Hi, you would probably already be cracking if you followed the information on the wiki. Here you can follow the steps needed to crack your hash:
https://hashcat.net/wiki/doku.php?id=hashcat#options This page has the basic usage:
First is what you want to crack.
As you stated, you are cracking an MD5 hash with salt, the reference states this as
So first part of your command line is either -m 10 or -m 20 depending if you hash comes first or last.
next is how you want crack (attack)
this is shown as 3 for brute force.
So the second part of your command line is -a 3.
The brute force mode needs to know what it will brute force, also called the Charset. In the options this is shown:
There is no charset with exactly what you want (well there is, but this gives you more info and flexibility if you want to change things). You need a combination of the l, u and d. This is possible using a custom charset or mask.
So the third part of your command line is -1 ?l?u?d.
Now usually you brute force a single length, but you want multiple lengths (min. 3, max. 12). This is also documented.
The fourth part of your command line is -i --increment-min 3 --increment-max 12.
Now we can combine this, I would recommend to put your hash in a hashfile. Be sure to put the hash in the correct format as described on https://hashcat.net/wiki/doku.php?id=example_hashes (modes 10 and 20 use hex_hash:plain_salt).
hashcat -m 10 -a 3 -1 ?l?u?d -i --increment-min 3 --increment-max 12 hashfile.txt ?1?1?1?1?1?1?1?1?1?1?1?1
Be sure to read more on the wiki on tweaking your settings, other attack types and for any other questions you have.
https://hashcat.net/wiki/doku.php?id=hashcat#options This page has the basic usage:
Code:
Usage: hashcat [options]... hash|hashfile|hccapxfile [dictionary|mask|directory]...First is what you want to crack.
Code:
-m, --hash-type | Hash-typeAs you stated, you are cracking an MD5 hash with salt, the reference states this as
Code:
# | Name | Category
======+==================================================+======================================
10 | md5($pass.$salt) | Raw Hash, Salted and/or Iterated
20 | md5($salt.$pass) | Raw Hash, Salted and/or IteratedSo first part of your command line is either -m 10 or -m 20 depending if you hash comes first or last.
next is how you want crack (attack)
Code:
-a, --attack-mode | Attack-modethis is shown as 3 for brute force.
So the second part of your command line is -a 3.
The brute force mode needs to know what it will brute force, also called the Charset. In the options this is shown:
Code:
? | Charset
===+=========
l | abcdefghijklmnopqrstuvwxyz
u | ABCDEFGHIJKLMNOPQRSTUVWXYZ
d | 0123456789
h | 0123456789abcdef
H | 0123456789ABCDEF
s | !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~
a | ?l?u?d?s
b | 0x00 - 0xffThere is no charset with exactly what you want (well there is, but this gives you more info and flexibility if you want to change things). You need a combination of the l, u and d. This is possible using a custom charset or mask.
Code:
-1, --custom-charset1 | User-defined charset ?1So the third part of your command line is -1 ?l?u?d.
Now usually you brute force a single length, but you want multiple lengths (min. 3, max. 12). This is also documented.
Code:
-i, --increment | | Enable mask increment mode |
--increment-min | Num | Start mask incrementing at X | --increment-min=4
--increment-max | Num | Stop mask incrementing at X | --increment-max=8The fourth part of your command line is -i --increment-min 3 --increment-max 12.
Now we can combine this, I would recommend to put your hash in a hashfile. Be sure to put the hash in the correct format as described on https://hashcat.net/wiki/doku.php?id=example_hashes (modes 10 and 20 use hex_hash:plain_salt).
hashcat -m 10 -a 3 -1 ?l?u?d -i --increment-min 3 --increment-max 12 hashfile.txt ?1?1?1?1?1?1?1?1?1?1?1?1
Be sure to read more on the wiki on tweaking your settings, other attack types and for any other questions you have.