Hello guys. I'm pretty unadvanced when it comes to using hashcat or "cryptography" just trying to crack some hashes mostly old Mysql 4.1/5. Got couple of questions so I can maximize my efforts.
1)So I added loopback to my command. Question is how does it work exactly. I get it loopbacks the rule on a password, I did some tests and it seem to have cracked 138 more hashes so it does work, but should I be saving the temp files that gets created with it? or should I save the new generated passwords guess, and is that even possible?
b)On a connected question, if I have a big wordlist like rockyou, that doesn't work very well on my combo. Can I run it and just save base words that were used to actually get a plain hit to reuse later?
2) What does --keep-guessing do exactly and why people use it (what's the scenario?)
3) Can I set min and max characters in password to crack. Let's say I know the passwords have to be between 4 and 16 chars, so can I only check these?
4) I'm getting quite a lot of HEX'ed plains should I use the parameter to plain them or use a outside utility. I've read on github some poc that it miss-reads passwords sometimes, not sure how accurate that still is.
5) Is it better to use one big wordlist, or should I split it? Or when would each apply.
6) The hashes I'm working on are not sure how to put it but specific? Like if I put some already crack plains into combo and run it they crack way better than something "good" like rockyou. So basically If anyone has any tips for me how can I make a good wordlist I'm happy to learn something. Not too much not crying to become a cryptographer guy just want to get each pot to 95% recovered and I be satisfied.
Working on rtx 5080 + 9950x3d.
Thanks)
1)So I added loopback to my command. Question is how does it work exactly. I get it loopbacks the rule on a password, I did some tests and it seem to have cracked 138 more hashes so it does work, but should I be saving the temp files that gets created with it? or should I save the new generated passwords guess, and is that even possible?
b)On a connected question, if I have a big wordlist like rockyou, that doesn't work very well on my combo. Can I run it and just save base words that were used to actually get a plain hit to reuse later?
2) What does --keep-guessing do exactly and why people use it (what's the scenario?)
3) Can I set min and max characters in password to crack. Let's say I know the passwords have to be between 4 and 16 chars, so can I only check these?
4) I'm getting quite a lot of HEX'ed plains should I use the parameter to plain them or use a outside utility. I've read on github some poc that it miss-reads passwords sometimes, not sure how accurate that still is.
5) Is it better to use one big wordlist, or should I split it? Or when would each apply.
6) The hashes I'm working on are not sure how to put it but specific? Like if I put some already crack plains into combo and run it they crack way better than something "good" like rockyou. So basically If anyone has any tips for me how can I make a good wordlist I'm happy to learn something. Not too much not crying to become a cryptographer guy just want to get each pot to 95% recovered and I be satisfied.
Working on rtx 5080 + 9950x3d.
Thanks)