The time for my WPA2 Password cracking increased a lot after secifying chrset
#1
Hi,

So I´m trying to use hashcat to see if it can crack a WPA password. I don´t know the leghnt of the Password, but I can assume it´s only lowercases, upercases and numbers. But before I specified I decided to run hashcat without specifiyng types of characters to see it was all working. 

This was the command:

Code:
hashcat.exe -m 2500 -a 3 wpa2.hccapx

It was saying on the status that would take like, 240days to do it, so I tried filtering it with this command

Code:
hashcat.exe -m 2500 -a 3 wpa2.hccapx -1 ?l?u?d ?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1 -i --increment-min=8

But now it´s saying that it can take 25YEARS!

Does anyone know what´s going on?

EDIT: Does anyone know if I can also include Keywords that the Password may have?
Reply
#2
you can use wordlist+rules, combinator or hybrid attackmode for this


https://hashcat.net/wiki/doku.php?id=hybrid_attack
https://hashcat.net/wiki/doku.php?id=combinator_attack
Reply
#3
Ok. I´ve seen those and they could be useful, but I don´t know where it could be the position of those. Is there any method that I could say to hashcat to try the keywords in different positions in the password and fill the rest 8 to 18 characters with random alphanumeric and uppercase-alphanumeric characters? Because, those methods would actually need me to know where would the word be situated on the password as far as I can understand. Also, could I add like 2 words, but hashcat would try combinations with only one, then with the 2 then with the other and so on?

Thank You for your support.
Reply
#4
for this kind of attack you have to put a little afford beforehand, there is no builtin or easy way to achieve this

first prepare a wordlist with the words you remember
second generate a second wordlist from that with 1-x Chars (with suitable charset) PREPENDED to that words third generate a third wordlist (with the first one) witt 1-x Chars APPENDED to thats words
merge list 2 and 3 feed this list and some rules to hascat,

you can use hahscat utils for the steps obove
Reply
#5
(04-24-2021, 01:53 PM)Snoopy Wrote: for this kind of attack you have to put a little afford beforehand, there is no builtin or easy way to achieve this

first prepare a wordlist with the words you remember
second generate a second wordlist from that with 1-x Chars (with suitable charset) PREPENDED to that words third generate a third wordlist (with the first one) witt 1-x Chars APPENDED to thats words
merge list 2 and 3 feed this list and some rules to hascat,

you can use hahscat utils for the steps obove

Uhm. Can you please describe this process better? And what hashcat util tool should I use?
Reply
#6
put these into a file called list.list

test
word
admin
root
superdupapass

and run 
hashcat --stdout -a 6 list.list ?d

as you can see hahscat prints all of the above candidates with one digit [0-9] APPENDED
run hashcat --stdout -a 7 ?d list.list for PREPENDED

you can use redirection >> to output this into another file

so running these 2
hashcat --stdout -a 6 list.list ?d >> list2.list
hashcat --stdout -a 7 ?d list.list >> list2.list

will give you a list2.list with all pws from list.list appended and prepended with a single number from [0-9]

so all you have to do is prepare your list.list and upgrade/update this simple mask ?d with a more suitable for your case
 
be aware, depending an your list and mask (if you use something like increment and or a long mask) u will need plenty of storage for your generated list)

OR you can feed hahscat directly with these generated pw candidates but then you have to do multiple runs due to the fact that your attackvektor is quite special and generating all rules to achieve appending and prepending in one run will also take some time

to achieve more complex things like you mentioned with 2 words you can use hahscat utils combinator

.\combinator.exe .\list.list .\list.list

will output all words from list.list combined with eachother so
testtest
testword
... and so on
Reply