hashcat Forum
Mask Attack with a "blank" value? - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Misc (https://hashcat.net/forum/forum-15.html)
+--- Forum: General Talk (https://hashcat.net/forum/forum-33.html)
+--- Thread: Mask Attack with a "blank" value? (/thread-7181.html)

Pages: 1 2 3 4


RE: Mask Attack with a "blank" value? - solace - 01-15-2018

Good luck, if you do find it PLEASE let us know over at GitHub weather or not it was a bug... or we just make mistakes!

https://github.com/ethereum/mist/issues/3513


RE: Mask Attack with a "blank" value? - solace - 01-15-2018

Whats your kH/s?

I'm getting 160 on a GTX 980m


RE: Mask Attack with a "blank" value? - oldmate89 - 01-15-2018

I'm getting 447kH/s on GeForce(R) GTX 1070Ti 8GB


RE: Mask Attack with a "blank" value? - solace - 01-15-2018

Fantastic, thanks for the reply, I'm buying that card tonight which is apparently 4x times faster.


RE: Mask Attack with a "blank" value? - oldmate89 - 01-15-2018

(01-15-2018, 09:49 PM)solace Wrote: Good luck, if you do find it PLEASE let us know over at GitHub weather or not it was a bug... or we just make mistakes!

https://github.com/ethereum/mist/issues/3513

Absolutely - will do. Fingers crossed this works out. 

This whole scenario is just so bizarre as I had my password written down from the presale purchase.


RE: Mask Attack with a "blank" value? - philsmd - 01-15-2018

Hashcat makes a strict distinction between rules (see https://hashcat.net/wiki/doku.php?id=rule_based_attack) and masks (https://hashcat.net/wiki/doku.php?id=mask_attack).

solace is currently using a hashcat mask file (.hcmask file, see https://hashcat.net/wiki/doku.php?id=mask_attack#hashcat_mask_files or https://hashcat.net/wiki/doku.php?id=frequently_asked_questions#what_is_a_hashcat_mask_file) which by hashcat's definition doesn't really use rules.

On the other hand, if you want to mangle some base words with rules in attack mode -a 0 (dictionary attack, instead of mask attack), you could for instance use substitute/replace rules (sXY).
One limitation of this rule is that it only allows to replace one byte (0x00-0xff) with another byte (0x00-0xff)... if you instead need to replace the character ^ (0x5e) with ˆ (e.g. 0xcb 0x86, 2 bytes) than you can't use the substitute rule directly.
There are many possibilities to get around this limitation. A simple straightforward approach would be to just externally generate a word list that already has all those characters substitute... or pipe it into hashcat with an external tool.
It's also not easy for me to list here all characters that are affected by this replace "bug". I would say that the best approach also here would be to test a lot of characters directly with the affected software version (an old mist version?) and see which characters will be replaced and what the replacement character is.


RE: Mask Attack with a "blank" value? - solace - 01-16-2018

Thanks again Phil, you're a super hero to us plebs. There is some one who is currently trying to replicate the creation bug, so we can start to identify where this error occurs.

I will be jumping in to that case study next week, myself, if no results are found. I'll create some scripts to generate a bunch of wallets with various characters, record the password, output hash, and test to see if the wallet was a success or fail. Hopefully some light will be shed on the issue.


RE: Mask Attack with a "blank" value? - oldmate89 - 01-16-2018

Thanks Philsmd. Do you have any resources / links you would recommend relating to the variations of characters (e.g. ^ and ˆ) further and keyboard layouts?

I am currently using a English-UK keyboard, however was using a English-Australian keyboard on the generation of my wallet/hash.

Please do let me know if this is off-topic for the Hashcat forums, however your knowledge and experience is truly appreciated.


RE: Mask Attack with a "blank" value? - solace - 01-17-2018

No luck yet, Oldmate? I bought a 1080 and getting 450 Kh/s now. I'm only just getting to the 'good parts' of my Script.

I'll hopefully have the password this month, I might have to run some longer attacks. I just received this PM on Reddit:

"Hi,

Have you figured out your ETH password issue?

In my case, I had first typed out my password in TextEdit.app (to visualize it so I could better remember) and then copied and pasted it when creating my wallet.

If you did something similar, and smart quotes or smart dashes were enabled then it's possible your password is wrong because of this. In other words, your password may actually be something like this:

hello “world”
But you keep typing

hello "world"
This is what happened to me. The solution was to type out the password in TextEdit with smart quotes/dashes enabled and then copy+paste it where needed.

Though, I think it is possible to generate these special characters directly from the keyboard. See: http://smartquotesforsmartpeople.com

Let me know if that helps, I'm gathering some data from people to see if we can resolve this. There may be more but the main characters I know to watch out for are:

double quotes
single quotes
apostrophe
two dashes in a row (converts to emdash)
three periods in a row (converts to ellipsis)"


RE: Mask Attack with a "blank" value? - oldmate89 - 01-17-2018

Thanks Solace - that's helpful. Would be really helpful to understand what other variations exist for example exclamations and underscores there are.

No luck as yet for me Sad