NOTE: Why not use our List Manager to crack your lists? Its easy and enables better management.

NOTE: When cracking WPA/WPA2 passwords, make sure you check first incase it's already been processed.

Home - General Discussion - Hashcat cracking partial hashes

5 Results - Page 1 of 1 -
Author Message
Admin / Owner
Status: Trusted
Joined: Tue, 05 Jul 2011
Posts: 3145
Team: HashKiller
Reputation: 4157 Reputation
Sat, 12 Jan 2019 @ 19:28:54

Noticed Hashcat cracks hashes which are not exact but nearly so. What's the threshold for this? It's great but I want to know as I can also do this for HK.


4d9012b4a77a9524d675dad27c3276ab5705e5e8 <- Correct

20eabe5d64b0e216796e834f52d61fd0b70332fc <- Correct

7110eda4d09e062aa5e4a390b0a572ac0d2c0220 <- Correct


6bb4837eb74329105ee4568dda7dc67ed2ca2ad9 <- Correct

Largest I've seen is a 4 bytes as shown above. I need to check HK code as I "might" have done this already thinking about it. Simple function:

// Assumes byte arrays are equal.
public static byte ByteDiff(byte[] b1, byte[] b2)
byte c = 0;
for (var i = 0; i < b1.Length; i++) if (b1[i] != b2[i]) c++;
return c;

Please read the forum rules | Please read the paid section rules
I accept private hash lists, with forum donations only.
BTC: 15qF9WUeFUD63ishxyAMiEgGqTcYzk4j9b
GPU Power: 9x GTX 1070 + 4x GTX 1080


Status: Trusted
Joined: Sun, 08 Nov 2015
Posts: 616
Team: gpuhash team
Reputation: 1383 Reputation
Sat, 12 Jan 2019 @ 20:08:06

It smells like openCL bug, unstable GPU setup, or bitmap table overflow.
First check the size of bitmap table (you can set its range using --bitmap-min and --bitmap-max switches)
If the bitmap is fine, send an issue to team official representative
Support, discounts, free offers for HK members


Status: n/a
Joined: Tue, 11 Sep 2018
Posts: 168
Reputation: 113 Reputation
Sat, 12 Jan 2019 @ 20:20:56

well hashes that are unique to each outer but have a long string in similarity are not necessary an abcuarity of the same password but some times are i think sha1 fall under this a lot
and a few so if you have one hash close it my be just the same pw whit a different suffix or prefix


Status: n/a
Joined: Tue, 03 Apr 2018
Posts: 318
Reputation: 388 Reputation
Sat, 12 Jan 2019 @ 21:39:31

pasnger57 said:

so if you have one hash close it my be just the same pw whit a different suffix or prefix

That's totally false information.

My haschat stuff (rules, scripts):
BTC: 3C2h4xscGRq7XfZLicoVjRVkYrqqJ1Urc5


Status: Elite
Joined: Sun, 01 May 2016
Posts: 8
Team: CynoSure Prime
Reputation: 10 Reputation
Sun, 13 Jan 2019 @ 13:26:51

There's a simple explanation for this behavior. Hashcat only checks if 128 bits of a hash match (there are some exceptions).
In the case of SHA1 the first 32 bits are ignored. Which 128 bits differs from algorithm to algorithm. See hashconfig->dgst_pos0 (through dgst_pos3) in src/interface.c
The SHA1 hash of "test" is a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 but you can change the first 32 bits to anything you want (e.g. deadbeefccb19ba61c4c0873d391e987982fbbd3) and hashcat will still crack it.

5 Results - Page 1 of 1 -

We have a total of 174864 messages in 21802 topics.
We have a total of 19934 registered users.
Our newest registered member is emummisse.