oclHashcat is a GPGPU-based multi-hash cracker using a brute-force attack (implemented as mask attack), combinator attack, dictionary attack, hybrid attack, mask attack, and rule-based attack.
This GPU cracker is a fusioned version of oclHashcat-plus and oclHashcat-lite.
GPU Driver requirements:
- NV users require ForceWare 331.67 or later
- AMD users require Catalyst 14.4 or later
Changelog v1.21
This release is focused on performance increase / bugfixes.
- Added support for algorithm -m 2612 = PHPS
- Added support for algorithm -m 8600 = Lotus Notes/Domino 5
- Added support for algorithm -m 8700 = Lotus Notes/Domino 6
- Fixed performance drop on descrypt, LM and oracle-old initiated by AMD drivers
- Fixed problem with restoring ADL performance state when the clock size reported by the AMD driver didn’t respect the clock step size
- Fixed problem with setting ADL powertune value for r9 295×2 GPUs
- Added support for writing logfiles
- Added parameter –logfile-disable which should be self-explaining
- Dictstat is now no longer session dependent and will always be based on oclHashcat installation directory
- Use AMD custom profile settings instead of basing the AMD powertune/clock settings on maximum supported clock values
- Fixed VLIW size calculated by compute capability was broken for sm_50 -> cuModuleLoad() 301
- Make –runtime count relative to real attack start not program start
- Fixed bug with fan speed handling, if fan speed is manually set to a high enought value (e.g. 100%) oclHashcat shouldn’t change it
- Problem with username parsing (–username) was fixed
- Fixed problem where IKE-PSK sha1/md5 (-m 5300/-m 5400) were wrongly recognized as shadow file formats
- Fixed problem where the ‘delete range’ rule (xNM) did not allow to remove charaters at the very end of the word
Full Changelog: here
Features
- Worlds fastest password cracker
- Worlds first and only GPGPU based rule engine
- Free
- Multi-GPU (up to 128 gpus)
- Multi-Hash (up to 100 million hashes)
- Multi-OS (Linux & Windows native binaries)
- Multi-Platform (OpenCL & CUDA support)
- Multi-Algo (see below)
- Low resource utilization, you can still watch movies or play games while cracking
- Focuses highly iterated modern hashes
- Focuses dictionary based attacks
- Supports distributed cracking
- Supports pause / resume while cracking
- Supports sessions
- Supports restore
- Supports reading words from file
- Supports reading words from stdin
- Supports hex-salt
- Supports hex-charset
- Built-in benchmarking system
- Integrated thermal watchdog
- 100+ Algorithms implemented with performance in mind
Attack-Modes
- Straight (accept Rules)
- Combination
- Brute-force
- Hybrid dict + mask
- Hybrid mask + dict
Algorithms
- MD4
- MD5
- SHA1
- SHA-256
- SHA-512
- SHA-3 (Keccak)
- RipeMD160
- Whirlpool
- GOST R 34.11-94
- HMAC-MD5 (key = $pass)
- HMAC-MD5 (key = $salt)
- HMAC-SHA1 (key = $pass)
- HMAC-SHA1 (key = $salt)
- HMAC-SHA256 (key = $pass)
- HMAC-SHA256 (key = $salt)
- HMAC-SHA512 (key = $pass)
- HMAC-SHA512 (key = $salt)
- LM
- NTLM
- DCC
- DCC2
- NetNTLMv1
- NetNTLMv1 + ESS
- NetNTLMv2
- Kerberos 5 AS-REQ Pre-Auth etype 23
- AIX {smd5}
- AIX {ssha1}
- AIX {ssha256}
- AIX {ssha512}
- FreeBSD MD5
- OpenBSD Blowfish
- descrypt
- md5crypt
- bcrypt
- sha256crypt
- sha512crypt
- DES(Unix)
- MD5(Unix)
- SHA256(Unix)
- SHA512(Unix)
- OSX v10.4
- OSX v10.5
- OSX v10.6
- OSX v10.7
- OSX v10.8
- OSX v10.9
- Cisco-ASA
- Cisco-IOS
- Cisco-PIX
- GRUB 2
- Juniper Netscreen/SSG (ScreenOS)
- RACF
- Samsung Android Password/PIN
- MSSQL
- MySQL
- Oracle
- Postgres
- Sybase
- DNSSEC (NSEC3)
- IKE-PSK
- IPMI2 RAKP
- iSCSI CHAP
- WPA
- WPA2
- 1Password, cloudkeychain
- 1Password, agilekeychain
- Lastpass
- Password Safe SHA-256
- TrueCrypt 5.0+ PBKDF2 HMAC-RipeMD160 + AES
- TrueCrypt 5.0+ PBKDF2 HMAC-SHA512 + AES
- TrueCrypt 5.0+ PBKDF2 HMAC-Whirlpool + AES
- TrueCrypt 5.0+ PBKDF2 HMAC-RipeMD160 + AES + boot-mode
- TrueCrypt 5.0+ PBKDF2 HMAC-RipeMD160 + AES + hidden-volume
- TrueCrypt 5.0+ PBKDF2 HMAC-SHA512 + AES + hidden-volume
- TrueCrypt 5.0+ PBKDF2 HMAC-Whirlpool + AES + hidden-volume
- TrueCrypt 5.0+ PBKDF2 HMAC-RipeMD160 + AES + hidden-volume + boot-mode
- SAP CODVN B (BCODE)
- SAP CODVN F/G (PASSCODE)
- Citrix Netscaler
- Netscape LDAP SHA/SSHA
- Apache MD5-APR
- hMailServer
- EPiServer
- Drupal
- IPB
- Joomla
- MyBB
- osCommerce
- Redmine
- SMF
- vBulletin
- Woltlab Burning Board
- xt:Commerce
- WordPress
- phpBB3
- Half MD5 (left, mid, right)
- Double MD5
- Double SHA1
- md5($pass.$salt)
- md5($salt.$pass)
- md5(unicode($pass).$salt)
- md5($salt.unicode($pass))
- md5(sha1($pass))
- sha1($pass.$salt)
- sha1($salt.$pass)
- sha1(unicode($pass).$salt)
- sha1($salt.unicode($pass))
- sha1(md5($pass))
- sha256($pass.$salt)
- sha256($salt.$pass)
- sha256(unicode($pass).$salt)
- sha256($salt.unicode($pass))
- sha512($pass.$salt)
- sha512($salt.$pass)
- sha512(unicode($pass).$salt)
- sha512($salt.unicode($pass))