10-28-2013, 12:02 AM
In general you should prefer masks/hcmask files over *generating* wordlist (that fit those requirements)... but it really depends on what the requirements exactly are... Do you know the positions of the 2 digits and the 2 uppercase letters or can they be anywhere in the 10 alphanumeric string? Are there *exactly* 2 uppercase letters or at most 2 uppercase letters? What about digits (exactly or max)?
For instance if you know that the passwords starts w/ uppercase you already reduce the keyspace (and the possible masks that you need to try) a lot. The same holds if you for instance know that the passwords ends w/ 1 or 2 digits.
Your main problem is indeed that 10 character long mask together w/ sha512 (which ofc is much slower than e.g. MD5 or others) takes some time to bruteforce (if you really want to use this attack mode - maybe a filtered dictionary that fits the requirements may be a better approach? For instance if you *know* some more details about the possible password etc).
Anyway, you could use e.g. a mask file (http://hashcat.net/wiki/doku.php?id=mask...mask_files , .hcmask) in which you put all possible masks (starting for instance w/ the most likely one) and let oclHashcat run.
$ oclHashcat64 -m 1700 m1700_hash.txt -a 3 maskfile.hcmask
where the file maskfile.hcmask could contain lines like:
?u?u?l?l?l?l?l?l?d?d
?u?u?d?d?l?l?l?l?l?l
For details of mask based attack see: http://hashcat.net/wiki/doku.php?id=mask_attack
As said, the main problem is that the length is considerable (maybe too) long for a bruteforce... if instead the password would be only of e.g. length 8 this would not be much of a problem.
So also spent some time in looking on other attack modes (filtered wordlist, rules based attack etc) ...
For instance if you know that the passwords starts w/ uppercase you already reduce the keyspace (and the possible masks that you need to try) a lot. The same holds if you for instance know that the passwords ends w/ 1 or 2 digits.
Your main problem is indeed that 10 character long mask together w/ sha512 (which ofc is much slower than e.g. MD5 or others) takes some time to bruteforce (if you really want to use this attack mode - maybe a filtered dictionary that fits the requirements may be a better approach? For instance if you *know* some more details about the possible password etc).
Anyway, you could use e.g. a mask file (http://hashcat.net/wiki/doku.php?id=mask...mask_files , .hcmask) in which you put all possible masks (starting for instance w/ the most likely one) and let oclHashcat run.
$ oclHashcat64 -m 1700 m1700_hash.txt -a 3 maskfile.hcmask
where the file maskfile.hcmask could contain lines like:
?u?u?l?l?l?l?l?l?d?d
?u?u?d?d?l?l?l?l?l?l
For details of mask based attack see: http://hashcat.net/wiki/doku.php?id=mask_attack
As said, the main problem is that the length is considerable (maybe too) long for a bruteforce... if instead the password would be only of e.g. length 8 this would not be much of a problem.
So also spent some time in looking on other attack modes (filtered wordlist, rules based attack etc) ...