+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Deprecated; Ancient Versions (https://hashcat.net/forum/forum-46.html)
+--- Forum: Feature Requests (https://hashcat.net/forum/forum-7.html)
+--- Thread: Per position charset support (/thread-48.html)
Per position charset support - thorsheim - 05-30-2010
I'm brand new to oclhashcat, but it looks really powerful compared to the existing gpu crackers out there, especially with the dictionary/hybrid attacks thrown in.
In general i see better (higher) entropy in position 2, 3 and 4 of passwords than in position 1. If the usual complexity requirements exists (Windows; 3 of 4 character groups), maybe 50% will have first character uppercase letter, than 5-7 lowercase, and then either 2 or 4 digits at the end (date/age/year in XX or XXXX format...)
Could per position charset support be implemented in some way, in order to do smarter "bruteforcing", leaving out lots of the not-so-common combinations?
Best regards,
Per Thorsheim
securitynirvana.blogspot.com
RE: Per position charset support - atom - 05-30-2010
i am not sure if i understood you 100% correctly. but if i do, then you are lucky. it is already implemented in.
using the mask you described, you need to run oclhashcat 6 times
oclHashcat.exe example.hash -1 ?l?u ?1?l?l?l ?l?l?d?d
oclHashcat.exe example.hash -1 ?l?u ?1?l?l?l ?l?l?l?d?d
oclHashcat.exe example.hash -1 ?l?u ?1?l?l?l ?l?l?l?l?d?d
oclHashcat.exe example.hash -1 ?l?u ?1?l?l?l ?l?l?d?d?d?d
oclHashcat.exe example.hash -1 ?l?u ?1?l?l?l ?l?l?l?d?d?d?d
oclHashcat.exe example.hash -1 ?l?u ?1?l?l?l ?l?l?l?l?d?d?d?d
RE: Per position charset support - thorsheim - 06-07-2010
Let me explain a bit more. I do password analysis, primarily of Windows LM/NTLM hashes. dictionary/hybrid/RT/bruteforce, you name it.
I've got some personal tools to do the analysis, one gives me this output (for NTLM passwords):
Rank Pos 1 Count 1 Pos 2 Count 2 Pos 3 Count 3
1 B 2706 r 3214 u 2668
2 A 977 a 2193 r 1554
3 T 712 e 1646 n 1463
4 M 709 o 1440 l 1161
5 S 659 i 1103 s 867
6 O 517 u 743 e 851
7 E 495 n 519 a 775
8 a 453 l 487 i 672
9 s 449 p 392 t 592
10 t 403 t 375 m 535
Read the columns; First character position, uppercase B is the most popular character, uppercase A the second most character etc. Second character position: lowercase r is the most common, than lowercase a, e, o, i etc.
In environments where complexity requirements are present, there's a 40-50% chance the most popular password format is UL....LLDD (4-6 lowercases in the middle there).
Som my feature request would be a config file, (UTF-8?), where i can either vertically or horizontally list the characters i want to test in every position:
Horizontal config:
BATMSOE
raeoiun
urnlsea
would test Bru...Ena
Best regards,
thorsheim
RE: Per position charset support - mastercracker - 06-08-2010
(06-07-2010, 11:29 PM)thorsheim Wrote: Let me explain a bit more. I do password analysis, primarily of Windows LM/NTLM hashes. dictionary/hybrid/RT/bruteforce, you name it.Part of the answer is that you have up to 4 masks you can use so the attack would look like this:
I've got some personal tools to do the analysis, one gives me this output (for NTLM passwords):
Rank Pos 1 Count 1 Pos 2 Count 2 Pos 3 Count 3
1 B 2706 r 3214 u 2668
2 A 977 a 2193 r 1554
3 T 712 e 1646 n 1463
4 M 709 o 1440 l 1161
5 S 659 i 1103 s 867
6 O 517 u 743 e 851
7 E 495 n 519 a 775
8 a 453 l 487 i 672
9 s 449 p 392 t 592
10 t 403 t 375 m 535
Read the columns; First character position, uppercase B is the most popular character, uppercase A the second most character etc. Second character position: lowercase r is the most common, than lowercase a, e, o, i etc.
In environments where complexity requirements are present, there's a 40-50% chance the most popular password format is UL....LLDD (4-6 lowercases in the middle there).
Som my feature request would be a config file, (UTF-8?), where i can either vertically or horizontally list the characters i want to test in every position:
Horizontal config:
BATMSOE
raeoiun
urnlsea
would test Bru...Ena
Best regards,
thorsheim
Code:
oclHashcat.exe example.hash -1 BATMSOE -2 raeoiun -3 urnlsea ?1?2?3?l ?l?d?dRE: Per position charset support - atom - 09-07-2012
Done with oclHashcat-plus v0.09: https://hashcat.net/forum/thread-1541.html
Thread closed