OP 14 March, 2022 - 08:38 AM
Just curious what people's recovery rates are with hashcat against database dumps. What rules and wordlists are you using? Do you have a cutoff threshold for when you stop (ie 24 hours)?
I can normally get 70-80% on a normal encrypted database dump (ie predominately English speaking users, encrypted w/ md5, md5crypt, phpass, etc), but getting much more than that seems to add 3x (or more) to the amount of time to crack. I mostly just use the crackstation and rockyou wordlists in addition to the dumped usernames. For attacks I use a few different rules: hob064, dive, and a simple one I put together to feed into prince processor. One thing I did do was modify the hob064 rules to extend out the year suffixes to 2022, both with and without an exclamation point and leetspeak substitutions (original only uses 2015, 2016, and 2016!).
I can normally get 70-80% on a normal encrypted database dump (ie predominately English speaking users, encrypted w/ md5, md5crypt, phpass, etc), but getting much more than that seems to add 3x (or more) to the amount of time to crack. I mostly just use the crackstation and rockyou wordlists in addition to the dumped usernames. For attacks I use a few different rules: hob064, dive, and a simple one I put together to feed into prince processor. One thing I did do was modify the hob064 rules to extend out the year suffixes to 2022, both with and without an exclamation point and leetspeak substitutions (original only uses 2015, 2016, and 2016!).