Hashcat vs Keepass 2 (.kdbx)
#1
Hi. Please check if the mask is correctly formed. Translated by Google.

Condition:
Search for the unknown part of the password using the sets: l, u, d. From 1 to 16 characters long (in addition to the known part).

Code:
hashcat64.exe -a 3 -m 13400 -i —increment-min=1 —increment-max=16 -1 ?l?u?d Keepass2.hash Sdkdjso38sLfj9ar?1

And, could you please calculate how long the search with this condition will take. Thanks!!!

Quote:hashcat (v5.1.0) starting in benchmark mode...

Benchmarking uses hand-optimized kernel code by default.
You can use it in your cracking session by setting the -O option.
Note: Using optimized kernel code limits the maximum supported password length.
To disable the optimized kernel code in benchmark mode, use the -w option.

* Device #1: Intel's OpenCL runtime (GPU only) is currently broken.
We are waiting for updated OpenCL drivers from Intel.
You can use —force to override, but do not report related errors.
* Device #4: Not a native Intel OpenCL runtime. Expect massive speed loss.
You can use —force to override, but do not report related errors.
ADL_Overdrive_Caps(): -8

ADL_Overdrive_Caps(): -8

OpenCL Platform #1: Intel(R) Corporation
========================================
* Device #1: Intel(R) UHD Graphics 620, skipped.
* Device #2: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz, skipped.

OpenCL Platform #2: Advanced Micro Devices, Inc.
================================================
* Device #3: gfx804, 1523/2048 MB allocatable, 8MCU
* Device #4: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz, skipped.

Benchmark relevant options:
===========================
* —optimized-kernel-enable

Hashmode: 13400 - KeePass 1 (AES/Twofish) and KeePass 2 (AES) (Iterations: 6000)

Speed.#3.........: 29896 H/s (92.76ms) @ Accel:256 Loops:128 Thr:64 Vec:1
Reply
#2
No, the lengths are always the absolute length (they do not substract the fixed or hard-coded part).

This would make more sense:
Code:
hashcat64.exe -a 3 -m 13400 --increment --increment-min=17 -1 ?l?u?d Keepass2.hash Sdkdjso38sLfj9ar?1?1?1?1?1?1?1?1?1

... (in general!) the main problem with such masks is the fixed part of the mask, which could in theory affect the performance a lot (hashcat changes the left part most frequently in the kernel and if it is fixed, it can't change much... very easily expressed, simplified).

You could work around speed problems by testing --slow-candidates and/or pipes and or -a 6 (but again, this is more important for fast hash types, like MD4/MD5, for all only-pure - without optimized kernels - hash types it's not that significant.... but again, speed is king... therefore you just test and take the fastest method for cracking)
Reply
#3
(12-01-2019, 01:38 PM)Toma Wrote: First of all, thanks for the response. Secondly, I didn’t understand anything. ) In general, who can help with password recovery to the database. Please respond in PM. Or I can send a hash. Translated by the Great and Terrible Google.

That's a nice way to get banned. We are not here to recover your password. This is a forum for assisting in using the wonderful software called hashcat.
Reply
#4
(12-02-2019, 03:12 AM)slyexe Wrote:
(12-01-2019, 01:38 PM)Toma Wrote: First of all, thanks for the response. Secondly, I didn’t understand anything. ) In general, who can help with password recovery to the database. Please respond in PM. Or I can send a hash. Translated by the Great and Terrible Google.

That's a nice way to get banned. We are not here to recover your password. This is a forum for assisting in using the wonderful software called hashcat.
The program is without a doubt wonderful. But they told me that with the performance of my laptop and a modern, but weak video card, the search for the password I need will take months, if not years. In this regard, I have to ask other people with top-end iron who can help me in a matter of minutes. I will hope for someone else's help, after all, Christmas is coming soon. Translated by Google.
Reply
#5
As slyexe said, you cannot request hash-cracking help on this forum. Please remove these requests from your post, or you risk being banned.
~
Reply