WiFi WPA2 - 16alphanumerical
#1
Sad 
Hello everyone
I'm facing difficulties with Hashcat as I've set up a virtual machine on Hyperstack with 2xRTXa6000 GPUs to assist me in cracking a 16-character password consisting of only capital letters and Numbers. The password should resemble something like this: "TU2UENK4UJGKSJDN" (please note that this is just a representation; I don't know the actual characters in the password, but I do know it's exactly 16 characters long and contains both numbers and letters).

So.. I tryed the following commands, but there is always a problem, the most common errors are: Invalid mask & Integer overflow detected in keyspace of mask.
- hashcat -m22000 -a3 -w4 homelife.hc22000 -d1,2
ci metterebbe anni

- hashcat -m22000 -a3 -w4 homelife.hc22000 -i --increment-min=16 --increment-max=16 -d1,2
Invalid mask.

- hashcat -m22000 homelife.hc22000 -i --increment-min=16 --increment-max=16 -1 ?u?d -a3 1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1? -d1,2 -w4
Integer overflow detected in keyspace of mask: 1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1

- hashcat -m22000 homelife.hc22000 -i --increment-min=16 --increment-max=16 -1 ?u?d -a3 1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1? -d1,2 -w4
Integer overflow detected in keyspace of mask: 1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1

- hashcat -m22000 homelife.hc22000 -i --increment-min=16 --increment-max=16 -a 3 -1 ABCDEFGHIJKLMNOPQRSTUVWXTZ123456789 ?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1 -d1,2 -w4
Invalid mask.

- hashcat -m22000 homelife.hc22000 -a 3 -1 ABCDEFGHIJKLMNOPQRSTUVWXTZ123456789 ?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1 -d1,2 -w4
Integer overflow detected in keyspace of mask: ?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1

- hashcat -m22000 homelife.hc22000 -a 3 -1 ?u?d ?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1 -d1,2 -w4
Integer overflow detected in keyspace of mask: ?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1

- hashcat -m 22000 homelife.hc22000 -a 3 ?u?l?d?u?l?d?u?l?d?u?l?d?u?l?d?u?l
Integer overflow detected in keyspace of mask: ?u?l?d?u?l?d?u?l?d?u?l?d?u?l?d?u?l

- hashcat -m 22000 homelife.hc22000 -a 3 ?u?l?d?1?1?1?1?1?1?1?1?1?1?1?1?1?1 -w 4
Custom-charset 1 is undefined.

- hashcat -m 22000 homelife.hc22000 -i --increment-min=16 --increment-max=16 -a 3 ?u?d?u?u?u?u?d?u?u?u?u?u?u?u?u?u -w 4
Integer overflow detected in keyspace of mask: ?u?d?u?u?u?u?d?u?u?u?u?u?u?u?u?u

- hashcat -m 22000 homelife.hc22000 -i --increment-min=16 --increment-max=16 -a 3 ?u?d?u?u?u?u?d?u -w 4
Invalid mask.

- hashcat -m22000 homelife.hc22000 -a 3 -1 ?u?d ?1?1?1?1?1?1?1?1 -d1,2 -w4
This is the only one that works, but it starts from 8characters, and it will take aprox 60days or maybe more..



Can you give me a suggestion on the correct command to give it?
The only way is that last command?? It will work...?
Reply
#2
Ah, the integer overflow error... Struggled with that myself.

Perhaps a change in error message might be helpful????
Like: "Used mask has too many entries" or "number of permutations of the used mask exceeds the 2^64 limit"

WPA with masks larger than 8 with take years to crack. 16 longer than the age of the universe. Hashcat permutation count limits the size of the mask, hence the error you are receiving.
Reply
#3
Hmmm, does hashcat have an option that in this case, when there are 16 characters, upper and digit, to set min and max numbers of diggit used, rest are Upper letters,.. so something like to add --min-d=3 -- max-d=6 (so min digit is 3, max dig used is 6) in the one attack, so never there will be an attack which has only 16 letters or only digits.
?
Reply
#4
This is not a possible attack to perform, even with that sort of reduction. The keyspace will still be far too large. Unfortunately, default wifi password schemes have gotten strong enough to be infeasible to crack and there's really nothing we can do about it.
Reply
#5
Thank you so much to all of you. It's disheartening to learn that this password can't be cracked 😭.
In this scenario, there would indeed be 36^16 possible passwords it's preety reasonable
Reply
#6
(01-24-2024, 09:20 PM)TheBogeyman Wrote: Hmmm, does hashcat have an option that in this case, when there are 16 characters, upper and digit, to set min and max numbers of diggit used, rest are Upper letters,.. so  something like to add --min-d=3 -- max-d=6 (so min digit is 3, max dig used is 6) in the one attack, so never there will be an attack which has only 16 letters or only digits.
?

Not an expert and don't undestood well that thing..
So, in my case where there are 16 characters only capital letters(A-Z) and Numbers(1-9) can apply?

You may are talking about doing a: --increment-min=16 --increment-max=16 ??
Reply
#7
36^16 is completely unreasonable.

That's 7,958,661,109,946,400,884,391,936 possible candidates. A 4090 will do 2,700,000 per second, which would take 93,469,440,098 YEARS to complete.
Reply