Hashcat – advanced password recovery (opens in new tab)

(hashcat.net)

160 pointsgphilip8y ago27 comments

27 comments

I made this a while back to ease the barrier to entry to Hashcat: https://github.com/brannondorsey/naive-hashcat

Not that it's that big of a barrier, but it can be somewhat daunting to new password crackers.

Or, if you want to get experimental with it, I've been working on a distributed browser password cracker here: https://github.com/brannondorsey/distributed-password-cracki.... It can be embedded in websites to borrow your visitor's CPU cycles to crack md5 hashes.Note that it is very slow in comparison to Hashcat, but its a proof-of-concept for something that I am hoping to soon add WebAssembly + WebGL GPGPU cracking to.

j_s8y ago

Smells like in-browser cryptocurrency mining! Maybe you should compare notes.

https://news.ycombinator.com/item?id=15528247

https://news.ycombinator.com/item?id=15470244

https://news.ycombinator.com/item?id=15333899

https://news.ycombinator.com/item?id=15270799

https://news.ycombinator.com/item?id=15246145 <- Show:CoinHive

https://news.ycombinator.com/item?id=15124211

(All 40+ comments within the past ~2 months)

yangl19968y ago

Used Hashcat in the Student Cluster Competition[1] of SC16 conference. There was a task where students were asked to recovery as many passwords as possible from a vault consisting of md5crypt and bcrypt hashes[2]. The performance was amazing - 8400k md5crypt per second with 2 NVIDIA K80.

I also profiled the code trying to discover possible optimizations, and found that the code has been heavily optimized. Computation and data transfer are well overlapped, so GPU utilization is pretty high. It's a really great tool.

[1] http://studentclustercompetition.us/2016/applications.html

[2] https://docs.google.com/document/d/1tXBy9-ajFtO_b8hvbuleqRbc...

lossolo8y ago

I can recommend Hashcat, used it myself for cracking bitcoin wallet using multiple GPUs. Great tool if you forget your password and it works with so many applications/file formats.

cstrat8y ago

I thought cracking a bitcoin wallet was technically beyond the limitations of today's computing power??

codefined8y ago

If you have enough of the bitcoin wallet, cracking the rest is possible with todays resources.

If he was able to crack any random bitcoin wallet, I don't think he'd be sharing it on this website.

2 more replies

wongarsu8y ago

Cracking the private key of a bitcoin address is beyond todays computing power.

I think the scenario here is that he had an encrypted wallet file that he didn't have the password for. In that case, cracking it is only as hard as the password (in other words, relatively easy if he remembers the enough about his password).

celticninja8y ago

its likely his own wallet and he had a good idea of what the password was likely to be, rather than just brute forcing a random unknown wallet.

ssijak8y ago

And I imagine if he mined bitcoin that he had enough GPU power to speed up hashcat cracking process :)

lossolo8y ago

I had encrypted wallet.dat file.

rsingla8y ago

When I was in undergraduate engineering (~3 years ago), hashcat was actually a key part of some great computer security assignments. I'm happy to see it's updated, although it was pretty solid when I had to use it!

nvusuvu8y ago

Will this work on a something like a 100 character plaintext password that was written down with 3 transcription errors? Can it try all permutations of the 100 char password changing up to 3 characters at a time?

Damogran68y ago

almost. You can write a script (language of choice) swapping out three letters at a time to create a custom dictionary...hashcat doesn't do it, the dictionary you feed it does.

TwoBit8y ago

Last time I tried Hashcat, it didn't support my 18 character password.

web0078y ago

It does now - that's one of the main features in 4.0. They rewrote the CL hash engine to work modularly, which gives up some hand-optimized speed in exchange for simpler code and longer password support. 3.x supports 16 chars, with some hashes supporting up to 32 chars. 4.x supports 256 chars across the board.

Full details at https://hashcat.net/forum/thread-6965.html

jopsen8y ago

This reminds me to move to passwordstore with a gpg key on an Yubikey.

rurban8y ago

I hope you remember that GPG keys created on a Yubikey are unsafe, due to an overly simply RSAlib implementation there for their Infinion chips.

JshWright8y ago

Keys created on _some_ Yubikeys (it's easy enough to check).

1 more reply

Gnewt8y ago

I had an affected YubiKey -- Yubico shipped out a replacement immediately. It's inconvenient if you have an old YubiKey, but the replacement process is simple.

Additionally, you can always generate GPG keys on your machine, transfer them to the YubiKey, and then delete the keys from the local machine. It depends if that's an acceptable exposure for your threat model, but for me, having the keys locally for a couple minutes is fine.

jopsen8y ago

I generated on livecd, and exported it to multiple yubikeys + backup.

That way I don't have deal with different subkeys and other complications that just makes everything hard to understand :)

kensai8y ago

I love the thermal watchdog feature!

j / k navigate · click thread line to collapse

27 comments

braxxox8y ago

I made this a while back to ease the barrier to entry to Hashcat: https://github.com/brannondorsey/naive-hashcat

Not that it's that big of a barrier, but it can be somewhat daunting to new password crackers.

braxxox8y ago

j_s8y ago

Smells like in-browser cryptocurrency mining! Maybe you should compare notes.

https://news.ycombinator.com/item?id=15528247

https://news.ycombinator.com/item?id=15470244

https://news.ycombinator.com/item?id=15333899

https://news.ycombinator.com/item?id=15270799

https://news.ycombinator.com/item?id=15246145 <- Show:CoinHive

https://news.ycombinator.com/item?id=15124211

(All 40+ comments within the past ~2 months)

yangl19968y ago

[1] http://studentclustercompetition.us/2016/applications.html

[2] https://docs.google.com/document/d/1tXBy9-ajFtO_b8hvbuleqRbc...

lossolo8y ago

I can recommend Hashcat, used it myself for cracking bitcoin wallet using multiple GPUs. Great tool if you forget your password and it works with so many applications/file formats.

cstrat8y ago

I thought cracking a bitcoin wallet was technically beyond the limitations of today's computing power??

codefined8y ago

If you have enough of the bitcoin wallet, cracking the rest is possible with todays resources.

If he was able to crack any random bitcoin wallet, I don't think he'd be sharing it on this website.

2 more replies

wongarsu8y ago

Cracking the private key of a bitcoin address is beyond todays computing power.

celticninja8y ago

its likely his own wallet and he had a good idea of what the password was likely to be, rather than just brute forcing a random unknown wallet.

ssijak8y ago

And I imagine if he mined bitcoin that he had enough GPU power to speed up hashcat cracking process :)

lossolo8y ago

I had encrypted wallet.dat file.

rsingla8y ago

nvusuvu8y ago

Damogran68y ago

almost. You can write a script (language of choice) swapping out three letters at a time to create a custom dictionary...hashcat doesn't do it, the dictionary you feed it does.

TwoBit8y ago

Last time I tried Hashcat, it didn't support my 18 character password.

web0078y ago

Full details at https://hashcat.net/forum/thread-6965.html

jopsen8y ago

This reminds me to move to passwordstore with a gpg key on an Yubikey.

rurban8y ago

I hope you remember that GPG keys created on a Yubikey are unsafe, due to an overly simply RSAlib implementation there for their Infinion chips.

JshWright8y ago

Keys created on _some_ Yubikeys (it's easy enough to check).

1 more reply

Gnewt8y ago

I had an affected YubiKey -- Yubico shipped out a replacement immediately. It's inconvenient if you have an old YubiKey, but the replacement process is simple.

jopsen8y ago

I generated on livecd, and exported it to multiple yubikeys + backup.

That way I don't have deal with different subkeys and other complications that just makes everything hard to understand :)

kensai8y ago

I love the thermal watchdog feature!

j / k navigate · click thread line to collapse