频道栏目
首页 > 安全 > 工具软件 > 正文

hashcat GPU破解Hash密码

2012-07-13 12:48:48            作者:Dis9Team
收藏   我要投稿

关于hashcat
支持的协议
破解速度
破解WPA/WPA2
正在开发的新功能
新加入的功能
一次小测试

关于hashcat

oclHashcat是一个利用显卡GPU破解Hash密码的高级密码恢复(advanced password recovery)工具。这个程序似乎对NVIDIA显卡支持的不好,或者说用NVIDIA显卡的速度提升远远落后于AMD的显卡。
我用了两种显卡来跑包,一种是ATI HD 5750,一种是NVIDIA GT240,它们的跑包相差很远,前者有3W以上,后者只有5000-6000,所以建议有ATI并支持DX11的显卡的网友使用oclHashcat-plus的OpenCL并行计算功能来提升跑包的速度。oclHashcat-plus正式支持WPA/WPA2了
oclHashcat-plus包含32位版本和64位版本,使用gui调用cmd的模式,最多支持16个GPU,通过使用,我发现它
的速度比EWSA快40%,而且CPU占用率只有EWSA的四分之一,实在好用

支持的协议

几乎都支持

  • Straight *
  • Combination *
  • Toggle-Case
  • Brute-Force
  • Permutation
  • Table-Lookup

* accept Rules

  • MD5
  • md5($pass.$salt)
  • md5($salt.$pass)
  • md5(md5($pass))
  • md5(md5(md5($pass)))
  • md5(md5($pass).$salt)
  • md5(md5($salt).$pass)
  • md5($salt.md5($pass))
  • md5($salt.$pass.$salt)
  • md5(md5($salt).md5($pass))
  • md5(md5($pass).md5($salt))
  • md5($salt.md5($salt.$pass))
  • md5($salt.md5($pass.$salt))
  • md5($username.0.$pass)
  • md5(strtoupper(md5($pass)))
  • SHA1
  • sha1($pass.$salt)
  • sha1($salt.$pass)
  • sha1(sha1($pass))
  • sha1(sha1(sha1($pass)))
  • sha1(strtolower($username).$pass)
  • MySQL
  • MySQL4.1/MySQL5
  • MD5(WordPress)
  • MD5(phpBB3)
  • MD5(Unix)
  • SHA-1(Base64)
  • SSHA-1(Base64)
  • SHA-1(Django)
  • MD4
  • NTLM
  • Domain Cached Credentials
  • MD5(Chap)
  • MSSQL
  • SHA256
  • MD5(APR)
  • SHA512
  • SHA-512(Unix)

破解速度

\

破解WPA/WPA2

其实蛮简单的 抓到包:

#oclHashcat-plus64.exe -m 2500 capture.hccap rockyou.txt

pause www.2cto.com

正在开发的新功能

Application Request Description Status
oclHashcat-plus Increment Brute Force Also allow –bf-pw-min –bf-pw-max. Accepted
hashcat-utils Min/Max for req Additional parameter to require at least (pos int) or no more than (neg int) of charset Accepted
oclHashcat-plus -o with –show When using the –show switch, it allows saving the output in a file Accepted
oclHashcat-plus Status Screen Show percentage in recovered line Accepted
oclHashcat-plus Status Screen Print blank line each time “s” is pressed to separate reports Accepted
oclHashcat-plus Status Screen Show both the time running and time spent actually testing Accepted
oclHashcat-plus Status Screen Progress line to show how many hashes are left whilst testing Accepted
oclHashcat-plus Status Screen ETA in Time Left Line, Example : Time Left: 1 Day 2 Hours ETA : Monday 24.06.12 Time 18:53 Accepted
oclHashcat-plus <Not found> in LM Using –show switch in mode 3000, displays uncracked half as <Notfound> instead of *** to avoid confusion. Accepted
oclHashcat-plus EPiServer hash format Add this salted SHA1 algorithm. Details: http://hashcat.net/forum/thread-987.html Accepted
oclHashcat-plus PasswordSafe3 hash PasswordSafe3 hash support, http://hashcat.net/forum/thread-1088.html Accepted
oclHashcat-plus Command Line Rules Allow input of rules in command line Accepted
oclHashcat-* SSHA Dynamic Base64 Parser Base64 parser that would allow for dynamic salt lengths in OpenLDAP SSHA Accepted
hashcat Suite Charset A Equivalent to “luds” Accepted
oclHashcat-plus, Hashcat Compressed dictionaries Allow dictionary/wordlist attacks to load compressed dictionaries (7zip, bzip, etc–any one is fine) Accepted

新加入的功能

maskprocessor Increment Allow users to –increment while generating password lists or rules. Finished
maskprocessor Increment From Allows the user to start incrementing from a chosen character length. Finished
maskprocessor Start At Position Enable user to start or re-start from progress number during brute force. Finished
maskprocessor hex-charset Allow users to –hex-charset as in oclHashcat-lite. Finished
oclHashcat-lite Read from file Ability to read hashes from file or STDIN (due to shell escapes) Finished
oclHashcat-lite DES(Oracle) Add support for cracking DES(Oracle) hashes Finished
oclHashcat-plus Title Rule Upper case the first letter and every letter after a space in the same line. Finished
oclHashcat-plus Combinator Attack port from oclHashcat to oclHashcat-plus. Finished
oclHashcat-plus Hybrid Attack port from oclHashcat to oclHashcat-plus. Finished
oclHashcat-plus Status Updates Add the BSSID, rules files and hash file used to status screen. Finished
oclHashcat-plus Add line number If hash-parser rejects a hash, print the offending line number in error message Finished
oclHashcat-plus Add seperator char Let the user choose his own sperator char like in hashcat CPU Finished
oclHashcat-plus Add md5(md5($pass)) Add md5(md5($pass)) and call it e107 Finished
oclHashcat-plus File-based charsets Allow for putting custom charsets in textfiles Finished
oclHashcat-plus –gpu-temp-retain Set default –gpu-temp-retain to 80c Finished
hashcat Standardisation Standardise the mask implementation on both CPU and GPU Finished
hashcat-utils Cutting utility Add an “cut -b” alternative which is able to work with negative offsets Finished

一次小测试

密文
 
# cat hashfile.all
 
$P$BaFXHU4RZZM8Ivr4Z0Z2vxG
 
$P$BLFJUTnopcUqMDYvHVXil23
字典
 
root@bt5:/pentest/passwords/hashcat# wc -l password.lst
 
3557 password.lst
破解
 
root@bt5:/pentest/passwords/hashcat# ./hashcat-cli32.bin -o blogpasswords -a 0 -m 400 hashfile.all password.lst
 
Initializing hashcat v0.38 by atom with 8 threads and 32mb segment-size...
 
 
 
NOTE: press enter for status-screen
 
 
 
Added hashes from file hashfile.all: 19 (19 salts)
 
Wordlist..: password.lst
 
Index.....: 1/1 (segment), 3551 (words), 26215 (bytes)
 
Recovered.: 2/19 hashes, 2/19 salts
 
Speed/sec.: 2.19k plains, 129 words
 
Progress..: 3551/3551 (100.00%)
 
Running...: 00:00:00:28
 
Estimated.: --:--:--:--
 
Started: Tue May 22 11:45:19 2012
 
Stopped: Tue May 22 11:45:47 2012
结果保存好了
 
root@bt5:/pentest/passwords/hashcat# cat blogpasswords
 
$P$BaFXHU4RZZM8Ivr4Z0Z2vxG:test123
 
$P$BLFJUTnopcUqMDYvHVXil23:chevy

from:dis9 TEAM

相关TAG标签 密码
上一篇:proxmark3使用指导手册
下一篇:BEEF实战全记录
相关文章
图文推荐

关于我们 | 联系我们 | 广告服务 | 投资合作 | 版权申明 | 在线帮助 | 网站地图 | 作品发布 | Vip技术培训 | 举报中心

版权所有: 红黑联盟--致力于做实用的IT技术学习网站