crackmon - Monitor Hashcat Crackrate

cyclone

Title: crackmon
Author: cyclone
URL: https://github.com/cyclone-github/crackmon
Description:
Hashcat wrapper tool to bypass current attack if crack rate drops below threshold.

crackmon

Hashcat wrapper tool to bypass current attack if crack rate drops below threshold.

Usage:

Default: -time 1m -crack 1

./crackmon ./hashcat {hashcat args}

Custom: -time 2m -crack 100

./crackmon -t 2 -c 100 ./hashcat {hashcat args}

For more info:

./crackmon -help
Examples:

Defaults to -time 1m -crack 1
./crackmon ./hashcat {hashcat args}

Custom: -time 5m -crack 100
./crackmon -t 5 -c 100 ./hashcat {hashcat args}

All flags:
	-t         minimum runtime in minutes
	-c         cumulative average cracks threshold
	-debug     enable debug output
	-help      show this help menu
	-version   show version info

Supported hashcat attacks:
	-a 0       straight
	-a 1       combination
	-a 9       associated

Partially supported hashcat attacks:
	-a 3       mask
	-a 6       hybrid
	-a 7       hybrid

Unsupported hashcat flags:
	-i         incremental
	--status-json

For troubleshooting, run with -debug flag

./crackmon -debug ./hashcat...

Notes:

• Compiled and tested on debian 12 and Windows 11 Terminal
• Designed for running hashcat attacks -a 0, 1, 9.
• Supports -a 3, 6, 7, but does not currently support hashcat mask files or -incremental due to how hashcat handles sessions when running -i or mask files.

Changelog:

https://github.com/cyclone-github/crackmon/blob/main/CHANGELOG.md

Compile from source:

• If you want the latest features, compiling from source is the best option since the release version may run several revisions behind the source code.
• This assumes you have Go and Git installed
  • git clone https://github.com/cyclone-github/crackmon.git
  • cd crackmon
  • go mod init crackmon
  • go mod tidy
  • go build -ldflags="-s -w" .
• Compile from source code how-to:
  • https://github.com/cyclone-github/scripts/blob/main/intro_to_go.txt

A Former User

What is it for?

cyclone

@174region174

crackmon is a wrapper for hashcat that monitors cracking performance of the current attack session and sends a bypass command to hashcat if the crack rate falls below a defined threshold.
ex: if you want to bypass the current attack if hashcat hasn't cracked at least 100 hashes in the last 10 minutes, you can use crackmon to bypass the attack by using the command below:

./crackmon -t 10 -c 100 ./hashcat {hashcat args}

v1cvap0r

Any chance that this tool can be modified to support HashManager as well? Maybe by using a specific flag that will be used when running Hashcat, and when using HashManager... if this last one can be supported.

v1cvap0r

Oh, forgot: and mdxfind ? Any chance ?

cyclone

@v1cvap0r
That's a neat idea. Feel free to submit an issue on github to request support for HashManger and/or mdxfind. If there's enough interest, I'll look into either adding support or developing a separate tool for them.

Do keep in mind, crackmon is specifically written to read hashcat's status and send control commands back to hashcat, like pressing "b" to bypass the current attack. Not much of the existing logic would work with HashManager or mdxfind, so supporting these tools would require a significant rewrite of crackmon’s codebase.

v1cvap0r

It's now done.

v1cvap0r

Another sugestion/request: can be added and option to on/off a beep sound when a hash is cracked? This is useful for (very) long runs and people are away from the computer, in the same or a continuous room. The beep sound will call our attention for something that has been found.
This obviously will be turned off or simply not included in the command line, when running lists with continuous founds.
Maybe there are other solutions that I'm not aware off.

cyclone

@v1cvap0r While that could be done, crackmon was designed to bypass the current hashcat attack when the crack rate falls below a defined threshold. To be notified of new founds, there's other solutions such as monitoring hashcat's potfile and/or output path. This method is something I've written tools for myself and clients and can be set to play a sound, display a notification, send an email, etc.

cyclone

crackmon v0.2.0 released:
https://github.com/cyclone-github/crackmon/releases/tag/v0.2.0

fixed https://github.com/cyclone-github/crackmon/issues/7
updated versioning
add warnings if using unsupported hashcat attack or flag