mirror of
https://github.com/hashcat/hashcat.git
synced 2024-12-24 23:48:39 +00:00
5024865d87
Kernel Cache: Add kernel threads into hash computation which is later used in the kernel cache filename Remove some unused function symbol lookups in HIP library
1622 lines
92 KiB
Plaintext
1622 lines
92 KiB
Plaintext
* changes v6.2.3 -> v6.2.x
|
|
|
|
##
|
|
## Features
|
|
##
|
|
|
|
- Added option --multiply-accel-disable (short: -M) to disable multiply the kernel-accel with the multiprocessor count automatism
|
|
|
|
##
|
|
## Bugs
|
|
##
|
|
|
|
- Fixed autotune unitialized tmps variable for slow hashes by calling _init kernel before calling _loop kernel
|
|
- Fixed datatype in function sha384_hmac_init_vector_128() that could come into effect if vector datatype was manually set
|
|
- Fixed false negative in all VeraCrypt hash-modes if both conditions are met: 1. use CPU for cracking and 2. PIM range was used
|
|
|
|
##
|
|
## Improvements
|
|
##
|
|
|
|
- Blake Kernels: Optimize BLAKE2B_ROUND() 64 bit rotates giving a 5% performance increase
|
|
- Brain Session: Adds hashconfig specific opti_type and opts_type parameters to hashcat session computation to cover features like -O and -M
|
|
- Kernel Threads: Use warp size / wavefront size query instead of hardcoded values as base for kernel threads
|
|
- Shared Memory: Calculate kernel dynamic memory size based on CU_DEVICE_ATTRIBUTE_MAX_SHARED_MEMORY_PER_BLOCK_OPTIN
|
|
- Slow Kernels: Set some of the slowest kernels to OPTS_TYPE_MP_MULTI_DISABLE
|
|
|
|
##
|
|
## Technical
|
|
##
|
|
|
|
- Kernel Cache: Add kernel threads into hash computation which is later used in the kernel cache filename
|
|
- HIP Kernels: Got rid of hip/hip_runtime.h dependancy to enable more easy integration of the HIP backend on Windows
|
|
- SCRYPT Kernels: Add more optimized values for some new NV/AMD GPUs
|
|
|
|
* changes v6.2.2 -> v6.2.3
|
|
|
|
##
|
|
## Algorithms
|
|
##
|
|
|
|
- Added hash-mode: AES-128-ECB NOKDF (PT = $salt, key = $pass)
|
|
- Added hash-mode: AES-192-ECB NOKDF (PT = $salt, key = $pass)
|
|
- Added hash-mode: AES-256-ECB NOKDF (PT = $salt, key = $pass)
|
|
- Added hash-mode: iPhone passcode (UID key + System Keybag)
|
|
- Added hash-mode: MetaMask Wallet
|
|
- Added hash-mode: VeraCrypt PBKDF2-HMAC-Streebog-512 + XTS 512 bit + boot-mode
|
|
- Added hash-mode: VeraCrypt PBKDF2-HMAC-Streebog-512 + XTS 1024 bit + boot-mode
|
|
- Added hash-mode: VeraCrypt PBKDF2-HMAC-Streebog-512 + XTS 1536 bit + boot-mode
|
|
|
|
##
|
|
## Features
|
|
##
|
|
|
|
- Added new backend support for HIP, an OpenCL alternative API for AMD GPUs (similar to CUDA for NVIDIA GPUs)
|
|
- Added option --markov-inverse to inverse markov statistics, with the idea of reversing the order of the password candidates
|
|
- Added temperature watchdog and fanspeed readings for CPU and GPU on macOS using iokit
|
|
- Added temperature watchdog and utilization for CPU on linux using sysfs and procfs
|
|
|
|
##
|
|
## Bugs
|
|
##
|
|
|
|
- Fixed access violation in hashconfig_destroy if hashcat_ctx_t is only partially initialized
|
|
- Fixed 'E' rule in pure kernel mode which was ignoring letters that are in positions that are multiples of 4
|
|
- Fixed false negative in hash-mode 15900 (DPAPI masterkey file v2) if password was longer than 64 characters
|
|
- Fixed hashcat_ctx leak and refactor module and kernel existence checks
|
|
- Fixed integer overflow in Recovered/Time status view column caused by division > 0 but < 1
|
|
- Fixed invalid ETA if --limit was specified, several salts are in a hash list and some of them were found in a potfile
|
|
- Fixed memory leak in iconv_ctx and iconv_tmp in backend.c
|
|
- Fixed missing option to automatically disable kernel cache in -m 25600 and -m 25800
|
|
- Fixed out-of-boundary write in slow candidates mode in combinator attack
|
|
|
|
##
|
|
## Improvements
|
|
##
|
|
|
|
- Alias Devices: Show a warning in case the user specifically listed a device to use which in a later step is skipped because it is an alias of another active device
|
|
- Backend Information: Added new column showing the PCI Address per CUDA/OpenCL device to easier identify broken cards
|
|
- Bcrypt-SHA1/MD5 Kernels: Get rid of local memory use for binary to hex conversion to avoid false negatives on several OpenCL runtimes
|
|
- CPU Affinity: Allow mask up to 64 processors in Windows and remove call to SetThreadAffinityMask as SetProcessAffinityMask limits all threads in process
|
|
- Debug Rules: HEX-ify rules debug non-rules outputs that contain colons
|
|
- KeePass: Increase supported size for KeePass 1 databases from 300kB to 16MB
|
|
- Potfile: Disable potfile for hash-mode 99999
|
|
- VeraCrypt: Increase password length support for non-boot volumes from 64 to 128
|
|
- WPA Kernels: Increased performance by 3.5% for backend devices controlled by CUDA backend
|
|
|
|
##
|
|
## Technical
|
|
##
|
|
|
|
- Autodetect: Limit the number of errors per hash-mode try to 100 to avoid long startup time
|
|
- Brain: Add brain_ctx_t to hashcat_ctx_t to enable runtime check if hashcat was compiled with brain support
|
|
- File handling: Do not abort on seeing a BOM in input files, just warn and ignore the BOM
|
|
- Folders: Do not escape the variable cpath_real to prevent certain OpenCL runtimes from running into an error which do not support escape characters
|
|
- Java Object hashCode: Add OPTS_TYPE_SUGGEST_KG as a default option
|
|
- LM: Workaround JiT compiler bug in -m 3000 on NV leading to false negatives with large amount of hashes
|
|
- OpenCL Runtime: Workaround a problem of the AMD OpenCL GPU driver under macOS which results in false negatives due to changes in the kernel crypto library
|
|
- OpenCL Runtime: Workaround JiT crash (SC failed. No reason given.) on macOS by limiting local memory allocations to 32k
|
|
- Status View: Include time and duration info when pausing and resuming
|
|
- Tests: Changed tests for VeraCrypt from -a 0 to -a 3, because password extension is not available to all shells
|
|
- WinZip Kernel: Increase supported data length from 8k to 16mb
|
|
|
|
* changes v6.2.1 -> v6.2.2
|
|
|
|
##
|
|
## Algorithms
|
|
##
|
|
|
|
- Added hash-mode: bcrypt(md5($pass)) / bcryptmd5
|
|
- Added hash-mode: bcrypt(sha1($pass)) / bcryptsha1
|
|
- Added hash-mode: FortiGate256 (FortiOS256)
|
|
- Added hash-mode: Linux Kernel Crypto API (2.4)
|
|
- Added hash-mode: MurmurHash
|
|
- Added hash-mode: OpenEdge Progress Encode
|
|
- Added hash-mode: md5(utf16le($pass))
|
|
- Added hash-mode: sha1(utf16le($pass))
|
|
- Added hash-mode: sha256(utf16le($pass))
|
|
- Added hash-mode: sha384(utf16le($pass))
|
|
- Added hash-mode: sha512(utf16le($pass))
|
|
- Added hash-mode: md5(md5(md5($pass)))
|
|
- Added hash-mode: sha1(sha1($salt.$pass.$salt))
|
|
- Added hash-mode: sha256($salt.sha256($pass))
|
|
- Added hash-mode: sha384($pass.$salt)
|
|
- Added hash-mode: sha384($salt.$pass)
|
|
- Added hash-mode: sha384($salt.utf16le($pass))
|
|
- Added hash-mode: sha384(utf16le($pass).$salt)
|
|
|
|
##
|
|
## Features
|
|
##
|
|
|
|
- Autodetect hash-type: performs an automatic analysis of input hash(es), either listing compatible algorithms, or executing the attack (if only one compatible format is found)
|
|
- Autodetect hash-type: added option --identify to only perform autodetection of hash-type, without back-end device initialization
|
|
|
|
##
|
|
## Bugs
|
|
##
|
|
|
|
- Fixed error message in -a 9 mode with rules when number of words from wordlist is not in sync with number of unique salts
|
|
- Fixed error-handling logic in monitor thread to not return in case of error (disk full, permission error, ...) but to retry instead
|
|
- Fixed false negatives with TrueCrypt/VeraCrypt when zip- or gzip-compressed files were used as keyfiles
|
|
- Fixed free memory-size output for skipped GPU (both automatic and manual) of --backend-info information screen
|
|
|
|
##
|
|
## Improvements
|
|
##
|
|
|
|
- AES Crypt Plugin: Reduced max password length from 256 to 128 which improved performance by 22%
|
|
- CUDA Backend: If --stdout is used, do not warn about missing CUDA SDK
|
|
- Folder Management: Add support for XDG Base Directory specification when hashcat is installed using 'make install'
|
|
- Hardware Monitor: Add support for GPU device utilization readings from sysfs (AMD on Linux)
|
|
- OpenCL Backend: Use CL_DEVICE_BOARD_NAME_AMD instead of CL_DEVICE_NAME for device name (when supported by OpenCL runtime)
|
|
- Performance Monitor: Suggest -S to improve cracking performance in specific attack configurations
|
|
- RAR3-p (Compressed): Fix workaround in unrar library in AES constant table generation to enable multi-threading support
|
|
- RC4 Kernels: Improved performance by 20%+ with new RC4 code in hash-modes Kerberos 5 (etype 23), MS Office (<= 2003) and PDF (<= 1.6)
|
|
- Scrypt Kernels: Re-enable use of kernel cache in scrypt-based kernels
|
|
- Status Screen: Show currently-running kernel type (pure, optimized) and generator type (host, device)
|
|
- UTF8-to-UTF16: Replaced naive UTF8-to-UTF16 conversion with true conversion for RAR3, AES Crypt, MultiBit HD (scrypt) and Umbraco HMAC-SHA1
|
|
|
|
##
|
|
## Technical
|
|
##
|
|
|
|
- Dependencies: Updated LZMA SDK from 19.00 to 21.02 alpha
|
|
- Dependencies: Updated xxHash from 0.1.0 to v0.8.0 - Stable XXH3
|
|
- Documentation: Update missing documentation in plugin developer guide for OPTS_TYPE_MP_MULTI_DISABLE and OPTS_TYPE_NATIVE_THREADS
|
|
- Hashrate: Update inner-loop hashrate prediction to handle new salt_repeats feature and also respect _loop2 kernel runtime
|
|
- Kernels: Add RC4 cipher to crypto library with optimized shared memory access pattern which will not cause any bank conflicts if -u <= 32
|
|
- Kernels: Add standalone true UTF8-to-UTF16 converter kernel that runs after amplifier. Use OPTS_TYPE_POST_AMP_UTF16LE from plugin
|
|
- Kernel Cache: Add module_jit_build_options() string from modules to kernel cache checksum calculation
|
|
- Modules: Recategorized HASH_CATEGORY option in various modules
|
|
- Modules: Added hash categories HASH_CATEGORY_IMS and HASH_CATEGORY_CRYPTOCURRENCY_WALLET
|
|
- Modules: Changed hash category of Python passlib from HASH_CATEGORY_GENERIC_KDF to HASH_CATEGORY_FRAMEWORK
|
|
- Unit-Tests: Added missing support for OPTS_TYPE_LOOP_PREPARE, OPTS_TYPE_LOOP_PREPARE2 and salt_repeats in self-test
|
|
- Unit-Tests: Added missing unit-test for Stargazer Stellar Wallet XLM
|
|
|
|
* changes v6.2.0 -> v6.2.1
|
|
|
|
##
|
|
## Technical
|
|
##
|
|
|
|
- Dependencies: Updated unrar source from 5.9.4 to 6.0.5
|
|
- Dependencies: Make unrar dependencies optional and disable hash-mode 23800 if dependency is disabled
|
|
|
|
* changes v6.1.1 -> v6.2.0
|
|
|
|
##
|
|
## Algorithms
|
|
##
|
|
|
|
- Added hash-mode: Apple iWork
|
|
- Added hash-mode: AxCrypt 2 AES-128
|
|
- Added hash-mode: AxCrypt 2 AES-256
|
|
- Added hash-mode: BestCrypt v3 Volume Encryption
|
|
- Added hash-mode: Bitwarden
|
|
- Added hash-mode: Dahua Authentication MD5
|
|
- Added hash-mode: KNX IP Secure - Device Authentication Code
|
|
- Added hash-mode: MongoDB ServerKey SCRAM-SHA-1
|
|
- Added hash-mode: MongoDB ServerKey SCRAM-SHA-256
|
|
- Added hash-mode: Mozilla key3.db
|
|
- Added hash-mode: Mozilla key4.db
|
|
- Added hash-mode: MS Office 2016 - SheetProtection
|
|
- Added hash-mode: PDF 1.4 - 1.6 (Acrobat 5 - 8) - edit password
|
|
- Added hash-mode: PKCS#8 Private Keys
|
|
- Added hash-mode: RAR3-p (Compressed)
|
|
- Added hash-mode: RAR3-p (Uncompressed)
|
|
- Added hash-mode: RSA/DSA/EC/OPENSSH Private Keys
|
|
- Added hash-mode: SolarWinds Orion v2
|
|
- Added hash-mode: SolarWinds Serv-U
|
|
- Added hash-mode: SQLCipher
|
|
- Added hash-mode: Stargazer Stellar Wallet XLM
|
|
- Added hash-mode: Stuffit5
|
|
- Added hash-mode: Telegram Desktop >= v2.1.14 (PBKDF2-HMAC-SHA512)
|
|
- Added hash-mode: Umbraco HMAC-SHA1
|
|
- Added hash-mode: sha1($salt.sha1($pass.$salt))
|
|
- Added hash-mode: sha1(sha1($pass).$salt)
|
|
|
|
##
|
|
## Features
|
|
##
|
|
|
|
- Added new attack-mode: Association Attack (aka "Context Attack") to attack hashes from a hashlist with associated "hints"
|
|
- Added support for true UTF-8 to UTF-16 conversion in kernel crypto library
|
|
- Added option --hash-info to show generic information for each hash-mode
|
|
- Added command prompt [f]inish to tell hashcat to quit after finishing the current attack
|
|
|
|
##
|
|
## Bugs
|
|
##
|
|
|
|
- Fixed access to filename which is a null-pointer in benchmark mode
|
|
- Fixed both false negative and false positive results in -m 3000 in -a 3 (affecting only NVIDIA GPU)
|
|
- Fixed buffer overflow in -m 1800 in -O mode which is optimized to handle only password candidates up to length 15
|
|
- Fixed buffer overflow in -m 4710 in -P mode and only in single hash mode if salt length is larger than 32 bytes
|
|
- Fixed hardware management sysfs readings in status screen (typically ROCm controlled GPUs)
|
|
- Fixed include guards in several header files
|
|
- Fixed incorrect maximum password length support for -m 400 in optimized mode (reduced from 55 to 39)
|
|
- Fixed internal access on module option attribute OPTS_TYPE_SUGGEST_KG with the result that it was unused
|
|
- Fixed invalid handling of outfile folder entries for -m 22000
|
|
- Fixed memory leak causing problems in sessions with many iterations - for instance, --benchmark-all or large mask files
|
|
- Fixed memory leaks in several cases of errors with access to temporary files
|
|
- Fixed NVML initialization in WSL2 environments
|
|
- Fixed out-of-boundary reads in cases where user activates -S for fast but pure hashes in -a 1 or -a 3 mode
|
|
- Fixed out-of-boundary reads in kernels using module_extra_buffer_size() if -n is set to 1
|
|
- Fixed password reassembling for cracked hashes on host for slow hashes in optimized mode that are longer than 32 characters
|
|
- Fixed race condition in potfile check during removal of empty hashes
|
|
- Fixed race condition resulting in out of memory error on startup if multiple hashcat instances are started at the same time
|
|
- Fixed rare case of misalignment of the status prompt when other user warnings are shown in the hashcat output
|
|
- Fixed search of tuning database - if a device was not assigned an alias, it couldn't be found in general
|
|
- Fixed test on gzip header in wordlists and hashlists
|
|
- Fixed too-early execution of some module functions that use non-final values opts_type and opti_type
|
|
- Fixed unexpected non-unique salts in multi-hash cracking in Bitcoin/Litecoin wallet.dat module which led to false negatives
|
|
- Fixed unit test for -m 3000 by preventing it to generate zero hashes
|
|
- Fixed unit tests using 'null' as padding method in Crypt::CBC but actually want to use 'none'
|
|
- Fixed unterminated salt buffer in -m 23400 module_hash_encode() in case salt was of length 256
|
|
- Fixed vector datatype support in -m 21100 only -P mode and only -a 3 mode were affected
|
|
|
|
##
|
|
## Improvements
|
|
##
|
|
|
|
- Apple Keychain: Notify the user about the risk of collisions / false positives
|
|
- CUDA Backend: Do not warn about missing CUDA SDK installation if --backend-ignore-cuda is used
|
|
- CUDA Backend: Give detailed warning if either the NVIDIA CUDA or the NVIDIA RTC library cannot be initialized
|
|
- CUDA Backend: Use blocking events to avoid 100% CPU core usage (per GPU)
|
|
- OpenCL Runtime: Workaround JiT compiler deadlock on NVIDIA driver >= 465.89
|
|
- OpenCL Runtime: Workaround JiT compiler segfault on legacy AMDGPU driver compiling RAR3 OpenCL kernel
|
|
- RAR3 Kernels: Improved loop code, improving performance by 23%
|
|
- Scrypt Kernels: Added a number of GPU specific optimizations per hash modes to hashcat.hctune
|
|
- Scrypt Kernels: Added detailed documentation on device specific tunings in hashcat.hctune
|
|
- Scrypt Kernels: Optimized Salsa code portion by reducing register copies and removed unnecessary byte swaps
|
|
- Scrypt Kernels: Reduced kernel wait times by making it a true split kernel where iteration count = N value
|
|
- Scrypt Kernels: Refactored workload configuration strategy based on available resources
|
|
- Startup time: Improved startup time by avoiding some time-intensive operations for skipped devices
|
|
|
|
##
|
|
## Technical
|
|
##
|
|
|
|
- Bcrypt: Make BCRYPT entry for CPU in hashcat.hctune after switch to OPTS_TYPE_MP_MULTI_DISABLE (basically set -n to 1)
|
|
- Benchmark: Update benchmark_deep.pl with new hash modes added (also new hash modes which were added with v6.1.0)
|
|
- Building: Declare phony targets in Makefile to avoid conflicts of a target name with a file of the same name
|
|
- Building: Fixed build warnings on macOS for unrar sources
|
|
- Building: Fixed test for DARWIN_VERSION in Makefile
|
|
- Commandline Options: Removed option --example-hashes, now an alias of --hash-info
|
|
- Compute API: Skipping devices instead of stop if error occured in initialization
|
|
- Documentation: Added 3rd party licenses to docs/license_libs
|
|
- Hash-Mode 8900 (Scrypt): Changed default benchmark scrypt parameters from 1k:1:1 to 16k:8:1 (default)
|
|
- Hash-Mode 11600 (7-Zip): Improved memory handling (alloc and free) for the hook function
|
|
- Hash-Mode 13200 (AxCrypt): Changed the name to AxCrypt 1 to avoid confusion
|
|
- Hash-Mode 13300 (AxCrypt in-memory SHA1): Changed the name to AxCrypt 1 in-memory SHA1
|
|
- Hash-Mode 16300 (Ethereum Pre-Sale Wallet, PBKDF2-HMAC-SHA256): Use correct buffer size allocation for AES key
|
|
- Hash-Mode 20710 (sha256(sha256($pass).$salt)): Removed unused code and fixed module_constraints
|
|
- Hash-Mode 22000 (WPA-PBKDF2-PMKID+EAPOL): Support loading a hash from command line
|
|
- Hash-Mode 23300 (Apple iWork): Use correct buffer size allocation for AES key
|
|
- Hash Parser: Output support for machine-readable hash lines in --show and --left and in error messages
|
|
- Kernel Development: Kernel cache is disabled automatically when hashcat is compiled with DEBUG=1
|
|
- Kernel Functions: Added generic AES-GCM interface see OpenCL/inc_cipher_aes-gcm.h
|
|
- Kernel Functions: Refactored OpenCL/inc_ecc_secp256k1.cl many functions, add constants and documentation
|
|
- Kernel Functions: Refactored OpenCL/inc_ecc_secp256k1.cl to improve usage in external programs
|
|
- Kernel Functions: Wrap atomic functions with hc_ prefix. Custom kernels need to rename "atomic_inc()" to "hc_atomic_inc()"
|
|
- Kernel Parameters: Added new parameter 'salt_repeat' to improve large buffer management
|
|
- Module Parameters: Add OPTS_TYPE_MP_MULTI_DISABLE for use by plugin developers to prevent multiply -n with the MCU count
|
|
- Module Parameters: Add OPTS_TYPE_NATIVE_THREADS for use by plugin developers to enforce native thread count
|
|
- Module Structure: Add 3rd party library hook management functions. This also requires an update to all existing module_init()
|
|
- OpenCL Runtime: Add support for clUnloadPlatformCompiler() to release some resources after JiT compilation
|
|
- OpenCL Runtime: Switched default OpenCL device type on macOS from GPU to CPU. Use -D 2 to enable GPU devices
|
|
- OpenCL Runtime: Update module_unstable_warnings() for all hash modes based on most recent versions of many OpenCL runtimes
|
|
- Unit tests: Added 'potthrough' (like passthrough, but hash:plain) to tools/test.pl
|
|
- Unit tests: Added Python 3 support for all of the Python code in our test framework
|
|
- Unit tests: Fixed the packaging of test (-p) feature
|
|
- Unit tests: Updated test.sh to show kernel type (pure or optimized) in output
|
|
- Unit tests: Use python3/pip3 instead of just python/pip in tools/install_modules.sh
|
|
|
|
* changes v6.1.0 -> v6.1.1
|
|
|
|
##
|
|
## Bugs
|
|
##
|
|
|
|
- Fixed unresolvable relative paths in hashcat.log
|
|
|
|
* changes v6.0.0 -> v6.1.0
|
|
|
|
##
|
|
## Algorithms
|
|
##
|
|
|
|
- Added hash-mode: Apple Keychain
|
|
- Added hash-mode: XMPP SCRAM
|
|
|
|
##
|
|
## Bugs
|
|
##
|
|
|
|
- Fixed alias detection with additional processor core count check
|
|
- Fixed false negatives in hash-mode 10901 if hash-mode 9200, 10000, 10900 or 20300 was used to compile the kernel binary
|
|
- Fixed integer overflow for large masks in -a 6 attack mode
|
|
- Fixed maximum password length in modules of hash-modes 600, 7800, 7801 and 9900
|
|
- Fixed non-zero status code when using --stdout
|
|
- Fixed uninitialized value in bitsliced DES kernel (BF mode only) leading to false negatives
|
|
|
|
##
|
|
## Improvements
|
|
##
|
|
|
|
- Compile macOS: Fixed makefile target 'clean' to correctly remove *.dSYM folders
|
|
- Compile ZLIB: Fixed makefile include paths in case USE_SYSTEM_ZLIB is used
|
|
- Hcchr Files: Renamed some .charset files into .hcchr files
|
|
- Hash-Mode 21200 (md5(sha1($salt).md5($pass))): Improved speed by using pre-computed SHA1
|
|
- OpenCL Devices: Utilize PCI domain to improve alias device detection
|
|
- OpenCL Kernels: Added datatypes to literals of enum costants
|
|
- OpenCL Kernels: Added pure kernels for hash-mode 600 (BLAKE2b-512)
|
|
- OpenCL Runtime: Add some unstable warnings for some SHA512 based algorithms on AMD GPU on macOS
|
|
- OpenCL Runtime: Reinterpret return code CL_DEVICE_NOT_FOUND from clGetDeviceIDs() as non-fatal
|
|
|
|
##
|
|
## Technical
|
|
##
|
|
|
|
- Backend: Changed the maximum number of compute devices from 64 to 128
|
|
- Tests: Improved tests for hash-mode 11300 (Bitcoin/Litecoin wallet.dat)
|
|
- Tests: Improved tests for hash-mode 13200 (AxCrypt)
|
|
- Tests: Improved tests for hash-mode 13600 (WinZip)
|
|
- Tests: Improved tests for hash-mode 16400 (CRAM-MD5 Dovecot)
|
|
- Tests: Improved tests for hash-mode 16800 (WPA-PMKID-PBKDF2)
|
|
|
|
* changes v5.1.0 -> v6.0.0
|
|
|
|
##
|
|
## Features
|
|
##
|
|
|
|
- Refactored hash-mode integration and replaced it with a fully modularized plugin interface
|
|
- Converted all existing hardwired hash-modes to hashcat plugins
|
|
- Added comprehensive plugin developer guide on adding new/custom hash-modes to hashcat
|
|
- Refactored compute backend interface to allow adding compute API other than OpenCL
|
|
- Added CUDA as a new compute backend (enables hashcat to run on NVIDIA Jetson, IBM POWER9 w/ Nvidia V100, etc.)
|
|
- Support automatic use of all available GPU memory when using CUDA backend
|
|
- Support automatic use of all available CPU cores for hash-mode-specific hooks
|
|
- Support on-the-fly loading of compressed wordlists in zip and gzip format
|
|
- Support deflate decompression for the 7-Zip hash-mode using zlib hook
|
|
- Added additional documentation on hashcat brain, slow-candidate interface and keyboard-layout mapping features
|
|
- Keep output of --show and --left in the original ordering of the input hash file
|
|
- Improved performance of many hash-modes
|
|
|
|
##
|
|
## Algorithms
|
|
##
|
|
|
|
- Added hash-mode: AES Crypt (SHA256)
|
|
- Added hash-mode: Android Backup
|
|
- Added hash-mode: AuthMe sha256
|
|
- Added hash-mode: BitLocker
|
|
- Added hash-mode: BitShares v0.x
|
|
- Added hash-mode: Blockchain, My Wallet, Second Password (SHA256)
|
|
- Added hash-mode: Citrix NetScaler (SHA512)
|
|
- Added hash-mode: DiskCryptor
|
|
- Added hash-mode: Electrum Wallet (Salt-Type 3-5)
|
|
- Added hash-mode: Huawei Router sha1(md5($pass).$salt)
|
|
- Added hash-mode: Java Object hashCode()
|
|
- Added hash-mode: Kerberos 5 Pre-Auth etype 17 (AES128-CTS-HMAC-SHA1-96)
|
|
- Added hash-mode: Kerberos 5 Pre-Auth etype 18 (AES256-CTS-HMAC-SHA1-96)
|
|
- Added hash-mode: Kerberos 5 TGS-REP etype 17 (AES128-CTS-HMAC-SHA1-96)
|
|
- Added hash-mode: Kerberos 5 TGS-REP etype 18 (AES256-CTS-HMAC-SHA1-96)
|
|
- Added hash-mode: MultiBit Classic .key (MD5)
|
|
- Added hash-mode: MultiBit HD (scrypt)
|
|
- Added hash-mode: MySQL $A$ (sha256crypt)
|
|
- Added hash-mode: Open Document Format (ODF) 1.1 (SHA-1, Blowfish)
|
|
- Added hash-mode: Open Document Format (ODF) 1.2 (SHA-256, AES)
|
|
- Added hash-mode: Oracle Transportation Management (SHA256)
|
|
- Added hash-mode: PKZIP archive encryption
|
|
- Added hash-mode: PKZIP Master Key
|
|
- Added hash-mode: Python passlib pbkdf2-sha1
|
|
- Added hash-mode: Python passlib pbkdf2-sha256
|
|
- Added hash-mode: Python passlib pbkdf2-sha512
|
|
- Added hash-mode: QNX /etc/shadow (MD5)
|
|
- Added hash-mode: QNX /etc/shadow (SHA256)
|
|
- Added hash-mode: QNX /etc/shadow (SHA512)
|
|
- Added hash-mode: RedHat 389-DS LDAP (PBKDF2-HMAC-SHA256)
|
|
- Added hash-mode: Ruby on Rails Restful-Authentication
|
|
- Added hash-mode: SecureZIP AES-128
|
|
- Added hash-mode: SecureZIP AES-192
|
|
- Added hash-mode: SecureZIP AES-256
|
|
- Added hash-mode: SolarWinds Orion
|
|
- Added hash-mode: Telegram Desktop App Passcode (PBKDF2-HMAC-SHA1)
|
|
- Added hash-mode: Telegram Mobile App Passcode (SHA256)
|
|
- Added hash-mode: Web2py pbkdf2-sha512
|
|
- Added hash-mode: WPA-PBKDF2-PMKID+EAPOL
|
|
- Added hash-mode: WPA-PMK-PMKID+EAPOL
|
|
- Added hash-mode: md5($salt.sha1($salt.$pass))
|
|
- Added hash-mode: md5(sha1($pass).md5($pass).sha1($pass))
|
|
- Added hash-mode: md5(sha1($salt).md5($pass))
|
|
- Added hash-mode: sha1(md5(md5($pass)))
|
|
- Added hash-mode: sha1(md5($pass.$salt))
|
|
- Added hash-mode: sha1(md5($pass).$salt)
|
|
- Added hash-mode: sha1($salt1.$pass.$salt2)
|
|
- Added hash-mode: sha256(md5($pass))
|
|
- Added hash-mode: sha256($salt.$pass.$salt)
|
|
- Added hash-mode: sha256(sha256_bin($pass))
|
|
- Added hash-mode: sha256(sha256($pass).$salt)
|
|
|
|
##
|
|
## Bugs
|
|
##
|
|
|
|
- Fixed buffer overflow in build_plain() function
|
|
- Fixed buffer overflow in mp_add_cs_buf() function
|
|
- Fixed calculation of brain-session ID - only the first hash of the hashset was taken into account
|
|
- Fixed cleanup of password candidate buffers on GPU as set from autotune when -n parameter was used
|
|
- Fixed copy/paste error leading to invalid "Integer overflow detected in keyspace of mask" in attack-mode 6 and 7
|
|
- Fixed cracking multiple Office hashes (modes 9500, 9600) if hashes shared the same salt
|
|
- Fixed cracking of Blockchain, My Wallet (V1 and V2) hashes when testing decrypted data in unexpected format
|
|
- Fixed cracking of Cisco-PIX and Cisco-ASA MD5 passwords in mask-attack mode when mask > length 16
|
|
- Fixed cracking of DNSSEC (NSEC3) hashes by replacing all dots in the passwords with lengths
|
|
- Fixed cracking of Electrum Wallet Salt-Type 2 hashes
|
|
- Fixed cracking of NetNTLMv1 passwords in mask-attack mode when mask > length 16 (optimized kernels only)
|
|
- Fixed cracking of RAR3-hp hashes with pure kernel for passwords longer than 28 bytes
|
|
- Fixed cracking of VeraCrypt Streebog-512 hashes (CPU only)
|
|
- Fixed cracking raw Streebog-HMAC 256 and 512 hashes for passwords of length >= 64
|
|
- Fixed cracking raw Whirlpool hashes cracking for passwords of length >= 32
|
|
- Fixed incorrect progress-only result in a special race condition
|
|
- Fixed invalid call of mp_css_utf16le_expand()/mp_css_utf16be_expand() in slow-candidate sessions
|
|
- Fixed invalid password truncation in attack-mode 1 when the final password is longer than 32 characters
|
|
- Fixed invalid use of --hex-wordlist if encoded wordlist string is larger than length 256
|
|
- Fixed maximum password length limit which was announced as 256 but was actually 255
|
|
- Fixed out-of-boundary read in pure kernel rule engine rule 'p' when parameter was set to 2 or higher
|
|
- Fixed out-of-boundary write to decrypted[] in DPAPI masterkey file v1 kernel
|
|
- Fixed output of IKE PSK (mode 5300 and 5400) hashes to use separators in the correct position
|
|
- Fixed output password of "e" rule in pure and CPU rule engine when separator character is also the first letter
|
|
- Fixed problem with usage of hexadecimal notation (\x00-\xff) within rules
|
|
- Fixed race condition in maskfile mode by using a dedicated flag for restore execution
|
|
- Fixed some memory leaks when hashcat is shutting down due to some file error
|
|
- Fixed some memory leaks when mask-files are used in optimized mode
|
|
- Fixed --status-json to correctly escape certain characters in hashes
|
|
- Fixed the 7-Zip parser to allow the entire supported range of encrypted and decrypted data lengths
|
|
- Fixed the validation of the --brain-client-features command line argument (only values 1, 2 or 3 are allowed)
|
|
|
|
##
|
|
## Improvements
|
|
##
|
|
|
|
- Bitcoin Wallet: Be more user friendly by allowing a larger data range for ckey and public_key
|
|
- Brain: Added new parameter --brain-server-timer to specify seconds between scheduled backups
|
|
- Building: Fix for library compilation failure due to multiple defenition of sbob_xx64()
|
|
- Cracking bcrypt and Password Safe v2: Use feedback from the compute API backend to dynamically calculate optimal thread count
|
|
- Dictstat: On Windows, the st_ino attribute in the stat struct is not set, which can lead to invalid cache hits. Added the filename to the database entry.
|
|
- Documents: Added README on how to build hashcat on Cygwin, MSYS2 and WSL
|
|
- File handling: Print a truncation warning when an oversized line is detected
|
|
- My Wallet: Added additional plaintext pattern used in newer versions
|
|
- Office cracking: Support hash format with second block data for 40-bit oldoffice files (eliminates false positives)
|
|
- OpenCL Runtime: Added a warning if OpenCL runtime NEO, Beignet, POCL (v1.4 or older) or MESA is detected, and skip associated devices (override with --force)
|
|
- OpenCL Runtime: Allow the kernel to access post-48k shared memory region on CUDA. Requires both module and kernel preparation
|
|
- OpenCL Runtime: Disable OpenCL kernel cache on Apple for Intel CPU (throws CL_BUILD_PROGRAM_FAILURE for no reason)
|
|
- OpenCL Runtime: Do not run shared- or constant-memory size checks if their memory type is of type global memory (typically CPU)
|
|
- OpenCL Runtime: Improve ROCm detection and make sure to not confuse with recent AMDGPU drivers
|
|
- OpenCL Runtime: Not using amd_bytealign (amd_bitalign is fine) on AMDGPU driver drastically reduces JiT segfaults
|
|
- OpenCL Runtime: Unlocked maximum thread count for NVIDIA GPU
|
|
- OpenCL Runtime: Update unstable mode warnings for Apple and AMDGPU drivers
|
|
- OpenCL Runtime: Workaround JiT compiler error on AMDGPU driver compiling WPA-EAPOL-PBKDF2 OpenCL kernel
|
|
- OpenCL Runtime: Workaround JiT compiler error on ROCm 2.3 driver if the 'inline' keyword is used in function declaration
|
|
- OpenCL Runtime: Workaround memory allocation error on AMD driver on Windows leading to CL_MEM_OBJECT_ALLOCATION_FAILURE
|
|
- OpenCL Runtime: Removed some workarounds by calling chdir() to specific folders on startup
|
|
- Outfile: Added new system to specify the outfile format, the new --outfile-format now also supports timestamps
|
|
- Startup Checks: Improved the pidfile check: Do not just check for existing PID, but also check executable filename
|
|
- Startup Checks: Prevent the user from modifying options which are overwritten automatically in benchmark mode
|
|
- Startup Screen: Add extra warning when using --force
|
|
- Startup Screen: Add extra warning when using --keep-guessing
|
|
- Startup Screen: Provide an estimate of host memory required for the requested attack
|
|
- Status Screen: Added brain status for all compute devices
|
|
- Status Screen: Added remaining counts and changed recovered count logic
|
|
- Status Screen: Added --status-json flag for easier machine reading of hashcat status output
|
|
- Tab Completion: Allow using "make install" version of hashcat
|
|
- Tuning Database: Updated hashcat.hctune with new models and refreshed vector width values
|
|
- VeraCrypt: Added support for VeraCrypt PIM brute-force, replaced --veracrypt-pim with --veracrypt-pim-start and --veracrypt-pim-stop
|
|
- WipZip cracking: Added two byte early reject, resulting in higher cracking speed
|
|
- WPA/WPA2 cracking: In the potfile, replace password with PMK in order to detect already cracked networks across all WPA modes
|
|
|
|
##
|
|
## Technical
|
|
##
|
|
|
|
- Backend Interface: Added new options --backend-ignore-cuda and --backend-ingore-opencl to prevent CUDA and/or OpenCL API from being used
|
|
- Binary Distribution: Removed 32-bit binary executables
|
|
- Building: On macOS, switch from ar to /usr/bin/ar to improve building compatibility
|
|
- Building: Skipping Travis/Appveyor build for non-code changes
|
|
- Codebase: Cleanup of many unused rc_* variables
|
|
- Codebase: Fixed some printf() format arguments
|
|
- Codebase: Fixed some type casting to avoid truncLongCastAssignment warnings
|
|
- Codebase: Moved hc_* file functions from shared.c to filehandling.c
|
|
- Codebase: Ran through a bunch of clang-tidy checkers and updated code accordingly
|
|
- Codebase: Remove redundant calls to fclose()
|
|
- Dependencies: Updated LZMA-Headers from 18.05 to 19.00
|
|
- Dependencies: Updated OpenCL-Headers to latest version from GitHub master repository
|
|
- Hash-Mode 12500 (RAR3-hp): Allow cracking of passwords up to length 64
|
|
- Hash-mode 1460 (HMAC-SHA256 (key = $salt)): Allow up to 64 byte of salt
|
|
- Hash-Mode 1680x (WPA-PMKID) specific: Changed separator character from '*' to ':'
|
|
- Hash-Mode 8300 (DNSSEC (NSEC3)) specific: Allow empty salt
|
|
- Keep Guessing: No longer automatically activate --keep-guessing for modes 9720, 9820, 14900 and 18100
|
|
- Keep Guessing: No longer mark hashes as cracked/removed when in potfile
|
|
- Kernel Cache: Reactivate OpenCL runtime specific kernel caches
|
|
- Kernel Compile: Removed -cl-std= from all kernel build options since we're compatible to all OpenCL versions
|
|
- OpenCL Kernels: Fix OpenCL compiler warning on double precision constants
|
|
- OpenCL Kernels: Moved "gpu_decompress", "gpu_memset" and "gpu_atinit" into shared.cl in order to reduce compile time
|
|
- OpenCL Options: Removed --opencl-platforms filter in order to force backend device numbers to stay constant
|
|
- OpenCL Options: Set --spin-damp to 0 (disabled) by default. With the CUDA backend this workaround became deprecated
|
|
- Parsers: switched from strtok() to strtok_r() for thread safety
|
|
- Requirements: Add new requirement for NVIDIA GPU: CUDA Toolkit (9.0 or later)
|
|
- Requirements: Update runtime check for minimum NVIDIA driver version from 367.x to 440.64 or later
|
|
- Test Script: Switched from /bin/bash to generic /bin/sh and updated code accordingly
|
|
|
|
* changes v5.0.0 -> v5.1.0
|
|
|
|
##
|
|
## Features
|
|
##
|
|
|
|
- Added support for using --stdout in brain-client mode
|
|
- Added new option --stdin-timeout-abort, to set how long hashcat should wait for stdin input before aborting
|
|
- Added new option --kernel-threads to manually override the automatically-calculated number of threads
|
|
- Added new option --keyboard-layout-mapping to map users keyboard layout, required to crack TC/VC system boot volumes
|
|
|
|
##
|
|
## Algorithms
|
|
##
|
|
|
|
- Added pure kernels for hash-mode 11700 (Streebog-256)
|
|
- Added pure kernels for hash-mode 11800 (Streebog-512)
|
|
- Added hash-mode 11750 (HMAC-Streebog-256 (key = $pass), big-endian)
|
|
- Added hash-mode 11760 (HMAC-Streebog-256 (key = $salt), big-endian)
|
|
- Added hash-mode 11850 (HMAC-Streebog-512 (key = $pass), big-endian)
|
|
- Added hash-mode 11860 (HMAC-Streebog-512 (key = $salt), big-endian)
|
|
- Added hash-mode 13771 (VeraCrypt PBKDF2-HMAC-Streebog-512 + XTS 512 bit)
|
|
- Added hash-mode 13772 (VeraCrypt PBKDF2-HMAC-Streebog-512 + XTS 1024 bit)
|
|
- Added hash-mode 13773 (VeraCrypt PBKDF2-HMAC-Streebog-512 + XTS 1536 bit)
|
|
- Added hash-mode 18200 (Kerberos 5 AS-REP etype 23)
|
|
- Added hash-mode 18300 (Apple File System (APFS))
|
|
- Added Kuznyechik cipher and cascades support for VeraCrypt kernels
|
|
- Added Camellia cipher and cascades support for VeraCrypt kernels
|
|
|
|
##
|
|
## Improvements
|
|
##
|
|
|
|
- OpenCL Devices: Add support for up to 64 OpenCL devices per system
|
|
- OpenCL Platforms: Add support for up to 64 OpenCL platforms per system
|
|
- OpenCL Runtime: Use our own yielding technique for synchronizing rather than vendor specific
|
|
- Startup: Show OpenCL runtime initialization message (per device)
|
|
- xxHash: Added support for using the version provided by the OS/distribution
|
|
|
|
##
|
|
## Bugs
|
|
##
|
|
|
|
- Fixed automated calculation of brain-session when not using all hashes in the hashlist
|
|
- Fixed calculation of brain-attack if a given wordlist has zero size
|
|
- Fixed checking the length of the last token in a hash if it was given the attribute TOKEN_ATTR_FIXED_LENGTH
|
|
- Fixed endianness and invalid separator character in outfile format for hash-mode 16801 (WPA-PMKID-PMK)
|
|
- Fixed ignoring --brain-client-features configuration when brain server has attack-position information from a previous run
|
|
- Fixed invalid hardware monitor detection in benchmark mode
|
|
- Fixed invalid warnings about throttling when --hwmon-disable was used
|
|
- Fixed missing call to WSACleanup() to cleanly shutdown windows sockets system
|
|
- Fixed missing call to WSAStartup() and client indexing in order to start the brain server on Windows
|
|
- Fixed out-of-boundary read in DPAPI masterkey file v2 OpenCL kernel
|
|
- Fixed out-of-bounds write in short-term memory of the brain server
|
|
- Fixed output of --speed-only and --progress-only when fast hashes are used in combination with --slow-candidates
|
|
- Fixed selection of OpenCL devices (-d) if there's more than 32 OpenCL devices installed
|
|
- Fixed status output of progress value when -S and -l are used in combination
|
|
- Fixed thread count maximum for pure kernels in straight attack mode
|
|
|
|
##
|
|
## Technical
|
|
##
|
|
|
|
- Brain: Set --brain-client-features default from 3 to 2
|
|
- Dependencies: Added xxHash and OpenCL-Headers to deps/ in order to allow building hashcat from GitHub source release package
|
|
- Dependencies: Removed gitmodules xxHash and OpenCL-Headers
|
|
- Keymaps: Added hashcat keyboard mapping us.hckmap (can be used as template)
|
|
- Keymaps: Added hashcat keyboard mapping de.hckmap
|
|
- Hardware Monitor: Renamed --gpu-temp-abort to --hwmon-temp-abort
|
|
- Hardware Monitor: Renamed --gpu-temp-disable to --hwmon-disable
|
|
- Memory: Limit maximum host memory allocation depending on bitness
|
|
- Memory: Reduced default maximum bitmap size from 24 to 18 and give a notice to use --bitmap-max to restore
|
|
- Parameter: Rename --nvidia-spin-damp to --spin-damp (now accessible for all devices)
|
|
- Pidfile: Treat a corrupted pidfile like a not existing pidfile
|
|
- OpenCL Device: Do a real query on OpenCL local memory type instead of just assuming it
|
|
- OpenCL Runtime: Disable auto-vectorization for Intel OpenCL runtime to workaround hanging JiT since version 18.1.0.013
|
|
- Tests: Added hash-mode 11700 (Streebog-256)
|
|
- Tests: Added hash-mode 11750 (HMAC-Streebog-256 (key = $pass), big-endian)
|
|
- Tests: Added hash-mode 11760 (HMAC-Streebog-256 (key = $salt), big-endian)
|
|
- Tests: Added hash-mode 11800 (Streebog-512)
|
|
- Tests: Added hash-mode 11850 (HMAC-Streebog-512 (key = $pass), big-endian)
|
|
- Tests: Added hash-mode 11860 (HMAC-Streebog-512 (key = $salt), big-endian)
|
|
- Tests: Added hash-mode 13711 (VeraCrypt PBKDF2-HMAC-RIPEMD160 + XTS 512 bit)
|
|
- Tests: Added hash-mode 13712 (VeraCrypt PBKDF2-HMAC-RIPEMD160 + XTS 1024 bit)
|
|
- Tests: Added hash-mode 13713 (VeraCrypt PBKDF2-HMAC-RIPEMD160 + XTS 1536 bit)
|
|
- Tests: Added hash-mode 13721 (VeraCrypt PBKDF2-HMAC-SHA512 + XTS 512 bit)
|
|
- Tests: Added hash-mode 13722 (VeraCrypt PBKDF2-HMAC-SHA512 + XTS 1024 bit)
|
|
- Tests: Added hash-mode 13723 (VeraCrypt PBKDF2-HMAC-SHA512 + XTS 1536 bit)
|
|
- Tests: Added hash-mode 13731 (VeraCrypt PBKDF2-HMAC-Whirlpool + XTS 512 bit)
|
|
- Tests: Added hash-mode 13732 (VeraCrypt PBKDF2-HMAC-Whirlpool + XTS 1024 bit)
|
|
- Tests: Added hash-mode 13733 (VeraCrypt PBKDF2-HMAC-Whirlpool + XTS 1536 bit)
|
|
- Tests: Added hash-mode 13751 (VeraCrypt PBKDF2-HMAC-SHA256 + XTS 512 bit)
|
|
- Tests: Added hash-mode 13752 (VeraCrypt PBKDF2-HMAC-SHA256 + XTS 1024 bit)
|
|
- Tests: Added hash-mode 13753 (VeraCrypt PBKDF2-HMAC-SHA256 + XTS 1536 bit)
|
|
- Tests: Added hash-mode 13771 (VeraCrypt PBKDF2-HMAC-Streebog-512 + XTS 512 bit)
|
|
- Tests: Added hash-mode 13772 (VeraCrypt PBKDF2-HMAC-Streebog-512 + XTS 1024 bit)
|
|
- Tests: Added hash-mode 13773 (VeraCrypt PBKDF2-HMAC-Streebog-512 + XTS 1536 bit)
|
|
- Tests: Added VeraCrypt containers for Kuznyechik cipher and cascades
|
|
- Tests: Added VeraCrypt containers for Camellia cipher and cascades
|
|
|
|
* changes v4.2.1 -> v5.0.0
|
|
|
|
##
|
|
## Features
|
|
##
|
|
|
|
- Added new option --slow-candidates which allows hashcat to generate passwords on-host
|
|
- Added new option --brain-server to start a hashcat brain server
|
|
- Added new option --brain-client to start a hashcat brain client, automatically activates --slow-candidates
|
|
- Added new option --brain-host and --brain-port to specify ip and port of brain server, both listening and connecting
|
|
- Added new option --brain-session to override automatically calculated brain session ID
|
|
- Added new option --brain-session-whitelist to allow only explicit written session ID on brain server
|
|
- Added new option --brain-password to specify the brain server authentication password
|
|
- Added new option --brain-client-features which allows enable and disable certain features of the hashcat brain
|
|
|
|
##
|
|
## Algorithms
|
|
##
|
|
|
|
- Added hash-mode 17300 = SHA3-224
|
|
- Added hash-mode 17400 = SHA3-256
|
|
- Added hash-mode 17500 = SHA3-384
|
|
- Added hash-mode 17600 = SHA3-512
|
|
- Added hash-mode 17700 = Keccak-224
|
|
- Added hash-mode 17800 = Keccak-256
|
|
- Added hash-mode 17900 = Keccak-384
|
|
- Added hash-mode 18000 = Keccak-512
|
|
- Added hash-mode 18100 = TOTP (HMAC-SHA1)
|
|
- Removed hash-mode 5000 = SHA-3 (Keccak)
|
|
|
|
##
|
|
## Improvements
|
|
##
|
|
|
|
- Added additional hybrid "passthrough" rules, to enable variable-length append/prepend attacks
|
|
- Added a periodic check for read timeouts in stdin/pipe mode, and abort if no input was provided
|
|
- Added a tracker for salts, amplifier and iterations to the status screen
|
|
- Added option --markov-hcstat2 to make it clear that the new hcstat2 format (compressed hcstat2gen output) must be used
|
|
- Allow bitcoin master key lengths other than 96 bytes (but they must be always multiples of 16)
|
|
- Allow hashfile for -m 16800 to be used with -m 16801
|
|
- Allow keepass iteration count to be larger than 999999
|
|
- Changed algorithms using colon as separators in the hash to not use the hashconfig separator on parsing
|
|
- Do not allocate memory segments for bitmap tables if we don't need it - for example, in benchmark mode
|
|
- Got rid of OPTS_TYPE_HASH_COPY for Ansible Vault
|
|
- Improved the speed of the outfile folder scan when using many hashes/salts
|
|
- Increased the maximum size of edata2 in Kerberos 5 TGS-REP etype 23
|
|
- Make the masks parser more restrictive by rejecting a single '?' at the end of the mask (use ?? instead)
|
|
- Override --quiet and show final status screen in case --status is used
|
|
- Removed duplicate words in the dictionary file example.dict
|
|
- Updated Intel OpenCL runtime version check
|
|
- Work around some AMD OpenCL runtime segmentation faults
|
|
- Work around some padding issues with host compilers and OpenCL JiT on 32 and 64-bit systems
|
|
|
|
##
|
|
## Bugs
|
|
##
|
|
|
|
- Fixed a invalid scalar datatype return value in hc_bytealign() where it should be a vector datatype return value
|
|
- Fixed a problem with attack mode -a 7 together with stdout mode where the mask bytes were missing in the output
|
|
- Fixed a problem with tab completion where --self-test-disable incorrectly expected a further parameter/value
|
|
- Fixed a race condition in status view that lead to out-of-bound reads
|
|
- Fixed detection of unique ESSID in WPA-PMKID-* parser
|
|
- Fixed missing wordlist encoding in combinator mode
|
|
- Fixed speed/delay problem when quitting while the outfile folder is being scanned
|
|
- Fixed the ciphertext max length in Ansible Vault parser
|
|
- Fixed the tokenizer configuration in Postgres hash parser
|
|
- Fixed the byte order of digest output for hash-mode 11800 (Streebog-512)
|
|
|
|
* changes v4.2.0 -> v4.2.1
|
|
|
|
##
|
|
## Improvements
|
|
##
|
|
|
|
- Try to evaluate available OpenCL device memory and use this information instead of total available OpenCL device memory for autotune
|
|
|
|
##
|
|
## Bugs
|
|
##
|
|
|
|
- Fixed a buffer overflow in precompute_salt_md5() in case salt was longer than 64 characters
|
|
|
|
* changes v4.1.0 -> v4.2.0
|
|
|
|
##
|
|
## Algorithms
|
|
##
|
|
|
|
- Added hash-mode 16700 = FileVault 2
|
|
- Added hash-mode 16800 = WPA-PMKID-PBKDF2
|
|
- Added hash-mode 16801 = WPA-PMKID-PMK
|
|
- Added hash-mode 16900 = Ansible Vault
|
|
|
|
##
|
|
## Improvements
|
|
##
|
|
|
|
- Added JtR-compatible support for hex notation in rules engine
|
|
- Added OpenCL device utilization to the status information in machine-readable output
|
|
- Added missing NV Tesla and Titan GPU details to tuning database
|
|
- General file handling: Abort if a byte order mark (BOM) was detected in a wordlist, hashlist, maskfile or rulefile
|
|
- HCCAPX management: Use advanced hints in message_pair stored by hcxtools about endian bitness of replay counter
|
|
- OpenCL kernels: Abort session if kernel self-test fails
|
|
- OpenCL kernels: Add '-pure' prefix to kernel filenames to avoid problems caused by reusing existing hashcat installation folder
|
|
- OpenCL kernels: Removed the use of 'volatile' in inline assembly instructions where it is not needed
|
|
- OpenCL kernels: Switched array pointer types in function declarations in order to be compatible with OpenCL 2.0
|
|
- Refactored code for --progress-only and --speed-only calculation
|
|
- SIP cracking: Increased the nonce field to allow a salt of 1024 bytes
|
|
- TrueCrypt/VeraCrypt cracking: Do an entropy check on the TC/VC header on start
|
|
|
|
##
|
|
## Bugs
|
|
##
|
|
|
|
- Fixed a function declaration attribute in -m 8900 kernel leading to unusable -m 9300 which shares kernel code with -m 8900
|
|
- Fixed a miscalculation in --progress-only mode output for extremely slow kernels like -m 14800
|
|
- Fixed a missing check for errors on OpenCL devices leading to invalid removal of restore file
|
|
- Fixed a missing kernel in -m 5600 in combination with -a 3 and -O if mask is >= 16 characters
|
|
- Fixed detection of AMD_GCN version in case the rocm driver is used
|
|
- Fixed missing code section in -m 2500 and -m 2501 to crack corrupted handshakes with a LE endian bitness base
|
|
- Fixed a missing check for hashmodes using OPTS_TYPE_PT_UPPER causing the self-test to fail when using combinator- and hybrid-mode
|
|
|
|
* changes v4.0.1 -> v4.1.0
|
|
|
|
##
|
|
## Features
|
|
##
|
|
|
|
- Added option --benchmark-all to benchmark all hash-modes (not just the default selection)
|
|
- Removed option --gpu-temp-retain that tried to retain GPU temperature at X degrees celsius - please use driver-specific tools
|
|
- Removed option --powertune-enable to enable power tuning - please use driver specific tools
|
|
|
|
##
|
|
## Algorithms
|
|
##
|
|
|
|
- Added hash-mode 16000 = Tripcode
|
|
- Added hash-mode 16100 = TACACS+
|
|
- Added hash-mode 16200 = Apple Secure Notes
|
|
- Added hash-mode 16300 = Ethereum Pre-Sale Wallet, PBKDF2-SHA256
|
|
- Added hash-mode 16400 = CRAM-MD5 Dovecot
|
|
- Added hash-mode 16500 = JWT (JSON Web Token)
|
|
- Added hash-mode 16600 = Electrum Wallet (Salt-Type 1-2)
|
|
|
|
##
|
|
## Bugs
|
|
##
|
|
|
|
- Fixed a configuration setting for -m 400 in pure kernel mode which said it was capable of doing SIMD when it is not
|
|
- Fixed a hash parsing problem for 7-Zip hashes: allow a longer CRC32 data length field within the hash format
|
|
- Fixed a hash parsing problem when using --show/--left with hashes with long salts that required pure kernels
|
|
- Fixed a logic error in storing temporary progress for slow hashes, leading to invalid speeds in status view
|
|
- Fixed a mask-length check issue: return -1 in case the mask length is not within the password-length range
|
|
- Fixed a missing check for return code in case hashcat.hcstat2 was not found
|
|
- Fixed a race condition in combinator- and hybrid-mode where the same scratch buffer was used by multiple threads
|
|
- Fixed a restore issue leading to "Restore value is greater than keyspace" when mask files or wordlist folders were used
|
|
- Fixed a uninitialized value in OpenCL kernels 9720, 9820 and 10420 leading to absurd benchmark performance
|
|
- Fixed the maximum password length check in password-reassembling function
|
|
- Fixed the output of --show when $HEX[] passwords were present within the potfile
|
|
|
|
##
|
|
## Improvements
|
|
##
|
|
|
|
- OpenCL Kernels: Add a decompressing kernel and a compressing host code in order to reduce PCIe transfer time
|
|
- OpenCL Kernels: Improve performance preview accuracy in --benchmark, --speed-only and --progress-only mode
|
|
- OpenCL Kernels: Remove password length restriction of 16 for Cisco-PIX and Cisco-ASA hashes
|
|
- Terminal: Display set cost/rounds during benchmarking
|
|
- Terminal: Show [r]esume in prompt only in pause mode, and show [p]ause in prompt only in resume mode
|
|
|
|
##
|
|
## Technical
|
|
##
|
|
|
|
- Autotune: Improve autotune engine logic and synchronize results on same OpenCL devices
|
|
- Documents: Added docs/limits.txt
|
|
- Files: Copy include/ folder and its content when SHARED is set to 1 in Makefile
|
|
- Files: Switched back to relative current working directory on windows to work around problems with Unicode characters
|
|
- Hashcat Context: Fixed a memory leak in shutdown phase
|
|
- Hash Parser: Changed the way large strings are handled/truncated within the event buffer if they are too large to fit
|
|
- Hash Parser: Fixed a memory leak in shutdown phase
|
|
- Hash Parser: Fixed the use of strtok_r () calls
|
|
- OpenCL Devices: Fixed several memory leaks in shutdown phase
|
|
- OpenCL Kernels: Add general function declaration keyword (inline) and some OpenCL runtime specific exceptions for NV and CPU devices
|
|
- OpenCL Kernels: Replace variables from uXX to uXXa if used in __constant space
|
|
- OpenCL Kernels: Use a special kernel to initialize the password buffer used during autotune measurements, to reduce startup time
|
|
- OpenCL Kernels: Refactored kernel thread management from native to maximum per kernel
|
|
- OpenCL Kernels: Use three separate comparison kernels (depending on keyver) for WPA instead of one
|
|
- OpenCL Runtime: Add current timestamp to OpenCL kernel source in order to force OpenCL JiT compiler to recompile and not use the cache
|
|
- OpenCL Runtime: Enforce use of OpenCL version 1.2 to restrain OpenCL runtimes to make use of the __generic address space qualifier
|
|
- OpenCL Runtime: Updated rocm detection
|
|
- Returncode: Enforce return code 0 when the user selects --speed-only or --progress-only and no other error occurs
|
|
- Rules: Fixed some default rule-files after changing rule meaning of 'x' to 'O'
|
|
- Self Test: Skip self-test for mode 8900 - user-configurable scrypt settings are incompatible with fixed settings in the self-test hash
|
|
- Self Test: Skip self-test for mode 15700 because the settings are too high and cause startup times that are too long
|
|
- Terminal: Add workitem settings to status display (can be handy for debugging)
|
|
- Terminal: Send clear-line code to the same output stream as the message immediately following
|
|
- Timer: Switch from gettimeofday() to clock_gettime() to work around problems on cygwin
|
|
- User Options: According to getopts manpage, the last element of the option array has to be filled with zeros
|
|
|
|
* changes v4.0.0 -> v4.0.1:
|
|
|
|
##
|
|
## Improvements
|
|
##
|
|
|
|
- Changed the maximum length of the substring of a hash shown whenever the parser found a problem while parsing the hash
|
|
|
|
##
|
|
## Bugs
|
|
##
|
|
|
|
- Fixed a memory leak while parsing a wordlist
|
|
- Fixed compile of kernels on AMD systems on windows due to invalid detection of ROCm
|
|
- Fixed compile of sources using clang under MSYS2
|
|
- Fixed overlapping memory segment copy in CPU rule engine if using a specific rule function
|
|
- Fixed a parallel build problem when using the "install" Makefile target
|
|
- Fixed the version number extraction for github releases which do not including the .git directory
|
|
|
|
* changes v3.6.0 -> v4.0.0:
|
|
|
|
##
|
|
## Features
|
|
##
|
|
|
|
- Added support to crack passwords and salts up to length 256
|
|
- Added option --optimized-kernel-enable to use faster kernels but limit the maximum supported password- and salt-length
|
|
- Added self-test functionality to detect broken OpenCL runtimes on startup
|
|
- Added option --self-test-disable to disable self-test functionality on startup
|
|
- Added option --wordlist-autohex-disable to disable the automatical conversion of $HEX[] words from the word list
|
|
- Added option --example-hashes to show an example hash for each hash-mode
|
|
- Removed option --weak-hash-check (zero-length password check) to increase startup time, it also causes many Trap 6 error on macOS
|
|
|
|
##
|
|
## Algorithms
|
|
##
|
|
|
|
- Added hash-mode 2500 = WPA/WPA2 (SHA256-AES-CMAC)
|
|
- Added hash-mode 2501 = WPA/WPA2 PMK
|
|
|
|
##
|
|
## Bugs
|
|
##
|
|
|
|
- Fixed a buffer overflow in mangle_dupechar_last function
|
|
- Fixed a calculation error in get_power() leading to errors of type "BUG pw_add()!!"
|
|
- Fixed a memory problem that occured when the OpenCL folder was not found and e.g. the shared and session folder were the same
|
|
- Fixed a missing barrier() call in the RACF OpenCL kernel
|
|
- Fixed a missing salt length value in benchmark mode for SIP
|
|
- Fixed an integer overflow in hash buffer size calculation
|
|
- Fixed an integer overflow in innerloop_step and innerloop_cnt variables
|
|
- Fixed an integer overflow in masks not skipped when loaded from file
|
|
- Fixed an invalid optimization code in kernel 7700 depending on the input hash, causing the kernel to loop forever
|
|
- Fixed an invalid progress value in status view if words from the base wordlist get rejected because of length
|
|
- Fixed a parser error for mode -m 9820 = MS Office <= 2003 $3, SHA1 + RC4, collider #2
|
|
- Fixed a parser error in multiple modes not checking for return code, resulting in negative memory index writes
|
|
- Fixed a problem with changed current working directory, for instance by using --restore together with --remove
|
|
- Fixed a problem with the conversion to the $HEX[] format: convert/hexify also all passwords of the format $HEX[]
|
|
- Fixed the calculation of device_name_chksum; should be done for each iteration
|
|
- Fixed the dictstat lookup if nanoseconds are used in timestamps for the cached files
|
|
- Fixed the estimated time value whenever the value is very large and overflows
|
|
- Fixed the output of --show when used together with the collider modes -m 9710, 9810 or 10410
|
|
- Fixed the parsing of command line options. It doesn't show two times the same error about an invalid option anymore
|
|
- Fixed the parsing of DCC2 hashes by allowing the "#" character within the user name
|
|
- Fixed the parsing of descrypt hashes if the hashes do have non-standard characters within the salt
|
|
- Fixed the use of --veracrypt-pim option. It was completely ignored without showing an error
|
|
- Fixed the version number used in the restore file header
|
|
|
|
##
|
|
## Improvements
|
|
##
|
|
|
|
- Autotune: Do a pre-autotune test run to find out if kernel runtime is above some TDR limit
|
|
- Charset: Add additional DES charsets with corrected parity
|
|
- OpenCL Buffers: Do not allocate memory for amplifiers for fast hashes, it's simply not needed
|
|
- OpenCL Kernels: Improved performance of SHA-3 Kernel (keccak) by hardcoding the 0x80 stopbit
|
|
- OpenCL Kernels: Improved rule engine performance by 6% on for NVidia
|
|
- OpenCL Kernels: Move from ld.global.v4.u32 to ld.const.v4.u32 in _a3 kernels
|
|
- OpenCL Kernels: Replace bitwise swaps with rotate() versions for AMD
|
|
- OpenCL Kernels: Rewritten Keccak kernel to run fully on registers and partially reversed last round
|
|
- OpenCL Kernels: Rewritten SIP kernel from scratch
|
|
- OpenCL Kernels: Thread-count is set to hardware native count except if -w 4 is used then OpenCL maximum is used
|
|
- OpenCL Kernels: Updated default scrypt TMTO to be ideal for latest NVidia and AMD top models
|
|
- OpenCL Kernels: Vectorized tons of slow kernels to improve CPU cracking speed
|
|
- OpenCL Runtime: Improved detection for AMD and NV devices on macOS
|
|
- OpenCL Runtime: Improved performance on Intel MIC devices (Xeon PHI) on runtime level (300MH/s to 2000MH/s)
|
|
- OpenCL Runtime: Updated AMD ROCm driver version check, warn if version < 1.1
|
|
- Show cracks: Improved the performance of --show/--left if used together with --username
|
|
- Startup: Add visual indicator of active options when benchmarking
|
|
- Startup: Check and abort session if outfile and wordlist point to the same file
|
|
- Startup: Show some attack-specific optimizer constraints on start, eg: minimum and maximum support password- and salt-length
|
|
- WPA cracking: Improved nonce-error-corrections mode to use a both positive and negative corrections
|
|
|
|
##
|
|
## Technical
|
|
##
|
|
|
|
- General: Update C standard from c99 to gnu99
|
|
- Hash Parser: Improved salt-length checks for generic hash modes
|
|
- HCdict File: Renamed file from hashcat.hcdict to hashcat.hcdict2 and add header because versions are incompatible
|
|
- HCstat File: Add code to read LZMA compressed hashcat.hcstat2
|
|
- HCstat File: Add hcstat2 support to enable masks of length up to 256, also adds a filetype header
|
|
- HCstat File: Renamed file from hashcat.hcstat to hashcat.hcstat2 and add header because versions are incompatible
|
|
- HCtune File: Remove apple related GPU entries to workaround Trap 6 error
|
|
- OpenCL Kernels: Added code generator for most of the switch_* functions and replaced existing code
|
|
- OpenCL Kernels: Declared all include functions as static to reduce binary kernel cache size
|
|
- OpenCL Kernels: On AMD GPU, optimized kernels for use with AMD ROCm driver
|
|
- OpenCL Kernels: Removed some include functions that are no longer needed to reduce compile time
|
|
- OpenCL Runtime: Fall back to 64 threads default (from 256) on AMD GPU to prevent creating too many workitems
|
|
- OpenCL Runtime: Forcing OpenCL 1.2 no longer needed. Option removed from build options
|
|
- OpenCL Runtime: On AMD GPU, recommend AMD ROCm driver for Linux
|
|
- Restore: Fixed the version number used in the restore file header
|
|
- Time: added new type for time measurements hc_time_t and related functions to force the use of 64 bit times
|
|
|
|
* changes v3.5.0 -> v3.6.0:
|
|
|
|
##
|
|
## Algorithms
|
|
##
|
|
|
|
- Added hash-mode 600 = BLAKE2-512
|
|
- Added hash-mode 15200 = Blockchain, My Wallet, V2
|
|
- Added hash-mode 15300 = DPAPI masterkey file v1 and v2
|
|
- Added hash-mode 15400 = ChaCha20
|
|
- Added hash-mode 15500 = JKS Java Key Store Private Keys (SHA1)
|
|
- Added hash-mode 15600 = Ethereum Wallet, PBKDF2-HMAC-SHA256
|
|
- Added hash-mode 15700 = Ethereum Wallet, PBKDF2-SCRYPT
|
|
|
|
##
|
|
## Features
|
|
##
|
|
|
|
- 7-Zip cracking: increased max. data length to 320k and removed AES padding attack to avoid false negatives
|
|
- Dictionary cache: Show time spent on dictionary cache building at startup
|
|
- Rules: Support added for position 'p' (Nth instance of a character) in host mode (using -j or -k)
|
|
- Rules: Support added for rejection rule '_N' (reject plains of length not equal to N) in host mode
|
|
- Rules: Support added for rule 'eX'
|
|
- Wordlist encoding: Added parameters --encoding-from and --encoding-to to configure wordlist encoding handling
|
|
- Wordlist encoding: Support added for internal conversion between user-defined encodings during runtime
|
|
|
|
##
|
|
## Workarounds
|
|
##
|
|
|
|
- Workaround added for NVIDIA NVML library: If libnvidia-ml.so couldn't be loaded, try again using libnvidia-ml.so.1
|
|
|
|
##
|
|
## Improvements
|
|
##
|
|
|
|
- WPA cracking: Improved nonce-error-corrections mode to fix corrupt nonces generated on big-endian devices
|
|
|
|
##
|
|
## Bugs
|
|
##
|
|
|
|
- Fixed a condition that caused hybrid attacks using a maskfile to not select all wordlists from a wordlist folder
|
|
- Fixed a memory leak that was present when a user periodically prints hashcat status (using --status-timer)
|
|
- Fixed a missing type specifier in a function declaration of the RACF kernel
|
|
|
|
##
|
|
## Technical
|
|
##
|
|
|
|
- Building: In the binary release packages, link libiconv static for Windows binaries
|
|
- Dictstat: Structure for dictstat file changed to include --encoding-from and --encoding-to parameters
|
|
- OpenCL Runtime: Updated AMDGPU-PRO driver version check, warn if version 17.10 (known to be broken) is detected
|
|
- WPA cracking: Reduced --nonce-error-corrections default from 16 to 8 to compensate for speed drop caused by big-endian fixes
|
|
|
|
* changes v3.40 -> v3.5.0:
|
|
|
|
##
|
|
## Features
|
|
##
|
|
|
|
- WPA cracking: Added support for WPA/WPA2 handshake AP nonce automatic error correction
|
|
- WPA cracking: Added parameter --nonce-error-corrections to configure range of error correction
|
|
|
|
##
|
|
## Algorithms
|
|
##
|
|
|
|
- Added hash-mode 15100 = Juniper/NetBSD sha1crypt
|
|
|
|
##
|
|
## Improvements
|
|
##
|
|
|
|
- Abbreviate long hashes to display the Hash.Target status line within 80 characters
|
|
- Refactored internal use of esalt to sync with the number of digests instead of the number of salts
|
|
- Refactored other output to display within 80 characters without wrapping
|
|
|
|
##
|
|
## Bugs
|
|
##
|
|
|
|
- Fixed a hash validation error when trying to load Android FDE < 4.3 hashes
|
|
- Fixed a problem where --keyspace combined with custom charsets incorrectly displayed an error message
|
|
- Fixed a problem where --stdout combined with custom charsets incorrectly displayed an error message
|
|
- Fixed a problem with parsing and displaying -m 7000 = Fortigate (FortiOS) hashes
|
|
- Fixed a race condition after sessions finish, where the input-base was freed but accessed afterwards
|
|
- Fixed a typo that resulted in the minimum password length not being correctly initialized
|
|
- Fixed --outfile-format formats 11 through 15 to show the correct crack position
|
|
- Fixed --remove to apply even when all hashes are either found in the potfile or detected in weak-hash checks
|
|
|
|
##
|
|
## Technical
|
|
##
|
|
|
|
- Building: Added missing prototypes for atlassian_parse_hash function
|
|
- Dictionary Cache: Split long status line into multiple lines to stay < 80 chars
|
|
- Files: Detect and error when users try to use -r with a parameter which is not a file
|
|
- HCCAPX Parser: Added support for a special bit (bit 8) of the message_pair that indicates if replay counters match
|
|
- Parameter: Detect and error when users try to use an empty string (length 0) for parameters like --session=
|
|
- Parameter: Detect and error when users try to use non-digit input when only digits are expected
|
|
- Sessions: Improved string comparison in case user sets --session to "hashcat"
|
|
- Status View: Add rejected counter to machine-readable output
|
|
- Status View: Rename labels Input.Mode, Input.Base, ... to Guess.Mode, Guess.Base, ...
|
|
- Status View: Added a visual indicator to the status screen when checkpoint quit has been requested
|
|
- Versions: Changed version naming convention from x.yz to x.y.z
|
|
|
|
* changes v3.30 -> v3.40:
|
|
|
|
##
|
|
## Features
|
|
##
|
|
|
|
- Added support for loading hccapx files
|
|
- Added support for filtering hccapx message pairs using --hccapx-message-pair
|
|
- Added support for parsing 7-Zip hashes with LZMA/LZMA2 compression indicator set to a non-zero value
|
|
- Added support for decompressing LZMA1/LZMA2 data for -m 11600 = 7-Zip to validate the CRC
|
|
- Added support for automatic merge of LM halfes in case --show and --left is used
|
|
- Added support for showing all user names with --show and --left if --username was specified
|
|
- Added support for GPU temperature management on cygwin build
|
|
|
|
##
|
|
## Algorithms
|
|
##
|
|
|
|
- Added hash-mode 1411 = SSHA-256(Base64), LDAP {SSHA256}
|
|
- Added hash-mode 3910 = md5(md5($pass).md5($salt))
|
|
- Added hash-mode 4010 = md5($salt.md5($salt.$pass))
|
|
- Added hash-mode 4110 = md5($salt.md5($pass.$salt))
|
|
- Added hash-mode 4520 = sha1($salt.sha1($pass))
|
|
- Added hash-mode 4522 = PunBB
|
|
- Added hash-mode 7000 = Fortigate (FortiOS)
|
|
- Added hash-mode 12001 = Atlassian (PBKDF2-HMAC-SHA1)
|
|
- Added hash-mode 14600 = LUKS
|
|
- Added hash-mode 14700 = iTunes Backup < 10.0
|
|
- Added hash-mode 14800 = iTunes Backup >= 10.0
|
|
- Added hash-mode 14900 = Skip32
|
|
- Added hash-mode 15000 = FileZilla Server >= 0.9.55
|
|
|
|
##
|
|
## Workarounds
|
|
##
|
|
|
|
- Workaround added for AMDGPU-Pro OpenCL runtime: AES encrypt and decrypt Invertkey function was calculated wrong in certain cases
|
|
- Workaround added for AMDGPU-Pro OpenCL runtime: RAR3 kernel require a volatile variable to work correctly
|
|
- Workaround added for Apple OpenCL runtime: bcrypt kernel requires a volatile variable because of a compiler optimization bug
|
|
- Workaround added for Apple OpenCL runtime: LUKS kernel requires some volatile variables because of a compiler optimization bug
|
|
- Workaround added for Apple OpenCL runtime: TrueCrypt kernel requires some volatile variables because of a compiler optimization bug
|
|
- Workaround added for NVidia OpenCL runtime: RACF kernel requires EBCDIC lookup to be done on shared memory
|
|
|
|
##
|
|
## Bugs
|
|
##
|
|
|
|
- Fixed a problem within the Kerberos 5 TGS-REP (-m 13100) hash parser
|
|
- Fixed clEnqueueNDRangeKernel(): CL_UNKNOWN_ERROR caused by an invalid work-item count during weak-hash-check
|
|
- Fixed cracking of PeopleSoft Token (-m 13500) if salt length + password length is >= 128 byte
|
|
- Fixed cracking of Plaintext (-m 99999) in case MD4 was used in a previous session
|
|
- Fixed DEScrypt cracking in BF mode in case the hashlist contains more than 16 times the same salt
|
|
- Fixed duplicate detection for WPA handshakes with the same ESSID
|
|
- Fixed nvapi datatype definition for NvS32 and NvU32
|
|
- Fixed overflow in bcrypt kernel in expand_key() function
|
|
- Fixed pointer to local variable outside scope in case -j or -k is used
|
|
- Fixed pointer to local variable outside scope in case --markov-hcstat is not used
|
|
- Fixed recursion in loopback handling when session was aborted by the user
|
|
- Fixed rule 'O' (RULE_OP_MANGLE_OMIT) in host mode in case the offset + length parameter equals the length of the input word
|
|
- Fixed rule 'i' (RULE_OP_MANGLE_INSERT) in host mode in case the offset parameter equals the length of the input word
|
|
- Fixed string not null terminated inside workaround for checking drm driver path
|
|
- Fixed string not null terminated while reading maskfiles
|
|
- Fixed truncation of password after position 32 with the combinator attack
|
|
- Fixed use of option --keyspace in combination with -m 2500 (WPA)
|
|
- Fixed WPA/WPA2 cracking in case eapol frame is >= 248 byte
|
|
|
|
##
|
|
## Technical
|
|
##
|
|
|
|
- Building: Add SHARED variable to Makefile to choose if hashcat is build as static or shared binary (using libhashcat.so/hashcat.dll)
|
|
- Building: Removed compiler option -march=native as this created problems for maintainers on various distributions
|
|
- Building: Removed the use of RPATH on linker level
|
|
- Building: Replaced linking of CRT_glob.o with the use of int _dowildcard
|
|
- Commandline: Do some checks related to custom-charset options if user specifies them
|
|
- CPU Affinity: Fixed memory leak in case invalid cpu Id was specified
|
|
- Dispatcher: Fixed several memory leaks in case an OpenCL error occurs
|
|
- Events: Improved the maximum event message handling. event_log () will now also internally make sure that the message is properly terminated
|
|
- File Locking: Improved error detection on file locks
|
|
- File Reads: Fixed memory leak in case outfile or hashfile was not accessible
|
|
- File Reads: Improved error detection on file reads, especially when getting the file stats
|
|
- Files: Do several file and folder checks on startup rather than when they are actually used to avoid related error after eventual intense operations
|
|
- Hardware Management: Bring back kernel exec timeout detection for NVidia on user request
|
|
- Hardware Monitor: Fixed several memory leaks in case hash-file writing (caused by --remove) failed
|
|
- Hardware Monitor: Fixed several memory leaks in case no hardware monitor sensor is found
|
|
- Hardware Monitor: In case NVML initialization failed, do not try to initialiaze NVAPI or XNVCTRL because they both depend on NVML
|
|
- Hash Parsing: Added additional bound checks for the SIP digest authentication (MD5) parser (-m 11400)
|
|
- Hash Parsing: Make sure that all files are correctly closed whenever a hash file parsing error occurs
|
|
- Helper: Added functions to check existence, type, read- and write-permissions and rewrite sources to use them instead of stat()
|
|
- Keyfile handling: Make sure that the memory is cleanly freed whenever a VeraCrypt/TrueCrypt keyfile fails to load
|
|
- Mask Checks: Added additional memory cleanups after parsing/verifying masks
|
|
- Mask Checks: Added integer overflow detection for a keyspace of a mask provided by user
|
|
- Mask Increment: Fixed memory leak in case mask_append() fails
|
|
- OpenCL Device: Do a check on available constant memory size and abort if it's less than 64kB
|
|
- OpenCL Device Management: Fixed several memory leaks in case initialization of an OpenCL device or platform failed
|
|
- OpenCL Header: Updated CL_* errorcode to OpenCL 1.2 standard
|
|
- OpenCL Kernel: Move kernel binary buffer from heap to stack memory
|
|
- OpenCL Kernel: Refactored read_kernel_binary to load only a single kernel for a single device
|
|
- OpenCL Kernel: Remove "static" keyword from function declarations; Causes older Intel OpenCL runtimes to fail compiling
|
|
- OpenCL Kernel: Renumbered hash-mode 7600 to 4521
|
|
- OpenCL Runtime: Added a warning about using Mesa OpenCL runtime
|
|
- OpenCL Runtime: Updated AMDGPU-Pro driver version check, do warn if version 16.60 is detected which is known to be broken
|
|
- Outfile Check: Fixed a memory leak for failed outfile reads
|
|
- Restore: Add some checks on the rd->cwd variable in restore case
|
|
- Rule Engine: Fixed several memory leaks in case loading of rules failed
|
|
- Session Management: Automatically set dedicated session names for non-cracking parameters, for example: --stdout
|
|
- Session Management: Fixed several memory leaks in case profile- or install-folder setup failed
|
|
- Sessions: Move out handling of multiple instance from restore file into separate pidfile
|
|
- Status screen: Do not try to clear prompt in --quiet mode
|
|
- Tests: Fixed the timeout status code value and increased the runtime to 400 seconds
|
|
- Threads: Restored strerror as %m is unsupported by the BSDs
|
|
- Wordlists: Disable dictstat handling for hash-mode 3000 as it virtually creates words in the wordlist which is not the case for other modes
|
|
- Wordlists: Fixed memory leak in case access a file in a wordlist folder fails
|
|
- WPA: Changed format for outfile and potfile from essid:mac1:mac2 to hash:mac_ap:mac_sta:essid
|
|
- WPA: Changed format for outfile_check from essid:mac1:mac2 to hash
|
|
|
|
* changes v3.20 -> v3.30:
|
|
|
|
##
|
|
## Features
|
|
##
|
|
|
|
- Files: Use $HEX[...] in case the password includes the separater character, increases potfile reading performance
|
|
- Files: If the user specifies a folder to scan for wordlists instead of directly a wordlist, then ignore the hidden files
|
|
- Loopback: Include passwords for removed hashes present in the potfile to next loopback iteration
|
|
- New option --progress-only: Quickly provides ideal progress step size and time to process on the user hashes and selected options, then quit
|
|
- Status screen: Reenabled automatic status screen display in case of stdin used
|
|
- Truecrypt/Veracrypt: Use CRC32 to verify headers instead of fuzzy logic, greatly reduces false positives from 18:2^48 to 3:2^64
|
|
- WPA cracking: Reuse PBKDF2 intermediate keys if duplicate essid is detected
|
|
|
|
##
|
|
## Algorithms
|
|
##
|
|
|
|
- Added hash-mode 1300 = SHA-224
|
|
|
|
##
|
|
## Bugs
|
|
##
|
|
|
|
- Fixed buffer overflow in status screen display in case of long non-utf8 string
|
|
- Fixed buffer overflow in plaintext parsing code: Leading to segfault
|
|
- Fixed custom char parsing code in maskfiles in --increment mode: Custom charset wasn't used
|
|
- Fixed display screen to show input queue when using custom charset or rules
|
|
- Fixed double fclose() using AMDGPU-Pro on sysfs compatible platform: Leading to segfault
|
|
- Fixed hash-mode 11400 = SIP digest authentication (MD5): Cracking of hashes which did not include *auth* or *auth-int* was broken
|
|
- Fixed hex output of plaintext in case --outfile-format 4, 5, 6 or 7 was used
|
|
- Fixed infinite loop when using --loopback in case all hashes have been cracked
|
|
- Fixed kernel loops in --increment mode leading to slower performance
|
|
- Fixed mask length check in hybrid attack-modes: Do not include hash-mode dependant mask length checks
|
|
- Fixed parsing of hashes in case the last line did not include a linefeed character
|
|
- Fixed potfile loading to accept blank passwords
|
|
- Fixed runtime limit: No longer required so sample startup time after refactorization
|
|
|
|
##
|
|
## Workarounds
|
|
##
|
|
|
|
- Workaround added for Intel OpenCL runtime: GPU support is broken, skip the device unless user forces to enable it
|
|
|
|
##
|
|
## Technical
|
|
##
|
|
|
|
- Building: Added hashcat32.dll and hashcat64.dll makefile targets for building hashcat windows libraries
|
|
- Building: Added production flag in Makefile to disable all the GCC compiler options needed only for development
|
|
- Building: Removed access to readlink() on FreeBSD
|
|
- Building: For CYGWIN prefer to use "opencl.dll" (installed by drivers) instead of optional "cygOpenCL-1.dll"
|
|
- Events: Added new event EVENT_WEAK_HASH_ALL_CRACKED if all hashes have been cracked during weak hash check
|
|
- Hardware management: Switched matching ADL device with OpenCL device by using PCI bus, device and function
|
|
- Hardware management: Switched matching NvAPI device with OpenCL device by using PCI bus, device and function
|
|
- Hardware management: Switched matching NVML device with OpenCL device by using PCI bus, device and function
|
|
- Hardware management: Switched matching xnvctrl device with OpenCL device by using PCI bus, device and function
|
|
- Hardware management: Removed *throttled* message from NVML as this created more confusion than it helped
|
|
- Hash Parser: Improved error detection of invalid hex characters where hex character are expected
|
|
- OpenCL Runtime: Updated AMDGPU-Pro driver version check, do warn if version 16.50 is detected which is known to be broken
|
|
- OpenCL Runtime: Updated hashcat.hctune for Iris Pro GPU on macOS
|
|
- Potfile: In v3.10 already, the default potfile suffix changed but the note about was missing. The "hashcat.pot" became "hashcat.potfile"
|
|
- Potfile: Added old potfile detection, show warning message
|
|
- Returncode: Added dedicated returncode (see docs/status_codes.txt) for shutdowns caused by --runtime and checkpoint keypress
|
|
- Sanity: Added sanity check to disallow --speed-only in combination with -i
|
|
- Sanity: Added sanity check to disallow --loopback in combination with --runtime
|
|
- Threads: Replaced all calls to ctime() with ctime_r() to ensure thread safety
|
|
- Threads: Replaced all calls to strerror() with %m printf() GNU extension to ensure thread safety
|
|
|
|
* changes v3.10 -> v3.20:
|
|
|
|
The hashcat core was completely refactored to be a MT-safe library (libhashcat).
|
|
The goal was to help developers include hashcat into distributed clients or GUI frontends.
|
|
The CLI (hashcat.bin or hashcat.exe) works as before but from a technical perspective it's a library frontend.
|
|
|
|
##
|
|
## Features
|
|
##
|
|
|
|
- New option --speed-only: Quickly provides cracking speed per device based on the user hashes and selected options, then quit
|
|
- New option --keep-guessing: Continue cracking hashes even after they have been cracked (to find collisions)
|
|
- New option --restore-file-path: Manually override the path to the restore file (useful if we want all session files in the same folder)
|
|
- New option --opencl-info: Show details about OpenCL compatible devices like an embedded clinfo tool (useful for bug reports)
|
|
- Documents: Added colors for warnings (yellow) and errors (red) instead of WARNING: and ERROR: prefix
|
|
- Documents: Added hints presented to the user about optimizing performance while hashcat is running
|
|
- Hardware management: Support --gpu-temp-retain for AMDGPU-Pro driver
|
|
- Hardware management: Support --powertune-enable for AMDGPU-Pro driver
|
|
- Password candidates: Allow words of length > 31 in wordlists for -a 0 for some slow hashes if no rules are in use
|
|
- Password candidates: Do not use $HEX[] if the password candidate is a valid UTF-8 string and print out as-is
|
|
- Pause mode: Allow quit program also if in pause mode
|
|
- Pause mode: Ignore runtime limit in pause mode
|
|
- Status view: Show core-clock, memory-clock and execution time in benchmark-mode in case --machine-readable is activated
|
|
- Status view: Show temperature, coreclock, memoryclock, fanspeed and pci-lanes for devices using AMDGPU-Pro driver
|
|
- Status view: Show the current first and last password candidate test queued for execution per device (as in JtR)
|
|
- Status view: Show the current position in the queue for both base and modifier (Example: Wordlist 2/5)
|
|
- Markov statistics: Update hashcat.hcstat which is used as reference whenever the user defines a mask
|
|
- Charsets: Added lowercase ascii hex (?h) and uppercase ascii hex (?H) as predefined charsets
|
|
|
|
##
|
|
## Algorithms
|
|
##
|
|
|
|
- Added hash-mode 14000 = DES (PT = $salt, key = $pass)
|
|
- Added hash-mode 14100 = 3DES (PT = $salt, key = $pass)
|
|
- Added hash-mode 14400 = SHA1(CX)
|
|
- Added hash-mode 99999 = Plaintext
|
|
- Extended hash-mode 3200 = bcrypt: Accept signature $2b$ (February 2014)
|
|
- Improved hash-mode 8300 = DNSSEC: Additional parsing error detection
|
|
|
|
##
|
|
## Bugs
|
|
##
|
|
|
|
- Custom charset from file parsing code did not return an error if an error occured
|
|
- Fix some clSetKernelArg() size error that caused slow modes to not work anymore in -a 1 mode
|
|
- Hash-mode 11600 = (7-Zip): Depending on input hash a clEnqueueReadBuffer(): CL_INVALID_VALUE error occured
|
|
- Hash-mode 22 = Juniper Netscreen/SSG (ScreenOS): Fix salt length for -m 22 in benchmark mode
|
|
- Hash-Mode 5500 = NetNTLMv1 + ESS: Fix loading of NetNTLMv1 + SSP hash
|
|
- Hash-mode 6000 = RipeMD160: Fix typo in array index number
|
|
- If cracking a hash-mode using unicode passwords, length check of a mask was not taking into account
|
|
- If cracking a large salted hashlist the wordlist reject code was too slow to handle it, leading to 0H/s
|
|
- Null-pointer dereference in outfile-check shutdown code when using --outfile-check-dir, leading to segfault
|
|
- On startup hashcat tried to access the folder defined in INSTALL_FOLDER, leading to segfault if that folder was not existing
|
|
- Random rules generator code used invalid parameter for memory copy function (M), leading to use of invalid rule
|
|
- Sanity check for --outfile-format was broken if used in combination with --show or --left
|
|
|
|
##
|
|
## Workarounds
|
|
##
|
|
|
|
- Workaround added for AMDGPU-Pro OpenCL runtime: Failed to compile hash-mode 10700 = PDF 1.7 Level 8
|
|
- Workaround added for AMDGPU-Pro OpenCL runtime: Failed to compile hash-mode 1800 = sha512crypt
|
|
- Workaround added for NVidia OpenCL runtime: Failed to compile hash-mode 6400 = AIX {ssha256}
|
|
- Workaround added for NVidia OpenCL runtime: Failed to compile hash-mode 6800 = Lastpass + Lastpass sniffed
|
|
- Workaround added for macOS OpenCL runtime: Failed to compile hash-mode 10420 = PDF 1.1 - 1.3 (Acrobat 2 - 4)
|
|
- Workaround added for macOS OpenCL runtime: Failed to compile hash-mode 1100 = Domain Cached Credentials (DCC), MS Cache
|
|
- Workaround added for macOS OpenCL runtime: Failed to compile hash-mode 13800 = Windows 8+ phone PIN/Password
|
|
- Workaround added for pocl OpenCL runtime: Failed to compile hash-mode 5800 = Android PIN
|
|
|
|
##
|
|
## Performance
|
|
##
|
|
|
|
- Improved performance for rule-based attacks for _very_ fast hashes like MD5 and NTLM by 30% or higher
|
|
- Improved performance for DEScrypt on AMD, from 373MH/s to 525MH/s
|
|
- Improved performance for raw DES-based algorithms (like LM) on AMD, from 1.6GH/s to 12.5GH/s
|
|
- Improved performance for raw SHA256-based algorithms using meet-in-the-middle optimization, reduces 7/64 steps
|
|
- Improved performance for SAP CODVN B (BCODE) and SAP CODVN F/G (PASSCODE) due to register handling optimization, gives 3% and 25%
|
|
- Improved performance by reducing maximum number of allowed function calls per rule from 255 to 31
|
|
- Improved performance by update the selection when to use #pragma unroll depending on OpenCL runtime vendor
|
|
|
|
- Full performance comparison sheet v3.10 vs. v3.20: https://docs.google.com/spreadsheets/d/1B1S_t1Z0KsqByH3pNkYUM-RCFMu860nlfSsYEqOoqco/edit#gid=1591672380
|
|
|
|
##
|
|
## Technical
|
|
##
|
|
|
|
- Autotune: Do not run any caching rounds in autotune in DEBUG mode if -n and -u are specified
|
|
- Bash completion: Removed some v2.01 leftovers in the bash completion configuration
|
|
- Benchmark: Do not control fan speed in benchmark mode
|
|
- Benchmark: On macOS, some hash-modes can't compile because of macOS OpenCL runtime. Skip them and move on to the next
|
|
- Building: Added Makefile target "main_shared", a small how-to-use libhashcat example
|
|
- Building: Added many additional compiler warning flags in Makefile to improve static code error detection
|
|
- Building: Added missing includes for FreeBSD
|
|
- Building: Added some types for windows only in case _BASETSD_H was not set
|
|
- Building: Changed Makefile to strip symbols in the linker instead of the compiler
|
|
- Building: Defined NOMINMAX macro to prevent definition min and max macros in stdlib header files
|
|
- Building: Enabled ASLR and DEP for Windows builds
|
|
- Building: Fixed almost all errors reported by cppcheck and scan-build
|
|
- Building: On macOS, move '-framework OpenCL' from CFLAGS to LDFLAGS
|
|
- Building: On macOS, use clang as default compiler
|
|
- Building: Support building on Msys2 environment
|
|
- Building: Use .gitmodules to simplify the OpenCL header dependency handling process
|
|
- Charsets: Added DES_full.charset
|
|
- Data Types: Replaced all integer macros with enumerator types
|
|
- Data Types: Replaced all integer variables with true bool variables in case they are used as a bool
|
|
- Data Types: Replaced all string macros with static const char types
|
|
- Data Types: Replaced all uint and uint32_t to u32
|
|
- Data Types: Replaced atoi() with atoll(). Eliminates sign conversion warnings
|
|
- Documents: Added docs/credits.txt
|
|
- Documents: Added docs/team.txt
|
|
- Documents: Changed rules.txt to match v3.20 limitations
|
|
- Error handling (file handling): Fixed a couple of filepointer leaks
|
|
- Error handling (format strings): Fixed a few printf() formats, ex: use %u instead of %d for uint32_t
|
|
- Error handling (memory allocation): Removed memory allocation checks, just print to stderr instead
|
|
- Error handling (startup): Added some missing returncode checks to get_exec_path()
|
|
- Fanspeed: Check both fanpolicy and fanspeed returncode and disable retain support if any of them fail
|
|
- Fanspeed: Minimum fanspeed for retain support increased to 33%, same as NV uses as default on windows
|
|
- Fanspeed: Reset PID controler settings to what they were initially
|
|
- Fanspeed: Set fan speed to default on quit
|
|
- File handling: Do a single write test (for files to be written later) directly on startup
|
|
- File locking: Use same locking mechanism in potfile as in outfile
|
|
- Hardware management: Fixed calling conventions for ADL, NvAPI and NVML on windows
|
|
- Hardware management: Improved checking for successfull load of the NVML API
|
|
- Hardware management: In case fanspeed can not be set, disable --gpu-temp-retain automatically
|
|
- Hardware management: In case of initialization error show it only once to the user on startup
|
|
- Hardware management: Refactored all code to return returncode (0 or -1) instead of data for more easy error handling
|
|
- Hardware management: Refactored macros to real functions
|
|
- Hardware management: Removed kernel exec timeout detection on NVIDIA, should no longer occur due to autotune
|
|
- Hardware management: Replaced NVML registry functions macros with their ascii versions (Adds NVML support for XP)
|
|
- Hashlist loading: Do not load data from hashfile if hashfile changed during runtime
|
|
- Kernel cache: Fixed checksum building on oversized device version or driver version strings
|
|
- Logging: Improved variable names in hashcat.log
|
|
- Loopback: Refactored --loopback support completely, no longer a recursive function
|
|
- Memory management: Fixed some memory leaks on shutdown
|
|
- Memory management: Got rid of all global variables
|
|
- Memory management: Got rid of local_free() and global_free(), no longer required
|
|
- Memory management: Refactored all variables with HCBUFSIZ_LARGE size from stack to heap, macOS doesn't like that
|
|
- OpenCL Headers: Select OpenCL headers tagged for OpenCL 1.2, since we use -cl-std=CL1.2
|
|
- OpenCL Kernels: Added const qualifier to variable declaration of matching global memory objects
|
|
- OpenCL Kernels: Got rid of one global kernel_threads variable
|
|
- OpenCL Kernels: Moved OpenCL requirement from v1.1 to v1.2
|
|
- OpenCL Kernels: Recognize reqd_work_group_size() values from OpenCL kernels and use them in the host if possible
|
|
- OpenCL Kernels: Refactored common function append_0x01()
|
|
- OpenCL Kernels: Refactored common function append_0x02()
|
|
- OpenCL Kernels: Refactored common function append_0x80()
|
|
- OpenCL Kernels: Refactored rule function append_block1()
|
|
- OpenCL Kernels: Refactored rule function rule_op_mangle_delete_last()
|
|
- OpenCL Kernels: Refactored rule function rule_op_mangle_dupechar_last()
|
|
- OpenCL Kernels: Refactored rule function rule_op_mangle_rotate_left()
|
|
- OpenCL Kernels: Refactored rule function rule_op_mangle_rotate_right()
|
|
- OpenCL Kernels: Support mixed kernel thread count for mixed kernels in the same source file
|
|
- OpenCL Kernels: Switch from clz() to ffz() for bitsliced algorithms
|
|
- OpenCL Kernels: Using platform vendor name is better than using device vendor name for function detection
|
|
- OpenCL Runtime: Updated AMDGPU-Pro and AMD Radeon driver version check
|
|
- OpenCL Runtime: Updated Intel OpenCL runtime version check
|
|
- OpenCL Runtime: Updated NVIDIA driver version check
|
|
- Password candidates: The maximum word length in a wordlist is 31 not 32, because 0x80 will eventually be appended
|
|
- Potfile: Base logic switched; Assuming the potfile is larger than the hashlist it's better to load hashlist instead of potfile entries
|
|
- Potfile: In case all hashes were cracking using potfile abort and inform user
|
|
- Restore: Automatically unlink restore file if all hashes have been cracked
|
|
- Restore: Do not unlink restore file if restore is disabled
|
|
- Rules: Refactored macros to real functions
|
|
- Status: Added Input.Queue.Base and Input.Queue.Mod to help the user better understand this concept
|
|
- Status: Do not wait for the progress mutex to read and store speed timer
|
|
- Status: Do not show Recovered/Time when cracking < 1000 hashes
|
|
- Status: Do not show Recovered/Time as floats but as integers to reduce over-information
|
|
- Tests: Removed rules_test/ subproject: Would require total rewrite but not used in a long time
|
|
- Threads: Replaced all calls to getpwuid() with getpwuid_r() to ensure thread safety
|
|
- Threads: Replaced all calls to gmtime() with gmtime_r() to ensure thread safety
|
|
- Threads: Replaced all calls to strtok() with strtok_r() to ensure thread safety
|
|
- Wordlists: Use larger counter variable to handle larger wordlists (that is > 2^32 words)
|
|
- X11: Detect missing coolbits and added some help text for the user how to fix it
|
|
|
|
* changes v3.00 -> v3.10:
|
|
|
|
##
|
|
## Improvements
|
|
##
|
|
|
|
- Added mask display to modes 3, 6, and 7. Allows the user to see the custom character set used during the run
|
|
- Make Linux build POSIX compatible; Also allow it to actually compile on musl-libc systems
|
|
- Add support to compile on FreeBSD
|
|
- Make use of cl_context_properties[] to clCreateContext(), even if OpenCL specification allow the use of NULL, some runtimes fail without
|
|
- The Time.Estimated attribute in status display should also show --runtime limit if user set it
|
|
- Fix some strict aliasing rule violation on older compilers
|
|
- Fix some variable initializers on older compilers
|
|
- Replace DARWIN macro with compiler predefined macro __APPLE__
|
|
- Replace LINUX macro with compiler predefined macro __linux__
|
|
- Allow the use of enc_id == 0 in hash-mode 10600 and 10700 as it takes no part in the actual computation
|
|
- Get rid of exit() calls in OpenCL wrapper library with the goal to have a better control which error can be ignored under special circumstances
|
|
- Do not error and exit if an OpenCL platform has no devices, just print a warning and continue with the next platform
|
|
- Workaround for OpenCL runtimes which do not accept -I parameter in the OpenCL kernel build options even if this is an OpenCL standard option
|
|
- Workaround for OpenCL runtimes which do accept -I parameter in the OpenCL kernel build options, but do not allow quotes
|
|
- Output cracked hashes on Windows using \r\n and not \n
|
|
- Replace RegGetValue() with RegQueryValueEx() to enable Windows XP 32 bit compatibility
|
|
- Slightly increased NVidias rule-processing performance by using generic instructions instead of byte_perm()
|
|
- Add support for @ rule (RULE_OP_MANGLE_PURGECHAR) to use on GPU
|
|
- Add support for --outfile (short -o) to be used together with --stdout
|
|
- Skip periodic status output whenever --stdout is used together with stdin mode, but no outfile was specified
|
|
- Show error message if --show is used together with --outfile-autohex-disable (this is currently not supported)
|
|
- Show error message if --skip/--limit is used together with mask files or --increment
|
|
- Workaround for NVidia OpenCL runtime bug causing -m 6223 to not crack any hashes even with the correct password candidate
|
|
|
|
##
|
|
## Bugs
|
|
##
|
|
|
|
- Fixed a bug where CRAM MD5 checked salt length instead of hash length
|
|
- Fixed a bug where hashcat is suppressing --machine-readable output in the final status update
|
|
- Fixed a bug where hashcat did not check the return of realpath() and crashes uncontrolled if the path does not exist
|
|
- Fixed a bug where hashcat crashes for accessing deallocated buffer if user spams "s" shortly before hashcat shuts down
|
|
- Fixed a bug where hashcat crashes in case of a scrypt P setting > 1
|
|
- Fixed a bug where hashcat did not correctly use the newly cracked plains whenever --loopback or the induction folder was used
|
|
- Fixed a bug where hashcat did not correctly remove hashes of type WPA/WPA2 even if present in potfile
|
|
- Fixed a bug where hashcat reported an invalid password for a zero-length password in LM
|
|
- Fixed a bug where hashcat did not take into account how long it takes to prepare a session when auto-aborting with --runtime is in use
|
|
- Fixed a bug where some kernels used COMPARE_M_SIMD instead of COMPARE_S_SIMD in singlehash mode
|
|
|
|
##
|
|
## Algorithms
|
|
##
|
|
|
|
- Added new hash-mode 13900 = OpenCart
|
|
|
|
* changes v2.01 -> v3.00:
|
|
|
|
This release markes the fusion of "hashcat" and "oclHashcat" into "hashcat".
|
|
It combines all features of all hashcat projects in one project.
|
|
|
|
##
|
|
## Features
|
|
##
|
|
|
|
- Support for Apple OpenCL runtime
|
|
- Support for NVidia OpenCL runtime (replaces CUDA)
|
|
- Support for Mesa (Gallium) OpenCL runtime
|
|
- Support for pocl OpenCL runtime
|
|
- Support for Khronos' OSS OpenCL reference implementation for building
|
|
- Support to utilize OpenCL devices-types other than GPU, ex: CPU and FPGA
|
|
- Support to utilize multiple different OpenCL platforms in parallel, ex: AMD + NV
|
|
- Support to utilize multiple different OpenCL device-types in parallel, ex: GPU + CPU
|
|
- Added option --opencl-platform to select a specific OpenCL platform
|
|
- Added option --opencl-device-types select specific OpenCL device types
|
|
- Added option --opencl-vector-width to override automatically selected vector-width size
|
|
- Added makefile native compilation target
|
|
- Added makefile install and uninstall targets
|
|
- Added autotuning engine and user-configurable tuning database
|
|
- Added current engine clock, current memory clock and pci-e lanes to the status display
|
|
- Added support for --gpu-temp-retain for NVidia GPU, both Linux and Windows
|
|
- Added execution timer of the running kernel to the status display
|
|
- Added command prompt to quit at next restore checkpoint
|
|
- Added human-readable error message for the OpenCL error codes
|
|
- Added option --potfile-path to override potfile path
|
|
- Added option --veracrypt-keyfile to set Keyfiles used, can be multiple
|
|
- Added option --veracrypt-pim to set the VeraCrypt personal iterations multiplier
|
|
- Added option --machine-readable for easier parsing of output
|
|
- Added option --powertune-enable to work with NVidia devices as well, not just AMD
|
|
- Added option --stdout to print candidates instead of trying to crack a hash
|
|
|
|
##
|
|
## Algorithms
|
|
##
|
|
|
|
- Added new hash-mode 125 = ArubaOS
|
|
- Added new hash-mode 12900 = Android FDE (Samsung DEK)
|
|
- Added new hash-mode 13000 = RAR5
|
|
- Added new hash-mode 13100 = Kerberos 5 TGS-REP etype 23
|
|
- Added new hash-mode 13200 = AxCrypt
|
|
- Added new hash-mode 13300 = AxCrypt in memory SHA1
|
|
- Added new hash-mode 13400 = Keepass 1 (AES/Twofish) and Keepass 2 (AES)
|
|
- Added new hash-mode 13500 = PeopleSoft PS_TOKEN
|
|
- Added new hash-mode 13600 = WinZip
|
|
- Added new hash-mode 137** = VeraCrypt
|
|
- Added new hash-mode 13800 = Windows 8+ phone PIN/Password
|
|
|
|
##
|
|
## Performance
|
|
##
|
|
|
|
- Full Table: https://docs.google.com/spreadsheets/d/1B1S_t1Z0KsqByH3pNkYUM-RCFMu860nlfSsYEqOoqco/edit#gid=0
|
|
|
|
##
|
|
## Improvements
|
|
##
|
|
|
|
- Reordering of files to help integration into linux distributions ~/.hashcat etc
|
|
- Use a profile directory to write temporary files (session, potfile etc.)
|
|
- Workaround dependencies on AMD APP-SDK AMD ADL, NV CUDA-SDK, NV ForceWare, NVML and NVAPI; they are no longer required
|
|
- Load external libraries dynamic at runtime instead of link them static at compile-time
|
|
- Benchmark accuracy improved; Is now on par to: singlehash -a 3 -w 3 ?b?b?b?b?b?b?b
|
|
- Benchmark no longer depends on a fixed time
|
|
- Removed option --benchmark-mode, therefore support --workload-profile in benchmark-mode
|
|
- Enabled support of --machine-readable in combination with --benchmark for automated benchmark processing
|
|
- Replaced --status-automat entirely with --machine-readable to make it more consistent among benchmark and non-benchmark mode
|
|
- Extended support from 14 to 255 functions calls per rule
|
|
- Extended password length up to 32 for 7zip
|
|
- Extended salt length up to 55 for raw hash types, eg: md5($pass.$salt)
|
|
- Extended version information
|
|
- Removed some duplicate rules in T0XlCv1, d3ad0ne and dive
|
|
- Redesigned changes.txt layout
|
|
- Redesigned --help menu layout
|
|
|
|
##
|
|
## Bugs
|
|
##
|
|
|
|
- Fixed a bug in speed display: In some situation, especially with slow hashes or lots of salts, it showed a speed of 0H/s
|
|
- Fixed a bug in restore handling: user immediately aborting after restart broke the restore file
|
|
- Fixed a bug in line counter: conditional jump or move depends on an uninitialised value
|
|
- Fixed a bug in rule-engine for NVidia devices: code for left- and right-shift were switched
|
|
- Fixed a bug in dive.rule: rules were not updated after the function 'x' was renamed to 'O'
|
|
- Fixed a bug in memory allocation "OpenCL -4 error": used unitialized value in a special situation
|
|
- Fixed a bug in memory handling: heap buffer overflow
|
|
- Fixed a bug in memory handling: out of bounds access
|
|
- Fixed a bug in implementation of DCC2: forced default iteration count for hashes to 10240
|
|
- Fixed a bug in implementation of WPA/WPA2: MAC and nonce stay one their original position as in the hccap file
|
|
- Fixed a bug in implementation of GOST R 34.11-94: zero length passwords were not cracked
|
|
- Fixed a bug in implementation of BLAKE2-512 kernels: incorrect access of the esalt buffer
|
|
|
|
##
|
|
## Technical
|
|
##
|
|
|
|
- Removed deprecated GCC version check requirement
|
|
- Removed NPROCS from Makefile, let make automatically detect the optimal number of parallel threads
|
|
- Dropped all C++ overloading functions to normal function which helps support more OpenCL platforms
|
|
- Renamed functions in common.h to emphasize their purpose
|
|
- Refactorized fast-hash kernels to enable SIMD on all OpenCL platforms
|
|
- Refactorized SIMD handling: SIMD the inner-loop not the outer-loop to save registers
|
|
- Workaround missing clEnqueueFillBuffer() support in certain OpenCL runtimes
|
|
- Added amd_bytealign() support in non-AMD OpenCL runtimes
|
|
- Added amd_bfe() support in non-AMD OpenCL runtimes
|
|
- Added several macros to allow writing optimized code for the different OpenCL platforms
|
|
- Replaced typedef for bool with stdbool.h
|
|
- Added special DEBUG environment variables to the makefile
|
|
- Hashcat now acquires an exclusive lock before writing to any file
|
|
- Changed buffers to not use same buffer for both input and output at the same time with snprintf()
|
|
- Check for allocatable device-memory depending on kernel_accel amplifier before trying to allocate
|
|
- Added additional check for max. ESSID length to prevent possible crashes
|
|
- Use a GCC equivalent for __stdcall where applicable
|
|
- Synchronize maximum output line size with input line size
|
|
- Increased maximum hash line size to 0x50000
|
|
- Run weak-hash checks only in straight-attack mode, this greatly reduces code complexity
|
|
- Restrict loopback option to straight attack-mode
|
|
- Moved rules_optimize to hashcat-utils
|
|
- Stick to older libOpenCL in binary package to avoid errors like this: version `OPENCL_2.0' not found
|
|
- Tightened hash parser for several algorithms
|
|
- Updated old RC4 code in Kerberos 5
|
|
- Limited the salt length of Juniper Netscreen/SSG (ScreenOS) hashes to 10
|
|
- Updated algorithm used to automatically select an ideal --scrypt-tmto value
|
|
- Renamed option --gpu-accel to --kernel-accel
|
|
- Renamed option --gpu-loops to --kernel-loops
|
|
- Renamed option --gpu-devices to --opencl-devices
|
|
- Added inline declaration to functions from simd.c, common.c, rp.c and types_ocl.c to increase performance
|
|
- Dropped static declaration from functions in all kernel to achieve OpenCL 1.1 compatibility
|
|
- Added -cl-std=CL1.1 to all kernel build options
|
|
- Created environment variable to inform NVidia OpenCL runtime to not create its own kernel cache
|
|
- Created environment variable to inform pocl OpenCL runtime to not create its own kernel cache
|
|
- Dropped special 64-bit rotate() handling for NV, it seems that they've added it to their OpenCL runtime
|
|
- Completely get rid of HAVE_ADL, HAVE_NVML and HAVE_NVAPI in sources
|
|
- Replaced NVAPI with NVML on windows
|