hashcat

So I’ve been out of the GPU cracking game for a while as I’ve been running a MacBook on OS X.

After doing a little digging tonight and reading up on the latest version of hashcat (v3.00) it became apparent to me that hashcat now runs on OS X platforms. At last! Thanks to @hashcat (atom) for making the software open source!

For those of you wanting to get… Continue reading

So the Juniper Netscreen/SSG ScreenOS password hash is a bit of a hidden mystery. I had in my hand the config of a Netscreen device and I wanted to perform a reverse of the password hashes to see if they were weak.

In this case here’s the line from the config:

1set admin user "admin" password "nAePB0rfAm+Nc4YO3s0JwPHtRXIHdn" privilege "all"

John The ripper has supported Netscreen passwords since back in 2008… Continue reading

So Linkedin hashes have recently been leaked onto the net, and plenty of people have been cracking them. Meanwhile eHarymony passwords were also leaked!

The hashes are here and a quick download is all thats needed. wget them to prevent your browser from trying to render the entire txt file!

Throwing a dictionary at it with 80,546,115 words in it results in 22% cracked passwords.

12345678910111213141516171819202122232425262728293031$ ./oclHashcat-plus64.bin eharmony.txt -r rules/best64.rule… Continue reading

So recently there has been lots of news about the linkedin password hashes being leaked which was finally confirmed on the linkedin blog.

Many of the hashes first 5 chars are obfuscated with zeros so it’s understood these are the passwords already cracked, presumably the simple ones?

1. There are 3,521,180 hashes that begin with 00000. I believe that these represent hashes that the hackers have already broken and… Continue reading

So today oclHashcat-plus-0.08 was released by atom.

As I like to play with oclHashcat I thought it would be a good idea to update, but this also meant that I would have to update to the catalyst 12.04 drivers.

Before doing this it made sense to run a speed test using the scripts provided on thepasswordproject.com.

Before running these tests it’s important to ensure that your fans are… Continue reading