hashcat Forum

Full Version: oclHashcat bruteforce
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2
Which options should I use to check all combinations of 1-3 symbol passwords during bruteforcing hashes?
I use -m 0 -a 3 -o cracked.txt -1 ?a
yes but you need to add the ?a for each position of the password length. for example if you think the password is 6 characters then you need
?a?a?a?a?a?a

for 8 characters you want
?a?a?a?a?a?a?a?a

and so on.

you don't need the -1 unless you are using it as a variable, which looks like this
-1 ?l?u?d?s ?1?1?1?1?1?1

that does the same as the above ?a example.

more examples

http://hashcat.net/wiki/doku.php?id=mask_attack
(02-02-2015, 06:16 PM)forumhero Wrote: [ -> ]yes but you need to add the ?a for each position of the password length. for example if you think the password is 6 characters then you need
?a?a?a?a?a?a

for 8 characters you want
?a?a?a?a?a?a?a?a

and so on.

you don't need the -1 unless you are using it as a variable, which looks like this
-1 ?l?u?d?s ?1?1?1?1?1?1

that does the same as the above ?a example.

more examples

http://hashcat.net/wiki/doku.php?id=mask_attack

Thanks for the reply. Now I've understood about -1 usage.
But i still don't get how to brute all possible passwords if I do not know the length of a password. Lets say I want to start from 1 charachter passwords and go to 7 charachter passwords. Do I need to use some mask file or increment option?
If you use oclHashcat, just use -i for increment
(02-03-2015, 04:59 PM)atom Wrote: [ -> ]If you use oclHashcat, just use -i for increment

so correct command will look
Code:
-m 0 -a 3 -o cracked.txt -1 ?a -i
look again at post 2
(02-04-2015, 05:27 PM)undeath Wrote: [ -> ]look again at post 2

is it correct now?
-m 0 -a 3 -o cracked.txt ?a -i
(02-05-2015, 12:31 PM)krest Wrote: [ -> ]
(02-04-2015, 05:27 PM)undeath Wrote: [ -> ]look again at post 2

is it correct now?
-m 0 -a 3 -o cracked.txt ?a -i

-m 0 -a 3 -o cracked.txt -i ?a?a?a?a?a?a?a

This will bruteforce from 1 character to 7 characters password.
thanks you all for help
I'm a little late, but instead of -i you could use a file with masks instead. For the example above of 1-7, create a file with the following lines:

?a
?a?a
?a?a?a
?a?a?a?a
?a?a?a?a?a
?a?a?a?a?a?a
?a?a?a?a?a?a?a

Give the file name instead of the mask. If the above file was named 7brute.hcmask, then the command line segment would be:

-m 0 -a 3 -o cracked.txt 7brute.hcmask

This method has an advantage over the -i in that you can add as many masks as you want, and hashcat/oclhashcat will go through each one without you have to reset for the next run. For instance, I would usually check 8-12 all digits afterwards (1-7 are already covered with ?a set), and maybe 8-9 all lowercase and 8-9 all uppercase. Just add the appropriate masks to the file before you start. You can't do that with -i.
Pages: 1 2