Takes about 60 seconds on my machine, so not much slower than hashcat with workload-profile set to 1. In keepass_crack.sh, un-comment the 4 lines after "Easy way of doing it" and run again. Alternative methodĪfter implementing the hashcat method, I found (in ) that John The Ripper can do everything by itself (at least for dictionary attacks), no need to use hashcat. Hashcat remembers previously computed hashes, so if you run it again with same or expanded wordlist, it will run much faster (won't re-compute hashes for passwords it's already hashed). I see users with powerful systems talking about doing hundreds of hashes per second, although they're probably not doing the same algorithm. With workload-profile set to 2, it took 38 seconds, about 5 hashes/second. So about 4 hashes per second, which I'm sure is pathetic. On my slow laptop, with workload-profile set to 1 ("Minimal"), and correct password on line 207 of wordlist.txt, no keyfile, it took 48 seconds. By default it is set to 2 ("Noticeable"). You can adjust the "workload-profile" of hashcat, which specifies how much of a load it will put on the system. # Spoiler: password for test database is "1234". # You should see hash extracted from KeePass database, then hashcat # running for a while, then (if found) matching password displayed at end. # To check that everything works correctly, run script with default values # (against KeePass test.kdbx), it shouldn't take more than 1 minute. # Make sure you have the software installed: But I am guessing that John the Ripper either uses hashcat # underneath, or at least shares the same potfile with it. # This takes around 500 MB of disk space ! # There is a way to run without invoking hashcat, see "Alternative method" # section below.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |