Hashcat Rules and Multibit HD Hash
#1
Hello,

Can Hashcat crack a single Multibit HD (scrypt) hash placed in my hashes.txt file like this:

$multibit$2*32characters*32characters*32characters

then run:
hashcat -m 22700 -a 3 hashes.txt rockyou.txt

What I'm getting at is it better for Hashcat to have some hashes already cracked that are mulitibit Hd to be able to crack the unknown hash or does it not matter?  I guess I don't understand how Hashcat "figures out" that a particular password it tries, matches the unknown hash.

Also, does anyone know how to write a rule for excluding only numbers in the rockyou.txt file?  For example, I don't want Hashcat to check passwords like 123456 or 654321 or any other number only combination passwords.  However, things like 123password or password123 are ok to be checked.  By the way, does anyone have experience cracking a multibit HD hash?  If so, what are the best rules for a human created password?  So far, no matter what I put for the command line for Hashcat with rules, rockyou.txt, etc., it's years to crack the hash! Of course, my machine is weak so I'm sure that has something to do with it.
Reply
#2
-a 3 is mask attack ("brute-force").

This makes no sense with a dictionary like rockyou.txt. For dictionary attacks you need to use -a 0 (word lists).
Reply
#3
Yes, I typed that wrong... I use -a 0 for rockyou.txt
Reply
#4
no previous cracks needed, although it would make sense to try crack the example hash from https://hashcat.net/wiki/example_hashes just to make sure everything is working correctly (you could either just put the word in a new dictionary file, or create a dictionary with a few dozens of words of which one is the correct one).

If you have a dictionary file for which you know a lot of passwords won't be the correct ones, you could just filter / modify it externally with something like "grep" (linux, there are many windows equivalents). Create a new filtered dict and use it in hashcat instead of the original one.

Cracking shouldn't be a problem for MultiBit and yeah I tested some examples, but not very long "realistic" runs unfortunately. Maybe others did, I'm pretty sure about that.

MultiBit HD uses scrypt, so you should probably test with your CPU instead of a GPU. A very performant modern Intel CPU (i9 ?) or even a very new AMD Ryzen processor could be faster (but this depends a lot of how many GPUs you have etc... normally you could put much more GPUs on your motherboard than CPUs, there are exceptions of course).

To improve the speed (at least a little bit) you could/should also use -w 3 or even -w 4 command line options (see --help).

Good luck
Reply