hashcat Forum
How to set the minimum password length? - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: How to set the minimum password length? (/thread-6759.html)



How to set the minimum password length? - zamgold - 08-07-2017

I Have very big dictionary (10 Gb)
I want run hashcat with this dictionary + best64.rule, I know that the password is more than 7 characters long.

It is possible to set the minimum length of the password when starting the cracking?



RE: How to set the minimum password length? - Xanadrel - 08-07-2017

https://hashcat.net/wiki/doku.php?id=rule_based_attack#rules_used_to_reject_plains


RE: How to set the minimum password length? - zamgold - 08-07-2017

(08-07-2017, 08:44 PM)Xanadrel Wrote: https://hashcat.net/wiki/doku.php?id=rule_based_attack#rules_used_to_reject_plains

for example, i must edit best64.rule:

## simple number append
>7 $0
>7 $1
>7 $2
>7 $3
>7 $4
>7 $5
....

Coreectly?


RE: How to set the minimum password length? - undeath - 08-07-2017

You can specify multiple rule files and hashcat will join every rule of the first file with every rule of the second file and so on. So you can just specify a rule file containing the rule ">7" and then the best64.rule file. Although you probably want it the other way around.


RE: How to set the minimum password length? - philsmd - 08-07-2017

from https://hashcat.net/wiki/doku.php?id=rule_based_attack#rules_used_to_reject_plains :
Quote:Reject rules only work either with hashcat-legacy, or when using “-j” or “-k” with hashcat. They will not work as regular rules (in a rule file) with hashcat



RE: How to set the minimum password length? - extended - 09-09-2017

Hi,

I'm having the same challenge as OP: large wordlist (15G), want to use rules, would like to skip passwords under certain length. However I am puzzled by the given answers in this thread.

AIUI reject rules can't be used with -a0, because they can only be used with -j and -k, thus in a combinator attack. 
Of course using stdout is an option, but then I'd have to somehow use the shell to skip small words, which sounds resource inefficient.

Writing everything to disk first, while cut'ing short words, then deduping, is also not an ideal option, since this obviously will generate a lot of disk I/O slowing down the entire exercise (not to mention that it probably will require an enormous amount of diskspace).

What's the recommended approach here? 

Thanks