06-18-2020, 12:50 PM
What do you mean by "I'm now able to run the attack" ?
Are you able to crack hashes that you have generated as a test ? Did you try to crack the example hash from https://hashcat.net/wiki/example_hashes ?
I don't think brute-force is a good strategy here. I would suggest to use dictionary-based or rule-based attacks with slow hashes like TrueCrypt. It's a much more clever in most of the cases, except from some minor special cases e.g. if the password was generated randomly (for instance by a password manager) and is known to be random chars.
see https://hashcat.net/wiki/doku.php?id=rule_based_attack and the examples with -a 0 -r from above. You would need to come up with a good list of candidate passwords that you use as you dictionary and a couple of rules that mangle the passwords in the dictionary
Are you able to crack hashes that you have generated as a test ? Did you try to crack the example hash from https://hashcat.net/wiki/example_hashes ?
I don't think brute-force is a good strategy here. I would suggest to use dictionary-based or rule-based attacks with slow hashes like TrueCrypt. It's a much more clever in most of the cases, except from some minor special cases e.g. if the password was generated randomly (for instance by a password manager) and is known to be random chars.
see https://hashcat.net/wiki/doku.php?id=rule_based_attack and the examples with -a 0 -r from above. You would need to come up with a good list of candidate passwords that you use as you dictionary and a couple of rules that mangle the passwords in the dictionary