+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Deprecated; Previous versions (https://hashcat.net/forum/forum-29.html)
+--- Forum: Old oclHashcat Support (https://hashcat.net/forum/forum-38.html)
+--- Thread: Minimum password length (/thread-3911.html)
Minimum password length - rsberzerker - 12-21-2014
I know with hashcat I can specify a minimum password length, but I can't seem to find a similar option with oclhashcat. I'm working on a hybrid attack, and I've already brute forced everything with 7 characters or less, so trying those again is a waste of time. Is there any way to tell oclhashcat to skip passwords less than X characters?
RE: Minimum password length - ciphercodes - 12-21-2014
Did you add try adding mask ?
https://hashcat.net/wiki/doku.php?id=mask_attack
RE: Minimum password length - rsberzerker - 12-21-2014
Yes, a mask will work for a brute force attack to select only certain length passwords, but it doesn't work for a hybrid attack. For example, my [fake, example only] dictionary contains two words: password
the
I'm using a mask of ?d?d, but don't want to try anything below 8 characters. The first word works, even without the mask, but the second, even with the mask, is only 6 characters.
RE: Minimum password length - bsec - 12-21-2014
Hi,
There's a rule that can do that:
" Reject greater >N Reject plains of length less than N "
from: https://hashcat.net/wiki/doku.php?id=rule_based_attack
in your case the rule is: '>8'
I don't know if hybrid attack work with rules, but if it don't you can generate rules to append the character you want + using the reject greater then rule. You can read here:
https://hashcat.net/wiki/doku.php?id=hybrid_atttack_with_rules
Example:
./mp32.bin -o test.rule '$?d $?d $? $?d >8'
Then use that rule with hashcat.
RE: Minimum password length - usq - 12-30-2014
I do have a short question concerning the wpa(2) password length.
Since wpa requires a minimum of 8 characters, it's useless to try passwords with 1-7 chars, right?
Is there a way of only checking passwords of the dictionary which are at least 8 chars long?
Thanks!
RE: Minimum password length - bsec - 12-30-2014
(12-30-2014, 09:10 PM)usq Wrote: I do have a short question concerning the wpa(2) password length.Hashcat skip them automaticaly.
Since wpa requires a minimum of 8 characters, it's useless to try passwords with 1-7 chars, right?
Is there a way of only checking passwords of the dictionary which are at least 8 chars long?
Thanks!