github/hashcat
1
Fork 0
mirror of https://github.com/hashcat/hashcat synced 2024-11-20 23:27:31 +01:00
Code Releases Activity

Update docs/changes.txt with recent changes

Browse Source
This commit is contained in:
Jens Steube 2019-08-05 12:09:55 +02:00
parent 0f6c507b53
commit d1ca061577
1 changed files with 65 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

91
docs/changes.txt
View File

@ -1,70 +1,90 @@
* changes v5.1.0 -> v5.x.x
* changes v5.1.0 -> v6.0.0
##
## Feature
##
- Fully modularized hash-mode integration via plugin interface and converted all existing hash-modes
- Refactor hashcat backend interface to allow adding compute API other than OpenCL
- Add CUDA as a new compute API to hashcat backend (enables hashcat to run on NVIDIA Jetson or IBM POWER9)
- Support use of all available GPU memory using CUDA backend
- Support on-the-fly loading of compressed wordlists in zip and gzip format
- Support for inline VeraCrypt PIM Brute-Force
- Support Deflate decompression for the 7-Zip hash type using zlib
- Compressed wordlists, gzip and zip format, using zlib
- Support deflate decompression for the 7-Zip hash-mode using zlib hook
##
## Algorithms
##
- Added hash-mode: Open Document Format (ODF) 1.2 (SHA-256, AES)
- Added hash-mode: Open Document Format (ODF) 1.1 (SHA-1, Blowfish)
- Added hash-mode: Java Object hashCode()
- Added hash-mode: Blockchain, My Wallet, Second Password (SHA256)
- Added hash-mode: Electrum Wallet (Salt-Type 3)
- Added hash-mode: Android Backup
- Added hash-mode: QNX /etc/shadow (MD5)
- Added hash-mode: QNX /etc/shadow (SHA256)
- Added hash-mode: QNX /etc/shadow (SHA512)
- Added hash-mode: Kerberos 5 TGS-REP etype 17 (AES128-CTS-HMAC-SHA1-96)
- Added hash-mode: Kerberos 5 TGS-REP etype 18 (AES256-CTS-HMAC-SHA1-96)
- Added hash-mode: AuthMe sha256
- Added hash-mode: BitShares v0.x
- Added hash-mode: Blockchain, My Wallet, Second Password (SHA256)
- Added hash-mode: DiskCryptor
- Added hash-mode: Electrum Wallet (Salt-Type 3)
- Added hash-mode: Huawei Router sha1(md5($pass).$salt)
- Added hash-mode: Java Object hashCode()
- Added hash-mode: Kerberos 5 Pre-Auth etype 17 (AES128-CTS-HMAC-SHA1-96)
- Added hash-mode: Kerberos 5 Pre-Auth etype 18 (AES256-CTS-HMAC-SHA1-96)
- Added hash-mode: sha1(md5(md5($pass)))
- Added hash-mode: sha1($salt1.$pass.$salt2)
- Added hash-mode: Ruby on Rails Restful-Authentication
- Added hash-mode: Kerberos 5 TGS-REP etype 17 (AES128-CTS-HMAC-SHA1-96)
- Added hash-mode: Kerberos 5 TGS-REP etype 18 (AES256-CTS-HMAC-SHA1-96)
- Added hash-mode: Open Document Format (ODF) 1.1 (SHA-1, Blowfish)
- Added hash-mode: Open Document Format (ODF) 1.2 (SHA-256, AES)
- Added hash-mode: Oracle Transportation Management (SHA256)
- Added hash-mode: PKZIP archive encryption
- Added hash-mode: PKZIP Master Key
- Added hash-mode: DiskCryptor
- Added hash-mode: Python passlib pbkdf2-sha1
- Added hash-mode: Python passlib pbkdf2-sha256
- Added hash-mode: Python passlib pbkdf2-sha512
- Added hash-mode: Oracle Transportation Management (SHA256)
- Added hash-mode: QNX /etc/shadow (MD5)
- Added hash-mode: QNX /etc/shadow (SHA256)
- Added hash-mode: QNX /etc/shadow (SHA512)
- Added hash-mode: Ruby on Rails Restful-Authentication
- Added hash-mode: md5($salt.sha1($salt.$pass))
- Added hash-mode: md5(sha1($pass).md5($pass).sha1($pass))
- Added hash-mode: md5(sha1($salt).md5($pass))
- Added hash-mode: sha1(md5(md5($pass)))
- Added hash-mode: sha1(md5($pass.$salt))
- Added hash-mode: sha1(md5($pass).$salt)
- Added hash-mode: sha1($salt1.$pass.$salt2)
- Added hash-mode: sha256(md5($pass))
- Added hash-mode: sha256(sha256_bin(pass))
- Added hash-mode: sha256(sha256($pass).$salt)
##
## Bugs
##
- Fixed buffer overflow in build_plain() function
- Fixed copy/paste error leading to invalid "Integer overflow detected in keyspace of mask" in attack-mode 6 and 7
- Fixed cracking of Cisco-PIX and Cisco-ASA MD5 passwords in mask-attack mode if mask > length 16
- Fixed cracking of Electrum Wallet Salt-Type 2 hashes
- Fixed cracking of NetNTLMv1 passwords in mask-attack mode if mask > length 16 (optimized kernels only)
- Fixed cracking raw Streebog-HMAC 256 and 512 hashes with password of length >= 64
- Fixed cracking raw Whirlpool hashes cracking with password of length >= 32
- Fixed incorrect progress-only result in a special race condition
- Fixed invalid call of mp_css_utf16le_expand()/mp_css_utf16be_expand() in a slow-candidate session
- Fixed invalid password truncation in attack-mode 1 if final password is longer than 32 character
- Fixed maximum password length limit which was announced as 256 but actually was 255
- Fixed output of IKE PSK (mode 5300 and 5400) hashes to have separators at right position
- Fixed output password of "e" rule in pure and cpu rule engine if separator character is also the first letter
- Fixed problem with the usage of the hexadecimal notations (\x00-\xff) within rules
- Fixed some memory leaks in case hashcat is shutting down due to some file error
- Fixed the 7-Zip parser to allow the entire supported range of encrypted and decrypted data lengths
- Fixed the validation of the --brain-client-features command line argument (only values 1, 2 or 3 are allowed)
- Fixed problem with the usage of the hexadecimal notations (\x00-\xff) within rules
##
## Improvements
##
- Startup Checks: Improved the pidfile check: Do not just check for existing PID but also check executable filename
- Cracking bcrypt and Password Safe v2: Use a feedback from the OpenCL runtime to dynamically find out optimal thread count
- Bitcoin Wallet: Be more user friendly by allowing a larger data range for ckey and public_key
- Building: Fix for library compilation failure due to multiple defenition of sbob_xx64()
- Building: Updated BUILD.md
- Cracking bcrypt and Password Safe v2: Use a feedback from the compute API backend to dynamically find out optimal thread count
- Documents: Added README on how to build hashcat on MSYS2
- My Wallet: Added additional plaintext pattern used in newer versions
- OpenCL Runtime: Disable OpenCL kernel cache on Apple for Intel CPU (throws CL_BUILD_PROGRAM_FAILURE for no reason)
- OpenCL Runtime: Do not run a shared- and constant-memory size check if their memory type is of type global memory (typically CPU)
- OpenCL Runtime: Improve ROCM detection and make sure to not confuse with recent AMDGPU drivers
- OpenCL Runtime: Not using amd_bytealign (amd_bitalign is fine) on AMDGPU driver drastically reduces JiT segfaults
- OpenCL Runtime: Unlocked maximum thread count
@ -73,25 +93,44 @@
- OpenCL Runtime: Workaround JiT compiler error on ROCM 2.3 driver if the 'inline' keyword is used in function declaration
- OpenCL Runtime: Workaround memory allocation error on AMD driver on Windows leading to CL_MEM_OBJECT_ALLOCATION_FAILURE
- OpenCL Runtime: Workaround ROCm OpenCL driver problem trying to write temporary file into readonly folder by setting TMPDIR
- OpenCL Runtime: Do not run a shared- and constant-memory size check if their memory type is of type global memory (typically CPU)
- Startup Checks: Improved the pidfile check: Do not just check for existing PID but also check executable filename
- Startup Screen: Add extra warning when using --force
- Startup Screen: Provide an estimate of host memory requirements for the requested attack
- Status Screen: Added brain status for all devices
- Status Screen: Added remaining counts and changed recovered count logic
- Status Screen: Added --status-json flag for easier machine reading of hashcat status output
- Tab Completion: Allow using "make install" version of hashcat
- Tuning Database: Updated hashcat.hctune with new models and refreshed vector width values
- WPA/WPA2 cracking: In the potfile, replace password with PMK in order to detect already cracked networks across all WPA modes
- WipZip cracking: Added two byte early reject, resulting in higher cracking speed
- WPA/WPA2 cracking: In the potfile, replace password with PMK in order to detect already cracked networks across all WPA modes
##
## Technical
##
- Binary Distribution: Removed 32 bit binary executables
- Building: On macOS, switch from ar to /usr/bin/ar to improve building compatibility
- Building: Skipping Travis/Appveyor build for non-code changes
- Codebase: Cleanup of many unused rc_* variables
- Codebase: Fixed some printf() format arguments
- Codebase: Fixed some type casting to avoid truncLongCastAssignment warnings
- Codebase: Moved hc_* file functions from shared.c to filehandling.c
- Codebase: Ran through a bunch of clang-tidy checkers and updated code accordingly
- Codebase: Remove redundant calls to fclose()
- Dependencies: Updated LZMA-Headers from 18.05 to 19.00
- Dependencies: Updated OpenCL-Headers to latest version from GitHub master repository
- Hash-mode 1460 (HMAC-SHA256 (key = $salt)): Allow up to 64 byte of salt
- Hash-Mode 1680x (WPA-PMKID) specific: Changed separator character from '*' to ':'
- Hash-Mode 8300 (DNSSEC (NSEC3)) specific: Allow empty salt
- Keep Guessing: No longer automatically activate --keep-guessing for modes 9720, 9820, 14900 and 18100
- Kernel Cache: Reactivate OpenCL runtime specific kernel caches
- Kernel Compile: Removed -cl-std= from all kernel build options since we're compatible to all OpenCL versions
- Mode 16800/16801 hash format: Changed separator character from '*' to ':'
- Requirements: Update runtime check for minimum NVIDIA driver version from 367.x to 418.56 or later
- Requirements: Add new requirement for NVIDIA GPU: CUDA Toolkit (10.1 or later)
- OpenCL Kernels: Fix OpenCL compiler warning on double precision constants
- OpenCL Options: Removed --opencl-platforms filter in order to force backend device numbers to stay constant
- Parsers: switched from strtok() to strtok_r() for thread safety
- Requirements: Add new requirement for NVIDIA GPU: CUDA Toolkit (10.1 or later)
- Requirements: Update runtime check for minimum NVIDIA driver version from 367.x to 418.56 or later
- Test Script: Switched from /bin/bash to generic /bin/sh and updated code accordingly
* changes v5.0.0 -> v5.1.0