At a complete loss - mask attack how to
#1
Hi, thanks for your help in advance. I'm just so confused how to get the following attack setup. I've been reading so much and watching how-to videos I'm lost with what to do with all the different ways and some things I can't find answers for.



What I want to achieve is to find the wpa password from my home network using the bruteforce/mask attack which is the most suitable (https://hashcat.net/wiki/doku.php?id=mask_attack) against a WPA file I have the handshake for, this might not be the right method for what I want to do. 


So my questions and what I need clarify is below and I hope this all makes sense.. 

  • is this a good method for what I want to achieve assuming that I don't know the password but do know what characters is in the pw? It is 10 char long with letters and numbers e.g. as648tarzb (I have used another method to find the password with a wordlist which worked).
  • Do I need to make a wordlist with all the possible passwords, then convert them into a has file? Or do I make a text file like rockyou with a-z 1-9 in it?
  • What is the correct hashcat command I want to use to get the password? 
  • Do I need to convert the .cap file to .hc2200 or hccap file? which one?
  • Do I need to define the charset? If the password is 10 characters in length with letters and numbers, where does the '?d?d?d?d?..' length thing come into play or is it used in this attack?
I'm a bit lost trying to write and describe what I want to do so hope it makes sense. 

Overall does anyone have a good tutorial from start to finish to setup this attack which includes how to make hashes.txt, converting the .cap file, make a mask file etc? 

Thank you..
Reply


Messages In This Thread
At a complete loss - mask attack how to - by smallwac - 09-22-2021, 04:18 AM