Hybrid attack workload increase incase of small dic

[dipeperon]

Hello,

I've noticed in hybrid attacks the workload highly dependant on the amount of entries in the dictionary.
Take the following attack as example:

mask + wordlist

?l?l?l?l?l?l?l?l [8]

Code:

@hotmail.com
@yahoo.om
@gmail.com
97 other domains...

Performance will be horrible. 100 seperate masks attacks would also be not very efficient.

My suggestion is the following. Munge a part of the mask into the rules to increase workload. So above example would become:

?l?l?l?l?l [5]

Code:

aaa@hotmail.com
aaa@yahoo.om
aaa@gmail.com
aab@hotmail.com
aab@yahoo.om
aab@gmail.com
aac@hotmail.com
aac@yahoo.om
aac@gmail.com
etc.

[undeath]

Depending on what hash mode you are using (or how many salts) you can increase the performance using -S

[dipeperon]

Depending on what hash mode you are using (or how many salts) you can increase the performance using -S

When I tested on 5.1 -S was not supported for a hybrid attack.
And this is mostly an issue on fast algos so -S does not seem like a good solution to me

[atom]

The best solution for cracking emails is to either use rules or -a 1 based attacks.

[dipeperon]

True, but there's plenty of emails that are crackable with masks/hybrid attacks (assuming a fast algo)

.edu emails are a great example since they're often short and following a specific format

[atom]

What I meant is that if you use -a 1 you can do the same as what hybrid is doing while having the GPU running at full speed.