Brute-force missing characters from a known word?
#5
Here's the solution:

Code:
An exception is if we want the static letter ? itself, which must be written as ??.

Command line:

Code:
hashcat-cli64.exe -a 3 -m 6900 --pw-min=47 --pw-max=47 -o found.txt test.hash -1 ?l?d?u "http://example.com/asdf.php??key=asdf?1s7f8df?1?1?17"

Hashcat is trying to crack it and despite the fact that the whole mask is 48 chars long, hashcat reports the full mask with length 47 as specification when you hit enter (if you try with length 46, you won't see the 7 at the end of the mask). This is expected behavior. However, it completes the attack without cracking the hash in my case so there might be a bug in hashcat concerning that (the use of ??).


Messages In This Thread
RE: Brute-force missing characters from a known word? - by mastercracker - 04-18-2015, 05:15 PM