10-24-2015, 11:16 PM
What is the proper way of brute-forcing hashes using all ipv4 addresses as plain-text passwords?
With oclHashcat it can be easily done using a combination mode and two dictionaries, you can read about it here
https://www.phillips321.co.uk/2012/04/04...p-address/
But combination mode for cpu hashcat is different, it takes only one dictionary and attacks with combinations of words in that dictionary.
A dictionary of all ip addresses is going to eat a real lot of disk space, so it is not a good solution.
Another approach is to use many masks to match various ip formats, like this
?d.?d.?d.?d -> x.x.x.x
...
1?d?d.?d?d.?d?d?d.?d -> 1xx.xx.xxx.x
...
...
?d.?d?d?d.?d?d?d.?d -> x.xxx.xxx.x
...
and so on.
However, such masks may also match invalid IPs, and it will take many sessions to check all masks.
So I wonder if there is a more elegant solution.
With oclHashcat it can be easily done using a combination mode and two dictionaries, you can read about it here
https://www.phillips321.co.uk/2012/04/04...p-address/
But combination mode for cpu hashcat is different, it takes only one dictionary and attacks with combinations of words in that dictionary.
A dictionary of all ip addresses is going to eat a real lot of disk space, so it is not a good solution.
Another approach is to use many masks to match various ip formats, like this
?d.?d.?d.?d -> x.x.x.x
...
1?d?d.?d?d.?d?d?d.?d -> 1xx.xx.xxx.x
...
...
?d.?d?d?d.?d?d?d.?d -> x.xxx.xxx.x
...
and so on.
However, such masks may also match invalid IPs, and it will take many sessions to check all masks.
So I wonder if there is a more elegant solution.