01-10-2015, 04:45 PM

Hi.

I can't seem to be getting the idea of using masked brute force attack.

Example: i have 8 lowercase letters or numbers in a password.

I could use the following parameters:

1) -1 ?l?d ?1?1?1?1?1?1?1?1

or

2) ?l?d?l?d?l?d?l?d

Is that so far correct?

If yes, then I don't get why the number of possible hashes is so different?

1) - 2821109907456

2) - 4569760000

Am I getting something wrong?

I can't seem to be getting the idea of using masked brute force attack.

Example: i have 8 lowercase letters or numbers in a password.

I could use the following parameters:

1) -1 ?l?d ?1?1?1?1?1?1?1?1

or

2) ?l?d?l?d?l?d?l?d

Is that so far correct?

If yes, then I don't get why the number of possible hashes is so different?

1) - 2821109907456

2) - 4569760000

Am I getting something wrong?