-
Notifications
You must be signed in to change notification settings - Fork 2.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reuse PBKDF2 intermediate keys if duplicate essid is detected not working on large hccap's #955
Comments
I need the .hccap you're using to reproduce locally |
OK, I got the file. Now I need one example of a duplicate which is not detected as duplicate. Please name me one. |
Send you a pm....... |
Candidates.#1....: ~!@#$%^&* -> ZZZZZZZZZZ |
So all founds on the same essid must be in a row....... |
Yeah I think I found the root problem. Need to think about a good solution. Prepare for testing :) |
It works on small hccap's < 100 |
Right now, I do a presort on the essid and run hashcat on this presorted hccap's. |
Maybe the idea of sorting by length of essid is not a good idea. |
OK, I've patched hashcat. There's also a new beta at https://hashcat.net/beta/ In an ideal world, the output of your file should look like this:
That is because your file has 11993 handshakes with the same ESSID. Now the problem is that there's a chance that some of those handshakes have the same ESSID, but they are actually from a different AP. There's no way for hashcat to know about this. Therefore we must check all the handshakes, even if they have the same ESSID. But we can still make use of the duplicate ESSID shortcut. I've patched hashcat, so don't get confused if you see this loading screen instead:
It will still make use of the duplicate PBKDF2 shortcut. You can find out if you meassure the time it takes to process a full wordlist. Simply ignore what the "Time.Estimated" in the status screen tells you. |
Well done. Now everything works like expected. |
Reuse PBKDF2 intermediate keys if duplicate essid is detected is not working on large hccap's
Session..........: hashcat
Status...........: Running
Hash.Type........: WPA/WPA2
Hash.Target......: test.hccap
Time.Started.....: Sat Jan 7 10:57:24 2017 (1 hour, 40 mins)
Time.Estimated...: Sat Jan 7 14:39:11 2017 (2 hours, 1 min)
Input.Base.......: File (testlist)
Input.Queue......: 1/1 (100.00%)
Speed.Dev.#1.....: 156.3 kH/s (4.91ms)
Recovered........: 252/85743 (0.29%) Digests, 245/83842 (0.29%) Salts
Recovered/Time...: CUR:2,166,N/A AVG:2,151,3624 (Min,Hour,Day)
Progress.........: 945155872/2086240486 (45.30%)
Rejected.........: 0/945155872 (0.00%)
Restore.Point....: 0/24883 (0.00%)
Candidates.#1....: ~!@#$%^&* -> Tr1angle
HWMon.Dev.#1.....: Temp: 75c Fan: 59% Util: 99% Core:1277Mhz Mem:3004Mhz Lanes:16
Speed must be much faster, because there are many, many duplicate essid's in the hccap.
It's also seen in the output:
ESSID1:xxxxxxxxxxxx:yyyyyyyyyyyy:password1
ESSID1:xxxxxxxxxxxx:yyyyyyyyyyyy:password2
ESSID1:xxxxxxxxxxxx:yyyyyyyyyyyy:password3
ESSID2:xxxxxxxxxxxx:yyyyyyyyyyyy:anotherpassword
ESSID1:xxxxxxxxxxxx:yyyyyyyyyyyy:password4
ESSID1:xxxxxxxxxxxx:yyyyyyyyyyyy:password5
ESSID3:xxxxxxxxxxxx:yyyyyyyyyyyy:anotherpassword
ESSID4:xxxxxxxxxxxx:yyyyyyyyyyyy:anotherpassword
ESSID1:xxxxxxxxxxxx:yyyyyyyyyyyy:password5
Best regards
ZerBea
The text was updated successfully, but these errors were encountered: