Bruteforce RAR3 with repeated password - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Support (https://hashcat.net/forum/forum-3.html) +--- Forum: hashcat (https://hashcat.net/forum/forum-45.html) +--- Thread: Bruteforce RAR3 with repeated password (/thread-9648.html) |
Bruteforce RAR3 with repeated password - RARcheologist - 11-20-2020 I am trying to bruteforce a RAR3 file with a repeating password Let's say the password is abc$1abc$1 I want to bruteforce the abc$1 part and duplicate it. For a simple password like abc$1, this works: hashcat.exe -m 12500 -a3 hash ?l?l?s?d But what if I want to bruteforce using only duplicates of ?l?l?s?d, like aaa!1aaa!1 or zzz=0zzz=0, how do I do it? I tried creating a duplicate.rule with just a d in it, but it won't allow me to use rules in brute force mode. Any help is appreciated! RE: Bruteforce RAR3 with repeated password - undeath - 11-20-2020 The easiest solution would be using stdin. hashcat --stdout -a3 ?l?l?l?s?d | hashcat -m 12500 hash -j d RE: Bruteforce RAR3 with repeated password - RARcheologist - 11-20-2020 Cheers, that works! RE: Bruteforce RAR3 with repeated password - RARcheologist - 11-21-2020 How would I do triples like abc$1abc$1abc$1? RE: Bruteforce RAR3 with repeated password - undeath - 11-21-2020 See https://hashcat.net/wiki/doku.php?id=rule_based_attack for all available rules RE: Bruteforce RAR3 with repeated password - RARcheologist - 11-21-2020 (11-21-2020, 01:45 PM)undeath Wrote: See https://hashcat.net/wiki/doku.php?id=rule_based_attack for all available rules I see, so just use p2 instead of d then. Hopefully my last question: When using hashcat nested this way, where do I put the session command? hashcat --session session1 --stdout -a3 ?l?l?l?s?d | hashcat -m 12500 hash -j d or hashcat --stdout -a3 ?l?l?l?s?d | hashcat --session session1 -m 12500 hash -j d or do I need a session in either, and then do I restore both sessions with hashcat --session session1 --restore or hashcat --session session1 --restore | hashcat --session session2 --restore Thanks a lot! RE: Bruteforce RAR3 with repeated password - undeath - 11-21-2020 You cannot use sessions for resuming when using stdin. In your case it might be more practical to save the generated wordlist on your drive. |