First, you may be confusing the "lite" version with the "plus" version.
lite is designed to operate on a single hash, fed in on the command line.
plus is designed to operate on a file of hashes.
Here's a basic of starting points for a few simple kinds of attacks.
lite is designed to operate on a single hash, fed in on the command line.
plus is designed to operate on a file of hashes.
Here's a basic of starting points for a few simple kinds of attacks.
Code:
rem First: Extremely Low sizes, brute force with full hex set!
rem No need to go through a rules-based dictionary attack at these sizes unless it includes characters not in this set.
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove --hex-charset -1 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 SQL2005to2008R2Many.hash ?1
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove --hex-charset -1 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 SQL2005to2008R2Many.hash ?1?1
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove --hex-charset -1 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 SQL2005to2008R2Many.hash ?1?1?1
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove --hex-charset -1 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 SQL2005to2008R2Many.hash ?1?1?1?1
rem Next: Very Low sizes, brute force with multilingual printables and upper hex set!
rem No need to go through a rules-based dictionary attack at these sizes unless it includes characters not in this set.
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove -1 ?d?l?u?s?D?F?R?h --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 SQL2005to2008R2Many.hash ?1?1?1?1?1
rem Next: Fairly Low sizes, brute force with Digit, Lower, Upper, and Symbol
rem No need to go through a rules-based dictionary attack at these sizes unless it includes characters not in this set.
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove -1 ?d?l?u?s --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 SQL2005to2008R2Many.hash ?1?1?1?1?1?1
rem Next Low sizes, we'll get clever. Brute with a pattern - larger sets at the ends, smaller in the middle.
rem NOTE: see that the larger sets are strict supersets of the smaller, so the smaller sets are a comprehensive check?
rem These REALLY MUST go through rules-based dictionary attacks - we have massive gaps!
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove -1 ?d?l?u?s -2 ?l?d --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 SQL2005to2008R2Many.hash ?1?2?2?2?2?1?1
rem U.S. (xxx)xxx-xxxx phone number format - this runs very quickly indeed for a "13 character" password with digits and symbols, compared to a non-patterned pure brute force search.
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove -1 ?d --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 SQL2005to2008R2Many.hash "(?1?1?1)?1?1?1-?1?1?1?1"
rem Next Medium-Low sizes, we'll get clever. Brute with a pattern - larger sets at the ends, smaller in the middle.
rem NOTE: see that the larger sets are strict supersets of the smaller, so the smaller sets are a comprehensive check?
rem These REALLY MUST go through rules-based dictionary attacks - we have massive gaps!
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove -1 ?d?l?u?s -2 ?l?d 0x0100SaltHash --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 ?2?2?2?2?2?2?2?2
rem Next Medium sizes, we're grasping at whatever we can squeeze through our machine.
rem We'll try a little Digit Lower first character plus Lower only, and then Digit parens dash Lower first character plug Digit parens dash only
rem These REALLY MUST go through rules-based dictionary attacks - we have massive gaps!
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove -1 ?l?d-() -2 ?l 0x0100SaltHash --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 ?1?2?2?2?2?2?2?2?2
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove -1 ?l?d-() -2 ?d-() 0x0100SaltHash --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 ?1?2?2?2?2?2?2?2?2
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove -1 ?l?d-() -2 ?d-() 0x0100SaltHash --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 ?1?2?2?2?2?2?2?2?2?2
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove -1 ?l?d-() -2 ?d-() 0x0100SaltHash --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 ?1?2?2?2?2?2?2?2?2?2?2
YourPath\oclHashcat-plus64.exe --attack-mode=3 -m 132 --remove -1 ?l?d-() -2 ?d-() 0x0100SaltHash --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 ?1?2?2?2?2?2?2?2?2?2?2?2
rem Now we're going to do rules based dictionary attacks!
rem Let's start with the quickest, because any passwords we can remove now give later iterations less work.
rem Mode Straight rules: Best64 Wordlist: Phpbb
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\best64.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt
rem Mode Straight rules: specific Wordlist: Phpbb
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\specific.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt
rem Mode Combinator rules: Best64 Wordlist: Phpbb * 500worst
YourPath\oclHashcat-plus64.exe --attack-mode=1 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\best64.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt YourWordlistPath\500worst.txt
rem Mode Straight rules: Best64 Wordlist: American English Very Large
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\best64.rule SQL2005to2008R2Many.hash YourWordlistPath\EnglishVeryLarge.txt
rem Mode Straight rules: leetspeak * Best64 Wordlist: Phpbb
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\leetspeak.rule --rules-file YourPath\rules\best64.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt
rem Mode Straight rules: T0XlC Wordlist: Phpbb
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\T0XlC.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt
rem Mode Straight rules: combinator * Best64 Wordlist: Phpbb
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\combinator.rule --rules-file YourPath\rules\best64.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt
rem Mode Straight rules: Best64 Wordlist: Rockyou
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\best64.rule SQL2005to2008R2Many.hash YourWordlistPath\rockyou.txt
rem Mode Straight rules: leetspeak * Best64 Wordlist: American English Very Large
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\leetspeak.rule --rules-file YourPath\rules\best64.rule SQL2005to2008R2Many.hash YourWordlistPath\EnglishVeryLarge.txt
rem Mode Straight rules: Best64 Wordlist: American English Small * American English Small
YourPath\oclHashcat-plus64.exe --attack-mode=1 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\best64.rule SQL2005to2008R2Many.hash YourWordlistPath\EnglishSmall.txt YourWordlistPath\EnglishSmall.txt
rem Mode Straight rules: generated Wordlist: Phpbb
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\generated.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt
rem Mode Straight rules: d3ad0ne Wordlist: Phpbb
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\d3ad0ne.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt
rem Mode Straight rules: d3ad0ne Wordlist: American English Very Large
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\d3ad0ne.rule SQL2005to2008R2Many.hash YourWordlistPath\EnglishVeryLarge.txt
rem Mode Straight rules: T0XlC Wordlist: Rockyou
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\T0XlC.rule SQL2005to2008R2Many.hash YourWordlistPath\rockyou.txt
rem Mode Straight rules: leetspeak + d3ad0ne Wordlist: Phpbb
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\leetspeak.rule --rules-file YourPath\rules\d3ad0ne.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt
rem Mode Straight rules: combinator + d3ad0ne Wordlist: Phpbb
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\combinator.rule --rules-file YourPath\rules\d3ad0ne.rule SQL2005to2008R2Many.hash YourWordlistPath\phpbb.txt
rem Mode Straight rules: d3ad0ne Wordlist: Rockyou
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\d3ad0ne.rule SQL2005to2008R2Many.hash YourWordlistPath\rockyou.txt
rem Mode Straight rules: leetspeak + d3ad0ne Wordlist: American English Very Large
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\leetspeak.rule --rules-file YourPath\rules\d3ad0ne.rule SQL2005to2008R2Many.hash YourWordlistPath\EnglishVeryLarge.txt
rem Mode Straight rules: combinator + d3ad0ne Wordlist: American English Very Large
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\combinator.rule --rules-file YourPath\rules\d3ad0ne.rule SQL2005to2008R2Many.hash YourWordlistPath\EnglishVeryLarge.txt
rem Mode Straight rules: leetspeak + d3ad0ne Wordlist: Rockyou
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\leetspeak.rule --rules-file YourPath\rules\d3ad0ne.rule SQL2005to2008R2Many.hash YourWordlistPath\rockyou.txt
rem Mode Straight rules: combinator + d3ad0ne Wordlist: Rockyou
YourPath\oclHashcat-plus64.exe --attack-mode=0 -m 132 --remove --outfile=SQL2005to2008R2_plus_Many.out --outfile-format=7 --rules-file YourPath\rules\combinator.rule --rules-file YourPath\rules\d3ad0ne.rule SQL2005to2008R2Many.hash YourWordlistPath\rockyou.txt