12-18-2012, 06:58 AM
(This post was last modified: 12-18-2012, 07:02 AM by mastercracker.)
You should not get tunnel vision there. You are not even sure that it has cookies in the word. However, the first thing that you can do is a quick check of that possibility. Put all the words or possible passwords that you can think of in a wordlist. Use that wordlist with 1 million randomly generated rules (1-3 or 1-4 rules "wide"). Next, try combinations of the wordlst with itself. After that, you can assume that you don't know anything from the passwords and do attacks the same way that you would treat a blank hash list. Good luck.