NOTE: When cracking WPA/WPA2 passwords, make sure you check first incase it's already been processed.

Home - General Discussion - Hashcat cracking partial hashes

Due to the number of SCAMS going on in the PAID forum, PLEASE ask an ADMIN or MODERATOR to verify ALL found passwords to ensure you are not being SCAMMED.
DO NOT PAY until an ADMIN or MOD has verified them for you!

5 Results - Page 1 of 1 -
Author Message
Admin / Owner
Status: Trusted
Joined: Tue, 05 Jul 2011
Posts: 3059
Team: HashKiller
Reputation: 4081 Reputation
7 days ago

Noticed Hashcat cracks hashes which are not exact but nearly so. What's the threshold for this? It's great but I want to know as I can also do this for HK.


4d9012b4a77a9524d675dad27c3276ab5705e5e8 <- Correct

20eabe5d64b0e216796e834f52d61fd0b70332fc <- Correct

7110eda4d09e062aa5e4a390b0a572ac0d2c0220 <- Correct


6bb4837eb74329105ee4568dda7dc67ed2ca2ad9 <- Correct

Largest I've seen is a 4 bytes as shown above. I need to check HK code as I "might" have done this already thinking about it. Simple function:

// Assumes byte arrays are equal.
public static byte ByteDiff(byte[] b1, byte[] b2)
byte c = 0;
for (var i = 0; i < b1.Length; i++) if (b1[i] != b2[i]) c++;
return c;

Please read the forum rules | Please read the paid section rules
I accept private hash lists, with forum donations only.
BTC: 15qF9WUeFUD63ishxyAMiEgGqTcYzk4j9b
GPU Power: 9x GTX 1070 + 4x GTX 1080


Status: Cracker
Joined: Sun, 08 Nov 2015
Posts: 543
Team: gpuhash team
Reputation: 1230 Reputation
7 days ago

It smells like openCL bug, unstable GPU setup, or bitmap table overflow.
First check the size of bitmap table (you can set its range using --bitmap-min and --bitmap-max switches)
If the bitmap is fine, send an issue to team official representative
Support, discounts, free offers for forum members


Status: n/a
Joined: Tue, 11 Sep 2018
Posts: 111
Reputation: 67 Reputation
7 days ago

well hashes that are unique to each outer but have a long string in similarity are not necessary an abcuarity of the same password but some times are i think sha1 fall under this a lot
and a few so if you have one hash close it my be just the same pw whit a different suffix or prefix


Status: n/a
Joined: Tue, 03 Apr 2018
Posts: 223
Reputation: 308 Reputation
7 days ago

pasnger57 said:

so if you have one hash close it my be just the same pw whit a different suffix or prefix

That's totally false information.

My haschat stuff (rules, scripts):


Status: Elite
Joined: Sun, 01 May 2016
Posts: 6
Team: CynoSure Prime
Reputation: 10 Reputation
7 days ago

There's a simple explanation for this behavior. Hashcat only checks if 128 bits of a hash match (there are some exceptions).
In the case of SHA1 the first 32 bits are ignored. Which 128 bits differs from algorithm to algorithm. See hashconfig->dgst_pos0 (through dgst_pos3) in src/interface.c
The SHA1 hash of "test" is a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 but you can change the first 32 bits to anything you want (e.g. deadbeefccb19ba61c4c0873d391e987982fbbd3) and hashcat will still crack it.

5 Results - Page 1 of 1 -

We have a total of 167137 messages in 20917 topics.
We have a total of 18773 registered users.
Our newest registered member is csmordor.