![]() Since loop values increase by doubling in autotune, a slow hash-mode with, for example, 1000 iterations can end up with a suboptimal -u count. Currently, autotuning starts at 1 and doubles (2, 4, 8, ..., 512, 1024). If the maximum is 1000, autotune stops at 512, resulting in two kernel calls: one with 512 iterations and another with 488. The tweak attempts to find the smallest factor that, when repeatedly doubled, reaches the target exactly. For 1000, this would be 125 and for 1024, it would be 1. However, this logic doesn’t align well with how hashcat handles slow hash iterations. For instance, PBKDF2-based plugins typically set the iteration count to N-1, since the first iteration is handled by the `_init` kernel. So, a plugin might set 1023 instead of 1024, and in such cases, the logic would incorrectly assume 1023 is the minimum factor which leads to suboptimal tuning. To work around this, the factor-finder is executed twice: once with the original iteration count and once with `iteration count + 1`. The configuration that results in a lower starting point is used. Other stuff: - Fixed a critical bug in the autotuner This bug was introduced a few days ago. The autotuner has the ability to overtune the maximum allowed thread count under certain conditions. For example, in unoptimized -a 0 cracking mode when using rules. Several parts of the hashcat core require strict adherence to this limit, especially when shared memory is involved. To resolve this while retaining overtuning for compatible modes, a new attribute `device_param->overtune_unfriendly` was introduced. When set to true, it prevents the autotuner from modifying `kernel_threads_max` and `kernel_accel_max`. Four sections in `backend.c` have been updated to set this flag, though additional areas may also require it. - Moved the code that aligns `kernel_accel` to a multiple of the compute unit count into the overtune section. - Fixed a bug in the HIP dynloader. It now reports actual error strings, provided the API returns them. |
||
---|---|---|
.github | ||
bridges | ||
charsets | ||
deps | ||
docker | ||
docs | ||
extra/tab_completion | ||
include | ||
layouts | ||
masks | ||
modules | ||
obj | ||
OpenCL | ||
Python | ||
rules | ||
src | ||
tools | ||
tunings | ||
.appveyor.yml.old | ||
.editorconfig | ||
.gitattributes | ||
.gitignore | ||
.travis.yml | ||
BUILD_CYGWIN.md | ||
BUILD_Docker.md | ||
BUILD_macOS.md | ||
BUILD_MSYS2.md | ||
BUILD_WSL.md | ||
BUILD.md | ||
example0.cmd | ||
example0.hash | ||
example0.sh | ||
example400.cmd | ||
example400.hash | ||
example400.sh | ||
example500.cmd | ||
example500.hash | ||
example500.sh | ||
example.dict | ||
hashcat.hcstat2 | ||
Makefile | ||
README.md |
hashcat
hashcat is the world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 300 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and macOS, and has facilities to help enable distributed password cracking.
License
hashcat is licensed under the MIT license. Refer to docs/license.txt for more information.
Installation
Download the latest release and unpack it in the desired location. Please remember to use 7z x
when unpacking the archive from the command line to ensure full file paths remain intact.
Usage/Help
Please refer to the Hashcat Wiki and the output of --help
for usage information and general help. A list of frequently asked questions may also be found here. The Hashcat Forum also contains a plethora of information. If you still think you need help by a real human come to Discord.
Building
Refer to BUILD.md for instructions on how to build hashcat from source.
Tests:
Travis | Coverity | GitHub Actions |
---|---|---|
Contributing
Contributions are welcome and encouraged, provided your code is of sufficient quality. Before submitting a pull request, please ensure your code adheres to the following requirements:
- Licensed under MIT license, or dedicated to the public domain (BSD, GPL, etc. code is incompatible)
- Adheres to gnu99 standard
- Compiles cleanly with no warnings when compiled with
-W -Wall -std=gnu99
- Uses Allman-style code blocks & indentation
- Uses 2-spaces as the indentation or a tab if it's required (for example: Makefiles)
- Uses lower-case function and variable names
- Avoids the use of
!
and uses positive conditionals wherever possible (e.g.,if (foo == 0)
instead ofif (!foo)
, andif (foo)
instead ofif (foo != 0)
) - Use code like array[index + 0] if you also need to do array[index + 1], to keep it aligned
You can use GNU Indent to help assist you with the style requirements:
indent -st -bad -bap -sc -bl -bli0 -ncdw -nce -cli0 -cbi0 -pcs -cs -npsl -bs -nbc -bls -blf -lp -i2 -ts2 -nut -l1024 -nbbo -fca -lc1024 -fc1
Your pull request should fully describe the functionality you are adding/removing or the problem you are solving. Regardless of whether your patch modifies one line or one thousand lines, you must describe what has prompted and/or motivated the change.
Solve only one problem in each pull request. If you're fixing a bug and adding a new feature, you need to make two separate pull requests. If you're fixing three bugs, you need to make three separate pull requests. If you're adding four new features, you need to make four separate pull requests. So on, and so forth.
If your patch fixes a bug, please be sure there is an issue open for the bug before submitting a pull request. If your patch aims to improve performance or optimize an algorithm, be sure to quantify your optimizations and document the trade-offs, and back up your claims with benchmarks and metrics.
In order to maintain the quality and integrity of the hashcat source tree, all pull requests must be reviewed and signed off by at least two board members before being merged. The project lead has the ultimate authority in deciding whether to accept or reject a pull request. Do not be discouraged if your pull request is rejected!