arno/hashcat
1
0
Fork 0
mirror of https://github.com/hashcat/hashcat.git synced 2025-01-12 00:31:41 +00:00
Code Issues Releases Wiki Activity

Redesigned hashcat --help menu

Browse Source
This commit is contained in:
jsteube 2016-05-22 21:46:06 +02:00
parent c4333c4025
commit 73fd95ac01
1 changed files with 369 additions and 400 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

769
src/hashcat.c
View File

@ -19,7 +19,7 @@ const char *PROGNAME = "hashcat";
const uint VERSION_BIN = 300;
const uint RESTORE_MIN = 300;
double TARGET_MS_PROFILE[3] = { 8, 16, 96 };
double TARGET_MS_PROFILE[4] = { 8, 16, 96, 512 };
#define INCR_RULES 10000
#define INCR_SALTS 100000
@ -349,426 +349,395 @@ const char *USAGE_BIG[] =
"",
"Usage: %s [options]... hash|hashfile|hccapfile [dictionary|mask|directory]...",
"",
"=======",
"Options",
"=======",
"###########",
"# Options #",
"###########",
"",
"* General:",
"",
" -m, --hash-type=NUM Hash-type, see references below",
" -a, --attack-mode=NUM Attack-mode, see references below",
" -V, --version Print version",
" -h, --help Print help",
" --quiet Suppress output",
"",
"* Misc:",
"",
" --hex-charset Assume charset is given in hex",
" --hex-salt Assume salt is given in hex",
" --hex-wordlist Assume words in wordlist is given in hex",
" --force Ignore warnings",
" --status Enable automatic update of the status-screen",
" --status-timer=NUM Seconds between status-screen update",
" --status-automat Display the status view in a machine readable format",
" --loopback Add new plains to induct directory",
" --weak-hash-threshold=NUM Threshold when to stop checking for weak hashes, default is 100 salts",
"",
"* Markov:",
"",
" --markov-hcstat=FILE Specify hcstat file to use, default is hashcat.hcstat",
" --markov-disable Disables markov-chains, emulates classic brute-force",
" --markov-classic Enables classic markov-chains, no per-position enhancement",
" -t, --markov-threshold=NUM Threshold when to stop accepting new markov-chains",
"",
"* Session:",
"",
" --runtime=NUM Abort session after NUM seconds of runtime",
" --session=STR Define specific session name",
" --restore Restore session from --session",
" --restore-disable Do not write restore file",
"",
"* Files:",
"",
" -o, --outfile=FILE Define outfile for recovered hash",
" --outfile-format=NUM Define outfile-format for recovered hash, see references below",
" --outfile-autohex-disable Disable the use of $HEX[] in output plains",
" --outfile-check-timer=NUM Seconds between outfile checks",
" -p, --separator=CHAR Separator char for hashlists and outfile",
" --show Show cracked passwords only",
" --left Show un-cracked passwords only",
" --username Enable ignoring of usernames in hashfile (recommended: also use --show)",
" --remove Enable remove of hash once it is cracked",
" --remove-timer=NUM Update input hash file each NUM seconds",
" --potfile-disable Do not write potfile",
" --potfile-path Specific path to potfile",
" --debug-mode=NUM Defines the debug mode (hybrid only by using rules), see references below",
" --debug-file=FILE Output file for debugging rules (see also --debug-mode)",
" --induction-dir=FOLDER Specify induction directory to use, default is $session.induct",
" --outfile-check-dir=FOLDER Specify the outfile directory which should be monitored, default is $session.outfiles",
" --logfile-disable Disable the logfile",
" --truecrypt-keyfiles=FILE Keyfiles used, separate with comma",
" --veracrypt-keyfiles=FILE Keyfiles used, separate with comma",
" --veracrypt-pim=NUM VeraCrypt personal iterations multiplier",
"",
"* Resources:",
"",
" -b, --benchmark Run benchmark",
" --benchmark-repeats=NUM Repeat the kernel on the device NUM times to increase benchmark accuracy",
" -c, --segment-size=NUM Size in MB to cache from the wordfile",
" --bitmap-min=NUM Minimum number of bits allowed for bitmaps",
" --bitmap-max=NUM Maximum number of bits allowed for bitmaps",
" --cpu-affinity=STR Locks to CPU devices, separate with comma",
" --opencl-platforms=STR OpenCL platforms to use, separate with comma",
" -d, --opencl-devices=STR OpenCL devices to use, separate with comma",
" --opencl-device-types=STR OpenCL device-types to use, separate with comma, see references below",
" --opencl-vector-width=NUM OpenCL vector-width (either 1, 2, 4, 8 or 16), overrides value from device query",
" -w, --workload-profile=NUM Enable a specific workload profile, see references below",
" -n, --kernel-accel=NUM Workload tuning, increase the outer-loop step size (outdated option, use -w)",
" -u, --kernel-loops=NUM Workload tuning, increase the inner-loop step size (outdated option, use -w)",
" --gpu-temp-disable Disable temperature and fanspeed readings and triggers",
" Short- | Long- | Parameter- | Description | Example",
" Option | Option | Type | |",
"--------+---------------------------+------------+------------------------------------------------------+---------------------",
" -m | --hash-type | Number | Hash-type, see references below | -m 1000",
" -a | --attack-mode | Number | Attack-mode, see references below | -a 3",
" -V | --version | | Print version | --version",
" -h | --help | | Print help | --help",
" | --quiet | | Suppress output | --quiet",
" | --hex-charset | | Assume charset is given in hex | --hex-charset",
" | --hex-salt | | Assume salt is given in hex | --hex-salt",
" | --hex-wordlist | | Assume words in wordlist is given in hex | --hex-wordlist",
" | --force | | Ignore warnings | --force",
" | --status | | Enable automatic update of the status-screen | --status",
" | --status-timer | Number | Sets seconds between status-screen update to X | --status-timer=1",
" | --status-automat | | Display the status view in a machine readable format | --status-automat",
" | --loopback | | Add new plains to induct directory | --loopback",
" | --weak-hash-threshold | Number | Threshold X when to stop checking for weak hashes | --weak-hash-threshold=0",
" | --markov-hcstat | File | Specify hcstat file to use, default is hashcat.hcstat| --markiv-hcstat=my.hcstat",
" | --markov-disable | | Disables markov-chains, emulates classic brute-force | --markov-disable",
" | --markov-classic | | Enables classic markov-chains, no per-position | --markov-classic",
" -t | --markov-threshold | Number | Threshold X when to stop accepting new markov-chains | -t 50",
" | --runtime | Number | Abort session after X seconds of runtime | --runtime=10",
" | --session | String | Define specific session name | --session=mysession",
" | --restore | | Restore session from --session | --restore",
" | --restore-disable | | Do not write restore file | --restore-disable",
" -o | --outfile | File | Define outfile for recovered hash | -o outfile.txt",
" | --outfile-format | Number | Define outfile-format X for recovered hash | --outfile-format=7",
" | --outfile-autohex-disable | | Disable the use of $HEX[] in output plains | --outfile-autohex-disable",
" | --outfile-check-timer | Number | Sets seconds between outfile checks to X | --outfile-check-timer=30",
" -p | --separator | Char | Separator char for hashlists and outfile | -p :",
" | --show | | Show cracked passwords only | --show",
" | --left | | Show un-cracked passwords only | --left",
" | --username | | Enable ignoring of usernames in hashfile | --username",
" | --remove | | Enable remove of hash once it is cracked | --remove",
" | --remove-timer | Number | Update input hash file each X seconds | --remove-timer=30",
" | --potfile-disable | | Do not write potfile | --potfile-disable",
" | --potfile-path | | Specific path to potfile | --potfile-path=hashcat.pot",
" | --debug-mode | Number | Defines the debug mode (hybrid only by using rules) | --debug-mode=4",
" | --debug-file | File | Output file for debugging rules | --debug-file=goodrules.log",
" | --induction-dir | Folder | Specify the induction directory to use for loopback | --induction-dir=inducts",
" | --outfile-check-dir | Folder | Specify the outfile directory to monitor for plains | --outfile-check-dir=ext",
" | --logfile-disable | | Disable the logfile | --logfile-disable",
" | --truecrypt-keyfiles | File | Keyfiles used, separate with comma | --truecrypt-keyfiles=xx.png",
" | --veracrypt-keyfiles | File | Keyfiles used, separate with comma | --veracrypt-keyfiles=xx.png",
" | --veracrypt-pim | Number | VeraCrypt personal iterations multiplier | --veracrypt-pim=1000",
" -b | --benchmark | | Run benchmark | -b",
" -c | --segment-size | Number | Sets size in MB to cache from the wordfile to X | -c 32",
" | --bitmap-min | Number | Sets minimum bits allowed for bitmaps to X | --bitmap-min=24",
" | --bitmap-max | Number | Sets maximum bits allowed for bitmaps to X | --bitmap-min=24",
" | --cpu-affinity | String | Locks to CPU devices, separate with comma | --cpu-affinity=1,2,3,4",
" | --opencl-platforms | String | OpenCL platforms to use, separate with comma | --opencl-platforms=2",
" -d | --opencl-devices | String | OpenCL devices to use, separate with comma | -d 1",
" | --opencl-device-types | String | OpenCL device-types to use, separate with comma | --opencl-device-types=1,2",
" | --opencl-vector-width | Number | Manual override OpenCL vector-width to X | --opencl-vector-width=4",
" -w | --workload-profile | Number | Enable a specific workload profile, see pool below | -w 3",
" -n | --kernel-accel | Number | Manual workload tuning, set outerloop step size to X | -n 64",
" -u | --kernel-loops | Number | Manual workload tuning, set innerloop step size to X | -u 256",
" | --gpu-temp-disable | | Disable temperature and fanspeed reads and triggers | --gpu-temp-disable",
#ifdef HAVE_HWMON
" --gpu-temp-abort=NUM Abort session if GPU temperature reaches NUM degrees celsius",
" --gpu-temp-retain=NUM Try to retain GPU temperature at NUM degrees celsius (AMD only)",
" | --gpu-temp-abort | Number | Abort if GPU temperature reaches X degrees celsius | --gpu-temp-abort=100",
" | --gpu-temp-retain | Number | Try to retain GPU temperature at X degrees celsius | --gpu-temp-retain=95",
#ifdef HAVE_ADL
" --powertune-enable Enable automatic power tuning option (AMD OverDrive 6 only)",
" | --powertune-enable | | Enable automatic power tuning (AMD OverDrive 6 only) | --powertune-enable",
#endif
#endif
" --scrypt-tmto=NUM Manually override automatically calculated TMTO value for scrypt",
" | --scrypt-tmto | Number | Manually override TMTO value for scrypt to X | --scrypt-tmto=3",
" -s | --skip | Number | Skip X words from the start | -s 1000000",
" -l | --limit | Number | Limit X words from the start + skipped words | -l 1000000",
" | --keyspace | | Show keyspace base:mod values and quit | --keyspace",
" -j | --rule-left | Rule | Single Rule applied to each word from left wordlist | -j 'c'",
" -k | --rule-right | Rule | Single Rule applied to each word from right wordlist | -k '^-'",
" -r | --rules-file | File | Multiple Rules applied to each word from wordlists | -r rules/best64.rule",
" -g | --generate-rules | | Enable generate random rules | -g 10000",
" | --generate-rules-func-min | Number | Force min X funcs per rule |",
" | --generate-rules-func-max | Number | Force max X funcs per rule |",
" | --generate-rules-seed | Number | Force RNG seed set to X |",
" -1 | --custom-charset1 | Charset | User-defined charset ?1 | -1 ?l?d?u",
" -2 | --custom-charset2 | Charset | User-defined charset ?2 | -2 ?l?d?s",
" -3 | --custom-charset3 | Charset | User-defined charset ?3 |",
" -4 | --custom-charset4 | Charset | User-defined charset ?4 |",
" -i | --increment | | Enable mask increment mode | --increment",
" | --increment-min | Number | Start mask incrementing at X | --increment-min=4",
" | --increment-max | Number | Stop mask incrementing at X | --increment-max=8",
"",
"* Distributed:",
"################",
"## Hash modes ##",
"################",
"",
" -s, --skip=NUM Skip number of words",
" -l, --limit=NUM Limit number of words",
" --keyspace Show keyspace base:mod values and quit",
" # | Name | Category",
" ------+--------------------------------------------------+--------------------------------------",
" 900 | MD4 | Raw Hash",
" 0 | MD5 | Raw Hash",
" 5100 | Half MD5 | Raw Hash",
" 100 | SHA1 | Raw Hash",
" 10800 | SHA-384 | Raw Hash",
" 1400 | SHA-256 | Raw Hash",
" 1700 | SHA-512 | Raw Hash",
" 5000 | SHA-3(Keccak) | Raw Hash",
" 10100 | SipHash | Raw Hash",
" 6000 | RipeMD160 | Raw Hash",
" 6100 | Whirlpool | Raw Hash",
" 6900 | GOST R 34.11-94 | Raw Hash",
" 11700 | GOST R 34.11-2012 (Streebog) 256-bit | Raw Hash",
" 11800 | GOST R 34.11-2012 (Streebog) 512-bit | Raw Hash",
" 10 | md5($pass.$salt) | Raw Hash, Salted and / or Iterated",
" 20 | md5($salt.$pass) | Raw Hash, Salted and / or Iterated",
" 30 | md5(unicode($pass).$salt) | Raw Hash, Salted and / or Iterated",
" 40 | md5($salt.unicode($pass)) | Raw Hash, Salted and / or Iterated",
" 3800 | md5($salt.$pass.$salt) | Raw Hash, Salted and / or Iterated",
" 3710 | md5($salt.md5($pass)) | Raw Hash, Salted and / or Iterated",
" 2600 | md5(md5($pass) | Raw Hash, Salted and / or Iterated",
" 4300 | md5(strtoupper(md5($pass))) | Raw Hash, Salted and / or Iterated",
" 4400 | md5(sha1($pass)) | Raw Hash, Salted and / or Iterated",
" 110 | sha1($pass.$salt) | Raw Hash, Salted and / or Iterated",
" 120 | sha1($salt.$pass) | Raw Hash, Salted and / or Iterated",
" 130 | sha1(unicode($pass).$salt) | Raw Hash, Salted and / or Iterated",
" 140 | sha1($salt.unicode($pass)) | Raw Hash, Salted and / or Iterated",
" 4500 | sha1(sha1($pass) | Raw Hash, Salted and / or Iterated",
" 4700 | sha1(md5($pass)) | Raw Hash, Salted and / or Iterated",
" 4900 | sha1($salt.$pass.$salt) | Raw Hash, Salted and / or Iterated",
" 1410 | sha256($pass.$salt) | Raw Hash, Salted and / or Iterated",
" 1420 | sha256($salt.$pass) | Raw Hash, Salted and / or Iterated",
" 1430 | sha256(unicode($pass).$salt) | Raw Hash, Salted and / or Iterated",
" 1440 | sha256($salt.unicode($pass)) | Raw Hash, Salted and / or Iterated",
" 1710 | sha512($pass.$salt) | Raw Hash, Salted and / or Iterated",
" 1720 | sha512($salt.$pass) | Raw Hash, Salted and / or Iterated",
" 1730 | sha512(unicode($pass).$salt) | Raw Hash, Salted and / or Iterated",
" 1740 | sha512($salt.unicode($pass)) | Raw Hash, Salted and / or Iterated",
" 50 | HMAC-MD5 (key = $pass) | Raw Hash, Authenticated",
" 60 | HMAC-MD5 (key = $salt) | Raw Hash, Authenticated",
" 150 | HMAC-SHA1 (key = $pass) | Raw Hash, Authenticated",
" 160 | HMAC-SHA1 (key = $salt) | Raw Hash, Authenticated",
" 1450 | HMAC-SHA256 (key = $pass) | Raw Hash, Authenticated",
" 1460 | HMAC-SHA256 (key = $salt) | Raw Hash, Authenticated",
" 1750 | HMAC-SHA512 (key = $pass) | Raw Hash, Authenticated",
" 1760 | HMAC-SHA512 (key = $salt) | Raw Hash, Authenticated",
" 400 | phpass | Generic KDF",
" 8900 | scrypt | Generic KDF",
" 11900 | PBKDF2-HMAC-MD5 | Generic KDF",
" 12000 | PBKDF2-HMAC-SHA1 | Generic KDF",
" 10900 | PBKDF2-HMAC-SHA256 | Generic KDF",
" 12100 | PBKDF2-HMAC-SHA512 | Generic KDF",
" 23 | Skype | Network protocols",
" 2500 | WPA/WPA2 | Network protocols",
" 4800 | iSCSI CHAP authentication, MD5(Chap) | Network protocols",
" 5300 | IKE-PSK MD5 | Network protocols",
" 5400 | IKE-PSK SHA1 | Network protocols",
" 5500 | NetNTLMv1 | Network protocols",
" 5500 | NetNTLMv1 + ESS | Network protocols",
" 5600 | NetNTLMv2 | Network protocols",
" 7300 | IPMI2 RAKP HMAC-SHA1 | Network protocols",
" 7500 | Kerberos 5 AS-REQ Pre-Auth etype 23 | Network protocols",
" 8300 | DNSSEC (NSEC3) | Network protocols",
" 10200 | Cram MD5 | Network protocols",
" 11100 | PostgreSQL CRAM (MD5) | Network protocols",
" 11200 | MySQL CRAM (SHA1) | Network protocols",
" 11400 | SIP digest authentication (MD5) | Network protocols",
" 13100 | Kerberos 5 TGS-REP etype 23 | Network protocols",
" 121 | SMF (Simple Machines Forum) | Forums, CMS, E-Commerce, Frameworks",
" 400 | phpBB3 | Forums, CMS, E-Commerce, Frameworks",
" 2611 | vBulletin < v3.8.5 | Forums, CMS, E-Commerce, Frameworks",
" 2711 | vBulletin > v3.8.5 | Forums, CMS, E-Commerce, Frameworks",
" 2811 | MyBB | Forums, CMS, E-Commerce, Frameworks",
" 2811 | IPB (Invison Power Board) | Forums, CMS, E-Commerce, Frameworks",
" 8400 | WBB3 (Woltlab Burning Board) | Forums, CMS, E-Commerce, Frameworks",
" 11 | Joomla < 2.5.18 | Forums, CMS, E-Commerce, Frameworks",
" 400 | Joomla > 2.5.18 | Forums, CMS, E-Commerce, Frameworks",
" 400 | Wordpress | Forums, CMS, E-Commerce, Frameworks",
" 2612 | PHPS | Forums, CMS, E-Commerce, Frameworks",
" 7900 | Drupal7 | Forums, CMS, E-Commerce, Frameworks",
" 21 | osCommerce | Forums, CMS, E-Commerce, Frameworks",
" 21 | xt:Commerce | Forums, CMS, E-Commerce, Frameworks",
" 11000 | PrestaShop | Forums, CMS, E-Commerce, Frameworks",
" 124 | Django (SHA-1) | Forums, CMS, E-Commerce, Frameworks",
" 10000 | Django (PBKDF2-SHA256) | Forums, CMS, E-Commerce, Frameworks",
" 3711 | Mediawiki B type | Forums, CMS, E-Commerce, Frameworks",
" 7600 | Redmine | Forums, CMS, E-Commerce, Frameworks",
" 12 | PostgreSQL | Database Server",
" 131 | MSSQL(2000) | Database Server",
" 132 | MSSQL(2005) | Database Server",
" 1731 | MSSQL(2012) | Database Server",
" 1731 | MSSQL(2014) | Database Server",
" 200 | MySQL323 | Database Server",
" 300 | MySQL4.1/MySQL5 | Database Server",
" 3100 | Oracle H: Type (Oracle 7+) | Database Server",
" 112 | Oracle S: Type (Oracle 11+) | Database Server",
" 12300 | Oracle T: Type (Oracle 12+) | Database Server",
" 8000 | Sybase ASE | Database Server",
" 141 | EPiServer 6.x < v4 | HTTP, SMTP, LDAP Server",
" 1441 | EPiServer 6.x > v4 | HTTP, SMTP, LDAP Server",
" 1600 | Apache $apr1$ | HTTP, SMTP, LDAP Server",
" 12600 | ColdFusion 10+ | HTTP, SMTP, LDAP Server",
" 1421 | hMailServer | HTTP, SMTP, LDAP Server",
" 101 | nsldap, SHA-1(Base64), Netscape LDAP SHA | HTTP, SMTP, LDAP Server",
" 111 | nsldaps, SSHA-1(Base64), Netscape LDAP SSHA | HTTP, SMTP, LDAP Server",
" 1711 | SSHA-512(Base64), LDAP {SSHA512} | HTTP, SMTP, LDAP Server",
" 11500 | CRC32 | Checksums",
" 3000 | LM | Operating-Systems",
" 1000 | NTLM | Operating-Systems",
" 1100 | Domain Cached Credentials (DCC), MS Cache | Operating-Systems",
" 2100 | Domain Cached Credentials 2 (DCC2), MS Cache 2 | Operating-Systems",
" 12800 | MS-AzureSync PBKDF2-HMAC-SHA256 | Operating-Systems",
" 1500 | descrypt, DES(Unix), Traditional DES | Operating-Systems",
" 12400 | BSDiCrypt, Extended DES | Operating-Systems",
" 500 | md5crypt $1$, MD5(Unix) | Operating-Systems",
" 3200 | bcrypt $2*$, Blowfish(Unix) | Operating-Systems",
" 7400 | sha256crypt $5$, SHA256(Unix) | Operating-Systems",
" 1800 | sha512crypt $6$, SHA512(Unix) | Operating-Systems",
" 122 | OSX v10.4, OSX v10.5, OSX v10.6 | Operating-Systems",
" 1722 | OSX v10.7 | Operating-Systems",
" 7100 | OSX v10.8, OSX v10.9, OSX v10.10 | Operating-Systems",
" 6300 | AIX {smd5} | Operating-Systems",
" 6700 | AIX {ssha1} | Operating-Systems",
" 6400 | AIX {ssha256} | Operating-Systems",
" 6500 | AIX {ssha512} | Operating-Systems",
" 2400 | Cisco-PIX | Operating-Systems",
" 2410 | Cisco-ASA | Operating-Systems",
" 500 | Cisco-IOS $1$ | Operating-Systems",
" 5700 | Cisco-IOS $4$ | Operating-Systems",
" 9200 | Cisco-IOS $8$ | Operating-Systems",
" 9300 | Cisco-IOS $9$ | Operating-Systems",
" 22 | Juniper Netscreen/SSG (ScreenOS) | Operating-Systems",
" 501 | Juniper IVE | Operating-Systems",
" 5800 | Android PIN | Operating-Systems",
" 8100 | Citrix Netscaler | Operating-Systems",
" 8500 | RACF | Operating-Systems",
" 7200 | GRUB 2 | Operating-Systems",
" 9900 | Radmin2 | Operating-Systems",
" 125 | ArubaOS | Operating-Systems",
" 7700 | SAP CODVN B (BCODE) | Enterprise Application Software (EAS)",
" 7800 | SAP CODVN F/G (PASSCODE) | Enterprise Application Software (EAS)",
" 10300 | SAP CODVN H (PWDSALTEDHASH) iSSHA-1 | Enterprise Application Software (EAS)",
" 8600 | Lotus Notes/Domino 5 | Enterprise Application Software (EAS)",
" 8700 | Lotus Notes/Domino 6 | Enterprise Application Software (EAS)",
" 9100 | Lotus Notes/Domino 8 | Enterprise Application Software (EAS)",
" 133 | PeopleSoft | Enterprise Application Software (EAS)",
" 13500 | PeopleSoft Token | Enterprise Application Software (EAS)",
" 11600 | 7-Zip | Archives",
" 12500 | RAR3-hp | Archives",
" 13000 | RAR5 | Archives",
" 13200 | AxCrypt | Archives",
" 13300 | AxCrypt in memory SHA1 | Archives",
" 13600 | WinZip | Archives",
" 62XY | TrueCrypt | Full-Disk encryptions (FDE)",
" X | 1 = PBKDF2-HMAC-RipeMD160 | Full-Disk encryptions (FDE)",
" X | 2 = PBKDF2-HMAC-SHA512 | Full-Disk encryptions (FDE)",
" X | 3 = PBKDF2-HMAC-Whirlpool | Full-Disk encryptions (FDE)",
" X | 4 = PBKDF2-HMAC-RipeMD160 + boot-mode | Full-Disk encryptions (FDE)",
" Y | 1 = XTS 512 bit pure AES | Full-Disk encryptions (FDE)",
" Y | 1 = XTS 512 bit pure Serpent | Full-Disk encryptions (FDE)",
" Y | 1 = XTS 512 bit pure Twofish | Full-Disk encryptions (FDE)",
" Y | 2 = XTS 1024 bit pure AES | Full-Disk encryptions (FDE)",
" Y | 2 = XTS 1024 bit pure Serpent | Full-Disk encryptions (FDE)",
" Y | 2 = XTS 1024 bit pure Twofish | Full-Disk encryptions (FDE)",
" Y | 2 = XTS 1024 bit cascaded AES-Twofish | Full-Disk encryptions (FDE)",
" Y | 2 = XTS 1024 bit cascaded Serpent-AES | Full-Disk encryptions (FDE)",
" Y | 2 = XTS 1024 bit cascaded Twofish-Serpent | Full-Disk encryptions (FDE)",
" Y | 3 = XTS 1536 bit all | Full-Disk encryptions (FDE)",
" 8800 | Android FDE < v4.3 | Full-Disk encryptions (FDE)",
" 12900 | Android FDE (Samsung DEK) | Full-Disk encryptions (FDE)",
" 12200 | eCryptfs | Full-Disk encryptions (FDE)",
" 137XY | VeraCrypt | Full-Disk encryptions (FDE)",
" X | 1 = PBKDF2-HMAC-RipeMD160 | Full-Disk encryptions (FDE)",
" X | 2 = PBKDF2-HMAC-SHA512 | Full-Disk encryptions (FDE)",
" X | 3 = PBKDF2-HMAC-Whirlpool | Full-Disk encryptions (FDE)",
" X | 4 = PBKDF2-HMAC-RipeMD160 + boot-mode | Full-Disk encryptions (FDE)",
" X | 5 = PBKDF2-HMAC-SHA256 | Full-Disk encryptions (FDE)",
" X | 6 = PBKDF2-HMAC-SHA256 + boot-mode | Full-Disk encryptions (FDE)",
" Y | 1 = XTS 512 bit pure AES | Full-Disk encryptions (FDE)",
" Y | 1 = XTS 512 bit pure Serpent | Full-Disk encryptions (FDE)",
" Y | 1 = XTS 512 bit pure Twofish | Full-Disk encryptions (FDE)",
" Y | 2 = XTS 1024 bit pure AES | Full-Disk encryptions (FDE)",
" Y | 2 = XTS 1024 bit pure Serpent | Full-Disk encryptions (FDE)",
" Y | 2 = XTS 1024 bit pure Twofish | Full-Disk encryptions (FDE)",
" Y | 2 = XTS 1024 bit cascaded AES-Twofish | Full-Disk encryptions (FDE)",
" Y | 2 = XTS 1024 bit cascaded Serpent-AES | Full-Disk encryptions (FDE)",
" Y | 2 = XTS 1024 bit cascaded Twofish-Serpent | Full-Disk encryptions (FDE)",
" Y | 3 = XTS 1536 bit all | Full-Disk encryptions (FDE)",
" 9700 | MS Office <= 2003 $0|$1, MD5 + RC4 | Documents",
" 9710 | MS Office <= 2003 $0|$1, MD5 + RC4, collider #1 | Documents",
" 9720 | MS Office <= 2003 $0|$1, MD5 + RC4, collider #2 | Documents",
" 9800 | MS Office <= 2003 $3|$4, SHA1 + RC4 | Documents",
" 9810 | MS Office <= 2003 $3|$4, SHA1 + RC4, collider #1 | Documents",
" 9820 | MS Office <= 2003 $3|$4, SHA1 + RC4, collider #2 | Documents",
" 9400 | MS Office 2007 | Documents",
" 9500 | MS Office 2010 | Documents",
" 9600 | MS Office 2013 | Documents",
" 10400 | PDF 1.1 - 1.3 (Acrobat 2 - 4) | Documents",
" 10410 | PDF 1.1 - 1.3 (Acrobat 2 - 4), collider #1 | Documents",
" 10420 | PDF 1.1 - 1.3 (Acrobat 2 - 4), collider #2 | Documents",
" 10500 | PDF 1.4 - 1.6 (Acrobat 5 - 8) | Documents",
" 10600 | PDF 1.7 Level 3 (Acrobat 9) | Documents",
" 10700 | PDF 1.7 Level 8 (Acrobat 10 - 11) | Documents",
" 9000 | Password Safe v2 | Password Managers",
" 5200 | Password Safe v3 | Password Managers",
" 6800 | Lastpass + Lastpass sniffed | Password Managers",
" 6600 | 1Password, agilekeychain | Password Managers",
" 8200 | 1Password, cloudkeychain | Password Managers",
" 11300 | Bitcoin/Litecoin wallet.dat | Password Managers",
" 12700 | Blockchain, My Wallet | Password Managers",
" 13400 | Keepass 1 (AES/Twofish) and Keepass 2 (AES) | Password Managers",
"",
"* Rules:",
"#####################",
"## Outfile Formats ##",
"#####################",
"",
" -j, --rule-left=RULE Single rule applied to each word from left dict",
" -k, --rule-right=RULE Single rule applied to each word from right dict",
" -r, --rules-file=FILE Rules-file, multi use: -r 1.rule -r 2.rule",
" -g, --generate-rules=NUM Generate NUM random rules",
" --generate-rules-func-min=NUM Force NUM functions per random rule min",
" --generate-rules-func-max=NUM Force NUM functions per random rule max",
" --generate-rules-seed=NUM Force RNG seed to NUM",
" # | Format",
" ---+--------",
" 1 | hash[:salt]",
" 2 | plain",
" 3 | hash[:salt]:plain",
" 4 | hex_plain",
" 5 | hash[:salt]:hex_plain",
" 6 | plain:hex_plain",
" 7 | hash[:salt]:plain:hex_plain",
" 8 | crackpos",
" 9 | hash[:salt]:crack_pos",
" 10 | plain:crack_pos",
" 11 | hash[:salt]:plain:crack_pos",
" 12 | hex_plain:crack_pos",
" 13 | hash[:salt]:hex_plain:crack_pos",
" 14 | plain:hex_plain:crack_pos",
" 15 | hash[:salt]:plain:hex_plain:crack_pos",
"",
"* Custom charsets:",
"##########################",
"## Rule Debugging Modes ##",
"##########################",
"",
" -1, --custom-charset1=CS User-defined charsets",
" -2, --custom-charset2=CS Example:",
" -3, --custom-charset3=CS --custom-charset1=?dabcdef : sets charset ?1 to 0123456789abcdef",
" -4, --custom-charset4=CS -2 mycharset.hcchr : sets charset ?2 to chars contained in file",
" # | Format",
" ---+--------",
" 1 | Finding-Rule",
" 2 | Original-Word",
" 3 | Original-Word:Finding-Rule",
" 4 | Original-Word:Finding-Rule:Processed-Word",
"",
"* Increment:",
"##################",
"## Attack Modes ##",
"##################",
"",
" -i, --increment Enable increment mode",
" --increment-min=NUM Start incrementing at NUM",
" --increment-max=NUM Stop incrementing at NUM",
" # | Mode",
" ---+------",
" 0 | Straight",
" 1 | Combination",
" 3 | Brute-force",
" 6 | Hybrid Wordlist + Mask",
" 7 | Hybrid Mask + Wordlist",
"",
"==========",
"References",
"==========",
"#######################",
"## Built-in Charsets ##",
"#######################",
"",
"* Workload Profile:",
" ? | Charset",
" ---+---------",
" l | abcdefghijklmnopqrstuvwxyz",
" u | ABCDEFGHIJKLMNOPQRSTUVWXYZ",
" d | 0123456789",
" s | !\"#$%%&'()*+,-./:;<=>?@[\\]^_`{|}~",
" a | ?l?u?d?s",
" b | 0x00 - 0xff",
"",
" 1 = Interactive performance profile, kernel execution runtime to 8ms, lower latency desktop, lower speed",
" 2 = Default performance profile, kernel execution runtime to 16ms, economic setting",
" 3 = Headless performance profile, kernel execution runtime to 96ms, higher latency desktop, higher speed",
"#########################",
"## OpenCL Device Types ##",
"#########################",
"",
"* OpenCL device-types:",
" # | Device Type",
" ---+-------------",
" 1 | CPU",
" 2 | GPU",
" 3 | FPGA, DSP, Co-Processor",
"",
" 1 = CPU devices",
" 2 = GPU devices",
" 3 = Accelerator devices (FPGA, CELL Blade, etc.)",
"#######################",
"## Workload Profiles ##",
"#######################",
"",
"* Outfile Formats:",
" # | Performance | Runtime | Power Consumption | Desktop Impact",
" ---+-------------+---------+-------------------+----------------",
" 1 | Low | 8 ms | Low | Minimal",
" 2 | Default | 16 ms | Economic | Noticeable",
" 3 | High | 96 ms | High | Unresponsive",
" 4 | Nightmare | 512 ms | Insane | Headless",
"",
" 1 = hash[:salt]",
" 2 = plain",
" 3 = hash[:salt]:plain",
" 4 = hex_plain",
" 5 = hash[:salt]:hex_plain",
" 6 = plain:hex_plain",
" 7 = hash[:salt]:plain:hex_plain",
" 8 = crackpos",
" 9 = hash[:salt]:crackpos",
" 10 = plain:crackpos",
" 11 = hash[:salt]:plain:crackpos",
" 12 = hex_plain:crackpos",
" 13 = hash[:salt]:hex_plain:crackpos",
" 14 = plain:hex_plain:crackpos",
" 15 = hash[:salt]:plain:hex_plain:crackpos",
"If you have no idea what just happend, please visit the following pages:",
"",
"* Debug mode output formats (for hybrid mode only, by using rules):",
"",
" 1 = save finding rule",
" 2 = save original word",
" 3 = save original word and finding rule",
" 4 = save original word, finding rule and modified plain",
"",
"* Built-in charsets:",
"",
" ?l = abcdefghijklmnopqrstuvwxyz",
" ?u = ABCDEFGHIJKLMNOPQRSTUVWXYZ",
" ?d = 0123456789",
" ?s = !\"#$%%&'()*+,-./:;<=>?@[\\]^_`{|}~",
" ?a = ?l?u?d?s",
" ?b = 0x00 - 0xff",
"",
"* Attack modes:",
"",
" 0 = Straight",
" 1 = Combination",
" 3 = Brute-force",
" 6 = Hybrid dict + mask",
" 7 = Hybrid mask + dict",
"",
"* Hash types:",
"",
"[[ Roll-your-own: Raw Hashes ]]",
"",
" 900 = MD4",
" 0 = MD5",
" 5100 = Half MD5",
" 100 = SHA1",
" 10800 = SHA-384",
" 1400 = SHA-256",
" 1700 = SHA-512",
" 5000 = SHA-3(Keccak)",
" 10100 = SipHash",
" 6000 = RipeMD160",
" 6100 = Whirlpool",
" 6900 = GOST R 34.11-94",
" 11700 = GOST R 34.11-2012 (Streebog) 256-bit",
" 11800 = GOST R 34.11-2012 (Streebog) 512-bit",
"",
"[[ Roll-your-own: Iterated and / or Salted Hashes ]]",
"",
" 10 = md5($pass.$salt)",
" 20 = md5($salt.$pass)",
" 30 = md5(unicode($pass).$salt)",
" 40 = md5($salt.unicode($pass))",
" 3800 = md5($salt.$pass.$salt)",
" 3710 = md5($salt.md5($pass))",
" 2600 = md5(md5($pass)",
" 4300 = md5(strtoupper(md5($pass)))",
" 4400 = md5(sha1($pass))",
" 110 = sha1($pass.$salt)",
" 120 = sha1($salt.$pass)",
" 130 = sha1(unicode($pass).$salt)",
" 140 = sha1($salt.unicode($pass))",
" 4500 = sha1(sha1($pass)",
" 4700 = sha1(md5($pass))",
" 4900 = sha1($salt.$pass.$salt)",
" 1410 = sha256($pass.$salt)",
" 1420 = sha256($salt.$pass)",
" 1430 = sha256(unicode($pass).$salt)",
" 1440 = sha256($salt.unicode($pass))",
" 1710 = sha512($pass.$salt)",
" 1720 = sha512($salt.$pass)",
" 1730 = sha512(unicode($pass).$salt)",
" 1740 = sha512($salt.unicode($pass))",
"",
"[[ Roll-your-own: Authenticated Hashes ]]",
"",
" 50 = HMAC-MD5 (key = $pass)",
" 60 = HMAC-MD5 (key = $salt)",
" 150 = HMAC-SHA1 (key = $pass)",
" 160 = HMAC-SHA1 (key = $salt)",
" 1450 = HMAC-SHA256 (key = $pass)",
" 1460 = HMAC-SHA256 (key = $salt)",
" 1750 = HMAC-SHA512 (key = $pass)",
" 1760 = HMAC-SHA512 (key = $salt)",
"",
"[[ Generic KDF ]]",
"",
" 400 = phpass",
" 8900 = scrypt",
" 11900 = PBKDF2-HMAC-MD5",
" 12000 = PBKDF2-HMAC-SHA1",
" 10900 = PBKDF2-HMAC-SHA256",
" 12100 = PBKDF2-HMAC-SHA512",
"",
"[[ Network protocols, Challenge-Response ]]",
"",
" 23 = Skype",
" 2500 = WPA/WPA2",
" 4800 = iSCSI CHAP authentication, MD5(Chap)",
" 5300 = IKE-PSK MD5",
" 5400 = IKE-PSK SHA1",
" 5500 = NetNTLMv1",
" 5500 = NetNTLMv1 + ESS",
" 5600 = NetNTLMv2",
" 7300 = IPMI2 RAKP HMAC-SHA1",
" 7500 = Kerberos 5 AS-REQ Pre-Auth etype 23",
" 8300 = DNSSEC (NSEC3)",
" 10200 = Cram MD5",
" 11100 = PostgreSQL Challenge-Response Authentication (MD5)",
" 11200 = MySQL Challenge-Response Authentication (SHA1)",
" 11400 = SIP digest authentication (MD5)",
" 13100 = Kerberos 5 TGS-REP etype 23",
"",
"[[ Forums, CMS, E-Commerce, Frameworks, Middleware, Wiki, Management ]]",
"",
" 121 = SMF (Simple Machines Forum)",
" 400 = phpBB3",
" 2611 = vBulletin < v3.8.5",
" 2711 = vBulletin > v3.8.5",
" 2811 = MyBB",
" 2811 = IPB (Invison Power Board)",
" 8400 = WBB3 (Woltlab Burning Board)",
" 11 = Joomla < 2.5.18",
" 400 = Joomla > 2.5.18",
" 400 = Wordpress",
" 2612 = PHPS",
" 7900 = Drupal7",
" 21 = osCommerce",
" 21 = xt:Commerce",
" 11000 = PrestaShop",
" 124 = Django (SHA-1)",
" 10000 = Django (PBKDF2-SHA256)",
" 3711 = Mediawiki B type",
" 7600 = Redmine",
"",
"[[ Database Server ]]",
"",
" 12 = PostgreSQL",
" 131 = MSSQL(2000)",
" 132 = MSSQL(2005)",
" 1731 = MSSQL(2012)",
" 1731 = MSSQL(2014)",
" 200 = MySQL323",
" 300 = MySQL4.1/MySQL5",
" 3100 = Oracle H: Type (Oracle 7+)",
" 112 = Oracle S: Type (Oracle 11+)",
" 12300 = Oracle T: Type (Oracle 12+)",
" 8000 = Sybase ASE",
"",
"[[ HTTP, SMTP, LDAP Server ]]",
"",
" 141 = EPiServer 6.x < v4",
" 1441 = EPiServer 6.x > v4",
" 1600 = Apache $apr1$",
" 12600 = ColdFusion 10+",
" 1421 = hMailServer",
" 101 = nsldap, SHA-1(Base64), Netscape LDAP SHA",
" 111 = nsldaps, SSHA-1(Base64), Netscape LDAP SSHA",
" 1711 = SSHA-512(Base64), LDAP {SSHA512}",
"",
"[[ Checksums ]]",
"",
" 11500 = CRC32",
"",
"[[ Operating-Systems ]]",
"",
" 3000 = LM",
" 1000 = NTLM",
" 1100 = Domain Cached Credentials (DCC), MS Cache",
" 2100 = Domain Cached Credentials 2 (DCC2), MS Cache 2",
" 12800 = MS-AzureSync PBKDF2-HMAC-SHA256",
" 1500 = descrypt, DES(Unix), Traditional DES",
" 12400 = BSDiCrypt, Extended DES",
" 500 = md5crypt $1$, MD5(Unix)",
" 3200 = bcrypt $2*$, Blowfish(Unix)",
" 7400 = sha256crypt $5$, SHA256(Unix)",
" 1800 = sha512crypt $6$, SHA512(Unix)",
" 122 = OSX v10.4",
" 122 = OSX v10.5",
" 122 = OSX v10.6",
" 1722 = OSX v10.7",
" 7100 = OSX v10.8",
" 7100 = OSX v10.9",
" 7100 = OSX v10.10",
" 6300 = AIX {smd5}",
" 6700 = AIX {ssha1}",
" 6400 = AIX {ssha256}",
" 6500 = AIX {ssha512}",
" 2400 = Cisco-PIX",
" 2410 = Cisco-ASA",
" 500 = Cisco-IOS $1$",
" 5700 = Cisco-IOS $4$",
" 9200 = Cisco-IOS $8$",
" 9300 = Cisco-IOS $9$",
" 22 = Juniper Netscreen/SSG (ScreenOS)",
" 501 = Juniper IVE",
" 5800 = Android PIN",
" 8100 = Citrix Netscaler",
" 8500 = RACF",
" 7200 = GRUB 2",
" 9900 = Radmin2",
" 125 = ArubaOS",
"",
"[[ Enterprise Application Software (EAS) ]]",
"",
" 7700 = SAP CODVN B (BCODE)",
" 7800 = SAP CODVN F/G (PASSCODE)",
" 10300 = SAP CODVN H (PWDSALTEDHASH) iSSHA-1",
" 8600 = Lotus Notes/Domino 5",
" 8700 = Lotus Notes/Domino 6",
" 9100 = Lotus Notes/Domino 8",
" 133 = PeopleSoft",
" 13500 = PeopleSoft Token",
"",
"[[ Archives ]]",
"",
" 11600 = 7-Zip",
" 12500 = RAR3-hp",
" 13000 = RAR5",
" 13200 = AxCrypt",
" 13300 = AxCrypt in memory SHA1",
" 13600 = WinZip",
"",
"[[ Full-Disk encryptions (FDE) ]]",
"",
" 62XY = TrueCrypt",
" X = 1 = PBKDF2-HMAC-RipeMD160",
" X = 2 = PBKDF2-HMAC-SHA512",
" X = 3 = PBKDF2-HMAC-Whirlpool",
" X = 4 = PBKDF2-HMAC-RipeMD160 + boot-mode",
" Y = 1 = XTS 512 bit (Ciphers: AES or Serpent or Twofish)",
" Y = 2 = XTS 1024 bit (Ciphers: AES or Serpent or Twofish or AES-Twofish or Serpent-AES or Twofish-Serpent)",
" Y = 3 = XTS 1536 bit (Ciphers: All)",
" 8800 = Android FDE < v4.3",
" 12900 = Android FDE (Samsung DEK)",
" 12200 = eCryptfs",
" 137XY = VeraCrypt",
" X = 1 = PBKDF2-HMAC-RipeMD160",
" X = 2 = PBKDF2-HMAC-SHA512",
" X = 3 = PBKDF2-HMAC-Whirlpool",
" X = 4 = PBKDF2-HMAC-RipeMD160 + boot-mode",
" X = 5 = PBKDF2-HMAC-SHA256",
" X = 6 = PBKDF2-HMAC-SHA256 + boot-mode",
" Y = 1 = XTS 512 bit (Ciphers: AES or Serpent or Twofish)",
" Y = 2 = XTS 1024 bit (Ciphers: AES or Serpent or Twofish or AES-Twofish or Serpent-AES or Twofish-Serpent)",
" Y = 3 = XTS 1536 bit (Ciphers: All)",
"",
"[[ Documents ]]",
"",
" 9700 = MS Office <= 2003 MD5 + RC4, oldoffice$0, oldoffice$1",
" 9710 = MS Office <= 2003 MD5 + RC4, collider-mode #1",
" 9720 = MS Office <= 2003 MD5 + RC4, collider-mode #2",
" 9800 = MS Office <= 2003 SHA1 + RC4, oldoffice$3, oldoffice$4",
" 9810 = MS Office <= 2003 SHA1 + RC4, collider-mode #1",
" 9820 = MS Office <= 2003 SHA1 + RC4, collider-mode #2",
" 9400 = MS Office 2007",
" 9500 = MS Office 2010",
" 9600 = MS Office 2013",
" 10400 = PDF 1.1 - 1.3 (Acrobat 2 - 4)",
" 10410 = PDF 1.1 - 1.3 (Acrobat 2 - 4) + collider-mode #1",
" 10420 = PDF 1.1 - 1.3 (Acrobat 2 - 4) + collider-mode #2",
" 10500 = PDF 1.4 - 1.6 (Acrobat 5 - 8)",
" 10600 = PDF 1.7 Level 3 (Acrobat 9)",
" 10700 = PDF 1.7 Level 8 (Acrobat 10 - 11)",
"",
"[[ Password Managers ]]",
"",
" 9000 = Password Safe v2",
" 5200 = Password Safe v3",
" 6800 = Lastpass",
" 6600 = 1Password, agilekeychain",
" 8200 = 1Password, cloudkeychain",
" 11300 = Bitcoin/Litecoin wallet.dat",
" 12700 = Blockchain, My Wallet",
" 13400 = Keepass 1 (AES/Twofish) and Keepass 2 (AES)",
"* https://hashcat.net/wiki/#howtos_videos_papers_articles_etc_in_the_wild",
"* https://hashcat.net/wiki/#frequently_asked_questions",
"",
NULL
};