hashcat Forum
Mask for brut - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: Mask for brut (/thread-8981.html)



Mask for brut - Homo Erectus - 02-19-2020

Friends, Hello everyone. I am interested in the mask that is used for bruteforce, please tell me why Hashcat in bruteforce substitutes the mask:

Code:
Guess.Mask.......: ?1?2?2?2?2?2?2?3 [8]
Guess.Charset....: -1 ?l?d?u, -2 ?l?d, -3 ?l?d*!$@_, -4 Undefined

if I don't specify it in my request:

Code:
C:\Hashcat\hashcat64.exe -m 2500 -a 3 -w 4 C:\hccapx\test.hccapx

according to this mask, total combinations: 5533380698112
if you calculate the power of the alphabet:

?l?d?u = 62
?l?d = 36^6
?l?d*!$@_ = 41^2
62*36^6*41^2 = 5533380698112

But the question is, why is this mask, if you take the power of the alphabet, consisting of capital and small English letters, numbers and 33 characters, you will get: 26+26+10+33 = 95 the power of the alphabet and raise to a power depending on the length of the password, in my case 8, total 95^8 = 6 634 204 312 890 625 combinations.


RE: Mask for brut - philsmd - 02-19-2020

If you do not specify any mask the default mask is used, see https://hashcat.net/wiki/doku.php?id=hashcat#default_values

I already explained it here (don't just double post that quickly, we already tried to answer it on your other posts): https://hashcat.net/forum/thread-8980.html


RE: Mask for brut - Homo Erectus - 02-19-2020

thank you! But I still don't quite understand why such a mask is used, and not some other one. I understand that the default mask is deliberately set by programmers in the application, but what exactly they were guided by I can not understand...


RE: Mask for brut - philsmd - 02-20-2020

It's just one of the best masks if you care about speed, hit-rate, working efficient with multiple hash-type etc.

of course, the user should specify their own masks if they have some knowledge about the possible password / patterns etc.

The default one isn't always the best one, but it works quite good in many cases. The problem is just that a lot of users think without mask it's just a "brute-force" (the problem is that even this term is not very specific because it could mean --increment ?a?a?a?a?a?a?a?a or --increment ?b?b?b?b?b?b?b etc)


RE: Mask for brut - Homo Erectus - 02-20-2020


Thank you!