Posts: 4
Threads: 2
Joined: Jan 2022
01-19-2022, 01:02 PM
I have a mask file consisting of about 46k different masks to make it only try 8 character passwords that include at least 1 digit, 1 lowercase char and 1 uppercase char. The thing is that the masks are in a seemingly random order and I would like to sort it so it tries the most probable masks first because it's unlikely that someone has a password where format will be ?s?s?s?s?s?l?u?d. I could make a python script do this but I am unsure of the different probabilities of a password starting with a uppercase char and the next one being lowercase etc.
Is there any tool out there that will sort a mask file for you based on probability or if not any source that tells me the probabilities of these different cases so i can make a tool to sort my mask file.
Thanks.
Posts: 896
Threads: 15
Joined: Sep 2017
probability depends on the language you are attacking, you could use a password analyzing tool like PACK and feed a known password plainlist like rockyou or something similar, i did this once and IF there was an uppercaseletter it was most likely on the first position and/or something like this passwordstyle
TheKing
TheKing123
TheKing123!
as i mentioned in your other thread you could also try another approach like just using one mask with 8 time lower chars and then use a customized ruleset to upper chars or/and for inserting digits, BUT you you have to generate this ruleset on your own, i think there is no out of the box ruleset that will fit your needs, see examples shipped with hashcat
example PACK output for a small password list i found somewhere on the internet, as you can see if there is an upper char, it is on first position (last 5 lines)
Code:
[*]Advanced Masks:
[+] ?l?l?l?l?l?l: 06% (6486)
[+] ?l?l?l?l?l?l?l?l: 05% (5592)
[+] ?l?l?l?l?l?l?l: 04% (4769)
[+] ?l?l?l?l?l?l?d?d: 03% (3886)
[+] ?l?l?l?l?l?l?l?l?l: 03% (3407)
[+] ?d?d?d?d?d?d: 03% (3194)
[+] ?d?d?d?d?d?d?d?d: 02% (2734)
[+] ?l?l?l?l?d?d?d?d: 02% (2397)
[+] ?l?l?l?l?l: 02% (2397)
[+] ?l?l?l?l?l?d?d: 02% (1970)
[+] ?l?l?l?l?l?d?d?d?d: 02% (1876)
[+] ?l?l?l?l?l?l?l?l?l?l: 02% (1748)
[+] ?l?l?l?l?l?d?d?d: 02% (1724)
[+] ?l?l?l?l?l?l?l?d?d: 01% (1660)
[+] ?l?l?l?l?d?d: 01% (1455)
[+] ?l?l?l?l?l?l?d?d?d: 01% (1333)
[+] ?l?l?l?l?l?l?d?d?d?d: 01% (1294)
[+] ?u?l?l?l?l?l: 01% (1229)
[+] ?u?l?l?l?l?l?d?d: 01% (1149)
[+] ?l?l?l?l?l?l?l?d: 01% (1082)
[+] ?u?l?l?l?l?l?l?l: 01% (1068)
[+] ?u?l?l?l?l?l?l: 01% (995)
Posts: 4
Threads: 2
Joined: Jan 2022
01-19-2022, 02:35 PM
(This post was last modified: 01-19-2022, 02:38 PM by firefullplank.)
yes i have seen PACK but providing a wordlist is not really an option as you observed in my previous thread as the file size would bee too big so I'm looking for a way to do this without using a wordlist. One option i thought off is to gen a password for each entry in the mask file and pass that to PACK but it also takes into consideration the frequency of the specific type of password so I am not sure how effective that would be.
Also I heard that hashcat automatically tries the most probable combinations first for a mask, is this true?
Posts: 896
Threads: 15
Joined: Sep 2017
(01-19-2022, 02:35 PM)firefullplank Wrote: One option i thought off is to gen a password for each entry in the mask file and pass that to PACK but it also takes into consideration the frequency of the specific type of password so I am not sure how effective that would be.
well this would result in the same mask, so no, this is not effective at all
to generate a statistic you will need a starting point and therefore at least one wordlist with "real world passwords"
this is the shortened output by pack for a "real word pw list" i found while examining a spam-server used by a german "hacker", i also tried this list (plus best64.rule) against a leaked database dump for a german forum and i was able to instant crack round about 25% of the used passwords
Code:
[*]Length:
[+] 8: 30% (148307)
[+] 6: 29% (142581)
[+] 7: 19% (91284)
[*]Advanced Masks:
[+] ?l?l?l?l?l?l: 12% (58189)
[+] ?l?l?l?l?l?l?l?l: 11% (53264)
[+] ?d?d?d?d?d?d: 09% (42067)
[+] ?l?l?l?l?l?l?l: 08% (40902)
[+] ?d?d?d?d?d?d?d?d: 06% (31394)
snip till first mask with upper occurs
[+] ?u?l?l?l?l?l: 01% (2949)
[+] ?l?l?l?l?l?l?l?l?l?l?l: 01% (2836)
[+] ?l?l?l?l?l?l?l?d?d: 01% (2699)
[+] ?l?l?l?d?d?d?d: 01% (2648)
[+] ?u?u?u?u?u?u: 01% (2602)
[+] ?l?l?l?l?l?d?d?d?d: 01% (2515)
as you can see, most passwords are really really simple, but as i mentioned, to get these statistic, you will need a passwordlist to start with