oclHashcat v1.2 - GPGPU-based Multi-hash Cracker


oclHashcat is a GPGPU-based multi-hash cracker using a brute-force attack (implemented as mask attack), combinator attack, dictionary attack, hybrid attack, mask attack, and rule-based attack.

This GPU cracker is a fusioned version of oclHashcat-plus and oclHashcat-lite.

GPU Driver requirements:
    • NV users require ForceWare 331.67 or later
    • AMD users require Catalyst 14.4 or later

Changelog v1.21

This release is focused on performance increase / bugfixes.
  • Added support for algorithm -m 2612 = PHPS
  • Added support for algorithm -m 8600 = Lotus Notes/Domino 5
  • Added support for algorithm -m 8700 = Lotus Notes/Domino 6
  • Fixed performance drop on descrypt, LM and oracle-old initiated by AMD drivers
  • Fixed problem with restoring ADL performance state when the clock size reported by the AMD driver didn’t respect the clock step size
  • Fixed problem with setting ADL powertune value for r9 295×2 GPUs
  • Added support for writing logfiles
  • Added parameter –logfile-disable which should be self-explaining
  • Dictstat is now no longer session dependent and will always be based on oclHashcat installation directory
  • Use AMD custom profile settings instead of basing the AMD powertune/clock settings on maximum supported clock values
  • Fixed VLIW size calculated by compute capability was broken for sm_50 -> cuModuleLoad() 301
  • Make –runtime count relative to real attack start not program start
  • Fixed bug with fan speed handling, if fan speed is manually set to a high enought value (e.g. 100%) oclHashcat shouldn’t change it
  • Problem with username parsing (–username) was fixed
  • Fixed problem where IKE-PSK sha1/md5 (-m 5300/-m 5400) were wrongly recognized as shadow file formats
  • Fixed problem where the ‘delete range’ rule (xNM) did not allow to remove charaters at the very end of the word
Full Changelog: here

Features

  • Worlds fastest password cracker
  • Worlds first and only GPGPU based rule engine
  • Free
  • Multi-GPU (up to 128 gpus)
  • Multi-Hash (up to 100 million hashes)
  • Multi-OS (Linux & Windows native binaries)
  • Multi-Platform (OpenCL & CUDA support)
  • Multi-Algo (see below)
  • Low resource utilization, you can still watch movies or play games while cracking
  • Focuses highly iterated modern hashes
  • Focuses dictionary based attacks
  • Supports distributed cracking
  • Supports pause / resume while cracking
  • Supports sessions
  • Supports restore
  • Supports reading words from file
  • Supports reading words from stdin
  • Supports hex-salt
  • Supports hex-charset
  • Built-in benchmarking system
  • Integrated thermal watchdog
  • 100+ Algorithms implemented with performance in mind

Attack-Modes

  • Straight (accept Rules)
  • Combination
  • Brute-force
  • Hybrid dict + mask
  • Hybrid mask + dict

Algorithms
  • MD4
  • MD5
  • SHA1
  • SHA-256
  • SHA-512
  • SHA-3 (Keccak)
  • RipeMD160
  • Whirlpool
  • GOST R 34.11-94
  • HMAC-MD5 (key = $pass)
  • HMAC-MD5 (key = $salt)
  • HMAC-SHA1 (key = $pass)
  • HMAC-SHA1 (key = $salt)
  • HMAC-SHA256 (key = $pass)
  • HMAC-SHA256 (key = $salt)
  • HMAC-SHA512 (key = $pass)
  • HMAC-SHA512 (key = $salt)
  • LM
  • NTLM
  • DCC
  • DCC2
  • NetNTLMv1
  • NetNTLMv1 + ESS
  • NetNTLMv2
  • Kerberos 5 AS-REQ Pre-Auth etype 23
  • AIX {smd5}
  • AIX {ssha1}
  • AIX {ssha256}
  • AIX {ssha512}
  • FreeBSD MD5
  • OpenBSD Blowfish
  • descrypt
  • md5crypt
  • bcrypt
  • sha256crypt
  • sha512crypt
  • DES(Unix)
  • MD5(Unix)
  • SHA256(Unix)
  • SHA512(Unix)
  • OSX v10.4
  • OSX v10.5
  • OSX v10.6
  • OSX v10.7
  • OSX v10.8
  • OSX v10.9
  • Cisco-ASA
  • Cisco-IOS
  • Cisco-PIX
  • GRUB 2
  • Juniper Netscreen/SSG (ScreenOS)
  • RACF
  • Samsung Android Password/PIN
  • MSSQL
  • MySQL
  • Oracle
  • Postgres
  • Sybase
  • DNSSEC (NSEC3)
  • IKE-PSK
  • IPMI2 RAKP
  • iSCSI CHAP
  • WPA
  • WPA2
  • 1Password, cloudkeychain
  • 1Password, agilekeychain
  • Lastpass
  • Password Safe SHA-256
  • TrueCrypt 5.0+ PBKDF2 HMAC-RipeMD160 + AES
  • TrueCrypt 5.0+ PBKDF2 HMAC-SHA512 + AES
  • TrueCrypt 5.0+ PBKDF2 HMAC-Whirlpool + AES
  • TrueCrypt 5.0+ PBKDF2 HMAC-RipeMD160 + AES + boot-mode
  • TrueCrypt 5.0+ PBKDF2 HMAC-RipeMD160 + AES + hidden-volume
  • TrueCrypt 5.0+ PBKDF2 HMAC-SHA512 + AES + hidden-volume
  • TrueCrypt 5.0+ PBKDF2 HMAC-Whirlpool + AES + hidden-volume
  • TrueCrypt 5.0+ PBKDF2 HMAC-RipeMD160 + AES + hidden-volume + boot-mode
  • SAP CODVN B (BCODE)
  • SAP CODVN F/G (PASSCODE)
  • Citrix Netscaler
  • Netscape LDAP SHA/SSHA
  • Apache MD5-APR
  • hMailServer
  • EPiServer
  • Drupal
  • IPB
  • Joomla
  • MyBB
  • osCommerce
  • Redmine
  • SMF
  • vBulletin
  • Woltlab Burning Board
  • xt:Commerce
  • WordPress
  • phpBB3
  • Half MD5 (left, mid, right)
  • Double MD5
  • Double SHA1
  • md5($pass.$salt)
  • md5($salt.$pass)
  • md5(unicode($pass).$salt)
  • md5($salt.unicode($pass))
  • md5(sha1($pass))
  • sha1($pass.$salt)
  • sha1($salt.$pass)
  • sha1(unicode($pass).$salt)
  • sha1($salt.unicode($pass))
  • sha1(md5($pass))
  • sha256($pass.$salt)
  • sha256($salt.$pass)
  • sha256(unicode($pass).$salt)
  • sha256($salt.unicode($pass))
  • sha512($pass.$salt)
  • sha512($salt.$pass)
  • sha512(unicode($pass).$salt)
  • sha512($salt.unicode($pass))