hashcat Forum
Hybrid attack - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Developer (https://hashcat.net/forum/forum-39.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-40.html)
+--- Thread: Hybrid attack (/thread-6915.html)



Hybrid attack - pkneca - 10-04-2017

Hi,

I am new to the hashcat, and I cant find a way to make this working for wpa2 cracking

Is there a way, beside wordlist (i tried, works great but very large files) to make somthing like this

Lets say I know one part of the password, for this example "bill"

I want to make hashcat do like this ?d bill ?d?d?d, I tried hybrid attack, but could only make it left or right.


thanks


RE: Hybrid attack - TofuBoy22 - 10-04-2017

(10-04-2017, 11:16 AM)pkneca Wrote: Hi,

I am new to the hashcat, and I cant find a way to make this working for wpa2 cracking

Is there a way, beside wordlist (i tried, works great but very large files) to make somthing like this

Lets say I know one part of the password, for this example "bill"

I want to make hashcat do like this ?d bill ?d?d?d, I tried hybrid attack, but could only make it left or right.


thanks

Look at using rules which can be used to append and prepend to your wordlist

https://hashcat.net/wiki/doku.php?id=rule_based_attack


RE: Hybrid attack - pkneca - 10-04-2017

Thank you for the quick replay. I will look into it, when I return home from work.

I want to make this, maybe there is a better way

I was planning to make script that automaticly execute hashcat commands

I want to use mixalpha-numeric charset, in this example I will present it as X, key is for some random word

keyX
Xkey
keyXX
XXkey
XkeyX
keyXXX
XXXkey
XkeyXX
XXkeyX
keyXXXX
XXXXkey
XkeyXXX
XXkeyXX
XXXkeyX

I was looking in increment option, but I couldnt understand it well.

thanks


RE: Hybrid attack - philsmd - 10-04-2017

You could use a hcmask file (see https://hashcat.net/wiki/doku.php?id=mask_attack#hashcat_mask_files):

file my.hcmask:
Code:
?l?u?d,key?1
?l?u?d,?1key
?l?u?d,key?1?1
?l?u?d,?1?1key
?l?u?d,?1key?1
?l?u?d,key?1?1?1
?l?u?d,?1?1?1key
?l?u?d,?1key?1?1
?l?u?d,?1?1key?1
?l?u?d,key?1?1?1?1
?l?u?d,?1?1?1?1key
?l?u?d,?1key?1?1?1
?l?u?d,?1?1key?1?!
?l?u?d,?1?1?1key?1

and run it like this:
Code:
hashcat -m 0 -a 3 -w 3 hashes.txt my.hcmask

the only disadvantage of this solution is that the speed is not guaranteed to be the best for all mask (especially if we have masks with a constant prefix). On the other hand, it is for sure the most convenient way to run a set of masks that follow certain policies.


RE: Hybrid attack - pkneca - 10-07-2017

Thank you soo much, this is great.

Is it possible to get that "key" value also checked with mixalpha characters. I hope that you can understand, english is not my native language, I dont know how to explain..