hashcat Forum

Full Version: Markov attack
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Hello everyone,

some time ago I remember I read something about Markov chains in hashcat, stating that Hashcat always uses them when launching a bruteforce attack. 
I wanted to take a look at it but I can't find the original article in the wiki: I can see there are several links to "to be defined" articles, but nothing more.
Is this true? With all the refactoring, is this option still available (or does it make sense at all)? Where can I find some details and suggestions on how use it?
The hashcat help file worked for me. hashcat.64 --help >help.txt
Then you can read it at your leisure.
I am aware of the help screen.
My question is: is this kind of attack useful? Or used to be and then with the refactoring became less efficient/useful?
It's not a special "kind of attack", instead it is "just" one of many optimisations.

It is on by default in hashcat (to disable it you need to use --markov-disable).

You can see the differences by using these 2 commands:
(markov enabled):
Code:
./hashcat -a 3 --stdout ?d
1
2
3
0
4
7
8
6
5
9
(markov disabled, you need to specify/force that):
Code:
./hashcat -a 3 --stdout --markov-disable ?d
0
1
2
3
4
5
6
7
8
9

To make this very clear: markov doesn't change the overall number of hashes you will crack (it will be always the same amount). Instead, what changes is that with markov the likelihood/probability that you crack a password faster (because of the markov model = probability of each character depending on its position) will increase. General speaking, it's as simple as this (there is no real magic behind it).
Thank you, I was remembering those info but I couldn't find any "official" source.
Thank you very much for pointing it out.