oclHashcat v1.00 is a fusion of oclHashcat-plus v0.15 and oclHashcat-lite v0.15
The reason for fusion was:
- Simplify the project! Users were confused which tool among -lite and -plus they should choose.
- Fusioned oclHashcat will automatically decide which kernel type to choose based on the attack-mode and the hash-type you selected
- Save maintaining two programs with nearly the same codebase
- Save disk-space and packages
This release is alot about performance and bugs
While -plus v0.15 focused on supporting password candidates with length 15+, which in some cases reduced cracking speed, we can say that with oclHashcat v1.00 most of the speed loss that inevitabely was introduced with -plus v0.15 got compensated for many hash types by heavily optimizing the new kernels (e.g. merging -plus kernels with -lite and continuing optimizing the resulting kernel). You will see some nice increase of cracking speed for some hash-types (e.g. raw MD5 on NVidia from ~1600MH/s -> 1800MH/s), see benchmarking section.
We’ve also written an fully automated testing system, cross-platform. We found some bugs which were all fixed. If you want to try it on your system just come to IRC and we’ll instruct you how to run it.
Workaround driver problems
Whenever AMD or NVidia releases new drivers we have to check if our code still works. Most of the time it just works, but sometimes they add bugs to their driver that influences (or heavily influences) oclHashcat.
One example was the Catalyst 13.8beta driver, which is known to have some bugs that influence oclHashcat. We had to mark it as “broken” and were printing out a warning message whenever a user wanted to run -lite or -plus using this driver.
That was a very restrictive way of handling that type of problem and made package maintainers mad. This behavior forced the distribution to stick to a specific driver version. So we decided to find out where the bugs in the drivers are and then try to workaround them.
[quote]We worked around all (known) bugs so you will be able to use all drivers from Catalyst 13.4 and upwards.[/quote]
Built-in benchmarking system
While this feature was in -lite for some time, it’s new for -plus users. This “tool” will show you which maximum performance you can get out of your system in an ideal cracking case. Such a case is usually trying to crack a single hash using the brute-force attack mode, because we can make use of a lot of different optimization techniques.
It has been fine-tuned to use near-to-perfect tuned workloads (-n and -u parameters) and it is using a huge keyspace. Whenever you run an attack there are many factors that can influence cracking speed. By using the benchmark system you can get an idea what your maximum possible cracking speed could be and optimize your attack.
Most of the basic commandline parameters can be used in addition, for example you can use -d to select which GPU(s) or card(s) to run in benchmark mode. Or, if you want to benchmark just a single hash type you can use the -m parameter.
There are two different benchmark-modes. The default sets the configuration to run in benchmark-mode 1, which is the more aggressive one. It’s what most people will use and thats it. If you switch to benchmark-mode 0 you can manually tune -n and -u value to even more aggressive values but make sure you have good GPU cooling.
It’s also a very simple way to benchmark your system and compare it with others. To have some fun after downloading oclHashcat v1.00 just run it with e.g. “./oclHashcat64.bin -b”, that’s it.
Starting with this release, oclHashcat supports .hccap files for WPA cracking that include several networks (both with different or same ESSID). The file format is basically using the same struct as before, but one .hccap file can now consist of several such structures.
This implies that you could simply merge two or more .hccap files together into a new .hccap file that contains all of the merged information. A simple “cat 1st.hccap 2nd.hccap > all.hccap” should suffice to get you started with this new feature (on windows use an equivalent command).
Support for new algorithms
- HMAC-* (key = $pass)
- HMAC-* (key = $salt)
- Kerberos 5 AS-REQ Pre-Auth etype 23
* = MD5, SHA1, SHA256, SHA512