+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: Pls help - simple rule does not work! (/thread-7815.html)
Pages:
1
2
Pls help - simple rule does not work! - john2014 - 09-18-2018
hashcat version: 4.2.1
==============
1st I try this:
hashcat64.exe -m 2500 -a 0 crackme.hccapx "C:\WORDLISTS\simple.txt"
(where "simple.txt" contains only the word "password123")
Result: hash is cracked
Now I:
1) edit the "simple.txt" file and change "password123" to "password"
2) put a simple rule "$1$2$3" in a file named "TEST.rule" and execute:
hashcat64.exe -m 2500 -a 0 crackme.hccapx "C:\WORDLISTS\simple.txt" -r rules\TEST.rule
Result: not cracked
If I force hashcat to display what candidate(s) it creates/uses with:
hashcat64.exe "C:\WORDLISTS\simple.txt" -r rules\TEST.rule --stdout
The console displays:
password123
123
yet the hash somehow fails to crack!
Any ideas?
RE: Pls help - simple rule does not work! - Nay - 09-18-2018
Hi,
Just to be sure : In you second attempt, you file simple.txt does well contain the plain "password", and not "password123" ? Otherwise applying the rule will create the candidate "password123123".
Besides, when you use --stdout you usually should leave apart the hash type (-m 2500)
RE: Pls help - simple rule does not work! - john2014 - 09-18-2018
I edited my post to reflect your points (yes, you are right regarding the "--stdout" switch)
RE: Pls help - simple rule does not work! - undeath - 09-18-2018
what happens when you run
Code:
hashcat64.exe -m 2500 -a3 crackme.hccapx password123Try the example hccapx file: https://hashcat.net/wiki/doku.php?id=example_hashes
RE: Pls help - simple rule does not work! - john2014 - 09-18-2018
(09-18-2018, 05:06 PM)undeath Wrote: what happens when you run
?Code:hashcat64.exe -m 2500 -a3 crackme.hccapx password123
Try the example hccapx file: https://hashcat.net/wiki/doku.php?id=example_hashes
Just did.
These are the steps (I assumed the password is "hashcat") I performed:
1) edited the wordlist file as: hashc
2) edited the rules file as: $a$t
Run and result: FAILURE
But then I populated the wordlist only with "hashcat" and removed the rule
Result: failure!!
So, what gives? Isnt the password for "hashcat.hccapx" the passpharse "hashcat" as noted at the top of the page? ("Unless otherwise noted, the password for all example hashes is hashcat.")
RE: Pls help - simple rule does not work! - undeath - 09-18-2018
as noted otherwise, the password for the example hccapx is "hashcat!" (with trailing exclamation mark)
RE: Pls help - simple rule does not work! - john2014 - 09-18-2018
Ok, I just checked and indeed the password is "hashcat!"
(with wordlist "000.txt" containing "hashcat!" and no rule applied)
hashcat64.exe -m 2500 -a 0 hashcat.hccapx "C:\_WORDLISTS\000.txt"
And then I:
1) edited the wordlist file as: hashc
2) edited the rules file as: $a$t$!
hashcat64.exe -m 2500 -a 0 hashcat.hccapx "C:\_WORDLISTS\000.txt" -r rules\__xTEST.rule
Run and result: FAILURE again!
Running "hashcat64.exe "C:\_WORDLISTS\000.txt" -r rules\__xTEST.rule --stdout" outputs "hashcat!" so the work is correctly constructed BUT fails to work!
So? Can you please check and verify? Am I doing something wrong?
RE: Pls help - simple rule does not work! - undeath - 09-18-2018
your input word must be at least eight characters (before rule manipulation), otherwise it'll be skipped
RE: Pls help - simple rule does not work! - john2014 - 09-19-2018
Really????
Are you sure? Is this somewhere documented?
If this is the case, why? Maybe because the minimum length for WPA is 8 chars and so the code first rejects BEFORE the rule is applied?
If yes, shouldnt the rule FIRST be applied and then presented to the code to be tested?
In my opinion this is a serious problem as possibilities to retrieve passwords are lost.
If for example I know the first 6 characters and would like to apply a rule which would append at the end a range of 0-99999 how should I do it?
Furthermore, does this limitation also apply to wordlist combinations?
What if for example the password is "happyday" and wordlst #1 contains "happy" and wordlist #2 the word "day"? Does the combination of both wordlists crack or no the hash? (since each word is LESS than 8 chars?)
RE: Pls help - simple rule does not work! - undeath - 09-19-2018
(09-19-2018, 12:18 AM)john2014 Wrote: If this is the case, why? Maybe because the minimum length for WPA is 8 chars and so the code first rejects BEFORE the rule is applied?exactly
(09-19-2018, 12:18 AM)john2014 Wrote: Furthermore, does this limitation also apply to wordlist combinations?
yes
(09-19-2018, 12:18 AM)john2014 Wrote: In my opinion this is a serious problem as possibilities to retrieve passwords are lost.
If for example I know the first 6 characters and would like to apply a rule which would append at the end a range of 0-99999 how should I do it?
The problem was recently discussed in this thread: https://hashcat.net/forum/thread-7774.html
philsmd also posted a workaround (first post on page2)