02-25-2020, 06:13 PM
so you are using -m 13400 together with the modified (removed file names etc) output of keepass2john from bleeding-jumbo john the ripper (JTR) ?
Well, it depends if the chars are appended/prepended or in the middle.
In theory all these methods could work:
-a 3 (mask attack) with a --custom-charset1 with your list of chars and a mask using it e.g. -a 3 --custom-charset1 4dhKTg3p hash_from_keepass2john.txt STARTOFPASSWORD?1?1?1?1
-a 0 with rules (-r) that append ($x) Or prepend (^y) the characters
-a 6 to append a mask to each pass/line in the dictionary
-a 7 to prepend a mask to each pass/line in the dictionary
-a 1 to combine 2 dictionaries
each approach has its advantages and disadvantages... for instance using -a 3 with a static string like "STARTOFPASSWORD" at the beginning is normally not the best performance-wise in hashcat (but for slow hashes it doesn't matter too much). -a 0 with rules is sometimes a problem if your keyspace is too large such that you have very many rules (but actually you could stack them with -r first -r second -r third) and if you do NOT know all the rules or need to generate them by a script etc (it's not a problem in general, but a little bit cumbersome for beginners).
I would suggest to start here:
https://hashcat.net/wiki/doku.php?id=mask_attack (-a 3)
https://hashcat.net/wiki/doku.php?id=rule_based_attack (-a 0 -r)
https://hashcat.net/wiki/doku.php?id=combinator_attack (-a 1)
It doesn't really matter too much which approach you choose as long as it isn't much slower than the others and as long as it works as expected (generates the correct password candidates). You could always test your approach with --stdout -a x [options] (don't specify any hash files when using --stdout !).
Well, it depends if the chars are appended/prepended or in the middle.
In theory all these methods could work:
-a 3 (mask attack) with a --custom-charset1 with your list of chars and a mask using it e.g. -a 3 --custom-charset1 4dhKTg3p hash_from_keepass2john.txt STARTOFPASSWORD?1?1?1?1
-a 0 with rules (-r) that append ($x) Or prepend (^y) the characters
-a 6 to append a mask to each pass/line in the dictionary
-a 7 to prepend a mask to each pass/line in the dictionary
-a 1 to combine 2 dictionaries
each approach has its advantages and disadvantages... for instance using -a 3 with a static string like "STARTOFPASSWORD" at the beginning is normally not the best performance-wise in hashcat (but for slow hashes it doesn't matter too much). -a 0 with rules is sometimes a problem if your keyspace is too large such that you have very many rules (but actually you could stack them with -r first -r second -r third) and if you do NOT know all the rules or need to generate them by a script etc (it's not a problem in general, but a little bit cumbersome for beginners).
I would suggest to start here:
https://hashcat.net/wiki/doku.php?id=mask_attack (-a 3)
https://hashcat.net/wiki/doku.php?id=rule_based_attack (-a 0 -r)
https://hashcat.net/wiki/doku.php?id=combinator_attack (-a 1)
It doesn't really matter too much which approach you choose as long as it isn't much slower than the others and as long as it works as expected (generates the correct password candidates). You could always test your approach with --stdout -a x [options] (don't specify any hash files when using --stdout !).