Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Attack succeeds with brute-force, but same attack fails with dictionary #502

Closed
Raxtod opened this issue Sep 16, 2016 · 1 comment
Closed

Attack succeeds with brute-force, but same attack fails with dictionary #502

Raxtod opened this issue Sep 16, 2016 · 1 comment

Comments

@Raxtod
Copy link

Raxtod commented Sep 16, 2016
edited

Originally posted here: https://hashcat.net/forum/thread-5882.html

An IPB/MyBB hash fails to crack using attack mode 0, but succeeds with attack mode 3. Both attacks should be using the same keyspace, yet only the brute-force method succeeds. I have placed the IPB/MyBB hash in a file called a.hash.

hashcat-3.10>more a.hash
2a43909624132cfc594118ec990467da:aaaaa

2a43909624132cfc594118ec990467da is the hash, aaaaa is the salt, and aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa (32 lowercase a's) is the solution.

When I run a brute-force attack:

hashcat-3.10>hashcat64 -a 3 -m 2811 a.hash aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
hashcat (v3.10) starting...
Hashes: 1 hashes; 1 unique digests, 1 unique salts

2a43909624132cfc594118ec990467da:aaaaa:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

Session.Name...: hashcat
Status.........: Cracked
Input.Mode.....: Mask (aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa) [32]
Hash.Target....: 2a43909624132cfc594118ec990467da:aaaaa
Hash.Type......: IPB2+, MyBB1.2+
Time.Started...: 0 secs
Speed.Dev.#2...:        0 H/s (0.02ms)
Recovered......: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts
Progress.......: 1/1 (100.00%)
Rejected.......: 0/1 (0.00%)

The attack succeeds, and the hash is cracked. Now I have placed the solution in a dictionary file called a.dict.

hashcat-3.10>more a.dict
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

Now I remove the pot file and run a dictionary attack using a.dict:

hashcat-3.10>hashcat64 -a 0 -m 2811 a.hash a.dict
hashcat (v3.10) starting...

Hashes: 1 hashes; 1 unique digests, 1 unique salts
Cache-hit dictionary stats a.dict: 33 bytes, 1 words, 1 keyspace

Session.Name...: hashcat
Status.........: Exhausted
Input.Mode.....: File (a.dict)
Hash.Target....: 2a43909624132cfc594118ec990467da:aaaaa
Hash.Type......: IPB2+, MyBB1.2+
Time.Started...: 0 secs
Speed.Dev.#2...:        0 H/s (0.02ms)
Recovered......: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.......: 1/1 (100.00%)
Rejected.......: 0/1 (0.00%)

The keyspace was not rejected, so it should have been cracked.
@jsteube
Copy link
Member

jsteube commented Oct 31, 2016

OK, should be fixed, latest beta is up in hashcat.net/beta

Rejected.......: 1/1 (100.00%)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jsteube @Raxtod