Found part of my password!! Now what?:) - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Support (https://hashcat.net/forum/forum-3.html) +--- Forum: hashcat-utils, maskprocessor, statsprocessor, md5stress, wikistrip (https://hashcat.net/forum/forum-28.html) +--- Thread: Found part of my password!! Now what?:) (/thread-9788.html)

Found part of my password!! Now what?:) - vicious1 - 01-17-2021 So, as I thought I found part of my password in a text file with the comment being way too cryptic for the second part .. yay me, well Done in 2012! Now.. I know for a fact that the password isn’t straight up with repetitive characters. The first part is 4X8dRu , extrapolating myself here I am assuming it continues along the lines of randomness, no special characters. I am asking for help to write a rule set that takes whatever maskprocessor pipes in and makes sure the same character is always only twice maximum in the whole password , must contain a number, a lower case an, uppercase all others are discarded. So I was gonna do with with reject rule.. but because reject rules need 2 sides, I was thinking this: mp64.bin -q2 -1?u?l?d ?1?1?1?1?1?1 | hashcat -m 15700 -a 1 hashther.hash -k reject.rule basepasswd.txt -  That basepassword contains the part of the password I know. This SHOULD work but the rule is a mystery to me still.. Yes this is an ether wallet and yes it will take years otherwise...so I am trying to narrow it down.. I am missing 6 characters. Help? RE: Found part of my password!! Now what?:) - the_charm - 01-17-2021 Hm... I don't think what you're trying to do is possible... I mean, I could be totally off on this, as I've never really used reject rules before... But if I understand you correctly, you want a rule that says "reject whats coming from maskprocessor, if it contains more than one '4' or >1 'X' or >1 '8' etc." Having a quick look at the avail. reject rules, I think only the opposite of what you want is possible (namely the "%"-rule to reject plains which contain char X less than N times). Only thing I can think of ATM is, why not use a mask-file with 6masks and 2custom-charsets like so: ?u?l?d,[everything in ?u?l?d except 4X8dRu],4X8dRu?1?2?2?2?2?2 ?u?l?d,[everything in ?u?l?d except 4X8dRu],4X8dRu?2?1?2?2?2?2 etc. I know, this excludes some possible combinations. But it should still cover most of the keyspace you're trying to check, so it might be a good place to start... Nonetheless, I hope someone more experienced answers on this issue, to see if your idea with reject rules actually could be achieved... RE: Found part of my password!! Now what?:) - vicious1 - 01-17-2021 Hi, good point...  I came up with an interim solution for now.. Maskprocessor | grep with a regexp | hashcat Seems to work like a dream so far...  Bit complicated but since ethereum mode 15700 isn’t fast to crack, I am not worried about the speed of the passwords ... but it really seems to work... RE: Found part of my password!! Now what?:) - the_charm - 01-18-2021 wow! that looks adventurous!^^ but since you're not concerned w/ speed... sure, have some fun with it! RE: Found part of my password!! Now what?:) - royce - 01-18-2021 Do the math of how many passwords will be skipped if you can impose these restrictions, vs not imposing them, and use this as a basis to calculate the expected runtime for both attacks.