2018-10-15 08:06 UTC

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0004962Kali Linux[All Projects] Kali Package Bugpublic2018-10-03 06:20
ReporterSplo1tr 
Assigned To 
PrioritynormalSeverityminorReproducibilityhave not tried
StatusnewResolutionopen 
Product Version2018.3 
Target VersionFixed in Version 
Summary0004962: Hashcat 4.2.1 wrong assumption
Descriptionhttps://github.com/hashcat/hashcat/issues/1683
Attached Files

-Relationships
+Relationships

-Notes

~0009623

Splo1tr (reporter)

Affects only 2018.3 i386 release...

https://images.offensive-security.com/virtual-images/kali-linux-2018.3-vm-i386.7z 84715b351460cadad7e5d87e4034bfc50a9befc3904205bc6ca0afc6def61066 kali-linux-2018.3-vm-i386.7z

and is reproducible with and without latest updates.

~0009627

sbrun (manager)

Thank you for your interest in Kali but this bug report is not actionable.
It seems to be an issue specific to i386, but not to Kali.
Please precise what you have done, which image you have tested and how to reproduce this issue.
Can you reproduce this issue on the live image http://cdimage.kali.org/kali-2018.3/kali-linux-2018.3-i386.iso ?

~0009637

Splo1tr (reporter)

Yes, the kali-linux-2018.3-i386.iso is also affected. I tested back on 2018.2-i386.iso which doesnt have this bug and cracks the password correctly.

To reproduce start the live iso and use hashcat to crack the wordpress saltet md5 from the ticket.

echo "\$P\$B9wJdX0NkO95U2L.kqAGXsFufwSp5N1" > wp.txt
hashcat -m 400 -a 3 wp.txt ?s?s?s?s?s

The output is not as expected and giving a hex'd output which is unusal. Please try exactly with the hash from issue 1683 posted in the description.

Can you reproduce the issue now?

~0009762

Splo1tr (reporter)

Another user reported the bug exists in Kali Linux x86!

https://github.com/hashcat/hashcat/issues/1695

From the testings this seems to be buggy since all updated x86 kernels since > 4.15.0-kali2-686-pae (2018.2), because the live iso still works correctly.

Can you reproduce this as issue and tell us if it is related to kali x86 kernel or to hashcat or even anything else on your distro? Hashcat itself cracks the password correctly in 64bit releases in every version. In my opinion it is actionable now.

~0009780

deargle (reporter)

I reproduced this error with a simple plaintext md5 crack, on i686 virtualized environment, including fresh-download of live cd and 32bit prepared vm vbox download from offensive-security.com.

Report here: https://github.com/hashcat/hashcat/issues/1709

tested with the following isos:
* kali-linux-light-2018-3a-i386-iso (bug present)
* kali-linux-light-2018-3a-amd64-iso (bug not present)
* kali-linux-2018-3a-i386-iso (bug present)
* kali-linux-2018-3-vbox-i386-ova (bug present)
+Notes

-Issue History
Date Modified Username Field Change
2018-09-07 11:43 Splo1tr New Issue
2018-09-10 11:58 Splo1tr Note Added: 0009623
2018-09-10 13:53 sbrun Status new => feedback
2018-09-10 13:53 sbrun Note Added: 0009627
2018-09-11 10:14 Splo1tr Note Added: 0009637
2018-09-11 10:14 Splo1tr Status feedback => new
2018-09-23 22:08 Splo1tr Note Added: 0009762
2018-10-03 06:20 deargle Note Added: 0009780
+Issue History