ethereum scrypt
#1
I understand scrypt is gpu-resistant, so what is the ideal brute force scenario that is feasible for cracking scrypt? Is it possible to use multiple cpu cores to speed up the effort? Is there an ideal cpu that yields maximum h/s? At this point I've exhausted all other options and need to brute force 6 chars.
Reply
#2
You can use your cpu and gpu together.
Send the hash to service and see how much they want.

Post the hash at another cracking forum and add bounty for it.
Reply
#3
in general, you shouldn't send these types of hashes to anybody, because the hash line itself contains sensitive data... this is especially true for several cryptocurrency "hashes".
Reply
#4
(07-27-2020, 08:37 AM)philsmd Wrote: you shouldn't send these types of hashes (...) especially true for several cryptocurrency "hashes".

Could you let us know which 'hashes' are send-able and those which are not ? All ? What about bitcoin/litecoin hashes (mode 11300) ?
Thanks!
Reply
#5
unfortunately, there is no complete list.

The problem in most cases isn't the hash format, but the algorithm that needs the "encrypted data" to make it possible to verify if the password is correct (i.e. the encrypted data is needed to check if the key derivation function generated the correct key to correctly decrypt the data... this data sometimes has directly to do with cryptocurrency addresses and private keys etc).

JTR also tried to focus on not revealing too much data (but it's difficult): https://github.com/magnumripper/JohnTheR...ssues/3139 . We also sometimes/often rely on the JTR xxx2john tools, because in most of the cases it doesn't make sense to reinvent the wheel and create yet another tool just for extracting the hash lines.
Reply
#6
(07-27-2020, 03:17 AM)enervate Wrote: I understand scrypt is gpu-resistant, so what is the ideal brute force scenario that is feasible for cracking scrypt? Is it possible to use multiple cpu cores to speed up the effort? Is there an ideal cpu that yields maximum h/s? At this point I've exhausted all other options and need to brute force 6 chars.

GPU, FPGA and even ASIC resistance is relative, this guy was able to reduce the amount of used memory 16 000 times , for the cost of operations count by loop unrolling.  It sounds like maybe current scrypt ASIC hashboards on the market with TSMC chips are capable to hash also high N scrypt parameters with a tuned controller :-)  So this could be the reason, why I would prefer Argon2 for key derivation function nowadays.  

"Using those values, we can compute the total amount of memory required as
128 \* r \* N + 128 \* r \* p
, which in this case be approximately 16mb.

Using the attack described above, we could reduce that total amount to a little bit over
128 \* r \* p
, which would be in this case 1kb."

https://blog.ircmaxell.com/2014/03/why-i...crypt.html
Reply
#7
@enervate

Which haschat-algo is important for you?
If you want, i can run a benchmark CPU+GPU with my Threadripper3970x+RTX3080.
Reply
#8
(10-14-2020, 10:43 AM)Sondero Wrote: @enervate

Which haschat-algo is important for you?
If you want, i can run a benchmark CPU+GPU with my Threadripper3970x+RTX3080.

15700 Mode (Ethereum)
Reply
#9
Quote:hashcat -b -D1,2 -m15700
hashcat (v6.1.1) starting in benchmark mode...

Benchmarking uses hand-optimized kernel code by default.
You can use it in your cracking session by setting the -O option.
Note: Using optimized kernel code limits the maximum supported password length.
To disable the optimized kernel code in benchmark mode, use the -w option.

Kernel ./OpenCL/m15700-optimized.cl:
Optimized kernel requested but not needed - falling back to pure kernel

* Device #1: CUDA SDK Toolkit installation NOT detected.
            CUDA SDK Toolkit installation required for proper device support and utilization
            Falling back to OpenCL Runtime

* Device #1: WARNING! Kernel exec timeout is not disabled.
            This may cause "CL_OUT_OF_RESOURCES" or related errors.
            To disable the timeout, see: https://hashcat.net/q/timeoutpatch
OpenCL API (OpenCL 1.2 CUDA 11.1.96) - Platform #1 [NVIDIA Corporation]
=======================================================================
* Device #1: GeForce RTX 3080, 9088/10240 MB (2560 MB allocatable), 68MCU

OpenCL API (OpenCL 2.1 WINDOWS) - Platform #2 [Intel(R) Corporation]
====================================================================
* Device #2: AMD Ryzen Threadripper 3970X 32-Core Processor, 65344/65408 MB (16352 MB allocatable), 64MCU

Benchmark relevant options:
===========================
* --opencl-device-types=1,2
* --optimized-kernel-enable

Hashmode: 15700 - Ethereum Wallet, SCRYPT (Iterations: 1)

Speed.#1.........:        2 H/s (35948.72ms) @ Accel:1 Loops:1 Thr:1 Vec:1
Speed.#2.........:      47 H/s (1359.66ms) @ Accel:1 Loops:1 Thr:1 Vec:1
Speed.#*.........:      49 H/s

Started: Fri Oct 16 17:45:59 2020
Stopped: Fri Oct 16 17:47:08 2020
Reply