Mix of --hex-charset and non hex ?
#1
Hi,

I would like to crack this kind of password :

Code:
user\trandom
"user" is constant
"\t" : tab : 0x09
"random" : password I want to guess, i.e. in my wordlists
I tried :

Quote:hashcat  -a 7 -1 "user" --hex-charset -2 09 hashfile ?1?2?a?a?a?a?a?a words.dic
Results :
Code:
Invalid hex character detected in mask user

How can I mix the ascii charset with hex charset ?
Thank you.
#2
1. that's not how custom charsets work
2. convert each letter in user to its ascii hex representation
#3
Thanks for your answer. I converted ascii in to hex.
Do you mean I will have more success with a combinator attack instead ?
#4
A charset is, as the name implies, a set of chars. Defining a string as charset is not going to do what you want.
#5
Yes.
So i need to put 'user\n' in a file and combine it with another wordlist?
#6
You can use the mask attack but you cannot specify the user in a custom charset.
#7
Just to make sure that other users interested in something like this do not choose a wrong approach to do these types of attacks: if you are cracking a "salted" hash, you should use the corresponding hash modes if available.

Therefore for -m 0, if you have an algorithm that uses md5 ($salt . $pass) ... you should use -m 20 of course (see https://hashcat.net/wiki/doku.php?id=example_hashes).

In your specific case for -m 0 and md5 ($salt . $pass) you should use hashes like this:
hash:user[TAB]

where [TAB] needs to be replaced by the tabulator character (0x09) and "user[TAB]" is the salt in this case.
Of course, this type of attack only works if a corresponding salted hash algorithm is available in hahscat.
#8
It works well, thanks.
I would add to your good answer the use of --hex-salt for hex-salt support for the hashfile, in my case.