Date: Wed, 27 May 2020 14:00:31 +0200 From: magnum <john.magnum@...hmail.com> To: john-users@...ts.openwall.com Subject: Re: hashcat vs. JtR Some random additions: JtR has support for MPI, allowing you to mount a single attack on a *massive* number of hosts, such as a cluster with hundreds of GPU devices (although in some cases, especially Incremental mode unfortunately, the distribution gets very poor). Hashcat can use clusters by means of third-part tools like Hashtopus or what it's called now but that's not very practical for things other than dumb brute-force last time I checked. JtR has way better support for codepages and Unicode. I believe hashcat still can't crack an NT password that includes one or more letters of Greek, Russian, Arabic, Chinese and so on. In fact, hashcat can't even crack an NT password that contains a Euro-sign. JtR has no problems with things like that, including on GPU and using masks and/or rules. For hash-types that don't use UTF-16 internally, hashcat isn't quite *that* limited, but its rule and mask engines are basically ASCII-only while JtR has no problems eg. case-toggling a greek letter or utilizing a "character class" (for rules), or "mask placeholder", of lower-case cyrillic. Like others said, most serious users should make sure to know and use both tools! magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.