Combinator attack with a maximum length?

Combinator attack with a maximum length? - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: Combinator attack with a maximum length? (/thread-6109.html)

Combinator attack with a maximum length? - delorian85 - 12-10-2016

Hello,

I have setup 2 dictionaries for my combinator attack:

-a 1 -m 2500 handshake.hccap dictionary1.dic dictionary2.dic
basically the dictionaries are the same but I want a cross-joined password list. It is working fine.

Now to reduce the number of combinations to process I only want to test the combinations that are 8-14 characters.

I know I can add left-right rules to the combinator attack like this
"If you wish to add rules to either the left or right dictionary or both at once then you can use the -j or -k commands."
https://hashcat.net/wiki/doku.php?id=combinator_attack

But even if I would succeed adding a '<14' rule, that will only add a rule to each dictionary.
I need a filter on the combined length.
Is this possible in any way with hashcat?

RE: Combinator attack with a maximum length? - Xanadrel - 12-10-2016

https://hashcat.net/wiki/doku.php?id=hashcat_utils#len

RE: Combinator attack with a maximum length? - delorian85 - 12-10-2016

(12-10-2016, 03:27 AM)Xanadrel Wrote: https://hashcat.net/wiki/doku.php?id=hashcat_utils#len

Thanks a lot

I am running

hashcat-3.20\combinator.exe dictionary1.dic dictionary2.dic | len.exe 8 14 | hashcat64.exe -a 0 -m 2500 --status handshake.hccap

(I needed --status because else it wouldn't show status updates)

It doesn't show progress, it shows the amount of hashes calculated but there is no %progress or time remaining.

RE: Combinator attack with a maximum length? - Kgx Pnqvhm - 12-10-2016

A quick glance into my notes has the "Phraser" tool found at https://github.com/Sparell/Phraser and described at PasswordsCon 2015 Cambridge with a video titled Linguistic Cracking of Passphrases using Markov Chains-Peder Sparell.

RE: Combinator attack with a maximum length? - delorian85 - 12-17-2016

(12-10-2016, 04:00 PM)Kgx Pnqvhm Wrote: A quick glance into my notes has the "Phraser" tool found at https://github.com/Sparell/Phraser and described at PasswordsCon 2015 Cambridge with a video titled Linguistic Cracking of Passphrases using Markov Chains-Peder Sparell.

Thank you that looks like a very usefull tool.
Cross joining the dictionaries (1 with both upper and lower start characters) and a full run took about 4 hours and did not crack anything.It spits out a lot of uncommon combinations and does not give me a window to try and add digits or special characters.

RE: Combinator attack with a maximum length? - atom - 12-18-2016

Hashcat can not show an ETA because it can not know the total number of password candidates you're sending in.