Missing characters from hashcat brute-force? - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Support (https://hashcat.net/forum/forum-3.html) +--- Forum: hashcat (https://hashcat.net/forum/forum-45.html) +--- Thread: Missing characters from hashcat brute-force? (/thread-9259.html) |
Missing characters from hashcat brute-force? - carouselcarousel - 05-26-2020 hello, is there any possibility there are missing characters from the implemented brute force attack of hashcat? So in my case looking for MD5, which is 8 charcaters long. hashcat64 --force -D 1,2,3, -m 0 -O -i --increment-min=8 --increment-max=8 --hwmon-disable -a 3 -o X:\md5.cracked X:\md5.crack Session..........: hashcat Status...........: Exhausted Hash.Name........: MD5 Hash.Target......: 397e531bf3da8e8ef982103c29XXXXXX Time.Started.....: Tue May 26 18:56:59 2020 (5 mins, 17 secs) Time.Estimated...: Tue May 26 19:02:16 2020 (0 secs) Guess.Mask.......: ?1?2?2?2?2?2?2?3 [8] Guess.Charset....: -1 ?l?d?u, -2 ?l?d, -3 ?l?d*!$@_, -4 Undefined Guess.Queue......: 1/1 (100.00%) Speed.#1.........: 17589.5 MH/s (1.78ms) @ Accel:1024 Loops:256 Thr:32 Vec:4 Speed.#2.........: 545.0 MH/s (10.98ms) @ Accel:256 Loops:64 Thr:16 Vec:4 Speed.#*.........: 18134.5 MH/s Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts Progress.........: 5533380698112/5533380698112 (100.00%) Rejected.........: 0/5533380698112 (0.00%) Restore.Point....: 68734368/68864256 (99.81%) Restore.Sub.#1...: Salt:0 Amplifier:80128-80352 Iteration:0-256 Restore.Sub.#2...: Salt:0 Amplifier:80320-80352 Iteration:0-64 Candidates.#1....: v7qex2v$ -> Xqxqxqg$ Candidates.#2....: 7z7dvo6$ -> Xqxq76z$ So you will think okay the PW is not 8 characters right? Then I went to https://www.onlinehashcrack.com/ and they cracked it. And yes it is 8 character. How is this possible? When the brute force option doesn't cover all possible characters, then is it possible to use an option which uses it? Or in this case I should use something like: hashcat64 --force -D 1,2,3, -m 0 -O -i --increment-min=8 --increment-max=8 --hwmon-disable -a 3 -o X:\md5.cracked X:\md5.crack (somewhere I need to specify ?s?s?s?s?s?s?s?s ??? ) RE: Missing characters from hashcat brute-force? - carouselcarousel - 05-26-2020 trying....: hashcat64 --force -D 1,2,3, -m 0 -O -i --increment-min=8 --increment-max=8 --hwmon-disable -a 3 -o X:\md5.cracked X:\md5.crack ?a?a?a?a?a?a?a?a RE: Missing characters from hashcat brute-force? - royce - 05-26-2020 Yes, the default incremental mode is not a full brute force, but rather one that is optimized for likely candidates without being exhaustive: Guess.Mask.......: ?1?2?2?2?2?2?2?3 [8] Guess.Charset....: -1 ?l?d?u, -2 ?l?d, -3 ?l?d*!$@_, -4 Undefined |