Help with partial known simple OS X password - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Support (https://hashcat.net/forum/forum-3.html) +--- Forum: hashcat (https://hashcat.net/forum/forum-45.html) +--- Thread: Help with partial known simple OS X password (/thread-6460.html) |
Help with partial known simple OS X password - dasgeek - 04-03-2017 I normally would not ask a simple question, but I have lost a family member and am trying to crack their user password on their Mac. I have read alot about Hashcat options and brute-force character sets. I know it is probably a short password (8 characters) and I know the first three letters. I will be running Hashcat on a Windows setup. I have the hash all set to go. I am just wanting to make sure I write the command correctly. Can someone help me get the command correct? RE: Help with partial known simple OS X password - epixoip - 04-03-2017 You should probably start by showing us the commands you have already tried. RE: Help with partial known simple OS X password - dasgeek - 04-03-2017 Let's say I think the password is eight characters with the first three letters are "xyz" and the rest of the characters being numbers... hascat64.exe -m 7100 D:\hash.txt -a 3 D:\cracked.txt -1 xyz?d?d?d?d?d I do not have a powerful computer to crack this on I am trying to reduce time by trying specific characters since I think I know the first three and the rest are probably numbers. RE: Help with partial known simple OS X password - dasgeek - 04-03-2017 I switch to my Mac to get better performance. He is the command I tried: ./hashcat -m 7100 [path to hash.txt] -a 3 [path to cracked.txt] -1 xyz?d?d?d?d Got an error "Generated bitmap tables...Invalid mask" I know I am getting close. Any thoughts? RE: Help with partial known simple OS X password - philsmd - 04-03-2017 -a 3 is for mask attack (https://hashcat.net/wiki/mask_attack), if you want to use a wordlist, you need to use -a 0 I'm not sure what D:\cracked.txt or [path to cracked.txt] mean in your example. If you want to call the output file like that, you need to use the -o option. Code: ./hashcat -m 7100 -a 3 -o output_file.txt hashes.txt ?l?l?l?d?d?d?d the general format is hashcat [options] hash_file.txt [word_list_or_mask] RE: Help with partial known simple OS X password - dasgeek - 04-03-2017 I tried the changes to my command and got error Hash '-': Line-length exception No Hashes Loaded. Code: ./hashcat -m 7100 -a 3 - o cracked.txt hash.txt -1 xyz?d?d?d?d I know this means either my mode is wrong or my hash is bad. Is 7100 correct for OSX 10.10 password? It is listed Salted-SHA512-PBKDF2 in the ShadowHashData. My hash looks correct for the 7100 mode in the table of Generic hash types. My entropy hash is longer than the example. Should it be the same length? RE: Help with partial known simple OS X password - philsmd - 04-03-2017 I didn't say you shoud use "- o" (minus space lower-case o), but "-o file". That's a huge difference. Furthermore, this "-1 xyz?d?d?d?d" is totally wrong. What should this do in your opinion? --custom-charset1 (or short -1, minus one) is used to define a custom charset. It makes no sense to use 4 times ?d in a custom charset definition because that would mean you add all the digits four times to the set of chars. That makes absolutely no sense. I do not understand why you try to change the (correct) command I posted and transform it in something completely incorrect. Please use the wiki for further questions and the very basic hashcat usage (https://hashcat.net/wiki/), it seems that you also need to get some crash course on how to use the shell/command line (otherwise you wouldn't confuse -o with - o etc), please search some online guides for help with how your command line/shell works etc |