Cracking foreign words/characters - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Support (https://hashcat.net/forum/forum-3.html) +--- Forum: hashcat (https://hashcat.net/forum/forum-45.html) +--- Thread: Cracking foreign words/characters (/thread-8109.html) |
Cracking foreign words/characters - NocFlame - 01-29-2019 Should be said i am new to this so maybe i have missed something obvious, anyway; Root problem: Need to be able to crack hashes in Swedish. What have been done: studies... Hash Crack Password Cracking Manual (book) https://hashcat.net/wiki/doku.php?id=frequently_asked_questions#how_to_deal_with_special_non-latin_characters_chinese_arabic_etc https://hashcat.net/wiki/doku.php?id=mask_attack#hashcat_charset_files https://hashcat.net/wiki/doku.php?id=mask_attack#custom_charsets https://blog.bitcrack.net/2013/09/cracking-hashes-with-other-language.html https://www.netmux.com/blog/ultimate-guide-to-cracking-foreign-character-passwords-using-has What have been tested among many other things: created hash.txt with MD5 hashes of word "test" and the Swedish chars å, ä, ö, along with few common words that makes use of these letters, like elk -> "älg", moon -> "måne" and so on. hashcat64.exe --potfile-disable -m 0 -o ../hashes/md5test/output.txt ../hashes/md5test/hash.txt -a 3 -1 ?l?uåäöÅÄÖéÉ ?1?1?1?1 --increment -O (didn't solve anything at all, 0 cracked hashes) hashcat64 --potfile-disable -m 0 -a 3 ../hashes/md5test/hash.txt --hex-charset -1 c3 -2 a0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebf -i ?1?2?1?2?1?2?1?2 --outfile-autohex-disable --outfile ../hashes/md5test/output.txt (did only solve the single letters of å,ä,ö as expected) hashcat64.exe --potfile-disable -m 0 -o ../hashes/md5test/output.txt ../hashes/md5test/hash.txt -a 3 -1 charsets/standard/Swedish/se-SE_cp1252.hcchr ?1?1?1?1 --increment -O created a cp1252.hcchr file to include €ÉéÅåÄäÖö but gave me 0 results hashcat64.exe --potfile-disable -m 0 -o ../hashes/md5test/output.txt ../hashes/md5test/hash.txt -a 3 -1 ?l?u -2 charsets/standard/Swedish/se-SE_cp1252.hcchr -3 ?1?2 ?3?3?3?3 --increment -O (This one only found the test password and none of my å,ä,ö) Problem arise from here... All guides and references use only the characters in the hex-charset but (in my current world) I cant combine the first part of the ascii tables (00 20-7e) with my c3 80-bf range to only make up one of the possible chars to try. I have probably missed something painfully obvious here so please a few pointers would be nice... RE: Cracking foreign words/characters - royce - 01-29-2019 This Stackexchange thread may be informative - it has some examples: https://security.stackexchange.com/questions/154901/attack-wpa-password-with-hashcat-settings-and-resources-for-german-passwords/154958#154958 RE: Cracking foreign words/characters - NocFlame - 01-30-2019 (01-29-2019, 03:09 AM)royce Wrote: This Stackexchange thread may be informative - it has some examples: Great tip, and I made some progress but... hashcat64.exe --potfile-disable -m 0 -o ../hashes/md5test/output.txt ../hashes/md5test/hash.txt -a 3 --hex-charset -1 c3 -2 8489969c9fa4a9b6bc ?a?a?a?1?2 -O [Works as stated] Moving away from mask in cli to use the mask file resulted in "Custom-charset 1 is undefined" hashcat64.exe --potfile-disable -m 0 -o ../hashes/md5test/output.txt ../hashes/md5test/hash.txt -a 3 --hex-charset -1 c3 -2 8489969c9fa4a9b6bc masks/utf8.hcmask.6char -O [ Results in: Custom-charset 1 is undefined] So tried to build the mask file with the -1 & -2 included like this: c3,84858996a4a5a9b6,?a?a?a?a?a?1?2 c3,84858996a4a5a9b6,?a?a?a?a?1?2?a hashcat64.exe --potfile-disable -m 0 -o ../hashes/md5test/output.txt ../hashes/md5test/hash.txt -a 3 --hex-charset masks/utf8.hcmask.6charTEST -O [Works, but is this really necessary???] So my question: is it really necessary to do the last example to make this work or are there other smarter ways to make this happen? RE: Cracking foreign words/characters - royce - 01-30-2019 It's often better to encode the custom charsets in the mask file itself, because it's persistent documentation of the nature of the attack that lives beyond that particular commandline. RE: Cracking foreign words/characters - NocFlame - 01-31-2019 (01-30-2019, 05:12 PM)royce Wrote: It's often better to encode the custom charsets in the mask file itself, because it's persistent documentation of the nature of the attack that lives beyond that particular commandline. Fair point and thank you royce for the help! For any future references this thread is now considered solved |