Status description
#1
Comrades, good day.
I think the question about the Hashcat status description that is displayed on the user's screen was discussed more than once. In the hope that You will help me, I leave this message here. Please explain in detail what this means. Thank you very much.

Typing a command:
Code:
C:\Hashcat\hashcat64.exe -m 2500 -a 3 -w 4 C:\hccapx\test.hccapx
after that, the program starts safely and performs the brut force operation.
Status:

Code:
Session..........: hashcat
Status...........: Running
Hash.Type........: WPA-EAPOL-PBKDF2
Hash.Target......: C:\hccapx\test.hccapx
Time.Started.....: Wed Feb 19 09:51:59 2020 (2 secs)
Time.Estimated...: Thu Oct 01 06:27:35 2020 (224 days, 20 hours)
1.Guess.Mask.......: ?1?2?2?2?2?2?2?3 [8]
2.Guess.Charset....: -1 ?l?d?u, -2 ?l?d, -3 ?l?d*!$@_, -4 Undefined
3.Guess.Queue......: 1/8 (12.50%)
Speed.#1.........:  284.8 kH/s (332.92ms) @ Accel:128 Loops:128 Thr:1024 Vec:1
4. Recovered........: 0/4 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 0/5533380698112 (0.00%)
5. Rejected.........: 0/0 (0.00%)
6. Restore.Point....: 0/89248075776 (0.00%)
7. Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:512-640
8. Candidates.#1....: sarierin -> snlfwane
9. Hardware.Mon.#1..: Temp: 44c Fan: 24% Util:100% Core:1151MHz Mem:3304MHz Bus:16

I have numbered the items that I do not understand, and I ask you to give a description for each of them.
Unfortunately, I didn't find any information on the Internet.

P.S. in order not to produce themes, please tell me another time when I want to specify a parameter for automatic status updates, for example every 30 seconds, I specify:

C:\Hashcat\hashcat64.exe -m 2500 -a 3 -w 4 --status-timer=30 C:\hccapx\test.hccapx

but, unfortunately, nothing works, i.e. the status is not automatically updated, what am I doing wrong?
Thanks.
Reply
#2
for status updates every 30 seconds, you need to use:
--status --status-timer 30

1. The mask (that you didn't specify, it's the default one, see: https://hashcat.net/wiki/doku.php?id=has...ult_values)
2. The custom charset (that you didn't specify, it's the default one, see ^ )
3. if you didn't specify any mask, the default mask is used together with --increment, in this case it starts to increase the password length from 8 characters up to 16 characters (that's why it's 1 of 8)
4. how many hashes/digests (and salts) have been cracked of the total hashes (and salts)
5. how many password candidates are too short (or long), minimum for WPA is 8 byte passwords
6. this is used together with --restore (the outer loop of hashcat) to restore sessions if hashcat was quitted/stopped (if the restore value > 0)
7. indicates how deep we are into the current iteration etc (if the algorithm is iterated) to reach the next restore point
8. some passwords that are currently tested (just an indication, of course they change very quickly every millisecond or smaller)
9. temperature of the hardware (GPU), current GPU fan speed, the utilization (is the GPU running at 100% ?), core clock and memory clock, the PCI BUS speed (number of lanes)

I would suggest using your own mask and custom charset to not get confused about which passwords are tested and to really tell hashcat what you want to run in your specific situation, e.g.

Code:
hashcat64.exe -m 2500 -a 3 -w 4 --custom-charset1 ?l?u?d --increment --increment-min 8 C:\hccapx\test.hccapx ?1?1?1?1?1?1?1?1?1

the --custom-charset1 means that you want to combine several character sets into a new one, in this case all lower case letters (?l), plus all upper-case letters (?u) and all numbers (?d). The ?1?1?1?1?1?1?1?1?1 is the actual mask and says that the maximum length of the passwords should be 9 (because we have 9 times ?1) and that at each position the custom charset defined by --custom-charset1 (or short -1, think of "minus one" not the letter L) is used.
Masks can also be very different like using more custom charset and using fixed chars (and example is: ?1?1?1?3?3ABC?d?d, here "ABC" is a constant/fixed substring and this mask also uses ?d directly at position 9 and 10 of the password.... the mask is always positional... each position must have it's charset or constant/fixed chars)

BTW: all these details are also explained in the Wiki/FAQ (and several things even in the --help output), see for instance: https://hashcat.net/wiki/doku.php?id=mask_attack
Reply
#3

Thank you very much for the explanation, now I understand everything.
Reply