New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Kernel 3710 optimised not working.. see #1571 #1711

Closed
yamahoto opened this Issue Oct 3, 2018 · 3 comments

Comments

Projects
None yet
2 participants
@yamahoto

yamahoto commented Oct 3, 2018

Feel free to reopen older thread and delete that one if needed.
So, about #1571

Sorry for delay in answer, havent looked at that project before now. I just retried and effectively, problem still same with hashcat 4.2.1 64 bits windows.
Non-optimised Worked and Optimised didn't.

Try your: ./hashcat -m 3710 --quiet hash word --potfile-disable -O
WITH:
42a5fb96fa75bb55c519678441306c88:98c00872f8e1c1e61fe9b956f55c944e ( Sakamoto )
194816eedfcd66859e3f1e057dd01d17:0a93f38bed8e3d7265954e965393ee22 ( BERKELEY )
584820a9c6c809d49760856d39e52b6c:64288bcdb9cc8efecf048471ecab2e4a ( dookie69 )

@philsmd

This comment has been minimized.

Show comment
Hide comment
@philsmd

philsmd Oct 12, 2018

Member

what's your hardware and driver ?
Do you see any warnings when launching hashcat ? (self test warnings?)

Member

philsmd commented Oct 12, 2018

what's your hardware and driver ?
Do you see any warnings when launching hashcat ? (self test warnings?)

@philsmd

This comment has been minimized.

Show comment
Hide comment
@philsmd

philsmd Oct 12, 2018

Member

Well, I didn't really look carefully at the hashes you posted.
You are using salts that are 32 characters long.

That's too long for the optimized -m 3710 = md5($salt.md5($pass)) , since as you can see we need to combine the 32 bytes of (hex) digest of the md5 ($pass) with the salt, which is more than 1 md5 transformation because of 32 (digest of md5 ($pass) + 32 salt > max bytes 55 for a MD5 transformation.

I agree that this should be more obvious and we should reject those hashes (and only allow running them without -O ). This should be fixed in code (i.e. give a warning that salts greater than 55-32 = 23 can't be run with -m 3710 -O).

This problem could also affect other hash types, therefore I recommend that we should implement this -O hash rejection with other hash types too.

Member

philsmd commented Oct 12, 2018

Well, I didn't really look carefully at the hashes you posted.
You are using salts that are 32 characters long.

That's too long for the optimized -m 3710 = md5($salt.md5($pass)) , since as you can see we need to combine the 32 bytes of (hex) digest of the md5 ($pass) with the salt, which is more than 1 md5 transformation because of 32 (digest of md5 ($pass) + 32 salt > max bytes 55 for a MD5 transformation.

I agree that this should be more obvious and we should reject those hashes (and only allow running them without -O ). This should be fixed in code (i.e. give a warning that salts greater than 55-32 = 23 can't be run with -m 3710 -O).

This problem could also affect other hash types, therefore I recommend that we should implement this -O hash rejection with other hash types too.

@yamahoto

This comment has been minimized.

Show comment
Hide comment
@yamahoto

yamahoto Oct 12, 2018

Noted, thanks

yamahoto commented Oct 12, 2018

Noted, thanks

@yamahoto yamahoto closed this Oct 12, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment