Weird issue with hashcat v5.1.0
#1
Hello,



I am seeing some strange behaviour with hashcat.



I'm trying to crack a test hash for "XMR123" - using SHA3-256:

Code:
EA5F1F228B67C17A43FBBEECAAE52A8E44A8376868BE2F8FB20E4049779F85A8



My command is:

Code:
hashcat -m 17400 -a 3 EA5F1F228B67C17A43FBBEECAAE52A8E44A8376868BE2F8FB20E4049779F85A8



However hashcat runs past the 6 char brute section...





Code:
Session..........: hashcat

Status...........: Exhausted

Hash.Type........: SHA3-256

Hash.Target......: ea5f1f228b67c17a43fbbeecaae52a8e44a8376868be2f8fb20...9f85a8

Time.Started.....: Thu Oct 17 14:09:40 2019 (56 secs)

Time.Estimated...: Thu Oct 17 14:10:36 2019 (0 secs)

Guess.Mask.......: ?1?2?2?2?2?2 [6]

Guess.Charset....: -1 ?l?d?u, -2 ?l?d, -3 ?l?d*!$@_, -4 Undefined

Guess.Queue......: 6/15 (40.00%)

Speed.#2.........:  9845.0 kH/s (8.31ms) @ Accel:8 Loops:2 Thr:256 Vec:1

Speed.#3.........: 59249.2 kH/s (1.39ms) @ Accel:16 Loops:8 Thr:256 Vec:1

Speed.#*.........: 69094.2 kH/s

Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts

Progress.........: 3748902912/3748902912 (100.00%)

Rejected.........: 0/3748902912 (0.00%)

Restore.Point....: 1490944/1679616 (88.77%)

Restore.Sub.#2...: Salt:0 Amplifier:2230-2232 Iteration:0-2

Restore.Sub.#3...: Salt:0 Amplifier:2224-2232 Iteration:0-8

Candidates.#2....: Uq6r5o -> Xqlfxj

Candidates.#3....: Wqna8q -> Xqqfqx



Without finding it, why is this?



EDIT: Same issue with SHA-256... so weird. It used to work, I have items in my potfile.



EDIT2: After further testing, and to add to the weirdness, hashcat finds:





a665a45920422f9d417e4867efdc4fb8a04a1f3fff1fa07e998e86f7f7a27ae3:123

448a5d6dc7b84c1a0de5e7dae7d55fe46bfbc857ce577235b2bcc7ab1328a77b:X123




but starts to fail at "XM123" (2f5d45aa660e38518d07258c0396eb6f19d4534aae7d6c36b049225c2a1687e6)...


Bizarre.


Thanks for the help.
Reply
#2
you have not specified a mask, hence hashcat uses its default mask which does not include your password.
Reply
#3
(10-17-2019, 03:24 PM)undeath Wrote: you have not specified a mask, hence hashcat uses its default mask which does not include your password.

Thanks for the reply.

Check my update, it happily cracks:

"123"
"X123"


but fails when I move to "XM123" or anything larger.


Doesn't a raw brute force just iterate over all possible values?

What mask would I use?
Reply
#4
There is no such thing as a "raw bruteforce" in hashcat. You can see the default mask it is using in your status output.
Reply
#5
the default mask and custom charsets (--custom-charset1 ... --custom-charset4) are documented here:
https://hashcat.net/wiki/doku.php?id=has...ult_values

you would want something like --increment ?a?a?a?a?a?a?a?a?a

if you want to use specials, numbers, lowercase letters, uppercase letters (it would be same as --custom-charset1 ?s?d?u?l ?1?1?1?1?1?1?1?1?1 --increment)
Reply
#6
(10-17-2019, 03:28 PM)undeath Wrote: There is no such thing as a "raw bruteforce" in hashcat. You can see the default mask it is using in your status output.

OK thanks for the reply.

Is there a calculator available for the masks?

What is the default mask in English? (sorry hard to understand the syntax)
Reply
#7
(10-17-2019, 03:29 PM)philsmd Wrote: the default mask and custom charsets (--custom-charset1 ... --custom-charset4) are documented here:
https://hashcat.net/wiki/doku.php?id=has...ult_values

you would want something like --increment ?a?a?a?a?a?a?a?a?a

if you want to use specials, numbers, lowercase letters, uppercase letters (it would be same as --custom-charset1 ?s?d?u?l ?1?1?1?1?1?1?1?1?1 --increment)

Thank you, trying to understand the syntax!
Reply
#8
the syntax is documented here: https://hashcat.net/wiki/doku.php?id=mask_attack
Reply
#9
(10-17-2019, 03:33 PM)undeath Wrote: the syntax is documented here: https://hashcat.net/wiki/doku.php?id=mask_attack

Got it now thanks...
Reply
#10
To find XMR123 apply this mask: ?u?u?u?d?d?d aka upper+upper+upper+digit+digit+digit
Reply