* changes v2.01 -> v3.00: This release markes the fusion of "hashcat" and "oclHashcat" into "hashcat". It combines all features of all hashcat projects in one project. ** THE VERSION 3.00 IS CURRENTLY STILL IN BETA ** ## ## Features ## - Support for Apple OpenCL runtime - Support for NVidia OpenCL runtime (replaces CUDA) - Support for Mesa (Gallium) OpenCL runtime - Support for pocl OpenCL runtime - Support for Khronos' OSS OpenCL reference implementation for building - Support to utilize OpenCL devices-types other than GPU, ex: CPU and FPGA - Support to utilize multiple different OpenCL platforms in parallel, ex: AMD + NV - Support to utilize multiple different OpenCL device-types in parallel, ex: GPU + CPU - Added option --opencl-platform to select a specific OpenCL platform - Added option --opencl-device-types select specific OpenCL device types - Added option --opencl-vector-width to override automatically selected vector-width size - Added makefile native compilation target - Added makefile install and uninstall targets - Added autotuning engine and user-configurable tuning database - Added execution timer of the running kernel to the status display - Added command prompt to quit at next restore checkpoint - Added human-readable error message for the OpenCL error codes - Added option --potfile-path to override potfile path - Added option --veracrypt-keyfile to set Keyfiles used, can be multiple - Added option --veracrypt-pim to set the VeraCrypt personal iterations multiplier ## ## Algorithms ## - Added new hash-mode 125 = ArubaOS - Added new hash-mode 12900 = Android FDE (Samsung DEK) - Added new hash-mode 13000 = RAR5 - Added new hash-mode 13100 = Kerberos 5 TGS-REP etype 23 - Added new hash-mode 13200 = AxCrypt - Added new hash-mode 13300 = AxCrypt in memory SHA1 - Added new hash-mode 13400 = Keepass 1 (AES/Twofish) and Keepass 2 (AES) - Added new hash-mode 13500 = PeopleSoft PS_TOKEN - Added new hash-mode 13600 = WinZip - Added new hash-mode 137** = VeraCrypt ## ## Performance ## - Full Table: https://docs.google.com/spreadsheets/d/1B1S_t1Z0KsqByH3pNkYUM-RCFMu860nlfSsYEqOoqco/edit#gid=0 ## ## Improvements ## - Reordering of files to help integration into linux distributions ~/.hashcat etc - Use a profile directory to write temporary files (session, potfile etc.) - Workaround depencies on AMD APP-SDK AMD ADL, NV CUDA-SDK, NV ForceWare, NVML and NVAPI; they are no longer required - Load external libraries dynamic at runtime instead of link them static at compile-time - Benchmark accuracy improved; Is now on par to: singlehash -a 3 -w 3 ?b?b?b?b?b?b?b - Benchmark no longer depends on a fixed time - Removed option --benchmark-mode, therefore support --workload-profile in benchmark-mode - Enabled support of --status-automat in combination with --benchmark for automated benchmark processing - Extended support from 14 to 255 functions calls per rule - Extended password length up to 32 for 7zip - Extended salt length up to 55 for raw hash types, eg: md5($pass.$salt) - Extended version information - Removed some duplicate rules in T0XlCv1, d3ad0ne and dive - Redesigned changes.txt layout ## ## Bugs ## - Fixed a bug in speed display: In some situation, especially with slow hashes or lots of salts, it showed a speed of 0H/s - Fixed a bug in restore handling: user immediately aborting after restart broke the restore file - Fixed a bug in line counter: conditional jump or move depends on an uninitialised value - Fixed a bug in rule-engine for NVidia devices: code for left- and right-shift were switched - Fixed a bug in dive.rule: rules were not updated after the function 'x' was renamed to 'O' - Fixed a bug in memory allocation "OpenCL -4 error": used unitialized value in a special situation - Fixed a bug in memory handling: heap buffer overflow - Fixed a bug in memory handling: out of bounds access - Fixed a bug in implementation of DCC2: forced default iteration count for hashes to 10240 - Fixed a bug in implementation of WPA/WPA2: MAC and nonce stay one their original position as in the hccap file - Fixed a bug in implementation of GOST R 34.11-94: zero length passwords were not cracked ## ## Technical ## - Removed deprecated GCC version check requirement - Removed NPROCS from Makefile, let make automatically detect the optimal number of parallel threads - Dropped all C++ overloading functions to normal function which helps support more OpenCL platforms - Renamed functions in common.h to emphasize their purpose - Refactorized fast-hash kernels to enable SIMD on all OpenCL platforms - Refactorized SIMD handling: SIMD the inner-loop not the outer-loop to save registers - Workaround missing clEnqueueFillBuffer() support in certain OpenCL runtimes - Added amd_bytealign() support in non-AMD OpenCL runtimes - Added amd_bfe() support in non-AMD OpenCL runtimes - Added several macros to allow writing optimized code for the different OpenCL platforms - Replaced typedef for bool with stdbool.h - Added special DEBUG environment variables to the makefile - Hashcat now acquires an exclusive lock before writing to any file - Changed buffers to not use same buffer for both input and output at the same time with snprintf() - Check for allocatable device-memory depending on kernel_accel amplifier before trying to allocate - Added additional check for max. ESSID length to prevent possible crashes - Use a GCC equivalent for __stdcall where applicable - Synchronize maximum output line size with input line size - Increased maximum hash line size to 0x50000 - Run weak-hash checks only in straight-attack mode, this greatly reduces code complexity - Restrict loopback option to straight attack-mode - Moved rules_optimize to hashcat-utils - Stick to older libOpenCL in binary package to avoid errors like this: version `OPENCL_2.0' not found - Tightened hash parser for several algorithms - Updated old RC4 code in Kerberos 5 - Limited the salt length of Juniper Netscreen/SSG (ScreenOS) hashes to 10 - Updated algorithm used to automatically select an ideal --scrypt-tmto value - Renamed option --gpu-accel to --kernel-accel - Renamed option --gpu-loops to --kernel-loops - Renamed option --gpu-devices to --opencl-devices - Added inline declaration to functions from simd.c, common.c, rp.c and types_ocl.c to increase performance - Dropped static declaration from functions in all kernel to achieve OpenCL 1.1 compatibility - Added -cl-std=CL1.1 to all kernel build options - Created environment variable to inform NVidia OpenCL runtime to not create its own kernel cache - Created environment variable to inform pocl OpenCL runtime to not create its own kernel cache - Dropped special 64-bit rotate() handling for NV, it seems that they've added it to their OpenCL runtime