Password Brute Force

hashcat

$ hashcat --example-hashes | grep -B1 -i md5
$ hashcat -m 500 hashes/file.hash /usr/share/wordlists/rockyou.txt --username
$ hashcat -m 500 hashes/file.hash --username --show

Benchmarks:

$ nvidia-smi.exe

 # MD5
$ hashcat -m 0 -b
 # NTLM
$ hashcat -m 1000 -b
Единица хэшрейтаХэшрейтХэши в секунду

1kH/s

1000

Тысяча

1MH/s

1000000

Одинмиллион

1GH/s

1000000000

Одинмиллиард

1TH/s

1.000.000.000.000

Одинтриллион

1PH/s

1.000.000.000.000.000

Одинквадриллион

1EH/s

1.000.000.000.000.000.000

Одинквинтиллион

1ZH/s

1.000.000.000.000.000.000.000

Одинсекстиллион

TGS-REP with NTLM Wordlist

Remove the following lines from m13100_a0-optimized.cl and compile:

  // K=MD4(Little_indian(UNICODE(pwd))

  append_0x80_2x4 (w0_t, w1_t, pw_len);

  make_utf16le (w1_t, w2_t, w3_t);
  make_utf16le (w0_t, w0_t, w1_t);

  w3_t[2] = pw_len * 8 * 2;
  w3_t[3] = 0;

  digest[0] = MD4M_A;
  digest[1] = MD4M_B;
  digest[2] = MD4M_C;
  digest[3] = MD4M_D;

  md4_transform (w0_t, w1_t, w2_t, w3_t, digest);

  // K1=MD5_HMAC(K,1); with 2 encoded as little indian on 4 bytes (02000000 in hexa);

  w0_t[0] = digest[0];
  w0_t[1] = digest[1];
  w0_t[2] = digest[2];
  w0_t[3] = digest[3];
  w1_t[0] = 0;
  w1_t[1] = 0;
  w1_t[2] = 0;
  w1_t[3] = 0;
  w2_t[0] = 0;
  w2_t[1] = 0;
  w2_t[2] = 0;
  w2_t[3] = 0;
  w3_t[0] = 0;
  w3_t[1] = 0;
  w3_t[2] = 0;
  w3_t[3] = 0;

To crack:

$ hashcat -m 13100 -O tgsrep.in ntlm.wordlist --self-test-disable --hex-wordlist

Last updated