Operational efficiency issues and support username: hash

[allwithfly]

Why? When i Using the "gocrack" BUT it's significantly less efficient than The "hashcat".
Is my gocrack-configuration's question?

THX! That's my runing logs:
--------------------------------using hashcat --------------------------------------
Session ..........: hashcat
Status ...........: Exhausted
Hash.Type ........: MD5
Hash.Target ......: onlypass.txt
Time.Started .....: Mon Nov 6 15:36:34 2017 (2 mins, 10 secs)
Time.Estimated ...: Mon Nov 6 15:38:44 2017 (0 secs)
Guess.Base .......: File (onlydic.txt)
Guess.Queue ......: 1/1 (100.00%)
Speed.Dev. # 1 .....: 475.8 kH / s (7.84 ms)
Recovered ........: 3851155/8396914 (45.86%) Digests, 0/1 (0.00%) Salts
Recovered / Time ...: CUR: 2408655, N / A, N / A AVG: 1785572, 107134366, -2147483648 (Min, Hour, Day)
Progress .........: 56932171/56932171 (100.00%)
Rejected .........: 0/56932171 (0.00%)
Restore.Point ....: 56932171/56932171 (100.00%)
Candidates. # 1 ....: midas1342 -> drdjcgv
HWMon.Dev. # 1 .....: Temp: 33c Fan: 46% Util: 20% Core: 1139MHz Mem: 3304MHz Bus: 1
-------------------------------- using gocrack --------------------------------------
Time Started Mon Nov 6 14:50:50 2017
Time Estimated Mon Nov 6 22:05:24 2017 (6 hours, 32 mins)

In addition, hashcat uses the --username option to identify user and hash combinations like admin: e10adc3949ba59abbe56e057f20f883e.
gocrack how to support such a format?

Translate for Google

[tankbusta]

Can you provide more information please:

1. What version of hashcat were you using in the above snippet
2. Can you show the output of ‘hashcat —opencl-info’?
3. Can you confirm you ran both tasks with the same dictionary and no mangling rules?

Unfortunately I’m out for a few weeks on leave but i know we have not seen any performance issues or impact in our environments and testing. This additional info will help me troubleshoot it when I get back.

[allwithfly]

We have a 16-hour time difference so it's wonderful to be able to communicate, not so good as my English. Haha. Happy holidays.
f@f-go:~$ hashcat --version
v3.6.0+

f@f-go:~$ hashcat --opencl-info

OpenCL Info:

Platform ID #1
  Vendor  : NVIDIA Corporation
  Name    : NVIDIA CUDA
  Version : OpenCL 1.2 CUDA 9.0.194

  Device ID #1
    Type           : GPU
    Vendor ID      : 32
    Vendor         : NVIDIA Corporation
    Name           : GeForce GTX 1060 6GB
    Version        : OpenCL 1.2 CUDA
    Processor(s)   : 10
    Clock          : 1708
    Memory         : 1518/6072 MB allocatable
    OpenCL Version : OpenCL C 1.2 
    Driver Version : 384.90

  Device ID #2
    Type           : GPU
    Vendor ID      : 32
    Vendor         : NVIDIA Corporation
    Name           : GeForce GTX 950
    Version        : OpenCL 1.2 CUDA
    Processor(s)   : 6
    Clock          : 1190
    Memory         : 497/1988 MB allocatable
    OpenCL Version : OpenCL C 1.2 
    Driver Version : 384.90

If you need, I can provide my hash and dictionary.
I can guarantee that gocrack and hashcat use the same hash and dictionary.
In addition, you have not tested the hash or the dictionary file is relatively large situation.

[tankbusta]

@allwithfly I tried to reproduce this by generating a file with 8,396,914 random MD5 hashes and using a larger dictionary (78,716,111 entries ~800MB) and i'm not seeing any performance impact.

hashcat (v3.6.0+) starting...

OpenCL Platform #1: Apple
=========================
* Device #1: Intel(R) Core(TM) i7-4870HQ CPU @ 2.50GHz, skipped.
* Device #2: Iris Pro, 384/1536 MB allocatable, 40MCU
* Device #3: AMD Radeon R9 M370X Compute Engine, 512/2048 MB allocatable, 10MCU

Hashes: 8396914 digests; 8396914 unique digests, 1 unique salts
Bitmaps: 24 bits, 16777216 entries, 0x00ffffff mask, 67108864 bytes, 5/13 rotates
Rules: 1

Applicable optimizers:
* Zero-Byte
* Precompute-Init
* Precompute-Merkle-Demgard
* Meet-In-The-Middle
* Early-Skip
* Not-Salted
* Not-Iterated
* Single-Salt
* Raw-Hash

Watchdog: Temperature abort trigger disabled.
Watchdog: Temperature retain trigger disabled.

Dictionary cache hit:
* Filename..: /Users/cschmitt/800mb.dict
* Passwords.: 78716111
* Bytes.....: 861753420
* Keyspace..: 78716111

[s]tatus [p]ause [r]esume [b]ypass [c]heckpoint [q]uit => s

Session..........: hashcat
Status...........: Exhausted
Hash.Type........: MD5
Hash.Target......: testing.hashes
Time.Started.....: Tue Nov 21 11:43:31 2017 (4 secs)
Time.Estimated...: Tue Nov 21 11:43:35 2017 (0 secs)
Guess.Base.......: File (/Users/cschmitt/800mb.dict)
Guess.Queue......: 1/1 (100.00%)
Speed.Dev.#2.....: 10215.2 kH/s (9.34ms)
Speed.Dev.#3.....:  8852.0 kH/s (4.51ms)
Speed.Dev.#*.....: 19067.2 kH/s
Recovered........: 0/50 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 78716111/78716111 (100.00%)
Rejected.........: 689762/78716111 (0.88%)
Restore.Point....: 76039779/78716111 (96.60%)
Candidates.#2....: $HEX[574b54484c524d4c3630] -> $HEX[bfbfbfbf]
Candidates.#3....: vita1980 -> WKTHEBOSSSON

Here's a message from GoCrack from a task with the same configuration:

{
    "message": {
        "status": {
            "Candidates": {
                "2": "viwuwi45 -> yume-ikoma",
                "3": "$HEX[79756d652d69726f] -> $HEX[bfbfbfbf]"
            },
            "DeviceStatus": [
                {
                    "DeviceID": 2,
                    "ExecDev": 12.072813333333334,
                    "HashesSec": "10538.6 k"
                },
                {
                    "DeviceID": 3,
                    "ExecDev": 6.992842133333334,
                    "HashesSec": "10032.2 k"
                }
            ],
            "GuessBase": "/Users/cschmitt/.gocrack/worker/shared_files/92ccc2cf-9827-4cf4-a1eb-a14f9894a168",
            "GuessMode": 1,
            "GuessQueue": "1/1 (100.00%)",
            "HashTarget": "/Users/cschmitt/.gocrack/worker/task_files/d20467e6-c163-4242-ad34-13ddd243fa3c",
            "HashType": "MD5",
            "Progress": "78716111/78716111 (100.00%)",
            "ProgressMode": 1,
            "Recovered": "0/8396914 (0.00%) Digests, 0/1 (0.00%) Salts",
            "Rejected": "689762/78716111 (0.88%)",
            "RestorePoint": "75366905/78716111 (95.75%)",
            "Session": "4a454b6d-6134-4ac1-b7cd-d0887627114d",
            "Status": "Exhausted",
            "TimeEstimated": "Tue Nov 21 11:52:00 2017",
            "TimeEstimatedRelative": "0 secs",
            "TimeStarted": "Tue Nov 21 11:51:56 2017",
            "TotalSpeed": "20570.8 k"
        },
        "task_id": "4a454b6d-6134-4ac1-b7cd-d0887627114d"
    },
    "topic": "task_status_final"
}

Both runs have nearly identical runtime and hashes/sec. I don't feel comfortable asking for your hash list and dictionary but if you're just cracking an OSINT dump, feel free to share.

Did you compile GoCrack yourself or are you using the pre-compiled binaries from the releases section?

[allwithfly]

My GoCrack is compiled by myself.

[allwithfly]

I will use this dictionary to generate MD5 http://weakpass.com/wordlist/1256
And using the pre-compiled binaries from the releases section
Test again
I do not know how to find the same GoCrack log as you.