OSX 10.10 hash
#1
I've been following this guide to get the plist and ended up generating a hash using this hash generator  . I'm running hashcat 2.00 and also referenced this video 

I tried running this command
Code:
hashcat-cli64.exe -m 7100 -output-file=cracked.txt --remove hash.txt wordlists/


I end up getting

Code:
C:\Users\xxxxxxx\hashcat-2.00>hashcat-cli64.exe -m 7100 -output-file=cracked.txt --remove hash.txt wordlists/
Initializing hashcat v2.00 with 12 threads and 32mb segment-size...

Skipping line: ・ソ$ml$xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx(signature unmatched)


No hashes loaded

Any idea what might be causing the problem?
#2
Looks like you have some garbage characters before the start of the hash? hash.txt needs to be a plain ascii text file with no encoding, and only the hash itself should be in the file.
#3
(04-15-2016, 08:25 PM)epixoip Wrote: Looks like you have some garbage characters before the start of the hash?  hash.txt needs to be a plain ascii text file with no encoding, and only the hash itself should be in the file.

Thank you! That was the answer. Resaving the text file solved the problem.
#4
I'm currently looking into experimenting with mask attack.  I'm reading the wiki right now and have a few questions .

Would the command 
Code:
command: -a 3 -1 ?l?d ?1?1?1?1?1
be used for searching for a password that would contain only lowercase letter and numbers?

Another question I have is does hashcat run until it finds the password or until it's finished running through all possible options?
#5
The options you provided would search for loweralphanumeric passwords that are exactly five characters long. With these options, hashcat will run until it either finds the password, or has exhausted the entire loweralphanumeric len 5 keyspace.
#6
Thanks! So if I do something like this

Code:
hashcat-cli64.exe -m 7100 -a 3 --increment --increment-min 4 --increment-max 10 -output-file=cracked.txt --remove hash.txt -1 ?l?d ?1?1?1?1?1

it would search for loweralphanumeric passwords that are 4-10 character long?
#7
no, it would throw a syntax error because you're missing a dash in front of "output-file". After you fix that it will run 4-5 length because that's where your mask ends.
#8
(04-17-2016, 12:26 AM)undeath Wrote: no, it would throw a syntax error because you're missing a dash in front of "output-file". After you fix that it will run 4-5 length because that's where your mask ends.

Thanks for that. I misunderstood the "?l?d"before the mask as being part of it.  So this would do it?

Code:
hashcat-cli64.exe -m 7100 -a 3 --increment --increment-min 4 --increment-max 10 --output-file=cracked.txt --remove hash.txt -1 ?l?d ?1?1?1?1?1?1?1?1?1?1

The more I read the wiki the more questions I have. In this part for example.

Quote:Here is a single example. We want to crack the password: Julia1984
In traditional Brute-Force attack we require a charset that contains all upper-case letters, all lower-case letters and all digits (aka “mixalpha-numeric”). The Password length is 9, so we have to iterate through 62^9 (13.537.086.546.263.552) combinations. Lets say we crack with a rate of 100M/s, this requires more than 4 years to complete.
In Mask attack we know about humans and how they design passwords. The above password matches a simple but common pattern. A name and year appended to it. We can also configure the attack to try the upper-case letters only on the first position. It is very uncommon to see an upper-case letter only in the second or the third position. To make it short, with Mask attack we can reduce the keyspace to 52*26*26*26*26*10*10*10*10 (237.627.520.000) combinations. With the same cracking rate of 100M/s, this requires just 40 minutes to complete.

Is that 40 minutes with a specific type of command like 
Code:
-a 3 -1 ?l?u ?1?l?l?l?l?l19?d?d

or just something like 
Code:
-a 3 ?a?a?a?a?a?a?a?a