New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
--left behavior on binary hashfiles with several hashes #2424
Comments
It seems that So, what would be the best strategy to patch this EOL addition? One variant would be to accumulate a larger buffer with all the hashes in |
Thanks for the problem report. much appreciated. I can confirm it ! I think this is quite a rare situation when users use --left with binary hash types, but of course we should either support it or not allow it (and I think it was also allowed in the past, so we SHOULD fix it, I guess). The problem as far as I just found out having a glance at the current source code is that the newline is always added here: Line 394 in d9e54cd
(i.e. in the function main_potfile_hash_left from the file src/main.c )
so the problem is not only the A simple fix like this would remove the newline in the case of a binary hash file:
but the problem is that we should really try to find a good/clean solution... and therefore we should decide if Therefore, I think we need a little bit of help/confirmation from @jsteube here.... for instance what I'm wondering is why we have this code section: Lines 1016 to 1025 in d9e54cd
to me this means that in case of a binary hash format that has and uses the Line 1086 in d9e54cd
IF and ONLY IF the format is not a binary hash format ? So again, there is this question about who is responsible for the newline-add-logic ? The caller (and in this case at the same time the functions implementing the hashcat API) itself or the internal hashcat function responsible for the the potfile handling Thanks again |
Considering binary hash formats, there is another problem:
It seems that this module misses the custom I've searched through modules and found that only the following have a custom
So it seems to me that currently this problem only affects -m 2500/2501 - for other binary hashes the binary output is just not supported. The case with PMKID is rather strange - the hashes are non-binary (both the input format and the --left output), but the modules contain a custom RE: usage of --left for binary hashes: I'm currently using this for an automated distributed cracking management setup as a distributed substitute for --remove (i.e. a node runs a wordlist on a hashfile, updates a centralized potfile as a result, and after that the central server makes a new hashfile with uncracked hashes using --left, which is then ready to be send to other rounds of cracking). |
fixes #2424: only print EOL in case of non-binary hash file
Thank you! |
Hashcat's
--left
flag prints the not-yet-cracked hashes from the input file. For binary hashfile formats (e.g. WPA2 -m 2500 .hccapx files) it correctly outputs binary data so that it can be fed back to hashcat again.But the
potfile_handle_left
function that does this does not take into account that for binary hashfiles with multiple hashes they should not be delimited by a newline. E.g. if you want to combine two hccapx files you just concatenate them.This results in the following. If you have a combined .hccapx input hashfile with two handshakes for different networks, the output of --left will be a file with the two handshakes separated by a newline.
When this file is later fed to hashcat, it will only recognise and load the first handshake.
So, the solution might be to either skip the newline output when handling --left for binary hash types or to make hashcat's input parsing more tolerant by allowing an additional newline between handshakes (though this potentially will have to be applied to all binary hash types).
The text was updated successfully, but these errors were encountered: