* changes v6.1.1 -> v6.x.x ## ## Algorithms ## - Added hash-mode: Bitwarden - Added hash-mode: Apple iWork - Added hash-mode: RSA/DSA/EC/OPENSSH Private Keys ## ## Bugs ## - Fixed too early execution of some module functions which could make use of non-final values opts_type and opti_type - Fixed internal access on module option attribute OPTS_TYPE_SUGGEST_KG with the result that it was unused - Fixed race condition resulting in out of memory error on startup if multiple hashcat instances are started at the same time - Fixed unexpected non-unique salts in multi-hash cracking in Bitcoin/Litecoin wallet.dat module which lead to false negatives ## ## Improvements ## - Startup time: Improved the startup time by avoiding some time intensive operations for skipped devices ## ## Technical ## - Hash-Mode 13200 (AxCrypt): Changed the name to AxCrypt 1 to avoid confusion - Hash-Mode 13300 (AxCrypt in-memory SHA1): Changed the name to AxCrypt 1 in-memory SHA1 * changes v6.1.0 -> v6.1.1 ## ## Bugs ## - Fixed unresolvable relative paths in hashcat.log * changes v6.0.0 -> v6.1.0 ## ## Algorithms ## - Added hash-mode: Apple Keychain - Added hash-mode: XMPP SCRAM ## ## Bugs ## - Fixed alias detection with additional processor core count check - Fixed false negatives in hash-mode 10901 if hash-mode 9200, 10000, 10900 or 20300 was used to compile the kernel binary - Fixed integer overflow for large masks in -a 6 attack mode - Fixed maximum password length in modules of hash-modes 600, 7800, 7801 and 9900 - Fixed non-zero status code when using --stdout - Fixed uninitialized value in bitsliced DES kernel (BF mode only) leading to false negatives ## ## Improvements ## - Compile macOS: Fixed makefile target 'clean' to correctly remove *.dSYM folders - Compile ZLIB: Fixed makefile include paths in case USE_SYSTEM_ZLIB is used - Hcchr Files: Renamed some .charset files into .hcchr files - Hash-Mode 21200 (md5(sha1($salt).md5($pass))): Improved speed by using pre-computed SHA1 - OpenCL Devices: Utilize PCI domain to improve alias device detection - OpenCL Kernels: Added datatypes to literals of enum costants - OpenCL Kernels: Added pure kernels for hash-mode 600 (BLAKE2b-512) - OpenCL Runtime: Add some unstable warnings for some SHA512 based algorithms on AMD GPU on macOS - OpenCL Runtime: Reinterpret return code CL_DEVICE_NOT_FOUND from clGetDeviceIDs() as non-fatal ## ## Technical ## - Backend: Changed the maximum number of compute devices from 64 to 128 - Tests: Improved tests for hash-mode 11300 (Bitcoin/Litecoin wallet.dat) - Tests: Improved tests for hash-mode 13200 (AxCrypt) - Tests: Improved tests for hash-mode 13600 (WinZip) - Tests: Improved tests for hash-mode 16400 (CRAM-MD5 Dovecot) - Tests: Improved tests for hash-mode 16800 (WPA-PMKID-PBKDF2) * changes v5.1.0 -> v6.0.0 ## ## Features ## - Refactored hash-mode integration and replaced it with a fully modularized plugin interface - Converted all existing hardwired hash-modes to hashcat plugins - Added comprehensive plugin developer guide on adding new/custom hash-modes to hashcat - Refactored compute backend interface to allow adding compute API other than OpenCL - Added CUDA as a new compute backend (enables hashcat to run on NVIDIA Jetson, IBM POWER9 w/ Nvidia V100, etc.) - Support automatic use of all available GPU memory when using CUDA backend - Support automatic use of all available CPU cores for hash-mode-specific hooks - Support on-the-fly loading of compressed wordlists in zip and gzip format - Support deflate decompression for the 7-Zip hash-mode using zlib hook - Added additional documentation on hashcat brain, slow-candidate interface and keyboard-layout mapping features - Keep output of --show and --left in the original ordering of the input hash file - Improved performance of many hash-modes ## ## Algorithms ## - Added hash-mode: AES Crypt (SHA256) - Added hash-mode: Android Backup - Added hash-mode: AuthMe sha256 - Added hash-mode: BitLocker - Added hash-mode: BitShares v0.x - Added hash-mode: Blockchain, My Wallet, Second Password (SHA256) - Added hash-mode: Citrix NetScaler (SHA512) - Added hash-mode: DiskCryptor - Added hash-mode: Electrum Wallet (Salt-Type 3-5) - Added hash-mode: Huawei Router sha1(md5($pass).$salt) - Added hash-mode: Java Object hashCode() - Added hash-mode: Kerberos 5 Pre-Auth etype 17 (AES128-CTS-HMAC-SHA1-96) - Added hash-mode: Kerberos 5 Pre-Auth etype 18 (AES256-CTS-HMAC-SHA1-96) - Added hash-mode: Kerberos 5 TGS-REP etype 17 (AES128-CTS-HMAC-SHA1-96) - Added hash-mode: Kerberos 5 TGS-REP etype 18 (AES256-CTS-HMAC-SHA1-96) - Added hash-mode: MultiBit Classic .key (MD5) - Added hash-mode: MultiBit HD (scrypt) - Added hash-mode: MySQL $A$ (sha256crypt) - Added hash-mode: Open Document Format (ODF) 1.1 (SHA-1, Blowfish) - Added hash-mode: Open Document Format (ODF) 1.2 (SHA-256, AES) - Added hash-mode: Oracle Transportation Management (SHA256) - Added hash-mode: PKZIP archive encryption - Added hash-mode: PKZIP Master Key - Added hash-mode: Python passlib pbkdf2-sha1 - Added hash-mode: Python passlib pbkdf2-sha256 - Added hash-mode: Python passlib pbkdf2-sha512 - Added hash-mode: QNX /etc/shadow (MD5) - Added hash-mode: QNX /etc/shadow (SHA256) - Added hash-mode: QNX /etc/shadow (SHA512) - Added hash-mode: RedHat 389-DS LDAP (PBKDF2-HMAC-SHA256) - Added hash-mode: Ruby on Rails Restful-Authentication - Added hash-mode: SecureZIP AES-128 - Added hash-mode: SecureZIP AES-192 - Added hash-mode: SecureZIP AES-256 - Added hash-mode: SolarWinds Orion - Added hash-mode: Telegram Desktop App Passcode (PBKDF2-HMAC-SHA1) - Added hash-mode: Telegram Mobile App Passcode (SHA256) - Added hash-mode: Web2py pbkdf2-sha512 - Added hash-mode: WPA-PBKDF2-PMKID+EAPOL - Added hash-mode: WPA-PMK-PMKID+EAPOL - Added hash-mode: md5($salt.sha1($salt.$pass)) - Added hash-mode: md5(sha1($pass).md5($pass).sha1($pass)) - Added hash-mode: md5(sha1($salt).md5($pass)) - Added hash-mode: sha1(md5(md5($pass))) - Added hash-mode: sha1(md5($pass.$salt)) - Added hash-mode: sha1(md5($pass).$salt) - Added hash-mode: sha1($salt1.$pass.$salt2) - Added hash-mode: sha256(md5($pass)) - Added hash-mode: sha256($salt.$pass.$salt) - Added hash-mode: sha256(sha256_bin($pass)) - Added hash-mode: sha256(sha256($pass).$salt) ## ## Bugs ## - Fixed buffer overflow in build_plain() function - Fixed buffer overflow in mp_add_cs_buf() function - Fixed calculation of brain-session ID - only the first hash of the hashset was taken into account - Fixed cleanup of password candidate buffers on GPU as set from autotune when -n parameter was used - Fixed copy/paste error leading to invalid "Integer overflow detected in keyspace of mask" in attack-mode 6 and 7 - Fixed cracking multiple Office hashes (modes 9500, 9600) if hashes shared the same salt - Fixed cracking of Blockchain, My Wallet (V1 and V2) hashes when testing decrypted data in unexpected format - Fixed cracking of Cisco-PIX and Cisco-ASA MD5 passwords in mask-attack mode when mask > length 16 - Fixed cracking of DNSSEC (NSEC3) hashes by replacing all dots in the passwords with lengths - Fixed cracking of Electrum Wallet Salt-Type 2 hashes - Fixed cracking of NetNTLMv1 passwords in mask-attack mode when mask > length 16 (optimized kernels only) - Fixed cracking of RAR3-hp hashes with pure kernel for passwords longer than 28 bytes - Fixed cracking of VeraCrypt Streebog-512 hashes (CPU only) - Fixed cracking raw Streebog-HMAC 256 and 512 hashes for passwords of length >= 64 - Fixed cracking raw Whirlpool hashes cracking for passwords of length >= 32 - Fixed incorrect progress-only result in a special race condition - Fixed invalid call of mp_css_utf16le_expand()/mp_css_utf16be_expand() in slow-candidate sessions - Fixed invalid password truncation in attack-mode 1 when the final password is longer than 32 characters - Fixed invalid use of --hex-wordlist if encoded wordlist string is larger than length 256 - Fixed maximum password length limit which was announced as 256 but was actually 255 - Fixed out-of-boundary read in pure kernel rule engine rule 'p' when parameter was set to 2 or higher - Fixed out-of-boundary write to decrypted[] in DPAPI masterkey file v1 kernel - Fixed output of IKE PSK (mode 5300 and 5400) hashes to use separators in the correct position - Fixed output password of "e" rule in pure and CPU rule engine when separator character is also the first letter - Fixed problem with usage of hexadecimal notation (\x00-\xff) within rules - Fixed race condition in maskfile mode by using a dedicated flag for restore execution - Fixed some memory leaks when hashcat is shutting down due to some file error - Fixed some memory leaks when mask-files are used in optimized mode - Fixed --status-json to correctly escape certain characters in hashes - Fixed the 7-Zip parser to allow the entire supported range of encrypted and decrypted data lengths - Fixed the validation of the --brain-client-features command line argument (only values 1, 2 or 3 are allowed) ## ## Improvements ## - Bitcoin Wallet: Be more user friendly by allowing a larger data range for ckey and public_key - Brain: Added new parameter --brain-server-timer to specify seconds between scheduled backups - Building: Fix for library compilation failure due to multiple defenition of sbob_xx64() - Cracking bcrypt and Password Safe v2: Use feedback from the compute API backend to dynamically calculate optimal thread count - Dictstat: On Windows, the st_ino attribute in the stat struct is not set, which can lead to invalid cache hits. Added the filename to the database entry. - Documents: Added README on how to build hashcat on Cygwin, MSYS2 and WSL - File handling: Print a truncation warning when an oversized line is detected - My Wallet: Added additional plaintext pattern used in newer versions - Office cracking: Support hash format with second block data for 40-bit oldoffice files (eliminates false positives) - OpenCL Runtime: Added a warning if OpenCL runtime NEO, Beignet, POCL (v1.4 or older) or MESA is detected, and skip associated devices (override with --force) - OpenCL Runtime: Allow the kernel to access post-48k shared memory region on CUDA. Requires both module and kernel preparation - OpenCL Runtime: Disable OpenCL kernel cache on Apple for Intel CPU (throws CL_BUILD_PROGRAM_FAILURE for no reason) - OpenCL Runtime: Do not run shared- or constant-memory size checks if their memory type is of type global memory (typically CPU) - OpenCL Runtime: Improve ROCm detection and make sure to not confuse with recent AMDGPU drivers - OpenCL Runtime: Not using amd_bytealign (amd_bitalign is fine) on AMDGPU driver drastically reduces JiT segfaults - OpenCL Runtime: Unlocked maximum thread count for NVIDIA GPU - OpenCL Runtime: Update unstable mode warnings for Apple and AMDGPU drivers - OpenCL Runtime: Workaround JiT compiler error on AMDGPU driver compiling WPA-EAPOL-PBKDF2 OpenCL kernel - OpenCL Runtime: Workaround JiT compiler error on ROCm 2.3 driver if the 'inline' keyword is used in function declaration - OpenCL Runtime: Workaround memory allocation error on AMD driver on Windows leading to CL_MEM_OBJECT_ALLOCATION_FAILURE - OpenCL Runtime: Removed some workarounds by calling chdir() to specific folders on startup - Outfile: Added new system to specify the outfile format, the new --outfile-format now also supports timestamps - Startup Checks: Improved the pidfile check: Do not just check for existing PID, but also check executable filename - Startup Checks: Prevent the user from modifying options which are overwritten automatically in benchmark mode - Startup Screen: Add extra warning when using --force - Startup Screen: Add extra warning when using --keep-guessing - Startup Screen: Provide an estimate of host memory required for the requested attack - Status Screen: Added brain status for all compute devices - Status Screen: Added remaining counts and changed recovered count logic - Status Screen: Added --status-json flag for easier machine reading of hashcat status output - Tab Completion: Allow using "make install" version of hashcat - Tuning Database: Updated hashcat.hctune with new models and refreshed vector width values - VeraCrypt: Added support for VeraCrypt PIM brute-force, replaced --veracrypt-pim with --veracrypt-pim-start and --veracrypt-pim-stop - WipZip cracking: Added two byte early reject, resulting in higher cracking speed - WPA/WPA2 cracking: In the potfile, replace password with PMK in order to detect already cracked networks across all WPA modes ## ## Technical ## - Backend Interface: Added new options --backend-ignore-cuda and --backend-ingore-opencl to prevent CUDA and/or OpenCL API from being used - Binary Distribution: Removed 32-bit binary executables - Building: On macOS, switch from ar to /usr/bin/ar to improve building compatibility - Building: Skipping Travis/Appveyor build for non-code changes - Codebase: Cleanup of many unused rc_* variables - Codebase: Fixed some printf() format arguments - Codebase: Fixed some type casting to avoid truncLongCastAssignment warnings - Codebase: Moved hc_* file functions from shared.c to filehandling.c - Codebase: Ran through a bunch of clang-tidy checkers and updated code accordingly - Codebase: Remove redundant calls to fclose() - Dependencies: Updated LZMA-Headers from 18.05 to 19.00 - Dependencies: Updated OpenCL-Headers to latest version from GitHub master repository - Hash-Mode 12500 (RAR3-hp): Allow cracking of passwords up to length 64 - Hash-mode 1460 (HMAC-SHA256 (key = $salt)): Allow up to 64 byte of salt - Hash-Mode 1680x (WPA-PMKID) specific: Changed separator character from '*' to ':' - Hash-Mode 8300 (DNSSEC (NSEC3)) specific: Allow empty salt - Keep Guessing: No longer automatically activate --keep-guessing for modes 9720, 9820, 14900 and 18100 - Keep Guessing: No longer mark hashes as cracked/removed when in potfile - Kernel Cache: Reactivate OpenCL runtime specific kernel caches - Kernel Compile: Removed -cl-std= from all kernel build options since we're compatible to all OpenCL versions - OpenCL Kernels: Fix OpenCL compiler warning on double precision constants - OpenCL Kernels: Moved "gpu_decompress", "gpu_memset" and "gpu_atinit" into shared.cl in order to reduce compile time - OpenCL Options: Removed --opencl-platforms filter in order to force backend device numbers to stay constant - OpenCL Options: Set --spin-damp to 0 (disabled) by default. With the CUDA backend this workaround became deprecated - Parsers: switched from strtok() to strtok_r() for thread safety - Requirements: Add new requirement for NVIDIA GPU: CUDA Toolkit (9.0 or later) - Requirements: Update runtime check for minimum NVIDIA driver version from 367.x to 440.64 or later - Test Script: Switched from /bin/bash to generic /bin/sh and updated code accordingly * changes v5.0.0 -> v5.1.0 ## ## Features ## - Added support for using --stdout in brain-client mode - Added new option --stdin-timeout-abort, to set how long hashcat should wait for stdin input before aborting - Added new option --kernel-threads to manually override the automatically-calculated number of threads - Added new option --keyboard-layout-mapping to map users keyboard layout, required to crack TC/VC system boot volumes ## ## Algorithms ## - Added pure kernels for hash-mode 11700 (Streebog-256) - Added pure kernels for hash-mode 11800 (Streebog-512) - Added hash-mode 11750 (HMAC-Streebog-256 (key = $pass), big-endian) - Added hash-mode 11760 (HMAC-Streebog-256 (key = $salt), big-endian) - Added hash-mode 11850 (HMAC-Streebog-512 (key = $pass), big-endian) - Added hash-mode 11860 (HMAC-Streebog-512 (key = $salt), big-endian) - Added hash-mode 13771 (VeraCrypt PBKDF2-HMAC-Streebog-512 + XTS 512 bit) - Added hash-mode 13772 (VeraCrypt PBKDF2-HMAC-Streebog-512 + XTS 1024 bit) - Added hash-mode 13773 (VeraCrypt PBKDF2-HMAC-Streebog-512 + XTS 1536 bit) - Added hash-mode 18200 (Kerberos 5 AS-REP etype 23) - Added hash-mode 18300 (Apple File System (APFS)) - Added Kuznyechik cipher and cascades support for VeraCrypt kernels - Added Camellia cipher and cascades support for VeraCrypt kernels ## ## Improvements ## - OpenCL Devices: Add support for up to 64 OpenCL devices per system - OpenCL Platforms: Add support for up to 64 OpenCL platforms per system - OpenCL Runtime: Use our own yielding technique for synchronizing rather than vendor specific - Startup: Show OpenCL runtime initialization message (per device) - xxHash: Added support for using the version provided by the OS/distribution ## ## Bugs ## - Fixed automated calculation of brain-session when not using all hashes in the hashlist - Fixed calculation of brain-attack if a given wordlist has zero size - Fixed checking the length of the last token in a hash if it was given the attribute TOKEN_ATTR_FIXED_LENGTH - Fixed endianness and invalid separator character in outfile format for hash-mode 16801 (WPA-PMKID-PMK) - Fixed ignoring --brain-client-features configuration when brain server has attack-position information from a previous run - Fixed invalid hardware monitor detection in benchmark mode - Fixed invalid warnings about throttling when --hwmon-disable was used - Fixed missing call to WSACleanup() to cleanly shutdown windows sockets system - Fixed missing call to WSAStartup() and client indexing in order to start the brain server on Windows - Fixed out-of-boundary read in DPAPI masterkey file v2 OpenCL kernel - Fixed out-of-bounds write in short-term memory of the brain server - Fixed output of --speed-only and --progress-only when fast hashes are used in combination with --slow-candidates - Fixed selection of OpenCL devices (-d) if there's more than 32 OpenCL devices installed - Fixed status output of progress value when -S and -l are used in combination - Fixed thread count maximum for pure kernels in straight attack mode ## ## Technical ## - Brain: Set --brain-client-features default from 3 to 2 - Dependencies: Added xxHash and OpenCL-Headers to deps/ in order to allow building hashcat from GitHub source release package - Dependencies: Removed gitmodules xxHash and OpenCL-Headers - Keymaps: Added hashcat keyboard mapping us.hckmap (can be used as template) - Keymaps: Added hashcat keyboard mapping de.hckmap - Hardware Monitor: Renamed --gpu-temp-abort to --hwmon-temp-abort - Hardware Monitor: Renamed --gpu-temp-disable to --hwmon-disable - Memory: Limit maximum host memory allocation depending on bitness - Memory: Reduced default maximum bitmap size from 24 to 18 and give a notice to use --bitmap-max to restore - Parameter: Rename --nvidia-spin-damp to --spin-damp (now accessible for all devices) - Pidfile: Treat a corrupted pidfile like a not existing pidfile - OpenCL Device: Do a real query on OpenCL local memory type instead of just assuming it - OpenCL Runtime: Disable auto-vectorization for Intel OpenCL runtime to workaround hanging JiT since version 18.1.0.013 - Tests: Added hash-mode 11700 (Streebog-256) - Tests: Added hash-mode 11750 (HMAC-Streebog-256 (key = $pass), big-endian) - Tests: Added hash-mode 11760 (HMAC-Streebog-256 (key = $salt), big-endian) - Tests: Added hash-mode 11800 (Streebog-512) - Tests: Added hash-mode 11850 (HMAC-Streebog-512 (key = $pass), big-endian) - Tests: Added hash-mode 11860 (HMAC-Streebog-512 (key = $salt), big-endian) - Tests: Added hash-mode 13711 (VeraCrypt PBKDF2-HMAC-RIPEMD160 + XTS 512 bit) - Tests: Added hash-mode 13712 (VeraCrypt PBKDF2-HMAC-RIPEMD160 + XTS 1024 bit) - Tests: Added hash-mode 13713 (VeraCrypt PBKDF2-HMAC-RIPEMD160 + XTS 1536 bit) - Tests: Added hash-mode 13721 (VeraCrypt PBKDF2-HMAC-SHA512 + XTS 512 bit) - Tests: Added hash-mode 13722 (VeraCrypt PBKDF2-HMAC-SHA512 + XTS 1024 bit) - Tests: Added hash-mode 13723 (VeraCrypt PBKDF2-HMAC-SHA512 + XTS 1536 bit) - Tests: Added hash-mode 13731 (VeraCrypt PBKDF2-HMAC-Whirlpool + XTS 512 bit) - Tests: Added hash-mode 13732 (VeraCrypt PBKDF2-HMAC-Whirlpool + XTS 1024 bit) - Tests: Added hash-mode 13733 (VeraCrypt PBKDF2-HMAC-Whirlpool + XTS 1536 bit) - Tests: Added hash-mode 13751 (VeraCrypt PBKDF2-HMAC-SHA256 + XTS 512 bit) - Tests: Added hash-mode 13752 (VeraCrypt PBKDF2-HMAC-SHA256 + XTS 1024 bit) - Tests: Added hash-mode 13753 (VeraCrypt PBKDF2-HMAC-SHA256 + XTS 1536 bit) - Tests: Added hash-mode 13771 (VeraCrypt PBKDF2-HMAC-Streebog-512 + XTS 512 bit) - Tests: Added hash-mode 13772 (VeraCrypt PBKDF2-HMAC-Streebog-512 + XTS 1024 bit) - Tests: Added hash-mode 13773 (VeraCrypt PBKDF2-HMAC-Streebog-512 + XTS 1536 bit) - Tests: Added VeraCrypt containers for Kuznyechik cipher and cascades - Tests: Added VeraCrypt containers for Camellia cipher and cascades * changes v4.2.1 -> v5.0.0 ## ## Features ## - Added new option --slow-candidates which allows hashcat to generate passwords on-host - Added new option --brain-server to start a hashcat brain server - Added new option --brain-client to start a hashcat brain client, automatically activates --slow-candidates - Added new option --brain-host and --brain-port to specify ip and port of brain server, both listening and connecting - Added new option --brain-session to override automatically calculated brain session ID - Added new option --brain-session-whitelist to allow only explicit written session ID on brain server - Added new option --brain-password to specify the brain server authentication password - Added new option --brain-client-features which allows enable and disable certain features of the hashcat brain ## ## Algorithms ## - Added hash-mode 17300 = SHA3-224 - Added hash-mode 17400 = SHA3-256 - Added hash-mode 17500 = SHA3-384 - Added hash-mode 17600 = SHA3-512 - Added hash-mode 17700 = Keccak-224 - Added hash-mode 17800 = Keccak-256 - Added hash-mode 17900 = Keccak-384 - Added hash-mode 18000 = Keccak-512 - Added hash-mode 18100 = TOTP (HMAC-SHA1) - Removed hash-mode 5000 = SHA-3 (Keccak) ## ## Improvements ## - Added additional hybrid "passthrough" rules, to enable variable-length append/prepend attacks - Added a periodic check for read timeouts in stdin/pipe mode, and abort if no input was provided - Added a tracker for salts, amplifier and iterations to the status screen - Added option --markov-hcstat2 to make it clear that the new hcstat2 format (compressed hcstat2gen output) must be used - Allow bitcoin master key lengths other than 96 bytes (but they must be always multiples of 16) - Allow hashfile for -m 16800 to be used with -m 16801 - Allow keepass iteration count to be larger than 999999 - Changed algorithms using colon as separators in the hash to not use the hashconfig separator on parsing - Do not allocate memory segments for bitmap tables if we don't need it - for example, in benchmark mode - Got rid of OPTS_TYPE_HASH_COPY for Ansible Vault - Improved the speed of the outfile folder scan when using many hashes/salts - Increased the maximum size of edata2 in Kerberos 5 TGS-REP etype 23 - Make the masks parser more restrictive by rejecting a single '?' at the end of the mask (use ?? instead) - Override --quiet and show final status screen in case --status is used - Removed duplicate words in the dictionary file example.dict - Updated Intel OpenCL runtime version check - Work around some AMD OpenCL runtime segmentation faults - Work around some padding issues with host compilers and OpenCL JiT on 32 and 64-bit systems ## ## Bugs ## - Fixed a invalid scalar datatype return value in hc_bytealign() where it should be a vector datatype return value - Fixed a problem with attack mode -a 7 together with stdout mode where the mask bytes were missing in the output - Fixed a problem with tab completion where --self-test-disable incorrectly expected a further parameter/value - Fixed a race condition in status view that lead to out-of-bound reads - Fixed detection of unique ESSID in WPA-PMKID-* parser - Fixed missing wordlist encoding in combinator mode - Fixed speed/delay problem when quitting while the outfile folder is being scanned - Fixed the ciphertext max length in Ansible Vault parser - Fixed the tokenizer configuration in Postgres hash parser - Fixed the byte order of digest output for hash-mode 11800 (Streebog-512) * changes v4.2.0 -> v4.2.1 ## ## Improvements ## - Try to evaluate available OpenCL device memory and use this information instead of total available OpenCL device memory for autotune ## ## Bugs ## - Fixed a buffer overflow in precompute_salt_md5() in case salt was longer than 64 characters * changes v4.1.0 -> v4.2.0 ## ## Algorithms ## - Added hash-mode 16700 = FileVault 2 - Added hash-mode 16800 = WPA-PMKID-PBKDF2 - Added hash-mode 16801 = WPA-PMKID-PMK - Added hash-mode 16900 = Ansible Vault ## ## Improvements ## - Added JtR-compatible support for hex notation in rules engine - Added OpenCL device utilization to the status information in machine-readable output - Added missing NV Tesla and Titan GPU details to tuning database - General file handling: Abort if a byte order mark (BOM) was detected in a wordlist, hashlist, maskfile or rulefile - HCCAPX management: Use advanced hints in message_pair stored by hcxtools about endian bitness of replay counter - OpenCL kernels: Abort session if kernel self-test fails - OpenCL kernels: Add '-pure' prefix to kernel filenames to avoid problems caused by reusing existing hashcat installation folder - OpenCL kernels: Removed the use of 'volatile' in inline assembly instructions where it is not needed - OpenCL kernels: Switched array pointer types in function declarations in order to be compatible with OpenCL 2.0 - Refactored code for --progress-only and --speed-only calculation - SIP cracking: Increased the nonce field to allow a salt of 1024 bytes - TrueCrypt/VeraCrypt cracking: Do an entropy check on the TC/VC header on start ## ## Bugs ## - Fixed a function declaration attribute in -m 8900 kernel leading to unusable -m 9300 which shares kernel code with -m 8900 - Fixed a miscalculation in --progress-only mode output for extremely slow kernels like -m 14800 - Fixed a missing check for errors on OpenCL devices leading to invalid removal of restore file - Fixed a missing kernel in -m 5600 in combination with -a 3 and -O if mask is >= 16 characters - Fixed detection of AMD_GCN version in case the rocm driver is used - Fixed missing code section in -m 2500 and -m 2501 to crack corrupted handshakes with a LE endian bitness base - Fixed a missing check for hashmodes using OPTS_TYPE_PT_UPPER causing the self-test to fail when using combinator- and hybrid-mode * changes v4.0.1 -> v4.1.0 ## ## Features ## - Added option --benchmark-all to benchmark all hash-modes (not just the default selection) - Removed option --gpu-temp-retain that tried to retain GPU temperature at X degrees celsius - please use driver-specific tools - Removed option --powertune-enable to enable power tuning - please use driver specific tools ## ## Algorithms ## - Added hash-mode 16000 = Tripcode - Added hash-mode 16100 = TACACS+ - Added hash-mode 16200 = Apple Secure Notes - Added hash-mode 16300 = Ethereum Pre-Sale Wallet, PBKDF2-SHA256 - Added hash-mode 16400 = CRAM-MD5 Dovecot - Added hash-mode 16500 = JWT (JSON Web Token) - Added hash-mode 16600 = Electrum Wallet (Salt-Type 1-2) ## ## Bugs ## - Fixed a configuration setting for -m 400 in pure kernel mode which said it was capable of doing SIMD when it is not - Fixed a hash parsing problem for 7-Zip hashes: allow a longer CRC32 data length field within the hash format - Fixed a hash parsing problem when using --show/--left with hashes with long salts that required pure kernels - Fixed a logic error in storing temporary progress for slow hashes, leading to invalid speeds in status view - Fixed a mask-length check issue: return -1 in case the mask length is not within the password-length range - Fixed a missing check for return code in case hashcat.hcstat2 was not found - Fixed a race condition in combinator- and hybrid-mode where the same scratch buffer was used by multiple threads - Fixed a restore issue leading to "Restore value is greater than keyspace" when mask files or wordlist folders were used - Fixed a uninitialized value in OpenCL kernels 9720, 9820 and 10420 leading to absurd benchmark performance - Fixed the maximum password length check in password-reassembling function - Fixed the output of --show when $HEX[] passwords were present within the potfile ## ## Improvements ## - OpenCL Kernels: Add a decompressing kernel and a compressing host code in order to reduce PCIe transfer time - OpenCL Kernels: Improve performance preview accuracy in --benchmark, --speed-only and --progress-only mode - OpenCL Kernels: Remove password length restriction of 16 for Cisco-PIX and Cisco-ASA hashes - Terminal: Display set cost/rounds during benchmarking - Terminal: Show [r]esume in prompt only in pause mode, and show [p]ause in prompt only in resume mode ## ## Technical ## - Autotune: Improve autotune engine logic and synchronize results on same OpenCL devices - Documents: Added docs/limits.txt - Files: Copy include/ folder and its content when SHARED is set to 1 in Makefile - Files: Switched back to relative current working directory on windows to work around problems with Unicode characters - Hashcat Context: Fixed a memory leak in shutdown phase - Hash Parser: Changed the way large strings are handled/truncated within the event buffer if they are too large to fit - Hash Parser: Fixed a memory leak in shutdown phase - Hash Parser: Fixed the use of strtok_r () calls - OpenCL Devices: Fixed several memory leaks in shutdown phase - OpenCL Kernels: Add general function declaration keyword (inline) and some OpenCL runtime specific exceptions for NV and CPU devices - OpenCL Kernels: Replace variables from uXX to uXXa if used in __constant space - OpenCL Kernels: Use a special kernel to initialize the password buffer used during autotune measurements, to reduce startup time - OpenCL Kernels: Refactored kernel thread management from native to maximum per kernel - OpenCL Kernels: Use three separate comparison kernels (depending on keyver) for WPA instead of one - OpenCL Runtime: Add current timestamp to OpenCL kernel source in order to force OpenCL JiT compiler to recompile and not use the cache - OpenCL Runtime: Enforce use of OpenCL version 1.2 to restrain OpenCL runtimes to make use of the __generic address space qualifier - OpenCL Runtime: Updated rocm detection - Returncode: Enforce return code 0 when the user selects --speed-only or --progress-only and no other error occurs - Rules: Fixed some default rule-files after changing rule meaning of 'x' to 'O' - Self Test: Skip self-test for mode 8900 - user-configurable scrypt settings are incompatible with fixed settings in the self-test hash - Self Test: Skip self-test for mode 15700 because the settings are too high and cause startup times that are too long - Terminal: Add workitem settings to status display (can be handy for debugging) - Terminal: Send clear-line code to the same output stream as the message immediately following - Timer: Switch from gettimeofday() to clock_gettime() to work around problems on cygwin - User Options: According to getopts manpage, the last element of the option array has to be filled with zeros * changes v4.0.0 -> v4.0.1: ## ## Improvements ## - Changed the maximum length of the substring of a hash shown whenever the parser found a problem while parsing the hash ## ## Bugs ## - Fixed a memory leak while parsing a wordlist - Fixed compile of kernels on AMD systems on windows due to invalid detection of ROCm - Fixed compile of sources using clang under MSYS2 - Fixed overlapping memory segment copy in CPU rule engine if using a specific rule function - Fixed a parallel build problem when using the "install" Makefile target - Fixed the version number extraction for github releases which do not including the .git directory * changes v3.6.0 -> v4.0.0: ## ## Features ## - Added support to crack passwords and salts up to length 256 - Added option --optimized-kernel-enable to use faster kernels but limit the maximum supported password- and salt-length - Added self-test functionality to detect broken OpenCL runtimes on startup - Added option --self-test-disable to disable self-test functionality on startup - Added option --wordlist-autohex-disable to disable the automatical conversion of $HEX[] words from the word list - Added option --example-hashes to show an example hash for each hash-mode - Removed option --weak-hash-check (zero-length password check) to increase startup time, it also causes many Trap 6 error on macOS ## ## Algorithms ## - Added hash-mode 2500 = WPA/WPA2 (SHA256-AES-CMAC) - Added hash-mode 2501 = WPA/WPA2 PMK ## ## Bugs ## - Fixed a buffer overflow in mangle_dupechar_last function - Fixed a calculation error in get_power() leading to errors of type "BUG pw_add()!!" - Fixed a memory problem that occured when the OpenCL folder was not found and e.g. the shared and session folder were the same - Fixed a missing barrier() call in the RACF OpenCL kernel - Fixed a missing salt length value in benchmark mode for SIP - Fixed an integer overflow in hash buffer size calculation - Fixed an integer overflow in innerloop_step and innerloop_cnt variables - Fixed an integer overflow in masks not skipped when loaded from file - Fixed an invalid optimization code in kernel 7700 depending on the input hash, causing the kernel to loop forever - Fixed an invalid progress value in status view if words from the base wordlist get rejected because of length - Fixed a parser error for mode -m 9820 = MS Office <= 2003 $3, SHA1 + RC4, collider #2 - Fixed a parser error in multiple modes not checking for return code, resulting in negative memory index writes - Fixed a problem with changed current working directory, for instance by using --restore together with --remove - Fixed a problem with the conversion to the $HEX[] format: convert/hexify also all passwords of the format $HEX[] - Fixed the calculation of device_name_chksum; should be done for each iteration - Fixed the dictstat lookup if nanoseconds are used in timestamps for the cached files - Fixed the estimated time value whenever the value is very large and overflows - Fixed the output of --show when used together with the collider modes -m 9710, 9810 or 10410 - Fixed the parsing of command line options. It doesn't show two times the same error about an invalid option anymore - Fixed the parsing of DCC2 hashes by allowing the "#" character within the user name - Fixed the parsing of descrypt hashes if the hashes do have non-standard characters within the salt - Fixed the use of --veracrypt-pim option. It was completely ignored without showing an error - Fixed the version number used in the restore file header ## ## Improvements ## - Autotune: Do a pre-autotune test run to find out if kernel runtime is above some TDR limit - Charset: Add additional DES charsets with corrected parity - OpenCL Buffers: Do not allocate memory for amplifiers for fast hashes, it's simply not needed - OpenCL Kernels: Improved performance of SHA-3 Kernel (keccak) by hardcoding the 0x80 stopbit - OpenCL Kernels: Improved rule engine performance by 6% on for NVidia - OpenCL Kernels: Move from ld.global.v4.u32 to ld.const.v4.u32 in _a3 kernels - OpenCL Kernels: Replace bitwise swaps with rotate() versions for AMD - OpenCL Kernels: Rewritten Keccak kernel to run fully on registers and partially reversed last round - OpenCL Kernels: Rewritten SIP kernel from scratch - OpenCL Kernels: Thread-count is set to hardware native count except if -w 4 is used then OpenCL maximum is used - OpenCL Kernels: Updated default scrypt TMTO to be ideal for latest NVidia and AMD top models - OpenCL Kernels: Vectorized tons of slow kernels to improve CPU cracking speed - OpenCL Runtime: Improved detection for AMD and NV devices on macOS - OpenCL Runtime: Improved performance on Intel MIC devices (Xeon PHI) on runtime level (300MH/s to 2000MH/s) - OpenCL Runtime: Updated AMD ROCm driver version check, warn if version < 1.1 - Show cracks: Improved the performance of --show/--left if used together with --username - Startup: Add visual indicator of active options when benchmarking - Startup: Check and abort session if outfile and wordlist point to the same file - Startup: Show some attack-specific optimizer constraints on start, eg: minimum and maximum support password- and salt-length - WPA cracking: Improved nonce-error-corrections mode to use a both positive and negative corrections ## ## Technical ## - General: Update C standard from c99 to gnu99 - Hash Parser: Improved salt-length checks for generic hash modes - HCdict File: Renamed file from hashcat.hcdict to hashcat.hcdict2 and add header because versions are incompatible - HCstat File: Add code to read LZMA compressed hashcat.hcstat2 - HCstat File: Add hcstat2 support to enable masks of length up to 256, also adds a filetype header - HCstat File: Renamed file from hashcat.hcstat to hashcat.hcstat2 and add header because versions are incompatible - HCtune File: Remove apple related GPU entries to workaround Trap 6 error - OpenCL Kernels: Added code generator for most of the switch_* functions and replaced existing code - OpenCL Kernels: Declared all include functions as static to reduce binary kernel cache size - OpenCL Kernels: On AMD GPU, optimized kernels for use with AMD ROCm driver - OpenCL Kernels: Removed some include functions that are no longer needed to reduce compile time - OpenCL Runtime: Fall back to 64 threads default (from 256) on AMD GPU to prevent creating too many workitems - OpenCL Runtime: Forcing OpenCL 1.2 no longer needed. Option removed from build options - OpenCL Runtime: On AMD GPU, recommend AMD ROCm driver for Linux - Restore: Fixed the version number used in the restore file header - Time: added new type for time measurements hc_time_t and related functions to force the use of 64 bit times * changes v3.5.0 -> v3.6.0: ## ## Algorithms ## - Added hash-mode 600 = BLAKE2-512 - Added hash-mode 15200 = Blockchain, My Wallet, V2 - Added hash-mode 15300 = DPAPI masterkey file v1 and v2 - Added hash-mode 15400 = ChaCha20 - Added hash-mode 15500 = JKS Java Key Store Private Keys (SHA1) - Added hash-mode 15600 = Ethereum Wallet, PBKDF2-HMAC-SHA256 - Added hash-mode 15700 = Ethereum Wallet, PBKDF2-SCRYPT ## ## Features ## - 7-Zip cracking: increased max. data length to 320k and removed AES padding attack to avoid false negatives - Dictionary cache: Show time spent on dictionary cache building at startup - Rules: Support added for position 'p' (Nth instance of a character) in host mode (using -j or -k) - Rules: Support added for rejection rule '_N' (reject plains of length not equal to N) in host mode - Rules: Support added for rule 'eX' - Wordlist encoding: Added parameters --encoding-from and --encoding-to to configure wordlist encoding handling - Wordlist encoding: Support added for internal conversion between user-defined encodings during runtime ## ## Workarounds ## - Workaround added for NVIDIA NVML library: If libnvidia-ml.so couldn't be loaded, try again using libnvidia-ml.so.1 ## ## Improvements ## - WPA cracking: Improved nonce-error-corrections mode to fix corrupt nonces generated on big-endian devices ## ## Bugs ## - Fixed a condition that caused hybrid attacks using a maskfile to not select all wordlists from a wordlist folder - Fixed a memory leak that was present when a user periodically prints hashcat status (using --status-timer) - Fixed a missing type specifier in a function declaration of the RACF kernel ## ## Technical ## - Building: In the binary release packages, link libiconv static for Windows binaries - Dictstat: Structure for dictstat file changed to include --encoding-from and --encoding-to parameters - OpenCL Runtime: Updated AMDGPU-PRO driver version check, warn if version 17.10 (known to be broken) is detected - WPA cracking: Reduced --nonce-error-corrections default from 16 to 8 to compensate for speed drop caused by big-endian fixes * changes v3.40 -> v3.5.0: ## ## Features ## - WPA cracking: Added support for WPA/WPA2 handshake AP nonce automatic error correction - WPA cracking: Added parameter --nonce-error-corrections to configure range of error correction ## ## Algorithms ## - Added hash-mode 15100 = Juniper/NetBSD sha1crypt ## ## Improvements ## - Abbreviate long hashes to display the Hash.Target status line within 80 characters - Refactored internal use of esalt to sync with the number of digests instead of the number of salts - Refactored other output to display within 80 characters without wrapping ## ## Bugs ## - Fixed a hash validation error when trying to load Android FDE < 4.3 hashes - Fixed a problem where --keyspace combined with custom charsets incorrectly displayed an error message - Fixed a problem where --stdout combined with custom charsets incorrectly displayed an error message - Fixed a problem with parsing and displaying -m 7000 = Fortigate (FortiOS) hashes - Fixed a race condition after sessions finish, where the input-base was freed but accessed afterwards - Fixed a typo that resulted in the minimum password length not being correctly initialized - Fixed --outfile-format formats 11 through 15 to show the correct crack position - Fixed --remove to apply even when all hashes are either found in the potfile or detected in weak-hash checks ## ## Technical ## - Building: Added missing prototypes for atlassian_parse_hash function - Dictionary Cache: Split long status line into multiple lines to stay < 80 chars - Files: Detect and error when users try to use -r with a parameter which is not a file - HCCAPX Parser: Added support for a special bit (bit 8) of the message_pair that indicates if replay counters match - Parameter: Detect and error when users try to use an empty string (length 0) for parameters like --session= - Parameter: Detect and error when users try to use non-digit input when only digits are expected - Sessions: Improved string comparison in case user sets --session to "hashcat" - Status View: Add rejected counter to machine-readable output - Status View: Rename labels Input.Mode, Input.Base, ... to Guess.Mode, Guess.Base, ... - Status View: Added a visual indicator to the status screen when checkpoint quit has been requested - Versions: Changed version naming convention from x.yz to x.y.z * changes v3.30 -> v3.40: ## ## Features ## - Added support for loading hccapx files - Added support for filtering hccapx message pairs using --hccapx-message-pair - Added support for parsing 7-Zip hashes with LZMA/LZMA2 compression indicator set to a non-zero value - Added support for decompressing LZMA1/LZMA2 data for -m 11600 = 7-Zip to validate the CRC - Added support for automatic merge of LM halfes in case --show and --left is used - Added support for showing all user names with --show and --left if --username was specified - Added support for GPU temperature management on cygwin build ## ## Algorithms ## - Added hash-mode 1411 = SSHA-256(Base64), LDAP {SSHA256} - Added hash-mode 3910 = md5(md5($pass).md5($salt)) - Added hash-mode 4010 = md5($salt.md5($salt.$pass)) - Added hash-mode 4110 = md5($salt.md5($pass.$salt)) - Added hash-mode 4520 = sha1($salt.sha1($pass)) - Added hash-mode 4522 = PunBB - Added hash-mode 7000 = Fortigate (FortiOS) - Added hash-mode 12001 = Atlassian (PBKDF2-HMAC-SHA1) - Added hash-mode 14600 = LUKS - Added hash-mode 14700 = iTunes Backup < 10.0 - Added hash-mode 14800 = iTunes Backup >= 10.0 - Added hash-mode 14900 = Skip32 - Added hash-mode 15000 = FileZilla Server >= 0.9.55 ## ## Workarounds ## - Workaround added for AMDGPU-Pro OpenCL runtime: AES encrypt and decrypt Invertkey function was calculated wrong in certain cases - Workaround added for AMDGPU-Pro OpenCL runtime: RAR3 kernel require a volatile variable to work correctly - Workaround added for Apple OpenCL runtime: bcrypt kernel requires a volatile variable because of a compiler optimization bug - Workaround added for Apple OpenCL runtime: LUKS kernel requires some volatile variables because of a compiler optimization bug - Workaround added for Apple OpenCL runtime: TrueCrypt kernel requires some volatile variables because of a compiler optimization bug - Workaround added for NVidia OpenCL runtime: RACF kernel requires EBCDIC lookup to be done on shared memory ## ## Bugs ## - Fixed a problem within the Kerberos 5 TGS-REP (-m 13100) hash parser - Fixed clEnqueueNDRangeKernel(): CL_UNKNOWN_ERROR caused by an invalid work-item count during weak-hash-check - Fixed cracking of PeopleSoft Token (-m 13500) if salt length + password length is >= 128 byte - Fixed cracking of Plaintext (-m 99999) in case MD4 was used in a previous session - Fixed DEScrypt cracking in BF mode in case the hashlist contains more than 16 times the same salt - Fixed duplicate detection for WPA handshakes with the same ESSID - Fixed nvapi datatype definition for NvS32 and NvU32 - Fixed overflow in bcrypt kernel in expand_key() function - Fixed pointer to local variable outside scope in case -j or -k is used - Fixed pointer to local variable outside scope in case --markov-hcstat is not used - Fixed recursion in loopback handling when session was aborted by the user - Fixed rule 'O' (RULE_OP_MANGLE_OMIT) in host mode in case the offset + length parameter equals the length of the input word - Fixed rule 'i' (RULE_OP_MANGLE_INSERT) in host mode in case the offset parameter equals the length of the input word - Fixed string not null terminated inside workaround for checking drm driver path - Fixed string not null terminated while reading maskfiles - Fixed truncation of password after position 32 with the combinator attack - Fixed use of option --keyspace in combination with -m 2500 (WPA) - Fixed WPA/WPA2 cracking in case eapol frame is >= 248 byte ## ## Technical ## - Building: Add SHARED variable to Makefile to choose if hashcat is build as static or shared binary (using libhashcat.so/hashcat.dll) - Building: Removed compiler option -march=native as this created problems for maintainers on various distributions - Building: Removed the use of RPATH on linker level - Building: Replaced linking of CRT_glob.o with the use of int _dowildcard - Commandline: Do some checks related to custom-charset options if user specifies them - CPU Affinity: Fixed memory leak in case invalid cpu Id was specified - Dispatcher: Fixed several memory leaks in case an OpenCL error occurs - Events: Improved the maximum event message handling. event_log () will now also internally make sure that the message is properly terminated - File Locking: Improved error detection on file locks - File Reads: Fixed memory leak in case outfile or hashfile was not accessible - File Reads: Improved error detection on file reads, especially when getting the file stats - Files: Do several file and folder checks on startup rather than when they are actually used to avoid related error after eventual intense operations - Hardware Management: Bring back kernel exec timeout detection for NVidia on user request - Hardware Monitor: Fixed several memory leaks in case hash-file writing (caused by --remove) failed - Hardware Monitor: Fixed several memory leaks in case no hardware monitor sensor is found - Hardware Monitor: In case NVML initialization failed, do not try to initialiaze NVAPI or XNVCTRL because they both depend on NVML - Hash Parsing: Added additional bound checks for the SIP digest authentication (MD5) parser (-m 11400) - Hash Parsing: Make sure that all files are correctly closed whenever a hash file parsing error occurs - Helper: Added functions to check existence, type, read- and write-permissions and rewrite sources to use them instead of stat() - Keyfile handling: Make sure that the memory is cleanly freed whenever a VeraCrypt/TrueCrypt keyfile fails to load - Mask Checks: Added additional memory cleanups after parsing/verifying masks - Mask Checks: Added integer overflow detection for a keyspace of a mask provided by user - Mask Increment: Fixed memory leak in case mask_append() fails - OpenCL Device: Do a check on available constant memory size and abort if it's less than 64kB - OpenCL Device Management: Fixed several memory leaks in case initialization of an OpenCL device or platform failed - OpenCL Header: Updated CL_* errorcode to OpenCL 1.2 standard - OpenCL Kernel: Move kernel binary buffer from heap to stack memory - OpenCL Kernel: Refactored read_kernel_binary to load only a single kernel for a single device - OpenCL Kernel: Remove "static" keyword from function declarations; Causes older Intel OpenCL runtimes to fail compiling - OpenCL Kernel: Renumbered hash-mode 7600 to 4521 - OpenCL Runtime: Added a warning about using Mesa OpenCL runtime - OpenCL Runtime: Updated AMDGPU-Pro driver version check, do warn if version 16.60 is detected which is known to be broken - Outfile Check: Fixed a memory leak for failed outfile reads - Restore: Add some checks on the rd->cwd variable in restore case - Rule Engine: Fixed several memory leaks in case loading of rules failed - Session Management: Automatically set dedicated session names for non-cracking parameters, for example: --stdout - Session Management: Fixed several memory leaks in case profile- or install-folder setup failed - Sessions: Move out handling of multiple instance from restore file into separate pidfile - Status screen: Do not try to clear prompt in --quiet mode - Tests: Fixed the timeout status code value and increased the runtime to 400 seconds - Threads: Restored strerror as %m is unsupported by the BSDs - Wordlists: Disable dictstat handling for hash-mode 3000 as it virtually creates words in the wordlist which is not the case for other modes - Wordlists: Fixed memory leak in case access a file in a wordlist folder fails - WPA: Changed format for outfile and potfile from essid:mac1:mac2 to hash:mac_ap:mac_sta:essid - WPA: Changed format for outfile_check from essid:mac1:mac2 to hash * changes v3.20 -> v3.30: ## ## Features ## - Files: Use $HEX[...] in case the password includes the separater character, increases potfile reading performance - Files: If the user specifies a folder to scan for wordlists instead of directly a wordlist, then ignore the hidden files - Loopback: Include passwords for removed hashes present in the potfile to next loopback iteration - New option --progress-only: Quickly provides ideal progress step size and time to process on the user hashes and selected options, then quit - Status screen: Reenabled automatic status screen display in case of stdin used - Truecrypt/Veracrypt: Use CRC32 to verify headers instead of fuzzy logic, greatly reduces false positives from 18:2^48 to 3:2^64 - WPA cracking: Reuse PBKDF2 intermediate keys if duplicate essid is detected ## ## Algorithms ## - Added hash-mode 1300 = SHA-224 ## ## Bugs ## - Fixed buffer overflow in status screen display in case of long non-utf8 string - Fixed buffer overflow in plaintext parsing code: Leading to segfault - Fixed custom char parsing code in maskfiles in --increment mode: Custom charset wasn't used - Fixed display screen to show input queue when using custom charset or rules - Fixed double fclose() using AMDGPU-Pro on sysfs compatible platform: Leading to segfault - Fixed hash-mode 11400 = SIP digest authentication (MD5): Cracking of hashes which did not include *auth* or *auth-int* was broken - Fixed hex output of plaintext in case --outfile-format 4, 5, 6 or 7 was used - Fixed infinite loop when using --loopback in case all hashes have been cracked - Fixed kernel loops in --increment mode leading to slower performance - Fixed mask length check in hybrid attack-modes: Do not include hash-mode dependant mask length checks - Fixed parsing of hashes in case the last line did not include a linefeed character - Fixed potfile loading to accept blank passwords - Fixed runtime limit: No longer required so sample startup time after refactorization ## ## Workarounds ## - Workaround added for Intel OpenCL runtime: GPU support is broken, skip the device unless user forces to enable it ## ## Technical ## - Building: Added hashcat32.dll and hashcat64.dll makefile targets for building hashcat windows libraries - Building: Added production flag in Makefile to disable all the GCC compiler options needed only for development - Building: Removed access to readlink() on FreeBSD - Building: For CYGWIN prefer to use "opencl.dll" (installed by drivers) instead of optional "cygOpenCL-1.dll" - Events: Added new event EVENT_WEAK_HASH_ALL_CRACKED if all hashes have been cracked during weak hash check - Hardware management: Switched matching ADL device with OpenCL device by using PCI bus, device and function - Hardware management: Switched matching NvAPI device with OpenCL device by using PCI bus, device and function - Hardware management: Switched matching NVML device with OpenCL device by using PCI bus, device and function - Hardware management: Switched matching xnvctrl device with OpenCL device by using PCI bus, device and function - Hardware management: Removed *throttled* message from NVML as this created more confusion than it helped - Hash Parser: Improved error detection of invalid hex characters where hex character are expected - OpenCL Runtime: Updated AMDGPU-Pro driver version check, do warn if version 16.50 is detected which is known to be broken - OpenCL Runtime: Updated hashcat.hctune for Iris Pro GPU on macOS - Potfile: In v3.10 already, the default potfile suffix changed but the note about was missing. The "hashcat.pot" became "hashcat.potfile" - Potfile: Added old potfile detection, show warning message - Returncode: Added dedicated returncode (see docs/status_codes.txt) for shutdowns caused by --runtime and checkpoint keypress - Sanity: Added sanity check to disallow --speed-only in combination with -i - Sanity: Added sanity check to disallow --loopback in combination with --runtime - Threads: Replaced all calls to ctime() with ctime_r() to ensure thread safety - Threads: Replaced all calls to strerror() with %m printf() GNU extension to ensure thread safety * changes v3.10 -> v3.20: The hashcat core was completely refactored to be a MT-safe library (libhashcat). The goal was to help developers include hashcat into distributed clients or GUI frontends. The CLI (hashcat.bin or hashcat.exe) works as before but from a technical perspective it's a library frontend. ## ## Features ## - New option --speed-only: Quickly provides cracking speed per device based on the user hashes and selected options, then quit - New option --keep-guessing: Continue cracking hashes even after they have been cracked (to find collisions) - New option --restore-file-path: Manually override the path to the restore file (useful if we want all session files in the same folder) - New option --opencl-info: Show details about OpenCL compatible devices like an embedded clinfo tool (useful for bug reports) - Documents: Added colors for warnings (yellow) and errors (red) instead of WARNING: and ERROR: prefix - Documents: Added hints presented to the user about optimizing performance while hashcat is running - Hardware management: Support --gpu-temp-retain for AMDGPU-Pro driver - Hardware management: Support --powertune-enable for AMDGPU-Pro driver - Password candidates: Allow words of length > 31 in wordlists for -a 0 for some slow hashes if no rules are in use - Password candidates: Do not use $HEX[] if the password candidate is a valid UTF-8 string and print out as-is - Pause mode: Allow quit program also if in pause mode - Pause mode: Ignore runtime limit in pause mode - Status view: Show core-clock, memory-clock and execution time in benchmark-mode in case --machine-readable is activated - Status view: Show temperature, coreclock, memoryclock, fanspeed and pci-lanes for devices using AMDGPU-Pro driver - Status view: Show the current first and last password candidate test queued for execution per device (as in JtR) - Status view: Show the current position in the queue for both base and modifier (Example: Wordlist 2/5) - Markov statistics: Update hashcat.hcstat which is used as reference whenever the user defines a mask - Charsets: Added lowercase ascii hex (?h) and uppercase ascii hex (?H) as predefined charsets ## ## Algorithms ## - Added hash-mode 14000 = DES (PT = $salt, key = $pass) - Added hash-mode 14100 = 3DES (PT = $salt, key = $pass) - Added hash-mode 14400 = SHA1(CX) - Added hash-mode 99999 = Plaintext - Extended hash-mode 3200 = bcrypt: Accept signature $2b$ (February 2014) - Improved hash-mode 8300 = DNSSEC: Additional parsing error detection ## ## Bugs ## - Custom charset from file parsing code did not return an error if an error occured - Fix some clSetKernelArg() size error that caused slow modes to not work anymore in -a 1 mode - Hash-mode 11600 = (7-Zip): Depending on input hash a clEnqueueReadBuffer(): CL_INVALID_VALUE error occured - Hash-mode 22 = Juniper Netscreen/SSG (ScreenOS): Fix salt length for -m 22 in benchmark mode - Hash-Mode 5500 = NetNTLMv1 + ESS: Fix loading of NetNTLMv1 + SSP hash - Hash-mode 6000 = RipeMD160: Fix typo in array index number - If cracking a hash-mode using unicode passwords, length check of a mask was not taking into account - If cracking a large salted hashlist the wordlist reject code was too slow to handle it, leading to 0H/s - Null-pointer dereference in outfile-check shutdown code when using --outfile-check-dir, leading to segfault - On startup hashcat tried to access the folder defined in INSTALL_FOLDER, leading to segfault if that folder was not existing - Random rules generator code used invalid parameter for memory copy function (M), leading to use of invalid rule - Sanity check for --outfile-format was broken if used in combination with --show or --left ## ## Workarounds ## - Workaround added for AMDGPU-Pro OpenCL runtime: Failed to compile hash-mode 10700 = PDF 1.7 Level 8 - Workaround added for AMDGPU-Pro OpenCL runtime: Failed to compile hash-mode 1800 = sha512crypt - Workaround added for NVidia OpenCL runtime: Failed to compile hash-mode 6400 = AIX {ssha256} - Workaround added for NVidia OpenCL runtime: Failed to compile hash-mode 6800 = Lastpass + Lastpass sniffed - Workaround added for macOS OpenCL runtime: Failed to compile hash-mode 10420 = PDF 1.1 - 1.3 (Acrobat 2 - 4) - Workaround added for macOS OpenCL runtime: Failed to compile hash-mode 1100 = Domain Cached Credentials (DCC), MS Cache - Workaround added for macOS OpenCL runtime: Failed to compile hash-mode 13800 = Windows 8+ phone PIN/Password - Workaround added for pocl OpenCL runtime: Failed to compile hash-mode 5800 = Android PIN ## ## Performance ## - Improved performance for rule-based attacks for _very_ fast hashes like MD5 and NTLM by 30% or higher - Improved performance for DEScrypt on AMD, from 373MH/s to 525MH/s - Improved performance for raw DES-based algorithms (like LM) on AMD, from 1.6GH/s to 12.5GH/s - Improved performance for raw SHA256-based algorithms using meet-in-the-middle optimization, reduces 7/64 steps - Improved performance for SAP CODVN B (BCODE) and SAP CODVN F/G (PASSCODE) due to register handling optimization, gives 3% and 25% - Improved performance by reducing maximum number of allowed function calls per rule from 255 to 31 - Improved performance by update the selection when to use #pragma unroll depending on OpenCL runtime vendor - Full performance comparison sheet v3.10 vs. v3.20: https://docs.google.com/spreadsheets/d/1B1S_t1Z0KsqByH3pNkYUM-RCFMu860nlfSsYEqOoqco/edit#gid=1591672380 ## ## Technical ## - Autotune: Do not run any caching rounds in autotune in DEBUG mode if -n and -u are specified - Bash completion: Removed some v2.01 leftovers in the bash completion configuration - Benchmark: Do not control fan speed in benchmark mode - Benchmark: On macOS, some hash-modes can't compile because of macOS OpenCL runtime. Skip them and move on to the next - Building: Added Makefile target "main_shared", a small how-to-use libhashcat example - Building: Added many additional compiler warning flags in Makefile to improve static code error detection - Building: Added missing includes for FreeBSD - Building: Added some types for windows only in case _BASETSD_H was not set - Building: Changed Makefile to strip symbols in the linker instead of the compiler - Building: Defined NOMINMAX macro to prevent definition min and max macros in stdlib header files - Building: Enabled ASLR and DEP for Windows builds - Building: Fixed almost all errors reported by cppcheck and scan-build - Building: On macOS, move '-framework OpenCL' from CFLAGS to LDFLAGS - Building: On macOS, use clang as default compiler - Building: Support building on Msys2 environment - Building: Use .gitmodules to simplify the OpenCL header dependency handling process - Charsets: Added DES_full.charset - Data Types: Replaced all integer macros with enumerator types - Data Types: Replaced all integer variables with true bool variables in case they are used as a bool - Data Types: Replaced all string macros with static const char types - Data Types: Replaced all uint and uint32_t to u32 - Data Types: Replaced atoi() with atoll(). Eliminates sign conversion warnings - Documents: Added docs/credits.txt - Documents: Added docs/team.txt - Documents: Changed rules.txt to match v3.20 limitations - Error handling (file handling): Fixed a couple of filepointer leaks - Error handling (format strings): Fixed a few printf() formats, ex: use %u instead of %d for uint32_t - Error handling (memory allocation): Removed memory allocation checks, just print to stderr instead - Error handling (startup): Added some missing returncode checks to get_exec_path() - Fanspeed: Check both fanpolicy and fanspeed returncode and disable retain support if any of them fail - Fanspeed: Minimum fanspeed for retain support increased to 33%, same as NV uses as default on windows - Fanspeed: Reset PID controler settings to what they were initially - Fanspeed: Set fan speed to default on quit - File handling: Do a single write test (for files to be written later) directly on startup - File locking: Use same locking mechanism in potfile as in outfile - Hardware management: Fixed calling conventions for ADL, NvAPI and NVML on windows - Hardware management: Improved checking for successfull load of the NVML API - Hardware management: In case fanspeed can not be set, disable --gpu-temp-retain automatically - Hardware management: In case of initialization error show it only once to the user on startup - Hardware management: Refactored all code to return returncode (0 or -1) instead of data for more easy error handling - Hardware management: Refactored macros to real functions - Hardware management: Removed kernel exec timeout detection on NVIDIA, should no longer occur due to autotune - Hardware management: Replaced NVML registry functions macros with their ascii versions (Adds NVML support for XP) - Hashlist loading: Do not load data from hashfile if hashfile changed during runtime - Kernel cache: Fixed checksum building on oversized device version or driver version strings - Logging: Improved variable names in hashcat.log - Loopback: Refactored --loopback support completely, no longer a recursive function - Memory management: Fixed some memory leaks on shutdown - Memory management: Got rid of all global variables - Memory management: Got rid of local_free() and global_free(), no longer required - Memory management: Refactored all variables with HCBUFSIZ_LARGE size from stack to heap, macOS doesn't like that - OpenCL Headers: Select OpenCL headers tagged for OpenCL 1.2, since we use -cl-std=CL1.2 - OpenCL Kernels: Added const qualifier to variable declaration of matching global memory objects - OpenCL Kernels: Got rid of one global kernel_threads variable - OpenCL Kernels: Moved OpenCL requirement from v1.1 to v1.2 - OpenCL Kernels: Recognize reqd_work_group_size() values from OpenCL kernels and use them in the host if possible - OpenCL Kernels: Refactored common function append_0x01() - OpenCL Kernels: Refactored common function append_0x02() - OpenCL Kernels: Refactored common function append_0x80() - OpenCL Kernels: Refactored rule function append_block1() - OpenCL Kernels: Refactored rule function rule_op_mangle_delete_last() - OpenCL Kernels: Refactored rule function rule_op_mangle_dupechar_last() - OpenCL Kernels: Refactored rule function rule_op_mangle_rotate_left() - OpenCL Kernels: Refactored rule function rule_op_mangle_rotate_right() - OpenCL Kernels: Support mixed kernel thread count for mixed kernels in the same source file - OpenCL Kernels: Switch from clz() to ffz() for bitsliced algorithms - OpenCL Kernels: Using platform vendor name is better than using device vendor name for function detection - OpenCL Runtime: Updated AMDGPU-Pro and AMD Radeon driver version check - OpenCL Runtime: Updated Intel OpenCL runtime version check - OpenCL Runtime: Updated NVIDIA driver version check - Password candidates: The maximum word length in a wordlist is 31 not 32, because 0x80 will eventually be appended - Potfile: Base logic switched; Assuming the potfile is larger than the hashlist it's better to load hashlist instead of potfile entries - Potfile: In case all hashes were cracking using potfile abort and inform user - Restore: Automatically unlink restore file if all hashes have been cracked - Restore: Do not unlink restore file if restore is disabled - Rules: Refactored macros to real functions - Status: Added Input.Queue.Base and Input.Queue.Mod to help the user better understand this concept - Status: Do not wait for the progress mutex to read and store speed timer - Status: Do not show Recovered/Time when cracking < 1000 hashes - Status: Do not show Recovered/Time as floats but as integers to reduce over-information - Tests: Removed rules_test/ subproject: Would require total rewrite but not used in a long time - Threads: Replaced all calls to getpwuid() with getpwuid_r() to ensure thread safety - Threads: Replaced all calls to gmtime() with gmtime_r() to ensure thread safety - Threads: Replaced all calls to strtok() with strtok_r() to ensure thread safety - Wordlists: Use larger counter variable to handle larger wordlists (that is > 2^32 words) - X11: Detect missing coolbits and added some help text for the user how to fix it * changes v3.00 -> v3.10: ## ## Improvements ## - Added mask display to modes 3, 6, and 7. Allows the user to see the custom character set used during the run - Make Linux build POSIX compatible; Also allow it to actually compile on musl-libc systems - Add support to compile on FreeBSD - Make use of cl_context_properties[] to clCreateContext(), even if OpenCL specification allow the use of NULL, some runtimes fail without - The Time.Estimated attribute in status display should also show --runtime limit if user set it - Fix some strict aliasing rule violation on older compilers - Fix some variable initializers on older compilers - Replace DARWIN macro with compiler predefined macro __APPLE__ - Replace LINUX macro with compiler predefined macro __linux__ - Allow the use of enc_id == 0 in hash-mode 10600 and 10700 as it takes no part in the actual computation - Get rid of exit() calls in OpenCL wrapper library with the goal to have a better control which error can be ignored under special circumstances - Do not error and exit if an OpenCL platform has no devices, just print a warning and continue with the next platform - Workaround for OpenCL runtimes which do not accept -I parameter in the OpenCL kernel build options even if this is an OpenCL standard option - Workaround for OpenCL runtimes which do accept -I parameter in the OpenCL kernel build options, but do not allow quotes - Output cracked hashes on Windows using \r\n and not \n - Replace RegGetValue() with RegQueryValueEx() to enable Windows XP 32 bit compatibility - Slightly increased NVidias rule-processing performance by using generic instructions instead of byte_perm() - Add support for @ rule (RULE_OP_MANGLE_PURGECHAR) to use on GPU - Add support for --outfile (short -o) to be used together with --stdout - Skip periodic status output whenever --stdout is used together with stdin mode, but no outfile was specified - Show error message if --show is used together with --outfile-autohex-disable (this is currently not supported) - Show error message if --skip/--limit is used together with mask files or --increment - Workaround for NVidia OpenCL runtime bug causing -m 6223 to not crack any hashes even with the correct password candidate ## ## Bugs ## - Fixed a bug where CRAM MD5 checked salt length instead of hash length - Fixed a bug where hashcat is suppressing --machine-readable output in the final status update - Fixed a bug where hashcat did not check the return of realpath() and crashes uncontrolled if the path does not exist - Fixed a bug where hashcat crashes for accessing deallocated buffer if user spams "s" shortly before hashcat shuts down - Fixed a bug where hashcat crashes in case of a scrypt P setting > 1 - Fixed a bug where hashcat did not correctly use the newly cracked plains whenever --loopback or the induction folder was used - Fixed a bug where hashcat did not correctly remove hashes of type WPA/WPA2 even if present in potfile - Fixed a bug where hashcat reported an invalid password for a zero-length password in LM - Fixed a bug where hashcat did not take into account how long it takes to prepare a session when auto-aborting with --runtime is in use - Fixed a bug where some kernels used COMPARE_M_SIMD instead of COMPARE_S_SIMD in singlehash mode ## ## Algorithms ## - Added new hash-mode 13900 = OpenCart * changes v2.01 -> v3.00: This release markes the fusion of "hashcat" and "oclHashcat" into "hashcat". It combines all features of all hashcat projects in one project. ## ## Features ## - Support for Apple OpenCL runtime - Support for NVidia OpenCL runtime (replaces CUDA) - Support for Mesa (Gallium) OpenCL runtime - Support for pocl OpenCL runtime - Support for Khronos' OSS OpenCL reference implementation for building - Support to utilize OpenCL devices-types other than GPU, ex: CPU and FPGA - Support to utilize multiple different OpenCL platforms in parallel, ex: AMD + NV - Support to utilize multiple different OpenCL device-types in parallel, ex: GPU + CPU - Added option --opencl-platform to select a specific OpenCL platform - Added option --opencl-device-types select specific OpenCL device types - Added option --opencl-vector-width to override automatically selected vector-width size - Added makefile native compilation target - Added makefile install and uninstall targets - Added autotuning engine and user-configurable tuning database - Added current engine clock, current memory clock and pci-e lanes to the status display - Added support for --gpu-temp-retain for NVidia GPU, both Linux and Windows - Added execution timer of the running kernel to the status display - Added command prompt to quit at next restore checkpoint - Added human-readable error message for the OpenCL error codes - Added option --potfile-path to override potfile path - Added option --veracrypt-keyfile to set Keyfiles used, can be multiple - Added option --veracrypt-pim to set the VeraCrypt personal iterations multiplier - Added option --machine-readable for easier parsing of output - Added option --powertune-enable to work with NVidia devices as well, not just AMD - Added option --stdout to print candidates instead of trying to crack a hash ## ## Algorithms ## - Added new hash-mode 125 = ArubaOS - Added new hash-mode 12900 = Android FDE (Samsung DEK) - Added new hash-mode 13000 = RAR5 - Added new hash-mode 13100 = Kerberos 5 TGS-REP etype 23 - Added new hash-mode 13200 = AxCrypt - Added new hash-mode 13300 = AxCrypt in memory SHA1 - Added new hash-mode 13400 = Keepass 1 (AES/Twofish) and Keepass 2 (AES) - Added new hash-mode 13500 = PeopleSoft PS_TOKEN - Added new hash-mode 13600 = WinZip - Added new hash-mode 137** = VeraCrypt - Added new hash-mode 13800 = Windows 8+ phone PIN/Password ## ## Performance ## - Full Table: https://docs.google.com/spreadsheets/d/1B1S_t1Z0KsqByH3pNkYUM-RCFMu860nlfSsYEqOoqco/edit#gid=0 ## ## Improvements ## - Reordering of files to help integration into linux distributions ~/.hashcat etc - Use a profile directory to write temporary files (session, potfile etc.) - Workaround dependencies on AMD APP-SDK AMD ADL, NV CUDA-SDK, NV ForceWare, NVML and NVAPI; they are no longer required - Load external libraries dynamic at runtime instead of link them static at compile-time - Benchmark accuracy improved; Is now on par to: singlehash -a 3 -w 3 ?b?b?b?b?b?b?b - Benchmark no longer depends on a fixed time - Removed option --benchmark-mode, therefore support --workload-profile in benchmark-mode - Enabled support of --machine-readable in combination with --benchmark for automated benchmark processing - Replaced --status-automat entirely with --machine-readable to make it more consistent among benchmark and non-benchmark mode - Extended support from 14 to 255 functions calls per rule - Extended password length up to 32 for 7zip - Extended salt length up to 55 for raw hash types, eg: md5($pass.$salt) - Extended version information - Removed some duplicate rules in T0XlCv1, d3ad0ne and dive - Redesigned changes.txt layout - Redesigned --help menu layout ## ## Bugs ## - Fixed a bug in speed display: In some situation, especially with slow hashes or lots of salts, it showed a speed of 0H/s - Fixed a bug in restore handling: user immediately aborting after restart broke the restore file - Fixed a bug in line counter: conditional jump or move depends on an uninitialised value - Fixed a bug in rule-engine for NVidia devices: code for left- and right-shift were switched - Fixed a bug in dive.rule: rules were not updated after the function 'x' was renamed to 'O' - Fixed a bug in memory allocation "OpenCL -4 error": used unitialized value in a special situation - Fixed a bug in memory handling: heap buffer overflow - Fixed a bug in memory handling: out of bounds access - Fixed a bug in implementation of DCC2: forced default iteration count for hashes to 10240 - Fixed a bug in implementation of WPA/WPA2: MAC and nonce stay one their original position as in the hccap file - Fixed a bug in implementation of GOST R 34.11-94: zero length passwords were not cracked - Fixed a bug in implementation of BLAKE2-512 kernels: incorrect access of the esalt buffer ## ## Technical ## - Removed deprecated GCC version check requirement - Removed NPROCS from Makefile, let make automatically detect the optimal number of parallel threads - Dropped all C++ overloading functions to normal function which helps support more OpenCL platforms - Renamed functions in common.h to emphasize their purpose - Refactorized fast-hash kernels to enable SIMD on all OpenCL platforms - Refactorized SIMD handling: SIMD the inner-loop not the outer-loop to save registers - Workaround missing clEnqueueFillBuffer() support in certain OpenCL runtimes - Added amd_bytealign() support in non-AMD OpenCL runtimes - Added amd_bfe() support in non-AMD OpenCL runtimes - Added several macros to allow writing optimized code for the different OpenCL platforms - Replaced typedef for bool with stdbool.h - Added special DEBUG environment variables to the makefile - Hashcat now acquires an exclusive lock before writing to any file - Changed buffers to not use same buffer for both input and output at the same time with snprintf() - Check for allocatable device-memory depending on kernel_accel amplifier before trying to allocate - Added additional check for max. ESSID length to prevent possible crashes - Use a GCC equivalent for __stdcall where applicable - Synchronize maximum output line size with input line size - Increased maximum hash line size to 0x50000 - Run weak-hash checks only in straight-attack mode, this greatly reduces code complexity - Restrict loopback option to straight attack-mode - Moved rules_optimize to hashcat-utils - Stick to older libOpenCL in binary package to avoid errors like this: version `OPENCL_2.0' not found - Tightened hash parser for several algorithms - Updated old RC4 code in Kerberos 5 - Limited the salt length of Juniper Netscreen/SSG (ScreenOS) hashes to 10 - Updated algorithm used to automatically select an ideal --scrypt-tmto value - Renamed option --gpu-accel to --kernel-accel - Renamed option --gpu-loops to --kernel-loops - Renamed option --gpu-devices to --opencl-devices - Added inline declaration to functions from simd.c, common.c, rp.c and types_ocl.c to increase performance - Dropped static declaration from functions in all kernel to achieve OpenCL 1.1 compatibility - Added -cl-std=CL1.1 to all kernel build options - Created environment variable to inform NVidia OpenCL runtime to not create its own kernel cache - Created environment variable to inform pocl OpenCL runtime to not create its own kernel cache - Dropped special 64-bit rotate() handling for NV, it seems that they've added it to their OpenCL runtime - Completely get rid of HAVE_ADL, HAVE_NVML and HAVE_NVAPI in sources - Replaced NVAPI with NVML on windows