hashcat Forum

Full Version: how to write a Reject not contain rule
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
I've been searching forums for maybe a week now for this specific question and found nothing but "referring wiki page" replies.  

I've a password, a damn long one, and that password contains - lets say - 123456 numbers that i know for sure. so i want to make a reject policy that each candidate doesnt contain that 123456 should be rejected (or ignored to accelerate the process to be precise - maybe im wandering in the wrong place i dont know). how to write this? wiki says 

Reject not contain  | /X  |  Reject plains which do not contain char X  |  /e

 and since there is no example of it at the page, i just wrote

-j /123456

is this correct? cuz it seems exactly the same in the command prompt if i didnt write that down at all


(this was a reply on another post but i thought starting a new thread would be needed just in case. thanks in advance)
1. The answer depends on the "speed" of the hash - fast (like MD5) vs slow (like bcrypt).

1a. If it's a fast hash, it's usually not worth the time to perform the rejection. Start up the attacks with and without the rejection, and check the estimated completion time.

1b. If it's a slow hash, filter the candidates out using an external script before piping them to hashcat, or see 2b.


2. The answer also depends on how you're generating candidate passwords:

2a. If you're using masks, you can create a list of masks that excludes the sequences you want to avoid - see https://hashcat.net/wiki/doku.php?id=mas...m_charsets

2b. If you're using wordlists or wordlists+rules, use -j/-k with a single rule to eliminate candidates - see https://hashcat.net/wiki/doku.php?id=rul...ect_plains), or see 1b.

But 2b is only feasible if your attack can handle only using a single rule.