July 23, 2017 / by Casey & Hans
New release - 0.7-beta
Major Changes at a Glance
1) Distributed cracking!
2) Smart wordlists
3) Hashview Hub
4) More analytics
5) Additional Support for more hashes
Distributed Cracking
We had to make significant changes to handle distributed queuing which took us a bit longer. We have an API for remote agents and distributed support is painless.
Setup Agents
Install Hashview as normal, install Hashview Agent on a remote box and join it to the cluster via API. Checkout the Hashview Agent for more details.
Smart Wordlists
In an effort to improve your cracking results, we’ve taken our first stab at creating dynamic wordlists. These wordlists are a unique set of all plaintext words generated in hashview, both in the database, as well as for all wordlists. This wordlist is constantly updated and is supported like traditional wordlists (i.e. you can use rules with them) (detailed blog on how this works to follow)
Hashview hub
Hashview Hub is a free optional service that allows you to search our cloud based service for matching hashes that have already been cracked. As of this blog post Hub contains over 350 million hashes. To enable this service, look under the Manage -> Global Settings -> Hashview Hub. For your privacy, Hashview will only upload cracked hashes to the hub service if YOU want, and will NEVER send usernames, customer names, or any other identifiable information.
More Analytics!
We keep adding more popular analytics. This release we have the following:
Composition breakdown
how many passwords meet complexity requirements
Composition details
what are the most frequently used masks
Weak passwords
a list accounts/hashes containing extremely weak passwords
Additional Supported Hash Types
The following hash types have been added
md5($salt.$pass.$salt)
MySQL4.1/MySQL5
sha1($salt.sha1($pass))
sha1($salt.$pass.$salt)
phppass
WordPress(MD5)
Joomla (MD5)
Phppass
phpBB3 (MD5)
Juniper IVE
Blake2b-512
SHA-224
SHA-256
sha256($pass.$salt)
sha256($salt.$pass)
sha256(unicode($pass).$salt)
Sha256
salt.unicode($pass))
HMAC-SHA256 (key = $pass)
HMAC-SHA256 (key = $salt)
SHA-3 (Keccak)
GOST R 34.11-94
Apache $apr1 MD5
Md5apr1
MD5(ARP)
SHA-512
sha512($pass.$salt)
sha512($salt.$pass)
sha512(unicode($pass).$salt)
Sha512
alt.unicode($pass))
HMAC-SHA512 (key = $pass)
HMAC-SHA512 (key = $salt)
Whirlpool
Cisco-PIX MD5
Cisco-ASA MD5
iSCSI CHAP authentication
MD5(CHAP)
Cisco-IOS type 4 (SHA256)
Samsung Android Password/PIN
AIX {smd5}
AIX sha256}
AIX {ssha512}
AIX {ssha1}
FortiGate (FortiOS)
OSX v10.8+ (PBKDF2-SHA512)
Grub 2
IPMI2 RAKP HMAC-SHA1
Drupal7
Sybase ASE
Citrix NetScaler
DNSSEC (NSEC3)
WBB3 (Woltlab Burning Board)
+Lotus Notes/Domino 5
script
Lotus Notes/Domino 8