04-02-2017, 12:08 PM
(04-02-2017, 09:21 AM)Dot Wrote:(03-31-2017, 03:41 PM)atom Wrote: If you want to do BF, use -a 3, not -a 0
Yes i know that
but which way hashcat is faster?
using dictionary list?
using bruth force?
or a mask attack mode?
password example is "zxcghj12"
A dictionary attack would be faster, but only if the dictionary contains that password. If you brute force that mask, ?l?l?l?l?l?l?d?d, then that is still fast, but only because it ends in two numbers.
You can brute force an 8-character password, but only for fast hashes. It is not time efficient for most hash types.
For this particular type of password, which has consecutive sequences of keyboard keys in it, you could make a password file that has those 3-letter or 4-letter sequences, combinate them together and then add your favorite rules on the result of those combinations. This particular password would break very quickly.
Answer these questions and you will be closer to your answer.
For a mask attack, how many characters will be tried for that mask, "?l?l?l?l?l?l?d?d"?
How many characters will be tried in the 7th and 8th positions if they are digits instead of letters or special characters?
What hash type are you using and how fast can hashcat try combinations against that hash type?