Trying to find the most efficient mode for this attack
#1
Hey Hashcat forums, 

Been lurking here every day for the past few weeks trying to figure out the best way forwards with this attack, Decided I had to post to try get some help from some of the more experienced users.

I have a long password which is similar to this; 
TFGgg~FGENE90REPTOTH__FUEHF909

But for my second password I randomly spam typed my hands on my keyboard a few times (1-7chars I believe), in two positions, moving the mouse once. 

So I have two parts of the second password I want to bruteforce, and 3 parts of the first password I know are included in the second.
but I am not sure of the exact length or the exact position, but I have a rough idea,  

to help visualise it its a bit like this:
TFGgg~FGENE90REPTO[1-7Chars]TH__FUE[1-7Chars]HF909

however the two  [1-7Chars] - I am not sure on the exact position I put these both in

After reading a few useful posts on these forums, I identified all keys I could have pressed on my keyboard and used maskprocessor to output all 1-7 combinations of these with each char only repeating twice max (as I remember using diff keys when I spammed) So I have all 1-7 combos in a file but I run into these problems;

combinator attack only allows one rule per line, so I cant append, prepend and insert my middle sections as its too many rules
I couldnt use a custom charset with a bruteforce attack
I cant see or find a option to append or prepend words in maskprocessor when I make my charset,that could maybe help me find a workaround
I know 75% of the chars used in my the password Im trying to find, I could try bruteforce it using the chars I know it contains and use expanding increments, This would get rid of the need for a middle section but isnt efficient as I know part or parts of what the middle section would contain and in which order they appear. and I would need to be bruteforcing like 20+ chars..

Is there a way to specify when using a combinator attack which dictionary to position first and which to use second in the attack? Or a way to use more than 2 word lists/dictionarys in this attack mode?

A positional anchor type attack would work but I dont think hashcat has this implemented yet

I keep running into problems with each attack mode, mainly around inputting possible combos for the middle section in moving increments. I was wondering how you forum users would approach this problem?
Thanks in advance for any help provided, I have been trying to teach myself as much as I can and reading up on forums but I am struggling to find a solution and felt it best to ask for some advice 

~Cmd2002
Reply


Messages In This Thread
Trying to find the most efficient mode for this attack - by Cmd2002 - 04-29-2023, 02:27 PM