New Attack-Mode: Association Attack
(10-01-2020, 06:43 PM)ciccio17 Wrote:

This attack mode is specifically designed for large salted hash lists. It doesn't make sense with single hashes.
to see an example in action, in the same video
Have tryed on bcrypt this Association Attack, 0% recovered. did i did something wrong?
Have split usernames in 1 file called wordlist.txt and hashes in another called EPWhashes.txt

Or it could be that all salts are random and has nothing to do with the usernames? I have also 
seperate emails with every hash. Shall i try emails instead of usernames as a salt hint or there is no chance to improve speed? trying straight on bcrypt but it shows 66years to be finished with because i have only 1 GPU 1080TI 11gb

Session..........: hashcat
Status...........: Exhausted
Hash.Name........: bcrypt $2*$, Blowfish (Unix)
Hash.Target......: ./UPWhashes.txt
Time.Started.....: Fri Jan 08 11:30:36 2021 (4 mins, 10 secs)
Time.Estimated...: Fri Jan 08 11:34:46 2021 (0 secs)
Guess.Base.......: File (./wordlist.txt)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:      422 H/s (161.48ms) @ Accel:8 Loops:32 Thr:11 Vec:1
Recovered........: 0/105330 (0.00%) Digests, 0/105330 (0.00%) Salts
Remaining........: 105330 (100.00%) Digests, 105330 (100.00%) Salts
Recovered/Time...: CUR:0,N/A,N/A AVG:0,0,0 (Min,Hour,Day)
Progress.........: 210659/105330 (200.00%)
Rejected.........: 105330/210659 (50.00%)
Restore.Point....: 105330/105330 (100.00%)
Test your attack against a known set of bcrypt hashes and their plains. Once that's working, you'll know that your method is correct.
Can confirm that on optimized kernels I get erros as well
clEnqueueWriteBuffer(): CL_OUT_OF_RESOURCES
clWaitForEvents(): CL_UNKNOWN_ERROR
clEnqueueReadBuffer(): CL_OUT_OF_RESOURCES

This wouldn't be a problem but -m 2711 doesn't have a pure kernel only optimized.
Is there a fix for it or does it have to do on how you build hashcat ? 

msys build < error
wsl build < error
what about the idea to use the
option to trigger this attack to do the (at least now) needed manual splitting on the fly?

so instead of using 2 separate files you can stick to the already there [user:pwConfusedalt] style of files, for which this attack was made for / is targeted at
Is potfile support?
(01-26-2022, 07:51 AM)pokosima1999 Wrote: Is potfile support?

dont know what you mean, but in the potfile the standard

hash : [salt] : plain

is stored
Hello i guess that the password is only 11 digit what i must write to check only 11 digit not passed to 8.9.10 digit only 11 like digits like crunch
If someone is interested: Association attack on hash mode 22000

$ cat hashfile.hc22000 | awk 'BEGIN { FS = "*" } ; {print "$HEX[" $6 "]" }' > essid.list
$ hashcat -m 22000 -o founds -a9 hashfile.hc22000 test.list

on ESSID with rules:
$ cat hashfile.hc22000 | awk 'BEGIN { FS = "*" } ; {print "$HEX[" $6 "]" }' > essid.list
$ hashcat -m 22000 -r rockyou-30000.rule -o founds -a9 hashfile.hc22000 test.list

$ cat hashfile.hc22000 | awk 'BEGIN { FS = "*" } ; {print $4 }' > macap.list
$ hashcat -m 22000 -o founds -a9 hashfile.hc22000 macap.list

Outfile (-o) should be used because there are no entries in the potfile (up to actual git head: hashcat v6.2.5-165-gb44495846)