oclHashcat (old version)

Note: all versions of oclHashcat have been replaced by a unified OpenCL CPU/GPU version, now known simply as hashcat.

Description

oclHashcat is a GPGPU-based multi-hash cracker using a combinator attack.

Note: this is the old deprecated version of oclHashcat up to version 0.26, see oclHashcat for newer version.

Current Version

Current Version is 0.26.

Resources

Screenshot

Background

Before oclHashcat, there was only the CPU-based hashcat version from the hashcat family. However, when hashcat was written there were already GPU crackers like EGB, CUDA-Multiforcer, IGHASHGPU or BarsWF. In terms of cracking performance, they totally owned hashcat. However they were not faster than hashcat in terms of how fast they could crack a hash. That is the big difference. Since these tools all used Brute-Force attack, it was nearly impossible for them to crack a 12-character long password. That is why the most efficient method of cracking passwords is dictionary-based. None of the GPU crackers were able to handle dictionary-based attacks.

After reviewing some sites/forums/blogs etc. to find out why there is no GPU cracker using dictionaries, it quickly turned out that they can not run efficiently because of the slow PCI-E transfer rates. That does sound logical (at least for the fast algorithms), but no one wanted to do a simple dictionary attack. Hashcat already handled that very well.

Dictionary-based does not always mean a dictionary attack. There is much more to it, like rule-based attack, toggle-case attack or combinator attack. Unlike a simple dictionary attack, these advanced-attack versions should run efficiently on a GPU program. That is because they can mutate the base words on the kernel and because of this, there is no need to execute slow PCI-E transfers.

After some weeks of effort, the first engine worked. It was capable of doing a combinator attack. This first version was written as a simple proof-of-concept version that shows how to efficiently use GPUs for dictionary-based attacks and was called “Combination-CUDA”. A video can be watched here: http://www.youtube.com/watch?v=cCD65oWts5I. This program was very limited. For example, it only supported NVidia GPUs, no Multi-GPU setup and could crack MD5 only.

The next step was to write a real program bundling all the experience gained from hashcat and combination-cuda development. This approach was called “hashcat+” (NOTE: not oclHashcat+), but it was never released to the public. The reason for this was that during the development of hashcat+ a new version of OpenCL was released by the Khronos Group. The cool thing about OpenCL is that it supported both NVidia and ATI/AMD cards. Actually both vendors added an OpenCL runtime to their drivers/SDK. To utilize it, it was neccessary to rewrite hashcat+ from scratch, since it was made for CUDA, not OpenCL. This new program was called “oclHashcat”.

With the release of oclHashcat the limitations of combination-CUDA have been eliminated.

The first official Combination-CUDA release was v0.01, released on 05.02.2010.

The first official oclHashcat release was v0.18, released on 01.05.2010.

Options

Usage: oclHashcat [options] hashlist dict_left|mask_left dict_right|mask_right

Startup:
  -V,  --version             print version
  -h,  --help                print help
       --eula                print eula

Logging and Files:
       --quiet               suppress output
  -o,  --outfile=FILE        outfile for recovered hash
       --outfile-format=NUM  0 = hash:pass
                             1 = hash:hex_pass
                             2 = hash:pass:hex_pass
       --remove              enable remove of hash from hashlist once it is cracked
  -e,  --salt-file=FILE      salts-file for unsalted hashlists

Session:
       --runtime=NUM         automatically abort session after NUM seconds

Misc:
       --hex-salt            assume salt is given in hex
       --hex-charset         assume charset is given in hex

Resources:
       --gpu-async           use non-blocking async calls (NVidia only)
  -d,  --gpu-devices=STR     CUDA devices to use, seperate with comma
  -n,  --gpu-accel=NUM       workload tuning: 1, 8, 40, 80, 160, 400 or 800
       --gpu-loops=NUM       workload fine-tuning if -n is not precise enough
       --gpu-watchdog=NUM    automatically abort session at NUM celsius

Built-in charsets:

  ?l = abcdefghijklmnopqrstuvwxyz
  ?u = ABCDEFGHIJKLMNOPQRSTUVWXYZ
  ?d = 0123456789
  ?s =  !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~
  ?h = 8 bit characters from 0xc0 - 0xff
  ?D = 8 bit characters from german alphabet
  ?F = 8 bit characters from french alphabet
  ?R = 8 bit characters from russian alphabet

Custom charsets:
  -1,  --custom-charset1=CS  user-definable charsets
  -2,  --custom-charset2=CS  example:
  -3,  --custom-charset3=CS  --custom-charset1=?dabcdef
  -4,  --custom-charset4=CS  sets charset ?1 to 0123456789abcdef

Attack options:
       --increment           enable increment mode
  -j,  --rule-left=RULE      rule applied to each word from left dict
  -k,  --rule-right=RULE     rule applied to each word from right dict

Hash types:
  -m,  --hash-type=NUM       number correlates to hash-type

    0 = MD5
    1 = md5($pass.$salt)
    2 = md5($salt.$pass)
    3 = md5(md5($pass))
    5 = vBulletin < v3.8.5
  100 = SHA1
  101 = sha1($pass.$salt)
  102 = sha1($salt.$pass)
  300 = MySQL > v4.1
  900 = MD4
 1000 = NTLM
 1100 = Domain Cached Credentials
 1400 = SHA256

Default Values

Attribute Value Note
--version false
--help false
--eula false
--quiet false
--outfile NULL
--outfile-format 0
--remove false
--salt-file NULL
--runtime 0
--hex-salt false
--hex-charset false
--gpu-async false
--gpu-devices NULL
--gpu-accel 0
--gpu-loops 128
--gpu-watchdog 90
--custom-charset1 NULL
--custom-charset2 NULL
--custom-charset3 NULL
--custom-charset4 NULL
--increment false
--rule-left :
--rule-right :
--hash-type 0

NOTE: A value “0” or “NULL” can mean undefined, unlimited or all.

Supported algorithms and supported password plaintext lengths

Hash-Type minimum length maximum length Note
MD5 2 15
md5($pass.$salt) 2 15 1
md5($salt.$pass) 2 15 1
md5(md5($pass)) 2 15
vBulletin < v3.8.5 2 15
SHA1 2 15
sha1($pass.$salt) 2 15 1
sha1($salt.$pass) 2 15 1
MySQL > v4.1 2 15
MD4 2 15
NTLM 2 14 3
Domain Cached Credentials 2 14 3, 2
SHA256 2 15
  • 1 Indicates that the maximum length for salt is 31.
  • 2 Indicates that the maximum length for salt is 15.
  • 3 Indicates that the maximum length for password (per side) is 7.

Supported attack modes, direct

Performance

Please use the reference at homepage to get latest benchmarks.

Limitations

  • There are no “rule-files” possible since the rules are applied in the loading-phase. Only one rule per side.
  • Rules can not apply on masks.

Future Plans

  • None