Help making custom charset/rule
#11
Quote:Is 10 chars total
Is only the hexadecimal chars, 1 to F (Uppercase)

with maskprocessor

Code:
mp64.bin -1 123456789ABCDEF ?1?1?1?1?1?1?1?1?1?1

Quote:Contains at least 1 digit
Contains at least 1 letter

pipe it through req.bin from hashcat-utils:

Code:
mp64.bin -1 123456789ABCDEF ?1?1?1?1?1?1?1?1?1?1 | req.bin 6 > out

Quote:Same letter or digit may only exist twice in same key
At least one letter or digit exist twice in same key

you can not do it yet. however, you could not do it with markov either...
#12
That’s fantastic atom thank you for your post. Big Grin

Quote:you can not do it yet. however, you could not do it with markov either...

I understand the limitations of markov but I only used the name markov after a discussion I had with you some time ago. This is why I call it pseudo markov.

In my original feature request I didn’t know how to describe / name it so I borrowed your markov comment. What I was originally asking for is a way to be able to narrow down the key-space if the attacker knows something about the password format, like in ZerXes example.

I would be very grateful if you could let us know how better to describe it for the request page. If the term pseudo markov is misleading could you please suggest another more accurate one and I will change the wiki.

Allowing hashcat users to be able to reduce the brute force key-space in this way would significantly damage the resistance of WPA against even humble cracking machines.

These last two "conditions" listed here...

Quote:Same letter or digit may only exist twice in same key
At least one letter or digit exist twice in same key

...would be very useful. I understand there is no way around them at the moment but they would be very powerful.

Thanks.

#13
(03-29-2012, 12:29 AM)Hash-IT Wrote: I understand the limitations of markov but I only used the name markov after a discussion I had with you some time ago. This is why I call it pseudo markov.

I see, OK.

(03-29-2012, 12:29 AM)Hash-IT Wrote: I would be very grateful if you could let us know how better to describe it for the request page. If the term pseudo markov is misleading could you please suggest another more accurate one and I will change the wiki.

No my plan is to add real markov, not pseudo-markov. We maybe have a misunderstand here?

(03-29-2012, 12:29 AM)Hash-IT Wrote: Allowing hashcat users to be able to reduce the brute force key-space in this way would significantly damage the resistance of WPA against even humble cracking machines.

Only for old Thompson routers. And they have been fixed in the meanwhile (while its known there is a new attack possible). So its not that efficient.


(03-29-2012, 12:29 AM)Hash-IT Wrote: These last two "conditions" listed here...

Quote:Same letter or digit may only exist twice in same key
At least one letter or digit exist twice in same key

...would be very useful. I understand there is no way around them at the moment but they would be very powerful.

agree, but this is very complicated stuff, there more generic it should be

#14
Quote:No my plan is to add real markov, not pseudo-markov. We maybe have a misunderstand here?

Ahh, probably !! I am a bit stupid, so I am probably using the wrong terminology most of the time, sorry.

Quote:Only for old Thompson routers. And they have been fixed in the meanwhile (while its known there is a new attack possible). So its not that efficient.

I understand what you mean here especially in the context of this thread but there are also other routers which have a fairly predictable password. SKY for example use only uppercase alpha 8 characters in length. If you could provide hashcat users with the functionality I was meaning with the term “pseudo-markov” then we could reduce cracking time as a user could restrict multiple occurrences of a given character side by side.

AAAAAADH is unlikely to be a random password so the user could tell the new function to limit the occurrence of a given character side by side to 1. I appreciate this will require a lot of thinking to work out. I wonder if others could contribute ideas or code to help your work load ?

Other BT routers and some Virgin ones have similar predictable patterns which could be exploited using this "occurrence of unique character" feature.

Looking forward to getting some beta testing done today, thank you very much for implementing some of my other requests ! ... You must dread my posts ! Big Grin

Thanks.


@ ZerXes

ZerXes did you understand what atom wrote ? Have you managed to get it to work mostly how you wanted ?
#15
Oh yeah, works like a charm. I passthrough the line atom made me using:
mp64.exe -1 123456789ABCDEF ?1?1?1?1?1?1?1?1?1?1 | req.exe 6 | oclHashcat-plus64 -m 2500 blablabla.hccap

Both my GPUs is at 95% load so I guess it has no problem feeding them keys.
Will be exciting to see if it will be able to feed my new GPUs too.
Thanks for the help atom!