Maskprocessor | Hashcat syntax question
#1
Hi,

Thanks in advance for any help with this.
I'm very new to Hashcat and playing around with my gear cracking hashes. I regularly get the message about 'creating more work....parallelization power'. So tonight I tried to get the maskprocessor command working, but no luck.

Gear = Win10, GTX 980Ti

I've read through the doc's, the forum and I don't have the know how to get it going. This is the command I've tried:

Code:
..\maskprocessor-0.73\mp64.exe -i 7:20 ?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a | hashcat64.exe -m0 -O --status  .\HASHES\unfound.txt -o Found.txt

This command runs, but my Speed drops down to 427 kH/s and in the Candidates: *(RT ->    -K$%
This makes me feel like it's only throwing 4 digit passwords at the hash, when in fact it should be starting with 7 digit candidates?

Whereas, my previous command:
Code:
hashcat64.exe -m0 -a3 -O --status --increment --increment-min 7 --increment-max 20 .\HASHES\unfound.txt ?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a -o Found.txt
Speed: 11552 MH/s with a mask of 7 and an ETA of 1:39hr

I thought by running an mp and pipe, that I might be able to improve my results.
Or am I just reading it all wrong Tongue

So my questions are, should I be using an mp and pipe (faster results)?
What would the correct syntax?
Basically trying to brute force passwords between 7 - 20 digits on an MD5 hash.

Thanks again Smile
Reply
#2
no, you do NOT need maskprocessor in that specific situation (already a huge keyspace/mask).

you could improve speed by adding -w 3 or even -w 4 to your command line
Reply
#3
Hi Phil - thanks very much for the reply & advice.

How small a keyspace would you recommend before a mp would help?

The reason I ask is I have a different set of hashes (34) that I've been able to get 'some' passwords for, but it's only a handful of words to use.

For example:
  • password
  • Chocwedge1!
  • Sanksy1234
  • Sanksy1!
  • mUfw4dgq
  • ks662400
  • Password1!
  • 123456
  • Edward123!!?@
  • A1b2c3d4e5!!?
  • Fuckyou101
  • Szcts11/
  • Ryan1234!5!
  • Darren1!Sanksy09
  • sANKSY1!
  • A1b2c3d4e5$#@!11
  • pASSWORD1
  • Password1
  • Sanksy1234!
  • Password
Code:
hashcat64.exe --force -m9600 --status -w4 -O -o found.txt --remove --potfile-disable -r .\rules\OneRuleToRuleThemAll.rule HashesReduced.txt ".\Dictionary Files\PrePasswords.txt"
I ran this against remaining hashes with a couple of rules with no results. This command also received the note my 'wordlist or mask is too small'. However, I'm thinking the rules may not be the right way to go?

I made a mask using another tool I found that analysed this list of passwords and created the following mask file:
Code:
?d?d?d?d?d?d
?l?l?d?d?d?d?d?d
?u?l?l?l?l?l?d?d
?u?l?l?l?l?d?d?s
?u?l?l?l?l?l?d?s
?l?u?l?l?d?l?l?l
?l?u?u?u?u?u?d?s
?u?l?l?l?l?l?l?l
?l?l?l?l?l?l?l?l
?l?u?u?u?u?u?u?u?d
?u?l?l?l?l?l?l?l?d
?u?l?l?l?l?l?d?d?d?d
?u?l?l?l?l?l?l?d?d?d
?u?l?l?l?d?d?d?d?s?d?s
?u?l?l?l?l?l?l?l?d?s
?u?l?l?l?l?l?d?d?d?d?s
?u?l?l?l?l?l?l?l?l?d?s

But this too was going to take a long time to run.

Would you suggest a mp on either of those scenarios?

Thank again Smile
Reply