05-02-2017, 02:39 AM
(05-02-2017, 02:15 AM)epixoip Wrote: That's not at all how that works.
First, it would be $HEX[c2] and $HEX[a7], not what you have above.
Moreover, $HEX[] encoding only works for wordlists, not masks.
Maybe what you meant was --hex-charset -1 c2 -2 a7 Password?1?2
I never got the $HEX to work. I'm using the GUI Interface.
I set Charset 1: c2
I set Charset 2: a7
I check "Assume charset is given in HEX"
Then i enter the mask, in which all constant signs of my password needs to be entered in HEX.
So my mask is:
First step:
50617373776F7264 (=Password in HEX)
Second step:
50617373776F7264?1?2 (adding the custom charset)
This results in a working crack of my demonstration password which includes the "§" sign.
Anything else with $HEX[c2] and so on did not work. Neither in the GUI nor in a custom charset file. I tried all available encodings like UTF8 and so one, like anything TextMate offered me.
So the hex encoded string worked.
But now i'm stuck.
- i only know the signs i used in my password
- i now some parts of the password which are 100% there, like "ThisPart"OfMyPassword - ThisPart is 100% there and not interrupted by a special character
- i don't know if i used special chars at any logical intersection of my password
!Password
1Password§
Password§
Any of this could be the one.
So actually i need a wordlist in hex, which contains the workaround for the "§" sign as it's represented in C2A7 - confirmed via my demonstration hash. But i need a wordlist which contains all possibilities even those, where for example the special chars must not always be there. In my example above it could be !Password, but it could also be Password without any special char.
My password is around 23 characters, so this is all just for clarification what i want to achieve.
Even though i could generate multiple maps where one the special chars i used is not present, i'm struggling deeply to create a map for it. I only can ad 4 custom charsets but 2 are already used to just represent the § sign.
So i'm unable to do something like this (in HEX):
C2A7Password (of course encoded to hex)
C2A7 OR C2A7!#
As i already use 2 custom charsets and the map would mix C2 with ! or C2 with #. When it actually should mix C2A7 with ! or C2A7 with # or nothing at all.