+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: HELP ME! specific password list generation?? (/thread-12060.html)
HELP ME! specific password list generation?? - somegross - 07-10-2024
So I usually use crunch to generate my password lists, cuz its easy and straight forward and it usually gets the task i need done, done..
However, after saving up enough hard drives with enough TB to generate the list i want (lol yeah its alot), i realize Im gonna need some masks probably to get it done. I am familliar with hashcat but not as much as I'd like to be, thus, im asking the community for help on this subject.... ???
I live in Canada, BC, and in my area we have an ISP provider called Shaw, and i've been taking down notes of the general default passwords for the WPA2, and found out that they consist mostly of 12 characters, the first 4 being
2511 .
So that leaves me with 8 characters to fill in. Of which these 8 characters, they may consist of letters A - F and 0 - 9...
This is easy, ive already made lists like this, but it will take up 10 TB of hard drive space to make a full list. that is excessive. so to narrow it down, I want to add to my list, the ability to make it;
- no more than 2 of the same character repeats in a row, so never 3 of the same characters repeatedly.
- no more than 4 letters
since i am not familiar with masks, i am wondering if somebody could tell me how to acheive what i am trrying to do, either with crunch, or totally with hashcat. any help would be awesome, thanks !
RE: HELP ME! specific password list generation?? - somegross - 07-10-2024
SORRY I MIGHT ADD, ITS ALL CAPITOL LETTERS
RE: HELP ME! specific password list generation?? - Snoopy - 07-10-2024
first, there is no logic built in for filtering out masks or password candidates the way you want, it was discussed multiple times and the result was, these logic would slow down the whole password generating done by hashcat to an extend, that it would be much slower than just calculating the hashes for these candidates
second, you can use a self generated maskfile for your attack, see https://hashcat.net/wiki/doku.php?id=mask_attack this way you can at least utilize your max 4 letters
i will give you something to start with, beginn with numbers only and then add the first letter for all possible positions
?1 is digits
?2 is ABCDEFG
maskfile.txt
?d,ABCDEFG,2511?1?1?1?1?1?1?1?1
?d,ABCDEFG,2511?2?1?1?1?1?1?1?1
?d,ABCDEFG,2511?1?2?1?1?1?1?1?1
till
?d,ABCDEFG,2511?1?1?1?1?1?1?1?2
(8 possibilites)
then the same for 2, 3 and 4 letters
i didnt do the math completely , but for 2 letters, the possible masks should be
7+6+5+4+3+2+1 = 28 , so you will have to do some real manual work here
every line is a possible mask, given your infos
you dont need generate and store the wordlist before, just let hashcat generate the candidates on the fly
RE: HELP ME! specific password list generation?? - slyexe - 07-12-2024
Payknight over at Hashkillers has a nice list of Hitron Shaw router passwords and mask.
You can check this for information. I use to crack these all the time but that was back on hashcat 3.0 which I have long left behind including my batch files and potfile. Probably had 100's of these which I could crack on an HD5770 in about 10 minutes.
SHAW-XXXXXX (Hitron Technologies. Inc / Shenzhen Bopengfa Elec&Technology CO.,Ltd)
2511xy0yzzzz (12 Char)
x = 4, 5, or 6
y = ABCDEF0123456789
z = 0123456789
SHAW-6XXXXX (PEGATRON CORPORATION / Roku, Inc.)
277zzzzzz (9 Char)
z = 0123456789
SHAW Login Page
Username: cusadmin
Password: Router Password
RE: HELP ME! specific password list generation?? - slyexe - 07-12-2024
So to use this in a mask attack is simple:
Code:
hashcat -a 3 -m 22000 -1 456 -2 ABCDEF0123456789 hashlist.file 2511?1?20?2?d?d?d?dCode:
hashcat -a 3 -m 22000 hashlist.file 277?d?d?d?d?d?dRE: HELP ME! specific password list generation?? - ZerBea - 07-12-2024
Code:
$ cat hashcat.mask
27?d?d?d?d?d?d?d
45678,2511?1?H0?H?d?d?d?d
$ hashcat -m 22000 hashlist.file -a 3 hashcat.mask