hashcat Forum
Php pass Help ! - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Developer (https://hashcat.net/forum/forum-39.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-40.html)
+--- Thread: Php pass Help ! (/thread-11190.html)

Pages: 1 2


RE: Php pass Help ! - Snoopy - 12-14-2022

well it could be a coincidence but that all "i assume" passwords do have at least one number looks like a simple password convention "you have to use at least one number", the jamesbond pass looks like that (i was expecting 007 but okay Wink )

you could try running dictionarys with a selfmade ruleset for prepending or appending numbers, you can utilize the --stdout feature of hashcat to help you generating such rulesets very fast, see this wiki (there is maskprocessor used but you can easily adpopt this for hashcat with --stdout)

https://hashcat.net/wiki/doku.php?id=rules_with_maskprocessor


RE: Php pass Help ! - ivan7 - 12-14-2022

ok thanks a lot for your help i will try to do understand --stdout feature that i never use.


RE: Php pass Help ! - ivan7 - 12-14-2022

@Snoopy, 2 hours that i am on --stdout but i don't really understand how to create rule with it, if you could give me an example, it could be very cool. For a simple password for example "Pass1".

Thanks


RE: Php pass Help ! - Snoopy - 12-14-2022

first see https://hashcat.net/wiki/doku.php?id=rule_based_attack for rules
Append Character $X Append character X to end $1$2 p@ssW0rd p@ssW0rd12

so you need the $, now lets say we want to generate the rules for appending digits 0-9 that would be (windows)
Code:
hashcat -a3 --stdout "$?d"
this will generate all possibilities for append with just one digit, for checking the correctness of the command line, the output is not yet redirected to a file

redirect to a file like this
Code:
hashcat -a3 --stdout "$?d" >> yourfile
i used >> because this way you can append more rules without overwriting your old file
lets assume you want to add the rules for appending all possibilites 2 digits, its simple like that
Code:
hashcat -a3 --stdout "$?d $?d" >> yourfile

this way you can generate rules sets very fast


RE: Php pass Help ! - ivan7 - 12-14-2022

Another timer many thanks for your help, if i understand well, if i want "Pass12" lookalike rule for example assuming that the password will begin by an uppercase and 3 lowercase. It will look like this:

hashcat -a3 --stdout "$?u $?l $?l $?l $?d $?d" >> yourfile

But now is it possible to add max and min numbers characters with --increment ?


RE: Php pass Help ! - Snoopy - 12-15-2022

rules are made for modifying existing passwords, not for generating new ones, rules take passwords from a given list and modify these words, assume your list contains "Pass"  and your ruleset would contain these two rules
:
$1 $2

this would result in 2 passwordcandidates
Pass
Pass12

when you really wann to generate passes, you can stick to bruteforce and masks, but this approach would generate masses of "unlikely" passwordcandidates like
Pppp12