Unable to crack a simple fake password with dictionary and dive.rule
#1
I'm learning how to use hashcat, I more or less understand how brute force attacks works, but I'm still struggling with the dictionary and rules attacks. 


So I created a md5 hash e7624f83b5aa81ca40b1a4d40b2288ae from the fake password "JohnSmith" ( without the quotes ) for testing.

Then I created a dictionary personal.dict with the words:

Code:
John
Smith

Then I tried to "crack" the hash with that dictionary and the dive.rule but hashcat finished without finding the password. I know I must be doing something wrong, but I can't find what.

Code:
hashcat -w 3 -m 0 -a 0 -r ./rules/dive.rule e7624f83b5aa81ca40b1a4d40b2288ae  ./dict/personal.dict



Code:
Session..........: hashcat                               
Status...........: Exhausted
Hash.Mode........: 0 (MD5)
Hash.Target......: e7624f83b5aa81ca40b1a4d40b2288ae
Time.Started.....: Thu Jan 13 19:49:23 2022 (0 secs)
Time.Estimated...: Thu Jan 13 19:49:23 2022 (0 secs)
Kernel.Feature...: Pure Kernel
Guess.Base.......: File (./dict/personal.dict)
Guess.Mod........: Rules (rules/dive.rule)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:  907.9 kH/s (0.47ms) @ Accel:256 Loops:256 Thr:64 Vec:1
Recovered........: 0/1 (0.00%) Digests
Progress.........: 198172/198172 (100.00%)
Rejected.........: 0/198172 (0.00%)
Restore.Point....: 2/2 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:99072-99086 Iteration:0-256
Candidate.Engine.: Device Generator
Candidates.#1....: John.g -> Sm8ithSm8ith
Hardware.Mon.#1..: Temp: 42c Util: 47% Core:1740MHz Mem:5000MHz Bus:4


Update:
I just tried with best64.rule and combinator.rule and it doesn't find anything.  

For what I understand any of those rule sets should include one rule that put two words of the dictionary one after the other, shouldn't they?.
Reply


Messages In This Thread
Unable to crack a simple fake password with dictionary and dive.rule - by fabman - 01-13-2022, 08:52 PM