+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: Difference between bruteforce and password list for WPA cracking (/thread-7371.html)
Difference between bruteforce and password list for WPA cracking - dzo - 03-16-2018
Hi
I'm playing with hashcat and my wifi and there is something I don't get.
If I save password to file and run hashcat with this command:
./hashcat -w 4 -m 2500 Dump.hccapx pwd_list
I get it cracked without problems, as the password is the only line in file
Session..........: hashcat
Status...........: Cracked
Hash.Type........: WPA/WPA2
Hash.Target......: SSID (AP:aa:bb:cc:dd:ee:ff STA:aa:bb:cc:dd:ee:ff)
Time.Started.....: Fri Mar 16 17:13:51 2018 (0 secs)
Time.Estimated...: Fri Mar 16 17:13:51 2018 (0 secs)
Guess.Base.......: File (pwd_list)
Guess.Queue......: 1/1 (100.00%)
Speed.Dev.#2.....: 23 H/s (1.10ms) @ Accel:128 Loops:128 Thr:896 Vec:1
Recovered........: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts
Progress.........: 1/1 (100.00%)
Rejected.........: 0/1 (0.00%)
Restore.Point....: 0/1 (0.00%)
Candidates.#2....: 071FD8BAD4 -> 071FD8BAD4
But if I do bruteforce attack on the same file with mask it doesn't work, it cannot find password. Command I run is:
./hashcat -w 4 -m 2500 -a 3 Dump.hccapx -1 ADF 071?1?1?d?1?1?14
And this is the output:
Session..........: hashcat
Status...........: Exhausted
Hash.Type........: WPA/WPA2
Hash.Target......: SSID (AP:aa:bb:cc:dd:ee:ff STA:aa:bb:cc:dd:ee:ff)
Time.Started.....: Fri Mar 16 17:15:07 2018 (0 secs)
Time.Estimated...: Fri Mar 16 17:15:07 2018 (0 secs)
Guess.Mask.......: 071?1?1?d?1?1?14 [10]
Guess.Charset....: -1 ADF, -2 Undefined, -3 Undefined, -4 Undefined
Guess.Queue......: 1/1 (100.00%)
Speed.Dev.#2.....: 25348 H/s (2.65ms) @ Accel:128 Loops:128 Thr:896 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 2430/2430 (100.00%)
Rejected.........: 0/2430 (0.00%)
Restore.Point....: 2430/2430 (100.00%)
Candidates.#2....: 071AD1ADA4 -> 071FD9FDF4
Any ideas why? I can't see that I'm doing anything wrong with the parameters given to hashcat.
./hashcat -V
v4.1.0
RE: Difference between bruteforce and password list for WPA cracking - walterlacka - 03-16-2018
Does this work?
./hashcat -w 4 -m 2500 -a 3 Dump.hccapx -1 ABDF 071?1?1?d?1?1?14
Couldn't tell based on the BOLD which was -1 and which was -l (bad eyes)
RE: Difference between bruteforce and password list for WPA cracking - undeath - 03-16-2018
what walterlacka wrote. You are missing B in your custom charset.
RE: Difference between bruteforce and password list for WPA cracking - dzo - 03-16-2018
Ignore me, I'm an idiot.
Blind by my own eyes, I added B and it worked like a charm, just like it should be.
Tnx a lot for help guys.