[ noobie :) ] Any estimates on times? I have no idea what I am doing
#1
Question 
Hi I am completely new to this stuff (I am the deathkitten here and here if you CTRL+F I am mostly an activist hehe I'm better at talking than programming Smile) Smile I just found out about this on google when I was trying to look for a way to recover password I used on a very old wordpress (v2.6) years ago - Is there any way to get an estimate of how long it can take to recover? I know it depends on whether it gets lucky or not, but like a minimum and maximum possible time kind of thing depending on the type and length etc? Has anyone made a post here or a list on the wiki of how long they generally take or anything like that? Smile

Also I was looking through the wiki at http://hashcat.net/wiki/oclhashcat_plus and I noticed that there is no bit in Default Values which says what the default value for "attack-mode" is? in
Quote:Supported attack modes, direct

Brute-Force attack
Combinator attack
Dictionary attack
Fingerprint attack
Hybrid attack
Mask attack
Permutation attack
Rule-based attack
I notice that they don't all match up with
Quote:* Attack modes:

0 = Straight
1 = Combination
3 = Brute-force
4 = Permutation
6 = Hybrid dict + mask
7 = Hybrid mask + dict
and it doesn't seem to explain which article is about which type - and even when I look at the articles about the different "attack" types they don't say what mode number they are either! Sad

I am not sure which one is the default "straight" one? I am not sure if I should use it or not or if it should be brute force since I am only trying to find one password out, not try a lot or whatever and hope that someone used a bad dictionary password, like I am guessing the dictionary thing is for?

Quote:Status.......: Running
Input.Mode...: Piped
Hash.Target..: [REDACTED]
Hash.Type....: phpass, MD5(Wordpress), MD5(phpBB3)
Time.Running.: 1 hour, 48 mins
Time.Util....: 6511468.1ms/0.0ms Real/CPU, 0.0% idle
Speed........: 0 c/s Real, 0 c/s GPU
Recovered....: 0/1 Digests, 0/1 Salts
Progress.....: 0
Rejected.....: 0
HW.Monitor.#1: 35% GPU, 43c Temp

Status.......: Running
Input.Mode...: Piped
Hash.Target..: [REDACTED]
Hash.Type....: phpass, MD5(Wordpress), MD5(phpBB3)
Time.Running.: 1 hour, 48 mins
Time.Util....: 6521481.3ms/0.0ms Real/CPU, 0.0% idle
Speed........: 0 c/s Real, 0 c/s GPU
Recovered....: 0/1 Digests, 0/1 Salts
Progress.....: 0
Rejected.....: 0
HW.Monitor.#1: 41% GPU, 43c Temp

Status.......: Running
Input.Mode...: Piped
Hash.Target..: [REDACTED]
Hash.Type....: phpass, MD5(Wordpress), MD5(phpBB3)
Time.Running.: 1 hour, 48 mins
Time.Util....: 6531494.5ms/0.0ms Real/CPU, 0.0% idle
Speed........: 0 c/s Real, 0 c/s GPU
Recovered....: 0/1 Digests, 0/1 Salts
Progress.....: 0
Rejected.....: 0
HW.Monitor.#1: 54% GPU, 43c Temp



edit: By the way the views on this forum do not work properly it adds views to the thread even if it's just me refreshing it, lol Smile
#2
you are missing a dictionary
#3
Ah thanks, is there a best one to get? Smile

Does brute force need a dictionary too, I thought that one was just it trying everything?
#4
no! read the wiki pages.
#5
Oh I have been, I linked some stuff in the first post - I can't find any dictionaries there?

The mask one seems a bit like designed if you can remember or know somehow what format the password is going to be in, than properly random

In the first post I was also saying how the wiki doesn't seem to explain which type the "straight" one is? Smile
#6
straight = dictionary plus you have the options to add rules

a good dictionary is rockyou.txt (google it)
#7
Try skullsecurity. He maintains the best list of public lists out there.
#8
>>> 62*62*62*62*62*62*62*62/(100000*3600*24*365)
69L

which mean at a speed of 100.000 c/s try to crack a 8 character long mix-alpha-numeric password will take you, if you are unlucky, 69 years and if you are extremely lucky one second. That is the conventional way of BF, if I am not very wrong.
Not to discourage you. But in my opinion such password of following examples e.g.
b$y$ucu@@nh (meaning e replaced with $ and a replaced with @), Ame6bHg, kfg1h@2g, !he"ime £oday,miluveiss$ck won't hardly be in any list.

aMt7ygDz that is a default password of plusnet, BT router, delivered within the box in February 2010, customer could change to longer, more complicate but thought not necessary. This PW won't be in any list. Test your download files with unix find/grep/fastgrep/pcregrep/awk then you will see.

4jYki3hD is a default router password within a BT delivery box my friend received 8 months ago. and hundred thousand of similar PW like them sent out every week since then for sure.

Around me are 21 networks they are all WPA2 but one WPA. Believe me their PW are not in list. Whether using rainbow table or not, super WPA dict 13 Giga, Mega dict sorted/dreamlined of 52G or not you won't find. Those conventional BF days are yesterday. That is UK today.

#9
So dictionary is pointless unless you have a very large amount of passwords and hoping one person is stupid, right?

But bruteforce is also pointless? *argh* Sad
#10
(02-29-2012, 02:34 AM)deathkitten Wrote: So dictionary is pointless unless you have a very large amount of passwords and hoping one person is stupid, right?

But bruteforce is also pointless? *argh* Sad

Absolutely not. Dictionary attacks are the best way to whittle a list down. Bruteforce is a dumb process that a long time to complete in most cases.