![]() |
Need help - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Support (https://hashcat.net/forum/forum-3.html) +--- Forum: hashcat (https://hashcat.net/forum/forum-45.html) +--- Thread: Need help (/thread-8624.html) |
Need help - kX73bWKgVB - 09-02-2019 Hello! Im totally new to Hashcat and have not used any such tool before. I have a email adress with like ~5 missing characters and i also have the md5 hash of the full email. And i guess this would not be super hard to crack. I would really appreciate if someone could tell me how i should do this, and if possible give example of a full hashcat command. Thanks. What i got: email: example****@gmail.com md5 hash: 120b8510fd7091bc12f890433f65036f GPU: Rtx 2080 Help me crack the unknown characters please. The above is just an example but the adress i got is in the exactly same format. RE: Need help - philsmd - 09-02-2019 md5 ("example1234@gmail.com") == 120b8510fd7091bc12f890433f65036f it's against the forum rules to post hashes you could use different types of attacks, -a 3, -a 7 (yeah even -a 1) and of course also a -a 0 attack with a --stdout pipe on the left side (e.g. -a 3 on the left) . chose the one that is the fastest and more convenient for you (e.g. less disk space needed, but still very fast speed) I don't really understand what the real question is. Do you want to increase the length during the attack with --increment ? You could also just run several commands in sequence, like one with ?a?a?a?a and afterwards another one with ?a?a?a?a?a For a general overview and explanation about mask attack see https://hashcat.net/wiki/?id=mask_attack Code: hashcat -m 0 -a 3 -w 3 -O 120b8510fd7091bc12f890433f65036f example?a?a?a?a@gmail.com you can use mask files instead if you use a mask attack with several different mask that you want to run in sequence (like example?a?a?a?a@gmail.com and example?a?a?a?a?a@gmail.com) Also note that the static/constant string at the start "example" isn't very good to achieve full acceleration. You could try to work around problems with speed drops with other attack modes and/or stdout/pipe Code: hashcat --stdout -a 3 example?a?a?a?a@gmail.com | hashcat -m 0 -w 3 -O 120b8510fd7091bc12f890433f65036f the problem here is that with -m 0 = MD5 it doesn't really make much sense to use pipes because it will be slower in most cases ![]() RE: Need help - kX73bWKgVB - 02-08-2020 (09-02-2019, 06:55 PM)philsmd Wrote: md5 ("example1234@gmail.com") == 120b8510fd7091bc12f890433f65036f Hello again! Do you have any tips on how i can increase speed. When i run for example: Code: hashcat64.exe -m 0 -a 3 -w 3 -O -1 abcdefghijklmnopqrstuvwxyz0123456789.-_ -o output.txt 120b8510fd7091bc12f890433f65036f example?a?a?a?a@gmail.com i get Code: [/color] 230.1 MH/s feels quite slow on my rtx 2080, i did read that this is because of that there are some limitations to mask attacks. Is there any known way to improve the speed? For all the hashes i try to crack i have them in this format, first a known part then unknown part with known length and then a known part. RE: Need help - philsmd - 02-08-2020 I already mentioned one way to improve the speed (with stdin/pipe). Depending on the hash type (-m x), there might be also the possibility to just use a different algorithm, e.g. salted hashes instead of unsalted -m 0 -> -m 20 (in your specific case) Code: hashcat64.exe -m 20 -a 3 -w 3 -O -1 abcdefghijklmnopqrstuvwxyz0123456789.-_ -o output.txt 120b8510fd7091bc12f890433f65036f:example ?a?a?a?a@gmail.com RE: Need help - kX73bWKgVB - 02-08-2020 Thanks for quick reply. I have now tested both the methods you suggested but the result with stdin was much slower than -m 0. And -m 20 was exactly the same speed as -m 0. RE: Need help - philsmd - 02-08-2020 well, it's the prefix as I already told you. The speed with -m 20 will be slower of course, because salted. We actually also have a FAQ and some questions like this https://hashcat.net/faq/morework just to make sure you understand the problem. There are of course some other things you could try: like using maskrocessor mp64.exe instead of the --stdout mode Code: mp64 -1 ?l?d.-_ example?1?1 | hashcat64.exe -m 0 -a 0 -w 3 -O -o output.txt -r my.rule 120b8510fd7091bc12f890433f65036f where my.rule contains the output of: Code: mp64 -1 ?l?d.-_ '$?1$?1$@$g$m$a$i$l$.$c$o$m' > my.rule you could also test to a command similar to the --stdout command from above (but without hashcat at the left side and without --stdout) and use maskprocessor on the left side without rules. you could also test to just use rules for the whole command Code: hashcat64.exe -m 0 -a 3 -w 3 -O -1 ?l?d.-_ -o output.txt -r part1.rule 120b8510fd7091bc12f890433f65036f dict.txt where part1.rule contains e.g. the appending of "example" (^e ^l ^p ^m ^a ^x ^e) and some of the random chars e.g Code: mp64 -1 ?l?d.-_ '^e^l^p^m^a^x^e$?1$?1' > part1.rule and the dict.txt contains the second part Code: mp64 -1 ?l?d.-_ '?1?1@gmail.com' > dict.txt or use -a 1 with 2 dicts etc etc etc but my guess is that the mask with -m 20 will be the fastest... and it really is very fast (just like not exactly the same speed as -m 0 of course) I also noticed that you said -1 but always used ?a, that makes absolutely no sense RE: Need help - kX73bWKgVB - 02-08-2020 Thanks again for reply. I will try this as well. And about the -1 and ?a it was just because i copy pasted the example mail and hash from your earlier reply. But on my real hashes i use ?1 ![]() |