hashcat Forum

Full Version: rules in combination attack
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Hi there, thanks for building this great software :-)
I have an old truecrypt container without a password - but I know it shoud be a combination of some of my other passwords concated with "+*-$" or whatever. So I wrote everything I remembered into a file and used a shell script to combine everything with everything to deepth 3 = - ~50 Lines ^ 3 possibilities. I use this same list for left and right in a combination attack = 50^6 possible combinations.

Works fine, I only have one problem - I know my password is rather long (> 16 Chars), but I only can set rules for left and right seperately. I'd like to have a rule to reject all combined passwords <= 16 chars since passwords like *----* are useless to me. Rule file is only supported with -a 0

My current command line looks like this (to sort out at least the obvious crap):
oclHashcat64.exe -m 6211 -a 1 container.tc left.txt right.txt -j ">6" -k ">6"

Any idea to optimize this thing? I fear I have to remember some more passwords and try again (perhaps with depth 4 on both sides) and it would be very usefull to drop the crap instead of trying every possible combination...
in my experience, no ruled oclHashcat is more faster in slow hashes
so I think below command is suitable for truecrypt hash

combinator.bin dict1.txt dict2.txt | len.bin 12 50 | \
oclHashcat64.bin -a 0 -m 6211 container.tc

ps) It could specify rule(s) in oclHashcat phrase ( -a 0 -r best64.rule -r behind.rule for example ) if you need
Thanks for this first idea :-)
... I slept over the problem, there should be much more possible optimisation. The first file looked like
Code:
.
+
-
#
!
{...}
pass1
pass2
pass3
{...}
passn
before I ran my own shell script (didn't know hashcat that time) on it.
The password should look like 
passx{one or two concats}passy{one or two concats}passz
I'm quite sure if there are two concats between passx and passy there should be only one betweeen passy and passz (or only one concat in both cases? argh!) so I used the two dictionarys up to depth 3.
passx passy and passz are different passphrases, no passx passx passy combination.
There are ~15 different possible concats (!"$%&/\?=+#'-_.:,Wink and ~40 possible passwords.
I think it should be possible to create a dictionary using the utilites, but it won't fit on any harddisk :-(
The Number of combinations would shrink dramatically, from
55^6 = 27680640625 to
40 * 15 * 40 * 15 * 40 + 40 * 15 * 15 * 40 * 15 *40 = 230400000, that's less than 1%
I read the wiki but have no idea how to realize this on runtime...
Edit: even less since it would be 40*39*38, no two same passwords...

Edit2: ok, think I got it - lot of manual work, passwords one file, seperators other file and massive use of combinator and combinator3 into new files which are then combinator3ed to hashcat...