howtothings.co.uk
GPU bruteforcing NTLM hashes using oclHashcat (CLI) - Printable Version

+- howtothings.co.uk (https://www.howtothings.co.uk)
+-- Forum: Computing (https://www.howtothings.co.uk/forumdisplay.php?fid=4)
+--- Forum: Operating System and Software Support (https://www.howtothings.co.uk/forumdisplay.php?fid=17)
+--- Thread: GPU bruteforcing NTLM hashes using oclHashcat (CLI) (/showthread.php?tid=1059)



GPU bruteforcing NTLM hashes using oclHashcat (CLI) - Mark - 05-10-2011

GPU bruteforcing NTLM hashes using oclHashcat

Find my tutorial on how to get NTLM hashes here
This is a brief overview of Hashcat and mainly oclHashcat.


[Image: hashcat_logo.png]

Hashcat is the worlds fastest CPU based password recovery tool. There are also GPU counterparts: oclHashcat, oclHashcat-plus and oclHashcat-list.
Hashcat is a program that can be used to recover plain text strings for a variety of hashing methods including but not limited to:

MD5
SHA1
MySQL
NTLM


Attack-Modes

Straight
Combination
Toggle-Case
Brute-Force
Permutation
Table-Lookup



oclHashcat

oclHashcat, (also known as cudaHashcat), is the world's fastest GPU based password recovery program. There is no GUI for oclHashcat.

I'm surprised that I've never heard of this program until a few days ago when someone pointed it out to me in IRC. oclHashcat also lets you utilise multiple GPUs, (I have two in this machine), which both support Cuda.
You *can* use ATI cards I think, but we're all green team here.

The first thing you look at for a new program is the help menu.
Code:
cudaHashcat64.exe --help

You'll need to be in the directory you want to run it from, another bonus about this program is that you don't need to install it! It works on Windows and Linux as well.

Usage: cudaHashcat [options] hashlist dict_left|mask_left dict_right|mask_right

It's really simple to use the only thing that stumped me was the way it uses two masks for cracking, a left side and a right side.

For bruteforcing your options are:

?l = lowercase
?u = uppercase
?d = digits
?s = special characters

What you'll want to do is to specify a charset by using "-1"

Code:
-1 ?l?d?s?u

Now you've told it that "-1" is equivalent to ?l?d?s?u

Code:
D:\Desktop\oclHashcat-0.26\oclHashcat-0.26>cudaHashcat64.exe out-hash.txt -o out-hash-cracked.txt --outfile-format=0 -m 1000 -1 ?l?d ?1?1?1?1 ?1?1?1?1

OUTPUT=
-1 ?l?d?s?u ?1?1?1?1 ?1?1?1

?1?1?1?1 = left
?1?1?1?1 = right

Totals 8 chars

This will perform an 8 character bruteforce on the hases within out-hash.txt, when it cracks one it'll put the hash and password into out-hash-cracked.txt.

-m tells us that it's cracking NTLM hashes


Check out this video with purehate from the backtrack dev team.


Extra Info
Hashcats Website: http://hashcat.net
User Manual: http://hashcat.net/files/hashcat_user_manual.pdf


Images

[Image: HC-01.png]


[Image: HC-02.png]


[Image: HC-03.png]


[Image: HC-04.png]


Out of 137 hashes you can see that I only managed to crack 12 and using GPU I was able to try 300/400 million passwords a second. It took 2 hours something.



RE: GPU bruteforcing NTLM hashes using oclHashcat (CLI) - Drumm - 05-10-2011

Compare this too Jtr's time please?


RE: GPU bruteforcing NTLM hashes using oclHashcat (CLI) - Mark - 05-10-2011

John the ripper uses CPU to crack passwords, it's not even on the same field. The closest you could get is using something like DJohn so you could do distributed cracking over several machines. But one workhorse with a few highend cards would still kick your ass.


RE: GPU bruteforcing NTLM hashes using oclHashcat (CLI) - Drumm - 08-10-2011

You can crack with GPU using John.. Biatch


RE: GPU bruteforcing NTLM hashes using oclHashcat (CLI) - Mark - 08-10-2011

Believe it when I see it.


RE: GPU bruteforcing NTLM hashes using oclHashcat (CLI) - Drumm - 08-10-2011

I linked you the necerssary data a while back, regardless;
http://openwall.info/wiki/john/GPU
It's part of the jumbo patch offered on his website. So shut up you testa di merda