New Attack-Mode: Association Attack
#21
(10-01-2020, 06:43 PM)ciccio17 Wrote:

This attack mode is specifically designed for large salted hash lists. It doesn't make sense with single hashes.
Reply
#22
to see an example in action, in the same video
Reply
#23
Have tryed on bcrypt this Association Attack, 0% recovered. did i did something wrong?
Have split usernames in 1 file called wordlist.txt and hashes in another called EPWhashes.txt

Or it could be that all salts are random and has nothing to do with the usernames? I have also 
seperate emails with every hash. Shall i try emails instead of usernames as a salt hint or there is no chance to improve speed? trying straight on bcrypt but it shows 66years to be finished with because i have only 1 GPU 1080TI 11gb


Session..........: hashcat
Status...........: Exhausted
Hash.Name........: bcrypt $2*$, Blowfish (Unix)
Hash.Target......: ./UPWhashes.txt
Time.Started.....: Fri Jan 08 11:30:36 2021 (4 mins, 10 secs)
Time.Estimated...: Fri Jan 08 11:34:46 2021 (0 secs)
Guess.Base.......: File (./wordlist.txt)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:      422 H/s (161.48ms) @ Accel:8 Loops:32 Thr:11 Vec:1
Recovered........: 0/105330 (0.00%) Digests, 0/105330 (0.00%) Salts
Remaining........: 105330 (100.00%) Digests, 105330 (100.00%) Salts
Recovered/Time...: CUR:0,N/A,N/A AVG:0,0,0 (Min,Hour,Day)
Progress.........: 210659/105330 (200.00%)
Rejected.........: 105330/210659 (50.00%)
Restore.Point....: 105330/105330 (100.00%)
Reply
#24
Test your attack against a known set of bcrypt hashes and their plains. Once that's working, you'll know that your method is correct.
~
Reply
#25
Can confirm that on optimized kernels I get erros as well
clEnqueueWriteBuffer(): CL_OUT_OF_RESOURCES
clWaitForEvents(): CL_UNKNOWN_ERROR
clEnqueueReadBuffer(): CL_OUT_OF_RESOURCES

This wouldn't be a problem but -m 2711 doesn't have a pure kernel only optimized.
Is there a fix for it or does it have to do on how you build hashcat ? 

msys build < error
wsl build < error
Reply
#26
what about the idea to use the
--username
option to trigger this attack to do the (at least now) needed manual splitting on the fly?

so instead of using 2 separate files you can stick to the already there [user:pwConfusedalt] style of files, for which this attack was made for / is targeted at
Reply