Help with policygen/maskprocessor to create hcmask
#2
maskprocessor has an option for #3, see mp64 --help output:

Code:
-q,  --seq-max=NUM         Maximum number of multiple sequential characters

for #2 instead you need to generate some kind of filtered .hcmask file, you can use maskprocessor or hashcat --stdout for it:
Code:
./hashcat --stdout -a 3 -1 ld ?1?1?1?1?1?1?1?1?1?1 | grep -v dddddd | grep -v llllll | sed 's/\(.\)/?\1/g' > a.hcmask

I would say that it would in theory make sense to loop over all masks from your mask file (.hcmask) for #2 and use maskprocessor to filter it even further. The output of maskprocessor can be piped to hashcat:

Code:
#!/bin/bash

mask_file="a.hcmask"

while read -u 3 line
do
  ./mp64.bin -q 2 ${line} | ./hashcat -m 0 -a 0 -w 3 -O hash.txt
done 3< ${mask_file}

but remember, that each filter (#2 and #3) only filtered/reduced the number of password candidates by a "tiny" amount, e.g. there are 1024 different mask combinations of all ?l and ?d for length 10 (unfiltered ! 2 ^ 10 because of 2 different charsets - ?l and ?d - and 10 because of the 10 char length) and if you run the grep and sed command above the number of combinations is "only" reduced by less than 10 % to 928 ((1024-928)/1024 * 100 ~ 10 %)
also filter #3 does reduce the keyspace, but length 10 is still a lot

most of the time requests like this deal with slow algorithms and most of the time it is -m 2500 = WPA/WPA2 because users think there could never be passwords with 2 identical characters next to each others (even if there is no reason/proof/guarantee for this and indeed some passwords - users discovered later on - have identical chars next to each other because router vendors don't use this strange filter, sometimes it's just a wrong impression like "I have never seen something like this", "never saw a xxx router which uses 2 identical chars in the pass next to each other")
Reply


Messages In This Thread
RE: Help with policygen/maskprocessor to create hcmask - by philsmd - 01-26-2019, 12:44 PM