(02-25-2019, 08:06 PM)Mem5 Wrote: -m 2500 is WPA. WPA password cannot be less than 8 characters.
So you do NOT want to test less than 8 characters
You start at 8 up to 63 (max for WPA)
"-i --increment-min=8" is useless.
Correct syntax is:
This will test all candidates of hexa length 8. Add another "?H" for length 9. And so on.Code:hashcat -m 2500 -a 3 ?H?H?H?H?H?H?H?H
Depending on your GPU(s), it can take a long time..
Very true, any candidates less than 8 will be skipped for WPA encryption. If you are wanting to test 8+ characters, increment can still be used. Just make the mask whatever length you'd like say 12 (which would take a million years) and append increment to hashcat to start from 8 and move forward from there.
Example
Code:
hashcat64.exe -m 2500 -a 3 -w 4 -i --increment-min 8 --increment-max 10 hash.txt ?H?H?H?H?H?H?H?H?H?H?H?HSo even though we have a mask length of 12 it will only attack from 8 to 10, beginning with 8. Uppercase Hex is not a very efficient attack however. I would investigate further into the router for a more suitable attack, such as default passwords from images and if a key generator is available. Can also try pixiedust for a quick wps exploit or reaver/bully if you are in range of the AP for long enough (typically 4 hours).