search

hashtopolis / server

Hashtopolis - distributed password cracking with Hashcat
GNU General Public License v3.0
1.46k stars 223 forks source link

[BUG]: hc22000 cracks sent but not saved on the server #1041

Open kanevbg opened 10 months ago

kanevbg commented 10 months ago

Version Information

0.14.1 (commit 375f2ce)

Hashcat

6.2.6

Description

That is the relevant debug log from the agent:

{'action': 'sendProgress', 'token': 'Hhyf1CU1rq', 'chunkId': 101, 'keyspaceProgress': 1179648, 'relativeProgress': 1189, 'speed': 468168, 'state': 5, 'cracks': [['3292a8c90f3530a1b838379e0cb42f41:ac15a25034ce:c2b098531c41:wirelesswifi24g:01010101:3031303130313031:12130011'], ['ae094df1c84495c7334b6f0ea2d666b5:ac15a25034ce:44cb8b846f4c:wirelesswifi24g:01010101:3031303130313031:12130011']], 'gpuTemp': [59], 'gpuUtil': [99], 'cpuUtil': [52.3]}
http://hashtopolis-server.local:8080 "POST /api/server.php HTTP/1.1" 200 80
b'{"action":"sendProgress","response":"SUCCESS","cracked":0,"skipped":2,"zaps":[]}'
Progress: 11.89% Speed: 468.17kH/s Cracks: 2 Accepted: 0 Skips: 2 Zaps: 0
finished chunk
{'action': 'checkClientVersion', 'token': 'Hhyf1CU1rq', 'version': '0.7.1.2', 'type': 'python'}
http://hashtopolis-server.local:8080 "POST /api/server.php HTTP/1.1" 200 67
b'{"action":"checkClientVersion","response":"SUCCESS","version":"OK"}'
Client is up-to-date!
{'action': 'downloadBinary', 'token': 'Hhyf1CU1rq', 'type': 'cracker', 'binaryVersionId': 1}
http://hashtopolis-server.local:8080 "POST /api/server.php HTTP/1.1" 200 147
b'{"action":"downloadBinary","response":"SUCCESS","url":"https:\\/\\/hashcat.net\\/files\\/hashcat-6.2.6.7z","name":"hashcat","executable":"hashcat.exe"}'
{'action': 'getChunk', 'token': 'Hhyf1CU1rq', 'taskId': 21}
http://hashtopolis-server.local:8080 "POST /api/server.php HTTP/1.1" 200 87
b'{"action":"getChunk","response":"ERROR","message":"You are not assigned to this task!"}'
Getting of chunk failed: {'action': 'getChunk', 'response': 'ERROR', 'message': 'You are not assigned to this task!'}
{'action': 'getTask', 'token': 'Hhyf1CU1rq'}
http://hashtopolis-server.local:8080 "POST /api/server.php HTTP/1.1" 200 94
b'{"action":"getTask","response":"SUCCESS","taskId":null,"reason":"No suitable task available!"}'
No task available!

The .out file is saved right to the hashlist file. That seems to be a parsing/saving bug on the server side. It has marked that the chunk is cracked, but the cracks data is missing in the hashlist. See:

The chunk: image

The task (still seems like non-complete) image

And the hashlist: image

It should be easily reproducible by using the agent debug log.

EDIT: here is the hc22000 hashlist source file: wirelesswifi24g.zip

dayt0n commented 8 months ago

I also have this issue. In my case, I am cracking a PMKID hash where the chunk says it was cracked, but the hashlist/task is never updated to reveal that.

thedarst commented 7 months ago

I am having the same issue with NTLM hashes. The agent debug output shows hashes and their cleartexts being sent to the server, and they are correctly shown in the hashlists .out files for the completed tasks, but the server shows no hashes were cracked. Running hashcat 6.2.5 and the current built of hashtopolis server and python agent.

image

image

image

kanevbg commented 7 months ago

I have people in place to put effort for PR fix, but we are willing to hear some internal directions before that, in order to ensure properly invested time.