2017-04-16 11:19:23 +00:00
* changes v3.5.0 -> 3.x.x:
##
## Algorithms
##
- Added hash-mode 15200 = Blockchain, My Wallet, V2
2017-04-10 08:11:32 +00:00
2017-04-14 14:36:28 +00:00
##
## Features
##
- Wordlist encoding: Support added for internal convert from and to user-defined encoding during runtime
- Wordlist encoding: Added parameters --encoding-from and --encoding-to to configure wordlist encoding handling
2017-04-10 08:11:32 +00:00
##
## Improvements
##
- WPA cracking: Improved nonce-error-corrections mode to fix corrupt nonce generated on Big-Endian devices
##
## Technical
##
2017-04-19 08:51:28 +00:00
- Building: On binary release package, link libiconv static for windows binaries
2017-04-14 14:36:28 +00:00
- Dictstat: Structure for dictstat file changed as it has to include --encoding-from and --encoding-to parameter now
2017-04-11 11:33:25 +00:00
- OpenCL Runtime: Updated AMDGPU-Pro driver version check, do warn if version 17.10 is detected which is known to be broken
2017-04-10 08:11:32 +00:00
- WPA cracking: Reduced --nonce-error-corrections default from 16 to 8 to compensate speed drop caused due to Big-Endian fixes
2017-03-31 13:28:20 +00:00
* changes v3.40 -> 3.5.0:
2017-03-04 07:58:22 +00:00
2017-03-07 13:41:58 +00:00
##
## Features
##
- WPA cracking: Added support for WPA/WPA2 handshake AP nonce automatic error correction
- WPA cracking: Added parameter --nonce-error-corrections to configure range of error correction
2017-03-23 15:44:32 +00:00
##
## Algorithms
##
- Added hash-mode 15100 = Juniper/NetBSD sha1crypt
2017-03-07 09:00:54 +00:00
##
## Improvements
##
2017-04-01 16:02:34 +00:00
- Abbreviate long hashes to display the Hash.Target status line within 80 characters
2017-04-01 19:33:23 +00:00
- Refactored internal use of esalt to sync with the number of digests instead of the number of salts
2017-04-01 16:02:34 +00:00
- Refactored other output to display within 80 characters without wrapping
2017-03-07 09:00:54 +00:00
2017-03-04 07:58:22 +00:00
##
## Bugs
##
2017-04-01 19:33:23 +00:00
- Fixed a hash validation error when trying to load Android FDE < 4.3 hashes
2017-03-04 07:58:22 +00:00
- Fixed a problem where --keyspace combined with custom charsets incorrectly displayed an error message
2017-03-11 07:25:58 +00:00
- Fixed a problem where --stdout combined with custom charsets incorrectly displayed an error message
2017-03-05 16:14:55 +00:00
- Fixed a problem with parsing and displaying -m 7000 = Fortigate (FortiOS) hashes
2017-04-01 16:02:34 +00:00
- Fixed a race condition after sessions finish, where the input-base was freed but accessed afterwards
2017-04-01 19:33:23 +00:00
- Fixed a typo that resulted in the minimum password length not being correctly initialized
2017-04-01 16:02:34 +00:00
- Fixed --outfile-format formats 11 through 15 to show the correct crack position
2017-04-01 19:33:23 +00:00
- Fixed --remove to apply even when all hashes are either found in the potfile or detected in weak-hash checks
2017-03-04 07:58:22 +00:00
2017-03-07 13:41:58 +00:00
##
## Technical
##
- Building: Added missing prototypes for atlassian_parse_hash function
2017-03-25 15:11:01 +00:00
- Dictionary Cache: Split long status line into multiple lines to stay < 80 chars
2017-03-19 14:11:41 +00:00
- Files: Detect and error when users try to use -r with a parameter which is not a file
2017-04-01 19:33:23 +00:00
- HCCAPX Parser: Added support for a special bit (bit 8) of the message_pair that indicates if replay counters match
2017-03-19 14:11:41 +00:00
- Parameter: Detect and error when users try to use an empty string (length 0) for parameters like --session=
2017-04-01 16:02:34 +00:00
- Parameter: Detect and error when users try to use non-digit input when only digits are expected
2017-03-07 13:41:58 +00:00
- Sessions: Improved string comparison in case user sets --session to "hashcat"
2017-04-01 16:02:34 +00:00
- Status View: Add rejected counter to machine-readable output
2017-04-01 19:33:23 +00:00
- Status View: Rename labels Input.Mode, Input.Base, ... to Guess.Mode, Guess.Base, ...
- Status View: Added a visual indicator to the status screen when checkpoint quit has been requested
2017-03-31 13:28:20 +00:00
- Versions: Changed version naming convention from x.yz to x.y.z
2017-03-07 13:41:58 +00:00
2017-02-17 17:28:16 +00:00
* changes v3.30 -> v3.40:
2017-01-21 14:37:44 +00:00
2017-01-12 19:28:16 +00:00
##
## Features
##
2017-03-03 07:59:54 +00:00
- Added support for loading hccapx files
- Added support for filtering hccapx message pairs using --hccapx-message-pair
2017-01-12 19:28:16 +00:00
- Added support for parsing 7-Zip hashes with LZMA/LZMA2 compression indicator set to a non-zero value
2017-01-24 09:28:35 +00:00
- Added support for decompressing LZMA1/LZMA2 data for -m 11600 = 7-Zip to validate the CRC
2017-03-03 07:59:54 +00:00
- Added support for automatic merge of LM halfes in case --show and --left is used
2017-02-01 08:00:16 +00:00
- Added support for showing all user names with --show and --left if --username was specified
2017-02-08 09:24:36 +00:00
- Added support for GPU temperature management on cygwin build
2017-01-11 15:04:05 +00:00
2017-01-21 14:37:44 +00:00
##
## Algorithms
##
2017-01-31 11:40:43 +00:00
- Added hash-mode 1411 = SSHA-256(Base64), LDAP {SSHA256}
2017-02-12 17:12:17 +00:00
- Added hash-mode 3910 = md5(md5($pass).md5($salt))
2017-02-01 15:56:14 +00:00
- Added hash-mode 4010 = md5($salt.md5($salt.$pass))
2017-02-01 18:56:49 +00:00
- Added hash-mode 4110 = md5($salt.md5($pass.$salt))
2017-01-31 10:44:58 +00:00
- Added hash-mode 4520 = sha1($salt.sha1($pass))
- Added hash-mode 4522 = PunBB
2017-01-30 20:18:37 +00:00
- Added hash-mode 7000 = Fortigate (FortiOS)
2017-02-28 13:22:03 +00:00
- Added hash-mode 12001 = Atlassian (PBKDF2-HMAC-SHA1)
2017-01-21 14:37:44 +00:00
- Added hash-mode 14600 = LUKS
2017-01-25 18:07:07 +00:00
- Added hash-mode 14700 = iTunes Backup < 10.0
2017-01-26 20:16:29 +00:00
- Added hash-mode 14800 = iTunes Backup >= 10.0
2017-01-29 15:43:08 +00:00
- Added hash-mode 14900 = Skip32
2017-02-02 23:07:31 +00:00
- Added hash-mode 15000 = FileZilla Server >= 0.9.55
2017-01-21 14:37:44 +00:00
2017-01-11 15:04:05 +00:00
##
## Workarounds
##
- Workaround added for AMDGPU-Pro OpenCL runtime: AES encrypt and decrypt Invertkey function was calculated wrong in certain cases
2017-02-13 10:36:16 +00:00
- Workaround added for AMDGPU-Pro OpenCL runtime: RAR3 kernel require a volatile variable to work correctly
2017-03-03 07:59:54 +00:00
- Workaround added for Apple OpenCL runtime: bcrypt kernel requires a volatile variable because of a compiler optimization bug
2017-03-03 09:49:40 +00:00
- Workaround added for Apple OpenCL runtime: LUKS kernel requires some volatile variables because of a compiler optimization bug
- Workaround added for Apple OpenCL runtime: TrueCrypt kernel requires some volatile variables because of a compiler optimization bug
2017-03-03 07:59:54 +00:00
- Workaround added for NVidia OpenCL runtime: RACF kernel requires EBCDIC lookup to be done on shared memory
2017-01-11 15:04:05 +00:00
2017-01-21 15:59:07 +00:00
##
## Bugs
##
2017-02-27 13:47:41 +00:00
- Fixed a problem within the Kerberos 5 TGS-REP (-m 13100) hash parser
- Fixed clEnqueueNDRangeKernel(): CL_UNKNOWN_ERROR caused by an invalid work-item count during weak-hash-check
- Fixed cracking of PeopleSoft Token (-m 13500) if salt length + password length is >= 128 byte
2017-03-01 19:05:27 +00:00
- Fixed cracking of Plaintext (-m 99999) in case MD4 was used in a previous session
2017-01-23 12:40:16 +00:00
- Fixed DEScrypt cracking in BF mode in case the hashlist contains more than 16 times the same salt
2017-01-23 16:54:56 +00:00
- Fixed duplicate detection for WPA handshakes with the same ESSID
2017-02-08 09:24:36 +00:00
- Fixed nvapi datatype definition for NvS32 and NvU32
2017-03-03 14:26:59 +00:00
- Fixed overflow in bcrypt kernel in expand_key() function
2017-03-03 07:59:54 +00:00
- Fixed pointer to local variable outside scope in case -j or -k is used
- Fixed pointer to local variable outside scope in case --markov-hcstat is not used
2017-03-02 22:30:43 +00:00
- Fixed recursion in loopback handling when session was aborted by the user
2017-02-27 13:47:41 +00:00
- Fixed rule 'O' (RULE_OP_MANGLE_OMIT) in host mode in case the offset + length parameter equals the length of the input word
2017-03-01 19:09:17 +00:00
- Fixed rule 'i' (RULE_OP_MANGLE_INSERT) in host mode in case the offset parameter equals the length of the input word
2017-02-27 13:47:41 +00:00
- Fixed string not null terminated inside workaround for checking drm driver path
- Fixed string not null terminated while reading maskfiles
- Fixed truncation of password after position 32 with the combinator attack
- Fixed use of option --keyspace in combination with -m 2500 (WPA)
- Fixed WPA/WPA2 cracking in case eapol frame is >= 248 byte
2017-01-21 15:59:07 +00:00
2017-01-24 15:07:59 +00:00
##
## Technical
##
2017-01-27 08:58:01 +00:00
- Building: Add SHARED variable to Makefile to choose if hashcat is build as static or shared binary (using libhashcat.so/hashcat.dll)
2017-02-20 17:45:04 +00:00
- Building: Removed compiler option -march=native as this created problems for maintainers on various distributions
2017-03-03 07:59:54 +00:00
- Building: Removed the use of RPATH on linker level
2017-02-09 09:42:35 +00:00
- Building: Replaced linking of CRT_glob.o with the use of int _dowildcard
2017-02-10 08:08:19 +00:00
- Commandline: Do some checks related to custom-charset options if user specifies them
2017-02-14 14:38:57 +00:00
- CPU Affinity: Fixed memory leak in case invalid cpu Id was specified
- Dispatcher: Fixed several memory leaks in case an OpenCL error occurs
2017-01-24 16:52:32 +00:00
- Events: Improved the maximum event message handling. event_log () will now also internally make sure that the message is properly terminated
2017-02-15 18:58:21 +00:00
- File Locking: Improved error detection on file locks
- File Reads: Fixed memory leak in case outfile or hashfile was not accessible
- File Reads: Improved error detection on file reads, especially when getting the file stats
2017-01-27 13:50:39 +00:00
- Files: Do several file and folder checks on startup rather than when they are actually used to avoid related error after eventual intense operations
2017-03-03 07:59:54 +00:00
- Hardware Management: Bring back kernel exec timeout detection for NVidia on user request
2017-02-14 15:01:04 +00:00
- Hardware Monitor: Fixed several memory leaks in case hash-file writing (caused by --remove) failed
2017-02-15 18:58:21 +00:00
- Hardware Monitor: Fixed several memory leaks in case no hardware monitor sensor is found
- Hardware Monitor: In case NVML initialization failed, do not try to initialiaze NVAPI or XNVCTRL because they both depend on NVML
- Hash Parsing: Added additional bound checks for the SIP digest authentication (MD5) parser (-m 11400)
- Hash Parsing: Make sure that all files are correctly closed whenever a hash file parsing error occurs
- Helper: Added functions to check existence, type, read- and write-permissions and rewrite sources to use them instead of stat()
- Keyfile handling: Make sure that the memory is cleanly freed whenever a VeraCrypt/TrueCrypt keyfile fails to load
2017-02-14 15:46:41 +00:00
- Mask Checks: Added additional memory cleanups after parsing/verifying masks
2017-02-22 11:28:23 +00:00
- Mask Checks: Added integer overflow detection for a keyspace of a mask provided by user
2017-02-15 18:58:21 +00:00
- Mask Increment: Fixed memory leak in case mask_append() fails
- OpenCL Device: Do a check on available constant memory size and abort if it's less than 64kB
2017-02-14 14:38:57 +00:00
- OpenCL Device Management: Fixed several memory leaks in case initialization of an OpenCL device or platform failed
2017-02-15 18:58:21 +00:00
- OpenCL Header: Updated CL_* errorcode to OpenCL 1.2 standard
2017-02-14 15:51:03 +00:00
- OpenCL Kernel: Move kernel binary buffer from heap to stack memory
2017-02-14 16:08:08 +00:00
- OpenCL Kernel: Refactored read_kernel_binary to load only a single kernel for a single device
2017-02-17 09:11:05 +00:00
- OpenCL Kernel: Remove "static" keyword from function declarations; Causes older Intel OpenCL runtimes to fail compiling
2017-03-03 07:59:54 +00:00
- OpenCL Kernel: Renumbered hash-mode 7600 to 4521
2017-02-23 10:48:21 +00:00
- OpenCL Runtime: Added a warning about using Mesa OpenCL runtime
2017-03-03 07:59:54 +00:00
- OpenCL Runtime: Updated AMDGPU-Pro driver version check, do warn if version 16.60 is detected which is known to be broken
2017-02-14 12:44:31 +00:00
- Outfile Check: Fixed a memory leak for failed outfile reads
2017-02-14 19:05:44 +00:00
- Restore: Add some checks on the rd->cwd variable in restore case
2017-02-14 14:38:57 +00:00
- Rule Engine: Fixed several memory leaks in case loading of rules failed
2017-03-02 18:57:34 +00:00
- Session Management: Automatically set dedicated session names for non-cracking parameters, for example: --stdout
2017-02-14 14:38:57 +00:00
- Session Management: Fixed several memory leaks in case profile- or install-folder setup failed
2017-01-27 15:29:18 +00:00
- Sessions: Move out handling of multiple instance from restore file into separate pidfile
2017-03-01 20:42:17 +00:00
- Status screen: Do not try to clear prompt in --quiet mode
2017-03-03 07:59:54 +00:00
- Tests: Fixed the timeout status code value and increased the runtime to 400 seconds
2017-02-04 01:53:50 +00:00
- Threads: Restored strerror as %m is unsupported by the BSDs
2017-01-30 09:45:56 +00:00
- Wordlists: Disable dictstat handling for hash-mode 3000 as it virtually creates words in the wordlist which is not the case for other modes
2017-02-15 18:58:21 +00:00
- Wordlists: Fixed memory leak in case access a file in a wordlist folder fails
2017-02-19 13:45:27 +00:00
- WPA: Changed format for outfile and potfile from essid:mac1:mac2 to hash:mac_ap:mac_sta:essid
2017-02-01 11:25:21 +00:00
- WPA: Changed format for outfile_check from essid:mac1:mac2 to hash
2017-01-24 15:07:59 +00:00
2017-01-02 09:14:07 +00:00
* changes v3.20 -> v3.30:
2016-12-02 19:39:42 +00:00
##
2016-12-09 13:54:13 +00:00
## Features
##
2016-12-09 22:44:43 +00:00
- Files: Use $HEX[...] in case the password includes the separater character, increases potfile reading performance
2017-01-05 15:15:12 +00:00
- Files: If the user specifies a folder to scan for wordlists instead of directly a wordlist, then ignore the hidden files
2017-01-03 18:21:27 +00:00
- Loopback: Include passwords for removed hashes present in the potfile to next loopback iteration
2016-12-29 12:05:29 +00:00
- New option --progress-only: Quickly provides ideal progress step size and time to process on the user hashes and selected options, then quit
- Status screen: Reenabled automatic status screen display in case of stdin used
2016-12-31 01:10:10 +00:00
- Truecrypt/Veracrypt: Use CRC32 to verify headers instead of fuzzy logic, greatly reduces false positives from 18:2^48 to 3:2^64
2016-12-22 01:17:49 +00:00
- WPA cracking: Reuse PBKDF2 intermediate keys if duplicate essid is detected
2016-12-09 13:54:13 +00:00
2016-12-17 18:09:52 +00:00
##
## Algorithms
##
- Added hash-mode 1300 = SHA-224
2016-12-09 13:54:13 +00:00
##
2016-12-02 19:39:42 +00:00
## Bugs
##
2016-12-31 14:10:53 +00:00
- Fixed buffer overflow in status screen display in case of long non-utf8 string
2017-01-05 16:39:14 +00:00
- Fixed buffer overflow in plaintext parsing code: Leading to segfault
2016-12-17 13:09:58 +00:00
- Fixed custom char parsing code in maskfiles in --increment mode: Custom charset wasn't used
2017-01-03 08:39:13 +00:00
- Fixed display screen to show input queue when using custom charset or rules
2016-12-29 12:05:29 +00:00
- Fixed double fclose() using AMDGPU-Pro on sysfs compatible platform: Leading to segfault
2017-01-05 15:14:12 +00:00
- Fixed hash-mode 11400 = SIP digest authentication (MD5): Cracking of hashes which did not include *auth* or *auth-int* was broken
2016-12-18 12:11:54 +00:00
- Fixed hex output of plaintext in case --outfile-format 4, 5, 6 or 7 was used
2016-12-29 12:05:29 +00:00
- Fixed infinite loop when using --loopback in case all hashes have been cracked
- Fixed kernel loops in --increment mode leading to slower performance
2016-12-18 15:01:23 +00:00
- Fixed mask length check in hybrid attack-modes: Do not include hash-mode dependant mask length checks
2017-01-05 20:58:24 +00:00
- Fixed parsing of hashes in case the last line did not include a linefeed character
2017-01-03 08:39:13 +00:00
- Fixed potfile loading to accept blank passwords
2017-01-05 21:34:47 +00:00
- Fixed runtime limit: No longer required so sample startup time after refactorization
2016-12-03 12:13:46 +00:00
2017-01-04 10:23:57 +00:00
##
## Workarounds
##
- Workaround added for Intel OpenCL runtime: GPU support is broken, skip the device unless user forces to enable it
2016-12-03 12:13:46 +00:00
##
## Technical
##
2016-12-28 13:05:26 +00:00
- Building: Added hashcat32.dll and hashcat64.dll makefile targets for building hashcat windows libraries
2017-01-04 09:33:20 +00:00
- Building: Added production flag in Makefile to disable all the GCC compiler options needed only for development
2016-12-29 12:05:29 +00:00
- Building: Removed access to readlink() on FreeBSD
2017-01-04 09:59:21 +00:00
- Building: For CYGWIN prefer to use "opencl.dll" (installed by drivers) instead of optional "cygOpenCL-1.dll"
2017-01-03 08:56:40 +00:00
- Events: Added new event EVENT_WEAK_HASH_ALL_CRACKED if all hashes have been cracked during weak hash check
2016-12-28 09:51:39 +00:00
- Hardware management: Switched matching ADL device with OpenCL device by using PCI bus, device and function
2016-12-27 16:41:29 +00:00
- Hardware management: Switched matching NvAPI device with OpenCL device by using PCI bus, device and function
2016-12-29 12:05:29 +00:00
- Hardware management: Switched matching NVML device with OpenCL device by using PCI bus, device and function
2016-12-27 18:20:27 +00:00
- Hardware management: Switched matching xnvctrl device with OpenCL device by using PCI bus, device and function
2016-12-29 18:07:05 +00:00
- Hardware management: Removed *throttled* message from NVML as this created more confusion than it helped
2016-12-29 12:05:29 +00:00
- Hash Parser: Improved error detection of invalid hex characters where hex character are expected
- OpenCL Runtime: Updated AMDGPU-Pro driver version check, do warn if version 16.50 is detected which is known to be broken
2016-12-31 14:15:43 +00:00
- OpenCL Runtime: Updated hashcat.hctune for Iris Pro GPU on OSX
2016-12-09 12:42:52 +00:00
- Potfile: In v3.10 already, the default potfile suffix changed but the note about was missing. The "hashcat.pot" became "hashcat.potfile"
2016-12-31 12:52:35 +00:00
- Potfile: Added old potfile detection, show warning message
2017-01-06 07:45:40 +00:00
- Returncode: Added dedicated returncode (see docs/status_codes.txt) for shutdowns caused by --runtime and checkpoint keypress
2016-12-29 12:05:29 +00:00
- Sanity: Added sanity check to disallow --speed-only in combination with -i
2017-01-05 21:46:34 +00:00
- Sanity: Added sanity check to disallow --loopback in combination with --runtime
2016-12-03 12:13:46 +00:00
- Threads: Replaced all calls to ctime() with ctime_r() to ensure thread safety
2016-12-29 12:05:29 +00:00
- Threads: Replaced all calls to strerror() with %m printf() GNU extension to ensure thread safety
2016-12-02 19:39:42 +00:00
2016-11-14 14:07:58 +00:00
* changes v3.10 -> v3.20:
2016-11-25 18:21:35 +00:00
The hashcat core was completely refactored to be a MT-safe library (libhashcat).
The goal was to help developers include hashcat into distributed clients or GUI frontends.
2016-11-16 22:25:50 +00:00
The CLI (hashcat.bin or hashcat.exe) works as before but from a technical perspective it's a library frontend.
2016-08-30 15:44:14 +00:00
2016-09-02 08:03:22 +00:00
##
2016-11-11 12:10:24 +00:00
## Features
2016-09-02 08:03:22 +00:00
##
2016-11-14 14:07:58 +00:00
- New option --speed-only: Quickly provides cracking speed per device based on the user hashes and selected options, then quit
- New option --keep-guessing: Continue cracking hashes even after they have been cracked (to find collisions)
2016-11-25 18:21:35 +00:00
- New option --restore-file-path: Manually override the path to the restore file (useful if we want all session files in the same folder)
2016-11-25 15:27:22 +00:00
- New option --opencl-info: Show details about OpenCL compatible devices like an embedded clinfo tool (useful for bug reports)
- Documents: Added colors for warnings (yellow) and errors (red) instead of WARNING: and ERROR: prefix
2016-11-25 18:21:35 +00:00
- Documents: Added hints presented to the user about optimizing performance while hashcat is running
2016-11-25 15:27:22 +00:00
- Hardware management: Support --gpu-temp-retain for AMDGPU-Pro driver
- Hardware management: Support --powertune-enable for AMDGPU-Pro driver
- Password candidates: Allow words of length > 31 in wordlists for -a 0 for some slow hashes if no rules are in use
- Password candidates: Do not use $HEX[] if the password candidate is a valid UTF-8 string and print out as-is
- Pause mode: Allow quit program also if in pause mode
- Pause mode: Ignore runtime limit in pause mode
2016-11-30 14:36:51 +00:00
- Status view: Show core-clock, memory-clock and execution time in benchmark-mode in case --machine-readable is activated
2016-11-25 15:27:22 +00:00
- Status view: Show temperature, coreclock, memoryclock, fanspeed and pci-lanes for devices using AMDGPU-Pro driver
- Status view: Show the current first and last password candidate test queued for execution per device (as in JtR)
- Status view: Show the current position in the queue for both base and modifier (Example: Wordlist 2/5)
- Markov statistics: Update hashcat.hcstat which is used as reference whenever the user defines a mask
- Charsets: Added lowercase ascii hex (?h) and uppercase ascii hex (?H) as predefined charsets
##
## Algorithms
##
- Added hash-mode 14000 = DES (PT = $salt, key = $pass)
- Added hash-mode 14100 = 3DES (PT = $salt, key = $pass)
- Added hash-mode 14400 = SHA1(CX)
- Added hash-mode 99999 = Plaintext
- Extended hash-mode 3200 = bcrypt: Accept signature $2b$ (February 2014)
- Improved hash-mode 8300 = DNSSEC: Additional parsing error detection
2016-11-11 12:10:24 +00:00
##
## Bugs
##
2016-11-25 15:27:22 +00:00
- Custom charset from file parsing code did not return an error if an error occured
- Fix some clSetKernelArg() size error that caused slow modes to not work anymore in -a 1 mode
- Hash-mode 11600 = (7-Zip): Depending on input hash a clEnqueueReadBuffer(): CL_INVALID_VALUE error occured
- Hash-mode 22 = Juniper Netscreen/SSG (ScreenOS): Fix salt length for -m 22 in benchmark mode
- Hash-Mode 5500 = NetNTLMv1 + ESS: Fix loading of NetNTLMv1 + SSP hash
- Hash-mode 6000 = RipeMD160: Fix typo in array index number
2016-11-25 18:21:35 +00:00
- If cracking a hash-mode using unicode passwords, length check of a mask was not taking into account
2016-11-25 15:27:22 +00:00
- If cracking a large salted hashlist the wordlist reject code was too slow to handle it, leading to 0H/s
- Null-pointer dereference in outfile-check shutdown code when using --outfile-check-dir, leading to segfault
- On startup hashcat tried to access the folder defined in INSTALL_FOLDER, leading to segfault if that folder was not existing
- Random rules generator code used invalid parameter for memory copy function (M), leading to use of invalid rule
2016-11-25 18:21:35 +00:00
- Sanity check for --outfile-format was broken if used in combination with --show or --left
2016-09-02 08:03:22 +00:00
2016-08-30 15:44:14 +00:00
##
2016-11-25 15:27:22 +00:00
## Workarounds
2016-08-30 15:44:14 +00:00
##
2016-11-25 15:27:22 +00:00
- Workaround added for AMDGPU-Pro OpenCL runtime: Failed to compile hash-mode 10700 = PDF 1.7 Level 8
- Workaround added for AMDGPU-Pro OpenCL runtime: Failed to compile hash-mode 1800 = sha512crypt
- Workaround added for NVidia OpenCL runtime: Failed to compile hash-mode 6400 = AIX {ssha256}
- Workaround added for NVidia OpenCL runtime: Failed to compile hash-mode 6800 = Lastpass + Lastpass sniffed
- Workaround added for OSX OpenCL runtime: Failed to compile hash-mode 10420 = PDF 1.1 - 1.3 (Acrobat 2 - 4)
- Workaround added for OSX OpenCL runtime: Failed to compile hash-mode 1100 = Domain Cached Credentials (DCC), MS Cache
- Workaround added for OSX OpenCL runtime: Failed to compile hash-mode 13800 = Windows 8+ phone PIN/Password
- Workaround added for pocl OpenCL runtime: Failed to compile hash-mode 5800 = Android PIN
##
## Performance
##
- Improved performance for rule-based attacks for _very_ fast hashes like MD5 and NTLM by 30% or higher
2016-12-01 17:21:06 +00:00
- Improved performance for DEScrypt on AMD, from 373MH/s to 525MH/s
- Improved performance for raw DES-based algorithms (like LM) on AMD, from 1.6GH/s to 12.5GH/s
- Improved performance for raw SHA256-based algorithms using meet-in-the-middle optimization, reduces 7/64 steps
- Improved performance for SAP CODVN B (BCODE) and SAP CODVN F/G (PASSCODE) due to register handling optimization, gives 3% and 25%
2016-11-25 15:27:22 +00:00
- Improved performance by reducing maximum number of allowed function calls per rule from 255 to 31
- Improved performance by update the selection when to use #pragma unroll depending on OpenCL runtime vendor
- Full performance comparison sheet v3.10 vs. v3.20: https://docs.google.com/spreadsheets/d/1B1S_t1Z0KsqByH3pNkYUM-RCFMu860nlfSsYEqOoqco/edit#gid=1591672380
2016-08-30 15:44:14 +00:00
2016-11-11 12:10:24 +00:00
##
## Technical
##
2016-11-25 15:27:22 +00:00
- Autotune: Do not run any caching rounds in autotune in DEBUG mode if -n and -u are specified
2016-11-25 18:21:35 +00:00
- Bash completion: Removed some v2.01 leftovers in the bash completion configuration
2016-11-25 15:27:22 +00:00
- Benchmark: Do not control fan speed in benchmark mode
- Benchmark: On OSX, some hash-modes can't compile because of OSX OpenCL runtime. Skip them and move on to the next
- Building: Added Makefile target "main_shared", a small how-to-use libhashcat example
- Building: Added many additional compiler warning flags in Makefile to improve static code error detection
- Building: Added missing includes for FreeBSD
- Building: Added some types for windows only in case _BASETSD_H was not set
2016-11-25 18:21:35 +00:00
- Building: Changed Makefile to strip symbols in the linker instead of the compiler
- Building: Defined NOMINMAX macro to prevent definition min and max macros in stdlib header files
2016-11-25 15:27:22 +00:00
- Building: Enabled ASLR and DEP for Windows builds
- Building: Fixed almost all errors reported by cppcheck and scan-build
- Building: On OSX, move '-framework OpenCL' from CFLAGS to LDFLAGS
- Building: On OSX, use clang as default compiler
- Building: Support building on Msys2 environment
- Building: Use .gitmodules to simplify the OpenCL header dependency handling process
- Charsets: Added DES_full.charset
- Data Types: Replaced all integer macros with enumerator types
- Data Types: Replaced all integer variables with true bool variables in case they are used as a bool
- Data Types: Replaced all string macros with static const char types
- Data Types: Replaced all uint and uint32_t to u32
- Data Types: Replaced atoi() with atoll(). Eliminates sign conversion warnings
- Documents: Added docs/credits.txt
- Documents: Added docs/team.txt
2016-11-25 18:21:35 +00:00
- Documents: Changed rules.txt to match v3.20 limitations
- Error handling (file handling): Fixed a couple of filepointer leaks
- Error handling (format strings): Fixed a few printf() formats, ex: use %u instead of %d for uint32_t
- Error handling (memory allocation): Removed memory allocation checks, just print to stderr instead
- Error handling (startup): Added some missing returncode checks to get_exec_path()
- Fanspeed: Check both fanpolicy and fanspeed returncode and disable retain support if any of them fail
2016-11-25 15:27:22 +00:00
- Fanspeed: Minimum fanspeed for retain support increased to 33%, same as NV uses as default on windows
2016-11-25 18:21:35 +00:00
- Fanspeed: Reset PID controler settings to what they were initially
2016-11-25 15:27:22 +00:00
- Fanspeed: Set fan speed to default on quit
- File handling: Do a single write test (for files to be written later) directly on startup
- File locking: Use same locking mechanism in potfile as in outfile
- Hardware management: Fixed calling conventions for ADL, NvAPI and NVML on windows
2016-11-25 18:21:35 +00:00
- Hardware management: Improved checking for successfull load of the NVML API
2016-11-25 15:27:22 +00:00
- Hardware management: In case fanspeed can not be set, disable --gpu-temp-retain automatically
- Hardware management: In case of initialization error show it only once to the user on startup
2016-11-25 18:21:35 +00:00
- Hardware management: Refactored all code to return returncode (0 or -1) instead of data for more easy error handling
2016-11-25 15:27:22 +00:00
- Hardware management: Refactored macros to real functions
- Hardware management: Removed kernel exec timeout detection on NVIDIA, should no longer occur due to autotune
- Hardware management: Replaced NVML registry functions macros with their ascii versions (Adds NVML support for XP)
- Hashlist loading: Do not load data from hashfile if hashfile changed during runtime
2016-11-25 18:21:35 +00:00
- Kernel cache: Fixed checksum building on oversized device version or driver version strings
- Logging: Improved variable names in hashcat.log
2016-11-25 15:27:22 +00:00
- Loopback: Refactored --loopback support completely, no longer a recursive function
- Memory management: Fixed some memory leaks on shutdown
2016-11-25 18:21:35 +00:00
- Memory management: Got rid of all global variables
- Memory management: Got rid of local_free() and global_free(), no longer required
- Memory management: Refactored all variables with HCBUFSIZ_LARGE size from stack to heap, OSX doesn't like that
2016-11-25 15:27:22 +00:00
- OpenCL Headers: Select OpenCL headers tagged for OpenCL 1.2, since we use -cl-std=CL1.2
- OpenCL Kernels: Added const qualifier to variable declaration of matching global memory objects
2016-11-25 18:21:35 +00:00
- OpenCL Kernels: Got rid of one global kernel_threads variable
2016-11-25 15:27:22 +00:00
- OpenCL Kernels: Moved OpenCL requirement from v1.1 to v1.2
2016-11-25 18:21:35 +00:00
- OpenCL Kernels: Recognize reqd_work_group_size() values from OpenCL kernels and use them in the host if possible
2016-11-25 15:27:22 +00:00
- OpenCL Kernels: Refactored common function append_0x01()
- OpenCL Kernels: Refactored common function append_0x02()
- OpenCL Kernels: Refactored common function append_0x80()
- OpenCL Kernels: Refactored rule function append_block1()
- OpenCL Kernels: Refactored rule function rule_op_mangle_delete_last()
- OpenCL Kernels: Refactored rule function rule_op_mangle_dupechar_last()
- OpenCL Kernels: Refactored rule function rule_op_mangle_rotate_left()
- OpenCL Kernels: Refactored rule function rule_op_mangle_rotate_right()
- OpenCL Kernels: Support mixed kernel thread count for mixed kernels in the same source file
- OpenCL Kernels: Switch from clz() to ffz() for bitsliced algorithms
- OpenCL Kernels: Using platform vendor name is better than using device vendor name for function detection
2016-11-25 18:21:35 +00:00
- OpenCL Runtime: Updated AMDGPU-Pro and AMD Radeon driver version check
- OpenCL Runtime: Updated Intel OpenCL runtime version check
- OpenCL Runtime: Updated NVIDIA driver version check
- Password candidates: The maximum word length in a wordlist is 31 not 32, because 0x80 will eventually be appended
2016-11-25 15:27:22 +00:00
- Potfile: Base logic switched; Assuming the potfile is larger than the hashlist it's better to load hashlist instead of potfile entries
- Potfile: In case all hashes were cracking using potfile abort and inform user
- Restore: Automatically unlink restore file if all hashes have been cracked
2016-11-25 18:21:35 +00:00
- Restore: Do not unlink restore file if restore is disabled
2016-11-25 15:27:22 +00:00
- Rules: Refactored macros to real functions
2016-11-25 18:21:35 +00:00
- Status: Added Input.Queue.Base and Input.Queue.Mod to help the user better understand this concept
2016-11-25 15:27:22 +00:00
- Status: Do not wait for the progress mutex to read and store speed timer
2016-11-30 10:12:30 +00:00
- Status: Do not show Recovered/Time when cracking < 1000 hashes
2016-11-30 10:12:56 +00:00
- Status: Do not show Recovered/Time as floats but as integers to reduce over-information
2016-11-25 15:27:22 +00:00
- Tests: Removed rules_test/ subproject: Would require total rewrite but not used in a long time
- Threads: Replaced all calls to getpwuid() with getpwuid_r() to ensure thread safety
- Threads: Replaced all calls to gmtime() with gmtime_r() to ensure thread safety
- Threads: Replaced all calls to strtok() with strtok_r() to ensure thread safety
- Wordlists: Use larger counter variable to handle larger wordlists (that is > 2^32 words)
- X11: Detect missing coolbits and added some help text for the user how to fix it
2016-11-11 12:10:24 +00:00
2016-08-18 19:03:46 +00:00
* changes v3.00 -> v3.10:
2016-06-30 06:48:23 +00:00
##
## Improvements
##
2016-08-19 08:33:03 +00:00
- Added mask display to modes 3, 6, and 7. Allows the user to see the custom character set used during the run
2016-07-08 12:38:57 +00:00
- Make Linux build POSIX compatible; Also allow it to actually compile on musl-libc systems
- Add support to compile on FreeBSD
- Make use of cl_context_properties[] to clCreateContext(), even if OpenCL specification allow the use of NULL, some runtimes fail without
2016-07-01 11:01:02 +00:00
- The Time.Estimated attribute in status display should also show --runtime limit if user set it
2016-07-08 20:57:27 +00:00
- Fix some strict aliasing rule violation on older compilers
- Fix some variable initializers on older compilers
2016-07-08 21:23:16 +00:00
- Replace DARWIN macro with compiler predefined macro __APPLE__
- Replace LINUX macro with compiler predefined macro __linux__
2016-07-09 12:35:38 +00:00
- Allow the use of enc_id == 0 in hash-mode 10600 and 10700 as it takes no part in the actual computation
2016-07-10 11:23:06 +00:00
- Get rid of exit() calls in OpenCL wrapper library with the goal to have a better control which error can be ignored under special circumstances
2016-07-11 15:15:57 +00:00
- Do not error and exit if an OpenCL platform has no devices, just print a warning and continue with the next platform
2016-07-21 08:06:31 +00:00
- Workaround for OpenCL runtimes which do not accept -I parameter in the OpenCL kernel build options even if this is an OpenCL standard option
- Workaround for OpenCL runtimes which do accept -I parameter in the OpenCL kernel build options, but do not allow quotes
2016-07-17 18:32:47 +00:00
- Output cracked hashes on Windows using \r\n and not \n
- Replace RegGetValue() with RegQueryValueEx() to enable Windows XP 32 bit compatibility
2016-07-25 19:51:04 +00:00
- Slightly increased NVidias rule-processing performance by using generic instructions instead of byte_perm()
2016-07-25 20:54:07 +00:00
- Add support for @ rule (RULE_OP_MANGLE_PURGECHAR) to use on GPU
2016-08-18 09:04:23 +00:00
- Add support for --outfile (short -o) to be used together with --stdout
2016-08-18 10:05:45 +00:00
- Skip periodic status output whenever --stdout is used together with stdin mode, but no outfile was specified
2016-08-18 11:48:59 +00:00
- Show error message if --show is used together with --outfile-autohex-disable (this is currently not supported)
2016-08-18 12:39:07 +00:00
- Show error message if --skip/--limit is used together with mask files or --increment
2016-08-19 08:33:03 +00:00
- Workaround for NVidia OpenCL runtime bug causing -m 6223 to not crack any hashes even with the correct password candidate
2016-07-08 12:38:57 +00:00
2016-06-30 06:48:23 +00:00
##
## Bugs
##
2016-08-17 05:35:40 +00:00
- Fixed a bug where CRAM MD5 checked salt length instead of hash length
2016-06-30 06:48:23 +00:00
- Fixed a bug where hashcat is suppressing --machine-readable output in the final status update
2016-07-01 09:24:02 +00:00
- Fixed a bug where hashcat did not check the return of realpath() and crashes uncontrolled if the path does not exist
2016-07-01 11:04:50 +00:00
- Fixed a bug where hashcat crashes for accessing deallocated buffer if user spams "s" shortly before hashcat shuts down
2016-07-04 19:13:23 +00:00
- Fixed a bug where hashcat crashes in case of a scrypt P setting > 1
2016-07-05 13:00:26 +00:00
- Fixed a bug where hashcat did not correctly use the newly cracked plains whenever --loopback or the induction folder was used
2016-07-06 08:05:34 +00:00
- Fixed a bug where hashcat did not correctly remove hashes of type WPA/WPA2 even if present in potfile
2016-07-15 11:30:25 +00:00
- Fixed a bug where hashcat reported an invalid password for a zero-length password in LM
2016-07-24 20:26:40 +00:00
- Fixed a bug where hashcat did not take into account how long it takes to prepare a session when auto-aborting with --runtime is in use
2016-08-17 18:23:25 +00:00
- Fixed a bug where some kernels used COMPARE_M_SIMD instead of COMPARE_S_SIMD in singlehash mode
2016-06-30 06:48:23 +00:00
2016-08-02 13:00:58 +00:00
##
## Algorithms
##
- Added new hash-mode 13900 = OpenCart
2016-04-29 21:19:10 +00:00
* changes v2.01 -> v3.00:
This release markes the fusion of "hashcat" and "oclHashcat" into "hashcat".
It combines all features of all hashcat projects in one project.
##
## Features
##
- Support for Apple OpenCL runtime
- Support for NVidia OpenCL runtime (replaces CUDA)
2016-05-11 09:38:52 +00:00
- Support for Mesa (Gallium) OpenCL runtime
2016-04-29 21:19:10 +00:00
- Support for pocl OpenCL runtime
- Support for Khronos' OSS OpenCL reference implementation for building
- Support to utilize OpenCL devices-types other than GPU, ex: CPU and FPGA
- Support to utilize multiple different OpenCL platforms in parallel, ex: AMD + NV
- Support to utilize multiple different OpenCL device-types in parallel, ex: GPU + CPU
- Added option --opencl-platform to select a specific OpenCL platform
- Added option --opencl-device-types select specific OpenCL device types
- Added option --opencl-vector-width to override automatically selected vector-width size
- Added makefile native compilation target
- Added makefile install and uninstall targets
- Added autotuning engine and user-configurable tuning database
2016-05-29 22:05:46 +00:00
- Added current engine clock, current memory clock and pci-e lanes to the status display
2016-06-18 16:21:40 +00:00
- Added support for --gpu-temp-retain for NVidia GPU, both Linux and Windows
2016-04-29 21:19:10 +00:00
- Added execution timer of the running kernel to the status display
- Added command prompt to quit at next restore checkpoint
- Added human-readable error message for the OpenCL error codes
- Added option --potfile-path to override potfile path
2016-05-19 20:37:43 +00:00
- Added option --veracrypt-keyfile to set Keyfiles used, can be multiple
- Added option --veracrypt-pim to set the VeraCrypt personal iterations multiplier
2016-05-27 08:50:52 +00:00
- Added option --machine-readable for easier parsing of output
2016-06-01 17:01:44 +00:00
- Added option --powertune-enable to work with NVidia devices as well, not just AMD
2016-06-14 19:49:33 +00:00
- Added option --stdout to print candidates instead of trying to crack a hash
2016-04-29 21:19:10 +00:00
##
## Algorithms
##
- Added new hash-mode 125 = ArubaOS
- Added new hash-mode 12900 = Android FDE (Samsung DEK)
- Added new hash-mode 13000 = RAR5
- Added new hash-mode 13100 = Kerberos 5 TGS-REP etype 23
- Added new hash-mode 13200 = AxCrypt
- Added new hash-mode 13300 = AxCrypt in memory SHA1
- Added new hash-mode 13400 = Keepass 1 (AES/Twofish) and Keepass 2 (AES)
- Added new hash-mode 13500 = PeopleSoft PS_TOKEN
2016-05-12 07:26:54 +00:00
- Added new hash-mode 13600 = WinZip
2016-05-19 20:37:43 +00:00
- Added new hash-mode 137** = VeraCrypt
2016-06-10 07:46:41 +00:00
- Added new hash-mode 13800 = Windows 8+ phone PIN/Password
2016-04-29 21:19:10 +00:00
##
## Performance
##
- Full Table: https://docs.google.com/spreadsheets/d/1B1S_t1Z0KsqByH3pNkYUM-RCFMu860nlfSsYEqOoqco/edit#gid=0
##
## Improvements
##
- Reordering of files to help integration into linux distributions ~/.hashcat etc
- Use a profile directory to write temporary files (session, potfile etc.)
2016-11-11 13:47:20 +00:00
- Workaround dependencies on AMD APP-SDK AMD ADL, NV CUDA-SDK, NV ForceWare, NVML and NVAPI; they are no longer required
2016-04-29 21:19:10 +00:00
- Load external libraries dynamic at runtime instead of link them static at compile-time
- Benchmark accuracy improved; Is now on par to: singlehash -a 3 -w 3 ?b?b?b?b?b?b?b
- Benchmark no longer depends on a fixed time
- Removed option --benchmark-mode, therefore support --workload-profile in benchmark-mode
2016-05-28 07:42:41 +00:00
- Enabled support of --machine-readable in combination with --benchmark for automated benchmark processing
- Replaced --status-automat entirely with --machine-readable to make it more consistent among benchmark and non-benchmark mode
2016-04-29 21:19:10 +00:00
- Extended support from 14 to 255 functions calls per rule
2016-05-08 12:39:44 +00:00
- Extended password length up to 32 for 7zip
2016-05-13 13:31:58 +00:00
- Extended salt length up to 55 for raw hash types, eg: md5($pass.$salt)
2016-04-29 21:19:10 +00:00
- Extended version information
- Removed some duplicate rules in T0XlCv1, d3ad0ne and dive
- Redesigned changes.txt layout
2016-05-22 20:25:15 +00:00
- Redesigned --help menu layout
2016-04-29 21:19:10 +00:00
##
## Bugs
##
- Fixed a bug in speed display: In some situation, especially with slow hashes or lots of salts, it showed a speed of 0H/s
- Fixed a bug in restore handling: user immediately aborting after restart broke the restore file
- Fixed a bug in line counter: conditional jump or move depends on an uninitialised value
- Fixed a bug in rule-engine for NVidia devices: code for left- and right-shift were switched
- Fixed a bug in dive.rule: rules were not updated after the function 'x' was renamed to 'O'
- Fixed a bug in memory allocation "OpenCL -4 error": used unitialized value in a special situation
- Fixed a bug in memory handling: heap buffer overflow
- Fixed a bug in memory handling: out of bounds access
- Fixed a bug in implementation of DCC2: forced default iteration count for hashes to 10240
- Fixed a bug in implementation of WPA/WPA2: MAC and nonce stay one their original position as in the hccap file
- Fixed a bug in implementation of GOST R 34.11-94: zero length passwords were not cracked
##
## Technical
##
- Removed deprecated GCC version check requirement
- Removed NPROCS from Makefile, let make automatically detect the optimal number of parallel threads
- Dropped all C++ overloading functions to normal function which helps support more OpenCL platforms
- Renamed functions in common.h to emphasize their purpose
- Refactorized fast-hash kernels to enable SIMD on all OpenCL platforms
- Refactorized SIMD handling: SIMD the inner-loop not the outer-loop to save registers
- Workaround missing clEnqueueFillBuffer() support in certain OpenCL runtimes
- Added amd_bytealign() support in non-AMD OpenCL runtimes
- Added amd_bfe() support in non-AMD OpenCL runtimes
- Added several macros to allow writing optimized code for the different OpenCL platforms
- Replaced typedef for bool with stdbool.h
- Added special DEBUG environment variables to the makefile
- Hashcat now acquires an exclusive lock before writing to any file
- Changed buffers to not use same buffer for both input and output at the same time with snprintf()
- Check for allocatable device-memory depending on kernel_accel amplifier before trying to allocate
- Added additional check for max. ESSID length to prevent possible crashes
- Use a GCC equivalent for __stdcall where applicable
- Synchronize maximum output line size with input line size
- Increased maximum hash line size to 0x50000
- Run weak-hash checks only in straight-attack mode, this greatly reduces code complexity
2016-05-01 18:52:20 +00:00
- Restrict loopback option to straight attack-mode
2016-04-29 21:19:10 +00:00
- Moved rules_optimize to hashcat-utils
- Stick to older libOpenCL in binary package to avoid errors like this: version `OPENCL_2.0' not found
- Tightened hash parser for several algorithms
- Updated old RC4 code in Kerberos 5
- Limited the salt length of Juniper Netscreen/SSG (ScreenOS) hashes to 10
- Updated algorithm used to automatically select an ideal --scrypt-tmto value
- Renamed option --gpu-accel to --kernel-accel
- Renamed option --gpu-loops to --kernel-loops
- Renamed option --gpu-devices to --opencl-devices
2016-05-01 21:15:26 +00:00
- Added inline declaration to functions from simd.c, common.c, rp.c and types_ocl.c to increase performance
- Dropped static declaration from functions in all kernel to achieve OpenCL 1.1 compatibility
- Added -cl-std=CL1.1 to all kernel build options
- Created environment variable to inform NVidia OpenCL runtime to not create its own kernel cache
- Created environment variable to inform pocl OpenCL runtime to not create its own kernel cache
2016-05-05 21:21:15 +00:00
- Dropped special 64-bit rotate() handling for NV, it seems that they've added it to their OpenCL runtime
2016-05-29 22:05:46 +00:00
- Completely get rid of HAVE_ADL, HAVE_NVML and HAVE_NVAPI in sources
2016-06-01 17:01:44 +00:00
- Replaced NVAPI with NVML on windows