...........: Exhausted
Hash.Type........: WPA-EAPOL-PBKDF2
Hash.Target......: capture.hccapx
Time.Started.....: Sat Oct 05 23:58:21 2019 (15 hours, 1 min)
Time.Estimated...: Sun Oct 06 14:59:40 2019 (0 secs)
Guess.Mask.......: ?u?u?u?u?u?u?u?u [8]
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:   501.0 kH/s (6.44ms) @ Accel:32 Loops:16 Thr:1024 Vec:1
Speed.#2.........:   497.3 kH/s (6.50ms) @ Accel:32 Loops:16 Thr:1024 Vec:1
Speed.#3.........:   491.5 kH/s (6.55ms) @ Accel:32 Loops:16 Thr:1024 Vec:1
Speed.#*.........:  1489.8 kH/s
Recovered........: 3/4 (75.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 208827064576/208827064576 (100.00%)
Rejected.........: 0/208827064576 (0.00%)
Restore.Point....: 8029988395/8031810176 (99.98%)
Restore.Sub.#1...: Salt:0 Amplifier:25-26 Iteration:3-7
Restore.Sub.#2...: Salt:0 Amplifier:25-26 Iteration:3-7
Restore.Sub.#3...: Salt:0 Amplifier:25-26 Iteration:3-7
Candidates.#1....: XCHMAFQV -> XKHERXFQ
Candidates.#2....: XGTANXFQ -> XQXQFZVQ
Candidates.#3....: XLTLEHQV -> XTECHVQV
Hardware.Mon.#1..: Temp: 39c Fan:  0% Util:  0% Core:1556MHz Mem:5005MHz Bus:8
Hardware.Mon.#2..: Temp: 45c Fan:  0% Util: 91% Core:1898MHz Mem:5005MHz Bus:8
Hardware.Mon.#3..: Temp: 31c Fan:  0% Util:  0% Core: 139MHz Mem: 405MHz Bus:8
Started: Sat Oct 05 23:57:13 2019
Stopped: Sun Oct 06 14:59:42 2019


Hashcat64.exe -m 2500 -a 3 capture.hccapx ?u?u?u?u?u?u?u?u --show
and surprise!!!!!!
Reply
#3
according to this wiki/faq page, you shouldn't use --show together with additional/unnecessary command line options, like -a 3 and a mask:
https://hashcat.net/faq#how_can_i_show_p...ilpassword

it will work, but makes no sense. According to those instruction it should be only

Code:
hashcat64.exe -m 2500 --show capture.hccapx
Reply
#4
Strike/Phil, You pair of legends Smile

I had tried the --show but didn't put the hash type and file name in. Many Thanks
Reply