Hashcat gets exhausted too quickly, HELP!
#1
Question 
So when I 'decrypt' the emails and hashes together I get left with only like 20 results.

The command I use is:
hashcat64.exe -m 0 -a 0 --username [hashes.txt] [wordlist.txt]

then to retrieve results:

hashcat64.exe -m 0 --username --show [hashes.txt] --outfile-format=2 -o [results.txt]

I put in like 350 hash combos, but only get 12 results.
Is there not enough words in my wordlist? It's 435MB.
If that's the problem can anyone link me a good place to get a bunch of password and wordlists?
Reply
#2
You should also use rules; MD5 is screamingly fast and you won't be using your graphics card to its full potential.

I'm a big fan of these wordlists -https://github.com/berzerk0/Probable-Wordlists , and nsav2 rules

This is what I'd actually run on a Windows box. Linux, you can afford to do -w4, but this tends to make Windows annoyingly unresponsive.

Code:
hashcat64.exe -a0 -m 0 32hex.txt Top32Million-probable.txt -r rules/InsidePro-PasswordsPro.rule  --loopback  -O  -w3

and see how that goes.

-w3 - work factor
-O optimised kernel
32hex.txt - target hashes
Top32Million .. wordlist
-r <rules>
--loopback - feed cracks into another round.
Reply
#3
D'oh - "nsa" rules here https://github.com/NSAKEY/nsa-rules/blob....dive.rule .

I also just literally finished uploading some rules which I tested against HIBP with Top258Million-probable and took those with at least 100 hits, 1000 hits, etc.  I haven't really tested them yet though. 

https://www.blacktraffic.co.uk/pw-dict-p...cal-rules/
Reply
#4
(01-06-2020, 11:34 AM)blacktraffic Wrote: D'oh - "nsa" rules here https://github.com/NSAKEY/nsa-rules/blob....dive.rule .

I also just literally finished uploading some rules which I tested against HIBP with Top258Million-probable and took those with at least 100 hits, 1000 hits, etc.  I haven't really tested them yet though. 

https://www.blacktraffic.co.uk/pw-dict-p...cal-rules/

Will try later, thanks. I'll let you know how it goes.
Reply
#5
(01-06-2020, 11:34 AM)blacktraffic Wrote: D'oh - "nsa" rules here https://github.com/NSAKEY/nsa-rules/blob....dive.rule .

I also just literally finished uploading some rules which I tested against HIBP with Top258Million-probable and took those with at least 100 hits, 1000 hits, etc.  I haven't really tested them yet though. 

https://www.blacktraffic.co.uk/pw-dict-p...cal-rules/

Well, looks like it worked. How do I get the results into a .txt file?
Reply
#6
All cracked hashes will be added to hashcat.potfile (open with a text editor of your choice) Otherwise you can just use output to put it into a text file of your liking. 

hashcat.exe -w 3 -m 0 -o MD5cracked.txt hash.txt etc.. etc..

Also if you're looking for wordlist I suggest using weakpass.com for a wide assortment of choices.
Reply
#7
(01-11-2020, 05:50 AM)LackuJacku Wrote:
(01-06-2020, 11:34 AM)blacktraffic Wrote: D'oh - "nsa" rules here https://github.com/NSAKEY/nsa-rules/blob....dive.rule .

I also just literally finished uploading some rules which I tested against HIBP with Top258Million-probable and took those with at least 100 hits, 1000 hits, etc.  I haven't really tested them yet though. 

https://www.blacktraffic.co.uk/pw-dict-p...cal-rules/

Well, looks like it worked. How do I get the results into a .txt file?

just use the --show parameter, or tail the potfile like the other poster suggests. 

Code:
hashcat64.exe -m 5600 ..\tests\netlmv2.txt [b]--show[/b]

USER::WIN-O78RC69DOFK:1122334455667788:61b95720d45c245308664d26a4d00934:0101000000000000ab61beb0ed96d40104e332ac8f5df1c80000000008003000300000000000000001000000002000005a6b93f1dacf821c10fecdad8a5a7be7aded62ff512d1a6e7770bb4126ef7adb0a0010000000000000000000000000000000000009002800570049004e002d004f0037003800520043003600390044004f0046004b005c0075007300650072000000000000000000:user


type hashcat.potfile 
...
[color=#333333][size=small][font=Tahoma, Verdana, Arial, sans-serif]USER::WIN-O78RC69DOFK:1122334455667788:61b95720d45c245308664d26a4d00934:0101000000000000ab61beb0ed96d40104e332ac8f5df1c80000000008003000300000000000000001000000002000005a6b93f1dacf821c10fecdad8a5a7be7aded62ff512d1a6e7770bb4126ef7adb0a0010000000000000000000000000000000000009002800570049004e002d004f0037003800520043003600390044004f0046004b005c0075007300650072000000000000000000:user[/font][/size][/color]
Reply