08-09-2015, 12:23 AM
(08-08-2015, 11:00 PM)undeath Wrote: can confirm
Code:./hashcat-cli64.bin /tmp/t -r /tmp/test -a1 /tmp/t --stdout | wc -l
500
a0 works
Code:./hashcat-cli64.bin /tmp/t -r /tmp/test --stdout | wc -l
1000
Sorry undeath, I don't understand your reply. Are you saying you can confirm my issue or asking me for some more information?
In case it's the latter, here's my setup. For testing purposes, my dictionary is tiny (four lines). My rules file is as described above, intending to append a three digit number (rules like $0 $0 $0 through $9 $9 $9). When I use -a1 (combinator attack), then if my math is correct, I should expect to get 16,000 password candidates because 4^2=16 possibilities, each of which has 1,000 variants, so 16 * 1000 = 16000.
Here's where the problem comes in. Even though I do see 16,000 attempts when I test with --stdout:
Code:
maymay$ hashcat -a1 --stdout -r custom.rule my-capture.hccap dictionary.txt | sort | wc -l
16000
the actual password candidates themselves have skipped some possibilities:
Code:
maymay$ hashcat -a1 --stdout -r custom.rule my-capture.hccap dictionary.txt | sort | uniq | wc -l
10000
My question is, given that I have defined no reject rules, why does hashcat ignore or fail to test every permutation of the rules defined?
Thanks again for your quick reply.