Can i modify hashcat to make it generate random instead of all possible combination?
#1
I know this is not how brute force work, but can i make the it generate random password with declared length & possible characters:
1. Choose password length
2. Choose possible charsets
3. Input list of hashs you want to break
Run the tools & it simply generate random possible candidate instead of go from aaa->zzz
I have run some small tests in this case with my own application in C# to break lists of hundreds hash created from 7-10 characters random passwords. Assume 10 characters password with upper, lower, numeric chars have 604,661,760,000,000,000 possible combinations, when i generate 777,600,000 possible candidates (sqrt(N)), i always find at least 1 or even more hash of them. This is way more fast & time-saving if i knew the passwords was random. C# run super slow compare to C & i just learn C recently so i want to give it a try. Do i have to edit the code in source or write a attack rule for this? Thank you
#2
https://hashcat.net/wiki/doku.php?id=mask_attack
#3
(12-21-2018, 10:57 PM)NoReply Wrote: https://hashcat.net/wiki/doku.php?id=mask_attack
That works the same way like brute force. If i have 3 types of charsets in 10 differnent location, i have to try 3^10 = 59049 cases. It's random so we don't know which charsets in which location
#4
(12-22-2018, 06:14 AM)dtoan140298 Wrote: it simply generate random possible candidate instead of go from aaa->zzz

AFAIK, hashcat does not output brute-force / mask guesses in a strict incrementing order from aaa -> zzz. Nevertheless it is not entirely random, as it would be not efficient for the computations, I assume.

(12-22-2018, 06:14 AM)dtoan140298 Wrote: If i have 3 types of charsets in 10 differnent location, i have to try 3^10 = 59049 cases. It's random so we don't know which charsets in which location

You can define your own charsets, either within the command: https://hashcat.net/wiki/doku.php?id=mas...m_charsets

or in a .hcchr file: https://hashcat.net/wiki/doku.php?id=mas...rset_files

From how I understand your description, it does not matter, whether you try them in single attempts or simply merge all 3 charsets into one.
#5
as written by NoReply, hashcat is using markov chains to generate candidates in a mask attack, hence the candidates are not sorted by lexicographical order by default.
#6
(12-22-2018, 11:42 AM)NoReply Wrote: From how I understand your description, it does not matter, whether you try them in single attempts or simply merge all 3 charsets into one.

OK, so i tried the case that put 3 kinds of characters into one charsets. Look like it can generate random by it check a cadidate multiple time on small position like this: xxxx123456 ->yyyy123456 which instead of entire candidate as i said & none of my pseudo password was found, my GPU can hash 10 times sqrt(N) candidates per second on SHA-256. If you have any knowledge about hashcat proggraming, could you tell me which function in the source that handle the generate? i want ot see how it work
#7
well, since you asked: https://github.com/hashcat/hashcat/blob/...rkov_le.cl
#8
(12-22-2018, 03:36 PM)undeath Wrote: well, since you asked: https://github.com/hashcat/hashcat/blob/...rkov_le.cl

Thanks