03-24-2019, 12:15 PM
I think brute-forcing is not the correct approach (or at least it shouldn't be the first one) for slow hash types like iTunes backup >= 10.0 .
I would recommend starting with a dictionary attack (-a 0) with optionally rules applied to them.
From your other post (https://hashcat.net/forum/thread-8236-po...l#pid44155) I see that you are not even sure about the length, which makes your brute-force plan even less meaningful/clever.
you would need to use --increment --increment-min 6 -1 "?d!@$&" -2 ?u?1 manifest.txt ?2?1?1?1?1?1?1?1?1
it's needless to say that with increasing length the expected time will of course increase and therefore brute-forcing a 9 character password (even with your reduced keyspace) is infeasible. Better plan/strategies/approaches are wanted here (like a dictionary attack with rules)
I would recommend starting with a dictionary attack (-a 0) with optionally rules applied to them.
From your other post (https://hashcat.net/forum/thread-8236-po...l#pid44155) I see that you are not even sure about the length, which makes your brute-force plan even less meaningful/clever.
you would need to use --increment --increment-min 6 -1 "?d!@$&" -2 ?u?1 manifest.txt ?2?1?1?1?1?1?1?1?1
it's needless to say that with increasing length the expected time will of course increase and therefore brute-forcing a 9 character password (even with your reduced keyspace) is infeasible. Better plan/strategies/approaches are wanted here (like a dictionary attack with rules)