Shrinking mask attacks
#1
Hello! I've got a password I'm trying to crack in a reasonable amount of time, however it's quite long. There are a few rules for the password I could use a hand with setting up right. Here's what I have so far:


Code:
hashcat -m 10 -a 3 -1 ?l?u?d?s --increment --increment-min=10 -o C:\Hashcat\One\cracked.txt C:\Hashcat\One\hash.txt ?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1
^ with a salt 30 digits long if it matters
However I would like to be able to limit it so that It must contain at least one number and
it cannot contain the same symbol (letter or number or special) more that twice in a row (no aaa or 222.)

Also, it seems like even with these restrictions it will likely be a very long comp. time, any suggestions?
#2
So your min-max password lengths are 10-20 so you need to be crunching 95^10 - 95^20 passwords. Do you have any idea what that means? You'd better have a LOT of hardware Smile

btw, ?a is already defined as ?a = ?l?u?d?s so your mask is just ?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a
It's still to damn long though...
#3
as rico said before, the length you are trying to solve makes my brain hurt, too. Smile

but to address your question about reducing the number of total combinations required:
have a look at the masks/ folder that comes together with cudaHashcat / oclHashcat, e.g. 8char-1l-1u-1d-1s-compliant.hcmask
that's the kind of optimization you have asked for, it's done by defining multiple masks for every possible case and not only one mask for all. -> using ?a?a?a?a... all the way will result in considerably more combinations.

good luck, you will probably need it ;-)
#4
(02-02-2016, 03:24 PM)rico Wrote: btw, ?a is already defined as ?a = ?l?u?d?s so your mask is just ?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a
It's still to damn long though...

And this is actually an invalid mask. oclHashcat calulcates keyspace as a 64-bit integer, so ?a?a?a?a?a?a?a?a?a is the largest ?a mask possible. Anything longer than length 9 will cause an integer overflow.