Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Cracked Hashes Skipped? Mode 2500 WPA/WPA2
#1
Current Server Version
- Hashtopolis: 0.11.0 commit 41d456b branch master

Current Client Version
- 0.6.0 stable

Hashcat Version
- v5.1.0-1673-g5f57ab3

Task command you are using eg. "#HL# wordlist.txt -r rulefile.rule"
- #HL# wonder-list-sorted-uniq.txt.gz

A detailed description of the problem you are experiencing

I have a WPA/WPA2 hashlist (mode 2500) uploaded in HCCAPX format. It's a combined file (using cat) and Hashtopolis recognizes the number of hashes: 0.00% (0 / 131).

I have a wordlist, wonder-list-sorted-uniq.txt.gz, and then I have created a task to associate the two. I'm not doing any preprocessing or anything fancy, just a plain wordlist attack. When running the task, debug shows that Hashcat is able to crack some of the hashes, I _believe_ Hashtopolis is recognizing this as it shows an entry for "Cracks:", but it also has the same value for "Skips:" so for instance it will have 1 for both.

The outfile looks similar to this:

98184655684b:638ea391e3ff:MyS03iFiWmurtcep-2G yelteertswol086 79630347565627473777f6c6c65836 173141

Debug output from the client

[2020-02-12 19:53:53,973] [DEBUG] Sending 1 cracks...
[2020-02-12 19:53:53,973] [DEBUG] {'action': 'sendProgress', 'chunkId': 8, 'gpuUtil': [83], 'keyspaceProgress': 4751459, 'state': 2, 'relativeProgress': 9327, 'gpuTemp': [75], 'cracks': [['98184655684b:638ea391e3ff:MyS03iFiWmurtcep-2G', 'yelteertswol086', '79630347565627473777f6c6c65836', '173141']], 'speed': 452242, 'token': 'UMT4qmhBXd'}
[2020-02-12 19:53:54,046] [DEBUG] http://8.8.8.8:80 "POST /api/server.php HTTP/1.1" 200 80
[2020-02-12 19:53:54,047] [DEBUG] b'{"action":"sendProgress","response":"SUCCESS","cracked":0,"skipped":1,"zaps":[]}'
[2020-02-12 19:53:54,047] [INFO ] Progress: 93.27% Speed: 452.24kH/s Cracks: 1 Accepted: 0 Skips: 1 Zaps: 0
[2020-02-12 19:53:58,996] [DEBUG] STATUS        3      SPEED  453686  1000    EXEC_RUNTIME    11.417434      CURKU  0      PROGRESS        109182976      0      RECHASH 1      128    RECSALT 0      68      TEMP    68      REJECTED        0      UTIL    15


Is there something possibly wrong with my input, or a configuration part that I'm missing? I created a test NTLM hash just to test it, and the NTLM hash cracks and actually gets saved to the Hashtopolis database, and shows up in the web app. So I can confirm that part at least is working for me.

The sensitive information here has been scrambled. Let me know if I've missed any debug info that I can provide.

Thanks all!
#2
Hey, thanks for bringing up the example. There were quite some changes to the WPA in the last months. The issue is that hashcat does print other parts of the hashes than what the input list looked like, which needs special handling which was not yet put into place.

If you would like to help out, please create an issue on the github repository providing the above information, if possible attach the hccapx file of the above found you posted, so we can reproduce. Also state if the 'salted' flag was checked on import or not.
I can check this then, but I'm pretty sure that this is a bug as it was not updated when the hccapx format output changed.
#3
Yup, absolutely. I've been troubleshooting Hashtopolis for the past few weeks to get a solid install working, and I think if a resolution can be had for this issue then I think I'm good to go. It's a great project and I'd be happy to help where I can.
#4
Just for the information of other users browsing here, further information regarding this issue can be found here: https://github.com/s3inlc/hashtopolis/issues/602


Forum Jump:


Users browsing this thread: 1 Guest(s)