"brute force" and custom charset questions - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Deprecated; Ancient Versions (https://hashcat.net/forum/forum-46.html) +--- Forum: Very old oclHashcat-plus Support (https://hashcat.net/forum/forum-23.html) +--- Thread: "brute force" and custom charset questions (/thread-1795.html) |
"brute force" and custom charset questions - jnet - 11-29-2012 When performing a brute force (or mask) attack with oclHashcat-plus, can I use a rule to append characters to my mask? I'm assuming I can because it executes successfully but figured it couldn't hurt to ask. Also, how can I create a custom charset using !?@#$%& without getting an error? I know I could just use ?s, but I don't want all possible special characters to be used in my mask. Example: Code: ./oclHashcat-plus64.bin -a 3 --remove -r rules/custom/pix_salt.rule -n 40 --gpu-loops=1000 -o solved/pix.solv -m 2400 hashes/pix.hash -1 ?l?d -2 ?d!?@#$%& ?u?l?l?l?l?l?1?2 The error I get from that is -bash: !?@#$%& ?: event not found. Thanks! RE: "brute force" and custom charset questions - undeath - 11-29-2012 these are special characters interpreted by bash. You need to either (single) quote them or escape them. RE: "brute force" and custom charset questions - jnet - 11-29-2012 (11-29-2012, 07:44 PM)undeath Wrote: these are special characters interpreted by bash. You need to either (single) quote them or escape them. I tried the following: Code: ./oclHashcat-plus64.bin -a 3 --remove -r rules/custom/pix_salt.rule -n 40 --gpu-loops=1000 -o solved/pix.solv -m 2400 hashes/pix.hash -1 ?l?d -2 ?d'!?@#$%&' ?u?l?l?l?l?l?1?2 and got this: Syntax error: ?d!?@#$%& I also tried putting single quotes around only ! and ? and still received the syntax error. What is the escape character? edit- Using \ as an escape also results in syntax error. RE: "brute force" and custom charset questions - undeath - 11-29-2012 ? is the special character for hashcat masks. you need to do ?? to have the character ? in the mask RE: "brute force" and custom charset questions - jnet - 11-29-2012 (11-29-2012, 08:58 PM)undeath Wrote: ? is the special character for hashcat masks. you need to do ?? to have the character ? in the mask I figured it was the question mark causing problems. Thanks for helping! It works using this syntax: Code: ./oclHashcat-plus64.bin -a 3 --remove -r rules/custom/pix_salt.rule -n 40 --gpu-loops=1000 -o solved/pix.solv -m 2400 hashes/pix.hash -1 ?l?d -2 ?d??'!@#$%&' ?u?l?l?l?l?l?1?2 RE: "brute force" and custom charset questions - jnet - 12-04-2012 Well, from what I've seen, rules will not work with masks-- only dictionaries. example rule file (list_salt.rule) Code: $t$e$s$t The following will not successfully crack a known hash: Code: ./oclHashcat-plus64.bin --remove -a 3 -r rules/custom/list_salt.rule -m 2400 hashes/list.hash ?l?l?l?l?l?l?l?l The following successfully cracks a known hash: Code: ./oclHashcat-plus64.bin --remove -a 3 -m 2400 hashes/list.hash ?l?l?l?l?l?l?l?ltest 'test' is used in the mask because it is the username associated with the hash. When trying to crack numerous hashes, there will be just as many usernames used as salt. This limits an attack to one at a time. If restricted to a single hash, lite is a better option. Will later versions of hashcat-plus support rules for a mask attack or a salt list? Maybe this is already supported, and I'm just missing it? -cheers- edit- I've tried doing a hybrid mask/dict attack (a 7), but my dictionary does not load successfully. edit2- derp. Nevermind.... success! Code: ./oclHashcat-plus64.bin --remove -a 7 -m 2400 hashes/list.hash ?l?l?l?l?l?l?l?l dict/salt/list_app.salt |