hashcat Forum
Need help with building mask - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: Need help with building mask (/thread-8587.html)

Need help with building mask - singhn - 08-22-2019


I am trying to recover ms access 2010 encrypted database password. I have tried with dictionary but no luck.

I usually keep 8 to 20 char alpha numeric with special char password. Unfortunately, i am not able to recall the password.

I have generated the hash from access database, and I am going to try brute force with min 8 length with increment of 1, however how do i specify the correct mask.

I tried this wiki https://hashcat.net/wiki/doku.php?id=mask_attack

For example, if we use the mask “?l?l?l?l?l?l?l?l” we can only crack a password of the length 8.

but this appears to be only for lowercase

can someone help me with building the mask which can try alpha numeric with special char


RE: Need help with building mask - undeath - 08-22-2019

You're not going to be happy trying to BF >= 8 characters full ascii charset. Try dict+rules if you haven't.

RE: Need help with building mask - singhn - 08-22-2019

Actually, I am referring to this post https://tinyapps.org/docs/hashcat.html which states we can spin cloud instance p2.16xlarge and give it try, which will considerably speed up the processing. In his example it went down from 4 days to 1 min.

I will try both dict+rules and brute force. can you help me with the examples for both?


RE: Need help with building mask - slyexe - 08-23-2019

(08-22-2019, 10:38 PM)singhn Wrote: In his example it went down from 4 days to 1 min.

He also lied and said it 8 lower case characters, but his hashcat output only shows 6....
Guess.Mask.......: ?l?l?l?l?l?l [6]

So, realistically, 8+ characters will take a MUCH longer timeframe. Without knowing any part of the password, you're digging yourself into a LONG wait for potentially nothing as a result using bruteforce. 

As previously mentioned, you can accomplish a lot more using wordlist and rules in a much shorter time frame. 

Check out weakpass.com for some good sources of wordlist. Then a good start would be to use the best64.rule with any of those wordlist. 

Heres the example hash output for an 6 ASCII character attempt on a 1070 GTX. 

Session..........: hashcat
Status...........: Running
Hash.Type........: MS Office 2010
Hash.Target......: $office$*2010*100000*128*16*77233201017277788267221...993557
Time.Started.....: Thu Aug 22 18:09:18 2019 (0 secs)
Time.Estimated...: Sat Jul 25 17:04:02 2020 (337 days, 22 hours)
Guess.Mask.......: ?a?a?a?a?a?a [6]
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:    25175 H/s (7.55ms) @ Accel:64 Loops:32 Thr:1024 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 0/735091890625 (0.00%)
Rejected.........: 0/0 (0.00%)
Restore.Point....: 0/7737809375 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:96-128
Candidates.#1....: sarier -> s# -19
Hardware.Mon.#1..: Temp: 38c Fan: 26% Util: 38% Core:1594MHz Mem:4104MHz Bus:16

[s]tatus [p]ause [b]ypass [c]heckpoint [q]uit =>

RE: Need help with building mask - singhn - 08-23-2019

Thanks slyexe, basically, i interchange the some chars with numbers and some with special for example, E with 3, o with 0, i with !, but not all, just some. I do tend to use other special chars as well not just !. here is an example of one of my passwords H3lL0_w0rLD-2oo7!! but that's simpler one, i did use longer password on the access db.

If you can guide me with how can i create a rule set which can possible crack 8 to 24 alpha numeric with special char password, I can spin up p2.16xlarge instance, and see the estimates.


RE: Need help with building mask - singhn - 08-25-2019

Hi Folks,

any examples how can i achieve my objective?

RE: Need help with building mask - Ar76 - 08-25-2019

Your passwords are unnecessarily complex, a password such as myaccesspasswordispassword is stronger you dont need special chars