search

hashcat / hashcat

World's fastest and most advanced password recovery utility
https://hashcat.net/hashcat/
21.31k stars 2.91k forks source link

Scrypt bug? #150

Closed Zyntax3rror closed 8 years ago

Zyntax3rror commented 8 years ago

Using a GTX 750 Ti (no overclocking); a hash created with parameters SCRYPT:512:16:1 oclHashcat(2.10beta) fails finding the correct password (is in dictionary), hashcat (v2) does find the password (same hash used)

(only 3 words was used in my test dictionary, one of them is the correct password)

Zyntax3rror commented 8 years ago

2

Could be related to the above problem Forcing the CPU to do the work fails too(used version 2.10b64) (I used a litecoin hash for the CPU (but this time I used my other computer)) (hashcat is one of the words in the dictionary)

oclHashcat64.exe -m 8900 test1024c.hash example.dict --opencl-device-types 1

Device #1: Intel(R) Core(TM) i7-3770S CPU @ 3.10GHz, 8113/32452 MB alloca table, 3100Mhz, 8MCU Device #2: Intel(R) HD Graphics 4000, skipped

Session.Name...: oclHashcat Status.........: Exhausted Input.Mode.....: File (example.dict) Hash.Target....: SCRYPT:1024:1:1:MDIwMzMwNTQwNDQyNQ==:5FW+... Hash.Type......: scrypt Time.Started...: 0 secs Time.Estimated.: 0 secs Speed.Dev.#1...: 0 H/s Recovered......: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts Progress.......: 3/3 (100.00%) Rejected.......: 0/3 (0.00%) HWMon.GPU.#1...: N/A Util, N/A Temp, N/A Fan

Started: Sun Jan 24 14:11:51 2016 Stopped: Sun Jan 24 14:11:54 2016

Zyntax3rror commented 8 years ago

Done some further analysis (hash is hascat)

problem is that when r > 8 it fails!

OK SCRYPT:64:1:1:dGVhbWhhc2hjYXQ=====:SDYBLsXIefUhSOacrgoZE2vEdduSyl+2uU+OTD8eUD8= SCRYPT:64:2:1:dGVhbWhhc2hjYXQ=====:5b9cH8RssHn8NQ4fA+40seHscB18Smy1SCgkkUDob0E= SCRYPT:64:3:1:dGVhbWhhc2hjYXQ=====:upfDMzSsnbPyA2wlogTBrIQPJe22ZJaDShPe+yyCt9I= SCRYPT:64:4:1:dGVhbWhhc2hjYXQ=====:ECIEORXh+CMWiIyTr8d1/Diln/BR757BA7+r1HqR9Ng= SCRYPT:64:5:1:dGVhbWhhc2hjYXQ=====:jwvgTggWAyo5P0XcvJiOADHq1WEQPxLJJMMVtZIhmEQ= SCRYPT:64:6:1:dGVhbWhhc2hjYXQ=====:G8sJ0Rm9V8aU8TQFw0kV0FMwlCuqD3x211y8kW6qaxA= SCRYPT:64:7:1:dGVhbWhhc2hjYXQ=====:Pqx8f55idB8H7IMN0K4Q4j95qkvbRBsnZk+zy6IqWNU= SCRYPT:64:8:1:dGVhbWhhc2hjYXQ=====:NsBlpyfWWxdEW1tNMPbWaiNOIrE5bet44Rms48iStQ0=

FAILS (but works in hashcat (v2) for cpu) SCRYPT:64:9:1:dGVhbWhhc2hjYXQ=====:IBNEidINyjp61QoQhb9Y8oYXLtJ2WZoZN0wSL6ta7eA= SCRYPT:64:10:1:dGVhbWhhc2hjYXQ=====:Dg4kia42f4wcKIncQ3SJgoZqS9VwcjWPr9T4aqFOlh8= SCRYPT:64:11:1:dGVhbWhhc2hjYXQ=====:8oF2KntHkTwuwZKP/9ul7q7ttgGAWZYvk2akFvMFUH0= SCRYPT:64:12:1:dGVhbWhhc2hjYXQ=====:F24uymA1PihLJXWC6FAatdIpnz2daW3RtaHoC9lM7Fo= SCRYPT:64:13:1:dGVhbWhhc2hjYXQ=====:N+6OlDZ+4K+Ew0bTzvx+A4H73G1HcustCgTb4+fttSc= SCRYPT:64:14:1:dGVhbWhhc2hjYXQ=====:x1Fn+ug/J2PfbFejeOndDbnHKa8nVRFuKzPe4ZHfy6w= SCRYPT:64:15:1:dGVhbWhhc2hjYXQ=====:WO7N0gNHT6qMFN7BzjPRqj3wXpBYMEoYVKJRVkVyH+I= SCRYPT:64:16:1:dGVhbWhhc2hjYXQ=====:/6wTfDGtCuG6R/pBfVZmhHkTktEr0lg7O+e2qpGae7A= SCRYPT:64:32:1:dGVhbWhhc2hjYXQ=====:SAx6RFnHpo1OX4ZqGKAermpDpJsp0UksGkdlTjbqK3Y= SCRYPT:64:64:1:dGVhbWhhc2hjYXQ=====:TcTQSV30eLx/pgP2fm6C8g+4//gtujfURqkVoyJSjRE=

jsteube commented 8 years ago

With commit https://github.com/hashcat/oclHashcat/commit/fc1be6bb85f597e36090506f12f7df9361c081eb the bug should be fixed, here's a log.

root@sf:~/hashcat# ./hashcat -m 8900 SCRYPT:64:9:1:dGVhbWhhc2hjYXQ=====:IBNEidINyjp61QoQhb9Y8oYXLtJ2WZoZN0wSL6ta7eA= -a 3 hashca?1 -1 t -d 2 hashcat (v3.00-beta-142-g9d2c24f) starting...

Device #1: AMD FX(tm)-6100 Six-Core Processor , skipped Device #2: Hawaii, 2858/4025 MB allocatable, 44MCU Device #3: AMD FX(tm)-6100 Six-Core Processor, skipped Device #4: GeForce GTX 750 Ti, skipped Device #5: GeForce GTX 560 Ti, skipped

Hashes: 1 hashes; 1 unique digests, 1 unique salts Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates Applicable Optimizers:

SCRYPT tmto optimizer value set to: 1, mem: 103809024

ATTENTION! The wordlist or mask you are using is too small. Therefore, hashcat is unable to utilize the full parallelization power of your device(s). The cracking speed will drop. Workaround: https://hashcat.net/wiki/doku.php?id=frequently_asked_questions#how_to_create_more_work_for_full_speed

INFO: approaching final keyspace, workload adjusted

SCRYPT:64:9:1:dGVhbWhhc2hjYXQ=:IBNEidINyjp61QoQhb9Y8oYXLtJ2WZoZN0wSL6ta7eA=:hashcat

Session.Name...: hashcat Status.........: Cracked Input.Mode.....: Mask (hashca?1) [7] Hash.Target....: SCRYPT:64:9:1:dGVhbWhhc2hjYXQ=:IBNEidINyj... Hash.Type......: scrypt Time.Started...: 0 secs Speed.Dev.#2...: 0 H/s (16.68ms) Recovered......: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts Progress.......: 1/1 (100.00%) Rejected.......: 0/1 (0.00%)

Started: Mon Jun 6 00:30:50 2016 Stopped: Mon Jun 6 00:30:57 2016

Zyntax3rror commented 8 years ago

sorry but, dictionary attack is not working. Getting closer :)

Hashcat64.exe -m 8900 hash.txt example.dict hashcat (v3.00-beta-146-g106e781) starting...

Device #1: GeForce GTX 750 Ti, 512/2048 MB allocatable, 5MCU

Hashes: 1 hashes; 1 unique digests, 1 unique salts Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates Rules: 1 Applicable Optimizers:

SCRYPT tmto optimizer value set to: 2, mem: 2949120

Cache-hit dictionary stats example.dict: 28 bytes, 4 words, 4 keyspace

ATTENTION! The wordlist or mask you are using is too small. Therefore, hashcat is unable to utilize the full parallelization power of your device(s). The cracking speed will drop. Workaround: https://hashcat.net/wiki/doku.php?id=frequently_asked_questions#how_to_create_more_work_for_full_speed

INFO: approaching final keyspace, workload adjusted

Session.Name...: hashcat Status.........: Exhausted Input.Mode.....: File (example.dict) Hash.Target....: SCRYPT:64:9:1:dGVhbWhhc2hjYXQ=:IBNEidINyj... Hash.Type......: scrypt Time.Started...: 0 secs Speed.Dev.#1...: 0 H/s (15.76ms) Recovered......: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts Progress.......: 4/4 (100.00%) Rejected.......: 0/4 (0.00%)

Started: Mon Jun 06 23:11:16 2016 Stopped: Mon Jun 06 23:11:25 2016

Zyntax3rror commented 8 years ago

again (but now only for dictionary attack) r = 1 -> 8 = works r >8 fails log

hashcat (v3.00-beta-146-g106e781+) starting...

Removing duplicate hashes...

Comparing hashes with potfile entries...

Structuring salts for cracking task...

Generating bitmap tables with 16 bits...

Device #1: GeForce GTX 750 Ti, 512/2048 MB allocatable, 5MCU

Hashes: 1 hashes; 1 unique digests, 1 unique salts Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates Rules: 1 Applicable Optimizers:

Initializing device kernels and memory...

SCRYPT tmto optimizer value set to: 2, mem: 2621440

Checking for weak hashes...

Cache-hit dictionary stats example.dict: 28 bytes, 4 words, 4 keyspace

ATTENTION! The wordlist or mask you are using is too small. Therefore, hashcat is unable to utilize the full parallelization power of your device(s). The cracking speed will drop. Workaround: https://hashcat.net/wiki/doku.php?id=frequently_asked_questions#how_to_create_more_work_for_full_speed

[s]tatus [p]ause [r]esume [b]ypass [c]heckpoint [q]uit =>

INFO: approaching final keyspace, workload adjusted

[s]tatus [p]ause [r]esume [b]ypass [c]heckpoint [q]uit =>

SCRYPT:64:8:1:dGVhbWhhc2hjYXQ=:NsBlpyfWWxdEW1tNMPbWaiNOIrE5bet44Rms48iStQ0=:hashcat

Session.Name...: hashcat Status.........: Cracked Input.Mode.....: File (example.dict) Hash.Target....: SCRYPT:64:8:1:dGVhbWhhc2hjYXQ=:NsBlpyfWWx... Hash.Type......: scrypt Time.Started...: 0 secs Speed.Dev.#1...: 0 H/s (14.09ms) Recovered......: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts Progress.......: 4/4 (100.00%) Rejected.......: 0/4 (0.00%)

Started: Tue Jun 07 17:55:46 2016

Stopped: Tue Jun 07 17:55:56 2016

hashcat (v3.00-beta-146-g106e781+) starting...

Removing duplicate hashes...

Comparing hashes with potfile entries...

Structuring salts for cracking task...

Generating bitmap tables with 16 bits...

Device #1: GeForce GTX 750 Ti, 512/2048 MB allocatable, 5MCU

Hashes: 1 hashes; 1 unique digests, 1 unique salts Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates Rules: 1 Applicable Optimizers:

Initializing device kernels and memory...

SCRYPT tmto optimizer value set to: 2, mem: 2949120

Checking for weak hashes...

Cache-hit dictionary stats example.dict: 28 bytes, 4 words, 4 keyspace

ATTENTION! The wordlist or mask you are using is too small. Therefore, hashcat is unable to utilize the full parallelization power of your device(s). The cracking speed will drop. Workaround: https://hashcat.net/wiki/doku.php?id=frequently_asked_questions#how_to_create_more_work_for_full_speed

[s]tatus [p]ause [r]esume [b]ypass [c]heckpoint [q]uit =>

INFO: approaching final keyspace, workload adjusted

[s]tatus [p]ause [r]esume [b]ypass [c]heckpoint [q]uit =>

Session.Name...: hashcat Status.........: Exhausted Input.Mode.....: File (example.dict) Hash.Target....: SCRYPT:64:9:1:dGVhbWhhc2hjYXQ=:IBNEidINyj... Hash.Type......: scrypt Time.Started...: 0 secs Speed.Dev.#1...: 0 H/s (16.55ms) Recovered......: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts Progress.......: 4/4 (100.00%) Rejected.......: 0/4 (0.00%)

Started: Tue Jun 07 17:55:56 2016

Stopped: Tue Jun 07 17:56:06 2016

hashcat (v3.00-beta-146-g106e781+) starting...

Removing duplicate hashes...

Comparing hashes with potfile entries...

Structuring salts for cracking task...

Generating bitmap tables with 16 bits...

Device #1: GeForce GTX 750 Ti, 512/2048 MB allocatable, 5MCU

Hashes: 1 hashes; 1 unique digests, 1 unique salts Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates Rules: 1 Applicable Optimizers:

Initializing device kernels and memory...

SCRYPT tmto optimizer value set to: 2, mem: 3276800

Checking for weak hashes...

Cache-hit dictionary stats example.dict: 28 bytes, 4 words, 4 keyspace

ATTENTION! The wordlist or mask you are using is too small. Therefore, hashcat is unable to utilize the full parallelization power of your device(s). The cracking speed will drop. Workaround: https://hashcat.net/wiki/doku.php?id=frequently_asked_questions#how_to_create_more_work_for_full_speed

[s]tatus [p]ause [r]esume [b]ypass [c]heckpoint [q]uit =>

INFO: approaching final keyspace, workload adjusted

[s]tatus [p]ause [r]esume [b]ypass [c]heckpoint [q]uit =>

Session.Name...: hashcat Status.........: Exhausted Input.Mode.....: File (example.dict) Hash.Target....: SCRYPT:64:10:1:dGVhbWhhc2hjYXQ=:Dg4kia42f... Hash.Type......: scrypt Time.Started...: 0 secs Speed.Dev.#1...: 0 H/s (16.87ms) Recovered......: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts Progress.......: 4/4 (100.00%) Rejected.......: 0/4 (0.00%)

Started: Tue Jun 07 17:56:06 2016

Stopped: Tue Jun 07 17:56:16 2016