32 hours in and still nothing, Have I done something wrong here? - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Support (https://hashcat.net/forum/forum-3.html) +--- Forum: hashcat-utils, maskprocessor, statsprocessor, md5stress, wikistrip (https://hashcat.net/forum/forum-28.html) +--- Thread: 32 hours in and still nothing, Have I done something wrong here? (/thread-11525.html) |
32 hours in and still nothing, Have I done something wrong here? - CornyHorn - 07-27-2023 Hi everyone! As you all probably already guessed, Iḿ as new to hashcat as anyone can be and Iḿ trying on my first "real" session. I don´t know if Iḿ to stressed or not, but I have had Hashcat running for about 32 hours now in total (in 3 diffrent sessions) and nothing has happend yet. It makes me start thinking hard about if I have done something wrong on my part when I wrote the command. Or if there possible is a better way to writ the command. I have to admit that I have a hard time getting my head around the mask and maskprocess so I just copied it straight from the software.Here is what I wrote: Quote:hashcat -a 3 -m 22000 -D 2 -w 3 -S -O --session=DlinkE7A8.restore --restore-file-path=/home/user/sessions-hashcat/DlinkE7A8.restore -o DlinkE7A8_user_pw.txt DlinkE7A8.22000 ?a?a?a?a?a?a?a?a?a https://imgur.com/a/lJ0Kb94 (I don´t have a clue how to write so that you can se the picture straight away, I hope it works this way aswell So what do you think is it worth continue with this crack or should I maybe instead start over with a better command? (Iḿ sorry for my bad english, itś not my first language) RE: 32 hours in and still nothing, Have I done something wrong here? - buka - 07-27-2023 No worries. It can take years. 9 characters is way too much to bruteforce for -m 22000. RE: 32 hours in and still nothing, Have I done something wrong here? - CornyHorn - 07-27-2023 (07-27-2023, 06:23 PM)buka Wrote: No worries. It can take years. 9 characters is way too much to bruteforce for -m 22000. Thanks for the answer! How many characters would you go with? RE: 32 hours in and still nothing, Have I done something wrong here? - buka - 07-27-2023 8 is the minimum for WPA-PBKDF2 I think? So if the password is truly random, you won't be able to crack it. If it's not, you can try dictionary attacks (with or without rules). RE: 32 hours in and still nothing, Have I done something wrong here? - Snoopy - 07-28-2023 (07-27-2023, 07:57 PM)CornyHorn Wrote:(07-27-2023, 06:23 PM)buka Wrote: No worries. It can take years. 9 characters is way too much to bruteforce for -m 22000. as already mentioned, 8 is minimum, but also bruteforcing > 8 chars (with this slow algorithm) is just waste of time, see your ETA Line ~27.000 YEARS! even when assuming stochastics kick in and halving this time, this will still be 13.500 years the more you know about your "target" the better, first the capture from this wlan router, was the bssid changed or was the preshipped style used? knowing this you could assume wheter the user also changed the preshipped key or not, if not, do some research on this specific router, how does the preshipped key looks like? does it uses specail chars or only plain lower, upper, digits? next, ist there any security flaw already known? back then, some manufactors used the mac-adress of specific routers and a simple conversion for generating the default key, some certs or security researchers found out, made a proof of concept keygen and viola, any of these router with unchanged keys went fubar |