03-31-2017, 01:53 AM
(03-30-2017, 11:01 AM)philsmd Wrote: This question is also within the most frequently asked questions (wiki page): https://hashcat.net/faq#what_is_a_keyspace
Can you explain what does base loop mask and mod loop mask mean? I am not able to understand it. I have similar use case of @jason that I need to distribute the masked workload across different computers. Also, I have the same question as pointed in the below link, load is not being properly distributed
https://hashcat.net/forum/thread-6447-po...l#pid34362
My situation: I need to distribute the load of a hash with "?l?l?l?l?l?l" and I did some testing locally before doing in distributed setup. Below are my observations (I know my password is: liminj and Im just doing some testing)
First,
1. I tried with no -s / -l flags and result as is attache in 1.png. As you can see that the restore point says 159744 (which I am assuming that it checked for 159744 combinations and then found the password).
2. So, what I did next was keeping flags -s 0 -l 150000 and as expected result was as attached in 2.png (keyspace was exhausted as I have given a number less than 159744 which I found in step 1). I also tried giving -s 160000 -l 10000, and it failed for the same explanation
3. Next, I tried with -s 150000 -l 10000 (as in 3.png) and Im now expecting it to crack the hash as initially it was able to find it at 159744 which s between 150000 and 150000+10000= 160000 but it still says keyspace is exhausted.
Why is it happening? and where am I understanding it wrong?
4. With the same system setup etc. I tried with as 4.png , it cracked it well. Again, why?
5. Next, for the same password hash I gave as attached in 5.png (-s 160000 and no -l, which I am assuming that the tool would start cracking the hashes from 160000 which should not involve 159744 where we earlier found the password). I am expecting to not get the hash cracked as it is searching 160000+ and our 159744 is less than that but it found the password. Why? Is it searching for 0-160000? instead of 160000+?