09-06-2022, 06:46 PM
tl;dr
see last lines, this is not a real task for bruteforcing
i wanna read all:
there is no such "built in logic" by hashcat
there are some older threads pointing this out, the problem would be, that the logic to refuse candidates would be slowing down the whole cracking process, also there is no way to achieve this with "one mask"
so in your case the only way to achieve this is to generate all possbile masks by hand (automated) and cleaning them afterwards to remove the not matching masks
as this sounds fun to think about "what would jesus do" this is what i (Snoopy) came up with ^^
first using princeprocessor from https://github.com/hashcat/princeprocessor/releases with file
1.txt
as princeprocessor is maxed at elem-cnt-max=8, i choose 4 because this way it is easy to combine the lists easy to 12
resulting in 256 possible combinations where 2 are invalid, ?d?d?d?d and ?s?s?s?s, remove them by hand leaving 254
now we use combinator from https://hashcat.net/wiki/doku.php?id=hashcat_utils
resulting in 254^2 = 64516, to clean this list i used an texteditor (sublime text) because of its capability to use regex for search, you said max 3 numbers and/or max 3 special chars so we can remove all masks where are 4 numbers or 4 special cahrs, the two search regex for digits or special would be these two
to remove the blank lines use this regex
we end up with 50688 lines now we combine this again (please be aware of the new inputs)
jfyi the resulting unfiltered list is 12.874.752 lines just for fun i cleaned this list with the regexes from above (be patient, this will take quite some time, or my sublime has crashed while writing this lines) anyways even when cleaning up the list you will result in many many many many possible masks
i choose a random mask from the beginning, mostly uppercase, 1 special, 2 digits
the keyspace would be 17.917.362.140.620.800 just for this one mask, now take into consideration, that you will have also millions of such masks
i hope you get the point, even when attacking a real fast hash with lets say 8 gpus this would be a "no good task"
i will leave my sublime running, if it will finish, i would edit the resulting numbers
see last lines, this is not a real task for bruteforcing
i wanna read all:
there is no such "built in logic" by hashcat
there are some older threads pointing this out, the problem would be, that the logic to refuse candidates would be slowing down the whole cracking process, also there is no way to achieve this with "one mask"
so in your case the only way to achieve this is to generate all possbile masks by hand (automated) and cleaning them afterwards to remove the not matching masks
as this sounds fun to think about "what would jesus do" this is what i (Snoopy) came up with ^^
first using princeprocessor from https://github.com/hashcat/princeprocessor/releases with file
1.txt
Code:
?u
?l
?d
?s
as princeprocessor is maxed at elem-cnt-max=8, i choose 4 because this way it is easy to combine the lists easy to 12
Code:
pp64.exe --elem-cnt-min=4 --elem-cnt-max=4 < 1.txt -o 4.txt
resulting in 256 possible combinations where 2 are invalid, ?d?d?d?d and ?s?s?s?s, remove them by hand leaving 254
now we use combinator from https://hashcat.net/wiki/doku.php?id=hashcat_utils
Code:
combinator.exe 4.txt 4.txt > 8.txt
resulting in 254^2 = 64516, to clean this list i used an texteditor (sublime text) because of its capability to use regex for search, you said max 3 numbers and/or max 3 special chars so we can remove all masks where are 4 numbers or 4 special cahrs, the two search regex for digits or special would be these two
Code:
(.*\?d.*){4,}
(.*\?s.*){4,}
to remove the blank lines use this regex
Code:
^\n
we end up with 50688 lines now we combine this again (please be aware of the new inputs)
Code:
combinator.exe 8.txt 4.txt > 12.txt
jfyi the resulting unfiltered list is 12.874.752 lines just for fun i cleaned this list with the regexes from above (be patient, this will take quite some time, or my sublime has crashed while writing this lines) anyways even when cleaning up the list you will result in many many many many possible masks
i choose a random mask from the beginning, mostly uppercase, 1 special, 2 digits
Code:
?u?u?u?u?u?u?u?u?s?l?d?d
i hope you get the point, even when attacking a real fast hash with lets say 8 gpus this would be a "no good task"
i will leave my sublime running, if it will finish, i would edit the resulting numbers