02-04-2019, 02:01 AM
Thanks, I appreciate the feedback from both of you. I realize there isn't much of a practical difference between cracking the password, discarding if it's over 14, and then writing to disk. However, it would make people much more comfortable if there wasn't that possibility to begin with.
> In other words, the problem is that, the way that hashcat is designed, you can't tell which ones are 15 chars until after you've cracked them. Checking candidates for length has too high a speed penalty
Pretty much what I figured. While piping through len isn't ideal, I think it's still more than fast enough to find the remaining weak credentials that fall in that space.
> In other words, the problem is that, the way that hashcat is designed, you can't tell which ones are 15 chars until after you've cracked them. Checking candidates for length has too high a speed penalty
Pretty much what I figured. While piping through len isn't ideal, I think it's still more than fast enough to find the remaining weak credentials that fall in that space.