hashcat Forum
Mask Assisstance - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Misc (https://hashcat.net/forum/forum-15.html)
+--- Forum: General Talk (https://hashcat.net/forum/forum-33.html)
+--- Thread: Mask Assisstance (/thread-7155.html)

Mask Assisstance - skavenger0 - 01-02-2018

Hi, Could someone give me a hand please.
I know the password for the hash is something like "aword#2017" I need to create a brute force mask to tackle it and Im a bit lost with the masks and character sets.
I know its all lowercase with a special char in the middle and the date on the end. If anyone can help you would be a life saver. Thanks

My command at the min isĀ 

hashcat64.exe -a 3 -m 9600 -w 3 -p : --gpu-temp-abort=90 --outfile-format=3 -1 ?l?s?d --username "Book1.xlsx:$office$*2013*100000*256*16*XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"

RE: Mask Assisstance - undeath - 01-02-2018

A hybrid attack (mode 6) would make more sense. Get an english wordlist and use a mask like ?s20?d?d

RE: Mask Assisstance - Chick3nman - 01-02-2018

hashcat64.exe -a 3 -m 9600 -w 3 -p : --gpu-temp-abort=90 --outfile-format=3 -i -1 ?l?s?d ?1?1?1?1?1?1?1?1?1 --username

This will iterate starting from length 1 and going out to a length that I know is impossible to bruteforce on office 2013. Speaking of impossible, you really really shouldn't be using brute force. You'd be much better off with a dictionary and some rules.

If you want to make the mask a little bit better, it'd be best to guess the length and then try to write a mask that looks something like this: ?l?l?l?l?l?s?d?d?d?d which would hit a password like "paswd%1234" which is roughly the format you were going for. This will lower the keyspace you have to check dramatically but it will still be too big for a brute force most likely and you will still want to use a dictionary + rules.

RE: Mask Assisstance - skavenger0 - 01-02-2018

Cheers for the response. Its not in English and its not going to be on a word list I'm afraid.

RE: Mask Assisstance - skavenger0 - 01-02-2018

I reckon its 12 characters long. So would I use:

hashcat64.exe -a 3 -m 9600 -w 3 -p : --gpu-temp-abort=90 --outfile-format=3 -i -1 ?l?s?d ?1?1?1?1?1?1?1?1?1?1?1?1 --username

RE: Mask Assisstance - undeath - 01-02-2018

bruteforcing this keyspace is not going to happen any time soon unless the word is really short.

edit: 9 7 random lowercase characters? lol. not happening during your lifetime.
edit: whoops, I don't math. Still, full bf is not going to happen for that keyspace. You need a more narrow mask as Chick3nman wrote. And even then the estimate is probably in the years range.

RE: Mask Assisstance - skavenger0 - 01-02-2018

Got it. Thanks for the assistance. - Guessed the word, incremented numbers.