mask ans keyspace ok for NTLM - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Support (https://hashcat.net/forum/forum-3.html) +--- Forum: hashcat (https://hashcat.net/forum/forum-45.html) +--- Thread: mask ans keyspace ok for NTLM (/thread-11846.html) |
mask ans keyspace ok for NTLM - joe123 - 03-06-2024 Hello lets say the/my user-password of my Windows7 system (14years old is simitlar to the following: Abcd1234567890 1. Is the following calculation ok? [A-Z] 26 [a-z] 26 [0-9] 10 Charset = 62 pw lenght = 14 keyspace = 62^14 2. Is this mask ok (for pw Abcd1234567890)? ?u ?l ?l ?l ?l ?d ?d ?d ?d ?d ?d ?d ?d ?d ?d Thanks a lot in advance! RE: mask ans keyspace ok for NTLM - penguinkeeper - 03-06-2024 1) Not quite, close though. The correct calculation would be (26^1) * (26^4) * (10^10). I know it can be simplified but it's easier to show it this way. Your keyspace would be for all characters, in all positions but my above calculation is for specifically your mask, where the first character can ONLY be uppercase, not lowercase or a digit etc 2) Correct! RE: mask ans keyspace ok for NTLM - monyanus - 03-07-2024 Can I make a suggestion? You probably do not know how long the word/letter part exactly is and probably the numbers are only at the end, right? So perhaps you can first generate the letter part using increments (-i). Note that with this example the mask will generate all letter combinations of length 1-8 with the first letter always being upper case. ./haschat.exe -a3 --stdout ?u?l?l?l?l?l?l?l -i> letters_part.txt Then run a hybrid attack where you add the numbers again incrementing if you are not sure how many numbers. ./haschat.exe -a6 letters_part.txt ?d?d?d?d -i .... In the above command you should still add your hash mode and other parameters. Note that if your letters are in fact a word or name and not random, that you can greatly reduce the key-space by using a dictionary and not just a random letters. See for example these dictionaries of words: https://github.com/clem9669/wordlists In case those digits are in fact a date, e.g. if it would start with a year, you can make a mask that looks like 19?d?d?d?d?d?d and 20?d?d?d?d?d?d again making your keyspace smaller. Hope this helpss |