08-12-2017, 05:13 PM
Thanks for the suggestions.
After some initial cracking attempts, I have managed to crack several of the password histories for this particular user, without cracking the actual password that I was after.
The history has shown me a pattern of First Name+LastName+Number.
For example:
Johnmaysmith09
JohnSmith10
JohnSmith09
JohnSmith2010
I had a couple of thoughts on approaching this given the pattern and wanted to ask for feedback. The first is using maskprocessor to generate candidates based on the pattern and piping that into hashcat, something like this:
The other thought was using maskprocessor to generate rules that would do something similar to the above (inserting characters in between the first and last name, adding numbers at the end, etc) and just having a small dictionary that contained the permutations of the name (JohnSmith, Johnsmith, johnSmith). Would this be faster than using maskprocessor as shown above and piping it to hashcat, or would it be slow because the dictionary is too small?
Or is there a better way than either of these two? Clearly I'm fairly new at this so I definitely don't know what I don't know.
Thanks.
After some initial cracking attempts, I have managed to crack several of the password histories for this particular user, without cracking the actual password that I was after.
The history has shown me a pattern of First Name+LastName+Number.
For example:
Johnmaysmith09
JohnSmith10
JohnSmith09
JohnSmith2010
I had a couple of thoughts on approaching this given the pattern and wanted to ask for feedback. The first is using maskprocessor to generate candidates based on the pattern and piping that into hashcat, something like this:
Code:
mp64 -1 Jj -2 Ss -3 ?l?u ?1ohn?3?3?3?3?2mith?d?dThe other thought was using maskprocessor to generate rules that would do something similar to the above (inserting characters in between the first and last name, adding numbers at the end, etc) and just having a small dictionary that contained the permutations of the name (JohnSmith, Johnsmith, johnSmith). Would this be faster than using maskprocessor as shown above and piping it to hashcat, or would it be slow because the dictionary is too small?
Or is there a better way than either of these two? Clearly I'm fairly new at this so I definitely don't know what I don't know.
Thanks.