"Fossies" - the Fresh Open Source Software Archive

Member "hashcat-6.2.6/docs/limits.txt" (2 Sep 2022, 2938 Bytes) of package /linux/privat/hashcat-6.2.6.tar.gz:

As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file. See also the last Fossies "Diffs" side-by-side code changes report for "limits.txt": 6.2.2_vs_6.2.3.

    1 ##
    2 ## Maximum password lengths vary depending on kernel, hash type, and encoding
    3 ##
    4 
    5 See https://hashcat.net/faq/lengths
    6 
    7 ##
    8 ## Generic hash modes only support salt lengths up to 256
    9 ##
   10 
   11 This limitation on salt lengths only affects generic hash modes, such as md5(pass.salt).
   12 
   13 Dedicated hash modes allow unlimited salt length support.
   14 
   15 ##
   16 ## File and folder names including UTF-16 characters are not supported
   17 ##
   18 
   19 UTF-16 is mostly seen on Windows. UTF-8 (as mostly used on Linux and macOS) are fine.
   20 
   21 Important: That does not mean UTF-16 file content, which is fully supported.
   22 
   23 It only means the filename itself.
   24 
   25 ##
   26 ## Hashing algorithms that internally use UTF-16 characters could in special cases lead to false negatives
   27 ##
   28 
   29 This applies to optimized kernels (-O) only:
   30 
   31 The UTF-16 conversion implementation used within the kernel code is optimized for performance. For that
   32 reason, hashcat does not respect all complicated encoding rules required to correctly convert, for instance,
   33 ASCII or UTF-8 to UTF-16LE (or UTF-16BE). The implementation most likely fails with multi-byte characters,
   34 because we basically add a zero byte every second byte within the kernel conversion code.
   35 
   36 Since hashcat v6.2.1 there is true UTF-16 support for pure kernels. UTF-16 is fully supported.
   37 
   38 ##
   39 ## The use of --keep-guessing eventually skips reporting duplicate passwords
   40 ##
   41 
   42 This does not mean that valid passwords are skipped; they are always reported.
   43 
   44 Only if you hit the same password twice for the same hash the password may be shown only once.
   45 
   46 If --keep-guessing is not used, this can not occur.
   47 
   48 This limitation cannot be fixed, because it would require too much device (GPU/CPU) memory. If we wanted
   49 to report back all possible password candidates executed in a single kernel invocation, it would require
   50 this much memory per device:
   51 
   52 Number-of-MCU * Max-threads * Max-accel * Max-inner-loops * sizeof (plain_t)
   53 
   54 For example, on a Vega64: 64 * 1024 * 1024 * 1024 * 20 = 1,374,389,534,720 bytes = 1280 GB VRAM
   55 
   56 ##
   57 ## Hashcat GPU memory usage may be limited by maximum memory allocation sizes of OpenCL drivers
   58 ##
   59 
   60 Most hashcat memory allocations are supposed to remain inside the same memory area.
   61 
   62 The maximum size of a memory allocation is limited by GPU drivers / OpenCL runtimes.
   63 
   64 Only a few modes (like scrypt) have special workarounds to make use of more than one allocation.
   65 
   66 ##
   67 ## The maximum number of functions per rule is limited to 31
   68 ##
   69 
   70 This makes the size of one rule 128 byte.
   71 
   72 On the other hand, there is a 25% OpenCL single allocation memory limit.
   73 
   74 A typical GPU of today has 8GB = 2GB/128 = 16M rules max
   75 
   76 If hashcat supported more functions per rule, it would be limited to fewer rules.
   77 
   78 This is a trade-off game.
   79 
   80 ##
   81 ## Position identifiers in rules are limited to 36
   82 ##
   83 
   84 The upper limit of maximum 36 positions for various rule functions (0-9, A-Z) was a design decision by the original authors of the rule engine.
   85