Literal word, characters any case
Actually there are different ways to accomplish this and the strategy you choose depends heavily on how many hashes/salts you have and on the type of hashes (the examples are for -m 0 = MD5 below):

1. hashcat -m 0 -a 3 -1 pP -2 aA -3 sS hash_file.txt ?1?2?3?3?d?d?d
(this might be the slowest, but it depends on the # of hashes/salts)

2. the same with a .hcmask file would look like this: hashcat -m 0 -a 3 hash_file.txt mask_file.hcmask
where mask file contains "pP,aA,sS,?1?2?3?3?d?d?d" (without quotes) in the first line of the mask_file.hcmask
(equally "slow" like #1)

3. use a salted hash algorithm instead (e.g. instead of -m 0 = MD5 (raw), you could use -m 20 = md5 ($salt. $pass)
hashcat -m 0 -a 3 --stdout -1 pP -2 aA -3 sS :?1?2?3?3 -o colon_salts.txt
combinator hash_file.txt colon_salts.txt > salted_hashes.txt
hashcat -m 20 -a 3 salted_hashes.txt ?d?d?d

4. use a different attack mode: -a 6 = hybrid dict + mask:
hashcat -m 0 -a 3 --stdout -1 pP -2 aA -3 sS ?1?2?3?3 -o prefix.txt
hashcat -m 0 -a 6 hash_file.txt prefix.txt ?d?d?d

btw: combinator is a tool from hashcat-utils, you might also be able to use something like "hashcat --stdout -a 1 -o salted_hashes.txt hash_file.txt colon_salts.txt" instead, but it depends on the hash lengths etc...

There might be even more alternatives, but I think at least one of the ones mentioned above should do the job both correctly and the fastest. Choose 1 and you should be fine.

Messages In This Thread
RE: Literal word, characters any case - by philsmd - 03-30-2017, 08:12 AM