Hash cracking with oclHashCat

I have been using oclHashCat now for a few years, and it’s my hash cracker of choice at the moment (the previous one was ighashgpu).

I have a lot of hashes laying around that I want to try and break, but I usually don’t have time to dedicate my machine to doing only that, and so I have decided to add 2 new graphic cards to my server to enable it to crack hashes for a longer time for me, without me having to stop what I’m doing on the other machine.

The card I have ordered is “GIGABYTE RADEON HD7970“, which I have read to be really good for using with hashcat. When the card arrives I’ll take some pictures and screenshots of the results and post it, but for now I’ll just prepare some stuff and play around with cracking a few Joomla hashes that I have.

Test 1

Joomla: 2.5.x
Attackmode: Bruteforce, a-zA-Z0-9+special chars, length 1-7
Password: 12345
Salt:Hash: 9135bce1a1209c7a77638ecd90f95fbf:inJ16N0CDRXxVkhC4M5HvBZE3CmxSo2A
Oclhashcat line: ./cudaHashcat-plus64.bin -i -m 11 -1 ?a -a 3 hashfile ?1?1?1?1?1?1?1
Time: 0 seconds

The first test went fast obviously, as the password was only 12345, but I just needed to check so that everything worked properly, and I might as well post this test as well.

Test 2

Joomla: 2.5.x
Attackmode: straight dictionary attack
Password: is not known
Salt:Hash: 7e3174214264efaf3c97b5c3df3666ca:S9J3hNMP00M8aPCUOWntaT2ius3dQvdP

Oclhashcat line: ./cudaHashcat-plus64.bin -i -m 11 -1 ?a -a 0 7e3174214264efaf3c97b5c3df3666ca:S9J3hNMP00M8aPCUOWntaT2ius3dQvdP ../Dict

Dictionaries used:

en_full.txt
names_full.txt
Swedish_wordlist.txt
sv_full_sorted.txt
wordlist_company_names.txt

This test was unsuccessfull, password was not found.

Test 3

Joomla: 2.5.x
Attackmode: combination based dictionary attack
Password: is not known
Salt:Hash: 7e3174214264efaf3c97b5c3df3666ca:S9J3hNMP00M8aPCUOWntaT2ius3dQvdP

Oclhashcat line: ./cudaHashcat-plus64.bin -i -m 11 -a 1 hashfile ../Dict/ ../Dict/

Dictionaries used:

en_full.txt
names_full.txt
Swedish_wordlist.txt
sv_full_sorted.txt
wordlist_company_names.txt

This test was unsuccessfull, password was not found.

Test 4

Joomla: 2.5.x
Attackmode: straight dictionary attack
Password: is not known
Oclhashcat line: ./cudaHashcat-plus64.bin -i -m 11 -a 0 hashlist ../Dict/

Dictionaries used:

en_full.txt
names_full.txt
Swedish_wordlist.txt
sv_full_sorted.txt
wordlist_company_names.txt
crackstation.txt

Salt:Hash:

1031aeb222dae48e859752df49d84e27:Zxhsst8Z2WIVeNH5d0e7pF3zZPfIggKq
0217b671de164449511452abebf45daa:nksK9MNH4CZVmuQins7GInPlNJPVXj9X
7e3174214264efaf3c97b5c3df3666ca:S9J3hNMP00M8aPCUOWntaT2ius3dQvdP
ec39ac5ef893b720667c773fa38e3bc3:el9dFQXcW1Zh0JBVv1h33Ym9u5SPh8wB
766c6b66b5401a4244e609dcb13279b2:XqiXW07cI4zVVi2jzAE3l96aG9EdSkzm
8ad5275e9b2aa142e2ae7ed2d7f382df:kJyIjQ9wCgKZsx9Y37LEtYmUiG6AuX99
47f1ad91c3fc74ce5bcf331d2efa0cdd:5hXDJTeg1M61wKC1jj0uuSygSXbzDLTW

I thought that I might as well try on a few different ones, as the first one has turned out to be pretty hard, and I can’t dedicate my machine to hours of cracking right now, as I’m doing other work as well. As you might have noticed, I added a new dictionary as well. I downloaded the crackstation dictionary via torrent, which I am now also seeding. I read about this dictionary in a blog, and it seems rather good so I have added it to my set of dictionaries that I use when I run hashcat.

Running them through all my wordlists actually gave me some good results.

47f1ad91c3fc74ce5bcf331d2efa0cdd:5hXDJTeg1M61wKC1jj0uuSygSXbzDLTW:contact
1031aeb222dae48e859752df49d84e27:Zxhsst8Z2WIVeNH5d 0e7pF3zZPfIggKq:2Mark16

I couldn’t crack all of them, but I might give it another go when I have more time. When the new cards arrive, I can use them to crack hashes and break the ones that are still in the list. It might sound strange, to order 2 new expensive cards just for this, but it’s all in the name of science, and fun πŸ™‚

Since the card I ordered is an AMD, I wont be able to use CUDA anymore, but that wont be a problem. Anyway, so below is the crackstation dictionary link, as well as the AMD drivers that I need later and the hashcat website.

https://crackstation.net/buy-crackstation-wordlist-password-cracking-dictionary.htm

http://hashcat.net/oclhashcat-plus/

http://www2.ati.com/drivers/linux/amd-driver-installer-catalyst-13-4-linux-x86.x86_64.zip

That’s all for now πŸ™‚

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.