03-01-2017, 04:18 PM
(03-01-2017, 04:12 PM)philsmd Wrote: Maybe it depends on the mask you use in step #1 ?
It's difficult to say without a more detailed example for each step.
As you might have already noticed, hashcat prefers a mask attack (see https://hashcat.net/wiki/mask_attack ) over a "full-bruteforce" attack. But the settings for this mask attack (aka the mask itself) is very crucial to understand what should be cracked and what not.
Maybe you can provide for each step the full command and also the password (we do not yet need the hash, because it should be easy to generate a similar hash - different salt - and it's actually prohibited to post hashes here without the admin requesting it).
It would also be interesting to know if this only happens with multi-hashes or with a single hash too.
Thanks
I keep it simple with the commands I'm running, since it's just for demo purposes for students to grasp password security and hashing in general. I know the mask attacks are ideal, and I do use those to demonstrate the decreased workload too. The exact commands:
hashcat64.exe -m 1000 -a 3 test.txt
hashcat64.exe -m 1000 -a 6 test.txt wordlistfile ?d?d?d?d?d
hashcat64.exe -m 1000 -a 7 test.txt ?d?d?d?d?d wordlistfile
The password that just turned up running the "a 6" attack is "6Tommy" which should've been caught by the bruteforce, correct?
Thanks for the quick reply!