Is there a way to extract a password hash from AESCrypt archive?
#11
(04-08-2020, 05:48 PM)philsmd Wrote: There is a file called hashcat.exe in the beta version, as well. You do not need to use ubuntu.

Just use the exe files for windows. this should be a quite obvious thing to do and was also already mentioned a hundreds of time in the forum.

Get Access is denined in windows

Microsoft Windows [Version 10.0.18363.720]
(c) 2019 Microsoft Corporation. All rights reserved.

C:\Windows\system32>cd c:\Users\Name\Downloads\hashcat-5.1.0\

c:\Users\Name\Downloads\hashcat-5.1.0>hashcat.exe
Access is denied.

c:\Users\Name\Downloads\hashcat-5.1.0>

.png   Annotation 2020-04-08 180929.png (Size: 23.63 KB / Downloads: 7)

Linux:
root@DESKTOP-EK85R5F:~# /mnt/c/Users/Name/Downloads/hashcat-5.1.0/hashcat.bin -a 3 -m 22400 ../hash.txt ?l?l?l?l?l?l?l?l?l?l
hashcat (v5.1.0-1774-gf96594ef) starting...

clGetPlatformIDs(): CL_PLATFORM_NOT_FOUND_KHR

ATTENTION! No OpenCL-compatible or CUDA-compatible platform found.

You are probably missing the OpenCL or CUDA runtime installation.

* AMD GPUs on Linux require this driver:
  "RadeonOpenCompute (ROCm)" Software Platform (3.1 or later)
* Intel CPUs require this runtime:
  "OpenCL Runtime for Intel Core and Intel Xeon Processors" (16.1.1 or later)
* NVIDIA GPUs require this runtime and/or driver (both):
  "NVIDIA Driver" (440.64 or later)
  "CUDA Toolkit" (9.0 or later)

Started: Wed Apr  8 18:10:20 2020
Stopped: Wed Apr  8 18:10:20 2020
root@DESKTOP-EK85R5F:~# clinfo
Number of platforms                              0
root@DESKTOP-EK85R5F:~#

have tried install opencl and amd gpu driver but no luck
ust trying this out on a zbook 14 g1
Reply
#12
This is quite off-topic for the AEScrypt problem. I would suggest to just search for forum posts that explain how to identify the hardware you have and install the driver from the vendors page.

It's discouraged to use notebooks to crack hashes. They do not have any sophisticated cooling system that would get rid of the heat produced by the GPUs when running hashcat at 100% utilization. Most of the laptops share a single cooling fan / heat sink etc between CPU and GPU etc. It's not ideal. Avoid it, whenever possible
Reply
#13
(04-08-2020, 06:40 PM)philsmd Wrote: This is quite off-topic for the AEScrypt problem. I would suggest to just search for forum posts that explain how to identify the hardware you have and install the driver from the vendors page.

It's discouraged to use notebooks to crack hashes. They do not have any sophisticated cooling system that would get rid of the heat produced by the GPUs when running hashcat at 100% utilization. Most of the laptops share a single cooling fan / heat sink etc between CPU and GPU etc. It's not ideal. Avoid it, whenever possible

Just a test got it working now when I moved all files to a ramdisk
Reply
#14
just to make it very clear: NO, a ramdisk doesn't help against missing or wrong drivers (people often see some "solutions" here and just think this might work... but a ramdisk is something completely/utterly unrelated... has nothing to do with driver problems, see https://hashcat.net/faq/wrongdriver)
Reply
#15
(04-09-2020, 08:32 AM)philsmd Wrote: just to make it very clear: NO, a ramdisk doesn't help against missing or wrong drivers (people often see some "solutions" here and just think this might work... but a ramdisk is something completely/utterly unrelated... has nothing to do with driver problems, see https://hashcat.net/faq/wrongdriver)

Hi but the ramdisk does help against the Access denied problem, that I even try to solve with attrib.
And it is unclear if hashcat does the work in memory or on my sdd?

Anyway I managed to minimize the mask and the cracking works as it should. I found the right password from the hash that I extract from the Duplicati backup file.

But there is a bug and a missunderstanding of the keyboard on my laptop. I made a misstake of the numlock function. Some buttons type same charcter with shift and numlock some don't.
That is what that is not clear on the signs on the buttons that led to the issue.

Then again I thnk the beta of hashcat works just fine and you can merge the perlscript and the new code together but watch out for that Access denied issue other users have seen it too and it is not there in the last stable release.

Thanks for all the help this was good learning
Reply
#16
maybe the main problem was something completely unrelated.

for instance, I noticed a lot of users just copy-paste commands... so for instance they copy-paste this:
(ATTENTION: this command is not correct ! it is dangerous !)
Code:
> hashcat.exe -m 22400 ...
ATTENTION: this command is not correct ! it is dangerous !

when doing so, what happens is that the redirect symbol ">" is writing to the file "hashcat.exe" and therefore destorying/corrupting the executable.

When the executable file is overridden, it's of course not working anymore and therefore you get an "Access Denied" error or similar.

I think this is pebcak and hashcat works with any type of disk (HDD, SDD, thumb drives etc <- not all of them are recommended of course, but it should work without problems anyway)
Reply
#17
(04-09-2020, 12:49 PM)philsmd Wrote: maybe the main problem was something completely unrelated.

for instance, I noticed a lot of users just copy-paste commands... so for instance they copy-paste this:
(ATTENTION: this command is not correct ! it is dangerous !)
Code:
> hashcat.exe -m 22400 ...
ATTENTION: this command is not correct ! it is dangerous !

when doing so, what happens is that the redirect symbol ">" is writing to the file "hashcat.exe" and therefore destorying/corrupting the executable.

When the executable file is overridden, it's of course not working anymore and therefore you get an "Access Denied" error or similar.

I think this is pebcak and hashcat works with any type of disk (HDD, SDD, thumb drives etc <- not all of them are recommended of course, but it should work without problems anyway)

Maybe you should step down from your horse with your six stars and try to read my post and picture one more time.
Reply
#18
(04-09-2020, 04:37 PM)zub Wrote:
(04-09-2020, 12:49 PM)philsmd Wrote: maybe the main problem was something completely unrelated.

for instance, I noticed a lot of users just copy-paste commands... so for instance they copy-paste this:
(ATTENTION: this command is not correct ! it is dangerous !)
Code:
> hashcat.exe -m 22400 ...
ATTENTION: this command is not correct ! it is dangerous !

when doing so, what happens is that the redirect symbol ">" is writing to the file "hashcat.exe" and therefore destorying/corrupting the executable.

When the executable file is overridden, it's of course not working anymore and therefore you get an "Access Denied" error or similar.

I think this is pebcak and hashcat works with any type of disk (HDD, SDD, thumb drives etc <- not all of them are recommended of course, but it should work without problems anyway)

Maybe you should step down from your horse with your six stars and try to read my post and picture one more time please.
Reply
#19
Do you have any suggestion what we can do to get rid of the "Access is denied" error ?

I'm pretty sure that we have a lot of users testing with the beta and it works for them. Maybe you can just try again to download the beta and extract it in a clean directory (not overriding old folders) and without copy-pasting just enter the folder and run
Code:
hashcat.exe --help
Reply
#20
(04-09-2020, 05:06 PM)philsmd Wrote: Do you have any suggestion what we can do to get rid of the "Access is denied" error ?



I'm pretty sure that we have a lot of users testing with the beta and it works for them. Maybe you can just try again to download the beta and extract it in a clean directory (not overriding old folders) and without copy-pasting just enter the folder and run

Code:
hashcat.exe --help

Hi
I am sorry I found the fault both hashcat beta och hashcat last stable does not get the Access denied if you unpack them with windows 7z, but if you unpack them with newest avail p7zip( which you see in screenshot is very old) in cygwin you get Access denied. So it is p7zip in cygwin fault not yours



Do you plan to merge the perl script + beta and have a new mode for duplicati / aescrypt?


Attached Files
.png   Annotation 2020-04-09 183422.png (Size: 441.78 KB / Downloads: 4)
Reply