Mask/rule to bruteforce md5(*word*word*longword*) passwords
#1
I want to find a mask that some unknown algorithm uses to generate hashes.

I have some thousands of strings that look like this (path and IP fudged):
md5=ICAN'TREADTHERULES&date=20130226&_ip=12.34.56&filename=1234\1234\12345\AAA45.ext
md5=ICAN'TREADTHERULES&date=20130303&_ip=12.34.56&filename=1234\1234\12345\AAA45.ext

I've learned that the md5 parameter depends on the VALUES of the "date", "_ip" and "filename" parameters (but not on the parameter names). Now I want to find out how these 3 values ("20130303", "12.34.56" and "1234\1234\12345\AAA45.ext") are combined to calculate md5. I think that's something very simple, but I've tried all 6 permutations separated by 0-1 arbitrary characters and it didn't work.


How can I automate hashcat (any version) to brute-force the stuff between those words? Should I write a custom mask-generator?


Messages In This Thread
Mask/rule to bruteforce md5(*word*word*longword*) passwords - by Ark-kun - 02-28-2013, 06:31 AM