关于hashcat
支持的协议
破解速度
破解WPA/WPA2
正在开发的新功能
新加入的功能
一次小测试
oclHashcat是一个利用显卡GPU破解Hash密码的高级密码恢复(advanced password recovery)工具。这个程序似乎对NVIDIA显卡支持的不好,或者说用NVIDIA显卡的速度提升远远落后于AMD的显卡。
我用了两种显卡来跑包,一种是ATI HD 5750,一种是NVIDIA GT240,它们的跑包相差很远,前者有3W以上,后者只有5000-6000,所以建议有ATI并支持DX11的显卡的网友使用oclHashcat-plus的OpenCL并行计算功能来提升跑包的速度。oclHashcat-plus正式支持WPA/WPA2了
oclHashcat-plus包含32位版本和64位版本,使用gui调用cmd的模式,最多支持16个GPU,通过使用,我发现它
的速度比EWSA快40%,而且CPU占用率只有EWSA的四分之一,实在好用
几乎都支持
* accept Rules
其实蛮简单的 抓到包:
#oclHashcat-plus64.exe -m 2500 capture.hccap rockyou.txt pause www.2cto.com
Application | Request | Description | Status |
---|---|---|---|
oclHashcat-plus | Increment Brute Force | Also allow –bf-pw-min –bf-pw-max. | Accepted |
hashcat-utils | Min/Max for req | Additional parameter to require at least (pos int) or no more than (neg int) of charset | Accepted |
oclHashcat-plus | -o with –show | When using the –show switch, it allows saving the output in a file | Accepted |
oclHashcat-plus | Status Screen | Show percentage in recovered line | Accepted |
oclHashcat-plus | Status Screen | Print blank line each time “s” is pressed to separate reports | Accepted |
oclHashcat-plus | Status Screen | Show both the time running and time spent actually testing | Accepted |
oclHashcat-plus | Status Screen | Progress line to show how many hashes are left whilst testing | Accepted |
oclHashcat-plus | Status Screen | ETA in Time Left Line, Example : Time Left: 1 Day 2 Hours ETA : Monday 24.06.12 Time 18:53 | Accepted |
oclHashcat-plus | <Not found> in LM | Using –show switch in mode 3000, displays uncracked half as <Notfound> instead of *** to avoid confusion. | Accepted |
oclHashcat-plus | EPiServer hash format | Add this salted SHA1 algorithm. Details: http://hashcat.net/forum/thread-987.html | Accepted |
oclHashcat-plus | PasswordSafe3 hash | PasswordSafe3 hash support, http://hashcat.net/forum/thread-1088.html | Accepted |
oclHashcat-plus | Command Line Rules | Allow input of rules in command line | Accepted |
oclHashcat-* | SSHA Dynamic Base64 Parser | Base64 parser that would allow for dynamic salt lengths in OpenLDAP SSHA | Accepted |
hashcat Suite | Charset A | Equivalent to “luds” | Accepted |
oclHashcat-plus, Hashcat | Compressed dictionaries | Allow dictionary/wordlist attacks to load compressed dictionaries (7zip, bzip, etc–any one is fine) | Accepted |
maskprocessor | Increment | Allow users to –increment while generating password lists or rules. | Finished |
maskprocessor | Increment From | Allows the user to start incrementing from a chosen character length. | Finished |
maskprocessor | Start At Position | Enable user to start or re-start from progress number during brute force. | Finished |
maskprocessor | hex-charset | Allow users to –hex-charset as in oclHashcat-lite. | Finished |
oclHashcat-lite | Read from file | Ability to read hashes from file or STDIN (due to shell escapes) | Finished |
oclHashcat-lite | DES(Oracle) | Add support for cracking DES(Oracle) hashes | Finished |
oclHashcat-plus | Title Rule | Upper case the first letter and every letter after a space in the same line. | Finished |
oclHashcat-plus | Combinator Attack | port from oclHashcat to oclHashcat-plus. | Finished |
oclHashcat-plus | Hybrid Attack | port from oclHashcat to oclHashcat-plus. | Finished |
oclHashcat-plus | Status Updates | Add the BSSID, rules files and hash file used to status screen. | Finished |
oclHashcat-plus | Add line number | If hash-parser rejects a hash, print the offending line number in error message | Finished |
oclHashcat-plus | Add seperator char | Let the user choose his own sperator char like in hashcat CPU | Finished |
oclHashcat-plus | Add md5(md5($pass)) | Add md5(md5($pass)) and call it e107 | Finished |
oclHashcat-plus | File-based charsets | Allow for putting custom charsets in textfiles | Finished |
oclHashcat-plus | –gpu-temp-retain | Set default –gpu-temp-retain to 80c | Finished |
hashcat | Standardisation | Standardise the mask implementation on both CPU and GPU | Finished |
hashcat-utils | Cutting utility | Add an “cut -b” alternative which is able to work with negative offsets | Finished |
密文
# cat hashfile.all
$P$BaFXHU4RZZM8Ivr4Z0Z2vxG
$P$BLFJUTnopcUqMDYvHVXil23
字典
root@bt5:/pentest/passwords/hashcat# wc -l password.lst
3557 password.lst
破解
root@bt5:/pentest/passwords/hashcat# ./hashcat-cli32.bin -o blogpasswords -a 0 -m 400 hashfile.all password.lst
Initializing hashcat v0.38 by atom with 8 threads and 32mb segment-size...
NOTE: press enter for status-screen
Added hashes from file hashfile.all: 19 (19 salts)
Wordlist..: password.lst
Index.....: 1/1 (segment), 3551 (words), 26215 (bytes)
Recovered.: 2/19 hashes, 2/19 salts
Speed/sec.: 2.19k plains, 129 words
Progress..: 3551/3551 (100.00%)
Running...: 00:00:00:28
Estimated.: --:--:--:--
Started: Tue May 22 11:45:19 2012
Stopped: Tue May 22 11:45:47 2012
结果保存好了
root@bt5:/pentest/passwords/hashcat# cat blogpasswords
$P$BaFXHU4RZZM8Ivr4Z0Z2vxG:test123
$P$BLFJUTnopcUqMDYvHVXil23:chevy
from:dis9 TEAM