+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: Wordlist massive attack (/thread-8191.html)
Wordlist massive attack - kangduwang - 03-01-2019
Usually when you run a bruce force attack, hardware can generate & compare millions or even billions passphase per seconds. But in wordlist attack, store billions of passphase in text file already take GBs of harddrive & time to generate & prepare. If i want to run a wordlist attack with trillions of passphase. Is there any trick for this to make it fast or take less space?
RE: Wordlist massive attack - royce - 03-01-2019
You can assemble the passphrases from a one-word-per-line wordlist, using princeprocessor, and then pipe it to hashcat, using one of the prince_*.rule rules files to supply more work to the GPUs.
RE: Wordlist massive attack - Mem5 - 03-02-2019
Combinator Attack (-a 1) lets you merge two wordlists, and you can append rules as well.
RE: Wordlist massive attack - mahoganyduck - 04-03-2019
Rules are your friends! I've gained a lot of respect for the mad geniuses that came up with one rule.
https://github.com/NotSoSecure/password_cracking_rules
That plus rockyou has a stupid amount of success.
Well tuned masks are lethal as well.
https://blog.netspi.com/netspis-top-password-masks-for-2015/
https://blog.korelogic.com/blog/2014/04/04/pathwell_topologies
One consideration when approaching a session is that masks and rules are handled in the GPU, all other generation and feeding is done by the cpu; pre-generation can actually slow you down a lot.
This article was a real eyeopener for me: https://hashcat.net/wiki/doku.php?id=frequently_asked_questions#how_to_create_more_work_for_full_speed